lxc-centos-swair

1. #!/bin/bash
2.  
3. echo "Creating centos-6 node..."
4.  
5. configure_centos()
6. {
7. rootfs=$1
8. hostname=$2
9.  
10. # disable selinux in centos
11. mkdir -p $rootfs/selinux
12. echo 0 > $rootfs/selinux/enforce
13.  
14. # add host root ssh access
15.  
16. cp /usr/lib/lxc/templates/files/rc.local $rootfs/etc/rc.local
17.  
18. # set the hostname
19. cat <<EOF > $rootfs/etc/hostname
20. $hostname
21. EOF
22. # set minimal hosts
23. cat <<EOF > $rootfs/etc/hosts
24. 127.0.0.1 localhost $hostname
25. EOF
26.  
27. cat <<EOF > $rootfs/etc/init/console.conf
28. # console - mingetty
29. #
30. # This service maintains a console on tty1 from the point the system is
31. # started until it is shut down again.
32.  
33. start on stopped rc RUNLEVEL=[2345]
34. stop on runlevel [!2345]
35.  
36. respawn
37. exec /sbin/mingetty console
38. EOF
39.  
40. cat <<EOF > $rootfs/etc/fstab
41. none /dev/pts devpts defaults 0 0
42. EOF
43.  
44. sed -i -e 's:/sbin/start_udev:#/sbin/start_udev:' $rootfs/etc/rc.d/rc.sysinit
45.  
46. sed -i -e 's:\(Defaults *requiretty\):# \1:' $rootfs/etc/sudoers
47.  
48. # create necessary devices
49. rm $rootfs/dev/null
50. mknod -m 666 $rootfs/dev/null c 1 3
51. mknod -m 666 $rootfs/dev/random c 1 8
52. mknod -m 666 $rootfs/dev/urandom c 1 9
53. mkdir -m 755 $rootfs/dev/pts
54. mknod -m 666 $rootfs/dev/tty c 5 0
55. mknod -m 666 $rootfs/dev/tty0 c 4 0
56. mknod -m 666 $rootfs/dev/tty1 c 4 1
57. mknod -m 666 $rootfs/dev/tty2 c 4 2
58. mknod -m 666 $rootfs/dev/tty3 c 4 3
59. mknod -m 666 $rootfs/dev/tty4 c 4 4
60. mknod -m 600 $rootfs/dev/console c 5 1
61. mknod -m 666 $rootfs/dev/full c 1 7
62. mknod -m 600 $rootfs/dev/initctl p
63.  
64. # change root password
65. echo "Set root password to 'root'"
66. echo "root:root" | chroot $rootfs chpasswd
67.  
68. return 0
69. }
70.  
71. copy_centos()
72. {
73. cache=$1
74. arch=$2
75. rootfs=$3
76.  
77. # make a local copy of the minicentos
78. echo "Extracting rootfs image to $rootfs ..."
79. mkdir $rootfs
80. tar zxf /home/swair.s/centos-6-$arch.tar.gz -C $rootfs || return 1
81. return 0
82. }
83.  
84. install_centos()
85. {
86. cache="/var/cache/lxc"
87. rootfs=$1
88. mkdir -p /var/lock/subsys/
89. (
90. flock -n -x 200
91. if [ $? -ne 0 ]; then
92. echo "Cache repository is busy."
93. return 1
94. fi
95.  
96. arch=$(arch)
97. if [ "$arch" == "x86_64" ]; then
98. arch=amd64
99. fi
100.  
101. if [ "$arch" == "i686" ]; then
102. arch=i386
103. fi
104.  
105. echo "Checking image cache in $cache/rootfs-$arch ... "
106. if [ ! -e "$cache/rootfs-$arch" ]; then
107. if [ $? -ne 0 ]; then
108. echo "Failed to download 'centos base'"
109. return 1
110. fi
111. fi
112.  
113. copy_centos $cache $arch $rootfs
114. if [ $? -ne 0 ]; then
115. echo "Failed to copy rootfs"
116. return 1
117. fi
118.  
119. return 0
120.  
121. ) 200>/var/lock/subsys/lxc
122.  
123. return $?
124. }
125.  
126. copy_configuration()
127. {
128. path=$1
129. rootfs=$2
130. name=$3
131.  
132. cat <<EOF >> $path/config
133. lxc.utsname = $name
134.  
135. lxc.tty = 4
136. lxc.pts = 1024
137. lxc.rootfs = $rootfs
138. lxc.mount = $path/fstab
139.  
140. lxc.cgroup.devices.deny = a
141.  
142. # /dev/null and zero
143. lxc.cgroup.devices.allow = c 1:3 rwm
144. lxc.cgroup.devices.allow = c 1:5 rwm
145. # consoles
146. lxc.cgroup.devices.allow = c 5:1 rwm
147. lxc.cgroup.devices.allow = c 5:0 rwm
148. lxc.cgroup.devices.allow = c 4:0 rwm
149. lxc.cgroup.devices.allow = c 4:1 rwm
150. # /dev/{,u}random
151. lxc.cgroup.devices.allow = c 1:9 rwm
152. lxc.cgroup.devices.allow = c 1:8 rwm
153. lxc.cgroup.devices.allow = c 136:* rwm
154. lxc.cgroup.devices.allow = c 5:2 rwm
155. # rtc
156. lxc.cgroup.devices.allow = c 254:0 rwm
157. EOF
158.  
159. cat <<EOF > $path/fstab
160. proc $rootfs/proc proc nodev,noexec,nosuid 0 0
161. devpts $rootfs/dev/pts devpts defaults 0 0
162. sysfs $rootfs/sys sysfs defaults 0 0
163. EOF
164.  
165. if [ $? -ne 0 ]; then
166. echo "Failed to add configuration"
167. return 1
168. fi
169.  
170. return 0
171. }
172.  
173. clean()
174. {
175. cache="/var/cache/lxc"
176.  
177. if [ ! -e $cache ]; then
178. exit 0
179. fi
180.  
181. # lock, so we won't purge while someone is creating a repository
182. (
183. flock -n -x 200
184. if [ $? != 0 ]; then
185. echo "Cache repository is busy."
186. exit 1
187. fi
188.  
189. echo -n "Purging the download cache..."
190. rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
191. exit 0
192.  
193. ) 200>/var/lock/subsys/lxc
194. }
195.  
196. usage()
197. {
198. cat <<EOF
199. $1 -h|--help -p|--path=<path> --clean
200. EOF
201. return 0
202. }
203.  
204. options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
205. if [ $? -ne 0 ]; then
206. usage $(basename $0)
207. exit 1
208. fi
209. eval set -- "$options"
210.  
211. while true
212. do
213. case "$1" in
214. -h|--help) usage $0 && exit 0;;
215. -p|--path) path=$2; shift 2;;
216. -n|--name) name=$2; shift 2;;
217. -c|--clean) clean=$2; shift 2;;
218. --) shift 1; break ;;
219. *) break ;;
220. esac
221. done
222.  
223. if [ ! -z "$clean" -a -z "$path" ]; then
224. clean || exit 1
225. exit 0
226. fi
227.  
228. if [ -z "$path" ]; then
229. echo "'path' parameter is required"
230. exit 1
231. fi
232.  
233. if [ "$(id -u)" != "0" ]; then
234. echo "This script should be run as 'root'"
235. exit 1
236. fi
237.  
238. rootfs=$path/rootfs
239.  
240. install_centos $rootfs
241. if [ $? -ne 0 ]; then
242. echo "failed to install centos"
243. exit 1
244. fi
245.  
246. configure_centos $rootfs $name
247. if [ $? -ne 0 ]; then
248. echo "failed to configure centos for a container"
249. exit 1
250. fi
251.  
252. copy_configuration $path $rootfs $name
253. if [ $? -ne 0 ]; then
254. echo "failed write configuration file"
255. exit 1
256. fi
257.  
258. if [ ! -z $clean ]; then
259. clean || exit 1
260. exit 0
261. fi