From 7780d3cb50b7de14a9d5efbe2c0a1e8ef116844c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= Date: Mon, 1 Feb 2016 16:29:49 +0100 Subject: [PATCH] Using entry script in docker. --- .gitignore | 2 ++ config/.k5login | 1 - docker.sh | 30 +++++++++++++--------- docker/hadoop/README.md | 13 +++++++--- docker/hadoop/build.sh | 10 +++++++- docker/hadoop/debian7/puppet/latest/Dockerfile | 6 +++++ .../hadoop/debian7/puppet/latest/docker-entry.sh | 16 ++++++++++++ 7 files changed, 61 insertions(+), 17 deletions(-) delete mode 100644 config/.k5login create mode 100755 docker/hadoop/debian7/puppet/latest/docker-entry.sh diff --git a/.gitignore b/.gitignore index 2fcdce6..7088fe0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ machines/*.sh !machines/*-gen-*.sh +config/.k5login +config/authorized_keys diff --git a/config/.k5login b/config/.k5login deleted file mode 100644 index 79bc6fd..0000000 --- a/config/.k5login +++ /dev/null @@ -1 +0,0 @@ -valtri@META diff --git a/docker.sh b/docker.sh index a325428..0755de6 100755 --- a/docker.sh +++ b/docker.sh @@ -28,7 +28,7 @@ # docker network create -d overlay ics.muni.cz # # 5) access to kdccesnet.ics.muni.cz, -# or directory config/$HOSTNAME/ssh, +# or create directory config/$HOSTNAME/ssh, # or disable FETCH_SSH_KEYS # @@ -68,27 +68,33 @@ if [ -n "${SIZE_MEM}" ]; then fi # ==== init ==== -confid_dir="`dirname $0`/config" +config_dir="`dirname $0`/config/${FACTER_hostname}" +mkdir -p ${config_dir} 2>/dev/null || : config_dir="`cd ${config_dir}; pwd`" if [ ! -f ~/.ssh/id_rsa_docker ]; then ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa_docker - cp -p ~/.ssh/id_rsa_docker.pub ~/.ssh/authorized_keys_docker - if [ -f ${config_dir}/authorized_keys ]; then - cat ${config_dir}/config/authorized_keys >> ~/.ssh/authorized_keys_docker +fi +if [ ! -d ${config_dir}/root/.ssh ]; then + mkdir -p ${config_dir}/root/.ssh + cp -p ~/.ssh/id_rsa_docker.pub ${config_dir}/root/.ssh/authorized_keys + if [ -f ${config_dir}/../authorized_keys ]; then + cat ${config_dir}/../authorized_keys >> ${config_dir}/root/.ssh/authorized_keys fi fi if [ -n "${FETCH_SSH_KEYS}" ]; then - if [ ! -d ${config_dir}/${FACTER_hostname} ]; then - mkdir -p ${config_dir}/${FACTER_hostname}/ssh - cp -p /etc/ssh/ssh*_config ${config_dir}/${FACTER_hostname}/ssh/ + if [ ! -d ${config_dir}/ssh ]; then + mkdir -p ${config_dir}/ssh + cp -p /etc/ssh/ssh*_config ${config_dir}/ssh/ for j in '' '.pub'; do for i in rsa dsa ecdsa; do - (umask 0177; rsh -5 -f -u -x -p 5665 kdccesnet.ics.muni.cz /usr/local/bin/rsh.getsshhostkey ${FACTER_fqdn} ssh_host_${i}_key${j} > ${config_dir}/${FACTER_hostname}/ssh/ssh_host_${i}_key${j}) + (umask 0177; rsh -5 -f -u -x -p 5665 kdccesnet.ics.muni.cz /usr/local/bin/rsh.getsshhostkey ${FACTER_fqdn} ssh_host_${i}_key${j} > ${config_dir}/ssh/ssh_host_${i}_key${j}) done done - chmod 0644 ${config_dir}/${FACTER_hostname}/ssh/*.pub + chmod 0644 ${config_dir}/ssh/*.pub fi - ARGS="${ARGS} -v ${config_dir}/${FACTER_hostname}/ssh:/etc/ssh" +fi +if [ -f "${config_dir}/../.k5login" ]; then + cp "${config_dir}/../.k5login" ${config_dir}/root/ fi for m in ${MOUNTS}; do loc_dir=`echo ${m} | cut -d: -f1` @@ -99,7 +105,7 @@ for m in ${MOUNTS}; do done docker run -itd \ - -v ~/.ssh/authorized_keys_docker:/root/.ssh/authorized_keys \ + -v ${config_dir}:/docker:ro \ --cap-add=NET_ADMIN --cap-add=NET_RAW \ --net=${DOCKER_network} \ --restart=on-failure:0 \ diff --git a/docker/hadoop/README.md b/docker/hadoop/README.md index 6118e06..fa99c57 100644 --- a/docker/hadoop/README.md +++ b/docker/hadoop/README.md @@ -1,4 +1,10 @@ -# meta +# Info + +For usage with [virtualization.git](http://scientific.zcu.cz/git/?p=virtualization.git;a=summary). + +# Layers + +## meta Final image with default OS puppet: @@ -6,16 +12,17 @@ Final image with default OS puppet: * openssh * locales -# puppet +## puppet Base image with puppet from puppetlabs: * puppet -# latest +## latest Final image with puppet from puppetlabs and configured master: * puppet + myriad7.zcu.cz * openssh * locales +* entry script + /sbin/init diff --git a/docker/hadoop/build.sh b/docker/hadoop/build.sh index 41806c1..ea25ecf 100755 --- a/docker/hadoop/build.sh +++ b/docker/hadoop/build.sh @@ -22,14 +22,22 @@ for p in ${platforms}; do done set +o xtrace + echo for p in ${platforms}; do for t in meta puppet latest; do - echo "docker tag hadoop-${p}:${t} ${user}/hadoop-${p}:${t}" + echo "docker rmi ${user}/hadoop-${p}:${t}" done done + echo +for p in ${platforms}; do + for t in meta puppet latest; do + echo "docker tag hadoop-${p}:${t} ${user}/hadoop-${p}:${t}" + done +done +echo for p in ${platforms}; do for t in meta puppet latest; do echo "docker push ${user}/hadoop-${p}:${t}" diff --git a/docker/hadoop/debian7/puppet/latest/Dockerfile b/docker/hadoop/debian7/puppet/latest/Dockerfile index 0904537..7d6540e 100644 --- a/docker/hadoop/debian7/puppet/latest/Dockerfile +++ b/docker/hadoop/debian7/puppet/latest/Dockerfile @@ -22,3 +22,9 @@ RUN apt-get update \ RUN apt-get clean \ && rm -rf /var/lib/apt/lists/* + +# ==== entry ==== + +COPY ./docker-entry.sh / +ENTRYPOINT ["/docker-entry.sh"] +CMD ["/sbin/init"] diff --git a/docker/hadoop/debian7/puppet/latest/docker-entry.sh b/docker/hadoop/debian7/puppet/latest/docker-entry.sh new file mode 100755 index 0000000..008fc8c --- /dev/null +++ b/docker/hadoop/debian7/puppet/latest/docker-entry.sh @@ -0,0 +1,16 @@ +#! /bin/sh + +if [ -d /docker/ssh ]; then + cp -vp /docker/ssh/* /etc/ssh/ +fi + +if [ -f /docker/root/.ssh/authorized_keys ]; then + mkdir -v /root/.ssh/ 2>/dev/null || : + cp -vp /docker/root/.ssh/authorized_keys /root/.ssh/ +fi + +if [ -f /docker/root/.k5login ]; then + cp -vp /docker/root/.k5login /root/ +fi + +exec "$@" -- 1.8.2.3