diff options
author | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-06-01 13:35:02 +0000 |
---|---|---|
committer | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-06-01 13:47:51 +0000 |
commit | a7f862f08787fd60e05dfa156459cb32ab475481 (patch) | |
tree | f2bc60481e4d4c8adc807d8596c530986d45d4df /tcwg-base | |
parent | 06792ad313385fea82b7fa9a0871e76fdd3c9d07 (diff) |
tcwg-host: New TCWG images for running "host" containers on vanilla machines.
Tcwg-host images allow one-command deployment TCWG environment on
vanilla machines. The start.sh script bind-mounts docker socket to allow
"build" and "dev" containers to be created from the "host" container.
Change-Id: Icbfea97abed6a28b892edd98307d209796827ac0
Diffstat (limited to 'tcwg-base')
-rw-r--r-- | tcwg-base/tcwg-host/Dockerfile.in | 10 | ||||
-rw-r--r-- | tcwg-base/tcwg-host/authorized_keys-maxim.kuvyrkov | 1 | ||||
-rwxr-xr-x | tcwg-base/tcwg-host/build.sh | 27 | ||||
l--------- | tcwg-base/tcwg-host/gerrit-branches | 1 | ||||
-rw-r--r-- | tcwg-base/tcwg-host/passwd | 1 | ||||
-rwxr-xr-x | tcwg-base/tcwg-host/start.sh | 59 |
6 files changed, 99 insertions, 0 deletions
diff --git a/tcwg-base/tcwg-host/Dockerfile.in b/tcwg-base/tcwg-host/Dockerfile.in new file mode 100644 index 00000000..e28a08dd --- /dev/null +++ b/tcwg-base/tcwg-host/Dockerfile.in @@ -0,0 +1,10 @@ +FROM linaro/ci-#{ARCH}-tcwg-base-ubuntu:#{DISTRO} + +COPY authorized_keys-* passwd / + +RUN new-user.sh --group primary:10000 \ + && while read line; do new-user.sh --passwd "$line"; done </passwd \ + && for key in /authorized_keys-*; do new-user.sh --key "$key"; done \ + && rm /passwd /authorized_keys-* + +COPY start.sh / diff --git a/tcwg-base/tcwg-host/authorized_keys-maxim.kuvyrkov b/tcwg-base/tcwg-host/authorized_keys-maxim.kuvyrkov new file mode 100644 index 00000000..fa17c380 --- /dev/null +++ b/tcwg-base/tcwg-host/authorized_keys-maxim.kuvyrkov @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR1x3iMEd7BSXx6QE3NtfVF8kYUUVoWUKCCC0jxOiLYCY3wf1i7bfQD7YMITEwXMvwQe6thGefBMLRPWr7WdoiUvxdaLYbSB72T4zN5tK/oQhFOHR8cqG68oSZIY89lUzFaGJRMGzSxUvYUWkwUhOIsjOBKFm+/yT4CD4SmUuFwQAadC6/t+jwc1LinYRMqphgfssUk8uzrvB0cqj2UsYrDF0jTVALfyTwWKHBokuZPnUER92v5e70/vAyOzJv13YdsQcwQBa1tBLrJJPpz8uX65bMLXJ6k+9U6bYSeVtRzYtmdDj5BYvdkJTR8diChLRS75roJclYpLEv0U9foCjd maxim.kuvyrkov@linaro.org-20150420 diff --git a/tcwg-base/tcwg-host/build.sh b/tcwg-base/tcwg-host/build.sh new file mode 100755 index 00000000..346e0ccc --- /dev/null +++ b/tcwg-base/tcwg-host/build.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +set -e + +trap cleanup_exit INT TERM EXIT + +cleanup_exit() +{ + rm -f authorized_keys-* passwd start.sh +} + +export LANG=C +distro=$(basename ${PWD} | cut -f1 -d '-') +arch=$(basename ${PWD} | cut -f2 -d '-') +name=$(basename ${PWD} | cut -f3- -d '-') +image=linaro/ci-${arch}-${name}-ubuntu:${distro} +top=$(git rev-parse --show-toplevel) + +cp $top/tcwg-base/tcwg-host/authorized_keys-* ./ +cp $top/tcwg-base/tcwg-host/passwd ./ +cp $top/tcwg-base/tcwg-host/start.sh ./ + +(cd ..; ./build.sh) +"$top"/tcwg-base/validate-dockerfile.sh Dockerfile +docker pull $image 2>/dev/null || true +docker build --tag=$image . +echo $image > .docker-tag diff --git a/tcwg-base/tcwg-host/gerrit-branches b/tcwg-base/tcwg-host/gerrit-branches new file mode 120000 index 00000000..11f6d349 --- /dev/null +++ b/tcwg-base/tcwg-host/gerrit-branches @@ -0,0 +1 @@ +../gerrit-branches
\ No newline at end of file diff --git a/tcwg-base/tcwg-host/passwd b/tcwg-base/tcwg-host/passwd new file mode 100644 index 00000000..62479561 --- /dev/null +++ b/tcwg-base/tcwg-host/passwd @@ -0,0 +1 @@ +maxim.kuvyrkov:x:10967:10000:Maxim Kuvyrkov:/home/maxim.kuvyrkov:/bin/bash diff --git a/tcwg-base/tcwg-host/start.sh b/tcwg-base/tcwg-host/start.sh new file mode 100755 index 00000000..e730d95a --- /dev/null +++ b/tcwg-base/tcwg-host/start.sh @@ -0,0 +1,59 @@ +#!/bin/bash + +set -e + +usage () +{ + cat <<EOF +$0 [OPTIONS] -- IMAGE + +Options: + --verbose true/false + Whether to run in verbose mode +EOF + exit 1 +} + +verbose=false + +while [ $# -gt 0 ]; do + case $1 in + --verbose) verbose="$2"; shift ;; + --) shift; break ;; + *) echo "ERROR: Wrong option: $1"; usage ;; + esac + shift +done + +image="$1" + +if $verbose; then + set -x +fi + +if [ x"$image" = x"" ]; then + echo "ERROR: image name not provided" + usage +fi + +if groups tcwg-buildslave 2>/dev/null | grep -q docker; then + # If tcwg-buildslave user is present, use it to start the container + # to have [sudo] log record of container startups. + DOCKER="sudo -u tcwg-buildslave docker" +elif [ x"$(id -u)" = x"0" ] || groups 2>/dev/null | grep -q docker; then + # Run docker straight up if $USER is root or in "docker" group. + DOCKER="docker" +else + # Fallback to sudo otherwise. + DOCKER="sudo docker" +fi + +mounts="" +mounts="$mounts -v host-home:/home" +mounts="$mounts -v /var/run/docker.sock:/var/run/docker.sock" +mounts="$mounts -v $(which docker):$(which docker)" + +# Use at most half of all available RAM. +memlimit=$(($(free -g | awk '/^Mem/ { print $2 }') / 2))G + +$DOCKER run -dt -p 2222:22 --name=host --hostname=$(hostname)-dckr $mounts --memory=$memlimit --pids-limit=5000 --restart=unless-stopped $image |