LXCize basic runtimes

This commit is contained in:
Disassembler 2018-09-04 22:45:52 +02:00
parent b6ac14880b
commit 3a6011aad4
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
11 changed files with 51 additions and 92 deletions

View File

@ -4,15 +4,49 @@ set -e
SOURCE_DIR=$(realpath $(dirname "${0}"))/basic-runtimes SOURCE_DIR=$(realpath $(dirname "${0}"))/basic-runtimes
# Build basic Alpine image # Build basic Alpine image
mkdir -p /var/lib/lxc/build/alpine mkdir -p /var/lib/lxc/build
wget https://github.com/gliderlabs/docker-alpine/raw/2bfe6510ee31d86cfeb2f37587f4cf866f28ffbc/versions/library-3.8/x86_64/rootfs.tar.xz -O - | tar xJf - -C /var/lib/lxc/build/rootfs mkdir -p /var/lib/lxc/shared/alpine
wget https://github.com/gliderlabs/docker-alpine/raw/2bfe6510ee31d86cfeb2f37587f4cf866f28ffbc/versions/library-3.8/x86_64/rootfs.tar.xz -O - | tar xJf - -C /var/lib/lxc/shared/alpine
touch /var/lib/lxc/shared/alpine/etc/resolv.conf
cp ${SOURCE_DIR}/var/lib/lxc/build/config /var/lib/lxc/build/config cp ${SOURCE_DIR}/var/lib/lxc/build/config /var/lib/lxc/build/config
lxc-execute -n build -- /bin/sh -c 'apk --no-cache add s6' lxc-execute -n build -- /bin/sh -c 'apk --no-cache add s6'
# Build Docker images # Build Java overlay
docker build -t java ${SOURCE_DIR}/java mkdir /var/lib/lxc/shared/java
docker build -t php ${SOURCE_DIR}/php sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/java|' /var/lib/lxc/build/config
docker build -t python2 ${SOURCE_DIR}/python2 lxc-execute -n build -- /bin/sh -c 'apk --no-cache add openjdk8-jre-base'
docker build -t python3 ${SOURCE_DIR}/python3
docker build -t ruby ${SOURCE_DIR}/ruby # Build PHP overlay
docker build -t tomcat ${SOURCE_DIR}/tomcat mkdir /var/lib/lxc/shared/php
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/php|' /var/lib/lxc/build/config
lxc-execute -n build -- /bin/sh -c 'apk --no-cache add nginx php7 php7-ctype php7-fpm php7-gd php7-json php7-mbstring php7-mcrypt php7-opcache php7-session'
# Build libxml overlay
mkdir /var/lib/lxc/shared/libxml
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/libxml|' /var/lib/lxc/build/config
lxc-execute -n build -- /bin/sh -c 'apk --no-cache add libxml2 libxslt'
# Build Python2 overlay
mkdir /var/lib/lxc/shared/python2
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/libxml:/var/lib/lxc/shared/python2|' /var/lib/lxc/build/config
lxc-execute -n build -- /bin/sh -c 'apk --no-cache add python2'
# Build Python3 overlay
mkdir /var/lib/lxc/shared/python3
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/libxml:/var/lib/lxc/shared/python3|' /var/lib/lxc/build/config
lxc-execute -n build -- /bin/sh -c 'apk --no-cache add python3 && ln -s /usr/bin/python3 /usr/bin/python'
# Build Ruby overlay
mkdir /var/lib/lxc/shared/ruby
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/ruby|' /var/lib/lxc/build/config
cp -p ${SOURCE_DIR}/ruby.sh /var/lib/lxc/shared/ruby/ruby.sh
lxc-execute -n build -- /ruby.sh
rm /var/lib/lxc/shared/ruby/ruby.sh
# Build Tomcat overlay
mkdir /var/lib/lxc/shared/tomcat
sed -i 's|^lxc\.rootfs\.path.*|lxc.rootfs.path = overlay:/var/lib/lxc/shared/alpine:/var/lib/lxc/shared/java:/var/lib/lxc/shared/tomcat|' /var/lib/lxc/build/config
cp -p ${SOURCE_DIR}/tomcat.sh /var/lib/lxc/shared/tomcat/tomcat.sh
lxc-execute -n build -- /tomcat.sh
rm /var/lib/lxc/shared/tomcat/ruby.sh
cp -rp ${SOURCE_DIR}/tomcat/ /var/lib/lxc/shared/tomcat/

View File

@ -1,6 +0,0 @@
FROM alpine
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install Java 1.8 JRE
apk --no-cache add openjdk8-jre-base

