4 # description: Create BTRFS subvolumes for LXC reference images.
6 # Thierry Parmentelat <thierry.parmentelat@inria.fr>
7 # Copyright (C) 2012 INRIA
10 # not needed -- Source function library
11 #. /etc/init.d/functions
13 # a f>=18 root context won't have /bin nor /sbin in its path, which is where
14 # chkconfig is located on f<=14 images
15 export PATH=$PATH:/bin:/sbin
17 # This is where sliceimage(s) rpms store their reference images
18 sliceimage_dir=/vservers/.vref
19 sliceimage_stubs=/vservers/.vstub
20 lxc_dir=/vservers/.lvref
21 tmp_dir=/vservers/.ltmp
23 # Check if we are in the build environment
24 function check_node () {
25 mount | grep -q 'planetlab-vservers' || exit 0
26 [ -d $sliceimage_dir ] || { echo "No sliceimage installed" ; exit 1; }
31 echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
32 echo "lxc-sliceimage: starting on $(date)"
38 slicefamilies=$(cd $sliceimage_dir ; ls )
40 for slicefamily in $slicefamilies; do
41 echo ==================== $slicefamily
42 # initialize if needed
43 [ -d $lxc_dir/$slicefamily ] || {
44 echo "creating btrfs subvolume" ;
45 btrfs subvolume create $lxc_dir/$slicefamily ;
48 #btrfs subvolume create $lxc_dir/lxc-squeeze-x86_64
49 # copy the slice image into the btrfs ?
50 # echo "============================== mirroring start $(date)"
51 echo "$sliceimage_dir/$slicefamily/ onto btrfs subvolume $lxc_dir/$slicefamily/"
52 # mention --delete for rpm updates
53 # we want to keep only our own additions, that will be re-created in the remaining
54 # of this script anyway
55 rsync -a --delete $sliceimage_dir/$slicefamily/ $lxc_dir/$slicefamily/
56 # echo "============================== mirroring done $(date)"
57 # adapting slice images to the node virtualization mode can unfortunately
58 # not be done at build-time since we do not know that yet
59 patch_lvref $lxc_dir/$slicefamily
62 # create ref images from stubs
65 echo "lxc-sliceimage: done on $(date)"
66 echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
70 echo -n "Checking node .. "
73 echo "From installed sliceimage variants"
75 echo "Exported to lxc"
80 # sed -i $rootfs/etc/sudoers
82 # chroot $rootfs sed -i /etc/sudoers
83 # because the latter has sed issue weird messages like
84 # sed: warning: failed to get security context of ...
85 function patch_lvref () {
88 echo "patch_lvref : handling $rootfs"
90 # Allow a user who logins via ssh to sudo
91 sed -i 's/^Defaults\ *requiretty/\#&/' $rootfs/etc/sudoers
92 # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd
93 # which cannot run inside a container.
94 sed -i 's/^.*loginuid.so.*$/\#&/' $rootfs/etc/pam.d/login
95 # Enable eth0 on bootup
96 cat <<EOF > $rootfs/etc/sysconfig/network-scripts/ifcfg-eth0
101 # Tweak sshd configuration - not all slice images have sshd preinstalled
102 if [ -f $rootfs/etc/ssh/sshd_config ] ; then
103 sed -e 's/^UsePAM\ *yes/\#&/' \
104 -e 's/^GSSAPIAuthentication.*$/GSSAPIAuthentication no/' \
105 -e 's/^PasswordAuthentication.*$/PasswordAuthentication no/' \
106 -i $rootfs/etc/ssh/sshd_config
108 # Allow root to login at virsh console
109 echo "pts/0" >> $rootfs/etc/securetty
110 # our image does not have NetworkManager, only network, and it is off by default
111 chroot $rootfs chkconfig network on
113 # this will run only if the rootfs seems to be systemd-based
114 patch_lvref_systemd $rootfs
117 # beware that patch_lvref_systemd will return early on non systemd-powered images
118 # inspired from https://gist.github.com/1142202
119 ETC=/etc/systemd/system
120 LIB=/lib/systemd/system
122 function patch_lvref_systemd () {
128 # this applies to systemd only
129 [ -d $abslib ] || return
131 # stay away from trouble, avoid chroot'ing for straightforward stuff
132 echo "patch_lvref_systemd: handling $rootfs"
133 # sliceimage comes with graphical.target as default
134 ln -sf $LIB/multi-user.target $absetc/default.target
135 # sysinit.target seems to stick on boot, so disable it. However, we need
136 # systemd-tmpfiles-setup.service that was started by the dependency of
137 # sysinit.target to boot up correctly, so start it instead.
