Getting close to finish new structure for building ubuntu boxes

This commit is contained in:
Fabio Rehm 2014-03-09 03:55:10 -03:00
parent 4a18c7a05a
commit f927f65ec1
5 changed files with 109 additions and 7 deletions

View file

@ -6,9 +6,10 @@ default:
all: $(UBUNTU_BOXES)
$(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64-${TODAY}"
$(UBUNTU_BOXES): PACKAGE = "output/$(CONTAINER).box"
$(UBUNTU_BOXES): PACKAGE = "output/vagrant-lxc-${@}-amd64-${TODAY}.box"
$(UBUNTU_BOXES):
@sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE)
@chmod +rw $(PACKAGE)
clean:
@echo "Implement clean"

View file

@ -29,4 +29,7 @@ lxc-create -n ${CONTAINER} -t download -- \
--dist ${DISTRIBUTION} \
--release ${RELEASE} \
--arch ${ARCH}
# TODO: Nicely handle boxes that don't have an image associated
log "Container created!"

View file

@ -3,19 +3,46 @@ set -e
source common/ui.sh
# TODO: Create file with build date / time on container
info "Packaging '${CONTAINER}' to '${PACKAGE}'..."
debug 'Stopping container'
lxc-stop -n ${CONTAINER} &>/dev/null || true
debug "Removing previous rootfs tarbal"
if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then
log "Removing previous rootfs tarbal"
rm -f ${WORKING_DIR}/rootfs.tar.gz
fi
log "Compressing container's rootfs"
cd $(dirname ${ROOTFS})
tar --numeric-owner -czf ${WORKING_DIR}/rootfs.tar.gz ./rootfs/*
pushd $(dirname ${ROOTFS}) &>/dev/null
tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \
${WORKING_DIR}/rootfs.tar.gz ./rootfs/*
popd &>/dev/null
# Prepare package contents
cd ${WORKING_DIR}
pushd ${WORKING_DIR} &>/dev/null
warn "TODO: Package on `pwd`"
warn "TODO: Add creation date"
warn "TODO: Fix hostname (its too big!)"
popd &>/dev/null
warn 'TODO: Package!'
# cp $LXC_TEMPLATE .
# cp $LXC_CONF .
# cp $METATADA_JSON .
# chmod +x lxc-template
# sed -i "s/<TODAY>/${NOW}/" metadata.json
#
# # Vagrant box!
# tar -czf $PKG ./*
#
# chmod +rw ${WORKING_DIR}/${PKG}
# mkdir -p ${CWD}/output
# mv ${WORKING_DIR}/${PKG} ${CWD}/output
#
# # Clean up after ourselves
# rm -rf ${WORKING_DIR}
# lxc-destroy -n ${RELEASE}-base
#
# echo "The base box was built successfully to ${CWD}/output/${PKG}"

View file

@ -12,6 +12,7 @@ info() {
echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}"
}
# TODO: Add a file lock so we can build in parallel
confirm() {
question=${1}
default=${2}

70
boxes/conf/ubuntu Normal file
View file

@ -0,0 +1,70 @@
# Default pivot location
lxc.pivotdir = lxc_putold
# Default mount entries
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry = sysfs sys sysfs defaults 0 0
lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
# Default console settings
lxc.devttydir = lxc
lxc.tty = 4
lxc.pts = 1024
# Default capabilities
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, the container will be confined by default.
# If you wish for it to instead run unconfined, copy the following line
# (uncommented) to the container's configuration file.
#lxc.aa_profile = unconfined
# To support container nesting on an Ubuntu host while retaining most of
# apparmor's added security, use the following two lines instead.
#lxc.aa_profile = lxc-container-default-with-nesting
#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
# Uncomment the following line to autodetect squid-deb-proxy configuration on the
# host and forward it to the guest at start time.
#lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client
# If you wish to allow mounting block filesystems, then use the following
# line instead, and make sure to grant access to the block device and/or loop
# devices below in lxc.cgroup.devices.allow.
#lxc.aa_profile = lxc-container-default-with-mounting
# Default cgroup limits
lxc.cgroup.devices.deny = a
## Allow any mknod (but not using the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
## /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
## consoles
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 5:1 rwm
## /dev/{,u}random
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
## /dev/pts/*
lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 136:* rwm
## rtc
lxc.cgroup.devices.allow = c 254:0 rm
## fuse
lxc.cgroup.devices.allow = c 10:229 rwm
## tun
lxc.cgroup.devices.allow = c 10:200 rwm
## full
lxc.cgroup.devices.allow = c 1:7 rwm
## hpet
lxc.cgroup.devices.allow = c 10:228 rwm
## kvm
lxc.cgroup.devices.allow = c 10:232 rwm
## To use loop devices, copy the following line to the container's
## configuration file (uncommented).
#lxc.cgroup.devices.allow = b 7:* rwm