v1
This commit is contained in:
commit
0648d481bc
72
README.md
Normal file
72
README.md
Normal file
|
@ -0,0 +1,72 @@
|
||||||
|
# lxc-ramdisk
|
||||||
|
|
||||||
|
Create ramdisks for use in LXC containers for instant startup and destroy. Running `mkvm.sh bullseye lsblk` (for testing purposes) takes 1.3s on RAM running at 800MHz.
|
||||||
|
|
||||||
|
The scripts create two different ramdisks when running `ramdisk.sh start` (or when the systemd service is started):
|
||||||
|
|
||||||
|
- `/ramdisk/sys/` for the base images of supported operating systems
|
||||||
|
- `/ramdisk/tmp/` for rootfs of the actual containers
|
||||||
|
|
||||||
|
When a container is started, it's rootfs is an overlay of `/ramdisk/tmp/VM_NAME` (read-write) over `/ramdisk/sys/VM_TYPE` (read-only). This setup allows to start many containers with the same base system without copying it over and over again.
|
||||||
|
|
||||||
|
The contents of `/ramdisk/sys` are copied from `/ramdisk/persist` when the service is started.
|
||||||
|
|
||||||
|
The following systems are supported:
|
||||||
|
|
||||||
|
- `bullseye`: Debian 11 Bullseye
|
||||||
|
- `archlinux`: Archlinux
|
||||||
|
|
||||||
|
## Setup
|
||||||
|
|
||||||
|
The provided files are provided for Debian bullseye. They can be adpated to another system easily... mostly the LXC templates should be different in the `lxc.include` line. The size of the ramdisk is also hardcoded to 32GB for the base systems, and 32GB for the temporary systems. This can be adapted by editing [bin/ramdisk.sh](bin/ramdisk.sh).
|
||||||
|
|
||||||
|
### Network setup
|
||||||
|
|
||||||
|
Your containers may need to access the network. To give them access to your entire network, we recommend to create a bridged interface to your physical interface, then use a 'veth' interface in the LXC containers. Your `/etc/network/interfaces` would look like this :
|
||||||
|
|
||||||
|
```
|
||||||
|
auto lxcbr0
|
||||||
|
iface lxcbr0 inet dhcp
|
||||||
|
bridge_ports eno1
|
||||||
|
bridge_fd 1
|
||||||
|
bridge_maxwait 0
|
||||||
|
```
|
||||||
|
|
||||||
|
This operation is not performed automatically by setup.sh because it has implications in regards to your current network configuration and to the devices exposed on your LAN. You should think it through.
|
||||||
|
|
||||||
|
### Main setup
|
||||||
|
|
||||||
|
Run `setup.sh` to setup everything else:
|
||||||
|
|
||||||
|
- ensuring LXC is setup via APT
|
||||||
|
- symlinking `bin/*.sh` to `/usr/sbin/`
|
||||||
|
- symlinking `ramdisk.service` to `/etc/systemd/system`
|
||||||
|
- symlinking `templates/*.template` to `/var/lib/lxc/`
|
||||||
|
|
||||||
|
### Setup other systems
|
||||||
|
|
||||||
|
By default, the setup.sh script will generate an image for your own system. If you'd like to generate an image for another system, you'll likely need to have that system running.
|
||||||
|
|
||||||
|
To create an Archlinux rootfs to later run on Debian, you'll have to supply your own Archlinux rootfs in the `/ramdisk/persist/archlinux` folder. Such rootfs can be created from an Archlinux system using:
|
||||||
|
|
||||||
|
```
|
||||||
|
mkdir /ramdisk/persist/archlinux
|
||||||
|
pacstrap /ramdisk/persist/archlinux base base-devel
|
||||||
|
```
|
||||||
|
|
||||||
|
To create a Debian rootfs to later run on Archlinux, you'll have to supply your own rootfs in the `/ramdisk/persist/bullseye` folder. Such rootfs can be created from a Debian system using:
|
||||||
|
|
||||||
|
```
|
||||||
|
mkdir /ramdisk/persist/bullseye
|
||||||
|
deboostrap bullseye /ramdisk/persist/bullseye http://deb.debian.org/debian
|
||||||
|
```
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
The `mkvm.sh` script takes the type of container to run as first argument. That type must be supported by a template (currently, archlinux and bullseye). If another argument is provided, it's the command run in the container, after which the container is stopped. Otherwise, the container is stopped when the container shell is exited.
|
||||||
|
|
||||||
|
Unless the `--keep` argument is passed, the container is also destroyed after running.
