def provisioner_lxc_create(self):
cmd = ['lxc-create', '--name', self.name, "--dir", self.rootfs]
if self.cf:
cmd += ['-f', self.cf]
if self.lxcpath:
makedirs(self.lxcpath)
cmd += self.lxcpath_args
if not self.cf:
cmd += ["-f", os.path.join(self.lxcpath, self.name, "config")]
if self.template:
cmd += ['--template', self.template]
if self.template_options:
cmd += ["--"] + self.template_options
env = {
"DEBIAN_FRONTEND": "noninteractive",
"DEBIAN_PRIORITY": "critical",
}
for key in ("http_proxy", "https_proxy", "ftp_proxy", "rsync_proxy"):
if key in os.environ:
env[key] = os.environ[key]
key = key.upper()
if key in os.environ:
env[key] = os.environ[key]
if self.mirror:
env["MIRROR"] = self.mirror
env["SECURITY_MIRROR"] = self.mirror
if self.security_mirror:
env["SECURITY_MIRROR"] = self.security_mirror
self.log.info(" ".join(cmd))
ret = self.lcall(cmd, env=env)
if ret != 0:
raise ex.Error
def install_dir_key(self,
data,
path,
uid=None,
gid=None,
mode=None,
dirmode=None):
"""
Install a key decoded data in the host's volatile storage.
"""
if path.endswith("/"):
dirname = os.path.basename(data["path"])
dirpath = os.path.join(path.rstrip("/"), dirname, "")
else:
dirpath = path + "/"
makedirs(dirpath, uid=uid, gid=gid, mode=dirmode)
changed = False
for key in data["keys"]:
changed |= self.install_key(key,
dirpath,
uid=uid,
gid=uid,
mode=mode,
dirmode=dirmode)
return changed
def __init__(self, logfile):
logdir = os.path.dirname(logfile)
makedirs(logdir)
logging.handlers.RotatingFileHandler.__init__(self,
logfile,
maxBytes=1 * 5242880,
backupCount=1)
def install_file_key(self,
key,
vpath,
uid=None,
gid=None,
mode=None,
dirmode=None):
"""
Install a key decoded data in the host's volatile storage.
"""
# paranoid checks before rmtree()/unlink()
if ".." in vpath:
return
data = self.decode_key(key)
if data is None:
raise ex.Error("no data in key %s" % key)
if os.path.isdir(vpath):
self.log.info("remove %s key %s directory at location %s",
self.desc, key, vpath)
shutil.rmtree(vpath)
vdir = os.path.dirname(vpath)
if os.path.isfile(vdir) or os.path.islink(vdir):
self.log.info("remove %s key %s file at parent location %s",
self.desc, key, vdir)
os.unlink(vdir)
makedirs(vdir, uid=uid, gid=gid, mode=dirmode)
self.write_key(vpath, data, key=key, uid=uid, gid=gid, mode=mode)
def getaddr_cache_set(name, addr):
cache_d = os.path.join(Env.paths.pathvar, "cache", "addrinfo")
makedirs(cache_d)
cache_f = os.path.join(cache_d, name)
with open(cache_f, 'w') as f:
f.write(addr)
return addr
def network_create_bridge_config(self, name="default", nets=None):
cf = os.path.join(self.cni_config, name + ".conf")
if os.path.exists(cf):
return
self.log.info("create %s", cf)
conf = {
"cniVersion": "0.3.0",
"name": name,
"type": "bridge",
"bridge": "obr_" + name,
"isGateway": True,
"ipMasq": True,
"ipam": {
"type": "host-local",
"routes": [{
"dst": "0.0.0.0/0"
}]
}
}
makedirs(self.cni_config)
data = self.network_data(name, nets=nets)
network = data["config"]["network"]
conf["ipam"]["subnet"] = network
with open(cf, "w") as ofile:
json.dump(conf, ofile, indent=4)
def network_create_routed_bridge_config(self, name="default", nets=None):
config = self.network_data(name, nets=nets)["config"]
subnet = str(self.node_subnet(name, config=config))
network = config["network"]
brip = self.network_bridge_ip(name, config=config).split("/")[0]
cf = os.path.join(self.cni_config, name + ".conf")
if os.path.exists(cf):
return
self.log.info("create %s", cf)
conf = {
"cniVersion": "0.3.0",
"name": name,
"type": "bridge",
"bridge": "obr_" + name,
"isGateway": True,
"ipMasq": False,
"ipam": {
"type": "host-local",
"subnet": subnet,
"routes": [
{
"dst": "0.0.0.0/0"
},
{
"dst": network,
"gw": brip
},
]
}
}
makedirs(self.cni_config)
with open(cf, "w") as ofile:
json.dump(conf, ofile, indent=4)
def install_client_config(self):
buff = self.registry_creds_sec.decode_key("config.json")
makedirs(os.path.dirname(self.registry_creds_path),
uid=0,
gid=0,
mode=0o600)
self.registry_creds_sec.write_key(self.registry_creds_path,
buff,
uid=0,
gid=0,
mode=0o600)
def gen_cert(log=None, **data):
for k in ("key", "crt"):
d = os.path.dirname(data[k])
if not os.path.isdir(d):
makedirs(d)
data["subject"] = format_subject(**data)
data["alt_names"] = format_alt_names(**data)
gen_csr(log=log, **data)
if data.get("cakey") is None:
gen_self_signed_cert(log=log, **data)
else:
