forked from lxc/lxcri
-
Notifications
You must be signed in to change notification settings - Fork 0
/
install.sh
executable file
·306 lines (246 loc) · 6.74 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
#!/bin/sh -eux
# -e abort if subshell command exits non-zero
# -u treat undefined variables as error
# -x trace shell expansion
# Package manager dependencies
# NOTE sort lists with: $(echo $PKGS | tr ' ' '\n' | sort | uniq | xargs)
DISTRIBUTION="$(cat /etc/os-release | grep '^ID=' | cut -d'=' -f2 | tr -d '\n')"
INSTALL_PREFIX=${INSTALL_PREFIX:-/usr/local}
TMPDIR=${TMPDIR:-/tmp/lxcri-build}
case "$DISTRIBUTION" in
"debian" | "ubuntu")
INSTALL_PKGS=apt_install
CLEAN_PKGS=apt_clean
export DEBIAN_FRONTEND=noninteractive
PKGS_BUILD="automake build-essential ca-certificates git libc6-dev libtool make pkg-config wget"
PKGS_BUILD="$PKGS_BUILD libapparmor-dev libbtrfs-dev libc6-dev libcap-dev libdevmapper-dev libglib2.0-dev libseccomp-dev"
PKGS_RUNTIME="libapparmor1 libbtrfs0 libcap2 libdevmapper1.02.1 libseccomp2"
PKGS="conntrack ebtables ethtool iproute2 iptables socat"
PKGS="$PKGS ca-certificates libglib2.0-0 systemd tzdata"
PKGS="$PKGS $PKGS_RUNTIME"
;;
"arch")
# NOTE official archlinux images are really large
# archlinux:latest unpacked image size is > 400MB (vs ubuntu:latest ~ 75MB)
INSTALL_PKGS=pacman_install
CLEAN_PKGS=pacman_clean
PKGS_BUILD="base-devel wget git libtool m4 automake autoconf"
PKGS_RUNTIME="libseccomp apparmor btrfs-progs device-mapper libcap"
PKGS="conntrack-tools ethtool iproute2 ebtables iptables-nft socat"
PKGS="$PKGS ca-certificates glib2 systemd tzdata"
PKGS="$PKGS $PKGS_RUNTIME"
;;
"alpine")
INSTALL_PKGS=apk_install
CLEAN_PKGS=apk_clean
PKGS_BUILD="build-base wget git libtool m4 automake autoconf"
PKGS_BUILD="$PKGS_BUILD btrfs-progs-dev glib-dev libseccomp-dev libcap-dev libapparmor-dev"
PKGS_RUNTIME="libapparmor btrfs-progs libcap lvm2-dev libseccomp libc6-compat libgcc"
PKGS="conntrack-tools ebtables ethtool iproute2 iptables ip6tables socat"
PKGS="$PKGS ca-certificates glib runit tzdata"
PKGS="$PKGS $PKGS_RUNTIME"
;;
*)
echo "unsupported distribution '$DISTRIBUTION'"
exit 1
;;
esac
mkdir -p $TMPDIR
export PATH=${INSTALL_PREFIX}/go/bin:$PATH
setup() {
$INSTALL_PKGS $@
add_golang
}
clean() {
$CLEAN_PKGS $PKGS_BUILD
remove_golang
rm -rf $TMPDIR
}
apt_install() {
apt-get update
apt-get install -qq --no-install-recommends --yes $@
}
apt_clean() {
apt-get purge -qq --yes $@
apt-get autoremove -qq --yes
apt-get clean -qq
rm -rf /var/lib/apt/lists/*
}
pacman_install() {
pacman -Sy
# NOTE: the option '--ask 4' is undocumented but the only way to let pacman
# resolve conflicts (e.g iptables and iptables-nft)
# see https://unix.stackexchange.com/questions/274727/how-to-force-pacman-to-answer-yes-to-all-questions
pacman -S --noconfirm --needed $@ --ask 4
}
pacman_clean() {
pacman -R -ss --unneeded --noconfirm $@
pacman -Scc
}
apk_install() {
echo http://nl.alpinelinux.org/alpine/edge/testing >>/etc/apk/repositories
echo http://nl.alpinelinux.org/alpine/edge/community >>/etc/apk/repositories
apk add --no-cache --update $@
}
apk_clean() {
apk del $@
}
ldconfig_add() {
if $(which ldconfig 1>/dev/null 2>&1); then
echo $1 >>/etc/ld.so.conf.d/local.conf
ldconfig
fi
# alpine uses musl libc
# /etc/ld-musl-x86_64.path (shared library search path, with components delimited by newlines or colons)
# default "/lib:/usr/local/lib:/usr/lib"
# see musl-libc.org/doc/1.0.0/manual.html
}
add_golang() {
local src=$GOLANG_SRC
local checksum=$GOLANG_CHECKSUM
local archive="$(basename $src)"
cd ${INSTALL_PREFIX}
wget --quiet $src
echo "$checksum $archive" | sha256sum -c
tar -xzf $archive
rm ${INSTALL_PREFIX}/$archive
}
remove_golang() {
rm -rf $(go env GOPATH)
rm -rf $(go env GOCACHE)
rm -rf $(go env GOROOT)
}
git_clone() {
local tmpdir=$1
local repo=$2
local version=$3
git clone $repo $tmpdir
cd $tmpdir
git reset --hard $version
}
add_cni() {
local repo=$CNI_PLUGINS_GIT_REPO
local version=$CNI_PLUGINS_GIT_VERSION
local tmpdir=${TMPDIR}/cni-plugins
git_clone $tmpdir $repo $version
./build_linux.sh
export CNI_PLUGIN_DIR=$INSTALL_PREFIX/cni/bin
mkdir -p $CNI_PLUGIN_DIR
cp bin/* $CNI_PLUGIN_DIR
cd /
rm -rf $tmpdir
}
add_conmon() {
local repo=$CONMON_GIT_REPO
local version=$CONMON_GIT_VERSION
local tmpdir=${TMPDIR}/conmon
git_clone $tmpdir $repo $version
make clean
make install
cd /
rm -rf $tmpdir
}
add_crio() {
local repo=$CRIO_GIT_REPO
local version=$CRIO_GIT_VERSION
local tmpdir=${TMPDIR}/cri-o
git_clone $tmpdir $repo $version
make install
cd /
rm -rf $tmpdir
# Modify systemd service file to run with full privileges.
# This is required for the runtime to set cgroupv2 device controller eBPF.
sed -i 's/ExecStart=\//ExecStart=+\//' ${INSTALL_PREFIX}/lib/systemd/system/crio.service
# TODO modify defaults file
}
add_crictl() {
local checksum=$CRICTL_CHECKSUM
local url=$CRICTL_URL
local archive="$(basename $CRICTL_URL)"
cd ${TMPDIR}
wget --quiet $url
echo "$checksum $archive" | sha256sum -c
tar -x -z -f $archive -C ${INSTALL_PREFIX}/bin
rm $archive
}
add_kubernetes() {
local checksum=$K8S_CHECKSUM
local url=$K8S_URL
local archive=$(basename $K8S_URL)
cd ${TMPDIR}
wget --quiet $url
echo "$checksum $archive" | sha512sum -c
tar -x -z -f $archive -C $INSTALL_PREFIX/bin --strip-components=3 \
kubernetes/server/bin/kubectl kubernetes/server/bin/kubeadm kubernetes/server/bin/kubelet
rm $archive
}
LXC_INSTALL_TOOLS=${LXC_INSTALL_TOOLS:-no}
LXC_INSTALL_COMMANDS=${LXC_INSTALL_COMMANDS:-no}
LXC_INSTALL_DOC=${LXC_INSTALL_DOC:-no}
LXC_INSTALL_API_DOCS=${LXC_INSTALL_API_DOCS:-no}
add_lxc() {
local repo=$LXC_GIT_REPO
local version=$LXC_GIT_VERSION
local tmpdir=${TMPDIR}/lxc
git_clone $tmpdir $repo $version
./autogen.sh
./configure --enable-bash=no --enable-seccomp=yes \
--enable-capabilities=yes --enable-apparmor=yes \
--enable-tools=$LXC_INSTALL_TOOLS --enable-commands=$LXC_INSTALL_COMMANDS \
--enable-static=no --enable-examples=no \
--enable-doc=$LXC_INSTALL_DOC --enable-api-docs=$LXC_INSTALL_API_DOCS
make install
git describe --tags >${INSTALL_PREFIX}/lib/liblxc.version.txt
ldconfig_add ${INSTALL_PREFIX}/lib
cd
rm -rf $tmpdir
}
add_lxcri() {
local repo=$LXCRI_GIT_REPO
local version=$LXCRI_GIT_VERSION
local tmpdir=${TMPDIR}/lxcri
git_clone $tmpdir $repo $version
# lxc installed from source with default installation prefix is prefered
export PKG_CONFIG_PATH=${INSTALL_PREFIX}/lib/pkgconfig
make install
cd
rm -rf $tmpdir
}
install_all_noclean() {
setup $PKGS_BUILD $PKGS
add_lxc
add_lxcri
add_conmon
add_crio
add_cni
add_crictl
add_kubernetes
}
install_all() {
install_all_noclean
clean
}
install_runtime_noclean() {
setup $PKGS_BUILD $PKGS_RUNTIME
add_lxc
add_lxcri
}
install_runtime() {
install_runtime_noclean
clean
}
update_runtime() {
add_lxc
add_lxcri
clean
}
update_lxcri() {
setup $PKGS_BUILD $PKGS_RUNTIME
add_lxcri
clean
}
update_lxcri_dev() {
add_lxcri
clean
}
$@