On Thu, Jan 16, 2014 at 03:30:37PM -0600, Serge Hallyn wrote: > Quoting Stéphane Graber ([email protected]): > > This adds the 3 upstart jobs that we've had in Ubuntu for a while: > > - lxc.conf: Main upstart job, triggers lxc-net.conf based on config > > - lxc-instance.conf: Triggered by lxc.conf for each auto-started container > > - lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ... > > > > In addition, there are two extra config files in /etc/default: > > - lxc: Allows setting some values like http proxying, disabling autostart, > > ... > > - lxc-net: Network configuration for the lxcbr0 bridge > > > > This change also disables the sysv script for all distros but Oracle as > > the current script won't work on either Ubuntu nor Debian and I suspect > > quite a few more distros, so it's not nearly as distro-agnostic as we > > thought. > > > > For Debian, only install the upstart jobs and systemd unit. > > For Ubuntu, only install the upstart jobs. > > > > This change also moves all the init related stuff to config/init/ > > > > Signed-off-by: Stéphane Graber <[email protected]> > > ... > > > diff --git a/config/init/upstart/Makefile.am > > b/config/init/upstart/Makefile.am > > new file mode 100644 > > index 0000000..8205f20 > > --- /dev/null > > +++ b/config/init/upstart/Makefile.am > > @@ -0,0 +1,22 @@ > > +EXTRA_DIST = lxc.conf lxc-instance.conf lxc-net.conf > > + > > +if INIT_SCRIPT_UPSTART > > +install-upstart: lxc.conf lxc-instance.conf lxc-net.conf > > + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/init/ > > + $(INSTALL_DATA) lxc.conf $(DESTDIR)$(sysconfdir)/init/ > > + $(INSTALL_DATA) lxc-instance.conf $(DESTDIR)$(sysconfdir)/init/ > > + $(INSTALL_DATA) lxc-net.conf $(DESTDIR)$(sysconfdir)/init/ > > + > > +uninstall-syvinit: > > Why do you have uninstall-syvinit here? Did you want an > uninstall-upstart?
I did! Thankfully the typo was consistent and so my tests passed anyway :) Will fix and re-send. > > > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc.conf > > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc-instance.conf > > + rm -f $(DESTDIR)$(sysconfdir)/rc.d/init/lxc-net.conf > > + rmdir $(DESTDIR)$(sysconfdir)/rc.d/init || : > > +else > > +install-syvinit: > > +uninstall-upstart: > > +endif > > + > > +install-data-local: install-upstart > > + > > +uninstall-local: uninstall-upstart > > diff --git a/config/init/upstart/lxc-instance.conf > > b/config/init/upstart/lxc-instance.conf > > new file mode 100644 > > index 0000000..58d045d > > --- /dev/null > > +++ b/config/init/upstart/lxc-instance.conf > > @@ -0,0 +1,22 @@ > > +description "lxc instance" > > +author "Christian Kampka <[email protected]>" > > + > > +stop on stopping lxc > > + > > +# wait for 120 seconds for container to shutdown before killing it > > +kill timeout 120 > > + > > +# send SIGPWR to container to trigger a shutdown (see lxc-shutdown(1)) > > +kill signal SIGPWR > > + > > + > > +instance $NAME > > +usage "NAME=name of LXC instance" > > + > > +pre-start script > > + lxc-wait -s RUNNING -n $NAME -t 0 && { stop; exit 0; } || true > > +end script > > + > > +script > > + exec lxc-start -n $NAME > > +end script > > diff --git a/config/init/upstart/lxc-net.conf > > b/config/init/upstart/lxc-net.conf > > new file mode 100644 > > index 0000000..517bd2b > > --- /dev/null > > +++ b/config/init/upstart/lxc-net.conf > > @@ -0,0 +1,86 @@ > > +description "lxc network" > > +author "Serge Hallyn <[email protected]>" > > + > > +start on starting lxc > > +stop on stopped lxc > > + > > +env USE_LXC_BRIDGE="false" > > +env LXC_BRIDGE="lxcbr0" > > +env LXC_ADDR="10.0.3.1" > > +env LXC_NETMASK="255.255.255.0" > > +env LXC_NETWORK="10.0.3.0/24" > > +env LXC_DHCP_RANGE="10.0.3.2,10.0.3.254" > > +env LXC_DHCP_MAX="253" > > +env LXC_DHCP_CONFILE="" > > +env varrun="/var/run/lxc" > > +env LXC_DOMAIN="" > > + > > +pre-start script > > + [ -f /etc/default/lxc ] && . /etc/default/lxc > > + > > + [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { stop; exit 0; } > > + > > + use_iptables_lock="-w" > > + iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock="" > > + cleanup() { > > + # dnsmasq failed to start, clean up the bridge > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > > --dport 67 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > > --dport 67 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > > --dport 53 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > > --dport 53 -j ACCEPT > > + iptables $use_iptables_lock -t nat -D POSTROUTING -s > > ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true > > + iptables $use_iptables_lock -t mangle -D POSTROUTING -o > > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > > + ifconfig ${LXC_BRIDGE} down || true > > + brctl delbr ${LXC_BRIDGE} || true > > + } > > + > > + if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > > + if [ ! -f ${varrun}/network_up ]; then > > + # bridge exists, but we didn't start it > > + stop; > > + fi > > + exit 0; > > + fi > > + > > + # set up the lxc network > > + brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in kernel"; > > stop; exit 0; } > > + echo 1 > /proc/sys/net/ipv4/ip_forward > > + mkdir -p ${varrun} > > + ifconfig ${LXC_BRIDGE} ${LXC_ADDR} netmask ${LXC_NETMASK} up > > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 67 > > -j ACCEPT > > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 > > -j ACCEPT > > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 53 > > -j ACCEPT > > + iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 > > -j ACCEPT > > + iptables $use_iptables_lock -t nat -A POSTROUTING -s ${LXC_NETWORK} ! > > -d ${LXC_NETWORK} -j MASQUERADE > > + iptables $use_iptables_lock -t mangle -A POSTROUTING -o ${LXC_BRIDGE} > > -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > > + > > + LXC_DOMAIN_ARG="" > > + if [ -n "$LXC_DOMAIN" ]; then > > + LXC_DOMAIN_ARG="-s $LXC_DOMAIN" > > + fi > > + dnsmasq $LXC_DOMAIN_ARG -u lxc-dnsmasq --strict-order --bind-interfaces > > --pid-file=${varrun}/dnsmasq.pid --conf-file=${LXC_DHCP_CONFILE} > > --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} > > --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override --except-interface=lo > > --interface=${LXC_BRIDGE} > > --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > > --dhcp-authoritative || cleanup > > + touch ${varrun}/network_up > > +end script > > + > > +post-stop script > > + [ -f /etc/default/lxc ] && . /etc/default/lxc > > + [ -f "${varrun}/network_up" ] || exit 0; > > + # if $LXC_BRIDGE has attached interfaces, don't shut it down > > + ls /sys/class/net/${LXC_BRIDGE}/brif/* > /dev/null 2>&1 && exit 0; > > + > > + if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > > + use_iptables_lock="-w" > > + iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock="" > > + ifconfig ${LXC_BRIDGE} down > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > > --dport 67 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > > --dport 67 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp > > --dport 53 -j ACCEPT > > + iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp > > --dport 53 -j ACCEPT > > + iptables $use_iptables_lock -t nat -D POSTROUTING -s > > ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true > > + iptables $use_iptables_lock -t mangle -D POSTROUTING -o > > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > > + pid=`cat ${varrun}/dnsmasq.pid 2>/dev/null` && kill -9 $pid || > > true > > + rm -f ${varrun}/dnsmasq.pid > > + brctl delbr ${LXC_BRIDGE} > > + fi > > + rm -f ${varrun}/network_up > > +end script > > diff --git a/config/init/upstart/lxc.conf b/config/init/upstart/lxc.conf > > new file mode 100644 > > index 0000000..1a5c5c9 > > --- /dev/null > > +++ b/config/init/upstart/lxc.conf > > @@ -0,0 +1,27 @@ > > +description "lxc" > > +author "Serge Hallyn <[email protected]>" > > + > > +start on runlevel [2345] > > +stop on starting rc RUNLEVEL=[016] > > + > > +env LXC_AUTO="false" > > + > > +pre-start script > > + [ -f /etc/default/lxc ] && . /etc/default/lxc > > + > > + # don't load profiles if mount mediation is not supported > > + SYSF=/sys/kernel/security/apparmor/features/mount/mask > > + if [ -f $SYSF ]; then > > + if [ -x /lib/init/apparmor-profile-load ]; then > > + /lib/init/apparmor-profile-load usr.bin.lxc-start > > + /lib/init/apparmor-profile-load lxc-containers > > + fi > > + fi > > + > > + [ "x$LXC_AUTO" = "xtrue" ] || exit 0 > > + > > + lxc-autostart -L | while read line; do > > + set -- $line > > + (start lxc-instance