linux-lxc 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/linux/lxc/version.rb +5 -0
- data/lib/linux/lxc.rb +119 -0
- data/test/linux_lxc_test.rb +192 -0
- metadata +49 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: c35fca8caf7359999dc398d555d1ec956694e350
|
4
|
+
data.tar.gz: f6f67f5613ed298430178054a4fb722ef53d9346
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 507e65ce27c9717e6edd413c693b876cddbfacff2f3cc0e77fd1482570586606d44238edda1d51156641aa872a105abb08ef267a3d7a43ddc904bb37888e1ae0
|
7
|
+
data.tar.gz: 1723646ae1902658ef60650c5b559803ed2007c1e90d3d31e4fd4ce6930a0f417b87a77648c5482fc581a1a2fdf56d190ffcd438572499c5dbb287ed02fa34d0
|
data/lib/linux/lxc.rb
ADDED
@@ -0,0 +1,119 @@
|
|
1
|
+
require "linux/lxc/version"
|
2
|
+
|
3
|
+
module Linux
|
4
|
+
class Lxc
|
5
|
+
|
6
|
+
class Line
|
7
|
+
attr_reader :lxc, :line, :key
|
8
|
+
attr_accessor :value
|
9
|
+
def initialize(lxc, key, value)
|
10
|
+
@lxc = lxc
|
11
|
+
@line = lxc.lines.add(self).length
|
12
|
+
@key = key
|
13
|
+
@value = value
|
14
|
+
end
|
15
|
+
def file
|
16
|
+
@lxc.file
|
17
|
+
end
|
18
|
+
def to_s
|
19
|
+
if value
|
20
|
+
"#{key} = #{value}"
|
21
|
+
else
|
22
|
+
key
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
attr_reader :index, :lines
|
28
|
+
attr_accessor :file
|
29
|
+
|
30
|
+
class Lines
|
31
|
+
def initialize
|
32
|
+
@lines = []
|
33
|
+
end
|
34
|
+
def add(line)
|
35
|
+
@lines << line
|
36
|
+
@lines
|
37
|
+
end
|
38
|
+
def each(&block)
|
39
|
+
@lines.each { |line| block.call(line) }
|
40
|
+
end
|
41
|
+
def values
|
42
|
+
@lines.map{|i| i.value}
|
43
|
+
end
|
44
|
+
|
45
|
+
def [](idx)
|
46
|
+
@lines[idx]
|
47
|
+
end
|
48
|
+
|
49
|
+
def length
|
50
|
+
@lines.length
|
51
|
+
end
|
52
|
+
|
53
|
+
def first
|
54
|
+
@lines.first
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def initialize(file, index = {})
|
59
|
+
@file = file
|
60
|
+
@lines = Lines.new
|
61
|
+
@index = index
|
62
|
+
end
|
63
|
+
|
64
|
+
def get(key)
|
65
|
+
@index[key]
|
66
|
+
end
|
67
|
+
|
68
|
+
def add(key, value = nil)
|
69
|
+
key = key.strip
|
70
|
+
if value and value.instance_of?(String)
|
71
|
+
value = value.strip
|
72
|
+
end
|
73
|
+
line = Line.new(self, key, value)
|
74
|
+
path = ""
|
75
|
+
dot = ""
|
76
|
+
key.split('.').each do |element|
|
77
|
+
path += dot + element
|
78
|
+
dot = "."
|
79
|
+
@index[path] ||= Lines.new
|
80
|
+
@index[path].add(line)
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def write
|
85
|
+
File.open(file, 'w') do |f|
|
86
|
+
@lines.each do |line|
|
87
|
+
if line.key == "lxc.include"
|
88
|
+
line.value.write
|
89
|
+
end
|
90
|
+
f.write(line.to_s + "\n")
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def to_s
|
96
|
+
@file
|
97
|
+
end
|
98
|
+
|
99
|
+
def self.parse(file, index = {})
|
100
|
+
lxc = Lxc.new(file, index)
|
101
|
+
IO.read(file).lines.each do |line|
|
102
|
+
line = line.chop
|
103
|
+
if line.match(/^\s*$/) or line.match(/^\s*#.*$/)
|
104
|
+
lxc.add(line, nil)
|
105
|
+
else
|
106
|
+
match = line.match(/^\s*([a-z\.]+)\s*=\s*(.*)\s*$/)
|
107
|
+
throw "illegal line in #{@file}:#{@lines.length}" unless match
|
108
|
+
if match[1] == 'lxc.include'
|
109
|
+
lxc.add(match[1], parse(match[2], index))
|
110
|
+
else
|
111
|
+
lxc.add(match[1], match[2])
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
lxc
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
@@ -0,0 +1,192 @@
|
|
1
|
+
|
2
|
+
require 'rubygems'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'pry'
|
6
|
+
rescue
|
7
|
+
# it would be cool but-:)
|
8
|
+
end
|
9
|
+
|
10
|
+
require 'fileutils'
|
11
|
+
|
12
|
+
require 'rubygems'
|
13
|
+
require 'test/unit'
|
14
|
+
|
15
|
+
require 'tempfile'
|
16
|
+
|
17
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
18
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
19
|
+
require 'linux/lxc'
|
20
|
+
|
21
|
+
class LinuxLxcTest < Test::Unit::TestCase
|
22
|
+
def setup
|
23
|
+
@temp_dir = Dir.mktmpdir
|
24
|
+
@lxc_config = File.join(@temp_dir, "lxc.config")
|
25
|
+
File.write(@lxc_config, <<SAMPLE)
|
26
|
+
# Template used to create this container: /usr/share/lxc/templates/lxc-ubuntu
|
27
|
+
# Parameters passed to the template:
|
28
|
+
# For additional config options, please look at lxc.container.conf(5)
|
29
|
+
|
30
|
+
# Common configuration
|
31
|
+
lxc.include = #{@temp_dir}/ubuntu.common.conf
|
32
|
+
|
33
|
+
# Container specific configuration
|
34
|
+
lxc.rootfs = /var/lib/lxc/border-eth0/rootfs
|
35
|
+
lxc.mount = /var/lib/lxc/border-eth0/fstab
|
36
|
+
lxc.utsname = border-eth0
|
37
|
+
lxc.arch = amd64
|
38
|
+
|
39
|
+
# Network configuration
|
40
|
+
lxc.network.type = veth
|
41
|
+
lxc.network.flags = up
|
42
|
+
lxc.network.link = lxcbr0
|
43
|
+
lxc.network.hwaddr = 00:16:3e:67:03:4a
|
44
|
+
SAMPLE
|
45
|
+
@lxc_ubuntu_common_conf = File.join(@temp_dir, "ubuntu.common.conf")
|
46
|
+
File.write(@lxc_ubuntu_common_conf, <<SAMPLE)
