Vagrant & Dockfile sample (include git clone)

Readme.md

Vagrant & Dockfile sample (include git clone)

Parameter

• [Project Name] : e.g. GitHub repository name
• [Project Owner] : e.g. GitHub user
• [Repository Domain] : e.g. github.com

Usage

1. Install VirtualBox and Vagrant.
2. Run vagrant up.

• Generate id_rsa_docker and id_rsa_docker.pub.

3. Register id_rsa_docker.pub to repository '[Project Name]' as a deploy key.
4. Login to Vagrant as user vagrant.
5. And following commands.

$ docker build -t centos:[Project Name] /vagrant
$ CONTAINER_ID=`docker run -d centos:[Project Name]`
$ CONTAINER_IPADDR=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' ${CONTAINER_ID}`
$ ssh worker@${CONTAINER_IPADDR}

Note

You can use docker run -d -p 29999:22 centos:[Project Name] for port fowarding, and you can access the container without IP addr (e.g. ssh worker@localhost -p 29999). But, if you use port fowarding, external hosts can access your container. You should not use port fowarding without strong password / certificate.

Dockerfile

FROM centos

# ---- setup ssh

RUN yum install -y openssh-server
RUN yum install -y openssh-clients

# RUN sed -ri 's/^#PermitEmptyPasswords no/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
# RUN sed -ri 's/^#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config
# - WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several problems.
# RUN sed -ri 's/^UsePAM yes/UsePAM no/' /etc/ssh/sshd_config

RUN sed -ri 's/^session    required     pam_loginuid.so/session    optional     pam_loginuid.so/' /etc/pam.d/sshd

# - Create /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_ecdsa_key
RUN /usr/bin/ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -C '' -N ''
RUN /usr/bin/ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -C '' -N ''
RUN /usr/bin/ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -C '' -N ''

# ---- setup root

# yum install -y passwd

# RUN passwd -d root
# RUN echo 'root:password' | chpasswd

# ---- setup worker

RUN yum install -y sudo

RUN useradd worker
RUN echo 'worker:password' | chpasswd
RUN echo 'worker  ALL=(ALL)  ALL' >> /etc/sudoers.d/worker

# ---- setup git

RUN yum install -y git

# ---- setup authkey for git repository

RUN mkdir -p /home/worker/.ssh
COPY id_rsa_docker /home/worker/.ssh/id_rsa
COPY id_rsa_docker.pub /home/worker/.ssh/id_rsa.pub

# - WARN: You should use cert file.
RUN printf "Host [Repository Domain]\n\tStrictHostKeyChecking no\n" >> /home/worker/.ssh/config

RUN chown -R worker:worker /home/worker/.ssh
RUN chmod 700 /home/worker/.ssh
RUN chmod 600 /home/worker/.ssh/config
RUN chmod 600 /home/worker/.ssh/id_rsa
RUN chmod 644 /home/worker/.ssh/id_rsa.pub

# ---- setup [Project Name]

USER worker

RUN mkdir -p /home/worker/tools

WORKDIR /home/worker/tools
ENV HOME /home/worker/tools

RUN git clone git@[Repository Domain]:[Project Owner]/[Project Name].git
RUN echo 'export PATH="$HOME/tools/[Project Name]/bin:$PATH"' >> ~worker/.bash_profile

# ---- revert user

USER root

# ---- expose

EXPOSE 22

# ---- command (for "docker run -d xxx:yyy /usr/sbin/sshd -D")

CMD ["/usr/sbin/sshd", "-D"]

Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = "2"

# If you want to use docker image, use config.vm.provision "docker".
$script = <<EOF
yum install -y docker-io
gpasswd -a vagrant docker
/sbin/chkconfig docker on
/sbin/service docker start
ssh-keygen -t rsa -b 2048 -C "docker" -f /vagrant/id_rsa_docker
EOF

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.box = "centos65"
  config.vm.box_url = "http://www.lyricalsoftware.com/downloads/centos65.box"
  config.vm.network :private_network, ip: "192.168.56.101"
  config.vm.provision "shell", inline: $script
end