Class: OsCtld::Container

Inherits:
Object
  • Object
show all
Includes:
OsCtl::Lib::Utils::Log, OsCtl::Lib::Utils::System, Assets::Definition, Lockable, Manipulable, Utils::SwitchUser
Defined in:
lib/osctld/container.rb,
lib/osctld/container/hooks.rb

Defined Under Namespace

Modules: Hook, Hooks Classes: Builder, Importer, LxcConfig

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Utils::SwitchUser

#ct_attach, #ct_syscmd

Methods included from Assets::Definition

#define_assets

Methods included from Manipulable

#acquire_manipulation_lock, #init_manipulable, #is_being_manipulated?, #manipulate, #manipulated_by, #release_manipulation_lock

Methods included from Lockable

#exclusively, included, #inclusively, #init_lock, #lock, #unlock

Constructor Details

#initialize(pool, id, user = nil, group = nil, dataset = nil, opts = {}) ⇒ Container

Returns a new instance of Container

Parameters:

  • pool (Pool)
  • id (String)
  • user (User, nil) (defaults to: nil)
  • group (Group, nil) (defaults to: nil)
  • dataset (String, nil) (defaults to: nil)
  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • load (Boolean)

    load config

  • load_from (String)

    load from this string instead of config file

  • staged (Boolean)

    create a staged container

  • devices (Boolean)

    determines whether devices are initialized



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'lib/osctld/container.rb', line 39

def initialize(pool, id, user = nil, group = nil, dataset = nil, opts = {})
  init_lock
  init_manipulable

  opts[:load] = true unless opts.has_key?(:load)

  @pool = pool
  @id = id
  @user = user
  @group = group
  @dataset = dataset
  @state = opts[:staged] ? :staged : :unknown
  @ephemeral = false
  @init_pid = nil
  @netifs = NetInterface::Manager.new(self)
  @cgparams = nil
  @devices = nil
  @prlimits = nil
  @mounts = nil
  @hostname = nil
  @dns_resolvers = nil
  @nesting = false
  @seccomp_profile = nil
  @apparmor = AppArmor.new(self)
  @lxc_config = Container::LxcConfig.new(self)
  @attrs = Attributes.new
  @dist_network_configured = false

  if opts[:load]
   load_config(opts[:load_from], !opts.has_key?(:devices) || opts[:devices])
  end
end

Instance Attribute Details

#apparmorObject

Returns the value of attribute apparmor



21
22
23
# File 'lib/osctld/container.rb', line 21

def apparmor
  @apparmor
end

#archObject

Returns the value of attribute arch



21
22
23
# File 'lib/osctld/container.rb', line 21

def arch
  @arch
end

#attrsObject

Returns the value of attribute attrs



21
22
23
# File 'lib/osctld/container.rb', line 21

def attrs
  @attrs
end

#autostartObject

Returns the value of attribute autostart



21
22
23
# File 'lib/osctld/container.rb', line 21

def autostart
  @autostart
end

#cgparamsObject

Returns the value of attribute cgparams



21
22
23
# File 'lib/osctld/container.rb', line 21

def cgparams
  @cgparams
end

#datasetObject

Returns the value of attribute dataset



21
22
23
# File 'lib/osctld/container.rb', line 21

def dataset
  @dataset
end

#devicesObject

Returns the value of attribute devices



21
22
23
# File 'lib/osctld/container.rb', line 21

def devices
  @devices
end

#dist_network_configuredObject (protected)

Returns the value of attribute dist_network_configured



569
570
571
# File 'lib/osctld/container.rb', line 569

def dist_network_configured
  @dist_network_configured
end

#distributionObject

Returns the value of attribute distribution



21
22
23
# File 'lib/osctld/container.rb', line 21

def distribution
  @distribution
end

#dns_resolversObject

Returns the value of attribute dns_resolvers



21
22
23
# File 'lib/osctld/container.rb', line 21

def dns_resolvers
  @dns_resolvers
end

#ephemeralObject Also known as: ephemeral?

Returns the value of attribute ephemeral



21
22
23
# File 'lib/osctld/container.rb', line 21

def ephemeral
  @ephemeral
end

#groupObject

Returns the value of attribute group



21
22
23
# File 'lib/osctld/container.rb', line 21

def group
  @group
end

#hostnameObject

Returns the value of attribute hostname



21
22
23
# File 'lib/osctld/container.rb', line 21

def hostname
  @hostname
end

#idObject

Returns the value of attribute id



21
22
23
# File 'lib/osctld/container.rb', line 21

def id
  @id
end

#init_pidObject

Returns the value of attribute init_pid



21
22
23
# File 'lib/osctld/container.rb', line 21

def init_pid
  @init_pid
end

#lxc_configObject

Returns the value of attribute lxc_config



21
22
23
# File 'lib/osctld/container.rb', line 21

def lxc_config
  @lxc_config
end

#migration_logObject

Returns the value of attribute migration_log



21
22
23
# File 'lib/osctld/container.rb', line 21

def migration_log
  @migration_log
end

#mountedObject (protected)

Returns the value of attribute mounted



569
570
571
# File 'lib/osctld/container.rb', line 569

def mounted
  @mounted
end

#mountsObject

Returns the value of attribute mounts



21
22
23
# File 'lib/osctld/container.rb', line 21

def mounts
  @mounts
end

#nestingObject

Returns the value of attribute nesting



21
22
23
# File 'lib/osctld/container.rb', line 21

def nesting
  @nesting
end

#netifsObject

Returns the value of attribute netifs



21
22
23
# File 'lib/osctld/container.rb', line 21

def netifs
  @netifs
end

#poolObject

Returns the value of attribute pool



21
22
23
# File 'lib/osctld/container.rb', line 21

def pool
  @pool
end

#prlimitsObject

Returns the value of attribute prlimits



21
22
23
# File 'lib/osctld/container.rb', line 21

def prlimits
  @prlimits
end

#seccomp_profileObject

Returns the value of attribute seccomp_profile



21
22
23
# File 'lib/osctld/container.rb', line 21

def seccomp_profile
  @seccomp_profile
end

#stateObject

Returns the value of attribute state



21
22
23
# File 'lib/osctld/container.rb', line 21

def state
  @state
end

#userObject

Returns the value of attribute user



21
22
23
# File 'lib/osctld/container.rb', line 21

def user
  @user
end

#versionObject

Returns the value of attribute version



21
22
23
# File 'lib/osctld/container.rb', line 21

def version
  @version
end

Class Method Details

.default_dataset(pool, id) ⇒ Object



16
17
18
19
# File 'lib/osctld/container.rb', line 16

def self.default_dataset(pool, id)
  name = File.join(pool.ct_ds, id)
  OsCtl::Lib::Zfs::Dataset.new(name, base: name)
end

Instance Method Details

#abs_apply_cgroup_path(subsystem) ⇒ Object



373
374
375
# File 'lib/osctld/container.rb', line 373

def abs_apply_cgroup_path(subsystem)
  File.join(CGroup::FS, CGroup.real_subsystem(subsystem), base_cgroup_path)
end

#abs_cgroup_path(subsystem) ⇒ Object



369
370
371
# File 'lib/osctld/container.rb', line 369

def abs_cgroup_path(subsystem)
  File.join(CGroup::FS, CGroup.real_subsystem(subsystem), cgroup_path)
end

#assetsObject



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
# File 'lib/osctld/container.rb', line 93

def assets
  define_assets do |add|
    # Datasets
    add.dataset(
      dataset,
      desc: "Container's rootfs dataset",
      uidmap: uid_map.map(&:to_a),
      gidmap: gid_map.map(&:to_a),
      user: root_host_uid,
      group: root_host_gid,
      mode: 0770,
      validate_if: mounted?,
    )

    # Directories and files
    add.directory(
      rootfs,
      desc: "Container's rootfs",
      user: root_host_uid,
      group: root_host_gid,
      mode: 0755,
      validate_if: mounted?,
    )

    add.directory(
      user_hook_script_dir,
      desc: 'User supplied script hooks',
      user: 0,
      group: 0,
      mode: 0700
    )
    add.directory(
      lxc_dir,
      desc: 'LXC configuration',
      user: 0,
      group: user.ugid,
      mode: 0750
    )

    lxc_config.assets(add)

    add.file(
      File.join(lxc_dir, '.bashrc'),
      desc: 'Shell configuration file for osctl ct su',
      user: 0,
      group: 0,
      mode: 0644
    )

    add.file(
      config_path,
      desc: 'Container config for osctld',
      user: 0,
      group: 0,
      mode: 0400
    )
    add.file(
      log_path,
      desc: 'LXC log file',
      user: 0,
      group: user.ugid,
      mode: 0660
    )
  end
end

#base_cgroup_pathObject



361
362
363
# File 'lib/osctld/container.rb', line 361

def base_cgroup_path
  inclusively { File.join(group.full_cgroup_path(user), "ct.#{id}") }
end

#can_dist_configure_network?Boolean

Returns:

  • (Boolean)


274
275
276
277
278
279
# File 'lib/osctld/container.rb', line 274

def can_dist_configure_network?
  inclusively do
    next false if netifs.detect { |netif| !netif.can_run_distconfig? }
    true
  end
end

#can_start?Boolean

Returns:

  • (Boolean)


261
262
263
# File 'lib/osctld/container.rb', line 261

def can_start?
  inclusively { state != :staged && state != :error && pool.active? }
end

#cgroup_pathObject



365
366
367
# File 'lib/osctld/container.rb', line 365

def cgroup_path
  File.join(base_cgroup_path, 'user-owned')
end

#chgrp(grp, missing_devices: nil) ⇒ Object



204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# File 'lib/osctld/container.rb', line 204

def chgrp(grp, missing_devices: nil)
  self.group = grp

  case missing_devices
  when 'provide'
    devices.ensure_all
    devices.create

  when 'remove'
    devices.remove_missing
    devices.create

  when 'check'
    devices.check_all_available!(grp)

  else
    fail "unsupported action for missing devices: '#{missing_devices}'"
  end

  save_config
  lxc_config.configure
  configure_bashrc
end

#chown(user) ⇒ Object



197
198
199
200
201
202
# File 'lib/osctld/container.rb', line 197

def chown(user)
  self.user = user
  save_config
  lxc_config.configure
  configure_bashrc
end

#clone_from(ct, id, opts = {}) ⇒ Object (protected)

Change the container so that it becomes a clone of `ct` with a different id

Parameters:

  • ct (Container)

    the source container

  • id (String)

    new container id

  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • :pool (Pool)

    target pool, optional

  • :user (User)

    target user, optional

  • :group (Group)

    target group, optional

  • :dataset (String)

    target dataset, optional



658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
# File 'lib/osctld/container.rb', line 658

def clone_from(ct, id, opts = {})
  init_lock
  init_manipulable

  @id = id
  @pool = opts[:pool] if opts[:pool]
  @user = opts[:user] if opts[:user]
  @group = opts[:group] if opts[:group]
  @init_pid = nil
  @state = :staged
  @migration_log = nil

  if opts[:dataset]
    @dataset = OsCtl::Lib::Zfs::Dataset.new(
      opts[:dataset],
      base: opts[:dataset],
    )
  else
    @dataset = Container.default_dataset(@pool, @id)
  end

  @apparmor = @apparmor.dup(self)
  @autostart = @autostart && @autostart.dup(self)
  @cgparams = cgparams.dup(self)
  @prlimits = prlimits.dup(self)
  @mounts = mounts.dup(self)
  @lxc_config = lxc_config.dup(self)
  @attrs = attrs.dup

  @devices = devices.dup(self)
  devices.init

  @netifs = netifs.dup(self)
  netifs.each(&:setup)
end

#close_migration_log(save: true) ⇒ Object



497
498
499
500
# File 'lib/osctld/container.rb', line 497

def close_migration_log(save: true)
  self.migration_log = nil
  save_config if save
end

#config_pathObject



324
325
326
# File 'lib/osctld/container.rb', line 324

def config_path
  inclusively { File.join(pool.conf_path, 'ct', "#{id}.yml") }
end

#configure(distribution, version, arch) ⇒ Object



76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# File 'lib/osctld/container.rb', line 76

def configure(distribution, version, arch)
  exclusively do
    @distribution = distribution
    @version = version
    @arch = arch
    @netifs = NetInterface::Manager.new(self)
    @nesting = false
    @seccomp_profile = default_seccomp_profile
    @cgparams = CGroup::ContainerParams.new(self)
    @devices = Devices::ContainerManager.new(self)
    @prlimits = PrLimits::Manager.default(self)
    @mounts = Mount::Manager.new(self)
    devices.init
    save_config
  end
end

#configure_bashrcObject



479
480
481
482
483
484
485
486
487
488
489
490
# File 'lib/osctld/container.rb', line 479

def configure_bashrc
  ErbTemplate.render_to('ct/bashrc', {
    ct: self,
    override: %w(
      attach cgroup console device execute info ls monitor stop top wait
    ),
    disable: %w(
      autostart checkpoint clone copy create destroy freeze snapshot
      start-ephemeral unfreeze unshare
    ),
  }, File.join(lxc_dir, '.bashrc'))
end

#current_stateObject



246
247
248
249
250
251
252
253
254
255
# File 'lib/osctld/container.rb', line 246

def current_state
  s = state
  return s if s != :unknown

  begin
    self.state = ContainerControl::Commands::State.run!(self).state
  rescue ContainerControl::Error
    self.state = :error
  end
end

#datasetsArray<OsCtl::Lib::Zfs::Dataset>

Return a list of all container datasets

Returns:

  • (Array<OsCtl::Lib::Zfs::Dataset>)


350
351
352
353
# File 'lib/osctld/container.rb', line 350

def datasets
  ds = inclusively { dataset }
  [ds] + ds.descendants
end

#default_seccomp_profileObject (protected)



694
695
696
# File 'lib/osctld/container.rb', line 694

def default_seccomp_profile
  '/etc/lxc/config/common.seccomp'
end

#dirObject



294
295
296
# File 'lib/osctld/container.rb', line 294

def dir
  dataset.mountpoint
end

#dist_configure_networkObject



287
288
289
290
291
292
# File 'lib/osctld/container.rb', line 287

def dist_configure_network
  return unless dist_configure_network?

  DistConfig.run(self, :network)
  self.dist_network_configured = true
end

#dist_configure_network?Boolean

Returns:

  • (Boolean)


281
282
283
284
285
# File 'lib/osctld/container.rb', line 281

def dist_configure_network?
  inclusively do
    !dist_network_configured && can_dist_configure_network?
  end
end

#dumpObject (protected)

Dump to config



619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
# File 'lib/osctld/container.rb', line 619

def dump
  inclusively do
    data = {
      'user' => user.name,
      'group' => group.name,
      'dataset' => dataset.name,
      'distribution' => distribution,
      'version' => version,
      'arch' => arch,
      'net_interfaces' => netifs.dump,
      'cgparams' => cgparams.dump,
      'devices' => devices.dump,
      'prlimits' => prlimits.dump,
      'mounts' => mounts.dump,
      'autostart' => autostart && autostart.dump,
      'ephemeral' => ephemeral,
      'hostname' => hostname && hostname.to_s,
      'dns_resolvers' => dns_resolvers,
      'nesting' => nesting,
      'seccomp_profile' => seccomp_profile == default_seccomp_profile \
                           ? nil : seccomp_profile,
      'attrs' => attrs.dump,
    }

    data['state'] = 'staged' if state == :staged
    data['migration_log'] = migration_log.dump if migration_log

    data
  end
end

#dup(id, opts = {}) ⇒ Object

Duplicate the container with a different ID

The returned container has `state` set to `:staged` and its assets will not exist, so the caller has to build the container and call `ct.state = :complete` for the container to become usable.

Parameters:

  • id (String)

    new container id

  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • :pool (Pool)

    target pool, optional

  • :user (User)

    target user, optional

  • :group (Group)

    target group, optional

  • :dataset (String)

    target dataset, optional



171
172
173
174
175
# File 'lib/osctld/container.rb', line 171

def dup(id, opts = {})
  ct = clone
  ct.send(:clone_from, self, id, opts)
  ct
end

#each_dataset {|ds| ... } ⇒ Object

Iterate over all container datasets

Yield Parameters:

  • ds (OsCtl::Lib::Zfs::Dataset)


357
358
359
# File 'lib/osctld/container.rb', line 357

def each_dataset(&block)
  datasets.each(&block)
end

#exportObject

Export to clients



503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
# File 'lib/osctld/container.rb', line 503

def export
  inclusively do
    {
      pool: pool.name,
      id: id,
      user: user.name,
      group: group.name,
      dataset: dataset.name,
      rootfs: rootfs,
      lxc_path: lxc_home,
      lxc_dir: lxc_dir,
      group_path: cgroup_path,
      distribution: distribution,
      version: version,
      state: state,
      init_pid: init_pid,
      autostart: autostart ? true : false,
      autostart_priority: autostart && autostart.priority,
      autostart_delay: autostart && autostart.delay,
      ephemeral: ephemeral,
      hostname: hostname,
      dns_resolvers: dns_resolvers,
      nesting: nesting,
      seccomp_profile: seccomp_profile,
      log_file: log_path,
    }.merge!(attrs.export)
  end
end

#gid_mapObject



336
337
338
# File 'lib/osctld/container.rb', line 336

def gid_map
  user.gid_map
end

#identObject



72
73
74
# File 'lib/osctld/container.rb', line 72

def ident
  inclusively { "#{pool.name}:#{id}" }
end

#load_config(config = nil, init_devices = true) ⇒ Object (protected)



571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
# File 'lib/osctld/container.rb', line 571

def load_config(config = nil, init_devices = true)
  if config
    cfg = YAML.load(config)
  else
    cfg = YAML.load_file(config_path)
  end

  exclusively do
    @state = cfg['state'].to_sym if cfg['state']
    @user ||= DB::Users.find(cfg['user'], pool) || (raise "user not found")
    @group ||= DB::Groups.find(cfg['group'], pool) || (raise "group not found")

    unless @dataset
      if cfg['dataset']
        @dataset = OsCtl::Lib::Zfs::Dataset.new(cfg['dataset'], base: cfg['dataset'])
      else
        @dataset = Container.default_dataset(pool, id)
      end
    end

    @distribution = cfg['distribution']
    @version = cfg['version']
    @arch = cfg['arch']
    @autostart = cfg['autostart'] && AutoStart::Config.load(self, cfg['autostart'])
    @ephemeral = cfg['ephemeral']
    @hostname = cfg['hostname'] && OsCtl::Lib::Hostname.new(cfg['hostname'])
    @dns_resolvers = cfg['dns_resolvers']
    @nesting = cfg['nesting'] || false
    @seccomp_profile = cfg['seccomp_profile'] || default_seccomp_profile
    @migration_log = Migration::Log.load(cfg['migration_log']) if cfg['migration_log']
    @cgparams = CGroup::ContainerParams.load(self, cfg['cgparams'])
    @prlimits = PrLimits::Manager.load(self, cfg['prlimits'] || {})
    @attrs = Attributes.load(cfg['attrs'] || {})

    # It's necessary to load devices _before_ netifs. The device manager needs
    # to create cgroups first, in order for echo a > devices.deny to work.
    # If the container has a veth interface, the setup code switches to the
    # container's user, which creates cgroups in all subsystems. Devices then
    # can't be initialized properly.
    @devices = Devices::ContainerManager.load(self, cfg['devices'] || [])
    @devices.init if init_devices

    @netifs = NetInterface::Manager.load(self, cfg['net_interfaces'] || [])
    @mounts = Mount::Manager.load(self, cfg['mounts'] || [])
  end
end

#log_pathObject



552
553
554
# File 'lib/osctld/container.rb', line 552

def log_path
  inclusively { File.join(pool.log_path, 'ct', "#{id}.log") }
end

#log_typeObject



556
557
558
# File 'lib/osctld/container.rb', line 556

def log_type
  inclusively { "ct=#{pool.name}:#{id}" }
end

#lxc_dir(user: nil, group: nil) ⇒ Object



302
303
304
# File 'lib/osctld/container.rb', line 302

def lxc_dir(user: nil, group: nil)
  inclusively { File.join(lxc_home(user: user, group: group), id) }
end

#lxc_home(user: nil, group: nil) ⇒ Object



298
299
300
# File 'lib/osctld/container.rb', line 298

def lxc_home(user: nil, group: nil)
  inclusively { (group || self.group).userdir(user || self.user) }
end

#manipulation_resourceObject



560
561
562
# File 'lib/osctld/container.rb', line 560

def manipulation_resource
  ['container', ident]
end

#mount(force: false) ⇒ Object

Mount the container's dataset

Parameters:

  • force (Boolean)

    ensure the datasets are mounted even if osctld already mounted them



180
181
182
183
184
# File 'lib/osctld/container.rb', line 180

def mount(force: false)
  return if !force && mounted
  dataset.mount(recursive: true)
  self.mounted = true
end

#mounted?(force: false) ⇒ Boolean

Check if the container's dataset is mounted

Parameters:

  • force (Boolean)

    check if the dataset is mounted even if osctld already mounted it

Returns:

  • (Boolean)


189
190
191
192
193
194
195
# File 'lib/osctld/container.rb', line 189

def mounted?(force: false)
  if force || mounted.nil?
    self.mounted = dataset.mounted?(recursive: true)
  else
    mounted
  end
end

#open_migration_log(role, opts = {}) ⇒ Object



492
493
494
495
# File 'lib/osctld/container.rb', line 492

def open_migration_log(role, opts = {})
  self.migration_log = Migration::Log.new(role: role, opts: opts)
  save_config
end

