github-personal/matchbox
1
0
Fork 0
mirror of https://github.com/outbackdingo/matchbox.git synced 2026-01-27 10:19:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

contrib/dnsmasq: Add dnsmasq Makefile, v0.4.0 bump

Browse Source 
* Add grub.efi to get-tftp-files script. This matches prior
dnsmasq images, but was not part of a repeatable build
* Switch rkt run examples to pull from quay.io
* Remove script using acbuild to create ACIs
This commit is contained in:
Dalton Hubble
2017-04-18 00:16:17 -07:00
parent c66360bee0
commit d2fdc8bfab
6 changed files with 64 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
contrib/dnsmasq/Makefile Normal file
View File

@@ -0,0 +1,23 @@
VERSION=v0.4.0
IMAGE_REPO=coreos/dnsmasq
QUAY_REPO=quay.io/coreos/dnsmasq
.PHONY: all
all: docker-image
.PHONY: undionly
undionly:
@./get-tftp-files
.PHONY: docker-image
docker-image: undionly
sudo docker build --rm=true -t $(IMAGE_REPO):$(VERSION) .
sudo docker tag $(IMAGE_REPO):$(VERSION) $(IMAGE_REPO):latest
.PHONY: docker-push
docker-push:
@sudo docker tag $(IMAGE_REPO):$(VERSION) $(QUAY_REPO):latest
@sudo docker tag $(IMAGE_REPO):$(VERSION) $(QUAY_REPO):$(VERSION)
@sudo docker push $(QUAY_REPO):latest
@sudo docker push $(QUAY_REPO):$(VERSION)

72
contrib/dnsmasq/README.md
View File

@@ -1,30 +1,44 @@
# dnsmasq [![Docker Repository on Quay](https://quay.io/repository/coreos/dnsmasq/status "Docker Repository on Quay")](https://quay.io/repository/coreos/dnsmasq)
# dnsmasq
[![Docker Repository on Quay](https://quay.io/repository/coreos/dnsmasq/status "Docker Repository on Quay")](https://quay.io/repository/coreos/dnsmasq)
`dnsmasq` provides an App Container Image (ACI) or Docker image for running DHCP, proxy DHCP, DNS, and/or TFTP with [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) in a container/pod. Use it to test different network setups with clusters of network bootable machines.
`dnsmasq` provides a container image for running DHCP, proxy DHCP, DNS, and/or TFTP with [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html). Use it to test different network setups with clusters of network bootable machines.
The image bundles `undionly.kpxe` which chainloads PXE clients to iPXE and `grub.efi` (experimental) which chainloads UEFI architectures to GRUB2.
## Usage
Run the `coreos.com/dnsmasq` ACI with rkt.
Run the container image as a DHCP, DNS, and TFTP service.
sudo rkt trust --prefix coreos.com/dnsmasq
# gpg key fingerprint is: 18AD 5014 C99E F7E3 BA5F 6CE9 50BD D3E0 FC8A 365E
sudo rkt run coreos.com/dnsmasq:v0.3.0
```sh
sudo rkt run --net=host quay.io/coreos/dnsmasq -- -d -q \
--dhcp-range=192.168.1.3,192.168.1.254 \
--enable-tftp \
--tftp-root=/var/lib/tftpboot \
--dhcp-userclass=set:ipxe,iPXE \
--dhcp-boot=tag:#ipxe,undionly.kpxe \
--dhcp-boot=tag:ipxe,http://matchbox.example.com:8080/boot.ipxe \
--address=/matchbox.example.com/192.168.1.2 \
--log-queries \
--log-dhcp
```
Press ^] three times to kill the container.
```sh
sudo docker run --rm --cap-add=NET_ADMIN --net=host quay.io/coreos/dnsmasq \
-d -q \
--dhcp-range=192.168.1.3,192.168.1.254 \
--enable-tftp --tftp-root=/var/lib/tftpboot \
--dhcp-userclass=set:ipxe,iPXE \
--dhcp-boot=tag:#ipxe,undionly.kpxe \
--dhcp-boot=tag:ipxe,http://matchbox.example.com:8080/boot.ipxe \
--address=/matchbox.example/192.168.1.2 \
--log-queries \
--log-dhcp
```
Alternately, Docker can be used.
docker pull quay.io/coreos/dnsmasq
docker run --cap-add NET_ADMIN quay.io/coreos/dnsmasq
Press ^] three times to stop the rkt pod. Press ctrl-C to stop the Docker container.
## Configuration Flags
Configuration arguments can be provided at the command line. Check the dnsmasq [man pages](http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html) for a complete list, but here are some important flags.
Configuration arguments can be provided as flags. Check the dnsmasq [man pages](http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html) for a complete list.
| flag | description | example |
|----------|-------------|---------|
@@ -33,30 +47,12 @@ Configuration arguments can be provided at the command line. Check the dnsmasq [
| --enable-tftp | Enable serving from tftp-root over TFTP | NA |
| --address | IP address for a domain name | /matchbox.foo/172.18.0.2 |
## ACI
## Development
Build a `dnsmasq` ACI with the build script which uses [acbuild](https://github.com/appc/acbuild).
Build a container image locally.
cd contrib/dnsmasq
./get-tftp-files
sudo ./build-aci
make docker-image
Run `dnsmasq.aci` with rkt to run DHCP/proxyDHCP/TFTP/DNS services.
Run the image with Docker on the `docker0` bridge (default).
DHCP+TFTP+DNS on the `metal0` bridge:
sudo rkt --insecure-options=image run dnsmasq.aci --net=metal0 -- -d -q --dhcp-range=172.18.0.50,172.18.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://matchbox.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.18.0.1 --address=/matchbox.foo/172.18.0.2
## Docker
Build a Docker image locally using the tag `latest`.
cd contrib/dnsmasq
./get-tftp-files
sudo ./build-docker
Run the Docker image to run DHCP/proxyDHCP/TFTP/DNS services.
DHCP+TFTP+DNS on the `docker0` bridge:
sudo docker run --rm --cap-add=NET_ADMIN quay.io/coreos/dnsmasq -d -q --dhcp-range=172.17.0.43,172.17.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://matchbox.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.17.0.1 --address=/matchbox.foo/172.17.0.2
sudo docker run --rm --cap-add=NET_ADMIN coreos/dnsmasq -d -q

