From 5ead5e97366d4a6d1b1dae9efcbf6ed3e49bd43c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 12 Nov 2016 02:01:13 +0100 Subject: Adding initial curl container create script. Signed-off-by: Daniel Baumann --- share/doc/examples/container-images.sh | 37 +++++++ share/man/container-create-curl.1.txt | 116 ++++++++++++++++++++ share/man/container-create.1.txt | 6 ++ share/scripts/curl | 187 +++++++++++++++++++++++++++++++++ 4 files changed, 346 insertions(+) create mode 100755 share/doc/examples/container-images.sh create mode 100644 share/man/container-create-curl.1.txt create mode 100755 share/scripts/curl diff --git a/share/doc/examples/container-images.sh b/share/doc/examples/container-images.sh new file mode 100755 index 0000000..74e7ee0 --- /dev/null +++ b/share/doc/examples/container-images.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# +# Description: example for automated Debian base system container image creation +# Requires: debootstrap xz-utils +# Usage: sudo ./container-images.sh + +set -e + +ARCHITECTURES="amd64 i386" +DISTRIBUTIONS="stretch sid" +MIRROR="http://deb.debian.org/debian" +INCLUDE="dbus" + +DATE="$(date +%Y%m%d)" + +for DISTRIBUTION in ${DISTRIBUTIONS} +do + for ARCHITECTURE in ${ARCHITECTURES} + do + SOURCE="debian-${DISTRIBUTION}-${ARCHITECTURE}_${DATE}" + TARGET="debian-${DISTRIBUTION}-${ARCHITECTURE}" + + debootstrap --arch=${ARCHITECTURE} --include=${INCLUDE} ${DISTRIBUTION} ${SOURCE} ${MIRROR} + chroot "${SOURCE}" apt-get clean + + rm -f "${SOURCE}/etc/apt/apt.conf.d/01autoremove-kernels" + rm -f "${SOURCE}/etc/hostname" + echo "" > "${SOURCE}/etc/machine-id" + rm -f "${SOURCE}/etc/resolv.conf" + rm -f "${SOURCE}/var/lib/systemd/catalog/database" + + echo "Creating ${TARGET}.tar.xz" + tar cfJ "${TARGET}.tar.xz" "${SOURCE}" + done +done diff --git a/share/man/container-create-curl.1.txt b/share/man/container-create-curl.1.txt new file mode 100644 index 0000000..f310eaf --- /dev/null +++ b/share/man/container-create-curl.1.txt @@ -0,0 +1,116 @@ +// container-tools - Manage systemd-nspawn containers +// Copyright (C) 2014-2016 Daniel Baumann +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +CONTAINER-CREATE-CURL(1) +======================== +:doctype: manpage +:man manual: Open Infrastructure +:man source: container-tools +:man version: {revnumber} + + +NAME +---- +container-create-curl - Create a Debian based container by downloading a tarball over the network + + +SYNOPSIS +-------- +*container create -s curl* ['OPTIONS'] + + +DESCRIPTION +----------- +The curl container creation script uses curl(1) to download a tarball over the +network to create a Debian based container. + +Depending on the tarball this script otherwise creates a pure Debian system with three modificiations: + + * hostname is set (container name) in /etc/hostname + * systemd machine-id is generated in /etc/machine-id + * root password is set (user specified or 16 random characters) + + +OPTIONS +------- +The following script options are available: + +*-n, --name='NAME'*:: + Specify container name. + +*--image='IMAGE'*:: + Specify the image name to download, defaults to debian-stretch-${ARCHITECTURE}.tar.xz (where ${ARCHITECTURE} is the host systems architecture). + +*--server='SERVER'*:: + Specify the image server to download from, defaults to https://files.open-infrastructure.net/images/container-tools/current. + +*-p, --root-password='PASSWORD'*:: + Specify the root password, defaults to a random 16 character password. + + +EXAMPLES +-------- +*Create a Debian 9 (stretch) based container with same architecture as the host system:*:: + sudo container create -s curl -n stretch.example.net + +*Create a Debian 9 (stretch) based container with different architecture as the host system:*:: + sudo container create -s curl -n stretch-i386.example.net -- --image debian-stretch-i386.tar.xz + +FILES +----- +The following files are used: + +*/etc/container-tools/config*:: + Container configuration files. + +*/usr/share/container-tools/scripts*:: + Container creation scripts. + +*/usr/share/doc/container-tools*:: + Container documentation. + +*/var/lib/machines*:: + Container directory. + +*/var/cache/container-tools*:: + Container cache directory. + + +CONTAINER IMAGES +---------------- + +container-tools will download tarballs from a server expecting that the images are tarballs with