gen_ca_signed_cert(log=log, **data)
def setup_lxc(self):
if self.check_lxc():
self.log.info("container is already created")
return
self.setup_lxc_config()
with open(
os.path.join(Env.paths.pathlog, "%s.console.log" % self.name),
"a+") as f:
f.write("")
cmd = ['lxc-create', '-n', self.name, '-f', self.config]
if self.lxcpath:
makedirs(self.lxcpath)
cmd += self.lxcpath_args
ret, out, err = self.vcall(cmd)
if ret != 0:
raise ex.Error
def getaddr_cache_get(name):
cache_d = os.path.join(Env.paths.pathvar, "cache", "addrinfo")
makedirs(cache_d)
cache_f = os.path.join(cache_d, name)
if not os.path.exists(cache_f):
raise Exception("addrinfo cache empty for name %s" % name)
cache_mtime = datetime.datetime.fromtimestamp(os.stat(cache_f).st_mtime)
limit_mtime = datetime.datetime.now() - datetime.timedelta(minutes=16)
if cache_mtime < limit_mtime:
raise Exception("addrinfo cache expired for name %s (%s)" %
(name, cache_mtime.strftime("%Y-%m-%d %H:%M:%S")))
with open(cache_f, 'r') as f:
addr = f.read()
if addr.count(".") != 3 and ":" not in addr:
raise Exception("addrinfo cache corrupted for name %s: %s" %
(name, addr))
return addr
def network_create_weave_config(self, name="default", nets=None):
cf = os.path.join(self.cni_config, name + ".conf")
if os.path.exists(cf):
return
self.log.info("create %s", cf)
data = self.network_data(name, nets=nets)
network = data["config"]["network"]
conf = {
"cniVersion": "0.3.0",
"name": name,
"type": "weave-net",
"ipam": {
"subnet": network,
},
}
makedirs(self.cni_config)
with open(cf, "w") as ofile:
json.dump(conf, ofile, indent=4)
def network_create_loopback_config(self, name="lo", nets=None):
cf = os.path.join(self.cni_config, name + ".conf")
if os.path.exists(cf):
return
self.log.info("create %s", cf)
conf = {
"cniVersion": "0.3.0",
"name": name,
"type": "loopback",
}
makedirs(self.cni_config)
data = self.network_data(name, nets=nets)
try:
network = data["config"]["network"]
conf["ipam"]["subnet"] = network
except KeyError:
pass
with open(cf, "w") as ofile:
json.dump(conf, ofile, indent=4)
def lxc(self, action):
self.find_cf()
outf = None
if action == 'start':
outf = '/var/tmp/svc_' + self.name + '_lxc_' + action + '.log'
if self.capable("cgroup_dir"):
cmd = [
"lxc-start", "-d", "-n", self.name, "-o", outf, "-s",
"lxc.cgroup.dir=" + self.cgroup_dir
]
else:
cmd = ["lxc-start", "-d", "-n", self.name, "-o", outf]
if self.cf:
cmd += ['-f', self.cf]
if self.lxcpath:
makedirs(self.lxcpath)
cmd += self.lxcpath_args
elif action == 'stop':
cmd = ['lxc-stop', '-n', self.name]
cmd += self.lxcpath_args
elif action == 'kill':
cmd = ['lxc-stop', '--kill', '--name', self.name]
cmd += self.lxcpath_args
else:
raise ex.Error("unsupported lxc action: %s" % action)
def prex():
os.umask(0o022)
begin = datetime.now()
ret, _, _ = self.vcall(cmd, preexec_fn=prex)
duration = datetime.now() - begin
loginfo = '%s done in %s - ret %i' % (action, duration, ret)
if outf is not None:
loginfo += ' - logs in %s' % outf
self.log.info(loginfo)
if ret != 0:
raise ex.Error
def find_cf(self):
if self.cf is not None:
self.cf, vol = self.replace_volname(self.cf, strict=False)
return
if self.lxcpath:
d_lxc = self.lxcpath
self.cf = os.path.join(d_lxc, self.name, 'config')
return
d_lxc = os.path.join('var', 'lib', 'lxc')
# seen on debian squeeze : prefix is /usr, but containers'
# config files paths are /var/lib/lxc/$name/config
# try prefix first, fallback to other know prefixes
prefixes = [
os.path.join(os.sep),
os.path.join(os.sep, 'usr'),
os.path.join(os.sep, 'usr', 'local')
]
for prefix in [self.prefix
] + [p for p in prefixes if p != self.prefix]:
cfg = os.path.join(prefix, d_lxc, self.name, 'config')
if os.path.exists(cfg):
cfg_d = os.path.dirname(cfg)
makedirs(cfg_d)
self.cf = cfg
return
# on Oracle Linux, config is in /etc/lxc
cfg = os.path.join(os.sep, 'etc', 'lxc', self.name, 'config')
if os.path.exists(cfg):
self.cf = cfg
return
self.cf = None
raise ex.Error("unable to find the container configuration file")
def start(self):
if not self.has_it():
self.log.info("create flag %s", self.flag_f)
makedirs(self.flag_d, mode=0o700)
self.touch(self.flag_f)
self.can_rollback = True
def install_flag(self):
makedirs(os.path.dirname(self.flag_path))
with open(self.flag_path, "w"):
pass
def cache_fpath(sig):
cache_d = get_cache_d()
makedirs(cache_d)
sig = sig.replace("/", "(slash)")
fpath = os.path.join(cache_d, sig)
return fpath
