diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-0.5.0.ebuild similarity index 76% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-0.5.0.ebuild index 701a9ac9b2..c3c67ac466 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-0.5.0.ebuild @@ -8,13 +8,15 @@ EAPI=2 EGIT_REPO_URI="https://github.com/dotcloud/docker" inherit toolchain-funcs systemd git-2 +EGIT_COMMIT="51f6c4a7372450d164c61e0054daf0223ddbd909" # 0.5 + DESCRIPTION="Docker container management" HOMEPAGE="http://docker.io" SRC_URI="" LICENSE="MIT" SLOT="0" -KEYWORDS="~amd64 ~arm ~x86" +KEYWORDS="amd64" IUSE="" DEPEND=">=dev-lang/go-1.0.2" @@ -36,5 +38,6 @@ src_install() { keepdir /var/lib/${PN}/graph keepdir /var/lib/${PN}/containers systemd_dounit "${FILESDIR}"/${PN}.service - systemd_enable_service multi-user.target ${PN}.service + # not enabling by default because it messes up the EC2 169. meta url routing + #systemd_enable_service multi-user.target ${PN}.service } diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1-r3.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1-r3.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1.ebuild index c42f45d6c2..ee8a30220b 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-experimental/coreos-experimental-0.0.1.ebuild @@ -15,5 +15,4 @@ IUSE="" DEPEND="" RDEPEND=" app-admin/systemd-rest - dev-db/etcd " diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r199.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r200.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r199.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r200.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild index 0786a01b1f..1a8efe2adb 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild @@ -151,6 +151,7 @@ RDEPEND="${RDEPEND} app-misc/ca-certificates virtual/udev coreos-base/oem-service + dev-db/etcd " # TODO(dianders): diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/files/install-ec2-key.sh b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/files/install-ec2-key.sh index c42b30ad53..32f6e6b33e 100755 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/files/install-ec2-key.sh +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/files/install-ec2-key.sh @@ -1,5 +1,7 @@ #!/bin/bash +/usr/bin/block-until-url http://169.254.169.254/ + USER_DIR="/home/core/user" if [ ! -d ${USER_DIR}/.ssh ] ; then @@ -7,10 +9,14 @@ if [ ! -d ${USER_DIR}/.ssh ] ; then chmod 700 ${USER_DIR}/.ssh fi # Fetch public key using HTTP -curl -s http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key +curl -s --connect-timeout 3 http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key if [ $? -eq 0 ] ; then cat /tmp/my-key >> ${USER_DIR}/.ssh/authorized_keys chmod 700 ${USER_DIR}/.ssh/authorized_keys rm /tmp/my-key +else + echo unable to download key + rm /tmp/my-key + exit 1 fi chown -R core: $USER_DIR/.ssh diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/oem-ami-0.0.1-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/oem-ami-0.0.1-r6.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/oem-ami-0.0.1-r4.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/oem-ami/oem-ami-0.0.1-r6.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1-r2.ebuild deleted file mode 120000 index a6e5e5dcc1..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1-r2.ebuild +++ /dev/null @@ -1 +0,0 @@ -etcd-0.0.1.ebuild \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1.ebuild index 38b388fdab..b828364b90 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/etcd-0.0.1.ebuild @@ -9,7 +9,7 @@ EAPI=4 CROS_WORKON_PROJECT="coreos/etcd" CROS_WORKON_LOCALNAME="etcd" CROS_WORKON_REPO="git://github.com" -CROS_WORKON_COMMIT="01e5d41f91da0251a8ed9dbba79df70a9dd6a237" +CROS_WORKON_COMMIT="d0ec1007a218ff9e089e158ecd79d055d092cadc" inherit toolchain-funcs cros-workon systemd DESCRIPTION="etcd" @@ -33,6 +33,7 @@ src_install() { dobin ${S}/${PN} dobin ${FILESDIR}/coreos-c10n dobin ${FILESDIR}/etcd-bootstrap + dobin ${FILESDIR}/block-until-url systemd_dounit "${FILESDIR}"/${PN}.service systemd_enable_service multi-user.target ${PN}.service diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/block-until-url b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/block-until-url new file mode 100755 index 0000000000..4a790cc15e --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/block-until-url @@ -0,0 +1,7 @@ +#!