either gzip, lzip, xz, or no compression. See container-images.sh as an example on how to create your own container images. + + +SEE ALSO +-------- +container-tools(7), +container(1). + + +HOMEPAGE +-------- +More information about container-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. + + +BUGS +---- +Bugs can be reported by sending a bug report to the Debian Bug Tracking System at https://bugs.debian.org. + + +AUTHORS +------- +container-tools was written by Daniel Baumann . diff --git a/share/man/container-create.1.txt b/share/man/container-create.1.txt index 4fe592f..6918585 100644 --- a/share/man/container-create.1.txt +++ b/share/man/container-create.1.txt @@ -64,6 +64,9 @@ SCRIPTS ------- The following container scripts are available: +*curl*:: + Basic script to create Debian based container, see container-create-curl(1). + *debootstrap*:: Basic script to create Debian based container, see container-create-debootstrap(1). @@ -76,6 +79,9 @@ The following container scripts are available: EXAMPLES -------- +*Create example.net container using curl script:*:: + sudo container create -n example.net -s curl + *Create example.net container using debootstrap script:*:: sudo container create -n example.net -s debootstrap diff --git a/share/scripts/curl b/share/scripts/curl new file mode 100755 index 0000000..0cf38e9 --- /dev/null +++ b/share/scripts/curl @@ -0,0 +1,187 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +SCRIPT="${0}" + +MACHINES="/var/lib/machines" +CACHE="/var/cache/container-tools/curl" + +Parameters () +{ + LONG_OPTIONS="bind:,script:,name:,image:,server:,password:" + OPTIONS="b:,s:,n:,p:" + + PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${SCRIPT} --options ${OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${SCRIPT}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -b|--bind) + # ignore + shift 2 + ;; + + --cnt.auto) + # ignore + shift 2 + ;; + + -s|--script) + # ignore + shift 2 + ;; + + -n|--name) + NAME="${2}" + shift 2 + ;; + + --image) + IMAGE="${2}" + shift 2 + ;; + + --server) + SERVER="${2}" + shift 2 + ;; + + -p|--password) + PASSWORD="${2}" + shift 2 + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${SCRIPT}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [--image IMAGE] [--server SERVER] [-p|--password PASSWORD}" >&2 + exit 1 +} + +Parameters "${@}" + +if [ -z "${NAME}" ] +then + Usage +fi + +if [ -e "${MACHINES}/${NAME}" ] +then + echo "'${NAME}': container already exists" >&2 + exit 1 +fi + +if [ ! -x /usr/bin/curl ] +then + echo "'${NAME}': /usr/bin/curl - no such file." >&2 + exit 1 +fi + +if [ "$(id -u)" -ne 0 ] +then + echo "'${NAME}': need root privileges" >&2 + exit 1 +fi + +ARCHITECTURE="${ARCHITECTURE:-$(dpkg --print-architecture)}" +IMAGE="${IMAGE:-debian-stretch-${ARCHITECTURE}.tar.xz}" +SERVER="${SERVER:-https://files.open-infrastructure.net/images/container-tools/current}" +PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}" + +VERSION="$(container version)" + +# Run + +# FIXME: Show available image directories on server +# FIXME: Fetch debconf-choices.txt to show debconf select +# FIXME: gpg verification against debian-keyring or local keyring +# FIXME: default server via configuration file + +echo "Downloading ${IMAGE}" +mkdir -p "${CACHE}" + +if [ -e "${CACHE}/${IMAGE}" ] +then + CURL_OPTIONS="--time-cond ${CACHE}/${IMAGE}" +fi + +curl --http2 --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \ + "${SERVER}/${IMAGE}" -o "${CACHE}/${IMAGE}" + +echo "Unpacking ${IMAGE}" +mkdir -p "${MACHINES}/${NAME}" + +case "${IMAGE}" in + *.gz) + TAR_OPTIONS="--gzip" + ;; + + *.lz) + TAR_OPTIONS="--lzip" + ;; + + *.xz) + TAR_OPTIONS="--xz" + ;; + + *) + TAR_OPTIONS="" + ;; +esac + +if [ -e /usr/bin/pv ] +then + pv --format '%p' --width 77 "${CACHE}/${IMAGE}" | tar xf - ${TAR_OPTIONS} -C "${MACHINES}/${NAME}" --strip 1 +else + tar xf "${CACHE}/${IMAGE}" ${TAR_OPTIONS} -C "${MACHINES}/${NAME}" --strip 1 +fi + +# Creating machine-id +chroot "${MACHINES}/${NAME}" systemd-machine-id-setup > /dev/null 2>&1 + +# Setting hostname +echo "${NAME}" > "${MACHINES}/${NAME}/etc/hostname" + +# Copying resolv.conf +cp -L /etc/resolv.conf "${MACHINES}/${NAME}/etc/resolv.conf" + +# Setting root password +echo root:${PASSWORD} | chroot "${MACHINES}/${NAME}" chpasswd +echo "${NAME}: root password set to '${PASSWORD}'." -- cgit v1.2.3