YunoHost/yunohost_demo
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost_demo.git synced 2024-09-03 19:56:44 +02:00
Code Issues Projects Releases Packages Wiki Activity

scripts à tester

Browse source
This commit is contained in:
Maniack Crudelis 2016-08-12 17:35:14 +02:00
parent 999f2718b1
commit 2776a61252
7 changed files with 209 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
lxc_build_demo.sh → demo_lxc_build.sh
View file

@ -4,12 +4,13 @@
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi
LOG_BUILD_LXC="$script_dir/Build_lxc.log" LOG_BUILD_LXC="$script_dir/Build_lxc.log"
PLAGE_IP="10.1.4" PLAGE_IP="10.1.5"
IP_LXC=$PLAGE_IP.3 IP_LXC=$PLAGE_IP.3
ARG_SSH="-t" ARG_SSH="-t"
DOMAIN=demotest1.nohost.me DOMAIN=demotest1.nohost.me
YUNO_PWD=admin YUNO_PWD=admin
LXC_NAME=yunohost_demo LXC_NAME1=yunohost_demo1
LXC_NAME2=yunohost_demo2
USER_DEMO=demo USER_DEMO=demo
PASSWORD_DEMO=demo PASSWORD_DEMO=demo
@ -29,7 +30,7 @@ sudo apt-get update >> "$LOG_BUILD_LXC" 2>&1
sudo apt-get install -y lxc lxctl >> "$LOG_BUILD_LXC" 2>&1 sudo apt-get install -y lxc lxctl >> "$LOG_BUILD_LXC" 2>&1
echo "> Création d'une machine debian jessie minimaliste" | tee -a "$LOG_BUILD_LXC" echo "> Création d'une machine debian jessie minimaliste" | tee -a "$LOG_BUILD_LXC"
sudo lxc-create -n $LXC_NAME -t debian -- -r jessie >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-create -n $LXC_NAME1 -t debian -- -r jessie >> "$LOG_BUILD_LXC" 2>&1
echo "> Autoriser l'ip forwarding, pour router vers la machine virtuelle." | tee -a "$LOG_BUILD_LXC" echo "> Autoriser l'ip forwarding, pour router vers la machine virtuelle." | tee -a "$LOG_BUILD_LXC"
echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1 echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1
@ -49,10 +50,10 @@ echo "> Active le bridge réseau" | tee -a "$LOG_BUILD_LXC"
sudo ifup lxc_demo --interfaces=/etc/network/interfaces.d/lxc_demo >> "$LOG_BUILD_LXC" 2>&1 sudo ifup lxc_demo --interfaces=/etc/network/interfaces.d/lxc_demo >> "$LOG_BUILD_LXC" 2>&1
echo "> Configuration réseau du conteneur" | tee -a "$LOG_BUILD_LXC" echo "> Configuration réseau du conteneur" | tee -a "$LOG_BUILD_LXC"
sudo sed -i "s/^lxc.network.type = empty$/lxc.network.type = veth\nlxc.network.flags = up\nlxc.network.link = lxc_demo\nlxc.network.name = eth0\nlxc.network.veth.pair = $LXC_NAME\nlxc.network.hwaddr = 00:FF:AA:00:00:03/" /var/lib/lxc/$LXC_NAME/config >> "$LOG_BUILD_LXC" 2>&1 sudo sed -i "s/^lxc.network.type = empty$/lxc.network.type = veth\nlxc.network.flags = up\nlxc.network.link = lxc_demo\nlxc.network.name = eth0\nlxc.network.veth.pair = $LXC_NAME1\nlxc.network.hwaddr = 00:FF:AA:00:00:03/" /var/lib/lxc/$LXC_NAME1/config >> "$LOG_BUILD_LXC" 2>&1
echo "> Configuration réseau de la machine virtualisée" | tee -a "$LOG_BUILD_LXC" echo "> Configuration réseau de la machine virtualisée" | tee -a "$LOG_BUILD_LXC"
