Shell Receive (ShRx) is a set of scripts I wrote to provision new virtual machines for a reproducible build workflow. Its original use was for the provisioning of hardware devices and virtual machines for an infrastructure-as-a-service company. It is designed to be called by a Makefile of another “payload” project, which builds boot media. These scripts allow physical hosting, virtual hosting, and development hosting to use the exact same boot disks. Insecure containers like Docker are bad for development because they are complicated, often-changing, and opaque (who is going to read all that code?). Sofware like Ansible is no good either, because third party plugins are bad for security (know what your computers are doing) and worse, it leaves agents running on the damn box--totally unprofessional!
ShRx is what I call a “first-stage image builder,” meaning that it provides scaffolding for payload projects to work from. It configures OSes in a one-time mode, that when started will mount a “payload drive” and execute the scripts contained therein to configure a server. It helps create a head-down reproducible build process, and does its job well.
It is easy to translate Dockerfiles into simple shell scripts appropriate for use with ShRx. This technique was successfully used at Stack41. The general process to create a disk image are as follows.
- ShRx is used to make a clean boot disk and config disk, e.g. a fresh install of Alpine Linux. A small hook is placed as a cron @reboot which self-destructs. This hook will later search a payload disk image for something to run.
- A payload project is used to make a payload FAT32 disk. It contains a script "main.sh" which will be executed as root to configure itself. This is the part which is like a Dockerfile, containing configuration instructions.
- The payload disk image is discarded.
- Optionally, an old config disk may be swapped with the new one to in-effect update the software.
Here is a sample makefile of a payload project (which happens to be configuring a CARP pair of routers) showing how ShRx can be used.