Remove docker-preloader module and test
This commit is contained in:
parent
46e31c701f
commit
8595a0d6b9
@ -1,134 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
with builtins;
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.virtualisation;
|
|
||||||
|
|
||||||
sanitizeImageName = image: replaceStrings ["/"] ["-"] image.imageName;
|
|
||||||
hash = drv: head (split "-" (baseNameOf drv.outPath));
|
|
||||||
# The label of an ext4 FS is limited to 16 bytes
|
|
||||||
labelFromImage = image: substring 0 16 (hash image);
|
|
||||||
|
|
||||||
# The Docker image is loaded and some files from /var/lib/docker/
|
|
||||||
# are written into a qcow image.
|
|
||||||
preload = image: pkgs.vmTools.runInLinuxVM (
|
|
||||||
pkgs.runCommand "docker-preload-image-${sanitizeImageName image}" {
|
|
||||||
buildInputs = with pkgs; [ docker e2fsprogs utillinux curl kmod ];
|
|
||||||
preVM = pkgs.vmTools.createEmptyImage {
|
|
||||||
size = cfg.dockerPreloader.qcowSize;
|
|
||||||
fullName = "docker-deamon-image.qcow2";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
''
|
|
||||||
mkfs.ext4 /dev/vda
|
|
||||||
e2label /dev/vda ${labelFromImage image}
|
|
||||||
mkdir -p /var/lib/docker
|
|
||||||
mount -t ext4 /dev/vda /var/lib/docker
|
|
||||||
|
|
||||||
modprobe overlay
|
|
||||||
|
|
||||||
# from https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
|
|
||||||
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
|
|
||||||
cd /sys/fs/cgroup
|
|
||||||
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
|
|
||||||
mkdir -p $sys
|
|
||||||
if ! mountpoint -q $sys; then
|
|
||||||
if ! mount -n -t cgroup -o $sys cgroup $sys; then
|
|
||||||
rmdir $sys || true
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
dockerd -H tcp://127.0.0.1:5555 -H unix:///var/run/docker.sock &
|
|
||||||
|
|
||||||
until $(curl --output /dev/null --silent --connect-timeout 2 http://127.0.0.1:5555); do
|
|
||||||
printf '.'
|
|
||||||
sleep 1
|
|
||||||
done
|
|
||||||
|
|
||||||
docker load -i ${image}
|
|
||||||
|
|
||||||
kill %1
|
|
||||||
find /var/lib/docker/ -maxdepth 1 -mindepth 1 -not -name "image" -not -name "overlay2" | xargs rm -rf
|
|
||||||
'');
|
|
||||||
|
|
||||||
preloadedImages = map preload cfg.dockerPreloader.images;
|
|
||||||
|
|
||||||
in
|
|
||||||
|
|
||||||
{
|
|
||||||
options.virtualisation.dockerPreloader = {
|
|
||||||
images = mkOption {
|
|
||||||
default = [ ];
|
|
||||||
type = types.listOf types.package;
|
|
||||||
description =
|
|
||||||
''
|
|
||||||
A list of Docker images to preload (in the /var/lib/docker directory).
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
qcowSize = mkOption {
|
|
||||||
default = 1024;
|
|
||||||
type = types.int;
|
|
||||||
description =
|
|
||||||
''
|
|
||||||
The size (MB) of qcow files.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf (cfg.dockerPreloader.images != []) {
|
|
||||||
assertions = [{
|
|
||||||
# If docker.storageDriver is null, Docker choose the storage
|
|
||||||
# driver. So, in this case, we cannot be sure overlay2 is used.
|
|
||||||
assertion = cfg.docker.storageDriver == "overlay2"
|
|
||||||
|| cfg.docker.storageDriver == "overlay"
|
|
||||||
|| cfg.docker.storageDriver == null;
|
|
||||||
message = "The Docker image Preloader only works with overlay2 storage driver!";
|
|
||||||
}];
|
|
||||||
|
|
||||||
virtualisation.qemu.options =
|
|
||||||
map (path: "-drive if=virtio,file=${path}/disk-image.qcow2,readonly,media=cdrom,format=qcow2")
|
|
||||||
preloadedImages;
|
|
||||||
|
|
||||||
|
|
||||||
# All attached QCOW files are mounted and their contents are linked
|
|
||||||
# to /var/lib/docker/ in order to make image available.
|
|
||||||
systemd.services.docker-preloader = {
|
|
||||||
description = "Preloaded Docker images";
|
|
||||||
wantedBy = ["docker.service"];
|
|
||||||
after = ["network.target"];
|
|
||||||
path = with pkgs; [ mount rsync jq ];
|
|
||||||
script = ''
|
|
||||||
mkdir -p /var/lib/docker/overlay2/l /var/lib/docker/image/overlay2
|
|
||||||
echo '{}' > /tmp/repositories.json
|
|
||||||
|
|
||||||
for i in ${concatStringsSep " " (map labelFromImage cfg.dockerPreloader.images)}; do
|
|
||||||
mkdir -p /mnt/docker-images/$i
|
|
||||||
|
|
||||||
# The ext4 label is limited to 16 bytes
|
|
||||||
mount /dev/disk/by-label/$(echo $i | cut -c1-16) -o ro,noload /mnt/docker-images/$i
|
|
||||||
|
|
||||||
find /mnt/docker-images/$i/overlay2/ -maxdepth 1 -mindepth 1 -not -name l\
|
|
||||||
-exec ln -s '{}' /var/lib/docker/overlay2/ \;
|
|
||||||
cp -P /mnt/docker-images/$i/overlay2/l/* /var/lib/docker/overlay2/l/
|
|
||||||
|
|
||||||
rsync -a /mnt/docker-images/$i/image/ /var/lib/docker/image/
|
|
||||||
|
|
||||||
# Accumulate image definitions
|
|
||||||
cp /tmp/repositories.json /tmp/repositories.json.tmp
|
|
||||||
jq -s '.[0] * .[1]' \
|
|
||||||
/tmp/repositories.json.tmp \
|
|
||||||
/mnt/docker-images/$i/image/overlay2/repositories.json \
|
|
||||||
> /tmp/repositories.json
|
|
||||||
done
|
|
||||||
|
|
||||||
mv /tmp/repositories.json /var/lib/docker/image/overlay2/repositories.json
|
|
||||||
'';
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -264,7 +264,6 @@ in
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../profiles/qemu-guest.nix
|
../profiles/qemu-guest.nix
|
||||||
./docker-preloader.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
@ -79,7 +79,6 @@ in
|
|||||||
docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
|
docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
|
||||||
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
|
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
|
||||||
docker-edge = handleTestOn ["x86_64-linux"] ./docker-edge.nix {};
|
docker-edge = handleTestOn ["x86_64-linux"] ./docker-edge.nix {};
|
||||||
docker-preloader = handleTestOn ["x86_64-linux"] ./docker-preloader.nix {};
|
|
||||||
docker-registry = handleTest ./docker-registry.nix {};
|
docker-registry = handleTest ./docker-registry.nix {};
|
||||||
docker-tools = handleTestOn ["x86_64-linux"] ./docker-tools.nix {};
|
docker-tools = handleTestOn ["x86_64-linux"] ./docker-tools.nix {};
|
||||||
docker-tools-overlay = handleTestOn ["x86_64-linux"] ./docker-tools-overlay.nix {};
|
docker-tools-overlay = handleTestOn ["x86_64-linux"] ./docker-tools-overlay.nix {};
|
||||||
|
@ -1,28 +0,0 @@
|
|||||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
|
||||||
name = "docker-preloader";
|
|
||||||
meta = with pkgs.stdenv.lib.maintainers; {
|
|
||||||
maintainers = [ lewo ];
|
|
||||||
broken = true; # fails with "read-only file system" error
|
|
||||||
};
|
|
||||||
|
|
||||||
nodes = {
|
|
||||||
docker =
|
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
virtualisation.dockerPreloader.images = [ pkgs.dockerTools.examples.nix pkgs.dockerTools.examples.bash ];
|
|
||||||
|
|
||||||
services.openssh.enable = true;
|
|
||||||
services.openssh.permitRootLogin = "yes";
|
|
||||||
services.openssh.extraConfig = "PermitEmptyPasswords yes";
|
|
||||||
users.extraUsers.root.password = "";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
testScript = ''
|
|
||||||
start_all()
|
|
||||||
|
|
||||||
docker.wait_for_unit("sockets.target")
|
|
||||||
docker.succeed("docker run nix nix-store --version")
|
|
||||||
docker.succeed("docker run bash bash --version")
|
|
||||||
'';
|
|
||||||
})
|
|
Loading…
Reference in New Issue
Block a user