Class: OsCtld::Container::Builder

Inherits:

Object

• Object
• OsCtld::Container::Builder

Includes:

OsCtl::Lib::Utils::Log, OsCtl::Lib::Utils::System, Utils::SwitchUser

Defined in:

lib/osctld/container/builder.rb

Constant Summary

ID_RX =

/^[a-z0-9_-]{1,100}$/i

Instance Attribute Summary

• #ct ⇒ Object readonly

  Returns the value of attribute ct.

• #errors ⇒ Object readonly

  Returns the value of attribute errors.

Class Method Summary

• .create(pool, id, user, group, dataset = nil, opts = {}) ⇒ Object

Instance Method Summary

• #cleanup(opts = {}) ⇒ Object

  Remove a partially created container when the building process failed.

• #clear_snapshots(snaps) ⇒ Object
• #configure(distribution, version, arch) ⇒ Object
• #copy_datasets(src, dst, from: nil) ⇒ String

  Snapshot name.

• #create_dataset(ds, opts = {}) ⇒ Object
• #create_root_dataset(opts = {}) ⇒ Object
• #exist? ⇒ Boolean
• #from_local_archive(image, opts = {}) ⇒ Object
• #from_stream(ds = nil) ⇒ Object
• #get_distribution_info(image) ⇒ Object
• #group ⇒ Object
• #initialize(ct, opts = {}) ⇒ Builder constructor

  A new instance of Builder.

• #monitor ⇒ Object
• #pool ⇒ Object
• #progress(msg) ⇒ Object protected
• #register ⇒ Object
• #setup_ct_dir ⇒ Object
• #setup_log_file ⇒ Object
• #setup_lxc_configs ⇒ Object
• #setup_lxc_home ⇒ Object
• #setup_rootfs ⇒ Object
• #setup_user_hook_script_dir ⇒ Object
• #shift_dataset ⇒ Object
• #user ⇒ Object
• #valid? ⇒ Boolean

Methods included from Utils::SwitchUser

#ct_attach, #ct_syscmd

Constructor Details

#initialize(ct, opts = {}) ⇒ Builder

Returns a new instance of Builder.

Parameters:

• ct (Container)
• opts (Hash) (defaults to: {})

Options Hash (opts):

• :cmd (Command::Base)

# File 'lib/osctld/container/builder.rb', line 32

def initialize(ct, opts = {})
  @ct = ct
  @opts = opts
  @errors = []
end

Instance Attribute Details

#ct ⇒ Object (readonly)

Returns the value of attribute ct.

# File 'lib/osctld/container/builder.rb', line 27

def ct
  @ct
end

#errors ⇒ Object (readonly)

Returns the value of attribute errors.

# File 'lib/osctld/container/builder.rb', line 27

def errors
  @errors
end

Class Method Details

.create(pool, id, user, group, dataset = nil, opts = {}) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 13

def self.create(pool, id, user, group, dataset = nil, opts = {})
  new(
    Container.new(
      pool,
      id,
      user,
      group,
      dataset || Container.default_dataset(pool, id),
      load: false
    ),
    opts
  )
end

Instance Method Details

#cleanup(opts = {}) ⇒ Object

Remove a partially created container when the building process failed

Parameters:

• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :dataset (Boolean) —

  destroy dataset or not

# File 'lib/osctld/container/builder.rb', line 252

def cleanup(opts = {})
  Console.remove(ct)
  zfs(:destroy, '-r', ct.dataset, valid_rcs: [1]) if opts[:dataset]

  syscmd("rm -rf #{ct.lxc_dir} #{ct.user_hook_script_dir}")
  File.unlink(ct.log_path) if File.exist?(ct.log_path)
  File.unlink(ct.config_path) if File.exist?(ct.config_path)

  DB::Containers.remove(ct)

  begin
    if ct.group.has_containers?(ct.user)
      CGroup.rmpath_all(ct.base_cgroup_path)

    else
      CGroup.rmpath_all(ct.group.full_cgroup_path(ct.user))
    end
  rescue SystemCallError
    # If some of the cgroups are busy, just leave them be
  end

  bashrc = File.join(ct.lxc_dir, '.bashrc')
  File.unlink(bashrc) if File.exist?(bashrc)

  grp_dir = ct.group.userdir(ct.user)

  if !ct.group.has_containers?(ct.user) && Dir.exist?(grp_dir)
    Dir.rmdir(grp_dir)
  end
end

#clear_snapshots(snaps) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 188

def clear_snapshots(snaps)
  snaps.each do |snap|
    zfs(:destroy, nil, "#{ct.dataset}@#{snap}")
  end
end

#configure(distribution, version, arch) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 184

def configure(distribution, version, arch)
  ct.configure(distribution, version, arch)
end

#copy_datasets(src, dst, from: nil) ⇒ String

Returns snapshot name.

Parameters:

• src (Array<OsCtl::Lib::Zfs::Dataset>)
• dst (Array<OsCtl::Lib::Zfs::Dataset>)
• from (String, nil) (defaults to: nil) —

  base snapshot

Returns:

• (String) —

  snapshot name

# File 'lib/osctld/container/builder.rb', line 93

def copy_datasets(src, dst, from: nil)
  snap = "osctl-copy-#{from ? 'incr' : 'base'}-#{Time.now.to_i}"
  zfs(:snapshot, nil, src.map { |ds| "#{ds}@#{snap}" }.join(' '))

  zipped = src.zip(dst)

  zipped.each do |src_ds, dst_ds|
    progress("Copying dataset #{src_ds.relative_name}")
    syscmd("zfs send -c -p -L #{from ? "-i @#{from}" : ''} #{src_ds}@#{snap} "+
           "| zfs recv -F #{dst_ds}")
  end

  snap
end

#create_dataset(ds, opts = {}) ⇒ Object

Parameters:

• ds (OsCtl::Lib::Zfs::Dataset)
• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :mapping (Boolean)
• :parents (Boolean)

# File 'lib/osctld/container/builder.rb', line 75

def create_dataset(ds, opts = {})
  zfs_opts = {properties: {
    canmount: 'noauto',
  }}
  zfs_opts[:parents] = true if opts[:parents]
  zfs_opts[:properties].update({
    uidmap: ct.uid_map.map(&:to_s).join(','),
    gidmap: ct.gid_map.map(&:to_s).join(','),
  }) if opts[:mapping]

  ds.create!(zfs_opts)
  ds.mount(recursive: true)
end

#create_root_dataset(opts = {}) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 66

def create_root_dataset(opts = {})
  progress('Creating root dataset')
  create_dataset(ct.dataset, opts)
end

#exist? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/osctld/container/builder.rb', line 62

def exist?
  DB::Containers.contains?(ct.id, ct.pool)
end

#from_local_archive(image, opts = {}) ⇒ Object

Parameters:

• image (String) —

  path

• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :distribution (String)
• :version (String)

# File 'lib/osctld/container/builder.rb', line 128

def from_local_archive(image, opts = {})
  progress('Extracting image')
  syscmd("tar -xzf #{image} -C #{ct.rootfs}")

  shift_dataset

  distribution, version, arch = get_distribution_info(image)

  configure(
    opts[:distribution] || distribution,
    opts[:version] || version,
    opts[:arch] || arch
  )
end

#from_stream(ds = nil) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 143

def from_stream(ds = nil)
  progress('Writing image stream')

  IO.popen("exec zfs recv -F #{ds || ct.dataset}", 'r+') do |io|
    yield(io)
  end

  if $?.exitstatus != 0
    fail "zfs recv failed with exit status #{$?.exitstatus}"
  end
end

#get_distribution_info(image) ⇒ Object

# File 'lib/osctld/container/builder.rb', line 283

def get_distribution_info(image)
  distribution, version, arch, *_ = File.basename(image).split('-')
  [distribution, version, arch]
end

#group ⇒ Object

# File 'lib/osctld/container/builder.rb', line 46

def group
  ct.group
end

#monitor ⇒ Object

# File 'lib/osctld/container/builder.rb', line 244

def monitor
  Monitor::Master.monitor(ct)
end

#pool ⇒ Object

# File 'lib/osctld/container/builder.rb', line 38

def pool
  ct.pool
end

#progress(msg) ⇒ Object (protected)

