mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Make the check-config script return success or failure
Although primarily a human readable script, it is quite useful to return success or failure from this script so it can be used as a basic test. Fail if any check fails, including some that are optional, other than the storage driver tests, where only one needs to succeed, so the system has at least one workable storage driver. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
parent
8f6fd3687d
commit
6d116ffbbb
1 changed files with 56 additions and 30 deletions
|
|
@ -1,6 +1,8 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
# bits of this were adapted from lxc-checkconfig
|
# bits of this were adapted from lxc-checkconfig
|
||||||
# see also https://github.com/lxc/lxc/blob/lxc-1.0.2/src/lxc/lxc-checkconfig.in
|
# see also https://github.com/lxc/lxc/blob/lxc-1.0.2/src/lxc/lxc-checkconfig.in
|
||||||
|
|
||||||
|
|
@ -90,12 +92,13 @@ check_flag() {
|
||||||
wrap_good "CONFIG_$1" 'enabled (as module)'
|
wrap_good "CONFIG_$1" 'enabled (as module)'
|
||||||
else
|
else
|
||||||
wrap_bad "CONFIG_$1" 'missing'
|
wrap_bad "CONFIG_$1" 'missing'
|
||||||
|
EXITCODE=1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
check_flags() {
|
check_flags() {
|
||||||
for flag in "$@"; do
|
for flag in "$@"; do
|
||||||
echo "- $(check_flag "$flag")"
|
echo -n "- "; check_flag "$flag"
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -104,6 +107,7 @@ check_command() {
|
||||||
wrap_good "$1 command" 'available'
|
wrap_good "$1 command" 'available'
|
||||||
else
|
else
|
||||||
wrap_bad "$1 command" 'missing'
|
wrap_bad "$1 command" 'missing'
|
||||||
|
EXITCODE=1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -112,6 +116,7 @@ check_device() {
|
||||||
wrap_good "$1" 'present'
|
wrap_good "$1" 'present'
|
||||||
else
|
else
|
||||||
wrap_bad "$1" 'missing'
|
wrap_bad "$1" 'missing'
|
||||||
|
EXITCODE=1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -122,6 +127,7 @@ check_distro_userns() {
|
||||||
grep -q "user_namespace.enable=1" /proc/cmdline || {
|
grep -q "user_namespace.enable=1" /proc/cmdline || {
|
||||||
# no user namespace support enabled
|
# no user namespace support enabled
|
||||||
wrap_bad " (RHEL7/CentOS7" "User namespaces disabled; add 'user_namespace.enable=1' to boot command line)"
|
wrap_bad " (RHEL7/CentOS7" "User namespaces disabled; add 'user_namespace.enable=1' to boot command line)"
|
||||||
|
EXITCODE=1
|
||||||
}
|
}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
@ -158,6 +164,7 @@ else
|
||||||
else
|
else
|
||||||
echo "$(wrap_bad 'cgroup hierarchy' 'nonexistent??')"
|
echo "$(wrap_bad 'cgroup hierarchy' 'nonexistent??')"
|
||||||
fi
|
fi
|
||||||
|
EXITCODE=1
|
||||||
echo " $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)"
|
echo " $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -175,6 +182,7 @@ if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = 'Y' ]; then
|
||||||
else
|
else
|
||||||
echo "$(wrap_color '(look for an "apparmor" package for your distribution)')"
|
echo "$(wrap_color '(look for an "apparmor" package for your distribution)')"
|
||||||
fi
|
fi
|
||||||
|
EXITCODE=1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -255,41 +263,56 @@ if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY;
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo '- Network Drivers:'
|
echo '- Network Drivers:'
|
||||||
{
|
echo ' - "'$(wrap_color 'overlay' blue)'":'
|
||||||
echo '- "'$(wrap_color 'overlay' blue)'":'
|
check_flags VXLAN | sed 's/^/ /'
|
||||||
check_flags VXLAN | sed 's/^/ /'
|
echo ' Optional (for encrypted networks):'
|
||||||
echo ' Optional (for encrypted networks):'
|
check_flags CRYPTO CRYPTO_AEAD CRYPTO_GCM CRYPTO_SEQIV CRYPTO_GHASH \
|
||||||
check_flags CRYPTO CRYPTO_AEAD CRYPTO_GCM CRYPTO_SEQIV CRYPTO_GHASH \
|