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
GNU aGPL v3
|
49
bin/mkvm.sh
Executable file
49
bin/mkvm.sh
Executable file
|
@ -0,0 +1,49 @@
|
||||||
|
#! /usr/bin/env bash
|
||||||
|
|
||||||
|
KEEP=0
|
||||||
|
|
||||||
|
SYSDIR="/ramdisk/sys"
|
||||||
|
TMPDIR="/ramdisk/tmp"
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
"-h"|"--help")
|
||||||
|
echo "testvm.sh DISTRO [CMD]"
|
||||||
|
echo " -k|--keep: Don't destroy the VM after running"
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
"-k"|"--keep")
|
||||||
|
KEEP=1
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
TYPE="$1"
|
||||||
|
TEMPLATE=/var/lib/lxc/"$TYPE".template
|
||||||
|
|
||||||
|
if [ ! -f "$TEMPLATE" ]; then
|
||||||
|
echo "ERROR: No such VM type "$TYPE""
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export VMNAME="$TYPE-$RANDOM"
|
||||||
|
echo "$VMNAME"
|
||||||
|
|
||||||
|
LXCDIR=/var/lib/lxc/"$VMNAME"
|
||||||
|
mkdir "$LXCDIR"
|
||||||
|
envsubst < "$TEMPLATE" > "$LXCDIR"/config
|
||||||
|
|
||||||
|
ROOTFS="$TMPDIR"/"$VMNAME"
|
||||||
|
mkdir -p "$ROOTFS"/etc/
|
||||||
|
echo "$VMNAME" > "$ROOTFS"/etc/hostname
|
||||||
|
|
||||||
|
CMD="$2"
|
||||||
|
|
||||||
|
if [[ "$CMD" != "" ]]; then
|
||||||
|
lxc-execute -n "$VMNAME" -- "$CMD"
|
||||||
|
[ $KEEP -eq 0 ] && lxc-destroy -n "$VMNAME"
|
||||||
|
else
|
||||||
|
lxc-start -n "$VMNAME"
|
||||||
|
lxc-attach -n "$VMNAME" bash
|
||||||
|
[ $KEEP -eq 0 ] && lxc-stop --kill "$VMNAME" && lxc-destroy -n "$VMNAME"
|
||||||
|
fi
|
||||||
|
|
44
bin/ramdisk.sh
Executable file
44
bin/ramdisk.sh
Executable file
|
@ -0,0 +1,44 @@
|
||||||
|
#! /usr/bin/env bash
|
||||||
|
|
||||||
|
start() {
|
||||||
|
[ -d /ramdisk/sys ] && rm -rf /ramdisk/sys
|
||||||
|
[ -d /ramdisk/tmp ] && rm -rf /ramdisk/tmp
|
||||||
|
mkdir -p /ramdisk/sys
|
||||||
|
mkdir -p /ramdisk/tmp
|
||||||
|
|
||||||
|
echo "Bienvenue dans le ramdisk"
|
||||||
|
mount -t tmpfs -o size=32G tmpfs /ramdisk/sys
|
||||||
|
mount -t tmpfs -o size=32G tmpfs /ramdisk/tmp
|
||||||
|
echo "ramdisk monté!"
|
||||||
|
|
||||||
|
if [ -d /ramdisk/persist ]; then
|
||||||
|
cp -a /ramdisk/persist/* /ramdisk/sys/
|
||||||
|
echo "Données persistentes copiées!"
|
||||||
|
fi
|
||||||
|
mount -o remount,ro /ramdisk/sys
|
||||||
|
}
|
||||||
|
|
||||||
|
stop() {
|
||||||
|
umount /ramdisk/sys
|
||||||
|
rm -rf /ramdisk/sys
|
||||||
|
umount /ramdisk/tmp
|
||||||
|
rm -rf /ramdisk/tmp
|
||||||
|
echo "ramdisk démonté!"
