Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/sh
# Download the Google safe_format_and_mount script to the location
# Kubernetes expects it to be on disk (/usr/share/google/...). This is
# made tricky by the fact that CoreOS doesn't want anyone writing to
# /usr.
set -ex
# Imported from https://chromium.googlesource.com/chromiumos/platform/crosutils/+/ea621903e927acf77889bcda4fa71636f4af7158/common.sh#458
disable_rw_mount() {
local rootfs="$1"
local offset="${2-0}" # in bytes
local ro_compat_offset=$((0x464 + 3)) # Set 'highest' byte
printf '\377' |
sudo dd of="$rootfs" seek=$((offset + ro_compat_offset)) \
conv=notrunc count=1 bs=1
}
enable_rw_mount() {
local rootfs="$1"
local offset="${2-0}"
local ro_compat_offset=$((0x464 + 3)) # Set 'highest' byte
printf '\000' |
sudo dd of="$rootfs" seek=$((offset + ro_compat_offset)) \
conv=notrunc count=1 bs=1
}
get_device() {
mount | grep -E "^[^ ]* on $1 " | cut -f 1 -d ' '
}
make_usr_writable() {
dev=$(get_device /usr)
enable_rw_mount "$dev"
mount -o remount,rw /usr
}
make_usr_ro() {
dev=$(get_device /usr)
mount -o remount,ro /usr
disable_rw_mount "$dev"
}
# Be idempotent
if [ -e /usr/share/google/safe_format_and_mount ]; then
echo "Skipping install of /usr/share/google/safe_format_and_mount: file already exists"
exit 0
fi
# Install Google safe_format_and_mount script, which allows us to
# mount a potentially fresh EBS volume. Kubernetes requires it to be
# present this particular path.
make_usr_writable
mkdir -p /usr/share/google
curl -o /usr/share/google/safe_format_and_mount https://raw.githubusercontent.com/GoogleCloudPlatform/compute-image-packages/1589f29ff3bd85551f22eefd55b505ad88a5375d/google-startup-scripts/usr/share/google/safe_format_and_mount
chmod +x /usr/share/google/safe_format_and_mount
make_usr_ro
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.