Class: OsCtld::Container

Inherits:
Object
  • Object
show all
Includes:
OsCtl::Lib::Utils::Log, OsCtl::Lib::Utils::System, Assets::Definition, Lockable, Manipulable, Utils::SwitchUser
Defined in:
lib/osctld/container.rb,
lib/osctld/container/hooks.rb

Defined Under Namespace

Modules: Hook, Hooks Classes: Builder, Importer, LxcConfig

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Utils::SwitchUser

#ct_attach, #ct_control, #ct_exec, #ct_runscript, #ct_syscmd, #init_script, #unlink_file

Methods included from Assets::Definition

#define_assets

Methods included from Manipulable

#acquire_manipulation_lock, #init_manipulable, #is_being_manipulated?, #manipulate, #manipulated_by, #release_manipulation_lock

Methods included from Lockable

#exclusively, included, #inclusively, #init_lock, #lock, #unlock

Constructor Details

#initialize(pool, id, user = nil, group = nil, dataset = nil, opts = {}) ⇒ Container

Returns a new instance of Container

Parameters:

  • pool (Pool)
  • id (String)
  • user (User, nil) (defaults to: nil)
  • group (Group, nil) (defaults to: nil)
  • dataset (String, nil) (defaults to: nil)
  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • load (Boolean)

    load config

  • load_from (String)

    load from this string instead of config file

  • staged (Boolean)

    create a staged container

  • devices (Boolean)

    determines whether devices are initialized



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'lib/osctld/container.rb', line 39

def initialize(pool, id, user = nil, group = nil, dataset = nil, opts = {})
  init_lock
  init_manipulable

  opts[:load] = true unless opts.has_key?(:load)

  @pool = pool
  @id = id
  @user = user
  @group = group
  @dataset = dataset
  @state = opts[:staged] ? :staged : :unknown
  @ephemeral = false
  @init_pid = nil
  @netifs = NetInterface::Manager.new(self)
  @cgparams = nil
  @devices = nil
  @prlimits = nil
  @mounts = nil
  @hostname = nil
  @dns_resolvers = nil
  @nesting = false
  @seccomp_profile = nil
  @apparmor = AppArmor.new(self)
  @lxc_config = Container::LxcConfig.new(self)
  @attrs = Attributes.new
  @dist_network_configured = false

  if opts[:load]
   load_config(opts[:load_from], !opts.has_key?(:devices) || opts[:devices])
  end
end

Instance Attribute Details

#apparmorObject

Returns the value of attribute apparmor



21
22
23
# File 'lib/osctld/container.rb', line 21

def apparmor
  @apparmor
end

#archObject

Returns the value of attribute arch



21
22
23
# File 'lib/osctld/container.rb', line 21

def arch
  @arch
end

#attrsObject

Returns the value of attribute attrs



21
22
23
# File 'lib/osctld/container.rb', line 21

def attrs
  @attrs
end

#autostartObject

Returns the value of attribute autostart



21
22
23
# File 'lib/osctld/container.rb', line 21

def autostart
  @autostart
end

#cgparamsObject

Returns the value of attribute cgparams



21
22
23
# File 'lib/osctld/container.rb', line 21

def cgparams
  @cgparams
end

#datasetObject

Returns the value of attribute dataset



21
22
23
# File 'lib/osctld/container.rb', line 21

def dataset
  @dataset
end

#devicesObject

Returns the value of attribute devices



21
22
23
# File 'lib/osctld/container.rb', line 21

def devices
  @devices
end

#dist_network_configuredObject (protected)

Returns the value of attribute dist_network_configured



571
572
573
# File 'lib/osctld/container.rb', line 571

def dist_network_configured
  @dist_network_configured
end

#distributionObject

Returns the value of attribute distribution



21
22
23
# File 'lib/osctld/container.rb', line 21

def distribution
  @distribution
end

#dns_resolversObject

Returns the value of attribute dns_resolvers



21
22
23
# File 'lib/osctld/container.rb', line 21

def dns_resolvers
  @dns_resolvers
end

#ephemeralObject Also known as: ephemeral?

