From 89126185eb06ad2a4f5b8c0262b64379b7b6b43a Mon Sep 17 00:00:00 2001 From: Disassembler Date: Fri, 7 Sep 2018 15:47:44 +0200 Subject: [PATCH] Update lxcfiles to LXC 3 --- activemq/lxc/etc/services.d/.s6-svscan/finish | 3 --- activemq/lxc/etc/services.d/activemq/run | 5 ----- activemq/lxcfile | 3 ++- activemq/setup/etc/init.d/activemq | 6 +++--- basic-runtimes/alpine.lxcfile | 2 -- basic.sh | 8 ++++---- ckan-datapusher/lxc/etc/services.d/.s6-svscan/finish | 3 --- .../lxc/{etc/services.d/ckan-datapusher => }/run | 1 - ckan-datapusher/lxcfile | 2 +- ckan-datapusher/setup/etc/init.d/ckan-datapusher | 6 +++--- ckan/lxcfile | 2 +- ckan/setup.sh | 8 ++++---- ckan/setup/etc/init.d/ckan | 6 +++--- ckan/setup/etc/periodic/hourly/ckan | 5 +++-- postgres/lxcfile | 2 +- postgres/setup/etc/init.d/postgres | 6 +++--- redis/lxcfile | 2 +- redis/setup/etc/init.d/redis | 6 +++--- solr/lxcfile | 5 +---- solr/setup/etc/init.d/solr | 6 +++--- 20 files changed, 36 insertions(+), 51 deletions(-) delete mode 100755 activemq/lxc/etc/services.d/.s6-svscan/finish delete mode 100755 activemq/lxc/etc/services.d/activemq/run delete mode 100644 ckan-datapusher/lxc/etc/services.d/.s6-svscan/finish rename ckan-datapusher/lxc/{etc/services.d/ckan-datapusher => }/run (93%) diff --git a/activemq/lxc/etc/services.d/.s6-svscan/finish b/activemq/lxc/etc/services.d/.s6-svscan/finish deleted file mode 100755 index 78d5fdc..0000000 --- a/activemq/lxc/etc/services.d/.s6-svscan/finish +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -/bin/true diff --git a/activemq/lxc/etc/services.d/activemq/run b/activemq/lxc/etc/services.d/activemq/run deleted file mode 100755 index 3c99a93..0000000 --- a/activemq/lxc/etc/services.d/activemq/run +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/execlineb -P - -fdmove -c 2 1 -s6-setuidgid 61616:61616 -/srv/activemq/bin/activemq console diff --git a/activemq/lxcfile b/activemq/lxcfile index 4ca7e6e..52e45b5 100644 --- a/activemq/lxcfile +++ b/activemq/lxcfile @@ -22,4 +22,5 @@ COPY lxc MOUNT /srv/activemq/data srv/activemq/data -CMD s6-svscan /etc/services.d +USER 61616 61616 +CMD /srv/activemq/bin/activemq console diff --git a/activemq/setup/etc/init.d/activemq b/activemq/setup/etc/init.d/activemq index bb57448..e8a3d90 100644 --- a/activemq/setup/etc/init.d/activemq +++ b/activemq/setup/etc/init.d/activemq @@ -3,13 +3,13 @@ description="ActiveMQ container" depend() { - need lxc + need cgroups } start() { - /usr/bin/lxc-start -n activemq + /usr/bin/lxc-start activemq } stop() { - /usr/bin/lxc-stop -n activemq + /usr/bin/lxc-stop activemq } diff --git a/basic-runtimes/alpine.lxcfile b/basic-runtimes/alpine.lxcfile index 9cb5f46..5aba891 100644 --- a/basic-runtimes/alpine.lxcfile +++ b/basic-runtimes/alpine.lxcfile @@ -4,5 +4,3 @@ LAYER shared/alpine SCRIPT apk --no-cache add s6 RUN - -COPY /usr/sbin/init.lxc.static diff --git a/basic.sh b/basic.sh index 7f18d15..bfa8427 100755 --- a/basic.sh +++ b/basic.sh @@ -4,7 +4,7 @@ set -e SOURCE_DIR=$(realpath $(dirname "${0}"))/basic # Install packages -apk --no-cache add curl bridge e2fsprogs-extra gettext iptables kbd-misc libressl python3 py3-bcrypt py3-cffi py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux +apk --no-cache add curl bridge e2fsprogs-extra gettext iptables kbd-misc libacap libressl libseccomp python3 py3-bcrypt py3-cffi py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux if [ ${DEBUG:-0} -eq 1 ]; then # Install some utilities for DEBUG mode apk --no-cache add git file htop less openssh-server openssh-sftp-server @@ -39,7 +39,6 @@ cp ${SOURCE_DIR}/etc/iptables/rules-save /etc/iptables/rules-save cp ${SOURCE_DIR}/etc/network/interfaces /etc/network/interfaces service networking restart service iptables restart -echo -e "172.17.0.1 host\n172.17.0.1 