View File

@ -1,6 +0,0 @@
FROM alpine
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install PHP runtime
apk --no-cache add nginx php7 php7-ctype php7-fpm php7-gd php7-json php7-mbstring php7-mcrypt php7-opcache php7-session

View File

@ -1,10 +0,0 @@
FROM alpine
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install XML libs
apk --no-cache add libxml2 libxslt
RUN \
# Install Python2 runtime
apk --no-cache add python2

View File

@ -1,11 +0,0 @@
FROM alpine
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install XML libs
apk --no-cache add libxml2 libxslt
RUN \
# Install Python3 runtime
apk --no-cache add python3 \
&& ln -s /usr/bin/python3 /usr/bin/python

View File

@ -1,33 +0,0 @@
FROM alpine
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install Ruby runtime dependencies
apk --no-cache add gdbm libressl readline zlib
RUN \
# Install Ruby build dependencies
apk --no-cache add --virtual .deps build-base autoconf gdbm-dev libressl-dev linux-headers readline-dev zlib-dev \
# Download and unpack Ruby
&& wget http://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.6.tar.xz -O ruby.tar.xz \
&& mkdir -p /usr/src/ruby \
&& tar -xJf ruby.tar.xz -C /usr/src/ruby --strip-components=1 \
&& rm ruby.tar.xz \
&& cd /usr/src/ruby \
# Hackfix to suppress "Insecure world writable dir" warning
&& sed -ni 'p;13a #define ENABLE_PATH_CHECK 0' file.c \
# Configure compilation + hackfix to detect isnan/isinf macros
&& autoconf \
&& ac_cv_func_isnan=yes ac_cv_func_isinf=yes ./configure --build=x86_64-linux-musl --disable-install-doc --enable-shared \
# Compile and install Ruby
&& make -j $(nproc) \
&& make install \
# Install RubyGems and Bundler
&& mkdir -p /usr/local/etc \
&& echo -e 'install: --no-document\nupdate: --no-document' >/usr/local/etc/gemrc \
&& gem update --system \
# Cleanup
&& cd /tmp \
&& rm -r /usr/src/ruby \
&& apk --no-cache del .deps \
&& rm -rf /root/.gem

View File

@ -1,15 +0,0 @@
FROM java
LABEL maintainer="Disassembler <disassembler@dasm.cz>"
RUN \
# Install Tomcat 8
wget http://mirror.hosting90.cz/apache/tomcat/tomcat-8/v8.0.53/bin/apache-tomcat-8.0.53.tar.gz -O /tmp/apache-tomcat-8.tgz \
&& tar xf /tmp/apache-tomcat-8.tgz -C /srv \
&& mv /srv/apache-tomcat-8.0.53 /srv/tomcat \
# Make catalina.sh available globally
&& ln -s /srv/tomcat/bin/catalina.sh /usr/bin/catalina.sh \
# Cleanup
&& rm -rf /srv/tomcat/webapps/ROOT /srv/tomcat/webapps/docs /srv/tomcat/webapps/examples /srv/tomcat/webapps/host-manager /srv/tomcat/webapps/manager \
&& rm -f /tmp/apache-tomcat-8.tgz
COPY docker/ /

View File

@ -9,7 +9,7 @@ lxc.net.0.ipv4.address = 172.17.0.2/16
lxc.net.0.ipv4.gateway = auto lxc.net.0.ipv4.gateway = auto
# Volumes # Volumes
lxc.rootfs.path = /var/lib/lxc/build/rootfs lxc.rootfs.path = /var/lib/lxc/shared/alpine
# Mounts # Mounts
lxc.mount.entry = /etc/hosts etc/hosts none bind 0 0 lxc.mount.entry = /etc/hosts etc/hosts none bind 0 0

View File

@ -60,10 +60,16 @@ vmmgr create-selfsigned
cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf
# Configure services # Configure services
for SERVICE in consolefont crond nginx ntpd lxc sshd swap vmmgr; do for SERVICE in consolefont crond nginx ntpd lxc swap vmmgr; do
rc-update add ${SERVICE} boot rc-update add ${SERVICE} boot
service ${SERVICE} start service ${SERVICE} start
done done
# Configure services for DEBUG mode
if [ ${DEBUG:-0} -eq 1 ]; then
rc-update add sshd boot
service sshd start
fi
# Set dummy host and generate related files # Set dummy host and generate related files
vmmgr update-host spotter.vm 443 vmmgr update-host spotter.vm 443