Michel Normand [Thu, 26 Nov 2009 15:46:22 +0000 (16:46 +0100)]
lxc-ls to report also active containers
With previous changes that allow to start a container
without the need to create it; the lxc-ls was only reporting
the created containers.
With this patch, the lxc-ls is now reporting created and active
containers.
Signed-off-by: Michel Normand <michel.mno@free.fr> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michael Tokarev [Tue, 24 Nov 2009 08:47:27 +0000 (09:47 +0100)]
fix fdleak and errors in lxc_create_tty()
if, for some reason, openpty() fails, lxc_create_tty() will
leak all previous ptys and leave the config structure in a
inconsistent state (wrt the number of ptys actually opened)
Fix that by explicitly closing all previously opened ptys
in case of failure and by setting number of actually opened
ttys after actual open
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michael Tokarev [Fri, 20 Nov 2009 14:01:31 +0000 (15:01 +0100)]
allow link-less veth devices
Before, a veth device pair required a link which was treated as
a bridge device. Code crashed if there was no lxc.network.link
specified. Fix that by allowing lxc.network.link to be unset
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Fri, 20 Nov 2009 14:01:30 +0000 (15:01 +0100)]
Do not chdir when daemonize
With the previous modifications, a temporary directory is created
to mount the rootfs in order to have the system container to remount
itself the '/' directory.
But in case of daemonize, we change the directory, so when the rootfs
is specified with a relative path, we can not access it.
Don't chdir, as that will be done automatically later in the chroot
setup.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michael Tokarev [Thu, 19 Nov 2009 14:06:02 +0000 (15:06 +0100)]
rename struct lxc_netdev fields to match reality
struct lxc_netdev is used to hold information from cnfig file
about a network device/configuration. Make the fields of this
structure to be named similarily with the config file keywords,
namely:
s/ifname/link/ - host-side link for the device (bridge or eth0)
s/newname/name/ - container-side ifname
It is insane to have completely different names in config file
and in structure/variable names :)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Tue, 17 Nov 2009 21:57:46 +0000 (22:57 +0100)]
fix container find the previously created configuration
The command specifies a configuration file => use it
The command does not specify a configuration but the container
was created before, use the configuration.
The command does not specify a configuration and the container
was not created before, use default.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michael Tokarev [Tue, 17 Nov 2009 09:56:24 +0000 (10:56 +0100)]
batched reads for lxc_console
Instead of doing I/O one-byte-at-a-time in lxc_console,
which is slow, let's do it in batches. Only for output
(from container to the host system), since input is most
likely one-byte-at-a-time anyway (from a keyboard).
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michael Tokarev [Tue, 17 Nov 2009 09:56:24 +0000 (10:56 +0100)]
host consoles/ttys in containers
I noticed that container's consoles aren't quite useable
(be it lxc-console or lxc-start with getty bound to /dev/console).
The main problem is a complete lack of window resizing support:
when I resize an xterm window with lxc-start or lxc-console, the
"guest" does not know about that and continues to think that the
terminal is 80x25 still.
Is it just a lack of functionality (missing implementation) or
something problematic?
Ok, the attached patch fixes this.
It moves the 'master' variable out of main function so it's
accessible from the signal handler, sets up SIGWINCH handler
to call a (newly created) winsz() function that gets the
current tty size using TIOCGWINSZ ioctl and if that works,
sets up the pty size using TIOCSWINSZ. That same function
is called at the start as well, when setting up the signal
handler.
Signed-off-By: Michael Tokarev <mjt@tls.msk.ru> Signed-off-By: Daniel Lezcano <dlezcano@fr.ibm.com>
Andrian Nord [Tue, 17 Nov 2009 09:56:23 +0000 (10:56 +0100)]
Choose configuration directory
Maybe it will be more logical to keep configs into /etc/lxc/?
Or, maybe, just use --with-config-path=/some/path switch into configure,
which could be overridden as user wants to? Something like this one (in
assumption, that this is up to user to create corresponding directory):
Signed-off-by: Andrian Nord <NightNord@gmail.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Andrian Nord [Fri, 13 Nov 2009 10:48:29 +0000 (11:48 +0100)]
Q: general lxc architecture
Patch moves etc/* contents into doc/examples/ and adds
--disable-examples configure switch which may be used not to install
examples. Default is to install them into ${docdir}/examples (commonly:
/usr/share/doc/lxc/examples)
Signed-off-by: Andrian Nord <NightNord@gmail.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michel Normand [Fri, 13 Nov 2009 10:48:29 +0000 (11:48 +0100)]
lxc: add a new lxc.mount.entry keyword
The purpose of this new keyword is to save in main config file
all the lines of a provided fstab file.
