Created
March 10, 2021 16:59
-
-
Save jodh-intel/314dfec4f6bdf84bfa3b8034fb29431d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Copyright (c) 2021 Intel Corporation | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| #--------------------------------------------------------------------- | |
| # FIXME: - start trace forwarder! | |
| #--------------------------------------------------------------------- | |
| readonly script_name=${0##*/} | |
| # XXX: | |
| #default_distro="clearlinux" | |
| default_distro="centos" | |
| distro="${distro:-${default_distro}}" | |
| rootfs="${rootfs:-}" | |
| set -o errexit | |
| set -o nounset | |
| set -o pipefail | |
| set -o errtrace | |
| [ -n "${DEBUG:-}" ] && set -o xtrace | |
| [ -e ~/bin/libutil.sh ] && source ~/bin/libutil.sh | |
| usage() | |
| { | |
| cat <<EOT | |
| Usage: $script_name [options] | |
| Description: FIXME. | |
| Options: | |
| -h : Show this help statement. | |
| Notes: | |
| FIXME | |
| Examples: | |
| FIXME | |
| EOT | |
| } | |
| setup() | |
| { | |
| [ -z "$GOPATH" ] && die "need GOPATH" | |
| [ -z "$distro" ] && die "need distro" | |
| if [ -z "$rootfs" ] | |
| then | |
| local osbuilder_dir=$(goto_dir "tools/osbuilder" && echo "$PWD") | |
| rootfs="${osbuilder_dir}/${distro}_rootfs" | |
| fi | |
| local deps=() | |
| deps+=("chronic:moreutils") | |
| deps+=("crudini:crudini") | |
| local dep | |
| for dep in ${deps[@]} | |
| do | |
| local cmd=$(echo "$dep"|cut -d: -f1) | |
| local pkg=$(echo "$dep"|cut -d: -f2-) | |
| local result=$(command -v "$cmd" || true) | |
| [ -z "$result" ] && sudo apt -y install "$pkg" | |
| done | |
| # Install Kata if required | |
| kata-runtime &>/dev/null || \ | |
| bash -c "$(curl -fsSL \ | |
| https://raw.githubusercontent.com/kata-containers/kata-containers/main/utils/kata-manager.sh)" | |
| # Create local config | |
| handle_config | |
| } | |
| # 'cd' to the specified top-level repo sub-directory from an arbitrary repo | |
| # directory. | |
| goto_dir() | |
| { | |
| local dir="${1:-}" | |
| [ -z "$dir" ] && die "need sub-dir below repo root dir" | |
| local cwd="$PWD" | |
| local git_dir=$(git rev-parse --git-dir) | |
| local top_level_dir=$(echo "$git_dir"|sed 's/\.git$//g') | |
| [ -z "$top_level_dir" ] && top_level_dir="$cwd" | |
| #info "$top_level_dir" | |
| pushd "${top_level_dir}/${dir}" &>/dev/null | |
| } | |
| handle_config() | |
| { | |
| local cfg_file="/etc/kata-containers/configuration.toml" | |
| if [ ! -e "$cfg_file" ] | |
| then | |
| sudo mkdir -p $(dirname "$cfg_file") | |
| local cfg | |
| for cfg in \ | |
| "/opt/kata/share/defaults/kata-containers/configuration.toml" \ | |
| "/usr/share/defaults/kata-containers/configuration.toml" | |
| do | |
| [ -e "$cfg" ] && sudo cp "$cfg" "$cfg_file" && break | |
| done | |
| fi | |
| [ -e "$cfg_file" ] || die "cannot create local config file: $cfg_file" | |
| #---------------------------------------------------------------- | |
| # Enable debug | |
| # | |
| # Note: Don't use 'kata-manager.sh "enable-debug"' since this enables all | |
| # debug (including the problematic hypervisor debug - see below). | |
| sudo crudini --set "$cfg_file" agent.kata enable_debug 'true' | |
| sudo crudini --set "$cfg_file" runtime enable_debug 'true' | |
| # CRITICAL: XXX: For Kata 2.x, hypervisor debug *MUST* be *DISABLED*; if | |
| # enabled, it stops kata-debug.service from attaching to the console and | |
