feat(image_to_vm): Add new and improved qemu wrapper script.

This one is more automagical and sets up ssh keys from ssh-agent and the user's home directory by default. Also adds an option for setting the ssh port so it can be something other than 2222. Script should be sufficiently portable, tested in bash, dash, and ash.
2025-11-28 22:12:10 +01:00 · 2013-08-18 19:39:55 -04:00 · 2013-08-18 19:39:55 -04:00 · 0f84e3b05f
commit 0f84e3b05f
parent 5c335a5c39
2 changed files with 101 additions and 22 deletions
--- a/build_library/qemu_template.sh
+++ b/build_library/qemu_template.sh
@ -0,0 +1,90 @@
+#!/bin/sh
+
+SCRIPT_DIR="`dirname "$0"`"
+VM_NAME=
+VM_UUID=
+VM_IMAGE=
+VM_MEMORY=
+IMAGE_PATH="${SCRIPT_DIR}/${VM_IMAGE}"
+SSH_PORT=2222
+SSH_KEYS=""
+USAGE="Usage: $0 [-a authorized_keys] [--] [qemu options...]
+Options:
+    -a FILE     SSH public keys for login access. [~/.ssh/id_{dsa,rsa}.pub]
+    -p PORT     The port on localhost to map to the VM's sshd. [2222]
+    -h          this ;-)
+
+This script is a wrapper around qemu for starting CoreOS virtual machines.
+The -a option may be used to specify a particular ssh public key to give
+login access to. If -a is not provided ~/.ssh/id_{dsa,rsa}.pub is used.
+If no public key is provided or found the VM will still boot but you may
+be unable to login unless you built the image yourself after setting a
+password for the core user with the 'set_shared_user_password.sh' script.
+
+Any arguments after -a and -p will be passed through to qemu, -- may be
+used as an explicit separator. See the qemu(1) man page for more details.
+"
+
+while getopts ":a:p:vh" OPTION
+do
+    case $OPTION in
+        a) SSH_KEYS="$OPTARG"; shift 2 ;;
+        p) SSH_PORT="$OPTARG"; shift 2 ;;
+        v) set -x; shift ;;
+        h) echo "$USAGE"; exit ;;
+        ?) break ;;
+    esac
+done
+
+
+METADATA=$(mktemp -t -d coreos-meta-data.XXXXXXXXXX)
+if [ $? -ne 0 ] || [ ! -d "$METADATA" ]; then
+    echo "$0: mktemp -d failed!" >&2
+    exit 1
+fi
+trap "rm -rf '$METADATA'" EXIT
+
+
+# Do our best to create an authorized_keys file
+if [ -n "$SSH_KEYS" ]; then
+    if [ ! -f "$SSH_KEYS" ]; then
+        echo "$0: SSH keys file not found: $SSH_KEYS" >&2
+        exit 1
+    elif ! cp "$SSH_KEYS" "${METADATA}/authorized_keys"; then
+        echo "$0: Failed to copy SSH keys from $SSH_KEYS" >&2
+        exit 1
+    fi
+else
+    # Nothing provided, try fetching from ssh-agent and the local fs
+    if [ -S "$SSH_AUTH_SOCK" ]; then
+        ssh-add -L >> "${METADATA}/authorized_keys"
+    fi
+    for default_key in ~/.ssh/id_*.pub; do
+        if [ ! -f "$default_key" ]; then
+            continue
+        fi
+        cat "$default_key" >> "${METADATA}/authorized_keys"
+    done
+fi
+
+
+# Default to KVM, fall back on full emulation
+# ${METADATA} will be mounted in CoreOS as /media/metadata
+qemu-system-x86_64 \
+    -name "$VM_NAME" \
+    -uuid "$VM_UUID" \
+    -m ${VM_MEMORY} \
+    -machine accel=kvm:tcg \
+    -drive index=0,if=virtio,media=disk,format=qcow2,file="${IMAGE_PATH}" \
+    -net nic,vlan=0,model=virtio \
+    -net user,vlan=0,hostfwd=tcp::"${SSH_PORT}"-:22 \
+    -fsdev local,id=metadata,security_model=none,readonly,path="${METADATA}" \
+    -device virtio-9p-pci,fsdev=metadata,mount_tag=metadata \
+    "$@"
+RET=$?
+
+
+# Cleanup!
+rm -rf "${METADATA}"
+trap - EXIT
+exit $?
--- a/build_library/vm_image_util.sh
+++ b/build_library/vm_image_util.sh
@ -293,23 +293,11 @@ _write_qemu_conf() {
    local dst_dir=$(dirname "$VM_DST_IMG")
    local script="${dst_dir}/$(_src_to_dst_name "${src_name}" ".sh")"

-    cat >"${script}" <<EOF
-#!/bin/sh
-
-SCRIPT_DIR="\`dirname "\$0"\`"
-DISK_IMAGE="\${SCRIPT_DIR}/${dst_name}"
-
-# Default to KVM, fall back on full emulation
-exec qemu-system-x86_64 \\
-    -name "${VM_NAME}" \\
-    -uuid "${VM_UUID}" \\
-    -m ${vm_mem} \\
-    -machine accel=kvm:tcg \\
-    -drive index=0,if=virtio,media=disk,format=qcow2,file="\${DISK_IMAGE}" \\
-    -net nic,vlan=0,model=virtio \\
-    -net user,vlan=0,hostfwd=tcp::2222-:22 \\
-    "\$@"
-EOF
+    sed -e "s%^VM_NAME=.*%VM_NAME='${VM_NAME}'%" \
+        -e "s%^VM_UUID=.*%VM_UUID='${VM_UUID}'%" \
+        -e "s%^VM_IMAGE=.*%VM_IMAGE='${dst_name}'%" \
+        -e "s%^VM_MEMORY=.*%VM_MEMORY='${vm_mem}'%" \
+        "${BUILD_LIBRARY_DIR}/qemu_template.sh" > "${script}"
    chmod +x "${script}"

    cat >"${VM_README}" <<EOF
@ -317,11 +305,12 @@ If you have qemu installed (or in the SDK), you can start the image with:
  cd path/to/image
  ./$(basename "${script}") -curses

-If you wish to log in via a ssh key:
-  mkdir /tmp/meta-data
-  cp ~/.ssh/id_dsa.pub /tmp/meta-data/authorized_keys
-  ./$(basename "${script}") -curses -virtfs \\
-    local,path=/tmp/meta-data,mount_tag=meta-data,security_model=none,readonly
+If you need to use a different ssh key or different ssh port:
+  ./$(basename "${script}") -a ~/.ssh/authorized_keys -p 2223 -- -curses
+
+If you rather you can use the -nographic option instad of -curses. In this
+mode you can switch from the vm to the qemu monitor console with: Ctrl-a c
+See the qemu man page for more details on the monitor console.

 SSH into that host with:
  ssh 127.0.0.1 -p 2222