This will ultimately replace the the lxc.mount keyword
when lxc scripts will use the new keyword.
Warning: I did not validated this patch
in all conditions of provided malformed input string.
Signed-off-by: Michel Normand <michel_mno@laposte.net> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Fri, 13 Nov 2009 10:48:29 +0000 (11:48 +0100)]
Replace create/destroy by a script
The simplification of the container configuration makes
pointless to have so much complexity in the container creation.
Let's remove that and replace by some scripts.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcaon [Fri, 13 Nov 2009 10:48:29 +0000 (11:48 +0100)]
Allows a container to run without previous creation
When a container was created, its configuration is used.
When a container was not created, the configuration specified in
the command line is used, if not configuration file is used,
default values are used.
That allows to create 'volatile' container, like tmp files.
It is useful for example to spawn different container with the
same generic configuration file. That let the user to have its own
repository of configuration files.
And, more important, that fix temporary created container with
lxc-execute to be not deleted when the host crash or the command
is killed.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Andrian Nord [Wed, 4 Nov 2009 13:03:44 +0000 (14:03 +0100)]
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com> Acked-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Thu, 22 Oct 2009 13:33:40 +0000 (15:33 +0200)]
use config.h to define the lxcpath and co
Instead of passing the LXCPATH definition in the compiler
command line, use configure.ac to define the value in the config.h
file and include this file where it is needed.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Thu, 22 Oct 2009 13:33:40 +0000 (15:33 +0200)]
remove test directory
These tests are not relevant now. It would be better to write
some real test cases with some script using the lxc cli in order
to check non regression.
I remove these annoying tests I have to port each time a function
prototype is changed.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Wed, 7 Oct 2009 14:06:09 +0000 (16:06 +0200)]
make container to die when parent dies
When the parent of the first process dies, the container stays there
making very difficuly to track it and to kill. We have to use the
lxc-ps --lxc and kill the processes, hoping we kill the init process
of the container. That's not a big deal until we have thousand of
processes in the container :)
We want to keep the parent of the container init always there, this
process is responsible to manage the container, provide tty, notify
the container changing states and ensure self exclusion (eg. avoid
to launch several containers with the same name).
If this process dies, we consider that as a fatal error and we make
the child process to die too. This patch will just add the prctl to
to send a SIGKILL to the container init process when its parent exits
For the point of view of the pid namespace, when the init process dies
all the processes of the namespace are killed too.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Wed, 7 Oct 2009 14:06:09 +0000 (16:06 +0200)]
Simplify the mainloop
The number of fds passed to epoll is just a hint for the kernel.
In our case, we know this is often 2, let's remove this parameter
from lxc_mainloop_open and cleanup the code around the caller of
this function.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Daniel Lezcano [Wed, 7 Oct 2009 14:06:09 +0000 (16:06 +0200)]
returns a specific info when we have ECONNREFUSED
When a command can not be send because the connection is refused,
that means the container is stopped. Let's report this specific
case instead of raising an error.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Michel Normand <normand@fr.ibm.com>
Daniel Lezcano [Wed, 7 Oct 2009 14:06:08 +0000 (16:06 +0200)]
handle the stop command
Handle the stop command. The stop command waits for the peer to
disconnect, that means the peer has exited, so it is safe to
return to the user control. By this way, we ensure a stop command
followed by a start or a destroy won't fail with a race condition
because the start command is not yet finised.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Michel Normand <normand@fr.ibm.com>
Michel Normand [Wed, 7 Oct 2009 14:06:08 +0000 (16:06 +0200)]
local struct name changed in mainloop.c
Two files have each their own structure definition with the same
name. The types name don't conflict but in the name of sanity, let's
rename these structures.
not critical isn't it :)
Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Michel Normand [Wed, 7 Oct 2009 08:05:39 +0000 (10:05 +0200)]
keep rcfile for lxc-execute as already done for lxc-create
The code previously added in lxc-create with
commit d7efa8fcbf0911f93c83dc06a708e7d73833dce3
is also required in lxc-execute.
So make this code common for the two callers.
Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>