NAME=$1 && sleep $2) || true > > + done > > +end script > > diff --git a/configure.ac b/configure.ac > > index d8be165..6b93299 100644 > > --- a/configure.ac > > +++ b/configure.ac > > @@ -78,7 +78,7 @@ AM_CONDITIONAL([DISTRO_UBUNTU], [test "x$with_distro" = > > "xubuntu"]) > > AC_MSG_CHECKING([for init system type]) > > AC_ARG_WITH([init-script], > > [AC_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@], > > - [Type(s) of init script to install: sysv, systemd, > > upstart, > > + [Type(s) of init script to install: sysvinit, > > systemd, upstart, > > distro > > @<:@default=distro@:>@])],[],[with_init_script=distro]) > > case "$with_init_script" in > > distro) > > @@ -87,17 +87,17 @@ case "$with_init_script" in > > init_script=systemd > > ;; > > redhat|centos|oracle|oracleserver) > > - init_script=sysv > > + init_script=sysvinit > > ;; > > debian) > > - init_script=sysv,upstart,systemd > > + init_script=upstart,systemd > > ;; > > ubuntu) > > init_script=upstart > > ;; > > *) > > - echo -n "Linux distribution init system > > unknown, defaulting to sysv" > > - init_script=sysv > > + echo -n "Linux distribution init system > > unknown." > > + init_script= > > ;; > > esac > > ;; > > @@ -110,7 +110,7 @@ esac > > (IFS="," ; for init_sys in $init_script; > > do > > case "$init_sys" in > > - none|sysv|systemd|upstart) > > + none|sysvinit|systemd|upstart) > > ;; > > *) > > exit 1 > > @@ -118,7 +118,7 @@ do > > esac > > done) || AC_MSG_ERROR([Unknown init system type in $init_script]) > > > > -AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysv"]) > > +AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q > > "sysvinit"]) > > AM_CONDITIONAL([INIT_SCRIPT_SYSTEMD], [echo "$init_script" |grep -q > > "systemd"]) > > AM_CONDITIONAL([INIT_SCRIPT_UPSTART], [echo "$init_script" |grep -q > > "upstart"]) > > AC_MSG_RESULT($init_script) > > @@ -547,6 +547,10 @@ AC_CONFIG_FILES([ > > lxc.spec > > > > config/Makefile > > + config/init/Makefile > > + config/init/sysvinit/Makefile > > + config/init/systemd/Makefile > > + config/init/upstart/Makefile > > config/etc/Makefile > > config/templates/Makefile > > config/templates/debian.common.conf > > diff --git a/lxc.spec.in b/lxc.spec.in > > index 615fcd6..c8ff08e 100644 > > --- a/lxc.spec.in > > +++ b/lxc.spec.in > > @@ -31,7 +31,7 @@ > > BuildRequires: systemd-units > > %else > > %global with_systemd 0 > > -%define init_script sysv > > +%define init_script sysvinit > > %endif > > > > # RPM needs alpha/beta/rc in Release: not Version: to ensure smooth > > diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am > > index 34d69a6..1a63fca 100644 > > --- a/src/lxc/Makefile.am > > +++ b/src/lxc/Makefile.am > > @@ -165,11 +165,8 @@ bin_SCRIPTS = \ > > > > EXTRA_DIST = \ > > lxc-device \ > > - lxc-devsetup \ > > lxc-ls \ > > - lxc-top \ > > - lxc.service \ > > - lxc.sysvinit > > + lxc-top > > > > if ENABLE_PYTHON > > bin_SCRIPTS += lxc-device > > @@ -212,43 +209,6 @@ bin_PROGRAMS = \ > > pkglibexec_PROGRAMS = \ > > lxc-init > > > > -if INIT_SCRIPT_SYSV > > -install-init: lxc.sysvinit > > - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/rc.d/init.d > > - $(INSTALL_SCRIPT) lxc.sysvinit $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc > > - > > -uninstall-init: > > - rm -f $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc > > - rmdir $(DESTDIR)$(sysconfdir)/rc.d/init.d || : > > -else > > -install-init: > > -uninstall-init: > > -endif > > - > > -if INIT_SCRIPT_SYSTEMD > > -SYSTEMD_UNIT_DIR = /usr/lib/systemd/system > > -install-systemd: lxc.service lxc-devsetup > > - $(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR) > > - $(INSTALL_DATA) lxc.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/ > > - > > -uninstall-systemd: > > - rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc.service > > - rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || : > > -pkglibexec_SCRIPTS = lxc-devsetup > > -else > > -install-systemd: > > -uninstall-systemd: > > -endif > > - > > -if INIT_SCRIPT_UPSTART > > -# FIXME: install/uninstall upstart script here > > -install-upstart: > > -uninstall-upstart: > > -else > > -install-upstart: > > -uninstall-upstart: > > -endif > > - > > AM_LDFLAGS = -Wl,-E > > if ENABLE_RPATH > > AM_LDFLAGS += -Wl,-rpath -Wl,$(libdir) > > @@ -286,10 +246,6 @@ lxc_snapshot_SOURCES = lxc_snapshot.c > > lxc_usernsexec_SOURCES = lxc_usernsexec.c > > lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h > > > > -install-data-local: install-init install-systemd install-upstart > > - > > -uninstall-local: uninstall-init uninstall-systemd uninstall-upstart > > - > > install-exec-local: install-soPROGRAMS > > mkdir -p $(DESTDIR)$(datadir)/lxc > > install -c -m 644 lxc.functions $(DESTDIR)$(datadir)/lxc > > diff --git a/src/lxc/lxc-devsetup b/src/lxc/lxc-devsetup > > deleted file mode 100755 > > index 3999ac8..0000000 > > --- a/src/lxc/lxc-devsetup > > +++ /dev/null > > @@ -1,25 +0,0 @@ > > -#!/bin/sh - > > - > > -# lxc.devsetup - Setup host /dev for container /dev subdirectories. > > - > > -if [[ ! -d /dev/.lxc ]] > > -then > > - echo "Creating /dev/.lxc" > > - mkdir /dev/.lxc > > - chmod 755 /dev/.lxc > > -fi > > - > > -if grep -q "/dev devtmpfs " /proc/self/mounts > > -then > > - echo "/dev is devtmpfs" > > -else > > - echo "/dev is not devtmpfs - mounting tmpfs on .lxc" > > - mount -t tmpfs tmpfs /dev/.lxc > > -fi > > - > > -if [[ ! -d /dev/.lxc/user ]] > > -then > > - echo "Creating /dev/.lxc/user" > > - mkdir /dev/.lxc/user > > - chmod 1777 /dev/.lxc/user > > -fi > > diff --git a/src/lxc/lxc.service b/src/lxc/lxc.service > > deleted file mode 100644 > > index aa20b91..0000000 > > --- a/src/lxc/lxc.service > > +++ /dev/null > > @@ -1,17 +0,0 @@ > > -[Unit] > > -Description=LXC Container Initialization and Autoboot Code > > -After=syslog.target > > - > > -[Service] > > -Type=oneshot > > -RemainAfterExit=yes > > -ExecStartPre=/usr/libexec/lxc/lxc-devsetup > > -ExecStart=/usr/libexec/lxc/lxc-startup start > > -ExecStop=/usr/libexec/lxc/lxc-startup stop > > -# Environment=BOOTUP=serial > > -# Environment=CONSOLETYPE=serial > > -StandardOutput=syslog > > -StandardError=syslog > > - > > -[Install] > > -WantedBy=multi-user.target > > diff --git a/src/lxc/lxc.sysvinit b/src/lxc/lxc.sysvinit > > deleted file mode 100755 > > index 9128187..0000000 > > --- a/src/lxc/lxc.sysvinit > > +++ /dev/null > > @@ -1,64 +0,0 @@ > > -#!/bin/sh > > -# > > -# lxc Start/Stop LXC autoboot containers > > -# > > -# chkconfig: 345 99 01 > > -# description: Starts/Stops all LXC containers configured for autostart. > > -# > > -### BEGIN INIT INFO > > -# Provides: lxc > > -# Default-Start: 3 4 5 > > -# Default-Stop: 0 1 6 > > -# Short-Description: Bring up/down LXC autostart containers > > -# Description: Bring up/down LXC autostart containers > > -### END INIT INFO > > - > > -# Source function library. > > -. /etc/init.d/functions > > - > > -# Check for needed utility program > > -[ -x /usr/bin/lxc-autostart ] || exit 1 > > - > > -# If libvirtd is providing the bridge, it might not be > > -# immediately available, so wait a bit for it before starting > > -# up the containers or else any that use the bridge will fail > > -# to start > > -wait_for_bridge() > > -{ > > - [ -f /etc/lxc/default.conf ] || { return 0; } > > - > > - BRNAME=`grep lxc.network.link /etc/lxc/default.conf |awk '{print $3}'` > > - [ -n $BRNAME ] || { return 0; } > > - > > - for try in `seq 1 30`; do > > - ifconfig -a |grep "^$BRNAME" >/dev/null 2>&1 > > - if [ $? = 0 ]; then > > - return > > - fi > > - sleep 1 > > - done > > -} > > - > > -# See how we were called. > > -case "$1" in > > - start) > > - [ ! -f /var/lock/subsys/lxc ] || { exit 0; } > > - > > - # Start containers > > - wait_for_bridge > > - action $"Starting LXC containers: " /usr/bin/lxc-autostart > > - touch /var/lock/subsys/lxc > > - ;; > > - stop) > > - action $"Stopping LXC containers: " /usr/bin/lxc-autostart -s > > - rm -f /var/lock/subsys/lxc > > - ;; > > - restart|reload|force-reload) > > - $0 stop > > - $0 start > > - ;; > > - *) > > - echo $"Usage: $0 {start|stop|restart|reload|force-reload}" > > - exit 2 > > -esac > > -exit $? > > -- > > 1.8.5.2 > > > > _______________________________________________ > > lxc-devel mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-devel > _______________________________________________ > lxc-devel mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-devel -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: Digital signature
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
