elecksee 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.md +4 -0
- data/bin/lxc-awesome-ephemeral +57 -2
- data/lib/elecksee/clone.rb +15 -0
- data/lib/elecksee/ephemeral.rb +310 -0
- data/lib/elecksee/helpers.rb +70 -0
- data/lib/elecksee/lxc.rb +409 -5
- data/lib/elecksee/lxc_file_config.rb +86 -0
- data/lib/elecksee/storage/overlay_directory.rb +31 -0
- data/lib/elecksee/storage/overlay_mount.rb +60 -0
- data/lib/elecksee/storage/virtual_device.rb +81 -0
- data/lib/elecksee/version.rb +1 -1
- metadata +9 -39
- data/Gemfile.lock +0 -18
- data/lib/elecksee/awesome.rb +0 -14
- data/lib/elecksee/vendor/lxc/CHANGELOG.md +0 -37
- data/lib/elecksee/vendor/lxc/Gemfile +0 -4
- data/lib/elecksee/vendor/lxc/Gemfile.lock +0 -41
- data/lib/elecksee/vendor/lxc/README.md +0 -112
- data/lib/elecksee/vendor/lxc/attributes/default.rb +0 -28
- data/lib/elecksee/vendor/lxc/files/default/knife_lxc +0 -228
- data/lib/elecksee/vendor/lxc/files/default/lxc-awesome-ephemeral +0 -495
- data/lib/elecksee/vendor/lxc/libraries/lxc.rb +0 -366
- data/lib/elecksee/vendor/lxc/libraries/lxc_expanded_resources.rb +0 -40
- data/lib/elecksee/vendor/lxc/libraries/lxc_file_config.rb +0 -84
- data/lib/elecksee/vendor/lxc/libraries/monkey.rb +0 -51
- data/lib/elecksee/vendor/lxc/metadata.rb +0 -12
- data/lib/elecksee/vendor/lxc/providers/config.rb +0 -75
- data/lib/elecksee/vendor/lxc/providers/container.rb +0 -318
- data/lib/elecksee/vendor/lxc/providers/default.rb +0 -57
- data/lib/elecksee/vendor/lxc/providers/ephemeral.rb +0 -40
- data/lib/elecksee/vendor/lxc/providers/fstab.rb +0 -30
- data/lib/elecksee/vendor/lxc/providers/interface.rb +0 -45
- data/lib/elecksee/vendor/lxc/providers/service.rb +0 -53
- data/lib/elecksee/vendor/lxc/recipes/containers.rb +0 -13
- data/lib/elecksee/vendor/lxc/recipes/default.rb +0 -58
- data/lib/elecksee/vendor/lxc/recipes/install_dependencies.rb +0 -15
- data/lib/elecksee/vendor/lxc/recipes/knife.rb +0 -37
- data/lib/elecksee/vendor/lxc/resources/config.rb +0 -19
- data/lib/elecksee/vendor/lxc/resources/container.rb +0 -54
- data/lib/elecksee/vendor/lxc/resources/default.rb +0 -12
- data/lib/elecksee/vendor/lxc/resources/ephemeral.rb +0 -13
- data/lib/elecksee/vendor/lxc/resources/fstab.rb +0 -12
- data/lib/elecksee/vendor/lxc/resources/interface.rb +0 -13
- data/lib/elecksee/vendor/lxc/resources/service.rb +0 -5
- data/lib/elecksee/vendor/lxc/templates/default/client.rb.erb +0 -13
- data/lib/elecksee/vendor/lxc/templates/default/default-lxc.erb +0 -3
- data/lib/elecksee/vendor/lxc/templates/default/file_content.erb +0 -2
- data/lib/elecksee/vendor/lxc/templates/default/fstab.erb +0 -5
- data/lib/elecksee/vendor/lxc/templates/default/interface.erb +0 -27
@@ -1,318 +0,0 @@
|
|
1
|
-
def load_current_resource
|
2
|
-
@lxc = ::Lxc.new(
|
3
|
-
new_resource.name,
|
4
|
-
:base_dir => node[:lxc][:container_directory],
|
5
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
6
|
-
)
|
7
|
-
new_resource.subresources.map! do |s_r|
|
8
|
-
s_r.first.run_context = run_context
|
9
|
-
s_r.first.instance_eval(&s_r.last)
|
10
|
-
s_r.first
|
11
|
-
end
|
12
|
-
|
13
|
-
# TODO: Use some actual logic here, sheesh
|
14
|
-
if(new_resource.static_ip && new_resource.static_gateway.nil?)
|
15
|
-
raise "Static gateway must be defined when static IP is provided (Container: #{new_resource.name})"
|
16
|
-
end
|
17
|
-
new_resource.default_bridge node[:lxc][:bridge] unless new_resource.default_bridge
|
18
|
-
node.run_state[:lxc] ||= Mash.new
|
19
|
-
node.run_state[:lxc][:meta] ||= Mash.new
|
20
|
-
node.run_state[:lxc][:meta][new_resource.name] = Mash.new(
|
21
|
-
:new_container => !@lxc.exists?,
|
22
|
-
:lxc => @lxc
|
23
|
-
)
|
24
|
-
end
|
25
|
-
|
26
|
-
action :create do
|
27
|
-
_lxc = @lxc # for use inside resources
|
28
|
-
stopped_end_state = _lxc.stopped?
|
29
|
-
|
30
|
-
#### Add custom key for host based interactions
|
31
|
-
directory '/opt/hw-lxc-config' do
|
32
|
-
recursive true
|
33
|
-
end
|
34
|
-
|
35
|
-
execute 'lxc host_ssh_key' do
|
36
|
-
command "ssh-keygen -P '' -f /opt/hw-lxc-config/id_rsa"
|
37
|
-
creates '/opt/hw-lxc-config/id_rsa'
|
38
|
-
end
|
39
|
-
|
40
|
-
#### Create container
|
41
|
-
lxc new_resource.name do
|
42
|
-
if(new_resource.clone)
|
43
|
-
action :clone
|
44
|
-
base_container new_resource.clone
|
45
|
-
else
|
46
|
-
action :create
|
47
|
-
template new_resource.template
|
48
|
-
template_opts new_resource.template_opts
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
#### Create container configuration bits
|
53
|
-
if(new_resource.default_config)
|
54
|
-
lxc_config new_resource.name do
|
55
|
-
action :create
|
56
|
-
default_bridge new_resource.default_bridge
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
if(new_resource.default_fstab)
|
61
|
-
lxc_fstab "proc[#{new_resource.name}]" do
|
62
|
-
container new_resource.name
|
63
|
-
file_system 'proc'
|
64
|
-
mount_point 'proc'
|
65
|
-
type 'proc'
|
66
|
-
options %w(nodev noexec nosuid)
|
67
|
-
end
|
68
|
-
|
69
|
-
lxc_fstab "sysfs[#{new_resource.name}]" do
|
70
|
-
container new_resource.name
|
71
|
-
file_system 'sysfs'
|
72
|
-
mount_point 'sys'
|
73
|
-
type 'sysfs'
|
74
|
-
options 'default'
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
if(new_resource.static_ip)
|
79
|
-
lxc_interface "eth0[#{new_resource.name}]" do
|
80
|
-
container new_resource.name
|
81
|
-
device 'eth0'
|
82
|
-
address new_resource.static_ip
|
83
|
-
netmask new_resource.static_netmask
|
84
|
-
gateway new_resource.static_gateway
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
|
-
ruby_block "LXC #{new_resource.name} - Run subresources" do
|
89
|
-
block do
|
90
|
-
new_resource.subresources.each do |s_r|
|
91
|
-
s_r.run_action(:create)
|
92
|
-
end
|
93
|
-
end
|
94
|
-
not_if do
|
95
|
-
new_resource.subresources.empty?
|
96
|
-
end
|
97
|
-
end
|
98
|
-
|
99
|
-
template @lxc.path.join('fstab').to_path do
|
100
|
-
source 'fstab.erb'
|
101
|
-
cookbook 'lxc'
|
102
|
-
variables :container => new_resource.name
|
103
|
-
only_if do
|
104
|
-
node.run_state[:lxc][:fstabs] &&
|
105
|
-
node.run_state[:lxc][:fstabs][new_resource.name]
|
106
|
-
end
|
107
|
-
mode 0644
|
108
|
-
end
|
109
|
-
|
110
|
-
template @lxc.rootfs.join('etc/network/interfaces').to_path do
|
111
|
-
source 'interface.erb'
|
112
|
-
cookbook 'lxc'
|
113
|
-
variables :container => new_resource.name
|
114
|
-
mode 0644
|
115
|
-
only_if do
|
116
|
-
node.run_state[:lxc][:interfaces] &&
|
117
|
-
node.run_state[:lxc][:interfaces][new_resource.name]
|
118
|
-
end
|
119
|
-
end
|
120
|
-
|
121
|
-
#### Ensure host has ssh access into container
|
122
|
-
directory @lxc.rootfs.join('root/.ssh').to_path
|
123
|
-
|
124
|
-
template @lxc.rootfs.join('root/.ssh/authorized_keys').to_path do
|
125
|
-
source 'file_content.erb'
|
126
|
-
cookbook 'lxc'
|
127
|
-
mode 0600
|
128
|
-
variables(:path => '/opt/hw-lxc-config/id_rsa.pub')
|
129
|
-
end
|
130
|
-
|
131
|
-
#### Use cached chef package from host if available
|
132
|
-
if(%w(debian ubuntu).include?(new_resource.template) && system('ls /opt/chef*.deb 2>1 > /dev/null'))
|
133
|
-
if(::File.directory?('/opt'))
|
134
|
-
file_name = Dir.new('/opt').detect do |item|
|
135
|
-
item.start_with?('chef') && item.end_with?('.deb')
|
136
|
-
end
|
137
|
-
end
|
138
|
-
|
139
|
-
execute "lxc copy_chef_full[#{new_resource.name}]" do
|
140
|
-
command "cp /opt/#{file_name} #{_lxc.rootfs.join('opt')}"
|
141
|
-
not_if do
|
142
|
-
file_name.nil? || !new_resource.chef_enabled || _lxc.rootfs.join('opt', file_name).exist?
