MAGCloud allows the use of linux containers using systemd-nspawn. To build a container for MAGCloud, you must produce a container image. For our purposes, this image is a directory containing the root filesystem of your container. MAGCloud servers keep stock images for you to copy in /srv/images. Currently these include fedora and arch, however more are to come soon.
If you wish to start your container using one of our pre-built images, log on to a magcloud system, then copy the image to the machines directory:
~# cp -a /srv/images/fedora /var/lib/machines/myContainer
This will place your container where machinectl can find it by default. You can then start and log into your container using machinectl:
~# machinectl start myContainer
~# machinectl login myContainer
Connected to machine myContainer. Press ^] three times within 1s to exit session.
Fedora 23 (Twenty Three)
Kernel 4.2.8-300.fc23.x86_64 on an x86_64 (pts/0)
myContainer login: root
Password:
[root@myContainer ~]#
The root password has already been set by salt. You will need to ask one of the admins what it is.
Once inside your container, you should probably run salt, then use salt to configure things for you. This allows for full automation when re-creating containers later. Foreman will automatically sign your container's key for you, you just need to run salt:
[root@myContainer ~]# salt-call state.highstate
From here, you should pull our salt rules and work in there. SeeĀ Our Github Repo.
If you need an image for a distro we don't yet have you can create it using that distro's tools. Some research will be needed here, as every distro uses different tools. I will show how the arch and fedora images would be created.
For Arch, you create an empty directory and use pacstrap to install the base image and salt-minion:
~# mkdir arch
~# pacstrap -d ./arch base salt-zmq
This will install systemd and all of arch's necessary pieces. If you plan to use salt, you will then need to edit the config file inside the container to point to a salt server. Ours is foreman.magfest.net. Next you will need to set a password, and fix /etc/securetty due to a minor bug with how containers launch ttys:
~# arch-chroot ./arch
sh-4.3# passwd
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
sh-4.3# echo 'pts/0' >> /etc/securetty
sh-4.3# exit
Once you exit, the directory you just created is a finished image and is ready to be copied to the server. For convenience, it might be nice to write salt rules to build your image and set those to drop the container on every server. This is what has been done for Fedora and Arch.
For Fedora, the process is similar but with different tools:
~# mkdir fedora
~# dnf --installroot=./fedora groupinstall Core
~# dnf --installroot=./fedora install salt-minion
If you plan to use salt, you will then need to edit the config file inside the container to point to a salt server. Ours is foreman.magfest.net. Then, chroot into the container and change the root password: