summaryrefslogtreecommitdiffstats
path: root/lib/container
diff options
context:
space:
mode:
authorDaniel Baumann <mail@daniel-baumann.ch>2016-08-04 13:45:49 +0000
committerDaniel Baumann <mail@daniel-baumann.ch>2016-08-04 13:50:13 +0000
commite1ac8c36854fbeb60a53a5090fbb673b2a7b9d09 (patch)
treecc969c8a612fe7412f9d14759e6dc64c77b2a5a1 /lib/container
parentReleasing debian version 20160701-1. (diff)
downloadopen-infrastructure-compute-tools-e1ac8c36854fbeb60a53a5090fbb673b2a7b9d09.tar.xz
open-infrastructure-compute-tools-e1ac8c36854fbeb60a53a5090fbb673b2a7b9d09.zip
Merging upstream version 20160801.
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
Diffstat (limited to 'lib/container')
-rwxr-xr-xlib/container/create32
-rwxr-xr-xlib/container/enter12
-rwxr-xr-xlib/container/list6
-rwxr-xr-xlib/container/remove25
-rwxr-xr-xlib/container/start70
-rwxr-xr-xlib/container/status2
-rwxr-xr-xlib/container/stop23
7 files changed, 145 insertions, 25 deletions
diff --git a/lib/container/create b/lib/container/create
index 8080ffa..cb51871 100755
--- a/lib/container/create
+++ b/lib/container/create
@@ -26,7 +26,7 @@ SCRIPTS="/usr/share/container-tools/scripts"
Parameters ()
{
- LONG_OPTIONS="name:,cnt.auto:,bind:,capability:,drop-capability:script:,"
+ LONG_OPTIONS="name:,cnt.auto:,cnt.overlay:,bind:,capability:,drop-capability:script:,"
OPTIONS="n:,b:,c:,d:,s:,"
PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})"
@@ -52,6 +52,11 @@ Parameters ()
shift 2
;;
+ --cnt.overlay)
+ CNT_OVERLAY="${2}"
+ shift 2
+ ;;
+
-b|--bind)
BIND="${2}"
shift 2
@@ -87,7 +92,7 @@ Parameters ()
Usage ()
{
- echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2
+ echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2
exit 1
}
@@ -149,20 +154,41 @@ then
done
fi
+# Creating overlay mounts
+if [ -n "${CNT_OVERLAY}" ]
+then
+ CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')"
+
+ for CNT_OVERLAY in ${CNT_OVERLAYS}
+ do
+ DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')"
+ DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')"
+ DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')"
+ DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')"
+
+ for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}"
+ do
+ mkdir -p "${DIRECTORY}"
+ done
+ done
+fi
+
# config
mkdir -p "${CONFIG}"
sed -e "s|@CNT_AUTO@|${CNT_AUTO}|g" \
-e "s|@CNT_NETWORK_BRIDGE@|${CNT_NETWORK_BRIDGE}|g" \
+ -e "s|@CNT_OVERLAY@|${CNT_OVERLAY}|g" \
-e "s|@NAME@|${NAME}|g" \
-e "s|@BIND@|${BIND}|g" \
-e "s|@BOOT@|yes|g" \
-e "s|@CAPABILITY@|${CAPABILITY}|g" \
-e "s|@DIRECTORY@|${MACHINES}/${NAME}|g" \
-e "s|@DROP_CAPABILITY@|${DROP_CAPABILITY}|g" \
+ -e "s|@LINK_JOURNAL@|no|g" \
-e "s|@MACHINE@|${NAME}|g" \
-e "s|@NETWORK_VETH_EXTRA@|${NETWORK_VETH_EXTRA}|g" \
- -e "s|@LINK_JOURNAL@|no|g" \
+ -e "s|@PRIVATE_USERS@|no|g" \
-e "s|@REGISTER@|yes|g" \
/usr/share/container-tools/config/container.conf.in > "${CONFIG}/${NAME}.conf"
diff --git a/lib/container/enter b/lib/container/enter
index 101b43e..4eff504 100755
--- a/lib/container/enter
+++ b/lib/container/enter
@@ -60,7 +60,7 @@ Parameters ()
Usage ()
{
- echo "Usage: container ${COMMAND} -n|--name NAME [-- COMMAND|\"COMMANDS\"]" >&2