# File 'lib/osctld/container/builder.rb', line 289

def progress(msg)
  return unless @opts[:cmd]
  @opts[:cmd].send(:progress, msg)
end

#register ⇒ Object

# File 'lib/osctld/container/builder.rb', line 233

def register
  DB::Containers.sync do
    if DB::Containers.contains?(ct.id, ct.pool)
      false
    else
      DB::Containers.add(ct)
      true
    end
  end
end

#setup_ct_dir ⇒ Object

# File 'lib/osctld/container/builder.rb', line 108

def setup_ct_dir
  # Chown to 0:0, zfs will shift it using the mapping
  File.chown(0, 0, ct.dir)
  File.chmod(0770, ct.dir)
end

#setup_log_file ⇒ Object

# File 'lib/osctld/container/builder.rb', line 219

def setup_log_file
  progress('Preparing log file')
  File.open(ct.log_path, 'w').close
  File.chmod(0660, ct.log_path)
  File.chown(0, ct.user.ugid, ct.log_path)
end

#setup_lxc_configs ⇒ Object

# File 'lib/osctld/container/builder.rb', line 214

def setup_lxc_configs
  progress('Generating LXC configuration')
  ct.lxc_config.configure
end

#setup_lxc_home ⇒ Object

# File 'lib/osctld/container/builder.rb', line 194

def setup_lxc_home
  progress('Configuring LXC home')

  unless ct.group.setup_for?(ct.user)
    dir = ct.group.userdir(ct.user)

    FileUtils.mkdir_p(dir, mode: 0751)
    File.chown(0, ct.user.ugid, dir)
  end

  if Dir.exist?(ct.lxc_dir)
    File.chmod(0750, ct.lxc_dir)
  else
    Dir.mkdir(ct.lxc_dir, 0750)
  end
  File.chown(0, ct.user.ugid, ct.lxc_dir)

  ct.configure_bashrc
end

#setup_rootfs ⇒ Object

# File 'lib/osctld/container/builder.rb', line 114

def setup_rootfs
  if Dir.exist?(ct.rootfs)
    File.chmod(0755, ct.rootfs)
  else
    Dir.mkdir(ct.rootfs, 0755)
  end

  File.chown(0, 0, ct.rootfs)
end

#setup_user_hook_script_dir ⇒ Object

# File 'lib/osctld/container/builder.rb', line 226

def setup_user_hook_script_dir
  return if Dir.exist?(ct.user_hook_script_dir)

  progress('Preparing user script hook dir')
  Dir.mkdir(ct.user_hook_script_dir, 0700)
end

#shift_dataset ⇒ Object

# File 'lib/osctld/container/builder.rb', line 155

def shift_dataset
  progress('Configuring UID/GID mapping')

  zfs(:unmount, nil, ct.dataset)
  zfs(
    :set,
    "uidmap=\"#{ct.uid_map.map(&:to_s).join(',')}\" "+
    "gidmap=\"#{ct.gid_map.map(&:to_s).join(',')}\"",
    ct.dataset
  )

  5.times do |i|
    zfs(:mount, nil, ct.dataset)

    f = Tempfile.create(['.ugid-map-test'], ct.dir)
    f.close

    st = File.stat(f.path)
    File.unlink(f.path)

    return if st.uid == ct.root_host_uid && st.gid == ct.root_host_gid

    zfs(:unmount, nil, ct.dataset)
    sleep(1 + i)
  end

  fail 'unable to configure UID/GID mapping'
end

#user ⇒ Object

# File 'lib/osctld/container/builder.rb', line 42

def user
  ct.user
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/osctld/container/builder.rb', line 50

def valid?
  if ID_RX !~ ct.id
    errors << "invalid ID, allowed characters: #{ID_RX.source}"
  end

  if !ct.dataset.on_pool?(ct.pool.name)
    errors << "dataset #{ct.dataset} does not belong to pool #{ct.pool.name}"
  end

  errors.empty?
end