contrib: Organize dnsmasq ACI and Docker under contrib

Documentation/physical-hardware.md

@@ -29,9 +29,7 @@ Note, the kernel options in the `Spec` [examples](../examples) reference 172.17.
 
 Your network may already have a configurable PXE or iPXE server, configurable DHCP, a DHCP server you cannot modify, or no DHCP server at all. We'll show how to setup each network environment to talk to `bootcfg`, depending on your circumstances.
 
-The [quay.io/coreos/dnsmasq](https://quay.io/repository/coreos/dnsmasq) image can be used to run DHCP, proxy DHCP, and TFTP. It can be built from the [dockerfiles](../dockerfiles/dnsmasq) or pulled from Quay.
-
-    docker pull quay.io/coreos/dnsmasq
+Otherwise create a PXE, iPXE, or Pixiecore network boot environment using the CoreOS [dnsmasq](../contrib/dnsmasq) container image which can run DHCP, proxyDHCP, TFTP, and/or DNS with `dnsmasq`. Use `--net=host` to run the services on the host and use `--dhcp-boot` to point clients to the config service.
 
 ### Configurable iPXE
 

Documentation/rkt.md

@@ -61,8 +61,8 @@ In your firewall settings, configure the `metal0` interface as trusted.
 
 Build an dnsmasq ACI and run it to create a DNS server, TFTP server, and DHCP server which points network boot clients to the config server started above.
 
-    cd contrib
-    sudo ./acifile
+    cd contrib/dnsmasq
+    sudo ./build-aci
 
 Run `dnsmasq.aci` to create a DHCP and TFTP server pointing to config server.
 

Documentation/virtual-hardware.md

@@ -22,11 +22,7 @@ Note, the kernel options in the `Spec` [examples](../examples) reference 172.17.
 
 ## Network Setups
 
-We'll show how to setup PXE, iPXE, or Pixiecore network boot environments on the `docker0` bridge and configure them to use `bootcfg`.
-
-The [quay.io/coreos/dnsmasq](https://quay.io/repository/coreos/dnsmasq) image can be used to run DHCP, proxyDHCP, and TFTP. It can be built from the [dockerfiles](../dockerfiles/dnsmasq) or pulled from Quay.
-
-    docker pull quay.io/coreos/dnsmasq
+Create a PXE, iPXE, or Pixiecore network boot environment using the CoreOS [dnsmasq](../contrib/dnsmasq) container image which can run DHCP, proxyDHCP, TFTP, and/or DNS with `dnsmasq`. Use `--net` to specify a virtual bridge and `--dhcp-boot` to point clients to the config service.
 
 ### PXE
 

contrib/.gitignore

@@ -1,2 +0,0 @@
-tftpboot
-dnsmasq.aci

contrib/dnsmasq/.gitignore

@@ -0,0 +1,2 @@
+tftpboot
+*.aci

contrib/dnsmasq/README.md

@@ -0,0 +1,58 @@
+
+# dnsmasq
+
+[![Docker Repository on Quay](https://quay.io/repository/coreos/dnsmasq/status "Docker Repository on Quay")](https://quay.io/repository/coreos/dnsmasq)
+
+`dnsmasq` provides an App Container Image (ACI) or Docker image for running DHCP, proxy DHCP, DNS, and/or TFTP with [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) in a container/pod. Use it to test different network setups with clusters of network bootable machines.
+
+The image bundles `undionly.kpxe` which chainloads PXE clients to iPXE.
+
+## Usage
+
+Build the ACI as described below. Run the ACI with [rkt](https://github.com/coreos/rkt).
+
+    sudo rkt --insecure-options=image run dnsmasq.aci
+
+Press ^] three times to kill the container.
+
+Alternately, Docker can be used.
+
+    docker pull quay.io/coreos/dnsmasq
+    docker run quay.io/coreos/dnsmasq --cap-add=NET_ADMIN
+
+## Configuration Flags
+
+Configuration arguments can be provided as arguments. Check the dnsmasq [man pages]](http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html) for a complete list, but here are some important options.
+
+| flag     | description | example |
+|----------|-------------|---------|
+| -dhcp-range | Enable DHCP, lease given range | `172.15,0.50,172.15.0.99`, `192.168.1.1,proxy,255.255.255.0` |
+| --dhcp-boot | DHCP next server option | `http://bootcfg.foo:8080/boot.ipxe` |
+| --enable-tftp | Enable serving from tftp-root over TFTP | NA |
+| --address | IP address for a domain name | /bootcfg.foo/172.15.0.2 |
+
+## ACI
+
+Build a `dnsmasq` ACI with the build script which uses [acbuild](https://github.com/appc/acbuild).
+
+    cd contrib/dnsmasq
+    ./build-aci
+
+Run `dnsmasq.aci` with rkt to run DHCP/proxyDHCP/TFTP/DNS services.
+
+DHCP+TFTP+DNS on the `metal0` bridge:
+
+    sudo rkt --insecure-options=image run dnsmasq.aci --net=metal0 -- -d -q --dhcp-range=172.15.0.50,172.15.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.15.0.1 --address=/bootcfg.foo/172.15.0.2
+
+## Docker
+
+Build a Docker image locally using the tag `latest`.
+
+    cd contrib/dnsmasq
+    sudo ./build-docker
+
+Run the Docker image to run DHCP/proxyDHCP/TFTP/DNS services.
+
+DHCP+TFTP+DNS on the `docker0` bridge:
+
+    sudo docker run --rm --cap-add=NET_ADMIN quay.io/coreos/dnsmasq -d -q --dhcp-range=172.17.0.43,172.17.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.17.0.1 --address=/bootcfg.foo/172.17.0.2