XFRM XFRM_USER XFRM_ALGO INET_ESP INET_XFRM_MODE_TRANSPORT | sed 's/^/ /'
|
||||||
XFRM XFRM_USER XFRM_ALGO INET_ESP INET_XFRM_MODE_TRANSPORT | sed 's/^/ /'
|
echo ' - "'$(wrap_color 'ipvlan' blue)'":'
|
||||||
echo '- "'$(wrap_color 'ipvlan' blue)'":'
|
check_flags IPVLAN | sed 's/^/ /'
|
||||||
check_flags IPVLAN | sed 's/^/ /'
|
echo ' - "'$(wrap_color 'macvlan' blue)'":'
|
||||||
echo '- "'$(wrap_color 'macvlan' blue)'":'
|
check_flags MACVLAN DUMMY | sed 's/^/ /'
|
||||||
check_flags MACVLAN DUMMY | sed 's/^/ /'
|
|
||||||
} | sed 's/^/ /'
|
# only fail if no storage drivers available
|
||||||
|
CODE=${EXITCODE}
|
||||||
|
EXITCODE=0
|
||||||
|
STORAGE=1
|
||||||
|
|
||||||
echo '- Storage Drivers:'
|
echo '- Storage Drivers:'
|
||||||
{
|
echo ' - "'$(wrap_color 'aufs' blue)'":'
|
||||||
echo '- "'$(wrap_color 'aufs' blue)'":'
|
check_flags AUFS_FS | sed 's/^/ /'
|
||||||
check_flags AUFS_FS | sed 's/^/ /'
|
if ! is_set AUFS_FS && grep -q aufs /proc/filesystems; then
|
||||||
if ! is_set AUFS_FS && grep -q aufs /proc/filesystems; then
|
echo " $(wrap_color '(note that some kernels include AUFS patches but not the AUFS_FS flag)' bold black)"
|
||||||
echo " $(wrap_color '(note that some kernels include AUFS patches but not the AUFS_FS flag)' bold black)"
|
fi
|
||||||
fi
|
[ "$EXITCODE" = 0 ] && STORAGE=0
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
echo '- "'$(wrap_color 'btrfs' blue)'":'
|
echo ' - "'$(wrap_color 'btrfs' blue)'":'
|
||||||
check_flags BTRFS_FS | sed 's/^/ /'
|
check_flags BTRFS_FS | sed 's/^/ /'
|
||||||
check_flags BTRFS_FS_POSIX_ACL | sed 's/^/ /'
|
check_flags BTRFS_FS_POSIX_ACL | sed 's/^/ /'
|
||||||
|
[ "$EXITCODE" = 0 ] && STORAGE=0
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
echo '- "'$(wrap_color 'devicemapper' blue)'":'
|
echo ' - "'$(wrap_color 'devicemapper' blue)'":'
|
||||||
check_flags BLK_DEV_DM DM_THIN_PROVISIONING | sed 's/^/ /'
|
check_flags BLK_DEV_DM DM_THIN_PROVISIONING | sed 's/^/ /'
|
||||||
|
[ "$EXITCODE" = 0 ] && STORAGE=0
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
echo '- "'$(wrap_color 'overlay' blue)'":'
|
echo ' - "'$(wrap_color 'overlay' blue)'":'
|
||||||
check_flags OVERLAY_FS | sed 's/^/ /'
|
check_flags OVERLAY_FS | sed 's/^/ /'
|
||||||
|
[ "$EXITCODE" = 0 ] && STORAGE=0
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
|
echo ' - "'$(wrap_color 'zfs' blue)'":'
|
||||||
|
echo -n " - "; check_device /dev/zfs
|
||||||
|
echo -n " - "; check_command zfs
|
||||||
|
echo -n " - "; check_command zpool
|
||||||
|
[ "$EXITCODE" = 0 ] && STORAGE=0
|
||||||
|
EXITCODE=0
|
||||||
|
|
||||||
|
EXITCODE=$CODE
|
||||||
|
[ "$STORAGE" = 1 ] && EXITCODE=1
|
||||||
|
|
||||||
echo '- "'$(wrap_color 'zfs' blue)'":'
|
|
||||||
echo " - $(check_device /dev/zfs)"
|
|
||||||
echo " - $(check_command zfs)"
|
|
||||||
echo " - $(check_command zpool)"
|
|
||||||
} | sed 's/^/ /'
|
|
||||||
echo
|
echo
|
||||||
|
|
||||||
check_limit_over()
|
check_limit_over()
|
||||||
|
|
@ -297,6 +320,7 @@ check_limit_over()
|
||||||
if [ $(cat "$1") -le "$2" ]; then
|
if [ $(cat "$1") -le "$2" ]; then
|
||||||
wrap_bad "- $1" "$(cat $1)"
|
wrap_bad "- $1" "$(cat $1)"
|
||||||
wrap_color " This should be set to at least $2, for example set: sysctl -w kernel/keys/root_maxkeys=1000000" bold black
|
wrap_color " This should be set to at least $2, for example set: sysctl -w kernel/keys/root_maxkeys=1000000" bold black
|
||||||
|
EXITCODE=1
|
||||||
else
|
else
|
||||||
wrap_good "- $1" "$(cat $1)"
|
wrap_good "- $1" "$(cat $1)"
|
||||||
fi
|
fi
|
||||||
|
|
@ -305,3 +329,5 @@ check_limit_over()
|
||||||
echo 'Limits:'
|
echo 'Limits:'
|
||||||
check_limit_over /proc/sys/kernel/keys/root_maxkeys 10000
|
check_limit_over /proc/sys/kernel/keys/root_maxkeys 10000
|
||||||
echo
|
echo
|
||||||
|
|
||||||
|
exit $EXITCODE
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue