host networking, ssh port, server paramter

The start.sh script starts the container with host networking
as default. With bridged networking does nfs export from
the container does not work, due to conflicts in the rpc
port 111

The ssh port can be configured ad container start with
SSH_PORT container environment variable. This allows to
login to the container it is started with host networking.
ssh -p $SSH_PORT localhost

Bug-fix : The start-up script forwards the https port
to the server now.

handling SIGTERM added to docker entrypoint to stop nfs-server

A signal handler for SIGTERM has been added to the docker
entrypoint script.
The handler stops the nfs-server to avoid the hanging nfs
processed after stopping the container.
The handler exits with 0, which speeds up the container
stopping.

Change-Id: I8c5f31f2d0bc1b35876b0d42f0d9390dc3375e62
Signed-off-by: Ralf Mueller <ralf.1.mueller@nokia.com>

diff --git a/docker-build/remote-installer/Dockerfile b/docker-build/remote-installer/Dockerfile
index 38626eb..98f6ceb 100644 (file)
--- a/docker-build/remote-installer/Dockerfile
+++ b/docker-build/remote-installer/Dockerfile
@@ -29,7 +29,8 @@ CLIENT_CERT="clientcert.pem" \
 CLIENT_KEY="clientkey.pem" \
 SERVER_CERT="servercert.pem" \
 SERVER_KEY="serverkey.pem" \
-INSTALLER_MOUNT="/opt/remoteinstaller"
+INSTALLER_MOUNT="/opt/remoteinstaller" \
+SSH_PORT="22"
 
 ENV IMAGES_STORE="$INSTALLER_MOUNT/images"
 ENV IMAGES_HTML="/var/www/lighttpd/images"
@@ -96,17 +97,24 @@ RUN mkdir -p "$SCRIPTS_DIR" \
 
 COPY src/scripts/get_journals.sh src/scripts/print_hosts.py "$SCRIPTS_DIR"/
 
-RUN echo '#!/bin/bash' >>$STARTUP \
+RUN echo '#!/bin/bash -x' >>$STARTUP \
+&& echo "function handle_sigterm() {" >>$STARTUP \
+&& echo -e "  echo Stopping nfs-server" >>$STARTUP \
+&& echo -e "  systemctl stop nfs-server" >>$STARTUP \
+&& echo -e "  exit 0" >>$STARTUP \
+&& echo "}" >>$STARTUP \
+&& echo "trap 'handle_sigterm' 15" >>$STARTUP \
 && echo 'printenv >/etc/remoteinstaller/environment' >>$STARTUP \
-&& echo mkdir /run/systemd/system >>$STARTUP \
-&& echo nohup /usr/lib/systemd/systemd --system '&>/dev/null &' >>$STARTUP \
+&& echo 'mkdir /run/systemd/system' >>$STARTUP \
+&& echo 'nohup /usr/lib/systemd/systemd --system' '&>/dev/null &' >>$STARTUP \
 && echo "echo -e \"\$PW\n\$PW\n\n\" |passwd" >>$STARTUP \
 && echo mount -o bind "$IMAGES_STORE" "$IMAGES_HTML" >>$STARTUP \
 && echo 'sed -i "s/server.port = 80/server.port = $HTTPS_PORT/" /etc/lighttpd/lighttpd.conf' >>$STARTUP \
+&& echo 'sed -i "s/.*Port 22/Port $SSH_PORT/" /etc/ssh/sshd_config' >>$STARTUP \
 # && echo "echo \\\$SERVER[\\\"sockets\\\"] == \\\"0.0.0.0:\$HTTPS_PORT {}\\\" >> /etc/lighttpd/lighttpd.conf" >>$STARTUP \
 && echo python /lib/python2.7/site-packages/remoteinstaller-1.0-py2.7.egg/remoteinstaller/server/server.py \
-   -H \$API_LISTEN_ADDR -P \$API_PORT -S \$HOST_ADDR \
-   -C \$SERVER_CERT -K \$SERVER_KEY -c \$CLIENT_CERT -k \$CLIENT_KEY -A \$CA_CERT -d \
+   -H \$API_LISTEN_ADDR -P \$API_PORT -S \$HOST_ADDR -T \$HTTPS_PORT \
+   -C \$SERVER_CERT -K \$SERVER_KEY -c \$CLIENT_CERT -k \$CLIENT_KEY -A \$CA_CERT -d \& \
    >>$STARTUP \
 && echo 'while [ false ]; do sleep 5 ;done' >>$STARTUP  \
 && chmod +x $STARTUP

diff --git a/scripts/start.sh b/scripts/start.sh
index 1e3a6fe..d19af58 100755 (executable)
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -22,6 +22,7 @@ BASE_DIR=""
 CONT_NAME="remote-installer"
 EXT_IP=""
 HTTPS_PORT="443"
+SSH_PORT="22222"
 IMG_NAME="remote-installer"
 ROOT_PW="root"
 