| # the socat call made on the client hangs until the VM is shut | |
| # down! | |
| sudo crudini --set "$cfg_file" hypervisor.qemu enable_debug 'false' | |
| #---------------------------------------------------------------- | |
| # Enable agent tracing | |
| sudo crudini --set "$cfg_file" agent.kata enable_tracing 'true' | |
| sudo crudini --set "$cfg_file" agent.kata trace_mode '"static"' | |
| } | |
| build_runtime() | |
| { | |
| info "Building runtime" | |
| goto_dir "src/runtime" | |
| make && sudo make install | |
| local file | |
| for file in \ | |
| "containerd-shim-kata-v2" \ | |
| "kata-runtime" | |
| do | |
| sudo ln -sf "/usr/local/bin/$file" /usr/bin | |
| done | |
| } | |
| handle_runtime() | |
| { | |
| build_runtime | |
| } | |
| build_agent() | |
| { | |
| info "Building agent" | |
| goto_dir "src/agent" | |
| make | |
| } | |
| handle_agent() | |
| { | |
| build_agent | |
| } | |
| install_agent_to_rootfs() | |
| { | |
| goto_dir "tools/osbuilder" | |
| info "Installing latest agent to rootfs" | |
| [ -d "$rootfs" ] || die "rootfs does not exist: $rootfs" | |
| # Install agent to osbuilder rootfs | |
| local dir="${rootfs}/etc/systemd/system/kata-agent.service.d/" | |
| sudo mkdir -p "$dir" | |
| # XXX: Now install latest version of the rust agent. | |
| local agent_dir="${PWD}/../../src/agent" | |
| local agent_binaries=$(find "${agent_dir}/target" -type f -name "kata-agent") | |
| local count=$(echo "$agent_binaries"|wc -l) | |
| [ "$count" -eq 1 ] || die "expected 1 agent binary found $count: $agent_binaries" | |
| local agent_binary=$(readlink -f "$agent_binaries") | |
| info "Adding agent $agent_binary to rootfs ($rootfs)" | |
| sudo install -o root -g root -m 0550 -t ${rootfs}/bin "${agent_binary}" | |
| sudo install -o root -g root -m 0440 \ | |
| "${agent_dir}/kata-agent.service" \ | |
| ${rootfs}/usr/lib/systemd/system/ | |
| sudo install -o root -g root -m 0440 \ | |
| "${agent_dir}/kata-containers.target" \ | |
| ${rootfs}/usr/lib/systemd/system/ | |
| } | |
| make_rootfs() | |
| { | |
| [ -z "$rootfs" ] && die "need rootfs" | |
| info "Making rootfs" | |
| goto_dir "tools/osbuilder" | |
| local pkgs=$(get_pkgs) | |
| local lockfile=".${rootfs}.done" | |
| # Required to ensure make actually builds something | |
| # in the scenario when an old rootfs has been deleted. | |
| sudo rm -f "$lockfile" | |
| # Build the default rootfs with the latest rust agent. | |
| sudo -E PATH="$PATH" \ | |
| GOPATH="$GOPATH" \ | |
| make \ | |
| USE_DOCKER="true" \ | |
| DISTRO="$distro" \ | |
| DISTRO_ROOTFS="$rootfs" \ | |
| EXTRA_PKGS="$pkgs" \ | |
| AGENT_INIT=no \ | |
| rootfs | |
| install_agent_to_rootfs | |
| } | |
| make_image() | |
| { | |
| [ -z "$rootfs" ] && die "need rootfs" | |
| [ -d "$rootfs" ] || die "rootfs does not exist: $rootfs" | |
| info "Making image" | |
| goto_dir "tools/osbuilder" | |
| sudo -E PATH="$PATH" \ | |
| GOPATH="$GOPATH" \ | |
| make USE_DOCKER="true" \ | |
| DISTRO="$distro" \ | |
| DISTRO_ROOTFS="$rootfs" \ | |
| image | |
| } | |
| install_image() | |
| { | |
| goto_dir "tools/osbuilder" | |
| info "Installing image" | |
| local image_name="kata-containers.img" | |
| [ -e "$image_name" ] || die "image does not exist: $image_name" | |
| #------------------------------ | |
| # Packaged version | |
| ##install_dir="/usr/share/kata-containers" | |