contrib/dnsmasq/build-aci

@@ -1,11 +1,12 @@
-#!/usr/bin/bash -e
+#!/usr/bin/env bash
+set -e
 
 if [ "$EUID" -ne 0 ]; then
   echo "Please run as root"
   exit 1
 fi
 
-# Start the build with an empty ACI
+# Start with an empty ACI
 acbuild --debug begin
 
 # In the event of the script exiting, end the build
@@ -14,14 +15,14 @@ trap "{ export EXT=$?; acbuild --debug end && exit $EXT; }" EXIT
 # Name the ACI
 acbuild --debug set-name coreos/dnsmasq
 
-# Based on alpine
+# Add alpine base dependency
 acbuild --debug dep add quay.io/coreos/alpine-sh
 
 # Install dnsmasq and curl
 acbuild --debug run apk update
 acbuild --debug run apk add dnsmasq curl
 
-# Get the PXE->iPXE chainloader
+# Copy the PXE->iPXE chainloader
 if [ ! -d "tftpboot" ]; then
   mkdir tftpboot
   curl -s -o tftpboot/undionly.kpxe http://boot.ipxe.org/undionly.kpxe
@@ -29,18 +30,15 @@ if [ ! -d "tftpboot" ]; then
 fi
 acbuild --debug copy tftpboot /var/lib/tftpboot
 
-# Add a port for dhcp discover traffic
+# Add DHCP and DNS ports for dnsmasq
 acbuild --debug port add dhcp udp 67
-acbuild --debug port add dhcp udp 53
+acbuild --debug port add dns udp 53
 
 # Elevate network admin capabilities
-echo "{\"set\": [\"CAP_NET_ADMIN\"]}" | acbuild isolator add os/linux/capabilities-retain-set -
+echo "{\"set\": [\"CAP_NET_ADMIN\"]}" | acbuild --debug isolator add os/linux/capabilities-retain-set -
 
-# Run dnsmasq
+# Set the exec command
 acbuild --debug set-exec -- /usr/sbin/dnsmasq -d
 
-# Check that the manifest looks ok
-acbuild --debug cat-manifest
-
-# Save the ACI
+# Save and override any older ACI
 acbuild --debug write --overwrite dnsmasq.aci

dockerfiles/dnsmasq/README.md

@@ -1,21 +0,0 @@
-
-# coreos/dnsmasq
-
-[coreos/dnsmasq](https://quay.io/repository/coreos/dnsmasq) is a convenience entrypoint to [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) for running DHCP, proxy DHCP, and TFTP without making changes to the host `/etc/dnsmasq.conf`.
-
-The image bundles `undionly.kpxe` which chainloads PXE clients to iPXE.
-
-## Usage
-
-Build the image
-
-    cd dockerfiles/dnsmasq
-    ./docker-build
-
-Run `dnsmasq` on a host in proxyDHCP mode to chainload iPXE.
-
-    docker run --net=host --rm --cap-add=NET_ADMIN coreos/dnsmasq -d -i enp0s25 --dhcp-range=192.168.86.0,proxy,255.255.255.0 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --pxe-service=tag:#ipxe,x86PC,"PXE chainload to iPXE",undionly.kpxe
-
-
-
-