Quoting Stéphane Graber ([email protected]): > This adds the 3 upstart jobs that we've had in Ubuntu for a while: > - lxc.conf: Main upstart job, triggers lxc-net.conf based on config > - lxc-instance.conf: Triggered by lxc.conf for each auto-started container > - lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ... > > In addition, there are two extra config files in /etc/default: > - lxc: Allows setting some values like http proxying, disabling autostart, > ... > - lxc-net: Network configuration for the lxcbr0 bridge > > This change also disables the sysv script for all distros but Oracle as > the current script won't work on either Ubuntu nor Debian and I suspect > quite a few more distros, so it's not nearly as distro-agnostic as we > thought. > > For Debian, only install the upstart jobs and systemd unit. > For Ubuntu, only install the upstart jobs. > > This change also moves all the init related stuff to config/init/ > > Signed-off-by: Stéphane Graber <[email protected]>
... > diff --git a/config/init/upstart/Makefile.am b/config/init/upstart/Makefile.am > new file mode 100644 > index 0000000..8205f20 > --- /dev/null > +++ b/config/init/upstart/Makefile.am > @@ -0,0 +1,22 @@ > +EXTRA_DIST = lxc.conf lxc-instance.conf lxc-net.conf > + > +if INIT_SCRIPT_UPSTART > +install-upstart: lxc.conf lxc-instance.conf lxc-net.conf > + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/init/ > + $(INSTALL_DATA) lxc.conf $(DESTDIR)$(sysconfdir)/init/ > + $(INSTALL_DATA) lxc-instance.conf $(DESTDIR)$(sysconfdir)/init/ > + $(INSTALL_DATA) lxc-net.conf $(DESTDIR)$(sysconfdir)/init/ > + > +uninstall-syvinit: Why do you have uninstall-syvinit here? Did you want an uninstall-upstart? > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc.conf > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc-instance.conf > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc-net.conf > + rmdir $(DESTDIR)$(sysconfdir)/rc.d/init || : > +else > +install-syvinit: > +uninstall-upstart: > +endif > + > +install-data-local: install-upstart > + > +uninstall-local: uninstall-upstart > diff --git a/config/init/upstart/lxc-instance.conf > b/config/init/upstart/lxc-instance.conf > new file mode 100644 > index 0000000..58d045d > --- /dev/null > +++ b/config/init/upstart/lxc-instance.conf > @@ -0,0 +1,22 @@ > +description "lxc instance" > +author "Christian Kampka <[email protected]>" > + > +stop on stopping lxc > + > +# wait for 120 seconds for container to shutdown before killing it > +kill timeout 120 > + > +# send SIGPWR to container to trigger a shutdown (see lxc-shutdown(1)) > +kill signal SIGPWR > + > + > +instance $NAME > +usage "NAME=name of LXC instance" > + > +pre-start script > + lxc-wait -s RUNNING -n $NAME -t 0 && { stop; exit 0; } || true > +end script > + > +script > + exec lxc-start -n $NAME > +end script > diff --git a/config/init/upstart/lxc-net.conf > b/config/init/upstart/lxc-net.conf > new file mode 100644 > index 0000000..517bd2b > --- /dev/null > +++ b/config/init/upstart/lxc-net.conf > @@ -0,0 +1,86 @@ > +description "lxc network" > +author "Serge Hallyn <[email protected]>" > + > +start on starting lxc > +stop on stopped lxc > + > +env USE_LXC_BRIDGE="false" > +env LXC_BRIDGE="lxcbr0" > +env LXC_ADDR="10.0.3.1" > +env LXC_NETMASK="255.255.255.0" > +env LXC_NETWORK="10.0.3.0/24" > +env LXC_DHCP_RANGE="10.0.3.2,10.0.3.254" > +env LXC_DHCP_MAX="253" > +env LXC_DHCP_CONFILE="" > +env varrun="/var/run/lxc" > +env LXC_DOMAIN="" > + > +pre-start script > + [ -f /etc/default/lxc ] && . /etc/default/lxc > + > + [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { stop; exit 0; } > + > + use_iptables_lock="-w" > + iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock="" > + cleanup() { > + # dnsmasq failed to start, clean up the bridge > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > --dport 67 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > --dport 67 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > --dport 53 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > --dport 53 -j ACCEPT > + iptables $use_iptables_lock -t nat -D POSTROUTING -s > ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true > + iptables $use_iptables_lock -t mangle -D POSTROUTING -o > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > + ifconfig ${LXC_BRIDGE} down || true > + brctl delbr ${LXC_BRIDGE} || true > + } > + > + if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > + if [ ! -f ${varrun}/network_up ]; then > + # bridge exists, but we didn't start it > + stop; > + fi > + exit 0; > + fi > + > + # set up the lxc network > + brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in kernel"; > stop; exit 0; } > + echo 1 > /proc/sys/net/ipv4/ip_forward > + mkdir -p ${varrun} > + ifconfig ${LXC_BRIDGE} ${LXC_ADDR} netmask ${LXC_NETMASK} up > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 67 > -j ACCEPT > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 > -j ACCEPT > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 53 > -j ACCEPT > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 > -j ACCEPT > + iptables $use_iptables_lock -t nat -A POSTROUTING -s ${LXC_NETWORK} ! > -d ${LXC_NETWORK} -j MASQUERADE > + iptables $use_iptables_lock -t mangle -A POSTROUTING -o ${LXC_BRIDGE} > -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > + > + LXC_DOMAIN_ARG="" > + if [ -n "$LXC_DOMAIN" ]; then > + LXC_DOMAIN_ARG="-s $LXC_DOMAIN" > + fi > + dnsmasq $LXC_DOMAIN_ARG -u lxc-dnsmasq --strict-order --bind-interfaces > --pid-file=${varrun}/dnsmasq.pid --conf-file=${LXC_DHCP_CONFILE} > --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} > --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override --except-interface=lo > --interface=${LXC_BRIDGE} > --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > --dhcp-authoritative || cleanup > + touch ${varrun}/network_up > +end script > + > +post-stop script > + [ -f /etc/default/lxc ] && . /etc/default/lxc > + [ -f "${varrun}/network_up" ] || exit 0; > + # if $LXC_BRIDGE has attached interfaces, don't shut it down > + ls /sys/class/net/${LXC_BRIDGE}/brif/* > /dev/null 2>&1 && exit 0; > + > + if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > + use_iptables_lock="-w" > + iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock="" > + ifconfig ${LXC_BRIDGE} down > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > --dport 67 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > --dport 67 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > --dport 53 -j ACCEPT > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > --dport 53 -j ACCEPT > + iptables $use_iptables_lock -t nat -D POSTROUTING -s > ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true > + iptables $use_iptables_lock -t mangle -D POSTROUTING -o > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > + pid=`cat ${varrun}/dnsmasq.pid 2>/dev/null` && kill -9 $pid || > true > + rm -f ${varrun}/dnsmasq.pid > + brctl delbr ${LXC_BRIDGE} > + fi > + rm -f ${varrun}/network_up > +end script > diff --git a/config/init/upstart/lxc.conf b/config/init/upstart/lxc.conf > new file mode 100644 > index 0000000..1a5c5c9 > --- /dev/null > +++ b/config/init/upstart/lxc.conf > @@ -0,0 +1,27 @@ > +description "lxc" > +author "Serge Hallyn <[email protected]>" > + > +start on runlevel [2345] > +stop on starting rc RUNLEVEL=[016] > + > +env LXC_AUTO="false" > + > +pre-start script > + [ -f /etc/default/lxc ] && . /etc/default/lxc > + > + # don't load profiles if mount mediation is not supported > + SYSF=/sys/kernel/security/apparmor/features/mount/mask > + if [ -f $SYSF ]; then > + if [ -x /lib/init/apparmor-profile-load ]; then > + /lib/init/apparmor-profile-load usr.bin.lxc-start > + /lib/init/apparmor-profile-load lxc-containers > + fi > + fi > + > + [ "x$LXC_AUTO" = "xtrue" ] || exit 0 > + > + lxc-autostart -L | while read line; do > + set -- $line > + (start lxc-instance NAME=$1 && sleep $2) || true > + done > +end script > diff --git a/configure.ac b/configure.ac > index d8be165..6b93299 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -78,7 +78,7 @@ AM_CONDITIONAL([DISTRO_UBUNTU], [test "x$with_distro" = > "xubuntu"]) > AC_MSG_CHECKING([for init system type]) > AC_ARG_WITH([init-script], > [AC_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@], > - [Type(s) of init script to install: sysv, systemd, > upstart, > + [Type(s) of init script to install: sysvinit, > systemd, upstart, > distro > @<:@default=distro@:>@])],[],[with_init_script=distro]) > case "$with_init_script" in > distro) > @@ -87,17 +87,17 @@ case "$with_init_script" in > init_script=systemd > ;; > redhat|centos|oracle|oracleserver) > - init_script=sysv > + init_script=sysvinit > ;; > debian) > - init_script=sysv,upstart,systemd > + init_script=upstart,systemd > ;; > ubuntu) > init_script=upstart > ;; > *) > - echo -n "Linux distribution init system > unknown, defaulting to sysv" > - init_script=sysv > + echo -n "Linux distribution init system > unknown." > + init_script= > ;; > esac > ;; > @@ -110,7 +110,7 @@ esac > (IFS="," ; for init_sys in $init_script; > do > case "$init_sys" in > - none|sysv|systemd|upstart) > + none|sysvinit|systemd|upstart) > ;; > *) > exit 1 > @@ -118,7 +118,7 @@ do > esac > done) || AC_MSG_ERROR([Unknown init system type in $init_script]) > > -AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysv"]) > +AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysvinit"]) > AM_CONDITIONAL([INIT_SCRIPT_SYSTEMD], [echo "$init_script" |grep -q > "systemd"]) > AM_CONDITIONAL([INIT_SCRIPT_UPSTART], [echo "$init_script" |grep -q > "upstart"]) > AC_MSG_RESULT($init_script) > @@ -547,6 +547,10 @@ AC_CONFIG_FILES([ > lxc.spec > > config/Makefile > + config/init/Makefile > + config/init/sysvinit/Makefile > + config/init/systemd/Makefile > + config/init/upstart/Makefile > config/etc/Makefile > config/templates/Makefile > config/templates/debian.common.conf > diff --git a/lxc.spec.in b/lxc.spec.in > index 615fcd6..c8ff08e 100644 > --- a/lxc.spec.in > +++ b/lxc.spec.in > @@ -31,7 +31,7 @@ > BuildRequires: systemd-units > %else > %global with_systemd 0 > -%define init_script sysv > +%define init_script sysvinit > %endif > > # RPM needs alpha/beta/rc in Release: not Version: to ensure smooth > diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am > index 34d69a6..1a63fca 100644 > --- a/src/lxc/Makefile.am > +++ b/src/lxc/Makefile.am > @@ -165,11 +165,8 @@ bin_SCRIPTS = \ > > EXTRA_DIST = \ > lxc-device \ > - lxc-devsetup \ > lxc-ls \ > - lxc-top \ > - lxc.service \ > - lxc.sysvinit > + lxc-top > > if ENABLE_PYTHON > bin_SCRIPTS += lxc-device > @@ -212,43 +209,6 @@ bin_PROGRAMS = \ > pkglibexec_PROGRAMS = \ > lxc-init > > -if INIT_SCRIPT_SYSV > -install-init: lxc.sysvinit > - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/rc.d/init.d > - $(INSTALL_SCRIPT) lxc.sysvinit $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc > - > -uninstall-init: > - rm -f $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc > - rmdir $(DESTDIR)$(sysconfdir)/rc.d/init.d || : > -else > -install-init: > -uninstall-init: > -endif > - > -if INIT_SCRIPT_SYSTEMD > -SYSTEMD_UNIT_DIR = /usr/lib/systemd/system > -install-systemd: lxc.service lxc-devsetup > - $(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR) > - $(INSTALL_DATA) lxc.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/ > - > -uninstall-systemd: > - rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc.service > - rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || : > -pkglibexec_SCRIPTS = lxc-devsetup > -else > -install-systemd: > -uninstall-systemd: > -endif > - > -if INIT_SCRIPT_UPSTART > -# FIXME: install/uninstall upstart script here > -install-upstart: > -uninstall-upstart: > -else > -install-upstart: > -uninstall-upstart: > -endif > - > AM_LDFLAGS = -Wl,-E > if ENABLE_RPATH > AM_LDFLAGS += -Wl,-rpath -Wl,$(libdir) > @@ -286,10 +246,6 @@ lxc_snapshot_SOURCES = lxc_snapshot.c > lxc_usernsexec_SOURCES = lxc_usernsexec.c > lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h > > -install-data-local: install-init install-systemd install-upstart > - > -uninstall-local: uninstall-init uninstall-systemd uninstall-upstart > - > install-exec-local: install-soPROGRAMS > mkdir -p $(DESTDIR)$(datadir)/lxc > install -c -m 644 lxc.functions $(DESTDIR)$(datadir)/lxc > diff --git a/src/lxc/lxc-devsetup b/src/lxc/lxc-devsetup > deleted file mode 100755 > index 3999ac8..0000000 > --- a/src/lxc/lxc-devsetup > +++ /dev/null > @@ -1,25 +0,0 @@ > -#!/bin/sh - > - > -# lxc.devsetup - Setup host /dev for container /dev subdirectories. > - > -if [[ ! -d /dev/.lxc ]] > -then > - echo "Creating /dev/.lxc" > - mkdir /dev/.lxc > - chmod 755 /dev/.lxc > -fi > - > -if grep -q "/dev devtmpfs " /proc/self/mounts > -then > - echo "/dev is devtmpfs" > -else > - echo "/dev is not devtmpfs - mounting tmpfs on .lxc" > - mount -t tmpfs tmpfs /dev/.lxc > -fi > - > -if [[ ! -d /dev/.lxc/user ]] > -then > - echo "Creating /dev/.lxc/user" > - mkdir /dev/.lxc/user > - chmod 1777 /dev/.lxc/user > -fi > diff --git a/src/lxc/lxc.service b/src/lxc/lxc.service > deleted file mode 100644 > index aa20b91..0000000 > --- a/src/lxc/lxc.service > +++ /dev/null > @@ -1,17 +0,0 @@ > -[Unit] > -Description=LXC Container Initialization and Autoboot Code > -After=syslog.target > - > -[Service] > -Type=oneshot > -RemainAfterExit=yes > -ExecStartPre=/usr/libexec/lxc/lxc-devsetup > -ExecStart=/usr/libexec/lxc/lxc-startup start > -ExecStop=/usr/libexec/lxc/lxc-startup stop > -# Environment=BOOTUP=serial > -# Environment=CONSOLETYPE=serial > -StandardOutput=syslog > -StandardError=syslog > - > -[Install] > -WantedBy=multi-user.target > diff --git a/src/lxc/lxc.sysvinit b/src/lxc/lxc.sysvinit > deleted file mode 100755 > index 9128187..0000000 > --- a/src/lxc/lxc.sysvinit > +++ /dev/null > @@ -1,64 +0,0 @@ > -#!/bin/sh > -# > -# lxc Start/Stop LXC autoboot containers > -# > -# chkconfig: 345 99 01 > -# description: Starts/Stops all LXC containers configured for autostart. > -# > -### BEGIN INIT INFO > -# Provides: lxc > -# Default-Start: 3 4 5 > -# Default-Stop: 0 1 6 > -# Short-Description: Bring up/down LXC autostart containers > -# Description: Bring up/down LXC autostart containers > -### END INIT INFO > - > -# Source function library. > -. /etc/init.d/functions > - > -# Check for needed utility program > -[ -x /usr/bin/lxc-autostart ] || exit 1 > - > -# If libvirtd is providing the bridge, it might not be > -# immediately available, so wait a bit for it before starting > -# up the containers or else any that use the bridge will fail > -# to start > -wait_for_bridge() > -{ > - [ -f /etc/lxc/default.conf ] || { return 0; } > - > - BRNAME=`grep lxc.network.link /etc/lxc/default.conf |awk '{print $3}'` > - [ -n $BRNAME ] || { return 0; } > - > - for try in `seq 1 30`; do > - ifconfig -a |grep "^$BRNAME" >/dev/null 2>&1 > - if [ $? = 0 ]; then > - return > - fi > - sleep 1 > - done > -} > - > -# See how we were called. > -case "$1" in > - start) > - [ ! -f /var/lock/subsys/lxc ] || { exit 0; } > - > - # Start containers > - wait_for_bridge > - action $"Starting LXC containers: " /usr/bin/lxc-autostart > - touch /var/lock/subsys/lxc > - ;; > - stop) > - action $"Stopping LXC containers: " /usr/bin/lxc-autostart -s > - rm -f /var/lock/subsys/lxc > - ;; > - restart|reload|force-reload) > - $0 stop > - $0 start > - ;; > - *) > - echo $"Usage: $0 {start|stop|restart|reload|force-reload}" > - exit 2 > -esac > -exit $? > -- > 1.8.5.2 > > _______________________________________________ > lxc-devel mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-devel _______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
