vim \
wget \
zlib1g-dev \
+ && ln -s -f /usr/lib/x86_64-linux-gnu/libc.a /usr/lib/x86_64-linux-gnu/liblibc.a \
&& curl -fsSL https://get.docker.com | sh \
&& rm -rf /var/lib/apt/lists/*
snowballstemmer==2.2.0 \
urllib3==1.26.10
-RUN useradd -rm -d /home/testuser -s /bin/bash -g root -G sudo -u 1000 testuser \
+RUN groupadd -g 1000 testuser \
+ && useradd -rm -d /home/testuser -s /bin/bash -g testuser -G sudo -u 1000 testuser \
&& echo 'testuser:Csit1234' | chpasswd
+RUN echo 'root:Csit1234' | chpasswd \
+ && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \
+ && echo "export VISIBLE=now" >> /etc/profile
+
RUN service ssh start
\ No newline at end of file
+++ /dev/null
-#!/usr/bin/env bash
-
-set -euo pipefail
-
-case "${1:-start}" in
- "start" )
- # Run TG
- for cnt in $(seq 1 ${2:-1}); do
- docker network create --driver bridge csit-nw-tg${cnt} || true
- # If the IMAGE is not already loaded then docker run will pull the
- # IMAGE, and all image dependencies, before it starts the container.
- dcr_image="base-ubuntu2204:local"
- # Run the container in the background and print the new container
- # ID.
- dcr_stc_params="--detach=true "
- # Give extended privileges to this container. A "privileged"
- # container is given access to all devices and able to run nested
- # containers.
- dcr_stc_params+="--privileged "
- # Publish all exposed ports to random ports on the host interfaces.
- dcr_stc_params+="--publish 600${cnt}:2222 "
- # Automatically remove the container when it exits.
- dcr_stc_params+="--rm "
- # Size of /dev/shm.
- dcr_stc_params+="--shm-size 4G "
- # Mount vfio to be able to bind to see binded interfaces. We cannot
- # use --device=/dev/vfio as this does not see newly binded
- # interfaces.
- dcr_stc_params+="--volume /dev:/dev "
- # Mount /opt/boot/ where VM kernel and initrd are located.
- dcr_stc_params+="--volume /opt:/opt "
- # Mount host hugepages for VMs.
- dcr_stc_params+="--volume /dev/hugepages:/dev/hugepages "
-
- params=(${dcr_stc_params} --name csit-tg-"${cnt}" "${dcr_image}")
- docker run --network=csit-nw-tg${cnt} "${params[@]}"
- done
- ;;
- "stop" )
- docker rm --force $(docker ps --all --quiet --filter name=csit)
- docker network rm $(docker network ls --filter name=csit --quiet)
- ;;
-esac
privileged: true
restart: "always"
shm_size: "4G"
- devices:
- - "/dev/hugepages:/dev/hugepages"
- - "/dev/vfio:/dev/vfio"
volumes:
+ - type: "bind"
+ source: "/dev/hugepages"
+ target: "/dev/hugepages"
+ - type: "bind"
+ source: "/dev/vfio"
+ target: "/dev/vfio"
- type: "bind"
source: "/etc/sudoers"
target: "/etc/sudoers"
privileged: true
restart: "always"
shm_size: "4G"
- devices:
- - "/dev/hugepages:/dev/hugepages"
- - "/dev/vfio:/dev/vfio"
volumes:
+ - type: "bind"
+ source: "/dev/hugepages"
+ target: "/dev/hugepages"
+ - type: "bind"
+ source: "/dev/vfio"
+ target: "/dev/vfio"
- type: "bind"
source: "/etc/sudoers"
target: "/etc/sudoers"
- "6001:6001"
restart: "always"
shm_size: "4G"
- devices:
- - "/dev/hugepages:/dev/hugepages"
- - "/dev/vfio:/dev/vfio"
volumes:
+ - type: "bind"
+ source: "/dev/hugepages"
+ target: "/dev/hugepages"
+ - type: "bind"
+ source: "/dev/vfio"
+ target: "/dev/vfio"
- type: "bind"
source: "/etc/sudoers"
target: "/etc/sudoers"
- "6002:6002"
restart: "always"
shm_size: "4G"
- devices:
- - "/dev/hugepages:/dev/hugepages"
- - "/dev/vfio:/dev/vfio"
volumes:
+ - type: "bind"
+ source: "/dev/hugepages"
+ target: "/dev/hugepages"
+ - type: "bind"
+ source: "/dev/vfio"
+ target: "/dev/vfio"
- type: "bind"
source: "/etc/sudoers"
target: "/etc/sudoers"
Code Review / csit.git / commitdiff