138 cp $abslib/basic.target $absetc/basic.target
139 sed -e 's/sysinit.target/systemd-tmpfiles-setup.service/' -i $absetc/basic.target
140 # Stop starting sysinit.target. Symlinking one to /dev/null is a standard way
141 # to disable a target (or a service and others).
142 ln -sf /dev/null $absetc/sysinit.target
143 # is also a cause of stuck on boot
144 ln -sf /dev/null $absetc/udev-settle.service
145 # It prevents systemd-tmpfiles-setup.service from starting
146 ln -sf /dev/null $absetc/fedora-readonly.service
147 # Libvirt lxc provides only tty1
148 rm -f $absetc/getty.target.wants/getty\@tty{2,3,4,5,6}.service
149 # It launches sulogin on console(tty1) but it interferes getty@tty1
150 ln -sf /dev/null $absetc/console-shell.service
151 # Workarounds for libvirt 0.9.4. Without this, getty@tty1 doen't launch
152 # because a trigger event on tty1 doesn't happen.
153 cp $abslib/getty\@.service $absetc/getty\@.service
154 sed -e 's/^BindTo/\#&/' -i $absetc/getty\@.service
155 ln -sf $ETC/getty\@.service $absetc/getty.target.wants/getty\@tty1.service
159 function unfold_system_slices () {
160 for clonedstamp in $sliceimage_stubs/*/*.cloned; do
161 unfold_system_slice_from_cloned $clonedstamp
165 # untested - how does this behave when updating the slice reference image ?
166 # OTOH system slices probably already run at update-time
167 # so it's kind of too late anyways
168 function unfold_system_slice_from_cloned () {
169 clonedstamp=$1; shift
170 # e.g. NAME=planetflow
171 NAME=$(basename $clonedstamp .cloned)
172 DIR=$(dirname $clonedstamp)
173 # e.g. SLICEFAMILY=planetlab-f8-i386
174 SLICEFAMILY=$(cat $clonedstamp)
175 # deduce the actual name used in .vref by replacing the first part of slice-family
176 # (pldistro) with the slice name
177 # e.g. VREFNAME=planetflow-f8-i386
178 VREFNAME=$(echo $SLICEFAMILY | sed -e "s,^[^-]*-,$NAME-,")
180 VREFPATH="$lxc_dir/$VREFNAME"
182 # do not redo existing vref's unless force is mentioned
183 [ -z "$FORCE" -a -d "$VREFPATH" ] && {
184 echo "unfold_system_slice_from_cloned : $VREFPATH looks fine" ;
187 [ -z "$FORCE" ] && message=Building
188 [ -n "$FORCE" ] && message=Force-building
190 # Copy base reference image
191 echo -n $"$message slice image for $NAME in $VREFNAME: "
193 # build the systemslice from the one it was originally cloned from
194 FAMILYREF="$lxc_dir/$SLICEFAMILY"
195 if [ ! -d "$FAMILYREF" ] ; then
196 echo system slice from $clonedstamp - could not find reference $FAMILYREF - skipped
202 # cleanup reference image if already exists
203 [ -d "$VREFPATH" ] && btrfs subvolume delete "$VREFPATH"
205 [ -d "$VREFPATH" ] && rm -rf "$VREFPATH"
208 btrfs subvolume snapshot $FAMILYREF $VREFPATH
210 # merge the stub with the reference to get the system slice
211 (cd "$DIR/$NAME"/ && find . | cpio -m -d -u -p "$VREFPATH"/) || \
212 { echo "Could not apply stub $DIR/$NAME - skipping $clonedstamp" ; btrfs subvolume delete "$VREFPATH" ; return ; }
215 rm -f "$VREFPATH/var/lib/rpm/__db"*
220 # run with the --tty option to see results, otherwise get that logged
223 *) exec >> /var/log/lxc-sliceimage.log 2>&1 ;;
227 start|restart|reload) start ; exit 0 ;;
228 status) status ; exit 0 ;;
230 *) echo $"Usage: $0 [--tty] {start|stop|status}"