/bin/bash + +URL="$1" + +CMD="curl -s --capath /usr/share/coreos-ca-certificates/ --capath /etc/ssl/certs/ $URL" +while ($CMD > /dev/null); [ $? -ne 0 ]; + do sleep .5; done diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/coreos-c10n b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/coreos-c10n index 886e729c7e..c5afd82baa 100755 --- a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/coreos-c10n +++ b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/coreos-c10n @@ -3,33 +3,32 @@ C10N_ENDPOINT=https://core-api.appspot.com/v1/c10n/group META_URL="http://169.254.169.254/latest" +ETCD_BOOTSTRAP="/var/run/etcd/bootstrap.config" +[ ! -e "/var/run/etcd/" ] && mkdir "/var/run/etcd/" + +/usr/bin/block-until-url $C10N_ENDPOINT +/usr/bin/block-until-url $META_URL + USER_DATA=$(curl -s $META_URL/user-data) +if [ $? -eq 0 ] && [ ! -z "$USER_DATA" ]; then + URL=$USER_DATA -URL=$USER_DATA + echo $URL | grep -q '^https://' || (echo Coordination URL requires valid SSL; exit 1) -echo $URL | grep -q '^https://' || (echo Coordination URL requires valid SSL; exit 1) + TMP=`mktemp` -TMP=`mktemp` + curl -s "$USER_DATA/raw" > $TMP -curl -s "$USER_DATA/raw" > $TMP - -# validate ssh key -ssh-keygen -l -f $TMP > /dev/null 2>&1 -if [ $? -eq 0 ]; then - cat $TMP >> $HOME/.ssh/authorized_keys - echo "SSH key updated" -else - echo "Not a valid ssh key" + # validate ssh key + ssh-keygen -l -f $TMP > /dev/null 2>&1 + if [ $? -eq 0 ]; then + cat $TMP >> /home/core/user/.ssh/authorized_keys + echo "SSH key updated" + chown -R core: /home/core/user/.ssh/ + else + echo "Not a valid ssh key" + fi fi -IP_LIST="" -for IP4 in `curl -s $META_URL/meta-data/ | grep ipv4`; do - IP=$(curl -s $META_URL/meta-data/$IP4) - if [ "$IP_LIST" != "" ]; then - IP_LIST="$IP_LIST,$IP" - else - IP_LIST="$IP" - fi -done - -curl $C10N_ENDPOINT -d "c10n_url=$URL" -d"ip_list=$IP_LIST" > /var/run/etcd/bootstrap.config +IP=$(curl -s $META_URL/meta-data/local-ipv4) +curl -s $C10N_ENDPOINT -d "c10n_url=$URL" -d"ip_list=$IP" > $ETCD_BOOTSTRAP diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd-bootstrap b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd-bootstrap index 0876dea338..3cd1b954ad 100755 --- a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd-bootstrap +++ b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd-bootstrap @@ -1,43 +1,25 @@ #!/bin/bash -# Test an IP address for validity: -# Usage: -# valid_ip IP_ADDRESS -# if [[ $? -eq 0 ]]; then echo good; else echo bad; fi -# OR -# if valid_ip IP_ADDRESS; then echo good; else echo bad; fi -# http://www.linuxjournal.com/content/validating-ip-address-bash-script -function valid_ip() -{ - local ip=$1 - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - OIFS=$IFS - IFS='.' - ip=($ip) - IFS=$OIFS - [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \ - && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]] - stat=$? - fi - return $stat -} +/usr/bin/coreos-c10n +META_URL="http://169.254.169.254/latest" +MY_IP=$(curl -s $META_URL/meta-data/local-ipv4) BOOTSTRAP="/var/run/etcd/bootstrap.config" -for HOSTS in `[ -e $BOOTSTRAP ] && cat $BOOTSTRAP`; do - for IP in `echo $HOSTS | sed 's/,/\'$'\n/g' `; do - echo $IP - LEADER=`curl --connect-timeout 1 -s $IP:7001/leader` - if [ $? -eq 0 ]; then - LEADER_IP=`echo $LEADER | cut -d':' -f1` - LEADER_PORT=`echo $LEADER | cut -d':' -f2` - if valid_ip $LEADER_IP; then - echo GOT LEADER $LEADER - exec /usr/bin/etcd -i -C $LEADER - fi - fi - done -done -echo "Not able to connect to a leader, just starting..." -exec /usr/bin/etcd -i + +# for etcd +STATE=/mnt/stateful_partition/etcd +mkdir -p $STATE + +[ ! -e $BOOTSTRAP ] && echo bootstrap config missing && exit 1 + +# strip blank lines +IPS=$(grep -v $MY_IP $BOOTSTRAP|grep -v '^\n$' |sed 's/$/:7001/'|tr '\n' ','|sed 's/^,//'|sed 's/,$//') + +if [ -z "$IPS" ]; then + echo "becoming master..." + exec /usr/bin/etcd -v -h $MY_IP -d $STATE +else + echo "trying $IPS" + set -x + exec /usr/bin/etcd -v -h $MY_IP -C "$IPS" -d $STATE +fi diff --git a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd.service b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd.service index 593d12a87e..bd08c04c9d 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd.service +++ b/sdk_container/src/third_party/coreos-overlay/dev-db/etcd/files/etcd.service @@ -1,6 +1,4 @@ [Service] -ExecStartPre=-/bin/mkdir -p /var/run/etcd -ExecStartPre=/usr/bin/coreos-c10n ExecStart=/usr/bin/etcd-bootstrap [Install] diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/targets/coreos/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/targets/coreos/package.accept_keywords index 515445a9d4..cb364ffe02 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/targets/coreos/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/targets/coreos/package.accept_keywords @@ -130,5 +130,4 @@ =net-dialup/ppp-2.4.5-r3 ~amd64 =dev-python/pyxenstore-9999 ~amd64 ~x86 =coreos-base/motd-http-9999 ~amd64 ~x86 -=app-emulation/docker-9999 ~amd64 ~x86 =app-emulation/lxc-0.8.0-r1 ~amd64 ~x86