Skip to content

Commit 7dcef0f

Browse files
bdellegraziebdellegrazie
committed
fix(ubuntu-24.04): make Ubuntu example work
* Switch to using the upstream deb archive for Docker * use awscli v2 * Provide a user-specific override for systemd * use machinectl to launch rootless docker
1 parent 42f9848 commit 7dcef0f

File tree

1 file changed

+39
-34
lines changed

1 file changed

+39
-34
lines changed

examples/multi-runner/templates/user-data.sh

+39-34
Original file line numberDiff line numberDiff line change
@@ -15,67 +15,72 @@ set -x
1515
${pre_install}
1616

1717
# Install AWS CLI
18-
apt-get update
19-
DEBIAN_FRONTEND=noninteractive apt-get install -y \
20-
awscli \
18+
apt-get -q update
19+
DEBIAN_FRONTEND=noninteractive apt-get install -q -y \
2120
build-essential \
21+
ca-certificates \
2222
curl \
2323
git \
2424
iptables \
2525
jq \
26+
systemd-container \
2627
uidmap \
2728
unzip \
2829
wget
2930

31+
install -m 0755 -d /etc/apt/keyrings
32+
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
33+
chmod a+r /etc/apt/keyrings/docker.asc
34+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" > /etc/apt/sources.list.d/docker.list
35+
apt-get -q update
36+
apt-get -q -y install docker-ce docker-ce-cli containerd.io docker-ce-rootless-extras docker-buildx-plugin docker-compose-plugin
37+
systemctl disable --now docker.socket docker.service
38+
39+
# avoid /tmp, might be mounted no-exec
40+
curl -fsSL -o "awscliv2.zip" "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip"
41+
unzip -q awscliv2.zip
42+
aws/install
43+
rm -rf aws awscliv2.zip
44+
3045
user_name=ubuntu
3146
user_id=$(id -ru $user_name)
3247

3348
# install and configure cloudwatch logging agent
34-
wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
35-
dpkg -i -E ./amazon-cloudwatch-agent.deb
36-
amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c ssm:${ssm_key_cloudwatch_agent_config}
49+
curl -fsSL -o "/tmp/amazon-cloudwatch-agent.deb" https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
50+
dpkg -i -E /tmp/amazon-cloudwatch-agent.deb
51+
rm -f /tmp/amazon-cloudwatch-agent.deb
52+
amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c "ssm:${ssm_key_cloudwatch_agent_config}"
3753

3854
# configure systemd for running service in users accounts
39-
cat >/etc/systemd/[email protected] <<-EOF
40-
41-
[Unit]
42-
Description=User Manager for UID %i
43-
After=user-runtime-dir@%i.service
44-
Wants=user-runtime-dir@%i.service
45-
46-
[Service]
47-
LimitNOFILE=infinity
48-
LimitNPROC=infinity
49-
User=%i
50-
PAMName=systemd-user
51-
Type=notify
52-
53-
[Install]
54-
WantedBy=default.target
55-
55+
mkdir -p /etc/systemd/system/user-$user_id.slice.d
56+
cat > /etc/systemd/system/user-$user_id.slice.d/resources.conf <<- EOF
57+
[Slice]
58+
TasksMax=infinity
5659
EOF
57-
58-
echo export XDG_RUNTIME_DIR=/run/user/$user_id >>/home/$user_name/.bashrc
60+
mkdir -p /home/$user_name/.config/systemd/
61+
cat > /home/$user_name/.config/systemd/user.conf <<- EOF
62+
[Manager]
63+
DefaultLimitNOFILE=infinity
64+
DefaultLimitNPROC=infinity
65+
EOF
66+
chown $user_name:$user_name /home/$user_name/.config/systemd/user.conf /home/$user_name/.config/systemd /home/$user_name/.config/
5967

6068
systemctl daemon-reload
61-
systemctl enable [email protected]
62-
systemctl start [email protected]
6369

64-
curl -fsSL https://get.docker.com/rootless >>/opt/rootless.sh && chmod 755 /opt/rootless.sh
65-
su -l $user_name -c /opt/rootless.sh
66-
echo export DOCKER_HOST=unix:///run/user/$user_id/docker.sock >>/home/$user_name/.bashrc
67-
echo export PATH=/home/$user_name/bin:$PATH >>/home/$user_name/.bashrc
70+
echo export XDG_RUNTIME_DIR="/run/user/$user_id" >> "/home/$user_name/.bashrc"
6871

6972
# Run docker service by default
7073
loginctl enable-linger $user_name
71-
su -l $user_name -c "systemctl --user enable docker"
74+
machinectl shell "$user_name@.host" /usr/bin/dockerd-rootless-setuptool.sh install
75+
echo export DOCKER_HOST="unix:///run/user/$user_id/docker.sock" >> "/home/$user_name/.bashrc"
76+
echo export PATH="/home/$user_name/bin:$PATH" >> "/home/$user_name/.bashrc"
7277

7378
${install_runner}
7479

7580
# config runner for rootless docker
7681
cd /opt/actions-runner/
77-
echo DOCKER_HOST=unix:///run/user/$user_id/docker.sock >>.env
78-
echo PATH=/home/$user_name/bin:$PATH >>.env
82+
echo DOCKER_HOST="unix:///run/user/$user_id/docker.sock" >> .env
83+
echo PATH="/home/$user_name/bin:$PATH" >> .env
7984

8085
${post_install}
8186

0 commit comments

Comments
 (0)