[elbe-devel] [PATCH 1/5] use contrib/dockerfile from elbe3
Manuel Traut
manut at linutronix.de
Tue Apr 2 13:46:21 CEST 2019
elbe-ci requires certain targets in the dockerfile/Makefile that
are not available in elbe 2.x.
To enable tests with the same test-flow between different elbe versions,
this backports the contrib/dockerfile folder from elbe3.
Signed-off-by: Manuel Traut <manut at linutronix.de>
---
contrib/dockerfile/Dockerfile | 67 -----------------
contrib/dockerfile/Dockerfile.in | 91 ++++++++++++++++++++++++
contrib/dockerfile/Makefile | 81 ++++++++++++---------
contrib/dockerfile/README.md | 18 ++---
contrib/dockerfile/adds/supervisord.conf | 25 -------
5 files changed, 147 insertions(+), 135 deletions(-)
delete mode 100644 contrib/dockerfile/Dockerfile
create mode 100644 contrib/dockerfile/Dockerfile.in
delete mode 100644 contrib/dockerfile/adds/supervisord.conf
diff --git a/contrib/dockerfile/Dockerfile b/contrib/dockerfile/Dockerfile
deleted file mode 100644
index 7b539b25..00000000
--- a/contrib/dockerfile/Dockerfile
+++ /dev/null
@@ -1,67 +0,0 @@
-# This Dockefile generate a image for the elbe buildsystem
-
-# baseimage is debian wheezy
-FROM debian:jessie
-
-ENV LANG C.UTF-8
-
-# update and upgrade
-RUN export DEBIAN_FRONTEND noninteractive ;\
- apt-get update -y ;\
- apt-get install -y --no-install-recommends \
- build-essential \
- ca-certificates \
- cpio \
- e2tools \
- git \
- kvm \
- libvirt-bin \
- make \
- openssh-server \
- p7zip-full \
- python python-lxml \
- python-apt \
- python-apt \
- python-lxml \
- python-mako \
- python-mako \
- python-parted \
- python-suds \
- qemu \
- qemu-keymaps \
- qemu-kvm \
- qemu-system \
- qemu-system \
- qemu-user-static \
- qemu-utils \
- qemu-utils \
- sudo \
- supervisor \
- tmux \
- vim \
- wget \
- ; \
- apt-get clean -y ;\
- rm -rf /var/lib/apt/lists/*
-
-# additions
-ADD adds/supervisord.conf /etc/supervisord.conf
-
-# create elbe user
-RUN groupadd -g 78 -o -r kvm78 # archlinux
-RUN useradd -d /home/elbe -U -G libvirt,kvm,kvm78,libvirt-qemu -m -s /bin/bash -u 1000 elbe
-RUN echo "root:elbe" | chpasswd
-RUN echo "elbe:elbe" | chpasswd
-
-# sudo for elbe
-RUN echo "%elbe ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
-RUN chmod 0440 /etc/sudoers.d/elbegrp
-
-# add sbc (https://github.com/turicas/sbc)
-ADD https://raw.githubusercontent.com/turicas/sbc/develop/sbc /usr/bin/sbc
-RUN chmod a+rx /usr/bin/sbc
-
-# ssh and startup configuration
-RUN mkdir -v /var/run/sshd
-CMD ["/usr/bin/supervisord", "-n"]
-EXPOSE 22
diff --git a/contrib/dockerfile/Dockerfile.in b/contrib/dockerfile/Dockerfile.in
new file mode 100644
index 00000000..73de647b
--- /dev/null
+++ b/contrib/dockerfile/Dockerfile.in
@@ -0,0 +1,91 @@
+#
+# ELBE - Debian Based Embedded Rootfilesystem Builder
+# Copyright (c) 2014-2015 Silvio Fricke <silvio.fricke at gmail.com>
+# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# This Dockefile generate a image for the elbe buildsystem
+FROM elbeproject/debian-stretch:latest
+
+USER root
+ENV DEBIAN_FRONTEND noninteractive
+
+# use a sources.list including security and backports
+RUN echo "deb http://ftp.de.debian.org/debian stretch main" > /etc/apt/sources.list; \
+ echo "deb http://ftp.de.debian.org/debian stretch-backports main" >> /etc/apt/sources.list; \
+ echo "deb http://security.debian.org/debian-security stretch/updates main" >> /etc/apt/sources.list
+
+# update, upgrade and install elbe runtime-dependencies
+RUN apt-get update -y ;\
+ apt-get install -y --no-install-recommends \
+ -o Dpkg::Options::="--force-confnew" \
+ systemd \
+ ca-certificates \
+ sudo \
+ vim-nox \
+ wget \
+ software-properties-common \
+ gnupg \
+ python3-setuptools \
+ python3-yaml \
+ python3-jsonschema \
+ locales \
+ gcc \
+ g++ \
+ diffstat \
+ texinfo \
+ gawk \
+ chrpath \
+ python3-mako \
+ fuseiso9660 \
+ aptly \
+ qemu-system-x86
+
+RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen
+
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+
+# install current elbe
+RUN apt-add-repository 'deb http://debian.linutronix.de/elbe stretch main'
+RUN wget http://debian.linutronix.de/elbe/elbe-repo.pub
+RUN apt-key add elbe-repo.pub
+RUN apt-get update -y
+RUN apt-get install -y --no-install-recommends \
+ elbe \
+ elbe-doc
+RUN apt-get clean -y
+RUN rm -rf /var/lib/apt/lists/*
+
+# create elbe user
+RUN groupadd -g @KVMGID@ -o -r kvm-elbe
+RUN useradd -d /home/elbe -U -G kvm-elbe,libvirt -m -s /bin/bash -u @USERID@ elbe
+RUN echo "root:elbe" | chpasswd
+RUN echo "elbe:elbe" | chpasswd
+
+RUN rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+VOLUME [ "/elbe" ]
+VOLUME [ "/var/cache/elbe" ]
+
+# sudo for elbe
+RUN echo "%elbe ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
+RUN chmod 0440 /etc/sudoers.d/elbegrp
+
+# run qemu as root
+RUN echo 'user = "root"' >> /etc/libvirt/qemu.conf
+RUN echo 'group = "root"' >> /etc/libvirt/qemu.conf
+
+# run libvirt in systemd on startup
+RUN systemctl enable libvirtd
+
+CMD [ "/lib/systemd/systemd" ]
diff --git a/contrib/dockerfile/Makefile b/contrib/dockerfile/Makefile
index 71af8d2a..f66de31a 100644
--- a/contrib/dockerfile/Makefile
+++ b/contrib/dockerfile/Makefile
@@ -1,45 +1,56 @@
+# ELBE - Debian Based Embedded Rootfilesystem Builder
+# Copyright (c) 2015 Silvio Fricke <silvio.fricke at gmail.com>
+# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
-IMAGENAME ?= elbe-image
-CONTAINERNAME ?= elbe
-
-ifdef SSH_AUTH_SOCK
- sshauth = -e SSH_AUTH_SOCK=/ssh-auth-sock -v $(SSH_AUTH_SOCK):/ssh-auth-sock
-endif
+IMAGENAME ?= elbe-devel-image
+CONTAINERNAME ?= elbe-devel
+KVMGID ?= $(shell ls -n /dev/kvm | awk '{ print $$4 }')
+UID ?= $(shell id -u)
# docker commands
build:
- docker build -t $(IMAGENAME) .
-
-run:
- docker run \
- -v $(realpath ../../.):/elbe \
- --device /dev/kvm:/dev/kvm \
- $(sshauth) \
- -d \
- -ti \
+ test -c /dev/kvm || ( echo "/dev/kvm not found" && false )
+ test -c /dev/fuse || ( echo "/dev/fuse not found" && false )
+ test -n "$(KVMGID)" || ( echo "detecting groupid of /dev/kvm failed" && false )
+ sed -e "s#@KVMGID@#$(KVMGID)#g" \
+ -e "s#@USERID@#$(UID)#g" \
+ Dockerfile.in > Dockerfile
+ docker build --build-arg http_proxy=$(http_proxy) \
+ --build-arg https_proxy=$(https_proxy) \
+ --build-arg no_proxy=$(no_proxy) \
+ --no-cache \
+ -t $(IMAGENAME) .