|
143
|
-
end
|
144
|
-
end
|
145
|
-
|
146
|
-
execute "lxc install_chef_full[#{new_resource.name}]" do
|
147
|
-
action :nothing
|
148
|
-
command "chroot #{_lxc.rootfs} dpkg -i #{::File.join('/opt', file_name)}"
|
149
|
-
subscribes :run, "execute[lxc copy_chef_full[#{new_resource.name}]]", :immediately
|
150
|
-
end
|
151
|
-
elsif(new_resource.chef_enabled)
|
152
|
-
pkg_coms = ['update -y -q', 'upgrade -y -q','install curl -y -q']
|
153
|
-
if(!new_resource.template.to_s.scan(%r{debian|ubuntu}).empty?)
|
154
|
-
pkg_man = 'apt-get'
|
155
|
-
elsif(!new_resource.template.to_s.scan(%r{fedora|centos}).empty?)
|
156
|
-
pkg_man = 'yum'
|
157
|
-
end
|
158
|
-
if(pkg_man)
|
159
|
-
new_resource.initialize_commands(
|
160
|
-
pkg_coms.map do |c|
|
161
|
-
"#{pkg_man} #{c}"
|
162
|
-
end + new_resource.initialize_commands
|
163
|
-
)
|
164
|
-
end
|
165
|
-
end
|
166
|
-
|
167
|
-
ruby_block "lxc start[#{new_resource.name}]" do
|
168
|
-
block do
|
169
|
-
_lxc.start
|
170
|
-
end
|
171
|
-
only_if do
|
172
|
-
_lxc.rootfs.join('etc/chef/first_run.json').exist? ||
|
173
|
-
!new_resource.container_commands.empty? ||
|
174
|
-
(node.run_state[:lxc][:meta][new_resource.name][:new_container] && new_resource.initialize_commands)
|
175
|
-
end
|
176
|
-
end
|
177
|
-
|
178
|
-
#### Have initialize commands for the container? Run them now
|
179
|
-
ruby_block "lxc initialize_commands[#{new_resource.name}]" do
|
180
|
-
block do
|
181
|
-
new_resource.initialize_commands.each do |cmd|
|
182
|
-
Chef::Log.info "Running command on #{new_resource.name}: #{cmd}"
|
183
|
-
_lxc.container_command(cmd, 2)
|
184
|
-
end
|
185
|
-
end
|
186
|
-
only_if do
|
187
|
-
node.run_state[:lxc][:meta][new_resource.name][:new_container] &&
|
188
|
-
!new_resource.initialize_commands.empty?
|
189
|
-
end
|
190
|
-
end
|
191
|
-
|
192
|
-
# Make sure we have chef in the container
|
193
|
-
remote_file "lxc chef_install_script[#{new_resource.name}]" do
|
194
|
-
source "http://opscode.com/chef/install.sh"
|
195
|
-
path _lxc.rootfs.join('opt/chef-install.sh').to_path
|
196
|
-
action :create_if_missing
|
197
|
-
only_if do
|
198
|
-
new_resource.chef_enabled && !_lxc.rootfs.join('usr/bin/chef-client').exist?
|
199
|
-
end
|
200
|
-
end
|
201
|
-
|
202
|
-
ruby_block "lxc install_chef[#{new_resource.name}]" do
|
203
|
-
block do
|
204
|
-
_lxc.container_command('bash /opt/chef-install.sh')
|
205
|
-
end
|
206
|
-
action :create
|
207
|
-
only_if do
|
208
|
-
new_resource.chef_enabled &&
|
209
|
-
!_lxc.rootfs.join('usr/bin/chef-client').exist? &&
|
210
|
-
_lxc.rootfs.join('opt/chef-install.sh').exist?
|
211
|
-
end
|
212
|
-
end
|
213
|
-
|
214
|
-
#### Setup chef related bits within container
|
215
|
-
directory @lxc.rootfs.join('etc/chef').to_path do
|
216
|
-
action :create
|
217
|
-
mode 0755
|
218
|
-
only_if{ new_resource.chef_enabled }
|
219
|
-
end
|
220
|
-
|
221
|
-
template "lxc chef-config[#{new_resource.name}]" do
|
222
|
-
source 'client.rb.erb'
|
223
|
-
cookbook 'lxc'
|
224
|
-
path _lxc.rootfs.join('etc/chef/client.rb').to_path
|
225
|
-
variables(
|
226
|
-
:validation_client => new_resource.validation_client || Chef::Config[:validation_client_name],
|
227
|
-
:node_name => new_resource.node_name || "#{node.name}-#{new_resource.name}",
|
228
|
-
:server_uri => new_resource.server_uri || Chef::Config[:chef_server_url],
|
229
|
-
:chef_environment => new_resource.chef_environment || '_default'
|
230
|
-
)
|
231
|
-
mode 0644
|
232
|
-
only_if{ new_resource.chef_enabled }
|
233
|
-
end
|
234
|
-
|
235
|
-
file "lxc chef-validator[#{new_resource.name}]" do
|
236
|
-
path _lxc.rootfs.join('etc/chef/validator.pem').to_path
|
237
|
-
content new_resource.validator_pem || node[:lxc][:validator_pem]
|
238
|
-
mode 0600
|
239
|
-
only_if{ new_resource.chef_enabled && !_lxc.rootfs.join('etc/chef/client.pem').exist? }
|
240
|
-
end
|
241
|
-
|
242
|
-
file "lxc chef-runlist[#{new_resource.name}]" do
|
243
|
-
path _lxc.rootfs.join('etc/chef/first_run.json').to_path
|
244
|
-
content({:run_list => new_resource.run_list}.to_json)
|
245
|
-
only_if do
|
246
|
-
new_resource.chef_enabled && !_lxc.rootfs.join('etc/chef/client.pem').exist?
|
247
|
-
end
|
248
|
-
mode 0644
|
249
|
-
end
|
250
|
-
|
251
|
-
file "lxc chef-data-bag-secret[#{new_resource.name}]" do
|
252
|
-
path _lxc.rootfs.join('etc/chef/encrypted_data_bag_secret').to_path
|
253
|
-
content(
|
254
|
-
::File.exists?(new_resource.data_bag_secret_file) ? ::File.open(new_resource.data_bag_secret_file, "rb").read : ''
|
255
|
-
)
|
256
|
-
mode 0600
|
257
|
-
only_if do
|
258
|
-
new_resource.chef_enabled &&
|
259
|
-
new_resource.copy_data_bag_secret_file &&
|
260
|
-
::File.exists?(new_resource.copy_data_bag_secret_file)
|
261
|
-
end
|
262
|
-
end
|
263
|
-
|
264
|
-
#### Let chef configure the container
|
265
|
-
# NOTE: We run chef-client if the validator.pem exists and the
|
266
|
-
# client.pem file does not exist.
|
267
|
-
ruby_block "lxc run_chef[#{new_resource.name}]" do
|
268
|
-
block do
|
269
|
-
cmd = 'chef-client -K /etc/chef/validator.pem -c /etc/chef/client.rb -j /etc/chef/first_run.json'
|
270
|
-
Chef::Log.info "Running command on #{new_resource.name}: #{cmd}"
|
271
|
-
_lxc.container_command(cmd, new_resource.chef_retries)
|
272
|
-
end
|
273
|
-
only_if do
|
274
|
-
new_resource.chef_enabled &&
|
275
|
-
_lxc.rootfs.join('etc/chef/validator.pem').exist? &&
|
276
|
-
!_lxc.rootfs.join('etc/chef/client.pem').exist?
|
277
|
-
end
|
278
|
-
end
|
279
|
-
|
280
|
-
#### Have commands for the container? Run them now
|
281
|
-
ruby_block "lxc container_commands[#{new_resource.name}]" do
|
282
|
-
block do
|
283
|
-
new_resource.container_commands.each do |cmd|
|
284
|
-
_lxc.container_command(cmd, 2)
|
285
|
-
end
|
286
|
-
end
|
287
|
-
not_if do
|
288
|
-
new_resource.container_commands.empty?
|
289
|
-
end
|
290
|
-
end
|
291
|
-
|
292
|
-
# NOTE: If the container was not running before we started, make
|
293
|
-
# sure we leave it in a stopped state
|
294
|
-
ruby_block "lxc shutdown[#{new_resource.name}]" do
|
295
|
-
block do
|
296
|
-
_lxc.shutdown
|
297
|
-
end
|
298
|
-
only_if do
|
299
|
-
stopped_end_state && _lxc.running?
|
300
|
-
end
|
301
|
-
end
|
302
|
-
|
303
|
-
#### Clean up after chef if it's enabled
|
304
|
-
file @lxc.rootfs.join('etc/chef/first_run.json').to_path do
|
305
|
-
action :delete
|
306
|
-
end
|
307
|
-
|
308
|
-
file @lxc.rootfs.join('etc/chef/validator.pem').to_path do
|
309
|
-
action :delete
|
310
|
-
end
|
311
|
-
|
312
|
-
end
|
313
|
-
|
314
|
-
action :delete do
|
315
|
-
lxc new_resource.name do
|
316
|
-
action :delete
|
317
|
-
end
|
318
|
-
end
|
@@ -1,57 +0,0 @@
|
|
1
|
-
def load_current_resource
|
2
|
-
@lxc = ::Lxc.new(
|
3
|
-
new_resource.name,
|
4
|
-
:base_dir => node[:lxc][:container_directory],
|
5
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
6
|
-
)
|
7
|
-
end
|
8
|
-
|
9
|
-
action :create do
|
10
|
-
_lxc = @lxc
|
11
|
-
execute "LXC Create: #{new_resource.name}" do
|
12
|
-
command "lxc-create -n #{new_resource.name} -t #{new_resource.template} -- #{new_resource.template_opts.to_a.flatten.join(' ')}"
|
13
|
-
only_if do
|
14
|
-
!_lxc.exists? && new_resource.updated_by_last_action(true)
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
action :clone do
|
20
|
-
_lxc = @lxc
|
21
|
-
_base_lxc = ::Lxc.new(
|
22
|
-
new_resource.base_container,
|
23
|
-
:base_dir => node[:lxc][:container_directory],
|
24
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
25
|
-
)
|
26
|
-
|
27
|
-
unless(_base_lxc.exists?)
|
28
|
-
raise "LXC clone failed! Base container #{new_resource.base_container} does not exist. Cannot create #{new_resource.name}"
|
29
|
-
end
|
30
|
-
|
31
|
-
execute "LXC Clone: #{new_resource.base_container} -> #{new_resource.name}" do
|
32
|
-
command "lxc-clone -o #{new_resource.base_container} -n #{new_resource.name}"
|
33
|
-
only_if do
|
34
|
-
!_lxc.exists? && new_resource.updated_by_last_action(true)
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
end
|
39
|
-
|
40
|
-
action :delete do
|
41
|
-
_lxc = @lxc
|
42
|
-
ruby_block "Stop container #{new_resource.name}" do
|
43
|
-
block do
|
44
|
-
_lxc.shutdown
|
45
|
-
end
|
46
|
-
only_if do
|
47
|
-
_lxc.exists? && _lxc.running?
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
execute "Destroy container #{new_resource.name}" do
|
52
|
-
command "lxc-destroy #{new_resource.name}"
|
53
|
-
only_if do
|
54
|
-
_lxc.exists?
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
@@ -1,40 +0,0 @@
|
|
1
|
-
use_inline_resources if self.respond_to?(:use_inline_resources)
|
2
|
-
|
3
|
-
def load_current_resource
|
4
|
-
@lxc = ::Lxc.new(
|
5
|
-
new_resource.base_container,
|
6
|
-
:base_dir => node[:lxc][:container_directory],
|
7
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
8
|
-
)
|
9
|
-
unless(@lxc.exists?)
|
10
|
-
raise "Requested base contianer: #{new_resource.base_container} does not exist"
|
11
|
-
end
|
12
|
-
@start_script = node[:lxc][:awesome_ephemerals] ? '/usr/local/bin/lxc-awesome-ephemeral' : 'lxc-ephemeral-start'
|
13
|
-
unless(node[:lxc][:awesome_ephemerals])
|
14
|
-
%w(host_rootfs virtual_device).each do |key|
|
15
|
-
if(resource.send(key))
|
16
|
-
raise "#{key} lxc ephemeral attribute only valid when awesome_ephemerals is true!"
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
action :run do
|
23
|
-
com = [@start_script]
|
24
|
-
com << "-o #{new_resource.base_container}"
|
25
|
-
com << "-b #{new_resource.bind_directory}" if new_resource.bind_directory
|
26
|
-
com << "-U #{new_resource.union_type}"
|
27
|
-
com << "-u #{new_resource.user}"
|
28
|
-
com << "-S #{new_resource.key}"
|
29
|
-
com << "-z #{new_resource.host_rootfs}" if new_resource.host_rootfs
|
30
|
-
com << "-D #{new_resource.virtual_device}" if new_resource.virtual_device
|
31
|
-
if(new_resource.background)
|
32
|
-
Chef::Log.warn("Ephemeral container will be backgrounded: #{new_resource.name}")
|
33
|
-
com << '-d'
|
34
|
-
end
|
35
|
-
com << "\"#{new_resource.command}\"" # TODO: fix this to be proper
|
36
|
-
execute "LXC ephemeral: #{new_resource.name}" do
|
37
|
-
command com.join(' ')
|
38
|
-
stream_output new_resource.stream_output
|
39
|
-
end
|
40
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
def load_current_resource
|
2
|
-
if(new_resource.auto_join_rootfs_mount)
|
3
|
-
new_resource.mount_point(
|
4
|
-
::Lxc.new(new_resource.container).rootfs.join(
|
5
|
-
new_resource.mount_point
|
6
|
-
).to_path
|
7
|
-
)
|
8
|
-
end
|
9
|
-
node.run_state[:lxc] ||= Mash.new
|
10
|
-
node.run_state[:lxc][:fstabs] ||= Mash.new
|
11
|
-
node.run_state[:lxc][:fstabs][new_resource.container] ||= []
|
12
|
-
end
|
13
|
-
|
14
|
-
action :create do
|
15
|
-
|
16
|
-
line = "#{new_resource.file_system}\t#{new_resource.mount_point}\t" <<
|
17
|
-
"#{new_resource.type}\t#{Array(new_resource.options).join(',')}\t" <<
|
18
|
-
"#{new_resource.dump}\t#{new_resource.pass}"
|
19
|
-
|
20
|
-
if(new_resource.create_mount_point)
|
21
|
-
directory new_resource.mount_point do
|
22
|
-
recursive true
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
unless(node.run_state[:lxc][:fstabs][new_resource.container].include?(line))
|
27
|
-
node.run_state[:lxc][:fstabs][new_resource.container] << line
|
28
|
-
end
|
29
|
-
|
30
|
-
end
|
@@ -1,45 +0,0 @@
|
|
1
|
-
def load_current_resource
|
2
|
-
@lxc = ::Lxc.new(
|
3
|
-
new_resource.container,
|
4
|
-
:base_dir => node[:lxc][:container_directory],
|
5
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
6
|
-
)
|
7
|
-
@loaded ||= {}
|
8
|
-
# value checks
|
9
|
-
unless(new_resource.dynamic)
|
10
|
-
%w(address netmask).each do |key|
|
11
|
-
raise "#{key} is required for static interfaces" if new_resource.send(key).nil?
|
12
|
-
end
|
13
|
-
end
|
14
|
-
node.run_state[:lxc] ||= Mash.new
|
15
|
-
node.run_state[:lxc][:interfaces] ||= Mash.new
|
16
|
-
node.run_state[:lxc][:interfaces][new_resource.container] ||= []
|
17
|
-
end
|
18
|
-
|
19
|
-
action :create do
|
20
|
-
raise 'Device is required for creating an LXC interface!' unless new_resource.device
|
21
|
-
|
22
|
-
unless(@loaded[new_resource.container])
|
23
|
-
@loaded[new_resource.container] = true
|
24
|
-
end
|
25
|
-
|
26
|
-
net_set = Mash.new(:device => new_resource.device)
|
27
|
-
if(new_resource.dynamic)
|
28
|
-
net_set[:dynamic] = true
|
29
|
-
else
|
30
|
-
net_set[:auto] = new_resource.auto
|
31
|
-
net_set[:address] = new_resource.address
|
32
|
-
net_set[:gateway] = new_resource.gateway
|
33
|
-
net_set[:netmask] = new_resource.netmask
|
34
|
-
net_set[:up] = new_resource.up if new_resource.up
|
35
|
-
net_set[:down] = new_resource.down if new_resource.down
|
36
|
-
net_set[:ipv6] = new_resource.ipv6
|
37
|
-
end
|
38
|
-
|
39
|
-
node.run_state[:lxc][:interfaces][new_resource.container] << net_set
|
40
|
-
end
|
41
|
-
|
42
|
-
action :delete do
|
43
|
-
# do nothing, simply not provided to run_state, and thus implicitly
|
44
|
-
# deleted
|
45
|
-
end
|
@@ -1,53 +0,0 @@
|
|
1
|
-
def load_current_resource
|
2
|
-
@lxc = ::Lxc.new(
|
3
|
-
new_resource.name,
|
4
|
-
:base_dir => node[:lxc][:container_directory],
|
5
|
-
:dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
|
6
|
-
)
|
7
|
-
if(new_resource.service_name.to_s.empty?)
|
8
|
-
new_resource.service_name new_resource.name
|
9
|
-
end
|
10
|
-
end
|
11
|
-
|
12
|
-
action :start do
|
13
|
-
if(@lxc.stopped?)
|
14
|
-
@lxc.start
|
15
|
-
new_resource.updated_by_last_action(true)
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
action :halt do
|
20
|
-
if(@lxc.running?)
|
21
|
-
@lxc.stop
|
22
|
-
new_resource.updated_by_last_action(true)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
action :restart do
|
27
|
-
if(@lxc.running?)
|
28
|
-
@lxc.shutdown
|
29
|
-
end
|
30
|
-
@lxc.start
|
31
|
-
new_resource.updated_by_last_action(true)
|
32
|
-
end
|
33
|
-
|
34
|
-
action :stop do
|
35
|
-
if(@lxc.running?)
|
36
|
-
@lxc.stop
|
37
|
-
new_resource.updated_by_last_action(true)
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
action :freeze do
|
42
|
-
if(@lxc.running?)
|
43
|
-
@lxc.freeze
|
44
|
-
new_resource.updated_by_last_action(true)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
action :unfreeze do
|
49
|
-
if(@lxc.frozen?)
|
50
|
-
@lxc.unfreeze
|
51
|
-
new_resource.updated_by_last_action(true)
|
52
|
-
end
|
53
|
-
end
|
@@ -1,13 +0,0 @@
|
|
1
|
-
# create the containers defined in the ['lxc']['containers'] hash
|
2
|
-
|
3
|
-
include_recipe "lxc"
|
4
|
-
|
5
|
-
node['lxc']['containers'].each do | name, container |
|
6
|
-
Chef::Log.info "Creating LXC container name:#{name}"
|
7
|
-
lxc_container name do
|
8
|
-
container.each do |meth, param|
|
9
|
-
self.send(meth, param)
|
10
|
-
end
|
11
|
-
action :create unless container.has_key?(:action)
|
12
|
-
end
|
13
|
-
end
|
@@ -1,58 +0,0 @@
|
|
1
|
-
# install the server dependencies to run lxc
|
2
|
-
node[:lxc][:packages].each do |lxcpkg|
|
3
|
-
package lxcpkg
|
4
|
-
end
|
5
|
-
|
6
|
-
include_recipe 'lxc::install_dependencies'
|
7
|
-
|
8
|
-
directory '/usr/local/bin' do
|
9
|
-
recursive true
|
10
|
-
end
|
11
|
-
|
12
|
-
cookbook_file '/usr/local/bin/lxc-awesome-ephemeral' do
|
13
|
-
source 'lxc-awesome-ephemeral'
|
14
|
-
mode 0755
|
15
|
-
end
|
16
|
-
|
17
|
-
#if the server uses the apt::cacher-client recipe, re-use it
|
18
|
-
unless Chef::Config[:solo]
|
19
|
-
if File.exists?('/etc/apt/apt.conf.d/01proxy')
|
20
|
-
query = 'recipes:apt\:\:cacher-ng'
|
21
|
-
query += " AND chef_environment:#{node.chef_environment}" if node['apt']['cacher-client']['restrict_environment']
|
22
|
-
Chef::Log.debug("apt::cacher-client searching for '#{query}'")
|
23
|
-
servers = search(:node, query)
|
24
|
-
if servers.length > 0
|
25
|
-
Chef::Log.info("apt-cacher-ng server found on #{servers[0]}.")
|
26
|
-
node.default[:lxc][:mirror] = "http://#{servers[0]['ipaddress']}:3142/archive.ubuntu.com/ubuntu"
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
template '/etc/default/lxc' do
|
32
|
-
source 'default-lxc.erb'
|
33
|
-
mode 0644
|
34
|
-
variables(
|
35
|
-
:config => {
|
36
|
-
:lxc_auto => node[:lxc][:auto_start],
|
37
|
-
:use_lxc_bridge => node[:lxc][:use_bridge],
|
38
|
-
:lxc_bridge => node[:lxc][:bridge],
|
39
|
-
:lxc_addr => node[:lxc][:addr],
|
40
|
-
:lxc_netmask => node[:lxc][:netmask],
|
41
|
-
:lxc_network => node[:lxc][:network],
|
42
|
-
:lxc_dhcp_range => node[:lxc][:dhcp_range],
|
43
|
-
:lxc_dhcp_max => node[:lxc][:dhcp_max],
|
44
|
-
:lxc_shutdown_timeout => node[:lxc][:shutdown_timeout],
|
45
|
-
:mirror => node[:lxc][:mirror]
|
46
|
-
}
|
47
|
-
)
|
48
|
-
end
|
49
|
-
|
50
|
-
# this just reloads the dnsmasq rules when the template is adjusted
|
51
|
-
service 'lxc-net' do
|
52
|
-
action [:enable]
|
53
|
-
subscribes :restart, resources("template[/etc/default/lxc]"), :immediately
|
54
|
-
end
|
55
|
-
|
56
|
-
service 'lxc' do
|
57
|
-
action [:enable, :start]
|
58
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# Fedora allowed? Needs yum and curl to download packages
|
2
|
-
if node[:lxc][:allowed_types].include?('fedora')
|
3
|
-
['yum', 'curl'].each do |pkg|
|
4
|
-
package pkg
|
5
|
-
end
|
6
|
-
end
|
7
|
-
|
8
|
-
# OpenSuse allowed? Needs zypper (no package available yet!)
|
9
|
-
# package 'zypper' if node[:lxc][:allowed_types].include?('opensuse')
|
10
|
-
raise 'OpenSuse not currently supported' if node[:lxc][:allowed_types].include?('opensuse')
|
11
|
-
|
12
|
-
#store a copy of the Omnibus installer for use by the lxc containers
|
13
|
-
if(node[:omnibus_updater] && node[:omnibus_updater][:cache_omnibus_installer])
|
14
|
-
include_recipe 'omnibus_updater::deb_downloader'
|
15
|
-
end
|
@@ -1,37 +0,0 @@
|
|
1
|
-
include_recipe 'lxc'
|
2
|
-
|
3
|
-
# This shuts down the default lxcbr0
|
4
|
-
node[:lxc][:use_bridge] = false
|
5
|
-
service 'lxc' do
|
6
|
-
action :stop
|
7
|
-
end
|
8
|
-
|
9
|
-
directory '/etc/knife-lxc' do
|
10
|
-
action :create
|
11
|
-
mode 0755
|
12
|
-
end
|
13
|
-
|
14
|
-
file '/etc/knife-lxc/config.json' do
|
15
|
-
mode 0644
|
16
|
-
content(
|
17
|
-
JSON.pretty_generate(
|
18
|
-
:addresses => {
|
19
|
-
:static => node[:lxc][:knife][:static_ips],
|
20
|
-
:range => node[:lxc][:knife][:static_range]
|
21
|
-
}
|
22
|
-
)
|
23
|
-
)
|
24
|
-
end
|
25
|
-
|
26
|
-
cookbook_file '/usr/local/bin/knife_lxc' do
|
27
|
-
source 'knife_lxc'
|
28
|
-
mode 0755
|
29
|
-
end
|
30
|
-
|
31
|
-
node[:lxc][:allowed_types].each do |type|
|
32
|
-
lxc_container "#{type}_base" do
|
33
|
-
template type
|
34
|
-
chef_enabled false
|
35
|
-
action :create
|
36
|
-
end
|
37
|
-
end
|
@@ -1,19 +0,0 @@
|
|
1
|
-
actions :create, :delete
|
2
|
-
default_action :create
|
3
|
-
|
4
|
-
attribute :utsname, :kind_of => String, :default => nil # defaults to resource name
|
5
|
-
attribute :aa_profile, :kind_of => String, :default => nil # platform specific?
|
6
|
-
attribute :network, :kind_of => [Array, Hash]
|
7
|
-
attribute :default_bridge, :kind_of => String
|
8
|
-
attribute :static_ip, :kind_of => String
|
9
|
-
attribute :pts, :kind_of => Numeric, :default => 1024
|
10
|
-
attribute :tty, :kind_of => Numeric, :default => 4
|
11
|
-
attribute :arch, :kind_of => String, :default => 'amd64'
|
12
|
-
attribute :devttydir, :kind_of => String, :default => 'lxc'
|
13
|
-
attribute :cgroup, :kind_of => Hash, :default => Mash.new
|
14
|
-
attribute :cap_drop, :kind_of => [String, Array], :default => %w(sys_module mac_admin)
|
15
|
-
attribute :mount, :kind_of => String
|
16
|
-
attribute :mount_entry, :kind_of => String
|
17
|
-
attribute :rootfs, :kind_of => [String,Pathname]
|
18
|
-
attribute :rootfs_mount, :kind_of => String
|
19
|
-
attribute :pivotdir, :kind_of => String
|