aboutgitcode
diff options
context:
space:
mode:
authorStefano Brivio <sbrivio@redhat.com>2022-03-30 03:50:32 +0200
committerStefano Brivio <sbrivio@redhat.com>2022-04-05 18:23:05 +0200
commit7fae5d75e19c9d6337038da2301c7619db1d030b (patch)
tree5c85132de075ec57bd9a09b37172afa1f5b1c97d
parent3c3d81e5a001b82fadb75607b35b303e4c46f7bf (diff)
downloadmbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar.gz
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar.bz2
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar.lz
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar.xz
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.tar.zst
mbuto-7fae5d75e19c9d6337038da2301c7619db1d030b.zip
mbuto: Make it independent from Kata Containers
It already serves other purposes. Make 'kata' and 'kata_debug' explicit profiles, create a base one, and drop the 'pbench' profile which wasn't really used. Output templates are also defined by profiles. This allows convenient usage in a subshell, e.g.: kvm -kernel ... -initrd $(mbuto) Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rwxr-xr-xmbuto207
1 files changed, 123 insertions, 84 deletions
diff --git a/mbuto b/mbuto
index f3fb96c..45a12e5 100755
--- a/mbuto
+++ b/mbuto
@@ -4,12 +4,12 @@
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
+# Copyright (c) 2020-2022 Red Hat GmbH
# Author: Stefano Brivio <sbrivio@redhat.com>
#
# This script builds Linux initramfs images suitable for lightweight VM
-# environments (Kata Containers in particular), without relying on
-# distribution-specific tools (dracut, debootstrap, mkinitramfs, etc.) or
-# containerised environments.
+# environments, without relying on distribution-specific tools (dracut,
+# debootstrap, mkinitramfs, etc.) or containerised environments.
#
# Programs are sourced from the host, together with required dynamic libraries.
# Kernel modules, links, and initial device nodes are configured manually. A
@@ -23,9 +23,7 @@
### Configuration ##############################################################
-# Programs sourced together with linked libraries, alternatives with commas
-PROGS="${PROGS:-kata-agent ash,dash,bash ip mount ls modprobe insmod mkdir
- nsenter ln}"
+# Programs: see profile_base() below for an example.
# Libraries commonly loaded via dlopen(3) (strictly needed for basic tasks)
LIBS_DLOPEN="${LIBS_DLOPEN:-
@@ -33,14 +31,9 @@ LIBS_DLOPEN="${LIBS_DLOPEN:-
libc.so.6 libnss_files.so.2
}"
-# Links: installed target program, then link name, one per line
-LINKS="${LINKS:-
- kata-agent /init
- ash,dash,bash /bin/sh
-}"
+# Links: see profile_base().
-# List of kernel modules
-KMODS="${KMODS:-vmw_vsock_virtio_transport virtio_net virtiofs vfio virtio_pci}"
+# Kernel modules: see profile_base().
# Device nodes, one per line, NAME TYPE MAJOR MINOR supported, copied otherwise
NODES="${NODES:-
@@ -60,14 +53,14 @@ DIRS="${DIRS:-/proc /sys}"
COPIES="${COPIES:-}"
# Fix-up script to run before /init, can be omitted
-FIXUP='#!/bin/sh
+[ -z "${FIXUP}" ] && FIXUP='#!/bin/sh
-export PATH=${PATH}:/bin:/usr/bin:/sbin:/usr/sbin
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
mount -t proc proc /proc
mount -t sysfs sys /sys
-for m in '${KMODS}'; do
+for m in __KMODS__; do
modprobe ${m}
done
mount -t devtmpfs dev /dev
@@ -75,16 +68,6 @@ mount -t devtmpfs dev /dev
mkdir /dev/pts
mount -t devpts pts /dev/pts
-mkdir -p /sys/fs/cgroup