sudo sed -i "s@iface eth0 inet dhcp@iface eth0 inet static\n\taddress $IP_LXC/24\n\tgateway $PLAGE_IP.1@" /var/lib/lxc/$LXC_NAME/rootfs/etc/network/interfaces >> "$LOG_BUILD_LXC" 2>&1 sudo sed -i "s@iface eth0 inet dhcp@iface eth0 inet static\n\taddress $IP_LXC/24\n\tgateway $PLAGE_IP.1@" /var/lib/lxc/$LXC_NAME1/rootfs/etc/network/interfaces >> "$LOG_BUILD_LXC" 2>&1
echo "> Configure le parefeu" | tee -a "$LOG_BUILD_LXC" echo "> Configure le parefeu" | tee -a "$LOG_BUILD_LXC"
sudo iptables -A FORWARD -i lxc_demo -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -A FORWARD -i lxc_demo -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
@ -60,68 +61,68 @@ sudo iptables -A FORWARD -i eth0 -o lxc_demo -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1
echo "> Démarrage de la machine" | tee -a "$LOG_BUILD_LXC" echo "> Démarrage de la machine" | tee -a "$LOG_BUILD_LXC"
sudo lxc-start -n $LXC_NAME -d >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-start -n $LXC_NAME1 -d >> "$LOG_BUILD_LXC" 2>&1
sleep 3 sleep 3
sudo lxc-ls -f >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-ls -f >> "$LOG_BUILD_LXC" 2>&1
echo "> Update et install tasksel sudo git" | tee -a "$LOG_BUILD_LXC" echo "> Update et install tasksel sudo git" | tee -a "$LOG_BUILD_LXC"
sudo lxc-attach -n $LXC_NAME -- apt-get update sudo lxc-attach -n $LXC_NAME1 -- apt-get update
sudo lxc-attach -n $LXC_NAME -- apt-get install -y tasksel sudo git sudo lxc-attach -n $LXC_NAME1 -- apt-get install -y tasksel sudo git
echo "> Installation des paquets standard et ssh-server" | tee -a "$LOG_BUILD_LXC" echo "> Installation des paquets standard et ssh-server" | tee -a "$LOG_BUILD_LXC"
tasksell_exit=1 tasksell_exit=1
while [ "$tasksell_exit" -ne 0 ] while [ "$tasksell_exit" -ne 0 ]
do do
sudo lxc-attach -n $LXC_NAME -- tasksel install standard ssh-server sudo lxc-attach -n $LXC_NAME1 -- tasksel install standard ssh-server
tasksell_exit=$? tasksell_exit=$?
done done
echo "> Renseigne /etc/hosts sur l'invité" | tee -a "$LOG_BUILD_LXC" echo "> Renseigne /etc/hosts sur l'invité" | tee -a "$LOG_BUILD_LXC"
echo "127.0.0.1 $LXC_NAME" | sudo tee -a /var/lib/lxc/$LXC_NAME/rootfs/etc/hosts >> "$LOG_BUILD_LXC" 2>&1 echo "127.0.0.1 $LXC_NAME1" | sudo tee -a /var/lib/lxc/$LXC_NAME1/rootfs/etc/hosts >> "$LOG_BUILD_LXC" 2>&1
echo "> Ajoute l'user ssh_demo (avec un mot de passe à revoir...)" | tee -a "$LOG_BUILD_LXC" echo "> Ajoute l'user ssh_demo (avec un mot de passe à revoir...)" | tee -a "$LOG_BUILD_LXC"
sudo lxc-attach -n $LXC_NAME -- useradd -m -p ssh_demo ssh_demo >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-attach -n $LXC_NAME1 -- useradd -m -p ssh_demo ssh_demo >> "$LOG_BUILD_LXC" 2>&1
echo "> Autorise pchecker à utiliser sudo sans mot de passe" | tee -a "$LOG_BUILD_LXC" echo "> Autorise pchecker à utiliser sudo sans mot de passe" | tee -a "$LOG_BUILD_LXC"
echo "pchecker ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /var/lib/lxc/$LXC_NAME/rootfs/etc/sudoers >> "$LOG_BUILD_LXC" 2>&1 echo "pchecker ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /var/lib/lxc/$LXC_NAME1/rootfs/etc/sudoers >> "$LOG_BUILD_LXC" 2>&1
echo "> Mise en place de la connexion ssh vers l'invité." | tee -a "$LOG_BUILD_LXC" echo "> Mise en place de la connexion ssh vers l'invité." | tee -a "$LOG_BUILD_LXC"
if [ -e $HOME/.ssh/$LXC_NAME ]; then if [ -e $HOME/.ssh/$LXC_NAME1 ]; then
rm -f $HOME/.ssh/$LXC_NAME $HOME/.ssh/$LXC_NAME.pub rm -f $HOME/.ssh/$LXC_NAME1 $HOME/.ssh/$LXC_NAME1.pub
ssh-keygen -f $HOME/.ssh/known_hosts -R $IP_LXC ssh-keygen -f $HOME/.ssh/known_hosts -R $IP_LXC
fi fi
ssh-keygen -t dsa -f $HOME/.ssh/$LXC_NAME -P '' >> "$LOG_BUILD_LXC" 2>&1 ssh-keygen -t dsa -f $HOME/.ssh/$LXC_NAME1 -P '' >> "$LOG_BUILD_LXC" 2>&1
sudo mkdir /var/lib/lxc/$LXC_NAME/rootfs/home/ssh_demo/.ssh >> "$LOG_BUILD_LXC" 2>&1 sudo mkdir /var/lib/lxc/$LXC_NAME1/rootfs/home/ssh_demo/.ssh >> "$LOG_BUILD_LXC" 2>&1
sudo cp $HOME/.ssh/$LXC_NAME.pub /var/lib/lxc/$LXC_NAME/rootfs/home/ssh_demo/.ssh/authorized_keys >> "$LOG_BUILD_LXC" 2>&1 sudo cp $HOME/.ssh/$LXC_NAME1.pub /var/lib/lxc/$LXC_NAME1/rootfs/home/ssh_demo/.ssh/authorized_keys >> "$LOG_BUILD_LXC" 2>&1
sudo lxc-attach -n $LXC_NAME -- chown ssh_demo -R /home/ssh_demo/.ssh >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-attach -n $LXC_NAME1 -- chown ssh_demo -R /home/ssh_demo/.ssh >> "$LOG_BUILD_LXC" 2>&1
echo | tee -a $HOME/.ssh/config <<EOF >> "$LOG_BUILD_LXC" 2>&1 echo | tee -a $HOME/.ssh/config <<EOF >> "$LOG_BUILD_LXC" 2>&1
# ssh $LXC_NAME # ssh $LXC_NAME1
Host $LXC_NAME Host $LXC_NAME1
Hostname $IP_LXC Hostname $IP_LXC
User ssh_demo User ssh_demo
IdentityFile $HOME/.ssh/$LXC_NAME IdentityFile $HOME/.ssh/$LXC_NAME1
EOF EOF
ssh $ARG_SSH $LXC_NAME "exit 0" # Initie une premier connexion SSH pour valider la clé. ssh $ARG_SSH $LXC_NAME1 "exit 0" # Initie une premier connexion SSH pour valider la clé.
if [ "$?" -ne 0 ]; then # Si l'utilisateur tarde trop, la connexion sera refusée... ??? if [ "$?" -ne 0 ]; then # Si l'utilisateur tarde trop, la connexion sera refusée... ???
ssh $ARG_SSH $LXC_NAME "exit 0" # Initie une premier connexion SSH pour valider la clé. ssh $ARG_SSH $LXC_NAME1 "exit 0" # Initie une premier connexion SSH pour valider la clé.
fi fi
ssh $ARG_SSH $LXC_NAME "git clone https://github.com/YunoHost/install_script /tmp/install_script" >> "$LOG_BUILD_LXC" 2>&1 ssh $ARG_SSH $LXC_NAME1 "git clone https://github.com/YunoHost/install_script /tmp/install_script" >> "$LOG_BUILD_LXC" 2>&1
echo "> Installation de Yunohost..." | tee -a "$LOG_BUILD_LXC" echo "> Installation de Yunohost..." | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "cd /tmp/install_script; sudo ./install_yunohost -a" | tee -a "$LOG_BUILD_LXC" 2>&1 ssh $ARG_SSH $LXC_NAME1 "cd /tmp/install_script; sudo ./install_yunohost -a" | tee -a "$LOG_BUILD_LXC" 2>&1
echo "> Post install Yunohost" | tee -a "$LOG_BUILD_LXC" echo "> Post install Yunohost" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost tools postinstall --domain $DOMAIN --password $YUNO_PWD" | tee -a "$LOG_BUILD_LXC" 2>&1 ssh $ARG_SSH $LXC_NAME1 "sudo yunohost tools postinstall --domain $DOMAIN --password $YUNO_PWD" | tee -a "$LOG_BUILD_LXC" 2>&1
USER_DEMO_CLEAN=${USER_DEMO//"_"/""} USER_DEMO_CLEAN=${USER_DEMO//"_"/""}
echo "> Ajout de l'utilisateur de test" | tee -a "$LOG_BUILD_LXC" echo "> Ajout de l'utilisateur de test" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost user create --firstname \"$USER_DEMO_CLEAN\" --mail \"$USER_DEMO_CLEAN@$DOMAIN\" --lastname \"$USER_DEMO_CLEAN\" --password \"$PASSWORD_DEMO\" \"$USER_DEMO\" --admin-password=\"$YUNO_PWD\"" ssh $ARG_SSH $LXC_NAME1 "sudo yunohost user create --firstname \"$USER_DEMO_CLEAN\" --mail \"$USER_DEMO_CLEAN@$DOMAIN\" --lastname \"$USER_DEMO_CLEAN\" --password \"$PASSWORD_DEMO\" \"$USER_DEMO\" --admin-password=\"$YUNO_PWD\""
echo -e "\n> Vérification de l'état de Yunohost" | tee -a "$LOG_BUILD_LXC" echo -e "\n> Vérification de l'état de Yunohost" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost -v" | tee -a "$LOG_BUILD_LXC" 2>&1 ssh $ARG_SSH $LXC_NAME1 "sudo yunohost -v" | tee -a "$LOG_BUILD_LXC" 2>&1
echo "> Arrêt de la machine virtualisée" | tee -a "$LOG_BUILD_LXC" echo "> Arrêt de la machine virtualisée" | tee -a "$LOG_BUILD_LXC"
sudo lxc-stop -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-stop -n $LXC_NAME1 >> "$LOG_BUILD_LXC" 2>&1
echo "> Suppression des règles de parefeu" | tee -a "$LOG_BUILD_LXC" echo "> Suppression des règles de parefeu" | tee -a "$LOG_BUILD_LXC"
sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
@ -130,8 +131,11 @@ sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUI
sudo ifdown --force lxc_demo >> "$LOG_BUILD_LXC" 2>&1 sudo ifdown --force lxc_demo >> "$LOG_BUILD_LXC" 2>&1
echo "> Création d'un snapshot" | tee -a "$LOG_BUILD_LXC" echo "> Création d'un snapshot" | tee -a "$LOG_BUILD_LXC"
sudo lxc-snapshot -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-snapshot -n $LXC_NAME1 >> "$LOG_BUILD_LXC" 2>&1
# Il sera nommé snap0 et stocké dans /var/lib/lxcsnaps/$LXC_NAME/snap0/ # Il sera nommé snap0 et stocké dans /var/lib/lxcsnaps/$LXC_NAME1/snap0/
echo "> Clone la machine" | tee -a "$LOG_BUILD_LXC"
sudo sudo lxc-clone -o $LXC_NAME1 -n $LXC_NAME2 >> "$LOG_BUILD_LXC" 2>&1
echo "> Mise en place du reverse proxy" | tee -a "$LOG_BUILD_LXC" echo "> Mise en place du reverse proxy" | tee -a "$LOG_BUILD_LXC"
echo | sudo tee /etc/nginx/conf.d/$DOMAIN.conf <<EOF echo | sudo tee /etc/nginx/conf.d/$DOMAIN.conf <<EOF
@ -154,9 +158,9 @@ server {
server_name $DOMAIN; server_name $DOMAIN;
location / { location / {
proxy_pass https://10.1.4.3; proxy_pass https://$IP_LXC;
proxy_redirect off; proxy_redirect off;
proxy_set_header Host \$host; proxy_set_header Host \$host;c
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-Proto \$scheme; proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;