#prlimit_set(name, soft, hard) ⇒ Object



452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
# File 'lib/osctld/container.rb', line 452

def prlimit_set(name, soft, hard)
  exclusively do
    limit = @prlimits.detect { |v| v.name == name }

    if limit
      limit.set(soft, hard)

    else
      @prlimits << PrLimit.new(name, soft, hard)
    end
  end

  save_config
  lxc_config.configure
end

#prlimit_unset(name) ⇒ Object



468
469
470
471
472
473
474
475
476
477
# File 'lib/osctld/container.rb', line 468

def prlimit_unset(name)
  exclusively do
    limit = @prlimits.detect { |v| v.name == name }
    next unless limit
    @prlimits.delete(limit)
  end

  save_config
  lxc_config.configure_prlimits
end

#reload_configObject



542
543
544
# File 'lib/osctld/container.rb', line 542

def reload_config
  load_config
end

#replace_config(config) ⇒ Object

Parameters:

  • config (String)


547
548
549
550
# File 'lib/osctld/container.rb', line 547

def replace_config(config)
  load_config(config)
  save_config
end

#root_host_gidObject



344
345
346
# File 'lib/osctld/container.rb', line 344

def root_host_gid
  user.gid_map.ns_to_host(0)
end

#root_host_uidObject



340
341
342
# File 'lib/osctld/container.rb', line 340

def root_host_uid
  user.uid_map.ns_to_host(0)
end

#rootfsObject



306
307
308
309
310
311
312
313
# File 'lib/osctld/container.rb', line 306

def rootfs
  File.join(dir, 'private')

rescue SystemCommandFailed
  # Dataset for staged containers does not have to exist yet, relevant
  # primarily for ct show/list
  nil
end

#running?Boolean

Returns:

  • (Boolean)


257
258
259
# File 'lib/osctld/container.rb', line 257

def running?
  state == :running
end

#runtime_rootfsObject



315
316
317
318
319
320
321
322
# File 'lib/osctld/container.rb', line 315

def runtime_rootfs
  fail 'container is not running' unless running?

  pid = inclusively { init_pid }
  fail 'init_pid not set' unless pid

  File.join('/proc', pid.to_s, 'root')
end

#save_configObject



532
533
534
535
536
537
538
539
540
# File 'lib/osctld/container.rb', line 532

def save_config
  data = dump

  File.open(config_path, 'w', 0400) do |f|
    f.write(YAML.dump(data))
  end

  File.chown(0, 0, config_path)
end

#set(opts) ⇒ Object



377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
# File 'lib/osctld/container.rb', line 377

def set(opts)
  opts.each do |k, v|
    case k
    when :autostart
      self.autostart = AutoStart::Config.new(self, v[:priority], v[:delay])

    when :ephemeral
      self.ephemeral = true

    when :hostname
      original = nil

      exclusively do
        original = @hostname
        @hostname = OsCtl::Lib::Hostname.new(v)
      end

      DistConfig.run(self, :set_hostname, original: original)

    when :dns_resolvers
      self.dns_resolvers = v
      DistConfig.run(self, :dns_resolvers)

    when :nesting
      self.nesting = true

    when :distribution
      exclusively do
        @distribution = v[:name]
        @version = v[:version]
        @arch = v[:arch] if v[:arch]
      end

    when :seccomp_profile
      self.seccomp_profile = v

    when :attrs
      attrs.update(v)
    end
  end

  save_config
  lxc_config.configure_base
end

#startingObject



265
266
267
# File 'lib/osctld/container.rb', line 265

def starting
  self.dist_network_configured = false
end

#stoppedObject



269
270
271
272
# File 'lib/osctld/container.rb', line 269

def stopped
  self.dist_network_configured = false
  self.init_pid = nil
end

#uid_mapObject



332
333
334
# File 'lib/osctld/container.rb', line 332

def uid_map
  user.uid_map
end

#unset(opts) ⇒ Object



422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
# File 'lib/osctld/container.rb', line 422

def unset(opts)
  opts.each do |k, v|
    case k
    when :autostart
      self.autostart = false

    when :ephemeral
      self.ephemeral = false

    when :hostname
      self.hostname = nil

    when :dns_resolvers
      self.dns_resolvers = nil

    when :nesting
      self.nesting = false

    when :seccomp_profile
      self.seccomp_profile = default_seccomp_profile

    when :attrs
      v.each { |attr| attrs.unset(attr) }
    end
  end

  save_config
  lxc_config.configure_base
end

#user_hook_script_dirObject



328
329
330
# File 'lib/osctld/container.rb', line 328

def user_hook_script_dir
  inclusively { File.join(pool.user_hook_script_dir, 'ct', id) }
end