From: Dominik Csapak Date: Thu, 31 Jan 2019 13:33:40 +0000 (+0100) Subject: add pre- start/stop hookscript to containers X-Git-Url: https://git.proxmox.com/?p=pve-container.git;a=commitdiff_plain;h=1a41643334b7de9fae0ee3cbbca1830dd972cb62 add pre- start/stop hookscript to containers this adds the config (hookscript) and executes it on four points in time for the container: 'pre-start' 'post-start' 'pre-stop' 'post-stop' on pre-start we abort if the script fails and pre-stop will not be called if the vm crashes or if the vm gets powered off from inside the guest Signed-off-by: Dominik Csapak --- diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm index 450a4e5..8f560c5 100644 --- a/src/PVE/LXC.pm +++ b/src/PVE/LXC.pm @@ -26,6 +26,7 @@ use PVE::AccessControl; use PVE::ProcFSTools; use PVE::Syscall; use PVE::LXC::Config; +use PVE::GuestHelpers; use Time::HiRes qw (gettimeofday); @@ -1111,6 +1112,9 @@ sub check_ct_modify_config_perm { } elsif ($opt eq 'features') { # For now this is restricted to root@pam raise_perm_exc("changing feature flags is only allowed for root\@pam"); + } elsif ($opt eq 'hookscript') { + # For now this is restricted to root@pam + raise_perm_exc("changing the hookscript is only allowed for root\@pam"); } else { $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']); } @@ -1913,11 +1917,13 @@ sub vm_start { my $cmd = ['systemctl', 'start', "pve-container\@$vmid"]; + PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1); eval { PVE::Tools::run_command($cmd); }; if (my $err = $@) { unlink $skiplock_flag_fn; die $err; } + PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-start'); return; } @@ -1940,6 +1946,9 @@ sub vm_stop { die "failed to open container ${vmid}'s command socket: $!\n"; } + my $conf = PVE::LXC::Config->load_config($vmid); + PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-stop'); + # Stop the container: my $cmd = ['lxc-stop', '-n', $vmid]; diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm index 061ec8e..7274e3a 100644 --- a/src/PVE/LXC/Config.pm +++ b/src/PVE/LXC/Config.pm @@ -5,6 +5,7 @@ use warnings; use PVE::AbstractConfig; use PVE::Cluster qw(cfs_register_file); +use PVE::GuestHelpers; use PVE::INotify; use PVE::JSONSchema qw(get_standard_option); use PVE::Tools; @@ -457,6 +458,12 @@ my $confdesc = { format => $features_desc, description => "Allow containers access to advanced features.", }, + hookscript => { + optional => 1, + type => 'string', + format => 'pve-volume-id', + description => 'Script that will be exectued during various steps in the containers lifetime.', + }, }; my $valid_lxc_conf_keys = { @@ -896,7 +903,7 @@ sub update_pct_config { delete $conf->{$opt}; PVE::LXC::write_cgroup_value("memory", $vmid, "memory.memsw.limit_in_bytes", -1); - } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup') { + } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup' || $opt eq 'hookscript') { delete $conf->{$opt}; } elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' || $opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') { @@ -1091,6 +1098,9 @@ sub update_pct_config { } elsif ($opt eq 'features') { next if $hotplug_error->($opt); $conf->{$opt} = $value; + } elsif ($opt eq 'hookscript') { + PVE::GuestHelpers::check_hookscript($value); + $conf->{$opt} = $value; } else { die "implement me: $opt"; } diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook index 654aa26..dc7938e 100755 --- a/src/lxc-pve-poststop-hook +++ b/src/lxc-pve-poststop-hook @@ -20,6 +20,7 @@ use PVE::CLIHandler; use PVE::Storage; use PVE::Storage::Plugin; use PVE::LXC; +use PVE::GuestHelpers; use Data::Dumper; use base qw(PVE::CLIHandler); @@ -90,6 +91,8 @@ __PACKAGE__->register_method ({ exit(1); } + PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-stop'); + return undef; }});