|
47
|
+
# Default pivot location
|
48
|
+
lxc.pivotdir = lxc_putold
|
49
|
+
|
50
|
+
# Default mount entries
|
51
|
+
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
52
|
+
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
53
|
+
lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
|
54
|
+
lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
|
55
|
+
lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
|
56
|
+
lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
|
57
|
+
|
58
|
+
# Default console settings
|
59
|
+
lxc.devttydir = lxc
|
60
|
+
lxc.tty = 4
|
61
|
+
lxc.pts = 1024
|
62
|
+
|
63
|
+
# Default capabilities
|
64
|
+
lxc.cap.drop = sys_module mac_admin mac_override sys_time
|
65
|
+
|
66
|
+
# When using LXC with apparmor, the container will be confined by default.
|
67
|
+
# If you wish for it to instead run unconfined, copy the following line
|
68
|
+
# (uncommented) to the container's configuration file.
|
69
|
+
#lxc.aa_profile = unconfined
|
70
|
+
|
71
|
+
# To support container nesting on an Ubuntu host while retaining most of
|
72
|
+
# apparmor's added security, use the following two lines instead.
|
73
|
+
#lxc.aa_profile = lxc-container-default-with-nesting
|
74
|
+
#lxc.mount.auto = cgroup:mixed
|
75
|
+
|
76
|
+
# Uncomment the following line to autodetect squid-deb-proxy configuration on the
|
77
|
+
# host and forward it to the guest at start time.
|
78
|
+
#lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client
|
79
|
+
|
80
|
+
# If you wish to allow mounting block filesystems, then use the following
|
81
|
+
# line instead, and make sure to grant access to the block device and/or loop
|
82
|
+
# devices below in lxc.cgroup.devices.allow.
|
83
|
+
#lxc.aa_profile = lxc-container-default-with-mounting
|
84
|
+
|
85
|
+
# Default cgroup limits
|
86
|
+
lxc.cgroup.devices.deny = a
|
87
|
+
## Allow any mknod (but not using the node)
|
88
|
+
lxc.cgroup.devices.allow = c *:* m
|
89
|
+
lxc.cgroup.devices.allow = b *:* m
|
90
|
+
## /dev/null and zero
|
91
|
+
lxc.cgroup.devices.allow = c 1:3 rwm
|
92
|
+
lxc.cgroup.devices.allow = c 1:5 rwm
|
93
|
+
## consoles
|
94
|
+
lxc.cgroup.devices.allow = c 5:0 rwm
|
95
|
+
lxc.cgroup.devices.allow = c 5:1 rwm
|
96
|
+
## /dev/{,u}random
|
97
|
+
lxc.cgroup.devices.allow = c 1:8 rwm
|
98
|
+
lxc.cgroup.devices.allow = c 1:9 rwm
|
99
|
+
## /dev/pts/*
|
100
|
+
lxc.cgroup.devices.allow = c 5:2 rwm
|
101
|
+
lxc.cgroup.devices.allow = c 136:* rwm
|
102
|
+
## rtc
|
103
|
+
lxc.cgroup.devices.allow = c 254:0 rm
|
104
|
+
## fuse
|
105
|
+
lxc.cgroup.devices.allow = c 10:229 rwm
|
106
|
+
## tun
|
107
|
+
lxc.cgroup.devices.allow = c 10:200 rwm
|
108
|
+
## full
|
109
|
+
lxc.cgroup.devices.allow = c 1:7 rwm
|
110
|
+
## hpet
|
111
|
+
lxc.cgroup.devices.allow = c 10:228 rwm
|
112
|
+
## kvm
|
113
|
+
lxc.cgroup.devices.allow = c 10:232 rwm
|
114
|
+
## To use loop devices, copy the following line to the container's
|
115
|
+
## configuration file (uncommented).
|
116
|
+
#lxc.cgroup.devices.allow = b 7:* rwm
|
117
|
+
|
118
|
+
# Blacklist some syscalls which are not safe in privileged
|
119
|
+
# containers
|
120
|
+
lxc.seccomp = /usr/share/lxc/config/common.seccomp
|
121
|
+
SAMPLE
|
122
|
+
end
|
123
|
+
|
124
|
+
def teardown
|
125
|
+
FileUtils.remove_entry_secure @temp_dir
|
126
|
+
end
|
127
|
+
|
128
|
+
def test_reader
|
129
|
+
lxc = Linux::Lxc.parse(@lxc_config)
|
130
|
+
|
131
|
+
