The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4483
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === we add a new option `propagation`, which allows to specify exactly how bind-mounts will be shared between the host and a container. Signed-off-by: Igor Galić <[email protected]>
From 4704786f8d3d696ada762daee34bab56cdb495b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igor=20Gali=C4=87?= <[email protected]> Date: Mon, 23 Apr 2018 17:52:53 +0200 Subject: [PATCH] feature: allow configuration of mount-propagation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit we add a new option `propagation`, which allows to specify exactly how bind-mounts will be shared between the host and a container. Signed-off-by: Igor Galić <[email protected]> --- doc/containers.md | 1 + lxd/container.go | 2 ++ lxd/container_lxc.go | 11 +++++++++-- lxd/devices.go | 12 +++++++++++- 4 files changed, 23 insertions(+), 3 deletions(-) diff --git a/doc/containers.md b/doc/containers.md index 46d2af9fd..ebb8887c8 100644 --- a/doc/containers.md +++ b/doc/containers.md @@ -343,6 +343,7 @@ readonly | boolean | false | no | Controls whether t size | string | - | no | Disk size in bytes (supports kB, MB, GB, TB, PB and EB suffixes). This is only supported for the rootfs (/). recursive | boolean | false | no | Whether or not to recursively mount the source path pool | string | - | no | The storage pool the disk device belongs to. This is only applicable for storage volumes managed by LXD. +propagation | string | - | no | Controls how a bind-mount is shared between the container and the host. (`rshared`, `rslave` or the default `private`) If multiple disks, backed by the same block device, have I/O limits set, the average of the limits will be used. diff --git a/lxd/container.go b/lxd/container.go index f5c87f3d3..8c58c5c6e 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -168,6 +168,8 @@ func containerValidDeviceConfigKey(t, k string) bool { return true case "pool": return true + case "propagation": + return true default: return false } diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 63e137031..0e8cd0167 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1566,6 +1566,8 @@ func (c *containerLXC) initLXC(config bool) error { sourceDevPath := filepath.Join(c.DevicesPath(), fmt.Sprintf("disk.%s.%s", strings.Replace(k, "/", "-", -1), strings.Replace(relativeDestPath, "/", "-", -1))) + propagation := m["propagation"] + // Various option checks isOptional := shared.IsTrue(m["optional"]) isReadOnly := shared.IsTrue(m["readonly"]) @@ -1626,6 +1628,10 @@ func (c *containerLXC) initLXC(config bool) error { rbind = "r" } + if propagation != ""{ + options = append(options, propagation) + } + if isFile { options = append(options, "create=file") } else { @@ -6246,7 +6252,7 @@ func (c *containerLXC) createUnixDevice(prefix string, m types.Device) ([]string } f.Close() - err = deviceMountDisk(srcPath, devPath, false, false) + err = deviceMountDisk(srcPath, devPath, false, false, "") if err != nil { return nil, err } @@ -7384,6 +7390,7 @@ func (c *containerLXC) createDiskDevice(name string, m types.Device) (string, er devName := fmt.Sprintf("disk.%s.%s", strings.Replace(name, "/", "-", -1), strings.Replace(relativeDestPath, "/", "-", -1)) devPath := filepath.Join(c.DevicesPath(), devName) srcPath := shared.HostPath(m["source"]) + propagation := m["propagation"] // Check if read-only isOptional := shared.IsTrue(m["optional"]) @@ -7497,7 +7504,7 @@ func (c *containerLXC) createDiskDevice(name string, m types.Device) (string, er } // Mount the fs - err := deviceMountDisk(srcPath, devPath, isReadOnly, isRecursive) + err := deviceMountDisk(srcPath, devPath, isReadOnly, isRecursive, propagation) if err != nil { return "", err } diff --git a/lxd/devices.go b/lxd/devices.go index 8aa057dcc..cffde5369 100644 --- a/lxd/devices.go +++ b/lxd/devices.go @@ -964,7 +964,7 @@ func deviceRemoveInterface(nic string) error { return err } -func deviceMountDisk(srcPath string, dstPath string, readonly bool, recursive bool) error { +func deviceMountDisk(srcPath string, dstPath string, readonly bool, recursive bool, propagation string) error { var err error // Prepare the mount flags @@ -982,6 +982,16 @@ func deviceMountDisk(srcPath string, dstPath string, readonly bool, recursive bo } } else { flags |= syscall.MS_BIND + switch propagation { + case "private": + flags |= syscall.MS_PRIVATE + case "rshared": + flags |= syscall.MS_SHARED + case "rslave": + flags |= syscall.MS_SLAVE + default: + flags |= syscall.MS_PRIVATE + } if recursive { flags |= syscall.MS_REC }
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