35
demo_start.sh Executable file
View file

@ -0,0 +1,35 @@
#!/bin/bash
# Récupère le dossier du script
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi
PLAGE_IP=$(cat "$script_dir/demo_lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
LXC_NAME=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME1= | cut -d '"' -f2)
"./$script_dir/demo_stop.sh"
echo "Initialisation du réseau pour le conteneur."
if ! sudo ifquery lxc_demo --state > /dev/null; then
sudo ifup lxc_demo --interfaces=/etc/network/interfaces.d/lxc_demo
fi
# Activation des règles iptables
echo "> Configure le parefeu"
if ! sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT 2> /dev/null; then
sudo iptables -A FORWARD -i lxc_demo -o eth0 -j ACCEPT
fi
if ! sudo iptables -C FORWARD -i eth0 -o lxc_demo -j ACCEPT 2> /dev/null; then
sudo iptables -A FORWARD -i eth0 -o lxc_demo -j ACCEPT
fi
if ! sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null; then
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
fi
# Démarrage de la machine
echo "> Démarrage de la machine"
sudo lxc-start -n $LXC_NAME -d
sleep 3
# Vérifie que la machine a démarré:
sudo lxc-ls -f

36
demo_stop.sh Executable file
View file

@ -0,0 +1,36 @@
#!/bin/bash
# Récupère le dossier du script
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi
PLAGE_IP=$(cat "$script_dir/demo_lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
LXC_NAME1=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME1= | cut -d '"' -f2)
LXC_NAME2=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME2= | cut -d '"' -f2)
echo "> Arrêt de la machine virtualisée"
if [ $(sudo lxc-info --name $LXC_NAME1 | grep -c "STOPPED") -eq 0 ]; then
echo "Arrêt du conteneur $LXC_NAME1"
sudo lxc-stop -n $LXC_NAME1
fi
if [ $(sudo lxc-info --name $LXC_NAME2 | grep -c "STOPPED") -eq 0 ]; then
echo "Arrêt du conteneur $LXC_NAME2"
sudo lxc-stop -n $LXC_NAME2
fi
echo "> Suppression des règles de parefeu"
if sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT 2> /dev/null; then
sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT
fi
if sudo iptables -C FORWARD -i eth0 -o lxc_demo -j ACCEPT 2> /dev/null; then
sudo iptables -D FORWARD -i eth0 -o lxc_demo -j ACCEPT
fi
if sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null; then
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
fi
echo "Arrêt de l'interface réseau pour le conteneur."
if sudo ifquery lxc_demo --state > /dev/null; then
sudo ifdown --force lxc_demo
fi
sudo lxc-ls -f

36
demo_switch.sh Executable file
View file

@ -0,0 +1,36 @@
#!/bin/bash
# Récupère le dossier du script
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi
PLAGE_IP=$(cat "$script_dir/demo_lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
LXC_NAME1=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME1= | cut -d '"' -f2)
LXC_NAME2=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME2= | cut -d '"' -f2)
# Vérifie l'état des machines.
if [ $(sudo lxc-info --name $LXC_NAME1 | grep -c "STOPPED") -eq 0 ]; then # Si la machine 1 est démarrée.
LXC_A=$LXC_NAME1
LXC_B=$LXC_NAME2
else # Sinon, on suppose que c'est la machine 2 qui est en cours.
LXC_A=$LXC_NAME2
LXC_B=$LXC_NAME1
# Si aucune machine ne tourne, la première démarrera.
fi
# Démarre le conteneur B et arrête le conteneur A.
sudo lxc-start -n $LXC_B -d # Démarre l'autre machine
sleep 10 # Attend 10 seconde pour s'assurer du démarrage de la machine.
if [ $(sudo lxc-info --name $LXC_B | grep -c "STOPPED") -ne 0 ]; then
# Le conteneur n'a pas réussi à démarrer. On devrait avertir un responsable par mail...
# [...]
return 1
else
# Bascule sur le conteneur B avec HAProxy...
# [...]
# Arrêt du conteneur A. Il est remplacé par le B
sudo lxc-stop -n $LXC_A
# Restaure le snapshot de la machine A avant sa prochaine exécution
# sudo rsync -aEAX --delete -i /var/lib/lxcsnaps/$LXC_A/snap0/rootfs/ /var/lib/lxc/$LXC_A/rootfs/
sudo lxc-snapshot -r snap0 $LXC_A
fi