+ echo "Usage: container ${COMMAND} -n|--name NAME" >&2
exit 1
}
@@ -90,7 +90,13 @@ case "${STATE}" in
esac
LEADER="$(machinectl status ${NAME} | awk '/Leader: / { print $2 }')"
-COMMANDS="$(echo ${@} | sed -e 's|.*-- ||')"
# Run
-nsenter --target ${LEADER} --mount --uts --ipc --net --pid --root --wd=/root ${COMMANDS}
+if [ -e "${MACHINES}/${NAME}/usr/bin/container-nsenter" ]
+then
+ OPTIONS="/usr/bin/container-nsenter"
+else
+ OPTIONS=""
+fi
+
+nsenter --target ${LEADER} --mount --uts --ipc --net --pid --root --wd=/root ${OPTIONS}
diff --git a/lib/container/list b/lib/container/list
index 60ae782..d522623 100755
--- a/lib/container/list
+++ b/lib/container/list
@@ -148,12 +148,6 @@ CONTAINERS="$(cd "${MACHINES}" 2>/dev/null && find -maxdepth 1 -type d -and -not
for CONTAINER in ${CONTAINERS}
do
- # FIXME: ignore lxc container for now
- if [ -e "${MACHINES}/${CONTAINER}/rootfs" ]
- then
- continue
- fi
-
STATE="$(machinectl show ${CONTAINER} 2>&1 | awk -F= '/^State=/ { print $2 }')"
if [ -e "${CONFIG}/${CONTAINER}.conf" ]
diff --git a/lib/container/remove b/lib/container/remove
index e4bb20c..843e9c3 100755
--- a/lib/container/remove
+++ b/lib/container/remove
@@ -25,8 +25,8 @@ MACHINES="/var/lib/machines"
Parameters ()
{
- LONG_OPTIONS="name:,force,"
- OPTIONS="n:,f,"
+ LONG_OPTIONS="name:,force,verbose,"
+ OPTIONS="n:,f,v,"
PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})"
@@ -51,6 +51,11 @@ Parameters ()
shift 1
;;
+ -f|--verbose)
+ VERBOSE="true"
+ shift 1
+ ;;
+
--)
shift 1
break
@@ -66,7 +71,7 @@ Parameters ()
Usage ()
{
- echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force]" >&2
+ echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force] [-v|--verbose]" >&2
exit 1
}
@@ -113,6 +118,16 @@ case "${FORCE}" in
;;
esac
+case "${VERBOSE}" in
+ true)
+ RM_OPTIONS="--verbose"
+ ;;
+
+ *)
+ RM_OPTIONS=""
+ ;;
+esac
+
# data
if [ -e "${CONFIG}/${NAME}.conf" ]
then
@@ -133,5 +148,5 @@ then
fi
# Run
-rm --preserve-root --one-file-system -rf "${MACHINES}/${NAME}"
-rm -f "${CONFIG}/${NAME}.conf"
+rm --preserve-root --one-file-system -rf ${RM_OPTIONS} "${MACHINES}/${NAME}"
+rm -f ${RM_OPTIONS} "${CONFIG}/${NAME}.conf"
diff --git a/lib/container/start b/lib/container/start
index a4dc033..5191ae2 100755
--- a/lib/container/start
+++ b/lib/container/start
@@ -28,8 +28,8 @@ SYSTEMCTL="true"
Parameters ()
{
- LONG_OPTIONS="name:,nspawn,start,"
- OPTIONS="n:,"
+ LONG_OPTIONS="name:,force,nspawn,start,"
+ OPTIONS="n:f,"
PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})"
@@ -49,6 +49,11 @@ Parameters ()
shift 2
;;
+ -f|--force)
+ FORCE="true"
+ shift 1
+ ;;
+
--nspawn)
# internal option
SYSTEMCTL="false"
@@ -77,7 +82,7 @@ Parameters ()
Usage ()
{
- echo "Usage: container ${COMMAND} -n|--name NAME" >&2
+ echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force]" >&2
exit 1
}
@@ -107,6 +112,20 @@ case "${START}" in
;;
esac
+if [ -e "${MACHINES}/.#${NAME}.lck" ]
+then
+ case "${FORCE}" in
+ true)
+ rm -f "${MACHINES}/.#${NAME}.lck"
+ ;;
+
+ *)
+ echo "'${NAME}': container is locked" >&2
+ exit 1
+ ;;
+ esac
+fi
+
HOST_ARCHITECTURE="$(dpkg --print-architecture)"
MACHINE_ARCHITECTURE="$(chroot ${MACHINES}/${NAME} dpkg --print-architecture)"
@@ -139,6 +158,31 @@ esac
# config
if [ -e "${CONFIG}/${NAME}.conf" ]
then
+ CNT_OVERLAY="$(awk -F= '/^cnt.overlay=/ { print $2 }' ${CONFIG}/${NAME}.conf)"
+
+ if [ -n "${CNT_OVERLAY}" ]
+ then
+ CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')"
+
+ for CNT_OVERLAY in ${CNT_OVERLAYS}
+ do
+ DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')"
+ DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')"
+ DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')"
+ DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')"
+
+ for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}"
+ do
+ mkdir -p "${DIRECTORY}"
+ done
+
+ if ! findmnt -n -o SOURCE "${DIRECTORY_MERGED}" | grep -qs '^cnt.overlay-'
+ then
+ mount cnt.overlay-${NAME} -t overlay -olowerdir="${DIRECTORY_LOWER}",upperdir="${DIRECTORY_UPPER}",workdir="${DIRECTORY_WORK}",default_permissions "${DIRECTORY_MERGED}"
+ fi
+ done
+ fi
+
BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)"
if [ -n "${BIND}" ]
@@ -199,6 +243,18 @@ then
;;
esac
+ LINK_JOURNAL="$(awk -F= '/^link-journal=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)"
+
+ case "${LINK_JOURNAL}" in
+ yes)
+ LINK_JOURNAL="--link-journal=yes"
+ ;;
+
+ *)
+ LINK_JOURNAL="--link-journal=no"
+ ;;
+ esac
+
MACHINE="--machine=${NAME}"
NETWORK_VETH_EXTRA_CONF="$(awk -F= '/^network-veth-extra=/ { print $2 }' ${CONFIG}/${NAME}.conf)"
@@ -256,15 +312,15 @@ EOF
;;
esac
- LINK_JOURNAL="$(awk -F= '/^link-journal=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)"
+ PRIVATE_USERS="$(awk -F= '/^private-users=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)"
- case "${LINK_JOURNAL}" in
+ case "${PRIVATE_USERS}" in
yes)
- LINK_JOURNAL="--link-journal=yes"
+ PRIVATE_USERS="--private-users=yes"
;;
*)
- LINK_JOURNAL="--link-journal=no"
+ PRIVATE_USERS="--private-users=no"
;;
esac
diff --git a/lib/container/status b/lib/container/status
index a41d005..b797c98 100755
--- a/lib/container/status
+++ b/lib/container/status
@@ -79,4 +79,4 @@ then
fi
# Run
-systemctl status container@${NAME}.service
+systemctl status container@${NAME}.service --full
diff --git a/lib/container/stop b/lib/container/stop
index dc78f05..ec24d51 100755
--- a/lib/container/stop
+++ b/lib/container/stop
@@ -94,6 +94,29 @@ STATE="$(machinectl show ${NAME} 2>&1 | awk -F= '/^State=/ { print $2 }')"
case "${CLEAN}" in
true)
+ # Removing overlay mounts
+ CNT_OVERLAY="$(awk -F= '/^cnt.overlay=/ { print $2 }' ${CONFIG}/${NAME}.conf)"
+
+ if [ -n "${CNT_OVERLAY}" ]
+ then
+ CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')"
+
+ for CNT_OVERLAY in ${CNT_OVERLAYS}
+ do
+ DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')"
+ DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')"
+ DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')"
+ DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')"
+
+ umount -f "${DIRECTORY_MERGED}"
+
+ for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}"
+ do
+ rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true
+ done
+ done
+ fi
+
# Removing bind mounts
BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)"