-mount -t tmpfs cgroup /sys/fs/cgroup
-mkdir /sys/fs/cgroup/unified
-mount -o rw,nsdelegate -t cgroup2 cgroup /sys/fs/cgroup/unified
-
-for t in cpu,cpuacct blkio memory perf_event pids cpuset freezer devices; do
- mkdir /sys/fs/cgroup/${t}
- mount -o rw,${t} -t cgroup cgroup /sys/fs/cgroup/${t}
-done
-
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968199
ln -sf /proc/self/fd /dev/fd
ln -sf /dev/fd/0 /dev/stdin
@@ -92,75 +75,127 @@ ln -sf /dev/fd/1 /dev/stdout
ln -sf /dev/fd/2 /dev/stderr
'
-# Profile spawning interactive shell before init, for debugging purposes
-profile_shell() {
- PROGS="${PROGS} bash cat chmod lsmod modprobe find grep mknod mv rm
- umount"
+# Start a shell, nothing else
+profile_base() {
+ # Programs sourced with linked libraries, alternatives with commas
+ PROGS="${PROGS:-ash,dash,bash mount mkdir ln}"
+
+ # Links: installed target program, then link name, one per line
+ LINKS="${LINKS:-
+ ash,dash,bash /bin/sh
+ ash,dash,bash /init}"
+
+ # List of kernel modules
+ KMODS="${KMODS:-}"
+
+ FIXUP="${FIXUP}
+ sh +m
+"
+
+ # Output (stdout) template keywords: __INITRD__ and __KERNEL__
+ OUTPUT="__INITRD__
+"
+}
+
+# Profile spawning bash, for general usage
+profile_bash() {
+ PROGS="${PROGS:-bash cat chmod lsmod modprobe find grep mkdir mknod mv
+ ls ip ln rm mount umount ps strace}"
+
+ LINKS="${LINKS:-
+ bash /bin/sh
+ bash /init}"
+
+ KMODS="${KMODS:-virtio_net virtio_pci}"
+
NODES="${NODES}
tty
ttyS0"
+
+ OUTPUT="__INITRD__
+"
+}
+
+# Base profile for Kata Containers (https://katacontainers.io/)
+profile_kata() {
+ PROGS="${PROGS:-kata-agent ash,dash,bash mount modprobe mkdir ln}"
+
+ KMODS="${KMODS:-vmw_vsock_virtio_transport virtio_net virtiofs vfio
+ virtio_pci}"
+ LINKS="${LINKS:-
+ ash,dash,bash /bin/sh
+ kata-agent /init}"
+
+ FIXUP="${FIXUP}"'
+ mkdir -p /sys/fs/cgroup
+ mount -t tmpfs cgroup /sys/fs/cgroup
+ mkdir /sys/fs/cgroup/unified
+ mount -o rw,nsdelegate -t cgroup2 cgroup /sys/fs/cgroup/unified
+
+ for t in cpu,cpuacct blkio memory perf_event pids cpuset \
+ freezer devices; do
+ mkdir /sys/fs/cgroup/${t}
+ mount -o rw,${t} -t cgroup cgroup /sys/fs/cgroup/${t}
+ done
+ '
+
+ OUTPUT="Kata Containers [hypervisor.qemu] configuration:
+
+ kernel = \"__KERNEL__\"
+ initrd = \"__INITRD__\"
+"
+}
+
+# Debugging profile for Kata Containers: start shell before kata-agent
+profile_kata_debug() {
+ PROFILE_LIST="${PROFILE_LIST} kata_debug"
+
+ profile_kata
+
+ PROGS="${PROGS} ash,dash,bash cat ip ls strace insmod nsenter"
+
+ LINKS="${LINKS}
+ ash,dash,bash /bin/sh"
+
FIXUP="${FIXUP}
- bash"
+ echo Starting interactive shell, exit to spawn kata-agent
+ sh +m
+ "
}
# Profile for passt (https://passt.top) tests
profile_passt() {
- PROGS="ash,dash,bash ip mount ls insmod mkdir ln cat chmod lsmod
- modprobe find grep mknod mv rm umount udhcpc jq iperf3
+ PROGS="${PROGS}:-ash,dash,bash ip mount ls insmod mkdir ln cat chmod
+ lsmod modprobe find grep mknod mv rm umount udhcpc jq iperf3
dhclient busybox logger sed tr chown sipcalc cut md5sum
nc dd strace ping tail killall sleep sysctl nproc
tcp_rr tcp_crr udp_rr which tee seq bc"
- LINKS="
+
+ KMODS="${KMODS:- virtio_net virtio_pci}"
+
+ LINKS="${LINKS:-
ash,dash,bash /init
ash,dash,bash /bin/sh
- ash,dash,bash /usr/bin/bash
- "
+ ash,dash,bash /usr/bin/bash}"
+
NODES="${NODES}
tty
ttyS0"
+
DIRS="${DIRS}
/tmp"
- COPIES="/etc/udhcpc/default.script
+
+ COPIES="${COPIES}