65
demo_upgrade.sh Executable file
View file

@ -0,0 +1,65 @@
#!/bin/bash
# Récupère le dossier du script
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$PWD/$(dirname "$0" | cut -d '.' -f2)"; fi
PLAGE_IP=$(cat "$script_dir/demo_lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
LXC_NAME1=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME1= | cut -d '"' -f2)
LXC_NAME2=$(cat "$script_dir/demo_lxc_build.sh" | grep LXC_NAME2= | cut -d '"' -f2)
UPGRADE_DEMO_CONTAINER () { # Démarrage, upgrade et snapshot
MACHINE=$1
# Attend que la machine soit éteinte.
sudo lxc-wait -n $MACHINE -s STOPPED #-t 2000 (Timeout à 33 minutes, puisque le swith est à 30 minutes)
# Restaure le snapshot
sudo lxc-snapshot -r snap0 $MACHINE
# Démarre le conteneur
sudo lxc-start -n $MACHINE -d
sleep 10
# Update
sudo lxc-attach -n $MACHINE -- apt-get update
sudo lxc-attach -n $MACHINE -- apt-get dist-upgrade --dry-run | grep -q "^Inst " # Vérifie si il y aura des mises à jour.
update_apt=0
if [ "$?" -eq 0 ]; then
update_apt=1
fi
# Upgrade
sudo lxc-attach -n $MACHINE -- apt-get dist-upgrade
# Clean
sudo lxc-attach -n $MACHINE -- apt-get autoremove
sudo lxc-attach -n $MACHINE -- apt-get autoclean
# Arrêt de la machine virtualisée
sudo lxc-stop -n $MACHINE
if [ "$update_apt" -eq 1 ]
then
# Archivage du snapshot
sudo tar -cz --acls --xattrs -f /var/lib/lxcsnaps/$MACHINE/snap0.tar.gz /var/lib/lxcsnaps/$MACHINE/snap0
# Remplacement du snapshot
sudo lxc-snapshot -n $MACHINE -d snap0
sudo lxc-snapshot -n $MACHINE
fi
}
# Initialisation du réseau pour le conteneur.
if ! sudo ifquery lxc_demo --state > /dev/null; then
sudo ifup lxc_demo --interfaces=/etc/network/interfaces.d/lxc_demo
fi
# Activation des règles iptables
if ! sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT 2> /dev/null; then
sudo iptables -A FORWARD -i lxc_demo -o eth0 -j ACCEPT
fi
if ! sudo iptables -C FORWARD -i eth0 -o lxc_demo -j ACCEPT 2> /dev/null; then
sudo iptables -A FORWARD -i eth0 -o lxc_demo -j ACCEPT
fi
if ! sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null; then
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
fi
UPGRADE_DEMO_CONTAINER $LXC_NAME1
UPGRADE_DEMO_CONTAINER $LXC_NAME2

21
start_demo.sh
View file

@ -1,21 +0,0 @@
#!/bin/bash
PLAGE_IP="10.1.4"
LXC_NAME=yunohost_demo
echo "Initialisation du réseau pour le conteneur."
sudo ifup lxc_demo --interfaces=/etc/network/interfaces.d/lxc_demo
# Activation des règles iptables
echo "> Configure le parefeu"
sudo iptables -A FORWARD -i lxc_demo -o eth0 -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o lxc_demo -j ACCEPT
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
# Démarrage de la machine
echo "> Démarrage de la machine"
sudo lxc-start -n $LXC_NAME -d
sleep 3
# Vérifie que la machine a démarré:
sudo lxc-ls -f

15
stop_demo.sh
View file

@ -1,15 +0,0 @@
#!/bin/bash
PLAGE_IP="10.1.4"
LXC_NAME=yunohost_demo
echo "> Arrêt de la machine virtualisée"
sudo lxc-stop -n $LXC_NAME
echo "> Suppression des règles de parefeu"
sudo iptables -D FORWARD -i lxc_demo -o eth0 -j ACCEPT
sudo iptables -D FORWARD -i eth0 -o lxc_demo -j ACCEPT
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
echo "Arrêt de l'interface réseau pour le conteneur."
sudo ifdown --force lxc_demo