From 93222fc2af169e07c151728497832547eabc3614 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 13:50:01 +0100 Subject: Remove old squid PID Sometimes the old squid PID prevent squid from starting. --- squid/entrypoint.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/squid/entrypoint.sh b/squid/entrypoint.sh index 560d206..70bdf6e 100644 --- a/squid/entrypoint.sh +++ b/squid/entrypoint.sh @@ -1,5 +1,10 @@ #!/bin/bash +if [ -e /var/run/squid.pid ];then + #echo "DEBUG: Removed old squid PID" + rm /var/run/squid.pid +fi + # Create cache FS if [ ! -e /var/spool/squid/00 ];then squid -z || exit $? -- cgit 1.2.3-korg From bef146de0b531182b09a43f366fa2b8318ffe52b Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:12:33 +0100 Subject: Move XNBD ports outside of dynamic port range Under Linux, dynamic port range is 32768-60999, so a clash is possible with XNBD port range. Furthermore XNBD constants file have changed in 2017.11 --- docker-compose.template | 2 +- lava-slave/Dockerfile | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/docker-compose.template b/docker-compose.template index d7986ec..218253b 100644 --- a/docker-compose.template +++ b/docker-compose.template @@ -29,7 +29,7 @@ services: ports: - "69:69/udp" - "80:80" - - "55980-56000:55980-56000" + - "61950-62000:61950-62000" links: - "lava-master" squid: diff --git a/lava-slave/Dockerfile b/lava-slave/Dockerfile index 5e0f3cb..a5e1bbf 100644 --- a/lava-slave/Dockerfile +++ b/lava-slave/Dockerfile @@ -60,8 +60,9 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get -y install postgresql RUN service postgresql start && DEBIAN_FRONTEND=noninteractive apt-get -y install lavapdu-daemon lavapdu-client && service postgresql stop COPY lavapdu.conf /etc/lavapdu/ -#TODO made this customizable, 1000 ports by default is too much -RUN sed -i 's,XNBD_PORT_RANGE_MIN.*,XNBD_PORT_RANGE_MIN=55950,' /usr/lib/python2.7/dist-packages/lava_dispatcher/pipeline/utils/constants.py +# Caution to not use any port between the Linux dynamic port range: 32768-60999 +RUN sed -i 's,XNBD_PORT_RANGE_MIN.*,XNBD_PORT_RANGE_MIN=61950,' /usr/lib/python2.7/dist-packages/lava_dispatcher/utils/constants.py +RUN sed -i 's,XNBD_PORT_RANGE_MAX.*,XNBD_PORT_RANGE_MAX=62000,' /usr/lib/python2.7/dist-packages/lava_dispatcher/utils/constants.py EXPOSE 69/udp 80 -- cgit 1.2.3-korg From a8fdfe2d0c14494735b78e7cd94d6dd6afc3881e Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:14:42 +0100 Subject: Remove unused port 1022:22 --- docker-compose.template | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-compose.template b/docker-compose.template index 218253b..21f9231 100644 --- a/docker-compose.template +++ b/docker-compose.template @@ -11,7 +11,6 @@ services: - "/dev/kvm:/dev/kvm" ports: - "10080:80" - - "1022:22" - "5555:5555" - "5556:5556" volumes: -- cgit 1.2.3-korg From 83781cf3177ae2928221c424caeb2bd880d6cc6c Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:16:22 +0100 Subject: Use cu package from testing Some boards need cu > 1.07-24 It exists only in debian testing, so add a hack for getting it. --- lava-slave/Dockerfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lava-slave/Dockerfile b/lava-slave/Dockerfile index a5e1bbf..d2f3191 100644 --- a/lava-slave/Dockerfile +++ b/lava-slave/Dockerfile @@ -64,6 +64,12 @@ COPY lavapdu.conf /etc/lavapdu/ RUN sed -i 's,XNBD_PORT_RANGE_MIN.*,XNBD_PORT_RANGE_MIN=61950,' /usr/lib/python2.7/dist-packages/lava_dispatcher/utils/constants.py RUN sed -i 's,XNBD_PORT_RANGE_MAX.*,XNBD_PORT_RANGE_MAX=62000,' /usr/lib/python2.7/dist-packages/lava_dispatcher/utils/constants.py +#conmux need cu >= 1.07-24 See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336996 +RUN echo "deb http://debian.proxad.net/debian/ testing main" >> /etc/apt/sources.list.d/testing.list +RUN apt-get update +RUN DEBIAN_FRONTEND=noninteractive apt-get -y install cu +RUN rm /etc/apt/sources.list.d/testing.list + EXPOSE 69/udp 80 CMD /start.sh -- cgit 1.2.3-korg From 94a6a8e07e3d7e6c3233554dae2056687590b651 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:17:59 +0100 Subject: Disable CSRF cookie When working with HTTP interface, it is impossible to login. Ths patch also document that