From 21f0df84a23c5bad5403212d54331389ec4def8c Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 3 Mar 2017 18:11:26 +0100
Subject: [PATCH] Revert "docker-centos: use a chroot environment"
This reverts commit 592263adc293c59366e4e56920e3dc527f3e36d2.
Closes: #38
Approved by: giuseppe
---
docker-centos/Dockerfile | 3 +--
docker-centos/config.json.template | 2 +-
docker-centos/init.sh | 6 +-----
docker-centos/service.template | 15 ++++----------
docker-centos/set_chroot.sh | 32 ------------------------------
docker-centos/tmpfiles.template | 1 -
docker-centos/unset_chroot.sh | 8 --------
7 files changed, 7 insertions(+), 60 deletions(-)
delete mode 100755 docker-centos/set_chroot.sh
delete mode 100755 docker-centos/unset_chroot.sh
diff --git a/docker-centos/Dockerfile b/docker-centos/Dockerfile
index b1c801d..59929b2 100644
--- a/docker-centos/Dockerfile
+++ b/docker-centos/Dockerfile
@@ -2,11 +2,10 @@ FROM centos
LABEL maintainer="Giuseppe Scrivano <gscrivan@redhat.com>"
-RUN yum install -y docker docker-latest container-selinux python-docker-py docker-lvm-plugin docker-rhel-push-plugin docker-novolume-plugin lvm2 iptables procps-ng xz cloud-utils-growpart && yum clean all
+RUN yum install -y docker docker-latest docker-selinux python-docker-py docker-lvm-plugin docker-rhel-push-plugin docker-novolume-plugin lvm2 iptables procps-ng xz cloud-utils-growpart && yum clean all
ADD init.sh /usr/bin
# system container
-ADD set_chroot.sh unset_chroot.sh /
COPY service.template tmpfiles.template config.json.template /exports/
CMD ["/usr/bin/init.sh"]
diff --git a/docker-centos/config.json.template b/docker-centos/config.json.template
index 07aa65b..cb661dc 100644
--- a/docker-centos/config.json.template
+++ b/docker-centos/config.json.template
@@ -105,7 +105,7 @@
},
{
"type": "bind",
- "source": "/var/lib",
+ "source": "${STATE_DIRECTORY}",
"destination": "/var/lib",
"options": [
"rbind",
diff --git a/docker-centos/init.sh b/docker-centos/init.sh
index fa2da36..a61f272 100755
--- a/docker-centos/init.sh
+++ b/docker-centos/init.sh
@@ -8,11 +8,7 @@
source /run/docker-bash-env
-exec /usr/bin/dockerd-current \
- --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
- --default-runtime=docker-runc \
- --exec-opt native.cgroupdriver=systemd \
- --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
+exec /usr/bin/docker-current daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
diff --git a/docker-centos/service.template b/docker-centos/service.template
index 9f1ecc4..fd64d37 100644
--- a/docker-centos/service.template
+++ b/docker-centos/service.template
@@ -7,23 +7,16 @@ EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
-Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStartPre=/bin/bash -c 'export -p > /run/docker-bash-env'
-ExecStartPre=/bin/sh $DESTDIR/rootfs/set_chroot.sh $DESTDIR/rootfs
-ExecStart=/usr/bin/init.sh
-ExecStopPost=/bin/sh $DESTDIR/rootfs/unset_chroot.sh
+ExecStart=$EXEC_START
+ExecStop=$EXEC_STOP
Restart=on-failure
-RootDirectory=/var/lib/containers/docker-chroot
-RootDirectoryStartOnly=yes
-PermissionsStartOnly=yes
-WorkingDirectory=/
+WorkingDirectory=$DESTDIR
+RuntimeDirectory=docker
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
-KillMode=control-group
-Type=simple
-SELinuxContext=system_u:system_r:container_runtime_t:s0
[Install]
WantedBy=multi-user.target
diff --git a/docker-centos/set_chroot.sh b/docker-centos/set_chroot.sh
deleted file mode 100755
index 0fd14c6..0000000
--- a/docker-centos/set_chroot.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-CHROOT=/var/lib/containers/docker-chroot
-mount --make-rprivate /
-
-test -e $CHROOT/ || mkdir -p $CHROOT/
-
-if ! findmnt $CHROOT/ >/dev/null 2>&1; then
- mount --bind $CHROOT/ $CHROOT/
- mount --make-private $CHROOT/
-fi
-
-mkdir -p $CHROOT/{etc,proc,sys,var,lib/modules,usr,tmp,dev,run}
-
-for i in bin sbin lib lib64
-do
- test -h $CHROOT/$i && rm $CHROOT/$i
- test ! -d $CHROOT/$i && ln -s /usr/$i $CHROOT/$i
-done
-
-for i in dev etc proc sys lib/modules tmp run
-do
- /usr/bin/mount --rbind /$i $CHROOT/$i
- /usr/bin/mount --make-rslave $CHROOT/$i
-done
-
-if ! findmnt $CHROOT/var > /dev/null 2>&1; then
- /usr/bin/mount --make-rslave --bind /var $CHROOT/var
-fi
-
-# /usr is mounted from the container
-/usr/bin/mount --make-slave --read-only --rbind $1/usr $CHROOT/usr
diff --git a/docker-centos/tmpfiles.template b/docker-centos/tmpfiles.template
index d8dc101..f06aae1 100644
--- a/docker-centos/tmpfiles.template
+++ b/docker-centos/tmpfiles.template
@@ -1,2 +1 @@
d /var/lib/docker - - - - -
-d /var/lib/containers/docker-chroot - - - - -
diff --git a/docker-centos/unset_chroot.sh b/docker-centos/unset_chroot.sh
deleted file mode 100755
index 95562ed..0000000
--- a/docker-centos/unset_chroot.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-CHROOT=/var/lib/containers/docker-chroot
-
-# do not umount /var
-for i in dev etc proc sys usr lib/modules tmp run; do
- /usr/bin/umount -lR $CHROOT/$i
-done
--
GitLab