forked from flatcar/sysext-bakery
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_keepalived_sysext.sh
executable file
·121 lines (111 loc) · 3.83 KB
/
create_keepalived_sysext.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#!/usr/bin/env bash
set -euo pipefail
export ARCH="${ARCH-x86-64}"
SCRIPTFOLDER="$(dirname "$(readlink -f "$0")")"
if [ $# -lt 2 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "Usage: $0 VERSION SYSEXTNAME"
echo "The script will download the keepalived from git, checkout the tag (e.g., for v2.2.8), build a static binary and create a sysext squashfs image with the name SYSEXTNAME.raw in the current folder."
echo "A temporary directory named SYSEXTNAME in the current folder will be created and deleted again."
echo "All files in the sysext image will be owned by root."
echo "The build process requires docker"
"${SCRIPTFOLDER}"/bake.sh --help
exit 1
fi
VERSION="$1"
SYSEXTNAME="$2"
if ! command -v docker &>/dev/null; then
echo Missing docker in path
exit 1
fi
SUFFIX=
if [ "${ARCH}" = "x86-64" ] || [ "${ARCH}" = "x86_64" ]; then
ARCH=amd64
elif [ "${ARCH}" = "aarch64" ] || [ "${ARCH}" = "arm64" ]; then
ARCH="arm64"
SUFFIX="v8"
fi
IMG=docker.io/"${ARCH}${SUFFIX}"/alpine:3.19
mkdir -p "${SYSEXTNAME}"
cat >"${SYSEXTNAME}"/build.sh <<EOF
#!/bin/sh
set -euo pipefail
apk --no-cache add \
binutils \
file \
file-dev \
gcc \
glib \
glib-dev \
ipset \
ipset-dev \
iptables \
iptables-dev \
libmagic-static \
libmnl-dev \
libnftnl-dev \
libnl3-static \
libnl3-dev \
make \
musl-dev \
net-snmp-dev \
openssl \
openssl-dev \
openssl-libs-static \
pcre2 \
pcre2-dev \
autoconf \
automake zlib-static alpine-sdk linux-headers libmnl-static git
cd /opt
git clone https://github.com/acassen/keepalived.git
cd /opt/keepalived && git checkout $VERSION && \
./autogen.sh && \
CFLAGS='-static -s' LDFLAGS=-static ./configure --disable-dynamic-linking \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconfdir=/usr/etc \
--datadir=/usr/share \
--localstatedir=/var \
--mandir=/usr/share/man \
--enable-bfd \
--enable-nftables \
--enable-regex \
--enable-json --with-init=systemd --enable-vrrp --enable-libnl-dynamic
cd /opt/keepalived && \
make && \
make DESTDIR=/install_root install && \
find /install_root && \
rm -rf /install_root/usr/share /install_root/usr/etc/keepalived/samples && chown \$(stat -c %u:%g /install_root/build.sh) /install_root -R
EOF
chmod +x "${SYSEXTNAME}"/build.sh
docker run -v "${PWD}/${SYSEXTNAME}":/install_root/ --rm "${IMG}" /bin/sh -c /install_root/build.sh
mkdir -p "${SYSEXTNAME}"/usr/lib/systemd/system/
cat > "${SYSEXTNAME}"/usr/lib/systemd/system/keepalived.service <<-'EOF'
[Unit]
Description=LVS and VRRP High Availability Monitor
After=network-online.target syslog.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/keepalived.pid
KillMode=process
EnvironmentFile=-/usr/etc/sysconfig/keepalived
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
EOF
mkdir -p "${SYSEXTNAME}"/usr/lib/systemd/system/keepalived.service.d
cat > "${SYSEXTNAME}"/usr/lib/systemd/system/keepalived.service.d/10-keepalived.conf <<-'EOF'
[Service]
ExecStartPre=/bin/bash -c 'set -e; mkdir -p /etc/keepalived/; if ! [ -e /etc/keepalived/keepalived.conf ]; then touch /etc/keepalived/keepalived.conf; fi'
ExecStart=
ExecStart=/usr/sbin/keepalived --use-file /etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS
EOF
mkdir -p "${SYSEXTNAME}"/usr/lib/systemd/system/multi-user.target.d
{ echo "[Unit]"; echo "Upholds=keepalived.service"; } > "${SYSEXTNAME}/usr/lib/systemd/system/multi-user.target.d/10-keepalived.conf"
rm -f "${SYSEXTNAME}"/build.sh
RELOAD=1 "${SCRIPTFOLDER}"/bake.sh "${SYSEXTNAME}"
rm -rf "${SYSEXTNAME}"