| # GitHub release version (static binaries) | |
| install_dir="/opt/kata/share/kata-containers/" | |
| #------------------------------ | |
| local commit=$(git log --format=%h -1 HEAD) | |
| local date=$(date +%Y-%m-%d-%T.%N%z) | |
| local image="kata-containers-${date}-${distro}-kata-containers.img${commit}" | |
| local dest="${install_dir}/${image}" | |
| sudo install -o root -g root -m 0640 -D "$image_name" "$dest" | |
| (cd "$install_dir" && sudo ln -sf "$image" "$image_name") | |
| info "Image installed at $dest (and linked as $image_name)" | |
| sudo rm "$image_name" | |
| } | |
| get_pkgs() | |
| { | |
| local pkgs=() | |
| if [ "$distro" = "clearlinux" ]; then | |
| pkgs+=("bash-bin") | |
| pkgs+=("binutils") | |
| pkgs+=("coreutils-bin") | |
| pkgs+=("curl-bin") | |
| pkgs+=("gdb-bin") | |
| pkgs+=("grep-bin") | |
| pkgs+=("htop-bin") | |
| pkgs+=("iproute2-bin") | |
| pkgs+=("kmod-bin") | |
| pkgs+=("less-bin") | |
| pkgs+=("make-bin") | |
| pkgs+=("nano-bin") | |
| pkgs+=("ncurses-bin") | |
| pkgs+=("net-tools-bin") | |
| pkgs+=("nmap-bin") | |
| pkgs+=("pigz-bin") | |
| pkgs+=("procps-ng-bin") | |
| pkgs+=("psstop-bin") | |
| pkgs+=("sed-bin") | |
| pkgs+=("socat-bin") | |
| pkgs+=("strace-bin") | |
| pkgs+=("tar-bin") | |
| pkgs+=("util-linux-bin") | |
| pkgs+=("vim-bin") | |
| pkgs+=("which-bin") | |
| pkgs+=("xz-bin") | |
| elif [ "$distro" = "centos" ]; then | |
| pkgs+=("bash") | |
| pkgs+=("binutils") | |
| pkgs+=("busybox") | |
| pkgs+=("coreutils") | |
| pkgs+=("curl") | |
| pkgs+=("gdb") | |
| pkgs+=("grep") | |
| pkgs+=("htop") | |
| pkgs+=("iproute") | |
| pkgs+=("kmod-bin") | |
| pkgs+=("less") | |
| pkgs+=("make") | |
| pkgs+=("nano") | |
| pkgs+=("net-tools") | |
| pkgs+=("nmap") | |
| pkgs+=("pigz") | |
| pkgs+=("procps-ng") | |
| pkgs+=("rust-gdb") | |
| pkgs+=("sed") | |
| pkgs+=("socat") | |
| pkgs+=("strace") | |
| pkgs+=("tar") | |
| pkgs+=("util-linux") | |
| pkgs+=("xz") | |
| else | |
| die "need to define packages for distro '$distro'" | |
| fi | |
| echo "${pkgs[@]}" | |
| } | |
| handle_image() | |
| { | |
| handle_agent | |
| make_rootfs | |
| make_image | |
| install_image | |
| } | |
| handle_rootfs() | |
| { | |
| goto_dir "tools/osbuilder" | |
| make_rootfs | |
| } | |
| handle_agent_update() | |
| { | |
| handle_agent | |
| install_agent_to_rootfs | |
| } | |
| handle_rootfs_update() | |
| { | |
| handle_agent_update | |
| make_rootfs | |
| } | |
| handle_image_update() | |
| { | |
| handle_agent | |
| install_agent_to_rootfs | |
| make_image | |
| install_image | |
| } | |
| handle_all() | |
| { | |
| handle_runtime | |
| handle_image | |
| } | |
| handle_args() | |
| { | |
| local cmd="${1:-}" | |
| case "$cmd" in | |
| # XXX: the useful one! | |
| add-agent-to-image) handle_image_update ;; | |
| add-agent-to-rootfs) handle_agent_update ;; | |
| agent) handle_agent ;; | |
| all) handle_all ;; | |
| image-from-rootfs) handle_rootfs_update ;; | |
| install-image) install_image ;; | |
| new-image) handle_image ;; | |
| new-rootfs) handle_rootfs ;; | |
| runtime) handle_runtime ;; | |
| *) die "invalid command: '$cmd'" ;; | |
| esac | |
| } | |
| main() | |
| { | |
| local cmd="${1:-}" | |
| case "$cmd" in | |
| -h|--help|help) usage; exit 0 ;; | |
| esac | |
| setup | |
| handle_args "$@" | |
| } | |
| main "$@" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment