[lxc-devel] [linuxcontainers.org/master] Add Japanese release annouoncement of LXCFS 2.0.0.beta1
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/linuxcontainers.org/pull/144 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: KATOH Yasufumi From f76f136a982d59718dda35723437b9d38c175e4e Mon Sep 17 00:00:00 2001 From: KATOH Yasufumi Date: Wed, 10 Feb 2016 16:20:41 +0900 Subject: [PATCH] Add Japanese release annouoncement of LXCFS 2.0.0.beta1 Signed-off-by: KATOH Yasufumi --- content/lxcfs/news.ja.md | 11 +++ 1 file changed, 11 insertions(+) diff --git a/content/lxcfs/news.ja.md b/content/lxcfs/news.ja.md index e64df3a..ef66628 100644 --- a/content/lxcfs/news.ja.md +++ b/content/lxcfs/news.ja.md @@ -1,5 +1,16 @@ # News +## LXCFS 2.0.0.beta1 リリースのお知らせ 2016 年 2 月 9 日 + + * /proc/swaps がサポートされました + * 要求があれば systemd cgroup の作成と chown を行うようになりました + * liblxcfs.so を /usr/lib/lxcfs へ移動しました + +### ダウンロード + +このリリースの tarball は [ダウンロードページ](/lxcfs/downloads) から取得できます。 ## LXCFS 0.18 リリースのお知らせ 2016 年 2 月 4 日 ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Filesystem migration
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1587 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 12197138f641d10ea02200f90207117ca2f0e517 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 5 Feb 2016 09:11:44 +0100 Subject: [PATCH 1/5] Make blkio limits more robust MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only apply I/O limits when set by the user, ignore failure to find a block device when clearing its limit, have everything else return errors. Closes #1568 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 141 +-- lxd/devices.go | 66 2 files changed, 136 insertions(+), 71 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 325bb41..073b9b7 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -563,37 +563,51 @@ func (c *containerLXC) initLXC() error { } } - diskLimits, err := c.getDiskLimits() - if err != nil { - return err + hasDiskLimits := false + for _, m := range c.expandedDevices { + if m["type"] != "disk" { + continue + } + + if m["limits.read"] != "" || m["limits.write"] != "" || m["limits.max"] != "" { + hasDiskLimits = true + break + } } - for block, limit := range diskLimits { - if limit.readBps > 0 { - err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.read_bps_device", fmt.Sprintf("%s %d", block, limit.readBps)) - if err != nil { - return err - } + if hasDiskLimits { + diskLimits, err := c.getDiskLimits() + if err != nil { + return err } - if limit.readIops > 0 { - err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.read_iops_device", fmt.Sprintf("%s %d", block, limit.readIops)) - if err != nil { - return err + for block, limit := range diskLimits { + if limit.readBps > 0 { + err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.read_bps_device", fmt.Sprintf("%s %d", block, limit.readBps)) + if err != nil { + return err + } } - } - if limit.writeBps > 0 { - err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.write_bps_device", fmt.Sprintf("%s %d", block, limit.writeBps)) - if err != nil { - return err + if limit.readIops > 0 { + err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.read_iops_device", fmt.Sprintf("%s %d", block, limit.readIops)) + if err != nil { + return err + } } - } - if limit.writeIops > 0 { - err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.write_iops_device", fmt.Sprintf("%s %d", block, limit.writeIops)) - if err != nil { - return err + if limit.writeBps > 0 { + err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.write_bps_device", fmt.Sprintf("%s %d", block, limit.writeBps)) + if err != nil { + return err + } + } + + if limit.writeIops > 0 { + err = lxcSetConfigItem(cc, "lxc.cgroup.blkio.throttle.write_iops_device", fmt.Sprintf("%s %d", block, limit.writeIops)) + if err != nil { + return err +
[lxc-devel] [lxc/master] lxc-destroy: deal with ephemeral containers
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/813 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === - Ephemeral containers are destroyed on shutdown so we do not destroy them. - Destroy ephemeral containers with clones: first destroy all the clones, then destroy the container. - Ephemeral containers with snapshots cannot be easily handled but we can probably trust that no one will try to make snapshots of an ephemeral container. Signed-off-by: Christian Brauner From 7b50e187fd1895d4d49875c8297121ac942268e5 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Wed, 10 Feb 2016 02:32:37 +0100 Subject: [PATCH] lxc-destroy: deal with ephemeral containers - Ephemeral containers are destroyed on shutdown so we do not destroy them. - Destroy ephemeral containers with clones: first destroy all the clones, then destroy the container. - Ephemeral containers with snapshots cannot be easily handled but we can probably trust that no one will try to make snapshots of an ephemeral container. Signed-off-by: Christian Brauner --- src/lxc/lxc_destroy.c | 110 ++ 1 file changed, 67 insertions(+), 43 deletions(-) diff --git a/src/lxc/lxc_destroy.c b/src/lxc/lxc_destroy.c index b74350c..cf33415 100644 --- a/src/lxc/lxc_destroy.c +++ b/src/lxc/lxc_destroy.c @@ -58,13 +58,13 @@ Options :\n\ .task = DESTROY, }; -static int do_destroy(struct lxc_container *c); -static int do_destroy_with_snapshots(struct lxc_container *c); +static bool do_destroy(struct lxc_container *c); +static bool do_destroy_with_snapshots(struct lxc_container *c); int main(int argc, char *argv[]) { struct lxc_container *c; - int ret; + int bret; if (lxc_arguments_parse(&my_args, argc, argv)) exit(EXIT_FAILURE); @@ -100,25 +100,19 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } - if (c->is_running(c)) { - if (!my_args.force) { - if (!quiet) - fprintf(stderr, "%s is running\n", my_args.name); - lxc_container_put(c); - exit(EXIT_FAILURE); - } - c->stop(c); - } - if (my_args.task == SNAP) { - ret = do_destroy_with_snapshots(c); + bret = do_destroy_with_snapshots(c); + if (bret && !quiet) + printf("Destroyed container %s including snapshots \n", my_args.name); } else { - ret = do_destroy(c); + bret = do_destroy(c); + if (bret && !quiet) + printf("Destroyed container %s\n", my_args.name); } lxc_container_put(c); - if (ret == 0) + if (bret) exit(EXIT_SUCCESS); exit(EXIT_FAILURE); } @@ -132,21 +126,56 @@ static int my_parser(struct lxc_arguments *args, int c, char *arg) return 0; } -static int do_destroy(struct lxc_container *c) +static bool do_destroy(struct lxc_container *c) { - if (!c->destroy(c)) { + bool bret = true; + char path[MAXPATHLEN]; + + /* First check whether the container has dependent clones or snapshots. */ + int ret = snprintf(path, MAXPATHLEN, "%s/%s/lxc_snapshots", c->config_path, c->name); + if (ret < 0 || ret >= MAXPATHLEN) + return false; + + if (file_exists(path)) { if (!quiet) - fprintf(stderr, "Destroying %s failed\n", my_args.name); - return -1; + fprintf(stdout, "Destroying %s failed: %s has clones.\n", c->name, c->name); + return false; } - if (!quiet) - printf("Destroyed container %s\n", my_args.name); + ret = snprintf(path, MAXPATHLEN, "%s/%s/snaps", c->config_path, c->name); + if (ret < 0 || ret >= MAXPATHLEN) + return false; - return 0; + if (dir_exists(path)) { + if (!quiet) + fprintf(stdout, "Destroying %s failed: %s has snapshots.\n", c->name, c->name); + return false; + } + + if (c->is_running(c)) { + if (!my_args.force && !quiet) { + fprintf(stderr, "%s is running\n", my_args.name); + return false; + } + /* If the container was ephemeral it will be removed on shutdown. */ + c->stop(c); + } + + /* If the container was ephemeral we have already removed it when we +* stopped it. */ + if (c->is_defined(c)) + bret = c->destroy(c); + + if (!bret) { + if (!quiet) +
[lxc-devel] [lxc/lxc] c89f1f: silence lxc-copy as well when asked