|
||||||
|
}
|
||||||
|
|
||||||
|
help() {
|
||||||
|
echo "ramdisk.sh start|stop"
|
||||||
|
echo " Mount a readonly ramdisk to /ramdisk/sys and a read-write one to /ramdisk/tmp"
|
||||||
|
}
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
"start")
|
||||||
|
start
|
||||||
|
;;
|
||||||
|
"stop")
|
||||||
|
stop
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
help
|
||||||
|
;;
|
||||||
|
esac
|
11
ramdisk.service
Normal file
11
ramdisk.service
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
[Unit]
|
||||||
|
Description=RAMDISK
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/usr/sbin/ramdisk.sh start
|
||||||
|
ExecStop=/usr/sbin/ramdisk.sh stop
|
||||||
|
Restart=on-failure
|
||||||
|
RestartPreventExitStatus=255
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
41
setup.sh
Executable file
41
setup.sh
Executable file
|
@ -0,0 +1,41 @@
|
||||||
|
#! /usr/bin/env bash
|
||||||
|
|
||||||
|
# check root
|
||||||
|
[ ! $UID -eq 0 ] && echo "PLEASE RUN AS ROOT." && exit 1
|
||||||
|
|
||||||
|
mkdir -p /ramdisk/sys
|
||||||
|
mkdir -p /ramdisk/tmp
|
||||||
|
mkdir -p /ramdisk/persist
|
||||||
|
|
||||||
|
ln -sf "$(pwd)"/bin/ramdisk.sh /usr/sbin/
|
||||||
|
ln -sf "$(pwd)"/bin/mkvm.sh /usr/sbin/
|
||||||
|
|
||||||
|
ln -sf "$(pwd)"/ramdisk.service /etc/systemd/system/
|
||||||
|
systemctl daemon-reload
|
||||||
|
|
||||||
|
ln -sf "$(pwd)"/templates/archlinux.template /var/lib/lxc/
|
||||||
|
ln -sf "$(pwd)"/templates/bullseye.template /var/lib/lxc/
|
||||||
|
|
||||||
|
setup_debian() {
|
||||||
|
apt install lxc debootstrap
|
||||||
|
if [ ! -d /ramdisk/persist/bullseye ]; then
|
||||||
|
mkdir /ramdisk/persist/bullseye
|
||||||
|
debootstrap bullseye /ramdisk/persist/bullseye http://deb.debian.org/debian
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
setup_arch() {
|
||||||
|
pacman -S lxc arch-install-scripts
|
||||||
|
if [ ! -d /ramdisk/persist/archlinux ]; then
|
||||||
|
mkdir /ramdisk/persist/archlinux
|
||||||
|
pacstrap /ramdisk/persist/archlinux base vim htop tmux
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
if grep 'NAME="Debian GNU/Linux"' /etc/os-release; then
|
||||||
|
setup_debian
|
||||||
|
elif grep 'NAME="Arch Linux"' /etc/os-release; then
|
||||||
|
setup_arch
|
||||||
|
fi
|
||||||
|
|
||||||
|
systemctl enable --now ramdisk
|
24
templates/archlinux.template
Normal file
24
templates/archlinux.template
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
|
||||||
|
# Parameters passed to the template: -r bullseye
|
||||||
|
# For additional config options, please look at lxc.container.conf(5)
|
||||||
|
|
||||||
|
# Uncomment the following line to support nesting containers:
|
||||||
|
#lxc.include = /usr/share/lxc/config/nesting.conf
|
||||||
|
# (Be aware this has security implications)
|
||||||
|
|
||||||
|
lxc.net.0.type = veth
|
||||||
|
#lxc.net.0.hwaddr = 00:16:3e:5e:7b:d0
|
||||||
|
lxc.net.0.link = lxcbr0
|
||||||
|
lxc.net.0.flags = up
|
||||||
|
lxc.apparmor.profile = generated
|
||||||
|
lxc.apparmor.allow_nesting = 1
|
||||||
|
lxc.rootfs.path = overlayfs:/ramdisk/sys/archlinux:/ramdisk/tmp/$VMNAME
|
||||||
|
|
||||||
|
# Common configuration
|
||||||
|
lxc.include = /usr/share/lxc/config/archlinux.common.conf
|
||||||
|
|
||||||
|
# Container specific configuration
|
||||||
|
lxc.tty.max = 4
|
||||||
|
lxc.uts.name = $VMNAME
|
||||||
|
lxc.arch = amd64
|
||||||
|
lxc.pty.max = 1024
|
24
templates/bullseye.template
Normal file
24
templates/bullseye.template
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
|
||||||
|
# Parameters passed to the template: -r bullseye
|
||||||
|
# For additional config options, please look at lxc.container.conf(5)
|
||||||
|
|
||||||
|
# Uncomment the following line to support nesting containers:
|
||||||
|
#lxc.include = /usr/share/lxc/config/nesting.conf
|
||||||
|
# (Be aware this has security implications)
|
||||||
|
|
||||||
|
lxc.net.0.type = veth
|
||||||
|
#lxc.net.0.hwaddr = 00:16:3e:5e:7b:d0
|
||||||
|
lxc.net.0.link = lxcbr0
|
||||||
|
lxc.net.0.flags = up
|
||||||
|
lxc.apparmor.profile = generated
|
||||||
|
lxc.apparmor.allow_nesting = 1
|
||||||
|
lxc.rootfs.path = overlayfs:/ramdisk/sys/bullseye:/ramdisk/tmp/$VMNAME
|
||||||
|
|
||||||
|
# Common configuration
|
||||||
|
lxc.include = /usr/share/lxc/config/debian.common.conf
|
||||||
|
|
||||||
|
# Container specific configuration
|
||||||
|
lxc.tty.max = 4
|
||||||
|
lxc.uts.name = $VMNAME
|
||||||
|
lxc.arch = amd64
|
||||||
|
lxc.pty.max = 1024
|
Loading…
Reference in New Issue
Block a user