+ rm Dockerfile
+
+start:
+ docker ps | grep $(CONTAINERNAME)$$ || \
+ docker run --name $(CONTAINERNAME) -d \
+ -e container=docker \
+ -e http_proxy=$(http_proxy) \
+ -e https_proxy=$(https_proxy) \
+ -e no_proxy=$(no_proxy) \
+ -v $(realpath ../../.):/elbe -w /elbe\
+ -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
+ --cap-add SYS_ADMIN \
+ --security-opt seccomp:unconfined \
+ --security-opt apparmor:unconfined \
--group-add kvm \
- --name \
- $(CONTAINERNAME) \
+ --device /dev/kvm \
+ --device /dev/fuse \
$(IMAGENAME)
-getip:
- docker inspect -f '{{ .NetworkSettings.IPAddress }}' $(CONTAINERNAME)
-
-start: run getip
-
stop:
- docker stop $(CONTAINERNAME)
+ -docker stop $(CONTAINERNAME)
stoprm: stop
- docker rm $(CONTAINERNAME)
-
-# ssh related functions
-cleanssh:
- IP=$(shell docker inspect -f '{{ .NetworkSettings.IPAddress }}' ${CONTAINERNAME}) ;\
- [[ -n "$${IP}" ]] && ssh-keygen -R $${IP}
-
-connect:
- SBC=$(shell which sbc) ;\
- IP=$(shell docker inspect -f '{{ .NetworkSettings.IPAddress }}' ${CONTAINERNAME}) ;\
- ssh-copy-id elbe@$${IP} ;\
- $$SBC ssh -XA elbe@$${IP}
+ -docker rm $(CONTAINERNAME)
+
+clean: stoprm
+ -docker rmi $(IMAGENAME)
+
+connect: start
+ docker exec -tiu $(UID) $(CONTAINERNAME) /bin/bash
+
+.PHONY: build start stop stoprm clean connect
diff --git a/contrib/dockerfile/README.md b/contrib/dockerfile/README.md
index f8ef79bf..20407502 100644
--- a/contrib/dockerfile/README.md
+++ b/contrib/dockerfile/README.md
@@ -1,5 +1,10 @@
-
# Dockerfile for elbe
+#
+# ELBE - Debian Based Embedded Rootfilesystem Builder
+# Copyright (c) 2014-2015 Silvio Fricke <silvio.fricke at gmail.com>
+# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
[elbe][elb] is a debian based system to generate root-filesystems for embedded
devices.
@@ -7,8 +12,8 @@ devices.
[docker][doc] is an open-source project to easily create lightweight, portable,
self-sufficient containers from any application.
-This is a Dockerfile to generate a elbe development environment for systems
-other than debian based.
+This is a Dockerfile to generate a elbe development and runtime environment for
+systems other than debian based.
[doc]: https://www.docker.io "Docker Homepage"
[elb]: http://elbe-rfs.org "ELBE Homepage"
@@ -25,13 +30,10 @@ is `elbe-image` and a started container name is `elbe`. This names are
changeable via `IMAGENAME` and `CONTAINERNAME` environment variables.
* `build`: build the image
-* `start` start a container, mounts the elbe git-archive to `/elbe` and gives
- back the ip address
+* `start` start a container, mounts the elbe git-archive to `/elbe`
* `stop`: stop a running container
* `stoprm`: stop and remove the container
-* `getip`: return ip address of a running container
-* `connect`: connect via ssh to the container
-* `cleanssh`: remove the used ip address (see `getip`) from your `${HOME}/.ssh/known_host`
+* `connect`: attach to a running container
After `connect` you can find the elbe git repository under `/elbe`.
diff --git a/contrib/dockerfile/adds/supervisord.conf b/contrib/dockerfile/adds/supervisord.conf
deleted file mode 100644
index d35b840d..00000000
--- a/contrib/dockerfile/adds/supervisord.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-; taken by https://github.com/sullof/docker-sshd
-[unix_http_server]
-file=/tmp/supervisor.sock ; (the path to the socket file)
-
-[supervisord]
-logfile=/tmp/supervisord.log ; (main log file;default $CWD/supervisord.log)
-logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
-logfile_backups=10 ; (num of main logfile rotation backups;default 10)
-loglevel=info ; (log level;default info; others: debug,warn,trace)
-pidfile=/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
-nodaemon=false ; (start in foreground if true;default false)
-minfds=1024 ; (min. avail startup file descriptors;default 1024)
-minprocs=200 ; (min. avail process descriptors;default 200)
-
-; the below section must remain in the config file for RPC
-; (supervisorctl/web interface) to work, additional interfaces may be
-; added by defining them in separate rpcinterface: sections
-[rpcinterface:supervisor]
-supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
-
-[supervisorctl]
-serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket
-
-[program:openssh]
-command=/usr/sbin/sshd
--
2.20.1
More information about the elbe-devel
mailing list