From d1be2cce4f62a846fa1bf0b2642cada4235e9c88 Mon Sep 17 00:00:00 2001 From: Ole Tange Date: Fri, 12 Jun 2020 16:24:10 +0200 Subject: [PATCH] r815: Docker+Vagrant. --- r815/Docker.setup | 65 +++++++++++++++++++++++++++++ r815/SETUP | 24 +++++++++-- r815/Vagrant.setup | 70 ++++++++++++++++++++++++++++++++ r815/etc/default/locale | 1 + r815/etc/rc.local | 24 +++++++++++ ubuntu-20.04/etc/rc.local | 2 + ubuntu-20.04/install-zfs-luks.sh | 7 ++-- ubuntu-20.04/packages | 3 ++ 8 files changed, 189 insertions(+), 7 deletions(-) create mode 100644 r815/Docker.setup create mode 100644 r815/Vagrant.setup create mode 100644 r815/etc/default/locale create mode 100644 r815/etc/rc.local diff --git a/r815/Docker.setup b/r815/Docker.setup new file mode 100644 index 0000000..5d7dae8 --- /dev/null +++ b/r815/Docker.setup @@ -0,0 +1,65 @@ +#!/bin/bash + +install() { + # Install needed software once + sudo apt -y install docker.io + sudo groupadd docker + sudo usermod -aG docker $USER + # Logout and login if you were not in group 'docker' before + docker run hello-world +} +setup() { + # Configure the virtual servers + mkdir -p my-ubuntu/ ssh/ + cp ~/.ssh/id_rsa.pub ssh/ + cat ssh/*.pub > my-ubuntu/authorized_keys + cat >my-ubuntu/Dockerfile <> /etc/fstab <<_EOF +LABEL=swap1 none swap sw,pri=4 0 0 +LABEL=swap2 none swap sw,pri=4 0 0 +LABEL=swap3 none swap sw,pri=4 0 0 +_EOF +} + LVM_extend_to_full_disk() { lvextend -L +10G /dev/ubuntu-vg/ubuntu-lv diff --git a/r815/Vagrant.setup b/r815/Vagrant.setup new file mode 100644 index 0000000..7e7edf8 --- /dev/null +++ b/r815/Vagrant.setup @@ -0,0 +1,70 @@ +install() { + # Install needed software once + sudo apt install -y vagrant virtualbox +} +setup() { + # Configure the virtual servers + mkdir -p ssh/ + cp ~/.ssh/id_rsa.pub ssh/ + cat ssh/*.pub > authorized_keys + cat >Vagrantfile <<'EOF' +Vagrant.configure("2") do |config| + config.vm.box = "debian/buster64" + config.vm.network "public_network" + (1..100).each do |i| + config.vm.define "vm%03d" % i do |node| + node.vm.hostname = "vm%03d" % i + # use the following line to map a range of ports on the host + # to the VNC port of each VM: + # node.vm.network "forwarded_port", host: 5900+i, guest: 5900 + end + end + + config.vm.provision "shell" do |s| + ssh_pub_key = File.readlines("authorized_keys").first.strip + s.inline = <<-SHELL + mkdir /root/.ssh + echo #{ssh_pub_key} >> /home/vagrant/.ssh/authorized_keys + echo #{ssh_pub_key} >> /root/.ssh/authorized_keys + apt-get update + apt-get install -y parallel + SHELL + end +end +EOF +} +start() { + testssh() { + ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@"$1" echo "'$1'" '`uptime`' + } + export -f testssh + # Start the virtual servers + seq 100 | parallel vagrant up vm{} + # After this it is possible to do: + # ssh 10.0.0.99 + # from another physical server + # How do we get the IP-addresses? + # parallel testssh +} +stop() { + # Stop the virtual servers + # After there is no running processes on the host server + # and after this it is no longer possible to do: + # ssh 10.0.0.99 + # from another physical server + # The host server returns to the state before running `start` + vagrant suspend +} +destroy() { + # Remove the setup + # After this the host server returns to the state before running `setup` + ? +} + +full() { + install + setup + start + stop + destroy +} diff --git a/r815/etc/default/locale b/r815/etc/default/locale new file mode 100644 index 0000000..4c95ae0 --- /dev/null +++ b/r815/etc/default/locale @@ -0,0 +1 @@ +LANC=C diff --git a/r815/etc/rc.local b/r815/etc/rc.local new file mode 100644 index 0000000..fcd8eeb --- /dev/null +++ b/r815/etc/rc.local @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +case "$1" in + start) + loopdev=$(losetup --show -f /data/swapfile) + swapon $loopdev + ;; + stop) + loopdev=$(losetup -j /data/swapfile | grep -o "/dev/loop[0-9]*") + swapoff $loopdev + losetup -d $loopdev + ;; + restart) + loopdev=$(losetup -j /data/swapfile | grep -o "/dev/loop[0-9]*") + swapoff $loopdev + swapon $loopdev + ;; + *) + echo "Usage: $0 { start | stop | restart }" >&2 + exit 1 + ;; +esac diff --git a/ubuntu-20.04/etc/rc.local b/ubuntu-20.04/etc/rc.local index 8166e13..257999b 100644 --- a/ubuntu-20.04/etc/rc.local +++ b/ubuntu-20.04/etc/rc.local @@ -4,3 +4,5 @@ echo 1 > /sys/module/zswap/parameters/enabled echo z3fold > /sys/module/zswap/parameters/zpool echo 50 > /sys/module/zswap/parameters/max_pool_percent echo lz4 > /sys/module/zswap/parameters/compressor +grep -R . /sys/kernel/debug/zswap/ +echo 2 > /proc/sys/vm/overcommit_memory diff --git a/ubuntu-20.04/install-zfs-luks.sh b/ubuntu-20.04/install-zfs-luks.sh index 35b7370..d7c9693 100644 --- a/ubuntu-20.04/install-zfs-luks.sh +++ b/ubuntu-20.04/install-zfs-luks.sh @@ -32,8 +32,8 @@ partitiondisk() { sgdisk --zap-all $DISK sgdisk -n2:1M:+510M -t2:EF00 $DISK sgdisk -a 1048576 -n3:0:+2G -t3:BF01 $DISK - # TODO better way to find the max size rounded to 8192 - sgdisk -a 1048576 -n4:0:$((1948254208+5242880-1)) -t4:8300 $DISK + end_position=$(sgdisk -E $DISK) + sgdisk -a 1048576 -n4:0:$(( $end_position - (($end_position + 1) % 2048) )) -t4:BF01 $DISK fdisk -l $DISK # Needed for partitiontable to be visible sleep 5 @@ -65,8 +65,9 @@ setup_zpool_for_root() { cryptsetup luksClose luks1 echo "$password" | cryptsetup -y -v luksFormat --sector-size 4096 \ --pbkdf-parallel 1 \ - --pbkdf-memory 4000000 --pbkdf argon2id --iter-time 10000 \ + --pbkdf-memory 4000000 --pbkdf argon2id --iter-time 1000 \ ${DISK}-part4 + cryptsetup config --priority prefer --key-slot 0 echo "$password" | cryptsetup luksOpen ${DISK}-part4 luks1 (echo "$password"; echo "$secretpassword") | cryptsetup -y -v luksAddKey \ diff --git a/ubuntu-20.04/packages b/ubuntu-20.04/packages index 7602192..a94d26f 100644 --- a/ubuntu-20.04/packages +++ b/ubuntu-20.04/packages @@ -62,6 +62,7 @@ mosh psmisc #owncloud-client htop +net-tools #uswsusp #cifs-utils #r-base-core @@ -70,6 +71,8 @@ htop libreoffice vlc iridium +xkbset +sox #xfce4 #clusterssh ##wine