Returns the value of attribute ephemeral



21
22
23
# File 'lib/osctld/container.rb', line 21

def ephemeral
  @ephemeral
end

#groupObject

Returns the value of attribute group



21
22
23
# File 'lib/osctld/container.rb', line 21

def group
  @group
end

#hostnameObject

Returns the value of attribute hostname



21
22
23
# File 'lib/osctld/container.rb', line 21

def hostname
  @hostname
end

#idObject

Returns the value of attribute id



21
22
23
# File 'lib/osctld/container.rb', line 21

def id
  @id
end

#init_pidObject

Returns the value of attribute init_pid



21
22
23
# File 'lib/osctld/container.rb', line 21

def init_pid
  @init_pid
end

#lxc_configObject

Returns the value of attribute lxc_config



21
22
23
# File 'lib/osctld/container.rb', line 21

def lxc_config
  @lxc_config
end

#migration_logObject

Returns the value of attribute migration_log



21
22
23
# File 'lib/osctld/container.rb', line 21

def migration_log
  @migration_log
end

#mountedObject (protected)

Returns the value of attribute mounted



571
572
573
# File 'lib/osctld/container.rb', line 571

def mounted
  @mounted
end

#mountsObject

Returns the value of attribute mounts



21
22
23
# File 'lib/osctld/container.rb', line 21

def mounts
  @mounts
end

#nestingObject

Returns the value of attribute nesting



21
22
23
# File 'lib/osctld/container.rb', line 21

def nesting
  @nesting
end

#netifsObject

Returns the value of attribute netifs



21
22
23
# File 'lib/osctld/container.rb', line 21

def netifs
  @netifs
end

#poolObject

Returns the value of attribute pool



21
22
23
# File 'lib/osctld/container.rb', line 21

def pool
  @pool
end

#prlimitsObject

Returns the value of attribute prlimits



21
22
23
# File 'lib/osctld/container.rb', line 21

def prlimits
  @prlimits
end

#seccomp_profileObject

Returns the value of attribute seccomp_profile



21
22
23
# File 'lib/osctld/container.rb', line 21

def seccomp_profile
  @seccomp_profile
end

#stateObject

Returns the value of attribute state



21
22
23
# File 'lib/osctld/container.rb', line 21

def state
  @state
end

#userObject

Returns the value of attribute user



21
22
23
# File 'lib/osctld/container.rb', line 21

def user
  @user
end

#versionObject

Returns the value of attribute version



21
22
23
# File 'lib/osctld/container.rb', line 21

def version
  @version
end

Class Method Details

.default_dataset(pool, id) ⇒ Object



16
17
18
19
# File 'lib/osctld/container.rb', line 16

def self.default_dataset(pool, id)
  name = File.join(pool.ct_ds, id)
  OsCtl::Lib::Zfs::Dataset.new(name, base: name)
end

Instance Method Details

#abs_apply_cgroup_path(subsystem) ⇒ Object



375
376
377
# File 'lib/osctld/container.rb', line 375

def abs_apply_cgroup_path(subsystem)
  File.join(CGroup::FS, CGroup.real_subsystem(subsystem), base_cgroup_path)
end

#abs_cgroup_path(subsystem) ⇒ Object



371
372
373
# File 'lib/osctld/container.rb', line 371

def abs_cgroup_path(subsystem)
  File.join(CGroup::FS, CGroup.real_subsystem(subsystem), cgroup_path)
end

#assetsObject



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
# File 'lib/osctld/container.rb', line 93

def assets
  define_assets do |add|
    # Datasets
    add.dataset(
      dataset,
      desc: "Container's rootfs dataset",
      uidmap: uid_map.map(&:to_a),
      gidmap: gid_map.map(&:to_a),
      user: root_host_uid,
      group: root_host_gid,
      mode: 0770,
      validate_if: mounted?,
    )

    # Directories and files
    add.directory(
      rootfs,
      desc: "Container's rootfs",
      user: root_host_uid,
      group: root_host_gid,
      mode: 0755,
      validate_if: mounted?,
    )

    add.directory(
      user_hook_script_dir,
      desc: 'User supplied script hooks',
      user: 0,
      group: 0,
      mode: 0700
    )
    add.directory(
      lxc_dir,
      desc: 'LXC configuration',
      user: 0,
      group: user.ugid,
      mode: 0750
    )

    lxc_config.assets(add)

    add.file(
      File.join(lxc_dir, '.bashrc'),
      desc: 'Shell configuration file for osctl ct su',
      user: 0,
      group: 0,
      mode: 0644
    )

    add.file(
      config_path,
      desc: 'Container config for osctld',
      user: 0,
      group: 0,
      mode: 0400
    )
    add.file(
      log_path,
      desc: 'LXC log file',
      user: 0,
      group: user.ugid,
      mode: 0660
    )
  end
end

#base_cgroup_pathObject



363
364
365
# File 'lib/osctld/container.rb', line 363

def base_cgroup_path
  inclusively { File.join(group.full_cgroup_path(user), "ct.#{id}") }
end