42
contrib/dnsmasq/build-aci
View File

@@ -1,42 +0,0 @@
#!/usr/bin/env bash
set -e
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit 1
fi
# Start with an empty ACI
acbuild --debug begin
# In the event of the script exiting, end the build
trap "{ export EXT=$?; acbuild --debug end && exit $EXT; }" EXIT
# Name the ACI
acbuild --debug set-name coreos.com/dnsmasq
# Add a version label
acbuild --debug label add version v0.3.0
# Add alpine base dependency
acbuild --debug dep add quay.io/coreos/alpine-sh
# Install dnsmasq and curl
acbuild --debug run apk update
acbuild --debug run apk add dnsmasq curl
# Copy the PXE->iPXE chainloader
acbuild --debug copy tftpboot /var/lib/tftpboot
# Add DHCP and DNS ports for dnsmasq
acbuild --debug port add dhcp udp 67
acbuild --debug port add dns udp 53
# Elevate network admin capabilities
echo "{\"set\": [\"CAP_NET_ADMIN\", \"CAP_NET_BIND_SERVICE\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_NET_RAW\"]}" | acbuild --debug isolator add os/linux/capabilities-retain-set -
# Set the exec command
acbuild --debug set-exec -- /usr/sbin/dnsmasq -d
# Save and override any older ACI
acbuild --debug write --overwrite dnsmasq.aci

5
contrib/dnsmasq/build-docker
View File

@@ -1,5 +0,0 @@
#!/bin/bash -e
REPO=coreos/dnsmasq
docker build -q --rm=true -t $REPO:latest .

8
contrib/dnsmasq/get-tftp-files
View File

@@ -1,6 +1,7 @@
#!/bin/bash -e
#!/usr/bin/env bash
set -eu
DEST=tftpboot
DEST=${1:-"tftpboot"}
if [ ! -d $DEST ]; then
echo "Creating directory $DEST"
@@ -9,3 +10,6 @@ fi
curl -s -o $DEST/undionly.kpxe http://boot.ipxe.org/undionly.kpxe
cp $DEST/undionly.kpxe $DEST/undionly.kpxe.0
# Any vaguely recent CoreOS grub.efi is fine
curl -s -o $DEST/grub.efi https://stable.release.core-os.net/amd64-usr/1298.7.0/coreos_production_pxe_grub.efi

2
scripts/devnet
View File

@@ -101,7 +101,7 @@ function create {
--net=metal0:IP=172.18.0.3 \
--mount volume=config,target=/etc/dnsmasq.conf \
--volume config,kind=host,source=$DIR/../contrib/dnsmasq/metal0.conf \
coreos.com/dnsmasq:v0.3.0
quay.io/coreos/dnsmasq:v0.3.0
status
}