mirror of https://github.com/containers/conmon.git
174 lines
4.0 KiB
Bash
Executable File
174 lines
4.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
declare -A VERSIONS=(
|
|
["cni-plugins"]=v1.3.0
|
|
["runc"]=v1.1.14
|
|
["crun"]=1.17
|
|
["bats"]=v1.9.0
|
|
)
|
|
|
|
main() {
|
|
set -x
|
|
prepare_system
|
|
|
|
install_packages
|
|
install_conmon
|
|
install_bats
|
|
install_critools
|
|
install_runc
|
|
install_crun
|
|
install_cni_plugins
|
|
install_testdeps
|
|
setup_etc_subid
|
|
}
|
|
|
|
prepare_system() {
|
|
sudo systemctl stop docker
|
|
sudo ufw disable
|
|
|
|
# enable necessary kernel modules
|
|
sudo ip6tables --list >/dev/null
|
|
|
|
# enable necessary sysctls
|
|
sudo sysctl -w net.ipv4.conf.all.route_localnet=1
|
|
sudo sysctl -w net.ipv4.ip_forward=1
|
|
# needed for crictl test
|
|
sudo modprobe br_netfilter
|
|
sudo sysctl -w net.bridge.bridge-nf-call-iptables=1
|
|
sudo iptables -t nat -I POSTROUTING -s 127.0.0.0/8 ! -d 127.0.0.0/8 -j MASQUERADE
|
|
}
|
|
|
|
remove_packages() {
|
|
sudo apt-get remove \
|
|
conmon \
|
|
containernetworking-plugins
|
|
}
|
|
|
|
install_packages() {
|
|
. /etc/os-release
|
|
CRIU_REPO="https://download.opensuse.org/repositories/devel:/tools:/criu/xUbuntu_$VERSION_ID"
|
|
|
|
curl -fSsL $CRIU_REPO/Release.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/criu.gpg
|
|
echo "deb $CRIU_REPO/ /" | sudo tee /etc/apt/sources.list.d/criu.list
|
|
|
|
sudo apt update
|
|
sudo apt install -y \
|
|
autoconf \
|
|
automake \
|
|
conntrack \
|
|
criu \
|
|
libaio-dev \
|
|
libapparmor-dev \
|
|
libbtrfs-dev \
|
|
libcap-dev \
|
|
libdevmapper-dev \
|
|
libfuse-dev \
|
|
libgpgme11-dev \
|
|
libglib2.0-dev \
|
|
libnet1-dev \
|
|
libnl-3-dev \
|
|
libprotobuf-c-dev \
|
|
libprotobuf-dev \
|
|
libseccomp-dev \
|
|
libsystemd-dev \
|
|
libtool \
|
|
libudev-dev \
|
|
libyajl-dev \
|
|
sed \
|
|
socat \
|
|
uuid-dev
|
|
}
|
|
|
|
install_conmon() {
|
|
sudo make install.bin
|
|
conmon --version
|
|
}
|
|
|
|
install_bats() {
|
|
git clone https://github.com/bats-core/bats-core
|
|
pushd bats-core
|
|
git checkout "${VERSIONS["bats"]}"
|
|
sudo ./install.sh /usr/local
|
|
popd
|
|
rm -rf bats-core
|
|
mkdir -p ~/.parallel
|
|
touch ~/.parallel/will-cite
|
|
}
|
|
|
|
install_critools() {
|
|
URL=https://github.com/kubernetes-sigs/cri-tools
|
|
|
|
git clone $URL
|
|
pushd cri-tools
|
|
sudo -E PATH="$PATH" make BINDIR=/usr/bin install
|
|
popd
|
|
sudo rm -rf cri-tools
|
|
sudo critest --version
|
|
sudo crictl --version
|
|
}
|
|
|
|
install_cni_plugins() {
|
|
URL=https://github.com/containernetworking/plugins/releases/download
|
|
TARBALL=cni-plugins-linux-amd64-${VERSIONS["cni-plugins"]}.tgz
|
|
CNI_DIR=/opt/cni/bin
|
|
sudo mkdir -p "$CNI_DIR"
|
|
wget -O "$TARBALL" $URL/"${VERSIONS["cni-plugins"]}"/"$TARBALL"
|
|
sudo tar xf "$TARBALL" -C "$CNI_DIR"
|
|
rm "$TARBALL"
|
|
ls -lah "$CNI_DIR"
|
|
}
|
|
|
|
install_runc() {
|
|
URL=https://github.com/opencontainers/runc/releases/download/"${VERSIONS["runc"]}"
|
|
BINARY=/usr/sbin/runc
|
|
sudo wget -O "$BINARY" "$URL"/runc.amd64
|
|
sudo chmod +x "$BINARY"
|
|
|
|
# Verify the SHA256
|
|
SUMFILE=runc.sha256sum
|
|
wget "$URL"/$SUMFILE
|
|
grep -qw "$(sha256sum "$BINARY" | awk '{ print $1 }')" $SUMFILE
|
|
rm $SUMFILE
|
|
|
|
runc --version
|
|
}
|
|
|
|
install_crun() {
|
|
URL=https://github.com/containers/crun/releases/download/"${VERSIONS["crun"]}"/crun-"${VERSIONS["crun"]}"-linux-amd64
|
|
|
|
BINARY=/usr/bin/crun
|
|
sudo wget -O "$BINARY" "$URL"
|
|
sudo chmod +x "$BINARY"
|
|
|
|
crun --version
|
|
}
|
|
|
|
install_testdeps() {
|
|
CLONE_PATH=$(go env GOPATH)/src/github.com/cri-o
|
|
mkdir -p "$CLONE_PATH"
|
|
pushd "$CLONE_PATH"
|
|
|
|
URL=https://github.com/cri-o/cri-o
|
|
git clone $URL
|
|
pushd cri-o
|
|
make "$(pwd)"/build/bin/ginkgo
|
|
sudo cp build/bin/ginkgo /usr/bin
|
|
ginkgo version
|
|
|
|
sudo mkdir -p /etc/containers/registries.d
|
|
sudo cp test/policy.json /etc/containers
|
|
sudo cp test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
|
|
sudo cp test/registries.conf /etc/containers/registries.conf
|
|
popd
|
|
popd
|
|
}
|
|
|
|
setup_etc_subid() {
|
|
echo "containers:200000:65536" | sudo tee -a /etc/subuid
|
|
echo "containers:200000:65536" | sudo tee -a /etc/subgid
|
|
|
|
}
|
|
|
|
main "$@"
|