@@ -37,15 +38,17 @@ help()
     echo -e "$(basename $0) [-h -a <api-port> -c <cont> -i <image> -r <pw> -s <https-port> ] -b <basedir> -e <ip-addr>"
     echo -e "   -h  display this help"
     echo -e "   -a  rest API port, default $API_PORT"
-    echo -e "   -c  container name, default $CONT_NAME"
     echo -e "   -b  base directory, which contains images, certificates, etc."
+    echo -e "   -c  container name, default $CONT_NAME"
+    echo -e "   -d  use docker bridged networking, default host"
     echo -e "   -e  external ip address of  the docker"
-    echo -e "   -i  secure https port, default $IMG_NAME"
+    echo -e "   -i  image name, default $IMG_NAME"
+    echo -e "   -l  login port for ssh, default $SSH_NAME"
     echo -e "   -p  root password, default $ROOT_PW"
     echo -e "   -s  secure https port, default $HTTPS_PORT"
 }
 
-while getopts "ha:b:e:s:c:p:i:" arg; do
+while getopts "ha:b:de:l:s:c:p:i:" arg; do
     case $arg in
         h)
             help
@@ -72,6 +75,12 @@ while getopts "ha:b:e:s:c:p:i:" arg; do
         p)
             ROOT_PW="$OPTARG"
             ;;
+        l)
+            SSH_PORT="$OPTARG"
+            ;;
+        d)
+            DOCKER_BRIDGE="YES"
+            ;;
         *)
             error "Unknow argument!" showhelp
             ;;
@@ -81,14 +90,34 @@ done
 [ -n "$EXT_IP" ] || error "No external IP defined!" showhelp
 [ -n "$BASE_DIR" ] || error "No base directory defined!" showhelp
 
-cont_id="$(docker run --detach --rm --privileged \
-     --env API_PORT="$API_PORT" \
-     --env HOST_ADDR="$EXT_IP" \
-     --env HTTPS_PORT="$HTTPS_PORT" \
-     --env PW="$ROOT_PW" \
-     --volume "$BASE_DIR":/opt/remoteinstaller --publish "$HTTPS_PORT":"$HTTPS_PORT" -p 2049:2049 -p "$API_PORT":"$API_PORT" --name "$CONT_NAME" "$IMG_NAME")" \
-       || error "failed to start container"
+DOCKER_ENV="--env API_PORT=$API_PORT \
+        --env HOST_ADDR=$EXT_IP \
+        --env HTTPS_PORT=$HTTPS_PORT \
+        --env PW=$ROOT_PW \
+        --env SSH_PORT=$SSH_PORT "
+
+
+if [ -n "$DOCKER_BRIDGE" ]
+then
+    echo -e "Start container with bridged networking..."
+    cont_id="$(docker run --detach --rm --privileged \
+        $DOCKER_ENV \
+        --network=bridge \
+        --volume "$BASE_DIR":/opt/remoteinstaller \
+        --publish "$HTTPS_PORT":"$HTTPS_PORT" --publish 2049:2049 --publish "$API_PORT":"$API_PORT" \
+        --name "$CONT_NAME" "$IMG_NAME")" \
+        || error "failed to start container"
+    echo -e "IP : $(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$cont_id")"
 
+else
+    echo -e "Start container with host networking..."
+    cont_id="$(docker run --detach --rm --privileged \
+        $DOCKER_ENV \
+        --network=host \
+        --volume "$BASE_DIR":/opt/remoteinstaller \
+        --name "$CONT_NAME" "$IMG_NAME")" \
+        || error "failed to start container"
+fi
 echo -e "Container successfully started"
 echo -e "ID : $cont_id"
-echo -e "IP : $(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$cont_id")"
+echo -e "Using ssh port : $SSH_PORT"