def __init__(self, nsname, *argv, **kwarg):
'''
The only differences from the `subprocess.Popen` init are:
* `nsname` -- network namespace name
* `flags` keyword argument
All other arguments are passed directly to `subprocess.Popen`.
Flags usage samples. Create a network namespace, if it doesn't
exist yet::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT)
Create a network namespace only if it doesn't exist, otherwise
fail and raise an exception::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT | os.O_EXCL)
'''
# create a child
self.nsname = nsname
if 'flags' in kwarg:
self.flags = kwarg.pop('flags')
else:
self.flags = 0
self.channel_out = MpQueue()
self.channel_in = MpQueue()
self.lock = threading.Lock()
self.released = False
self.server = MpProcess(target=NSPopenServer,
args=(self.nsname,
self.flags,
self.channel_out,
self.channel_in,
argv, kwarg))
# start the child and check the status
self.server.start()
response = self.channel_in.get()
if isinstance(response, Exception):
self.server.join()
raise response
else:
atexit.register(self.release)
def __init__(self, nsname, *argv, **kwarg):
'''
The only differences from the `subprocess.Popen` init are:
* `nsname` -- network namespace name
* `flags` keyword argument
All other arguments are passed directly to `subprocess.Popen`.
Flags usage samples. Create a network namespace, if it doesn't
exist yet::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT)
Create a network namespace only if it doesn't exist, otherwise
fail and raise an exception::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT | os.O_EXCL)
'''
# create a child
self.nsname = nsname
if 'flags' in kwarg:
self.flags = kwarg.pop('flags')
else:
self.flags = 0
self.channel_out = MpQueue()
self.channel_in = MpQueue()
self.lock = threading.Lock()
self.released = False
self.server = MpProcess(target=NSPopenServer,
args=(self.nsname,
self.flags,
self.channel_out,
self.channel_in,
argv, kwarg))
# start the child and check the status
self.server.start()
response = self.channel_in.get()
if isinstance(response, Exception):
self.server.join()
raise response
else:
atexit.register(self.release)
class NSPopen(NSPopenBase, ObjNS):
'''
A proxy class to run `Popen()` object in some network namespace.
Sample to run `ip ad` command in `nsname` network namespace::
nsp = NSPopen('nsname', ['ip', 'ad'], stdout=subprocess.PIPE)
print(nsp.communicate())
nsp.wait()
nsp.release()
The `NSPopen` class was intended to be a drop-in replacement
for the `Popen` class, but there are still some important
differences.
The `NSPopen` object implicitly spawns a child python process
to be run in the background in a network namespace. The target
process specified as the argument of the `NSPopen` will be
started in its turn from this child. Thus all the fd numbers
of the running `NSPopen` object are meaningless in the context
of the main process. Trying to operate on them, one will get
'Bad file descriptor' in the best case or a system call working
on a wrong file descriptor in the worst case. A possible
solution would be to transfer file descriptors between the
`NSPopen` object and the main process, but it is not implemented
yet.
The process' diagram for `NSPopen('test', ['ip', 'ad'])`::
+---------------------+ +--------------+ +------------+
| main python process |<--->| child python |<--->| netns test |
| NSPopen() | | Popen() | | $ ip ad |
+---------------------+ +--------------+ +------------+
As a workaround for the issue with file descriptors, some
additional methods are available on file objects `stdin`,
`stdout` and `stderr`. E.g., one can run fcntl calls::
from fcntl import F_GETFL
from pyroute2 import NSPopen
from subprocess import PIPE
proc = NSPopen('test', ['my_program'], stdout=PIPE)
flags = proc.stdout.fcntl(F_GETFL)
In that way one can use `fcntl()`, `ioctl()`, `flock()` and
`lockf()` calls.
Another additional method is `release()`, which can be used to
explicitly stop the proxy process and release all the resources.
'''
def __init__(self, nsname, *argv, **kwarg):
'''
The only differences from the `subprocess.Popen` init are:
* `nsname` -- network namespace name
* `flags` keyword argument
All other arguments are passed directly to `subprocess.Popen`.
Flags usage samples. Create a network namespace, if it doesn't
exist yet::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT)
Create a network namespace only if it doesn't exist, otherwise
fail and raise an exception::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT | os.O_EXCL)
'''
# create a child
self.nsname = nsname
if 'flags' in kwarg:
self.flags = kwarg.pop('flags')
else:
self.flags = 0
self.channel_out = MpQueue()
self.channel_in = MpQueue()
self.lock = threading.Lock()
self.released = False
self.server = MpProcess(target=NSPopenServer,
args=(self.nsname, self.flags,
self.channel_out, self.channel_in, argv,
kwarg))
# start the child and check the status
self.server.start()
response = self.channel_in.get()
if isinstance(response, Exception):
self.server.join()
raise response
else:
atexit.register(self.release)
def release(self):
'''
Explicitly stop the proxy process and release all the
resources. The `NSPopen` object can not be used after
the `release()` call.
'''
with self.lock:
if self.released:
return
self.released = True
self.channel_out.put({'name': 'release'})
self.channel_out.close()
self.channel_in.close()
self.server.join()
def __dir__(self):
return list(self.api.keys()) + ['release']
class NSPopen(NSPopenBase, ObjNS):
'''
A proxy class to run `Popen()` object in some network namespace.
Sample to run `ip ad` command in `nsname` network namespace::
nsp = NSPopen('nsname', ['ip', 'ad'], stdout=subprocess.PIPE)
print(nsp.communicate())
nsp.wait()
nsp.release()
The only difference in the `release()` call. It explicitly ends
the proxy process and releases all the resources.
'''
def __init__(self, nsname, *argv, **kwarg):
'''
The only differences from the `subprocess.Popen` init are:
* `nsname` -- network namespace name
* `flags` keyword argument
All other arguments are passed directly to `subprocess.Popen`.
Flags usage samples. Create a network namespace, if it doesn't
exist yet::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT)
Create a network namespace only if it doesn't exist, otherwise
fail and raise an exception::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT | os.O_EXCL)
'''
# create a child
self.nsname = nsname
if 'flags' in kwarg:
self.flags = kwarg.pop('flags')
else:
self.flags = 0
self.channel_out = MpQueue()
self.channel_in = MpQueue()
self.lock = threading.Lock()
self.released = False
self.server = MpProcess(target=NSPopenServer,
args=(self.nsname,
self.flags,
self.channel_out,
self.channel_in,
argv, kwarg))
# start the child and check the status
self.server.start()
response = self.channel_in.get()
if isinstance(response, Exception):
self.server.join()
raise response
else:
atexit.register(self.release)
def release(self):
'''
Explicitly stop the proxy process and release all the
resources. The `NSPopen` object can not be used after
the `release()` call.
'''
with self.lock:
if self.released:
return
self.released = True
self.channel_out.put({'name': 'release'})
self.channel_out.close()
self.channel_in.close()
self.server.join()
def __dir__(self):
return list(self.api.keys()) + ['release']
class NSPopen(NSPopenBase, ObjNS):
'''
A proxy class to run `Popen()` object in some network namespace.
Sample to run `ip ad` command in `nsname` network namespace::
nsp = NSPopen('nsname', ['ip', 'ad'], stdout=subprocess.PIPE)
print(nsp.communicate())
nsp.wait()
nsp.release()
The `NSPopen` class was intended to be a drop-in replacement
for the `Popen` class, but there are still some important
differences.
The `NSPopen` object implicitly spawns a child python process
to be run in the background in a network namespace. The target
process specified as the argument of the `NSPopen` will be
started in its turn from this child. Thus all the fd numbers
of the running `NSPopen` object are meaningless in the context
of the main process. Trying to operate on them, one will get
'Bad file descriptor' in the best case or a system call working
on a wrong file descriptor in the worst case. A possible
solution would be to transfer file descriptors between the
`NSPopen` object and the main process, but it is not implemented
yet.
The process' diagram for `NSPopen('test', ['ip', 'ad'])`::
+---------------------+ +--------------+ +------------+
| main python process |<--->| child python |<--->| netns test |
| NSPopen() | | Popen() | | $ ip ad |
+---------------------+ +--------------+ +------------+
As a workaround for the issue with file descriptors, some
additional methods are available on file objects `stdin`,
`stdout` and `stderr`. E.g., one can run fcntl calls::
from fcntl import F_GETFL
from pyroute2 import NSPopen
from subprocess import PIPE
proc = NSPopen('test', ['my_program'], stdout=PIPE)
flags = proc.stdout.fcntl(F_GETFL)
In that way one can use `fcntl()`, `ioctl()`, `flock()` and
`lockf()` calls.
Another additional method is `release()`, which can be used to
explicitly stop the proxy process and release all the resources.
'''
def __init__(self, nsname, *argv, **kwarg):
'''
The only differences from the `subprocess.Popen` init are:
* `nsname` -- network namespace name
* `flags` keyword argument
All other arguments are passed directly to `subprocess.Popen`.
Flags usage samples. Create a network namespace, if it doesn't
exist yet::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT)
Create a network namespace only if it doesn't exist, otherwise
fail and raise an exception::
import os
nsp = NSPopen('nsname', ['command'], flags=os.O_CREAT | os.O_EXCL)
'''
# create a child
self.nsname = nsname
if 'flags' in kwarg:
self.flags = kwarg.pop('flags')
else:
self.flags = 0
self.channel_out = MpQueue()
self.channel_in = MpQueue()
self.lock = threading.Lock()
self.released = False
self.server = MpProcess(target=NSPopenServer,
args=(self.nsname,
self.flags,
self.channel_out,
self.channel_in,
argv, kwarg))
# start the child and check the status
self.server.start()
response = self.channel_in.get()
if isinstance(response, Exception):
self.server.join()
raise response
else:
atexit.register(self.release)
def release(self):
'''
Explicitly stop the proxy process and release all the
resources. The `NSPopen` object can not be used after
the `release()` call.
'''
with self.lock:
if self.released:
return
self.released = True
self.channel_out.put({'name': 'release'})
self.channel_out.close()
self.channel_in.close()
self.server.join()
def __dir__(self):
return list(self.api.keys()) + ['release']