in Readme.md --- README.md | 2 +- lava-master/Dockerfile | 3 +++ lava-master/settings.conf | 16 ++++++++++++++++ 3 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 lava-master/settings.conf diff --git a/README.md b/README.md index 637662c..11c2aa9 100644 --- a/README.md +++ b/README.md @@ -98,4 +98,4 @@ Note that this container provides defaults which are unsecure. If you plan on de * Changing the default admin password * Using HTTPS - + * Re-enable CSRF cookie (disabled in lava-master/Dockerfile) diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile index 2dd44b0..4705e45 100644 --- a/lava-master/Dockerfile +++ b/lava-master/Dockerfile @@ -78,6 +78,9 @@ RUN /start.sh && /setup.sh && /stop.sh #uncomment if you want to use squid #RUN sed -i 's,^.*http_proxy:.*, http_proxy: http://squid:3128,' /etc/lava-server/env.yaml +#comment this if you do HTTPS (For reenabling CSRF cookie) +COPY settings.conf /etc/lava-server/ + EXPOSE 69/udp 80 3079 5555 5556 CMD /start.sh && bash diff --git a/lava-master/settings.conf b/lava-master/settings.conf new file mode 100644 index 0000000..c809e2c --- /dev/null +++ b/lava-master/settings.conf @@ -0,0 +1,16 @@ +{ + "DEBUG": false, + "STATICFILES_DIRS": [ + ["lava-server", "/usr/share/pyshared/lava_server/htdocs/"] + ], + "MEDIA_ROOT": "/var/lib/lava-server/default/media", + "ARCHIVE_ROOT": "/var/lib/lava-server/default/archive", + "STATIC_ROOT": "/usr/share/lava-server/static", + "STATIC_URL": "/static/", + "MOUNT_POINT": "/", + "HTTPS_XML_RPC": false, + "LOGIN_URL": "/accounts/login/", + "LOGIN_REDIRECT_URL": "/", + "CSRF_COOKIE_SECURE": false, + "SESSION_COOKIE_SECURE": false +} -- cgit 1.2.3-korg From b2de2b9347e0e7f31be336d865263524c86c71b3 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:22:28 +0100 Subject: Fix libguestfs on slave Libguestfs actions are done by the dispatcher, so the slave must be able to do them. In the same time, add a TODO for setting volumes as read_only. --- docker-compose.template | 6 +++++- lava-master/Dockerfile | 2 ++ lava-slave/Dockerfile | 1 + 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/docker-compose.template b/docker-compose.template index 21f9231..b88ed85 100644 --- a/docker-compose.template +++ b/docker-compose.template @@ -14,7 +14,7 @@ services: - "5555:5555" - "5556:5556" volumes: -# boot and /lib/modules are for libguestfs +# boot and /lib/modules are for libguestfs (TODO set them read_only with docker-compose 3.0) - "/boot:/boot" - "/lib/modules:/lib/modules" lava-slave: @@ -29,6 +29,10 @@ services: - "69:69/udp" - "80:80" - "61950-62000:61950-62000" + volumes: +# boot and /lib/modules are for libguestfs (TODO set them read_only with docker-compose 3.0) + - "/boot:/boot" + - "/lib/modules:/lib/modules" links: - "lava-master" squid: diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile index 4705e45..be8a3b7 100644 --- a/lava-master/Dockerfile +++ b/lava-master/Dockerfile @@ -13,12 +13,14 @@ RUN echo 'lava-server lava-server/instance-name string lava-docker-instance' | && echo 'locales locales/locales_to_be_generated multiselect C.UTF-8 UTF-8, en_US.UTF-8 UTF-8 ' | debconf-set-selections \ && echo 'locales locales/default_environment_locale select en_US.UTF-8' | debconf-set-selections +# e2fsprogs is for libguestfs RUN DEBIAN_FRONTEND=noninteractive apt-get -y install \ locales \ postgresql \ screen \ sudo \ wget \ + e2fsprogs \ gnupg \ vim diff --git a/lava-slave/Dockerfile b/lava-slave/Dockerfile index d2f3191..fcaa0cc 100644 --- a/lava-slave/Dockerfile +++ b/lava-slave/Dockerfile @@ -6,6 +6,7 @@ RUN apt-get update COPY scripts/stop.sh . COPY scripts/start.sh . +# e2fsprogs is for libguestfs RUN \ echo 'lava-server lava-server/instance-name string lava-slave-instance' | debconf-set-selections && \ echo 'locales locales/locales_to_be_generated multiselect C.UTF-8 UTF-8, en_US.UTF-8 UTF-8 ' | debconf-set-selections && \ -- cgit 1.2.3-korg From 34c6269457b8075f2951c37ca2a1901bd71379ea Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:27:47 +0100 Subject: qemu: Some arch does not have kvm Since some arch does not have kvm, remove kvm usage for qemu. We will reintroduce it later via a flag/autodetect. --- docker-compose.template | 5 +++-- lavalab-gen.py | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/docker-compose.template b/docker-compose.template index b88ed85..62ed120 100644 --- a/docker-compose.template +++ b/docker-compose.template @@ -7,8 +7,9 @@ services: tty: true build: context: lava-master - devices: - - "/dev/kvm:/dev/kvm" +# TODO handle kvm option +# devices: +# - "/dev/kvm:/dev/kvm" ports: - "10080:80" - "5555:5555" diff --git a/lavalab-gen.py b/lavalab-gen.py index a584a1f..64a4b0b 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -78,6 +78,9 @@ def main(args): if not os.path.isdir("lava-slave/conmux/"): os.mkdir("lava-slave/conmux/") + # board specific hacks + if devicetype == "qemu": + device_line += "{% set no_kvm = True %}\n" if not os.path.isdir("lava-master/devices/"): os.mkdir("lava-master/devices/") device_path = "lava-master/devices/%s" % lab_name -- cgit 1.2.3-korg From 633d0339534944b22c95e58dd069b76fb9dfcd44 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 14:30:24 +0100 Subject: Some actions need root privileges Some actions must be done by root, add a detection for that. --- lavalab-gen.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lavalab-gen.sh b/lavalab-gen.sh index 06df881..31b45f8 100755 --- a/lavalab-gen.sh +++ b/lavalab-gen.sh @@ -13,8 +13,15 @@ fi ./lavalab-gen.py || exit 1 -rm /etc/udev/rules.d/lavalab*rules -cp lavalab*rules /etc/udev/rules.d/ +#check for root +BEROOT="" +if [ $(id -u) -ne 0 ];then + BEROOT="sudo " +fi +$BEROOT rm /etc/udev/rules.d/*lavalab*rules +$BEROOT cp *lavalab*rules /etc/udev/rules.d/ +$BEROOT udevadm control --reload-rules || exit $? +$BEROOT udevadm trigger || exit $? docker-compose build || exit 1 docker-compose up || exit 1 -- cgit 1.2.3-korg From 7cc953e318d9043988d21220c976db8cd24057f8 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 15:18:03 +0100 Subject: Fix custom device-type handling Device-type are jinja2 files and not yaml files and so a have a different filename. So this patch correct the handling of custom device-types. --- lava-master/scripts/setup.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lava-master/scripts/setup.sh b/lava-master/scripts/setup.sh index 011a9c7..b60c93b 100755 --- a/lava-master/scripts/setup.sh +++ b/lava-master/scripts/setup.sh @@ -43,11 +43,12 @@ fi # This directory is used for storing device-types already added mkdir -p /root/.lavadocker/ if [ -e /root/device-types ];then - for i in $(ls /root/device-types/*yaml) + for i in $(ls /root/device-types/*jinja2) do - cp /root/device-types/$i /etc/lava-server/dispatcher-config/device-types/ - devicetype=$(basename $i) - lava-server manage device-types add $devicetype || exit 1 + cp $i /etc/lava-server/dispatcher-config/device-types/ + devicetype=$(basename $i |sed 's,.jinja2,,') + echo "Adding custom $devicetype" + lava-server manage device-types add $devicetype || exit $? touch /root/.lavadocker/devicetype-$devicetype done fi -- cgit 1.2.3-korg From 5195b0e902978949cfcbe471fde3d7034ed55449 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 15:27:57 +0100 Subject: Remove dns_search options propagation from host When dns_search are set, the control made by conmux on hostname fail since hostname.domain does not exist in the docker. --- docker-compose.template | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.template b/docker-compose.template index 62ed120..d125af8 100644 --- a/docker-compose.template +++ b/docker-compose.template @@ -20,6 +20,8 @@ services: - "/lib/modules:/lib/modules" lava-slave: hostname: lab-slave-0 +#conmux does not support dns_search + dns_search: "" restart: always build: context: lava-slave -- cgit 1.2.3-korg From c856c35e30f4465f8d14834d672a0dcbf06567fb Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 8 Jan 2018 16:11:25 +0100 Subject: Use detach mode in docker-compose --- lavalab-gen.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lavalab-gen.sh b/lavalab-gen.sh index 31b45f8..26cbc23 100755 --- a/lavalab-gen.sh +++ b/lavalab-gen.sh @@ -24,4 +24,4 @@ $BEROOT udevadm control --reload-rules || exit $? $BEROOT udevadm trigger || exit $? docker-compose build || exit 1 -docker-compose up || exit 1 +docker-compose up -d || exit 1 -- cgit 1.2.3-korg