X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=scripts%2Fxds-docker-create-container.sh;h=7990c4592063e9aa45987d08542d805a2983689a;hb=add6f928e6a95d14b511ebd59e0fba231747cdbb;hp=2db3e5ffa47dfe13d4c2da783d38f1dd1010ee32;hpb=79657f94a9ecf272736e3e52c5ca5e5bca60bf00;p=src%2Fxds%2Fxds-server.git diff --git a/scripts/xds-docker-create-container.sh b/scripts/xds-docker-create-container.sh index 2db3e5f..7990c45 100755 --- a/scripts/xds-docker-create-container.sh +++ b/scripts/xds-docker-create-container.sh @@ -1,4 +1,23 @@ #!/bin/bash + ########################################################################### +# Copyright 2017 IoT.bzh +# +# author: Sebastien Douheret +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +########################################################################### + +# shellcheck disable=SC2086 ########################################## # WARNING WARNING WARNING WARNING @@ -8,16 +27,8 @@ # You should customize it to fit your environment and in particular # adjust the paths and permissions where needed. # -# Note that sharing volumes with host system is not mandatory: it -# was just added for performances reasons: building from a SSD is -# just faster than using the container filesystem: that's why /xdt is -# mounted from there. Same applies to ~/mirror and ~/share, which are -# just 2 convenient folders to store reference build caches (used in prepare_meta script) -# ########################################## -CURDIR=$(cd $(dirname $0) && pwd -P) - REGISTRY=docker.automotivelinux.org REPO=agl NAME=worker @@ -32,10 +43,17 @@ DOCKER_USER=devel DEFIMAGE=$REGISTRY/$REPO/$NAME-$FLAVOUR:$VERSION function usage() { - echo "Usage: $(basename $0) [image name]" >&2 - echo "Instance ID must be 0 or a positive integer (1,2,...)" >&2 - echo "Image name is optional: 'make show-image' is used by default to get image" >&2 - echo "Default image: $DEFIMAGE" >&2 + echo "Usage: $(basename $0) [-h|--help] [-fr] [-id ] " + echo " [-nc] [-nuu] [-v|--volume ] [image name]" + echo "Image name is optional; 'docker images' is used by default to get image" + echo "Default image:" + echo " $DEFIMAGE" + echo "" + echo "Options:" + echo " -fr | --force-restart Force restart of xds-server service" + echo " -id Instance ID used to build container name, a positive integer (0,1,2,...)" + echo " -nuu | --no-uid-update Don't update user/group id within docker" + echo " -v | --volume Additional docker volume to bind, syntax is -v /InDockerPath:/HostPath " exit 1 } @@ -43,20 +61,38 @@ ID="" IMAGE="" FORCE_RESTART=false UPDATE_UID=true +USER_VOLUME_OPTION="" +NO_CLEANUP=false while [ $# -ne 0 ]; do case $1 in -h|--help|"") usage ;; - -fr|-force-restart) + -fr|--force-restart) FORCE_RESTART=true ;; - -no-uid-update) + -nc|--no-cleanup) + NO_CLEANUP=true + ;; + -nuu|--no-uid-update) UPDATE_UID=false ;; + -v|--volume) + shift + if [[ "$1" =~ .*:.