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: c89f1f750953dfe7d31a8a4e6c04beb58cc3cd34 https://github.com/lxc/lxc/commit/c89f1f750953dfe7d31a8a4e6c04beb58cc3cd34 Author: Christian Brauner Date: 2016-02-10 (Wed, 10 Feb 2016) Changed paths: M src/lxc/lxc_copy.c Log Message: --- silence lxc-copy as well when asked Signed-off-by: Christian Brauner Commit: cd30b4fa22e6311427bb9895f25c703189ba8dc1 https://github.com/lxc/lxc/commit/cd30b4fa22e6311427bb9895f25c703189ba8dc1 Author: Serge Hallyn Date: 2016-02-09 (Tue, 09 Feb 2016) Changed paths: M src/lxc/lxc_copy.c Log Message: --- Merge pull request #812 from brauner/2016-02-10/quiet_lxc_copy silence lxc-copy as well when asked Compare: https://github.com/lxc/lxc/compare/2fa8e2cd0a92...cd30b4fa22e6___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] silence lxc-copy as well when asked
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/812 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c89f1f750953dfe7d31a8a4e6c04beb58cc3cd34 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Wed, 10 Feb 2016 01:22:15 +0100 Subject: [PATCH] silence lxc-copy as well when asked Signed-off-by: Christian Brauner --- src/lxc/lxc_copy.c | 25 + 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/lxc/lxc_copy.c b/src/lxc/lxc_copy.c index dbda182..155a588 100644 --- a/src/lxc/lxc_copy.c +++ b/src/lxc/lxc_copy.c @@ -127,6 +127,7 @@ Options :\n\ .parser = my_parser, .task = CLONE, .daemonize = 1, + .quiet = false, }; static struct mnts *add_mnt(struct mnts **mnts, unsigned int *num, @@ -171,13 +172,15 @@ int main(int argc, char *argv[]) if (geteuid()) { if (access(my_args.lxcpath[0], O_RDWR) < 0) { - fprintf(stderr, "You lack access to %s\n", my_args.lxcpath[0]); + if (!my_args.quiet) + fprintf(stderr, "You lack access to %s\n", my_args.lxcpath[0]); exit(ret); } } if (!my_args.newname && !(my_args.task == DESTROY)) { - printf("Error: You must provide a NEWNAME for the clone.\n"); + if (!my_args.quiet) + printf("Error: You must provide a NEWNAME for the clone.\n"); exit(ret); } @@ -196,12 +199,14 @@ int main(int argc, char *argv[]) exit(ret); if (!c->may_control(c)) { - fprintf(stderr, "Insufficent privileges to control %s\n", c->name); + if (!my_args.quiet) + fprintf(stderr, "Insufficent privileges to control %s\n", c->name); goto out; } if (!c->is_defined(c)) { - fprintf(stderr, "Error: container %s is not defined\n", c->name); + if (!my_args.quiet) + fprintf(stderr, "Error: container %s is not defined\n", c->name); goto out; } @@ -348,7 +353,8 @@ static int do_clone(struct lxc_container *c, char *newname, char *newpath, clone = c->clone(c, newname, newpath, flags, bdevtype, NULL, fssize, args); if (!clone) { - fprintf(stderr, "clone failed\n"); + if (!my_args.quiet) + fprintf(stderr, "clone failed\n"); return -1; } @@ -414,7 +420,8 @@ static int do_clone_ephemeral(struct lxc_container *c, if (!clone->save_config(clone, NULL)) goto destroy_and_put; - printf("Created %s as %s of %s\n", arg->name, "clone", arg->newname); + if (!my_args.quiet) + printf("Created %s as %s of %s\n", arg->name, "clone", arg->newname); if (!arg->daemonize && arg->argc) { clone->want_daemonize(clone, true); @@ -507,7 +514,8 @@ static uint64_t get_fssize(char *s) ret = strtoull(s, &end, 0); if (end == s) { - fprintf(stderr, "Invalid blockdev size '%s', using default size\n", s); + if (!my_args.quiet) + fprintf(stderr, "Invalid blockdev size '%s', using default size\n", s); return 0; } while (isblank(*end)) @@ -525,7 +533,8 @@ static uint64_t get_fssize(char *s) } else if (*end == 't' || *end == 'T') { ret *= 1024ULL * 1024ULL * 1024ULL * 1024ULL; } else { - fprintf(stderr, "Invalid blockdev unit size '%c' in '%s', " "using default size\n", *end, s); + if (!my_args.quiet) + fprintf(stderr, "Invalid blockdev unit size '%c' in '%s', " "using default size\n", *end, s); return 0; } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/lxc] 2f0e6b: lxc_destroy: be quiet if asked
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 2f0e6b79456688fe9cb46fa9f466ffcbb628deb7 https://github.com/lxc/lxc/commit/2f0e6b79456688fe9cb46fa9f466ffcbb628deb7 Author: Serge Hallyn Date: 2016-02-09 (Tue, 09 Feb 2016) Changed paths: M src/lxc/lxc_destroy.c Log Message: --- lxc_destroy: be quiet if asked As per https://bugs.launchpad.net/bugs/1543016. Signed-off-by: Serge Hallyn Commit: 2fa8e2cd0a92c5c9614fcd1880afd15e6f8e69cb https://github.com/lxc/lxc/commit/2fa8e2cd0a92c5c9614fcd1880afd15e6f8e69cb Author: Christian Brauner Date: 2016-02-10 (Wed, 10 Feb 2016) Changed paths: M src/lxc/lxc_destroy.c Log Message: --- Merge pull request #811 from hallyn/2016-02-09/destroyquiet lxc_destroy: be quiet if asked Compare: https://github.com/lxc/lxc/compare/f97ab3a63913...2fa8e2cd0a92___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] lxc_destroy: be quiet if asked
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/811 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === As per https://bugs.launchpad.net/bugs/1543016. Signed-off-by: Serge Hallyn From 2f0e6b79456688fe9cb46fa9f466ffcbb628deb7 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Tue, 9 Feb 2016 16:07:32 -0800 Subject: [PATCH] lxc_destroy: be quiet if asked As per https://bugs.launchpad.net/bugs/1543016. Signed-off-by: Serge Hallyn --- src/lxc/lxc_destroy.c | 30 +- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/src/lxc/lxc_destroy.c b/src/lxc/lxc_destroy.c index ab1029f..b74350c 100644 --- a/src/lxc/lxc_destroy.c +++ b/src/lxc/lxc_destroy.c @@ -33,6 +33,7 @@ lxc_log_define(lxc_destroy_ui, lxc); static int my_parser(struct lxc_arguments* args, int c, char* arg); +static bool quiet; static const struct option my_longopts[] = { {"force", no_argument, 0, 'f'}, @@ -75,28 +76,34 @@ int main(int argc, char *argv[]) my_args.progname, my_args.quiet, my_args.lxcpath[0])) exit(EXIT_FAILURE); lxc_log_options_no_override(); + if (my_args.quiet) + quiet = true; c = lxc_container_new(my_args.name, my_args.lxcpath[0]); if (!c) { - fprintf(stderr, "System error loading container\n"); + if (!quiet) + fprintf(stderr, "System error loading container\n"); exit(EXIT_FAILURE); } if (!c->may_control(c)) { - fprintf(stderr, "Insufficent privileges to control %s\n", my_args.name); + if (!quiet) + fprintf(stderr, "Insufficent privileges to control %s\n", my_args.name); lxc_container_put(c); exit(EXIT_FAILURE); } if (!c->is_defined(c)) { - fprintf(stderr, "Container is not defined\n"); + if (!quiet) + fprintf(stderr, "Container is not defined\n"); lxc_container_put(c); exit(EXIT_FAILURE); } if (c->is_running(c)) { if (!my_args.force) { - fprintf(stderr, "%s is running\n", my_args.name); + if (!quiet) + fprintf(stderr, "%s is running\n", my_args.name); lxc_container_put(c); exit(EXIT_FAILURE); } @@ -128,11 +135,13 @@ static int my_parser(struct lxc_arguments *args, int c, char *arg) static int do_destroy(struct lxc_container *c) { if (!c->destroy(c)) { - fprintf(stderr, "Destroying %s failed\n", my_args.name); + if (!quiet) + fprintf(stderr, "Destroying %s failed\n", my_args.name); return -1; } - printf("Destroyed container %s\n", my_args.name); + if (!quiet) + printf("Destroyed container %s\n", my_args.name); return 0; } @@ -190,7 +199,8 @@ static int do_destroy_with_snapshots(struct lxc_container *c) continue; } if (!c1->destroy(c1)) { - fprintf(stderr, "Destroying snapshot %s of %s failed\n", lxcname, my_args.name); + if (!quiet) + fprintf(stderr, "Destroying snapshot %s of %s failed\n", lxcname, my_args.name); lxc_container_put(c1); free(buf); return -1; @@ -212,11 +222,13 @@ static int do_destroy_with_snapshots(struct lxc_container *c) bret = c->destroy(c); if (!bret) { - fprintf(stderr, "Destroying %s failed\n", my_args.name); + if (!quiet) + fprintf(stderr, "Destroying %s failed\n", my_args.name); return -1; } - printf("Destroyed container %s including snapshots \n", my_args.name); + if (!quiet) + printf("Destroyed container %s including snapshots \n", my_args.name); return 0; } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] lxc info: add profiles
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1584 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Name: foo Status: Running Type: persistent Profiles: default Init: 30777 Processcount: 14 Ips: eth0: IPV4 10.0.3.143 vethE44BHB lo: IPV4 127.0.0.1 lo: IPV6 ::1 Closes #1583 Signed-off-by: Tycho Andersen From f5e469244ff8561b57007be80f7b18cbd596c44a Mon Sep 17 00:00:00 2001 From: Tycho Andersen Date: Tue, 9 Feb 2016 15:51:40 -0700 Subject: [PATCH] lxc info: add profiles Name: foo Status: Running Type: persistent Profiles: default Init: 30777 Processcount: 14 Ips: eth0: IPV4 10.0.3.143 vethE44BHB lo: IPV4 127.0.0.1 lo: IPV6 ::1 Closes #1583 Signed-off-by: Tycho Andersen --- lxc/info.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lxc/info.go b/lxc/info.go index be02a5b..6116341 100644 --- a/lxc/info.go +++ b/lxc/info.go @@ -3,6 +3,7 @@ package main import ( "fmt" "io/ioutil" + "strings" "gopkg.in/yaml.v2" @@ -82,6 +83,7 @@ func containerInfo(d *lxd.Client, name string, showLog bool) error { } else { fmt.Printf(i18n.G("Type: persistent") + "\n") } + fmt.Printf(i18n.G("Profiles: %s")+"\n", strings.Join(ct.Profiles, ", ")) if ct.Status.Init != 0 { fmt.Printf(i18n.G("Init: %d")+"\n", ct.Status.Init) fmt.Printf(i18n.G("Processcount: %d")+"\n", ct.Status.Processcount) ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] reduce verbiage to fit help text more efficiently
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1580 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === This one line of help text stands out as *really* wordy :-) From 500abf1f586637a13bb72109cc7a81d3e7770fff Mon Sep 17 00:00:00 2001 From: Dustin Kirkland Date: Tue, 9 Feb 2016 20:18:54 + Subject: [PATCH] reduce verbiage to fit help text more efficiently --- lxc/restore.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxc/restore.go b/lxc/restore.go index 11249a9..67b31f9 100644 --- a/lxc/restore.go +++ b/lxc/restore.go @@ -19,7 +19,7 @@ func (c *restoreCmd) showByDefault() bool { func (c *restoreCmd) usage() string { return i18n.G( - `Set the current state of a resource back to its state at the time the snapshot was created. + `Set the current state of a resource back to a snapshot. lxc restore [remote:] [--stateful] ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [nova-lxd/master] Remove unused code
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/nova-lxd/pull/105 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === What it says on the tin. From 8e29f3c8c7ef7c85fcd2509841fa3f5dc07f9437 Mon Sep 17 00:00:00 2001 From: Paul Hummer Date: Tue, 9 Feb 2016 10:41:53 -0700 Subject: [PATCH] Remove unused code --- nova_lxd/nova/virt/lxd/session.py | 22 -- 1 file changed, 22 deletions(-) diff --git a/nova_lxd/nova/virt/lxd/session.py b/nova_lxd/nova/virt/lxd/session.py index e6b6142..a9207e5 100644 --- a/nova_lxd/nova/virt/lxd/session.py +++ b/nova_lxd/nova/virt/lxd/session.py @@ -18,16 +18,13 @@ from nova import exception from nova import i18n from nova import rpc -from nova import utils from nova.compute import power_state -from oslo_concurrency import processutils from oslo_config import cfg from oslo_log import log as logging from oslo_service import loopingcall from oslo_utils import excutils from pylxd import api from pylxd import exceptions as lxd_exceptions -import six from nova_lxd.nova.virt.lxd import constants @@ -40,25 +37,6 @@ LOG = logging.getLogger(__name__) -def mount_filesystem(self, dev_path, dir_path): -try: -_out, err = utils.execute('mount', - '-t', 'ext4', - dev_path, dir_path, run_as_root=True) -except processutils.ProcessExecutionError as e: -err = six.text_type(e) -return err - - -def umount_filesystem(self, dir_path): -try: -_out, err = utils.execute('umount', - dir_path, run_as_root=True) -except processutils.ProcessExecutionError as e: -err = six.text_type(e) -return err - - class LXDAPISession(object): """The session to invoke the LXD API session.""" ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] add eth0 "name" to the default profile
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1579 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === I'm not sure if we want to try and do this retroactively or not. Closes #1491 Signed-off-by: Tycho Andersen From 0465a897b993e4555dc1a7dd34661c71bbc78942 Mon Sep 17 00:00:00 2001 From: Tycho Andersen Date: Tue, 9 Feb 2016 08:40:54 -0700 Subject: [PATCH] add eth0 "name" to the default profile I'm not sure if we want to try and do this retroactively or not. Closes #1491 Signed-off-by: Tycho Andersen --- lxd/db_profiles.go | 1 + 1 file changed, 1 insertion(+) diff --git a/lxd/db_profiles.go b/lxd/db_profiles.go index 8855a74..ee0f986 100644 --- a/lxd/db_profiles.go +++ b/lxd/db_profiles.go @@ -98,6 +98,7 @@ func dbProfileCreateDefault(db *sql.DB) error { // TODO: We should the scan for bridges and use the best available as default. devices := shared.Devices{ "eth0": shared.Device{ + "name":"eth0", "type":"nic", "nictype": "bridged", "parent": "lxcbr0"}} ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] only print profile applied message on success
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1578 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Closes #1577 Signed-off-by: Tycho Andersen From f83b583e37097bb1e95c52e0dfcfdbdfed7b53c6 Mon Sep 17 00:00:00 2001 From: Tycho Andersen Date: Tue, 9 Feb 2016 08:32:34 -0700 Subject: [PATCH] only print profile applied message on success Closes #1577 Signed-off-by: Tycho Andersen --- lxc/profile.go | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/lxc/profile.go b/lxc/profile.go index 8357733..f86a421 100644 --- a/lxc/profile.go +++ b/lxc/profile.go @@ -211,15 +211,19 @@ func doProfileDelete(client *lxd.Client, p string) error { func doProfileApply(client *lxd.Client, c string, p string) error { resp, err := client.ApplyProfile(c, p) + if err != nil { + return err + } + + err = client.WaitForSuccess(resp.Operation) if err == nil { if p == "" { p = i18n.G("(none)") } fmt.Printf(i18n.G("Profile %s applied to %s")+"\n", p, c) - } else { - return err } - return client.WaitForSuccess(resp.Operation) + + return err } func doProfileShow(client *lxd.Client, p string) error { ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
Re: [lxc-devel] cgroup V2 and LXC
On Mon, Feb 01, 2016 at 04:56:08AM +, Serge Hallyn wrote: > Quoting Kevin Wilson (wkev...@gmail.com): > > Hi, LXC developers, > > > > The latest kernel release (4.4) includes initial support to cgroup v2 > > with 2 controllers (memory and io). Also it seems that the PIDs > > controller works in cgroup v2, but I do not know if it is officially > > supported in v2. > > > > Is there any intention to replace the existing cgroup v1 usage in LXC > > by cgroup v2 ? or at least to enable working with both of them ? > > > > Regards, > > Kevin > > Replace, no, support, yes. I've added support for it to cgmanager, and have > used lxc with the unified hierarchy through cgmanager. Without cgmanager > it will currently definately not work. It's worth discussing how we should > handle it - and how init wants us to handle it. With cgmanager I actually > built in the support so that you could treat it as a legacy hierarchy, and > upstart was happy with that since it used cgmanager. Systemd will not be > happy with that, and it will be a problem. The only exception to the "no > tasks in a non-leaf node" rule is for the / cgroup. So lxc would need to > place init in say /lxc/c1/.leaf, and systemd would have to accept that > /lxc/c1 is the container's cgroup. A few possibilities: > > 1. maybe if we place systemd in /lxc/c1/init.scope it will be happy Well, here is how I thought it could go (sticking to systemd specifics here): - create a slice for all lxc "lxc.slice" (similar to "machine.slice" of systemd-nspawn backed containers) - "lxc.slice" contains a scope for each container (e.g. "c1.scope" - "c1.scope" contains an "init.scope" - "init.scope" only contains the PID of "/sbin/init" as seen from the host (obviously) - All other processes are put in another slice "c1-something.slice" If we do not want to create scopes we are left with the option of forcing "init" in a separate cgroup from the rest of the containers processes. Christian > 2. maybe we can teach systemd to accept being in a leaf node > 3. maybe we can build an exception into cgroup namespaces such that > a cgns root also is an exception to the no-tasks-in-non-leaf-nodes > rule. But I doubt that will fly. > ___ > lxc-devel mailing list > lxc-devel@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-devel ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxcfs/master] pam_cgfs: change handling of name=systemd