+ /etc/udhcpc/default.script
/sbin/dhclient-script"
+
FIXUP="${FIXUP}
- :> /etc/fstab
- sh +m"
-}
-
-# Profile to install pbench-server from Fedora packages, spawn shell before init
-profile_pbench() {
- PROGS="${PROGS} bash env grep sed p11-kit cat mkdir chown chmod
- basename hostname vim"
- LINKS="
- bash /init
- bash /bin/sh
- bash /usr/bin/bash
- "
-
- __f32="https://download.fedoraproject.org/pub/fedora/linux/releases/32"
- __f32pkg="${__f32}/Everything/x86_64/os/Packages"
- __copr="https://copr-be.cloud.fedoraproject.org"
- __ndokos="${__copr}/results/ndokos/pbench/fedora-32-x86_64"
- PKGS="
- ${__ndokos}/01496531-fio/fio-3.19-1.x86_64.rpm
- ${__f32pkg}/p/python3-libs-3.8.2-2.fc32.i686.rpm
- ${__f32pkg}/p/python3-3.8.2-2.fc32.x86_64.rpm
- ${__f32pkg}/t/tzdata-2019c-3.fc32.noarch.rpm
- ${__f32pkg}/c/ca-certificates-2020.2.40-3.fc32.noarch.rpm
- ${__f32pkg}/p/python3-pysocks-1.7.1-4.fc32.noarch.rpm
- ${__f32pkg}/p/python3-idna-2.8-6.fc32.noarch.rpm
- ${__f32pkg}/p/python3-urllib3-1.25.7-3.fc32.noarch.rpm
- ${__f32pkg}/p/python3-six-1.14.0-2.fc32.noarch.rpm
- ${__f32pkg}/p/python3-dateutil-2.8.0-8.fc32.noarch.rpm
- ${__f32pkg}/p/python3-s3transfer-0.3.3-1.fc32.noarch.rpm
- ${__f32pkg}/p/python3-docutils-0.15.2-4.fc32.noarch.rpm
- ${__f32pkg}/p/python3-jmespath-0.9.4-4.fc32.noarch.rpm
- ${__f32pkg}/p/python3-botocore-1.14.17-2.fc32.noarch.rpm
- ${__f32pkg}/p/python3-boto3-1.11.17-1.fc32.noarch.rpm
- ${__ndokos}/01506210-pbench-server/pbench-server-0.69.2-2g5c0ea483.noarch.rpm
- "
- FIXUP="${FIXUP}
- sh"
+ set +m
+ :> /etc/fstab"
+
+ OUTPUT="KERNEL=__KERNEL__
+INITRD=__INITRD__
+"
}
################################################################################
@@ -252,9 +287,11 @@ fixup_apply() {
if [ -n "${SCRIPT}" ]; then
"${CP}" "${SCRIPT}"
else
- echo "${FIXUP}" > "${wd}/init"
+ KMODS="$(echo ${KMODS} | tr -d '\n')"
+ printf "%s" "${FIXUP}" | \
+ sed 's,__KMODS__,'"${KMODS}"',g' > "${wd}/init"
fi
- echo "/${__call}" >> "${wd}/init"
+ echo "${__call}" >> "${wd}/init"
"${CHMOD}" 755 "${wd}/init"
}
@@ -798,11 +835,9 @@ cmds() {
stats
- notice "Kata Containers [hypervisor.qemu] configuration:"
- notice
- notice " kernel = \"/boot/vmlinuz-${KERNEL}\""
- notice " initrd = \"$("${REALPATH}" "${OUT}")\""
- notice
+ printf "%s" "${OUTPUT}" | \
+ sed 's,__INITRD__,'"$("${REALPATH}" "${OUT}")"',g' | \
+ sed 's,__KERNEL__,/boot/vmlinuz-'"${KERNEL}"',g'
if [ -n "${ARCHIVEMOUNT}" ]; then
trap - EXIT
@@ -826,7 +861,9 @@ usage() {
echo " -m PATH"
echo " relative root for /lib/modules. Default: /"
echo " -p PROFILE"
- echo " select profile for add-ons (see profile_*() in script)"
+ echo " select profile for add-ons, one of:"
+ echo " base bash kata kata_debug passt"
+ echo " Default: base"
echo " -s SCRIPT|-"
echo " fix-up script to run before init, '-' for none"
echo " -v: verbose"
@@ -868,7 +905,7 @@ usage() {
echo " Build a new image including grep and needed libraries"
echo " ${0} -f kata.img zsh_5.6.2-3_amd64.deb"
echo " Install zsh package to pre-existing kata.img"
- echo " ${0} -v -f kata.img -p shell -c lz4"
+ echo " ${0} -v -f kata.img -p kata_debug -c lz4"
echo " Use lz4 compression, run a shell before proceeding"
exit 1
}
@@ -901,6 +938,8 @@ while getopts c:df:k:m:p:s:vh __opt; do
done
shift $((OPTIND - 1))
+[ -z "${PROFILE}" ] && PROFILE="base"
+
# Check needed tools, exit if any is missing
for __l in ${TOOLS}; do
cmd_check "${__l}"