postfix" >>/etc/hosts # Download and configure acme.sh mkdir /etc/acme.sh.d @@ -47,8 +46,9 @@ wget https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh -O /usr/b sed -i 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' /usr/bin/acme.sh chmod +x /usr/bin/acme.sh -# Download LXC +# Download and configure LXC wget https://dl.dasm.cz/lxc.tar.xz -O - | tar xJf - -C / +echo -e "172.17.0.1 host" >>/etc/hosts # Copy VMMgr resources cp ${SOURCE_DIR}/etc/init.d/vmmgr /etc/init.d/vmmgr @@ -63,7 +63,7 @@ vmmgr create-selfsigned cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf # Configure services -for SERVICE in cgroups consolefont crond iptables nginx ntpd swap vmmgr; do +for SERVICE in consolefont crond iptables nginx ntpd swap vmmgr; do rc-update add ${SERVICE} boot service ${SERVICE} start done diff --git a/ckan-datapusher/lxc/etc/services.d/.s6-svscan/finish b/ckan-datapusher/lxc/etc/services.d/.s6-svscan/finish deleted file mode 100644 index 78d5fdc..0000000 --- a/ckan-datapusher/lxc/etc/services.d/.s6-svscan/finish +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -/bin/true diff --git a/ckan-datapusher/lxc/etc/services.d/ckan-datapusher/run b/ckan-datapusher/lxc/run similarity index 93% rename from ckan-datapusher/lxc/etc/services.d/ckan-datapusher/run rename to ckan-datapusher/lxc/run index c07d6eb..a3a1bc9 100644 --- a/ckan-datapusher/lxc/etc/services.d/ckan-datapusher/run +++ b/ckan-datapusher/lxc/run @@ -1,6 +1,5 @@ #!/bin/execlineb -P -fdmove -c 2 1 foreground { /bin/add-ca-cert } s6-setuidgid 8004:8004 /usr/sbin/uwsgi --plugin python --http-socket 0.0.0.0:8080 --wsgi-file /etc/ckan-datapusher/datapusher.wsgi --enable-threads diff --git a/ckan-datapusher/lxcfile b/ckan-datapusher/lxcfile index e3c3c22..e6c6f10 100644 --- a/ckan-datapusher/lxcfile +++ b/ckan-datapusher/lxcfile @@ -41,4 +41,4 @@ VOLUME /etc/ssl/services.pem etc/ssl/services.pem VOLUME /srv/ckan-datapusher/conf etc/ckan-datapusher VOLUME /srv/ckan-datapusher/data srv/ckan-datapusher/data -CMD s6-svscan /etc/services.d +CMD /bin/execlineb -P /run diff --git a/ckan-datapusher/setup/etc/init.d/ckan-datapusher b/ckan-datapusher/setup/etc/init.d/ckan-datapusher index ccd8a9b..5156bdd 100755 --- a/ckan-datapusher/setup/etc/init.d/ckan-datapusher +++ b/ckan-datapusher/setup/etc/init.d/ckan-datapusher @@ -3,13 +3,13 @@ description="CKAN DataPusher container" depend() { - need lxc + need cgroups } start() { - lxc-start -n ckan-datapusher + lxc-start ckan-datapusher } stop() { - lxc-stop -n ckan-datapusher + lxc-stop ckan-datapusher } diff --git a/ckan/lxcfile b/ckan/lxcfile index b7df3db..e53d817 100644 --- a/ckan/lxcfile +++ b/ckan/lxcfile @@ -52,4 +52,4 @@ COPY lxc MOUNT /srv/ckan/conf etc/ckan MOUNT /srv/ckan/data srv/ckan/storage -CMD s6-svscan /etc/services.d +CMD /bin/s6-svscan /etc/services.d diff --git a/ckan/setup.sh b/ckan/setup.sh index c9d4340..9d16ee9 100755 --- a/ckan/setup.sh +++ b/ckan/setup.sh @@ -14,7 +14,7 @@ export CKAN_DS_PWD=$(head -c 18 /dev/urandom | base64) envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i postgres psql # Configure CKAN Solr core -lxc-execute -n solr -- solr create -p 8983 -c ckan +# TODO lxc-execute solr -- solr create -p 8983 -c ckan cp ${SOURCE_DIR}/srv/solr/data/ckan/conf/schema.xml /srv/solr/data/ckan/conf/schema.xml cp ${SOURCE_DIR}/srv/solr/data/ckan/conf/solrconfig.xml /srv/solr/data/ckan/conf/solrconfig.xml chown 8983:8983 /srv/solr/data/ckan/conf/schema.xml @@ -33,9 +33,9 @@ if [ ${DEBUG:-0} -eq 0 ]; then fi # Populate database -lxc-execute -n ckan -- paster --plugin=ckan db init -c /etc/ckan/ckan.ini -lxc-execute -n ckan -- paster --plugin=ckanext-spatial spatial initdb -c /etc/ckan/ckan.ini -lxc-execute -n ckan -- paster --plugin=ckan datastore set-permissions -c /etc/ckan/ckan.ini | lxc-attach -n postgres -- psql +lxc-execute ckan -- paster --plugin=ckan db init -c /etc/ckan/ckan.ini +lxc-execute ckan -- paster --plugin=ckanext-spatial spatial initdb -c /etc/ckan/ckan.ini +lxc-execute ckan -- paster --plugin=ckan datastore set-permissions -c /etc/ckan/ckan.ini # TODO | lxc-attach -n postgres -- psql chown -R 8003:8003 /srv/ckan/data # Create admin account diff --git a/ckan/setup/etc/init.d/ckan b/ckan/setup/etc/init.d/ckan index 29910e3..5577d84 100755 --- a/ckan/setup/etc/init.d/ckan +++ b/ckan/setup/etc/init.d/ckan @@ -3,11 +3,11 @@ description="CKAN container" depend() { - need lxc ckan-datapusher postgres redis solr + need cgroups ckan-datapusher postgres redis solr } start() { - lxc-start -n ckan + lxc-start ckan } start_post() { @@ -19,5 +19,5 @@ stop_pre() { } stop() { - lxc-stop -n ckan + lxc-stop ckan } diff --git a/ckan/setup/etc/periodic/hourly/ckan b/ckan/setup/etc/periodic/hourly/ckan index 7921bec..00bb07e 100755 --- a/ckan/setup/etc/periodic/hourly/ckan +++ b/ckan/setup/etc/periodic/hourly/ckan @@ -1,6 +1,7 @@ #!/bin/sh +# TODO if docker ps | grep -q 'ckan$'; then - lxc-execute -n ckan -- paster --plugin=ckan tracking update -c /etc/ckan/ckan.ini >/dev/null - lxc-execute -n ckan -- paster --plugin=ckan search-index rebuild -r -c /etc/ckan/ckan.ini >/dev/null + lxc-execute ckan -- paster --plugin=ckan tracking update -c /etc/ckan/ckan.ini >/dev/null + lxc-execute ckan -- paster --plugin=ckan search-index rebuild -r -c /etc/ckan/ckan.ini >/dev/null fi diff --git a/postgres/lxcfile b/postgres/lxcfile index 5ca04bd..ee04f87 100644 --- a/postgres/lxcfile +++ b/postgres/lxcfile @@ -21,4 +21,4 @@ RUN MOUNT /srv/postgres/data var/lib/postgresql USER 5432 5432 -CMD s6-setuidgid 5432:5432 /usr/bin/postgres -D /var/lib/postgresql +CMD /usr/bin/postgres -D /var/lib/postgresql diff --git a/postgres/setup/etc/init.d/postgres b/postgres/setup/etc/init.d/postgres index 3370955..8ea9bb9 100755 --- a/postgres/setup/etc/init.d/postgres +++ b/postgres/setup/etc/init.d/postgres @@ -3,11 +3,11 @@ description="Postgres container" depend() { - need lxc + need cgroups } start() { - lxc-start -n postgres + lxc-start postgres } start_post() { @@ -15,5 +15,5 @@ start_post() { } stop() { - lxc-stop -n postgres + lxc-stop postgres } diff --git a/redis/lxcfile b/redis/lxcfile index f2a2b26..e9a2ee1 100644 --- a/redis/lxcfile +++ b/redis/lxcfile @@ -15,4 +15,4 @@ MOUNT /srv/redis/conf/redis.conf etc/redis.conf MOUNT /srv/redis/data var/lib/redis USER 6379 6379 -CMD s6-setuidgid 6379:6379 /usr/bin/redis-server /etc/redis.conf +CMD /usr/bin/redis-server /etc/redis.conf diff --git a/redis/setup/etc/init.d/redis b/redis/setup/etc/init.d/redis index 8104805..28b7d5d 100755 --- a/redis/setup/etc/init.d/redis +++ b/redis/setup/etc/init.d/redis @@ -3,13 +3,13 @@ description="Redis container" depend() { - need lxc + need cgroups } start() { - lxc-start -n redis + lxc-start redis } stop() { - lxc-stop -n redis + lxc-stop redis } diff --git a/solr/lxcfile b/solr/lxcfile index 2bed268..dd9e32b 100644 --- a/solr/lxcfile +++ b/solr/lxcfile @@ -19,12 +19,9 @@ SCRIPT # Copy basic configuration file to data location cp -p /opt/solr/server/solr/solr.xml /var/lib/solr/solr.xml - - # Make start/stop script visible globally - ln -s /opt/solr/bin/solr /usr/bin/solr RUN MOUNT /srv/solr/data var/lib/solr USER 8983 8983 -CMD s6-setuidgid 5432:5432 /usr/bin/solr start -f +CMD /opt/solr/bin/solr start -f diff --git a/solr/setup/etc/init.d/solr b/solr/setup/etc/init.d/solr index a351b76..2bb6600 100755 --- a/solr/setup/etc/init.d/solr +++ b/solr/setup/etc/init.d/solr @@ -3,13 +3,13 @@ description="Solr container" depend() { - need lxc + need cgroups } start() { - lxc-start -n solr + lxc-start solr } stop() { - lxc-stop -n solr + lxc-stop solr }