#can_dist_configure_network?Boolean

Returns:

  • (Boolean)


276
277
278
279
280
281
# File 'lib/osctld/container.rb', line 276

def can_dist_configure_network?
  inclusively do
    next false if netifs.detect { |netif| !netif.can_run_distconfig? }
    true
  end
end

#can_start?Boolean

Returns:

  • (Boolean)


264
265
266
# File 'lib/osctld/container.rb', line 264

def can_start?
  inclusively { state != :staged && state != :error && pool.active? }
end

#cgroup_pathObject



367
368
369
# File 'lib/osctld/container.rb', line 367

def cgroup_path
  File.join(base_cgroup_path, 'user-owned')
end

#chgrp(grp, missing_devices: nil) ⇒ Object



204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# File 'lib/osctld/container.rb', line 204

def chgrp(grp, missing_devices: nil)
  self.group = grp

  case missing_devices
  when 'provide'
    devices.ensure_all
    devices.create

  when 'remove'
    devices.remove_missing
    devices.create

  when 'check'
    devices.check_all_available!(grp)

  else
    fail "unsupported action for missing devices: '#{missing_devices}'"
  end

  save_config
  lxc_config.configure
  configure_bashrc
end

#chown(user) ⇒ Object



197
198
199
200
201
202
# File 'lib/osctld/container.rb', line 197

def chown(user)
  self.user = user
  save_config
  lxc_config.configure
  configure_bashrc
end

#clone_from(ct, id, opts = {}) ⇒ Object (protected)

Change the container so that it becomes a clone of `ct` with a different id

Parameters:

  • ct (Container)

    the source container

  • id (String)

    new container id

  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • :pool (Pool)

    target pool, optional

  • :user (User)

    target user, optional

  • :group (Group)

    target group, optional

  • :dataset (String)

    target dataset, optional



660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
# File 'lib/osctld/container.rb', line 660

def clone_from(ct, id, opts = {})
  init_lock
  init_manipulable

  @id = id
  @pool = opts[:pool] if opts[:pool]
  @user = opts[:user] if opts[:user]
  @group = opts[:group] if opts[:group]
  @init_pid = nil
  @state = :staged
  @migration_log = nil

  if opts[:dataset]
    @dataset = OsCtl::Lib::Zfs::Dataset.new(
      opts[:dataset],
      base: opts[:dataset],
    )
  else
    @dataset = Container.default_dataset(@pool, @id)
  end

  @apparmor = @apparmor.dup(self)
  @autostart = @autostart && @autostart.dup(self)
  @cgparams = cgparams.dup(self)
  @prlimits = prlimits.dup(self)
  @mounts = mounts.dup(self)
  @lxc_config = lxc_config.dup(self)
  @attrs = attrs.dup

  @devices = devices.dup(self)
  devices.init

  @netifs = netifs.dup(self)
  netifs.each(&:setup)
end

#close_migration_log(save: true) ⇒ Object



499
500
501
502
# File 'lib/osctld/container.rb', line 499

def close_migration_log(save: true)
  self.migration_log = nil
  save_config if save
end

#config_pathObject



326
327
328
# File 'lib/osctld/container.rb', line 326

def config_path
  inclusively { File.join(pool.conf_path, 'ct', "#{id}.yml") }
end

#configure(distribution, version, arch) ⇒ Object



76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# File 'lib/osctld/container.rb', line 76

def configure(distribution, version, arch)
  exclusively do
    @distribution = distribution
    @version = version
    @arch = arch
    @netifs = NetInterface::Manager.new(self)
    @nesting = false
    @seccomp_profile = default_seccomp_profile
    @cgparams = CGroup::ContainerParams.new(self)
    @devices = Devices::ContainerManager.new(self)
    @prlimits = PrLimits::Manager.default(self)
    @mounts = Mount::Manager.new(self)
    devices.init
    save_config
  end
end

#configure_bashrcObject



481
482
483
484
485
486
487
488
489
490
491
492
# File 'lib/osctld/container.rb', line 481

def configure_bashrc
  ErbTemplate.render_to('ct/bashrc', {
    ct: self,
    override: %w(
      attach cgroup console device execute info ls monitor stop top wait
    ),
    disable: %w(
      autostart checkpoint clone copy create destroy freeze snapshot
      start-ephemeral unfreeze unshare
    ),
  }, File.join(lxc_dir, '.bashrc'))
end

#current_stateObject



246
247
248
249
250
251
252
253
254
255
256
257
258
# File 'lib/osctld/container.rb', line 246

def current_state
  s = state
  return s if s != :unknown

  ret = ct_control(self, :ct_status, ids: [id])

  if ret[:status]
    self.state = ret[:output][id.to_sym][:state].to_sym

  else
    self.state = :error
  end
end

#datasetsArray<OsCtl::Lib::Zfs::Dataset>

Return a list of all container datasets

Returns:

  • (Array<OsCtl::Lib::Zfs::Dataset>)


352
353
354
355
# File 'lib/osctld/container.rb', line 352

def datasets
  ds = inclusively { dataset }
  [ds] + ds.descendants
end

#default_seccomp_profileObject (protected)



696
697
698
# File 'lib/osctld/container.rb', line 696

def default_seccomp_profile
  File.join(Lxc::CONFIGS, 'common.seccomp')
end

#dirObject



296
297
298
# File 'lib/osctld/container.rb', line 296

def dir
  dataset.mountpoint
end

#dist_configure_networkObject



289
290
291
292
293
294
# File 'lib/osctld/container.rb', line 289

def dist_configure_network
  return unless dist_configure_network?

  DistConfig.run(self, :network)
  self.dist_network_configured = true
end

#dist_configure_network?Boolean

Returns:

  • (Boolean)


283
284
285
286
287
# File 'lib/osctld/container.rb', line 283

def dist_configure_network?
  inclusively do
    !dist_network_configured && can_dist_configure_network?
  end
end

#dumpObject (protected)

Dump to config



621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
# File 'lib/osctld/container.rb', line 621

def dump
  inclusively do
    data = {
      'user' => user.name,
      'group' => group.name,
      'dataset' => dataset.name,
      'distribution' => distribution,
      'version' => version,
      'arch' => arch,
      'net_interfaces' => netifs.dump,
      'cgparams' => cgparams.dump,
      'devices' => devices.dump,
      'prlimits' => prlimits.dump,
      'mounts' => mounts.dump,
      'autostart' => autostart && autostart.dump,
      'ephemeral' => ephemeral,
      'hostname' => hostname && hostname.to_s,
      'dns_resolvers' => dns_resolvers,
      'nesting' => nesting,
      'seccomp_profile' => seccomp_profile == default_seccomp_profile \
                           ? nil : seccomp_profile,
      'attrs' => attrs.dump,
    }

    data['state'] = 'staged' if state == :staged
    data['migration_log'] = migration_log.dump if migration_log

    data
  end
end

#dup(id, opts = {}) ⇒ Object

Duplicate the container with a different ID

The returned container has `state` set to `:staged` and its assets will not exist, so the caller has to build the container and call `ct.state = :complete` for the container to become usable.

Parameters:

  • id (String)

    new container id

  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • :pool (Pool)

    target pool, optional

  • :user (User)

    target user, optional

  • :group (Group)

    target group, optional

  • :dataset (String)

    target dataset, optional



171
172
173
174
175
# File 'lib/osctld/container.rb', line 171

def dup(id, opts = {})
  ct = clone
  ct.send(:clone_from, self, id, opts)
  ct
end

#each_dataset {|ds| ... } ⇒ Object

Iterate over all container datasets

Yield Parameters:

  • ds (OsCtl::Lib::Zfs::Dataset)


359
360
361
# File 'lib/osctld/container.rb', line 359

def each_dataset(&block)
  datasets.each(&block)
end

#exportObject

Export to clients



505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
# File 'lib/osctld/container.rb', line 505

def export
  inclusively do
    {
      pool: pool.name,
      id: id,
      user: user.name,
      group: group.name,
      dataset: dataset.name,
      rootfs: rootfs,
      lxc_path: lxc_home,
      lxc_dir: lxc_dir,
      group_path: cgroup_path,
      distribution: distribution,
      version: version,
      state: state,
      init_pid: init_pid,
      autostart: autostart ? true : false,
      autostart_priority: autostart && autostart.priority,
      autostart_delay: autostart && autostart.delay,
      ephemeral: ephemeral,
      hostname: hostname,
      dns_resolvers: dns_resolvers,
      nesting: nesting,
      seccomp_profile: seccomp_profile,
      log_file: log_path,
    }.merge!(attrs.export)
  end
end

#gid_mapObject



338
339
340
# File 'lib/osctld/container.rb', line 338

def gid_map
  user.gid_map
end

#identObject



72
73
74
# File 'lib/osctld/container.rb', line 72

def ident
  inclusively { "#{pool.name}:#{id}" }
end

#load_config(config = nil, init_devices = true) ⇒ Object (protected)



573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
# File 'lib/osctld/container.rb', line 573

def load_config(config = nil, init_devices = true)
  if config
    cfg = YAML.load(config)
  else
    cfg = YAML.load_file(config_path)
  end

  exclusively do
    @state = cfg['state'].to_sym if cfg['state']
    @user ||= DB::Users.find(cfg['user'], pool) || (raise "user not found")
    @group ||= DB::Groups.find(cfg['group'], pool) || (raise "group not found")

    unless @dataset
      if cfg['dataset']
        @dataset = OsCtl::Lib::Zfs::Dataset.new(cfg['dataset'], base: cfg['dataset'])
      else
        @dataset = Container.default_dataset(pool, id)
      end
    end

    @distribution = cfg['distribution']
    @version = cfg['version']
    @arch = cfg['arch']
    @autostart = cfg['autostart'] && AutoStart::Config.load(self, cfg['autostart'])
    @ephemeral = cfg['ephemeral']
    @hostname = cfg['hostname'] && OsCtl::Lib::Hostname.new(cfg['hostname'])
    @dns_resolvers = cfg['dns_resolvers']
    @nesting = cfg['nesting'] || false
    @seccomp_profile = cfg['seccomp_profile'] || default_seccomp_profile
    @migration_log = Migration::Log.load(cfg['migration_log']) if cfg['migration_log']
    @cgparams = CGroup::ContainerParams.load(self, cfg['cgparams'])
    @prlimits = PrLimits::Manager.load(self, cfg['prlimits'] || {})
    @attrs = Attributes.load(cfg['attrs'] || {})

    # It's necessary to load devices _before_ netifs. The device manager needs
    # to create cgroups first, in order for echo a > devices.deny to work.
    # If the container has a veth interface, the setup code switches to the
    # container's user, which creates cgroups in all subsystems. Devices then
    # can't be initialized properly.
    @devices = Devices::ContainerManager.load(self, cfg['devices'] || [])
    @devices.init if init_devices

    @netifs = NetInterface::Manager.load(self, cfg['net_interfaces'] || [])
    @mounts = Mount::Manager.load(self, cfg['mounts'] || [])
  end
end

#log_pathObject



554
555
556
# File 'lib/osctld/container.rb', line 554

def log_path
  inclusively { File.join(pool.log_path, 'ct', "#{id}.log") }
end

#log_typeObject



558
559
560
# File 'lib/osctld/container.rb', line 558

def log_type
  inclusively { "ct=#{pool.name}:#{id}" }
end

#lxc_dir(user: nil, group: nil) ⇒ Object



304
305
306
# File 'lib/osctld/container.rb', line 304

def lxc_dir(user: nil, group: nil)
  inclusively { File.join(lxc_home(user: user, group: group), id) }
end

#lxc_home(user: nil, group: nil) ⇒ Object



300
301
302
# File 'lib/osctld/container.rb', line 300

def lxc_home(user: nil, group: nil)
  inclusively { (group || self.group).userdir(user || self.user) }
end

#manipulation_resourceObject



562
563
564
# File 'lib/osctld/container.rb', line 562

def manipulation_resource
  ['container', ident]
end

#mount(force: false) ⇒ Object

Mount the container's dataset

Parameters:

  • force (Boolean)

    ensure the datasets are mounted even if osctld already mounted them



180
181
182
183
184
# File 'lib/osctld/container.rb', line 180

def mount(force: false)
  return if !force && mounted
  dataset.mount(recursive: true)
  self.mounted = true
end

#mounted?(force: false) ⇒ Boolean

Check if the container's dataset is mounted

Parameters:

  • force (Boolean)

    check if the dataset is mounted even if osctld already mounted it

Returns:

  • (Boolean)


189
190
191
192
193
194
195
# File 'lib/osctld/container.rb', line 189

def mounted?(force: false)
  if force || mounted.nil?
    self.mounted = dataset.mounted?(recursive: true)
  else
    mounted
  end
end

#open_migration_log(role, opts = {}) ⇒ Object



494
495
496
497
# File 'lib/osctld/container.rb', line 494

def open_migration_log(role, opts = {})
  self.migration_log = Migration::Log.new(role: role, opts: opts)
  save_config
end

#prlimit_set(name, soft, hard) ⇒ Object



454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
# File 'lib/osctld/container.rb', line 454

def prlimit_set(name, soft, hard)
  exclusively do
    limit = @prlimits.detect { |v| v.name == name }

    if limit
      limit.set(soft, hard)

    else
      @prlimits << PrLimit.new(name, soft, hard)
    end
  end

  save_config
  lxc_config.configure
end

#prlimit_unset(name) ⇒ Object



470
471
472
473
474
475
476
477
478
479
# File 'lib/osctld/container.rb', line 470

def prlimit_unset(name)
  exclusively do
    limit = @prlimits.detect { |v| v.name == name }
    next unless limit
    @prlimits.delete(limit)
  end

  save_config
  lxc_config.configure_prlimits
end

#reload_configObject



544
545
546
# File 'lib/osctld/container.rb', line 544

def reload_config
  load_config
end

#replace_config(config) ⇒ Object

Parameters:

  • config (String)


549
550
551
552
# File 'lib/osctld/container.rb', line 549

def replace_config(config)
  load_config(config)
  save_config
end

#root_host_gidObject



346
347
348
# File 'lib/osctld/container.rb', line 346

def root_host_gid
  user.gid_map.ns_to_host(0)
end

#root_host_uidObject



342
343
344
# File 'lib/osctld/container.rb', line 342

def root_host_uid
  user.uid_map.ns_to_host(0)
end

#rootfsObject



308
309
310
311
312
313
314
315
# File 'lib/osctld/container.rb', line 308

def rootfs
  File.join(dir, 'private')

rescue SystemCommandFailed
  # Dataset for staged containers does not have to exist yet, relevant
  # primarily for ct show/list
  nil
end

#running?Boolean

Returns:

  • (Boolean)


260
261
262
# File 'lib/osctld/container.rb', line 260

def running?
  state == :running
end

#runtime_rootfsObject



317
318
319
320
321
322
323
324
# File 'lib/osctld/container.rb', line 317

def runtime_rootfs
  fail 'container is not running' unless running?

  pid = inclusively { init_pid }
  fail 'init_pid not set' unless pid

  File.join('/proc', pid.to_s, 'root')
end

#save_configObject



534
535
536
537
538
539
540
541
542
# File 'lib/osctld/container.rb', line 534

def save_config
  data = dump

  File.open(config_path, 'w', 0400) do |f|
    f.write(YAML.dump(data))
  end

  File.chown(0, 0, config_path)
end

#set(opts) ⇒ Object



379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
# File 'lib/osctld/container.rb', line 379

def set(opts)
  opts.each do |k, v|
    case k
    when :autostart
      self.autostart = AutoStart::Config.new(self, v[:priority], v[:delay])

    when :ephemeral
      self.ephemeral = true

    when :hostname
      original = nil

      exclusively do
        original = @hostname
        @hostname = OsCtl::Lib::Hostname.new(v)
      end

      DistConfig.run(self, :set_hostname, original: original)

    when :dns_resolvers
      self.dns_resolvers = v
      DistConfig.run(self, :dns_resolvers)

    when :nesting
      self.nesting = true

    when :distribution
      exclusively do
        @distribution = v[:name]
        @version = v[:version]
        @arch = v[:arch] if v[:arch]
      end

    when :seccomp_profile
      self.seccomp_profile = v

    when :attrs
      attrs.update(v)
    end
  end

  save_config
  lxc_config.configure_base
end

#startingObject



268
269
270
# File 'lib/osctld/container.rb', line 268

def starting
  self.dist_network_configured = false
end

#stoppedObject



272
273
274
# File 'lib/osctld/container.rb', line 272

def stopped
  self.dist_network_configured = false
end

#uid_mapObject



334
335
336
# File 'lib/osctld/container.rb', line 334

def uid_map
  user.uid_map
end

#unset(opts) ⇒ Object



424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
# File 'lib/osctld/container.rb', line 424

def unset(opts)
  opts.each do |k, v|
    case k
    when :autostart
      self.autostart = false

    when :ephemeral
      self.ephemeral = false

    when :hostname
      self.hostname = nil

    when :dns_resolvers
      self.dns_resolvers = nil

    when :nesting
      self.nesting = false

    when :seccomp_profile
      self.seccomp_profile = default_seccomp_profile

    when :attrs
      v.each { |attr| attrs.unset(attr) }
    end
  end

  save_config
  lxc_config.configure_base
end

#user_hook_script_dirObject



330
331
332
# File 'lib/osctld/container.rb', line 330

def user_hook_script_dir
  inclusively { File.join(pool.user_hook_script_dir, 'ct', id) }
end