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxcfs/pull/81 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Don't always ignore it. Do ignore it (like all others) if not listed in the -c argument. If the logged in task's name=systemd cgroup != that of the init task's, assume we are in systemd and rename the user's. If they are the same, assume we are in upstart or sysvinit and create=chown a name=systemd cgroup just as for the others. This should fix https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1543353 and allow the ubuntu systemd package to drop its cgroup related delta. Signed-off-by: Serge Hallyn From edd25678d5701cda14c36a511c4d01c53ebd9fd4 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Mon, 8 Feb 2016 21:58:11 -0800 Subject: [PATCH] pam_cgfs: change handling of name=systemd Don't always ignore it. Do ignore it (like all others) if not listed in the -c argument. If the logged in task's name=systemd cgroup != that of the init task's, assume we are in systemd and rename the user's. If they are the same, assume we are in upstart or sysvinit and create=chown a name=systemd cgroup just as for the others. This should fix https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1543353 and allow the ubuntu systemd package to drop its cgroup related delta. Signed-off-by: Serge Hallyn --- pam/pam_cgfs.c | 85 +++--- 1 file changed, 69 insertions(+), 16 deletions(-) diff --git a/pam/pam_cgfs.c b/pam/pam_cgfs.c index 070aaf3..14581cb 100644 --- a/pam/pam_cgfs.c +++ b/pam/pam_cgfs.c @@ -3,14 +3,19 @@ * Copyright © 2016 Canonical, Inc * Author: Serge Hallyn * - * When a user logs in, this pam module will create cgroups which - * the user may administer, for all controllers except name=systemd, - * or for any controllers listed on the command line (if any are - * listed). + * When a user logs in, this pam module will create cgroups which the user + * may administer, either for all controllers or for any controllers listed + * on the command line (if any are listed). * * The cgroup created will be "user/$user/0" for the first session, * "user/$user/1" for the second, etc. * + * name=systemd is handled specially. If the host is an upstart system, + * the logged in user may not get a cgroup created. On a systemd system, + * one is created but not chowned to the user. In the former case, we + * create one as usual, in the latter case we simply chown whatever cgroup + * the user is in. + * * All requested cgroups must be mounted under /sys/fs/cgroup/$controller, * no messing around with finding mountpoints. * @@ -140,9 +145,11 @@ static bool mkdir_p(const char *root, char *path) struct controller { struct controller *next; int id; + bool systemd_created; char *name; char *mount_path; char *init_path; + char *cur_path; }; #define MAXCONTROLLERS 20 @@ -159,6 +166,12 @@ static char *find_controller_path(struct controller *c) if (exists(path)) return path; free(path); + if (strncmp(c->name, "name=", 5) == 0) { + path = must_strcat("/sys/fs/cgroup/", c->name + 5, NULL); + if (exists(path)) + return path; + free(path); + } c = c->next; } return NULL; @@ -185,7 +198,7 @@ static void get_mounted_paths(void) } } -static void add_controller(int id, char *tok) +static void add_controller(int id, char *tok, char *cur_path) { struct controller *c; @@ -195,6 +208,9 @@ static void add_controller(int id, char *tok) do { c->name = strdup(tok); } while (!c->name); + do { + c->cur_path = strdup(cur_path); + } while (!c->cur_path); c->id = id; c->next = controllers[id]; c->mount_path = NULL; @@ -213,6 +229,7 @@ static void drop_controller(int which) while (c) { struct controller *tmp = c->next; free(c->name); + free(c->cur_path); free(c); c = tmp; } @@ -309,8 +326,11 @@ static bool fill_in_init_paths(void) goto out; } prune_init_scope(ip); - for (c = controllers[id]; c; c = c->next) + for (c = controllers[id]; c; c = c->next) { + if (strcmp(c->name, "name=systemd") == 0) + c->systemd_created = strcmp(ip, c->cur_path) != 0; c->init_path = ip; + } } ret = true; out: @@ -335,6 +355,7 @@ static void p