-#!/bin/bash
-#
-# chkconfig: 345 20 80
-# description: Create BTRFS subvolumes for LXC reference images.
-#
-# Thierry Parmentelat <thierry.parmentelat@inria.fr>
-# Copyright (C) 2012 INRIA
-#
-
-# not needed -- Source function library
-#. /etc/init.d/functions
-
-# a f>=18 root context won't have /bin nor /sbin in its path, which is where
-# chkconfig is located on f<=14 images
-export PATH=$PATH:/bin:/sbin
-
-# This is where sliceimage(s) rpms store their reference images
-sliceimage_dir=/vservers/.vref
-sliceimage_stubs=/vservers/.vstub
-lxc_dir=/vservers/.lvref
-tmp_dir=/vservers/.ltmp
-
-# Check if we are in the build environment
-function check_node () {
- mount | grep -q 'planetlab-vservers' || exit 0
- [ -d $sliceimage_dir ] || { echo "No sliceimage installed" ; exit 1; }
-}
-
-function start () {
-
- echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
- echo "lxc-sliceimage: starting on $(date)"
-
- check_node
-
- mkdir -p $lxc_dir
-
- slicefamilies=$(cd $sliceimage_dir ; ls )
-
- for slicefamily in $slicefamilies; do
- echo ==================== $slicefamily
- # initialize if needed
- [ -d $lxc_dir/$slicefamily ] || {
- echo "creating btrfs subvolume" ;
- btrfs subvolume create $lxc_dir/$slicefamily ;
- }
- # xxx what is that ?
- #btrfs subvolume create $lxc_dir/lxc-squeeze-x86_64
- # copy the slice image into the btrfs ?
-# echo "============================== mirroring start $(date)"
- echo "$sliceimage_dir/$slicefamily/ onto btrfs subvolume $lxc_dir/$slicefamily/"
- # mention --delete for rpm updates
- # we want to keep only our own additions, that will be re-created in the remaining
- # of this script anyway
- rsync -a --delete $sliceimage_dir/$slicefamily/ $lxc_dir/$slicefamily/
-# echo "============================== mirroring done $(date)"
- # adapting slice images to the node virtualization mode can unfortunately
- # not be done at build-time since we do not know that yet
- patch_lvref $lxc_dir/$slicefamily
- done
-
- # create ref images from stubs
- unfold_system_slices
-
- echo "lxc-sliceimage: done on $(date)"
- echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
-}
-
-function status () {
- echo -n "Checking node .. "
- check_node
- echo OK
- echo "From installed sliceimage variants"
- ls $sliceimage_dir
- echo "Exported to lxc"
- ls $lxc_dir
-}
-
-# prefer to use e.g.
-# sed -i $rootfs/etc/sudoers
-# rather than
-# chroot $rootfs sed -i /etc/sudoers
-# because the latter has sed issue weird messages like
-# sed: warning: failed to get security context of ...
-function patch_lvref () {
- rootfs=$1; shift
-
- echo "patch_lvref : handling $rootfs"
-
- # Allow a user who logins via ssh to sudo
- sed -i 's/^Defaults\ *requiretty/\#&/' $rootfs/etc/sudoers
- # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd
- # which cannot run inside a container.
- sed -i 's/^.*loginuid.so.*$/\#&/' $rootfs/etc/pam.d/login
- # Enable eth0 on bootup
- cat <<EOF > $rootfs/etc/sysconfig/network-scripts/ifcfg-eth0
-DEVICE=eth0
-BOOTPROTO=dhcp
-ONBOOT=yes
-EOF
- # Tweak sshd configuration - not all slice images have sshd preinstalled
- if [ -f $rootfs/etc/ssh/sshd_config ] ; then
- sed -e 's/^UsePAM\ *yes/\#&/' \
- -e 's/^GSSAPIAuthentication.*$/GSSAPIAuthentication no/' \
- -e 's/^PasswordAuthentication.*$/PasswordAuthentication no/' \
- -i $rootfs/etc/ssh/sshd_config
- fi
- # Allow root to login at virsh console
- echo "pts/0" >> $rootfs/etc/securetty
- # our image does not have NetworkManager, only network, and it is off by default
- chroot $rootfs chkconfig network on
-
- # this will run only if the rootfs seems to be systemd-based
- patch_lvref_systemd $rootfs
-}
-
-# beware that patch_lvref_systemd will return early on non systemd-powered images
-# inspired from https://gist.github.com/1142202
-ETC=/etc/systemd/system
-LIB=/lib/systemd/system
-
-function patch_lvref_systemd () {
- rootfs=$1; shift
-
- absetc=$rootfs/$ETC
- abslib=$rootfs/$LIB
-
- # this applies to systemd only
- [ -d $abslib ] || return
-
- # stay away from trouble, avoid chroot'ing for straightforward stuff
- echo "patch_lvref_systemd: handling $rootfs"
- # sliceimage comes with graphical.target as default
- ln -sf $LIB/multi-user.target $absetc/default.target
- # sysinit.target seems to stick on boot, so disable it. However, we need
- # systemd-tmpfiles-setup.service that was started by the dependency of
- # sysinit.target to boot up correctly, so start it instead.
- cp $abslib/basic.target $absetc/basic.target
- sed -e 's/sysinit.target/systemd-tmpfiles-setup.service/' -i $absetc/basic.target
- # Stop starting sysinit.target. Symlinking one to /dev/null is a standard way
- # to disable a target (or a service and others).
- ln -sf /dev/null $absetc/sysinit.target
- # is also a cause of stuck on boot
- ln -sf /dev/null $absetc/udev-settle.service
- # It prevents systemd-tmpfiles-setup.service from starting
- ln -sf /dev/null $absetc/fedora-readonly.service
- # Libvirt lxc provides only tty1
- rm -f $absetc/getty.target.wants/getty\@tty{2,3,4,5,6}.service
- # It launches sulogin on console(tty1) but it interferes getty@tty1
- ln -sf /dev/null $absetc/console-shell.service
- # Workarounds for libvirt 0.9.4. Without this, getty@tty1 doen't launch
- # because a trigger event on tty1 doesn't happen.
- cp $abslib/getty\@.service $absetc/getty\@.service
- sed -e 's/^BindTo/\#&/' -i $absetc/getty\@.service
- ln -sf $ETC/getty\@.service $absetc/getty.target.wants/getty\@tty1.service
-
-}
-
-function unfold_system_slices () {
- for clonedstamp in $sliceimage_stubs/*/*.cloned; do
- unfold_system_slice_from_cloned $clonedstamp
- done
-}
-
-# untested - how does this behave when updating the slice reference image ?
-# OTOH system slices probably already run at update-time
-# so it's kind of too late anyways
-function unfold_system_slice_from_cloned () {
- clonedstamp=$1; shift
- # e.g. NAME=planetflow
- NAME=$(basename $clonedstamp .cloned)
- DIR=$(dirname $clonedstamp)
- # e.g. SLICEFAMILY=planetlab-f8-i386
- SLICEFAMILY=$(cat $clonedstamp)
- # deduce the actual name used in .vref by replacing the first part of slice-family
- # (pldistro) with the slice name
- # e.g. VREFNAME=planetflow-f8-i386
- VREFNAME=$(echo $SLICEFAMILY | sed -e "s,^[^-]*-,$NAME-,")
-
- VREFPATH="$lxc_dir/$VREFNAME"
-
- # do not redo existing vref's unless force is mentioned
- [ -z "$FORCE" -a -d "$VREFPATH" ] && {
- echo "unfold_system_slice_from_cloned : $VREFPATH looks fine" ;
- return ;
- }
- [ -z "$FORCE" ] && message=Building
- [ -n "$FORCE" ] && message=Force-building
-
- # Copy base reference image
- echo -n $"$message slice image for $NAME in $VREFNAME: "
-
- # build the systemslice from the one it was originally cloned from
- FAMILYREF="$lxc_dir/$SLICEFAMILY"
- if [ ! -d "$FAMILYREF" ] ; then
- echo system slice from $clonedstamp - could not find reference $FAMILYREF - skipped
- return
- fi
-
- # safe side
- mkdir -p "$lxc_dir"
- # cleanup reference image if already exists
- [ -d "$VREFPATH" ] && btrfs subvolume delete "$VREFPATH"
- # extra safe
- [ -d "$VREFPATH" ] && rm -rf "$VREFPATH"
-
- # clone subvolume
- btrfs subvolume snapshot $FAMILYREF $VREFPATH
-
- # merge the stub with the reference to get the system slice
- (cd "$DIR/$NAME"/ && find . | cpio -m -d -u -p "$VREFPATH"/) || \
- { echo "Could not apply stub $DIR/$NAME - skipping $clonedstamp" ; btrfs subvolume delete "$VREFPATH" ; return ; }
-
- # Clean RPM state
- rm -f "$VREFPATH/var/lib/rpm/__db"*
-
- echo Done
-}
-
-# run with the --tty option to see results, otherwise get that logged
-case "$1" in
- --tty) shift;;
- *) exec >> /var/log/lxc-sliceimage.log 2>&1 ;;
-esac
-
-case "$1" in
- start|restart|reload) start ; exit 0 ;;
- status) status ; exit 0 ;;
- stop) exit 0 ;;
- *) echo $"Usage: $0 [--tty] {start|stop|status}"
- exit 1
- ;;
-esac