* ]]; then + USER_VOLUME_OPTION="-v $1" + else + echo "Invalid volume option, format must be /InDockerPath:/hostPath" + exit 1 + fi + ;; + -id) + shift + ID=$1 + ;; *) - if [[ "$1" =~ ^[0-9]+$ ]]; then - ID=$1 + if [[ "$1" =~ ^[\.0-9]+$ ]]; then + IMAGE=$REGISTRY/$REPO/$NAME-$FLAVOUR:$1 else IMAGE=$1 fi @@ -70,23 +106,24 @@ done # Dynamically retrieve image name if [ "$IMAGE" = "" ]; then - VER_NUM=`docker images $REGISTRY/$REPO/$NAME-$FLAVOUR:* --format {{.Tag}} | wc -l` - if [ $VER_NUM -gt 1 ]; then + VERSION_LIST=$(docker images $REGISTRY/$REPO/$NAME-$FLAVOUR --format '{{.Tag}}') + VER_NUM=$(echo "$VERSION_LIST" | wc -l) + if [ "$VER_NUM" -gt 1 ]; then echo "ERROR: more than one xds image found, please set explicitly the image to use !" + echo "List of found images:" + echo "$VERSION_LIST" exit 1 - elif [ $VER_NUM -lt 1 ]; then + elif [ "$VER_NUM" -lt 1 ]; then echo "ERROR: cannot automatically retrieve image tag for $REGISTRY/$REPO/$NAME-$FLAVOUR" exit 1 fi - - VERSION=`docker images $REGISTRY/$REPO/$NAME-$FLAVOUR:* --format {{.Tag}}` - if [ "$VERSION" = "" ]; then + if [ "$VERSION_LIST" = "" ]; then echo "ERROR: cannot automatically retrieve image tag for $REGISTRY/$REPO/$NAME-$FLAVOUR" usage exit 1 fi - IMAGE=$REGISTRY/$REPO/$NAME-$FLAVOUR:$VERSION + IMAGE=$REGISTRY/$REPO/$NAME-$FLAVOUR:$VERSION_LIST fi USER=$(id -un) @@ -94,35 +131,45 @@ echo "Using instance ID #$ID (user $(id -un))" NAME=agl-xds-$(hostname|cut -f1 -d'.')-$ID-$USER -docker ps -a |grep "$NAME" > /dev/null -[ "$?" = "0" ] && { echo "Image name already exist ! (use -h option to read help)"; exit 1; } +if docker ps -a |grep "$NAME" > /dev/null; then + echo "Image name already exist ! (use -h option to read help)" + exit 1 +fi -MIRRORDIR=$HOME/ssd/localmirror_$ID -XDTDIR=$HOME/ssd/xdt_$ID -SHAREDDIR=$HOME/$DOCKER_USER/docker/share XDS_WKS=$HOME/xds-workspace +XDTDIR=$XDS_WKS/.xdt_$ID SSH_PORT=$((2222 + ID)) WWW_PORT=$((8000 + ID)) BOOT_PORT=$((69 + ID)) NBD_PORT=$((10809 + ID)) +# Delete container on error +creation_done=false +trap "cleanExit" 0 1 2 15 +cleanExit () +{ + if [ "$creation_done" != "true" ] && [ "$NO_CLEANUP" != "true" ]; then + echo "Error detected, remove unusable docker image ${NAME}" + docker rm -f "${NAME}" > /dev/null 2>&1 + fi +} + ### Create the new container -mkdir -p $MIRRORDIR $XDTDIR $SHAREDDIR $XDS_WKS || exit 1 -docker run \ +mkdir -p $XDS_WKS $XDTDIR || exit 1 +if ! docker run \ --publish=${SSH_PORT}:22 \ --publish=${WWW_PORT}:8000 \ --publish=${BOOT_PORT}:69/udp \ --publish=${NBD_PORT}:10809 \ --detach=true \ - --hostname=$NAME --name=$NAME \ + --hostname="$NAME" --name="$NAME" \ --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro \ - -v $MIRRORDIR:/home/$DOCKER_USER/mirror \ - -v $SHAREDDIR:/home/$DOCKER_USER/share \ -v $XDS_WKS:/home/$DOCKER_USER/xds-workspace \ -v $XDTDIR:/xdt \ - -it $IMAGE -if [ "$?" != "0" ]; then + $USER_VOLUME_OPTION \ + -it $IMAGE; +then echo "An error was encountered while creating docker container." exit 1 fi @@ -138,34 +185,72 @@ while [ $res -ne 0 ] && [ $count -le $max ]; do docker exec ${NAME} bash -c "systemctl status ssh" 2>/dev/null 1>&2 res=$? echo -n "." - count=$(expr $count + 1); + count=$((count + 1)); done echo -ssh-keygen -R [$(hostname)]:$SSH_PORT -f ~/.ssh/known_hosts -docker exec ${NAME} bash -c "mkdir -p /home/$DOCKER_USER/.ssh" -docker cp ~/.ssh/id_rsa.pub ${NAME}:/home/$DOCKER_USER/.ssh/authorized_keys -docker exec ${NAME} bash -c "chown $DOCKER_USER:$DOCKER_USER -R /home/$DOCKER_USER/.ssh ;chmod 0700 /home/$DOCKER_USER/.ssh; chmod 0600 /home/$DOCKER_USER/.ssh/*" -ssh -o StrictHostKeyChecking=no -p $SSH_PORT $DOCKER_USER@$(hostname) exit +[ -f ~/.ssh/known_hosts ] && { ssh-keygen -R "[localhost]:$SSH_PORT" -f ~/.ssh/known_hosts || exit 1; } +[ ! -f ~/.ssh/id_rsa.pub ] && { ssh-keygen -t rsa -f ~/.ssh/id_rsa -P "" > /dev/null || exit 1; } +docker exec ${NAME} bash -c "mkdir -p /home/$DOCKER_USER/.ssh" || exit 1 +docker cp -L ~/.ssh/id_rsa.pub ${NAME}:/home/$DOCKER_USER/.ssh/authorized_keys || exit 1 +docker exec ${NAME} bash -c "chown $DOCKER_USER:$DOCKER_USER -R /home/$DOCKER_USER/.ssh ;chmod 0700 /home/$DOCKER_USER/.ssh; chmod 0600 /home/$DOCKER_USER/.ssh/*" || exit 1 +ssh -n -o StrictHostKeyChecking=no -p $SSH_PORT $DOCKER_USER@localhost exit || exit 1 echo "You can now login using:" -echo " ssh -p $SSH_PORT $DOCKER_USER@$(hostname)" +echo " ssh -p $SSH_PORT $DOCKER_USER@localhost" + ### User / Group id if ($UPDATE_UID); then - echo "Setup docker user and group id to match yours" - docker exec -t ${NAME} bash -c "systemctl stop xds-server" || exit 1 - docker exec -t ${NAME} bash -c "usermod -u $(id -u) $DOCKER_USER && groupmod -g $(id -g) $DOCKER_USER" || exit 1 - docker exec -t ${NAME} bash -c "chown -R $DOCKER_USER:$DOCKER_USER /home/$DOCKER_USER /tmp/xds*" || exit 1 - docker exec -t ${NAME} bash -c "systemctl start xds-server" || exit 1 - docker exec -t ${NAME} bash -c "systemctl start xds-server" || exit 1 + echo -n "Setup docker user and group id to match yours " + + docker exec -t ${NAME} bash -c "/bin/loginctl kill-user devel" + res=3 + max=30 + count=0 + while [ $res -ne 1 ] && [ $count -le $max ]; do + sleep 1 + docker exec ${NAME} bash -c "loginctl user-status devel |grep sd-pam" 2>/dev/null 1>&2 + res=$? + echo -n "." + count=$((count + 1)); + done + + echo -n " ." + + # Set uid + if docker exec -t ${NAME} bash -c "id $(id -u)" > /dev/null 2>&1 && [ "$(id -u)" != "1664" ]; then + echo "Cannot set docker devel user id to your id: conflict id $(id -u) !" + exit 1 + fi + docker exec -t ${NAME} bash -c "usermod -u $(id -u) $DOCKER_USER" || exit 1 + echo -n "." + + # Set gid + if docker exec -t ${NAME} bash -c "grep $(id -g) /etc/group" > /dev/null 2>&1; then + docker exec -t ${NAME} bash -c "usermod -g $(id -g) $DOCKER_USER" || exit 1 + else + docker exec -t ${NAME} bash -c "groupmod -g $(id -g) $DOCKER_USER" || exit 1 + fi + echo -n "." + + docker exec -t ${NAME} bash -c "chown -R $DOCKER_USER:$DOCKER_USER /home/$DOCKER_USER" || exit 1 + echo -n "." + docker exec -t ${NAME} bash -c "chown -R $DOCKER_USER:$DOCKER_USER /tmp/xds*" + echo -n "." + docker exec -t ${NAME} bash -c "systemctl start autologin" + echo -n "." + ssh -n -p $SSH_PORT $DOCKER_USER@localhost "systemctl --user start xds-server" || exit 1 + echo "." + docker restart ${NAME} fi +creation_done=true + ### Force xds-server restart if ($FORCE_RESTART); then - echo "Stopping xds-server..." - docker exec -t ${NAME} bash -c "systemctl stop xds-server" || exit 1 - sleep 1 - echo "Starting xds-server..." - docker exec -t ${NAME} bash -c "systemctl start xds-server" || exit 1 + echo "Restart xds-server..." + ssh -n -p $SSH_PORT $DOCKER_USER@localhost "systemctl --user restart xds-server" || exit 1 fi + +echo "Done, docker container $NAME is ready to be used."