Merge branch '2.0.x'

ci/images/docker-lib.sh

@@ -1,5 +1,9 @@
 # Based on: https://github.com/concourse/docker-image-resource/blob/master/assets/common.sh
 
+DOCKER_LOG_FILE=${DOCKER_LOG_FILE:-/tmp/docker.log}
+SKIP_PRIVILEGED=${SKIP_PRIVILEGED:-false}
+STARTUP_TIMEOUT=${STARTUP_TIMEOUT:-120}
+
 sanitize_cgroups() {
   mkdir -p /sys/fs/cgroup
   mountpoint -q /sys/fs/cgroup || \
@@ -13,7 +17,7 @@ sanitize_cgroups() {
       continue
     fi
 
-    grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")"
+    grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")" || true
     if [ -z "$grouping" ]; then
       # subsystem not mounted anywhere; mount it on its own
       grouping="$sys"
@@ -38,42 +42,63 @@ sanitize_cgroups() {
       ln -s "$mountpoint" "/sys/fs/cgroup/$sys"
     fi
   done
+
+  if ! test -e /sys/fs/cgroup/systemd ; then
+    mkdir /sys/fs/cgroup/systemd
+    mount -t cgroup -o none,name=systemd none /sys/fs/cgroup/systemd
+  fi
 }
 
 start_docker() {
   mkdir -p /var/log
   mkdir -p /var/run
 
-  sanitize_cgroups
+  if [ "$SKIP_PRIVILEGED" = "false" ]; then
+    sanitize_cgroups
 
-  # check for /proc/sys being mounted readonly, as systemd does
-  if grep '/proc/sys\s\+\w\+\s\+ro,' /proc/mounts >/dev/null; then
-    mount -o remount,rw /proc/sys
+    # check for /proc/sys being mounted readonly, as systemd does
+    if grep '/proc/sys\s\+\w\+\s\+ro,' /proc/mounts >/dev/null; then
+      mount -o remount,rw /proc/sys
+    fi
   fi
 
-  local server_args=""
+  local mtu=$(cat /sys/class/net/$(ip route get 8.8.8.8|awk '{ print $5 }')/mtu)
+  local server_args="--mtu ${mtu}"
+  local registry=""
 
-  for registry in $1; do
+  server_args="${server_args}"
+
+  for registry in $3; do
     server_args="${server_args} --insecure-registry ${registry}"
   done
 
-  if [ -n "$2" ]; then
-    server_args="${server_args} --registry-mirror=$2"
-  fi
-
-  if [ -n "$3" ]; then
-    server_args="${server_args} -g=$3"
+  if [ -n "$4" ]; then
+    server_args="${server_args} --registry-mirror $4"
   fi
 
-  dockerd --data-root /scratch/docker ${server_args} >/tmp/docker.log 2>&1 &
-  echo $! > /tmp/docker.pid
+  try_start() {
+    dockerd --data-root /scratch/docker ${server_args} >$DOCKER_LOG_FILE 2>&1 &
+    echo $! > /tmp/docker.pid
 
-  sleep 1
+    sleep 1
 
-  until docker info >/dev/null 2>&1; do
     echo waiting for docker to come up...
-    sleep 1
-  done
+    until docker info >/dev/null 2>&1; do
+      sleep 1
+      if ! kill -0 "$(cat /tmp/docker.pid)" 2>/dev/null; then
+        return 1
+      fi
+    done
+  }
+
+  export server_args DOCKER_LOG_FILE
+  declare -fx try_start
+  trap stop_docker EXIT
+
+  if ! timeout ${STARTUP_TIMEOUT} bash -ce 'while true; do try_start && break; done'; then
+    echo Docker failed to start within ${STARTUP_TIMEOUT} seconds.
+    return 1
+  fi
 }
 
 stop_docker() {
@@ -83,5 +108,5 @@ stop_docker() {
   fi
 
   kill -TERM $pid
-  wait $pid
 }
+

ci/images/setup.sh

@@ -6,7 +6,7 @@ set -ex
 ###########################################################
 
 apt-get update
-apt-get install --no-install-recommends -y ca-certificates net-tools libxml2-utils git curl libudev1 libxml2-utils iptables jq
+apt-get install --no-install-recommends -y ca-certificates net-tools libxml2-utils git curl libudev1 libxml2-utils iptables iproute2 jq
 rm -rf /var/lib/apt/lists/*
 
 curl https://raw.githubusercontent.com/spring-io/concourse-java-scripts/v0.0.2/concourse-java.sh > /opt/concourse-java.sh