assert_equal lxc.get('lxc').length, 38
|
132
|
+
assert_equal lxc.get('lxc.network').length, 4
|
133
|
+
assert_equal lxc.get('lxc.network.hwaddr').length, 1
|
134
|
+
assert_equal lxc.get('lxc.network.murks'), nil
|
135
|
+
|
136
|
+
assert_equal lxc.get('lxc.cgroup.devices.allow').values[4], 'c 5:0 rwm'
|
137
|
+
assert_equal lxc.get('lxc.cgroup.devices.allow')[4].file, @lxc_ubuntu_common_conf
|
138
|
+
assert_equal lxc.get('lxc.cgroup.devices.allow')[4].line, 48
|
139
|
+
|
140
|
+
assert_equal lxc.get('lxc.network.hwaddr').values, ['00:16:3e:67:03:4a']
|
141
|
+
assert_equal lxc.get('lxc.network.hwaddr').first.file, @lxc_config
|
142
|
+
assert_equal lxc.get('lxc.network.hwaddr').first.line, 18
|
143
|
+
end
|
144
|
+
|
145
|
+
|
146
|
+
def test_from_scratch
|
147
|
+
lxc = Linux::Lxc.new(File.join(@temp_dir, "base"))
|
148
|
+
lxc.add("# base meno")
|
149
|
+
lxc.add("lxc.cgroup.devices.allow", "meno")
|
150
|
+
incl = Linux::Lxc.new(File.join(@temp_dir, "incl"))
|
151
|
+
lxc.add("lxc.include", incl)
|
152
|
+
incl.add("# include meno")
|
153
|
+
incl.add("lxc.network.hwaddr", '00:16:3e:67:03:4a')
|
154
|
+
lxc.write
|
155
|
+
|
156
|
+
lxc_read = Linux::Lxc.parse(lxc.file)
|
157
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow').values, ['meno']
|
158
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow').first.file, lxc.file
|
159
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow').first.line, 2
|
160
|
+
|
161
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').values, ['00:16:3e:67:03:4a']
|
162
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').first.file, incl.file
|
163
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').first.line, 2
|
164
|
+
end
|
165
|
+
|
166
|
+
def test_write
|
167
|
+
lxc = Linux::Lxc.parse(@lxc_config)
|
168
|
+
lxc.file = "#{@lxc_config}.new"
|
169
|
+
inc_file = "#{lxc.get('lxc.cgroup.devices.allow').first.lxc.file}.new"
|
170
|
+
lxc.get('lxc.cgroup.devices.allow').first.lxc.file = inc_file
|
171
|
+
lxc.get('lxc.cgroup.devices.allow')[5].value='meno'
|
172
|
+
assert_equal lxc.get('lxc.cgroup.devices.allow').values[5], 'meno'
|
173
|
+
|
174
|
+
lxc.get('lxc.network.hwaddr').first.value='construqt'
|
175
|
+
assert_equal lxc.get('lxc.network.hwaddr').values, ['construqt']
|
176
|
+
|
177
|
+
lxc.write
|
178
|
+
|
179
|
+
lxc_read = Linux::Lxc.parse(lxc.file)
|
180
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow').values[5], 'meno'
|
181
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow')[5].file, inc_file
|
182
|
+
assert_equal lxc_read.get('lxc.cgroup.devices.allow')[5].line, 49
|
183
|
+
|
184
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').values, ['construqt']
|
185
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').first.file, lxc.file
|
186
|
+
assert_equal lxc_read.get('lxc.network.hwaddr').first.line, 18
|
187
|
+
|
188
|
+
end
|
189
|
+
|
190
|
+
|
191
|
+
end
|
192
|
+
|
metadata
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: linux-lxc
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Meno Abels
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-09-19 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: Parse the output of ip addr on a linux system
|
14
|
+
email:
|
15
|
+
- meno.abels@adviser.com
|
16
|
+
executables: []
|
17
|
+
extensions: []
|
18
|
+
extra_rdoc_files: []
|
19
|
+
files:
|
20
|
+
- lib/linux/lxc.rb
|
21
|
+
- lib/linux/lxc/version.rb
|
22
|
+
- test/linux_lxc_test.rb
|
23
|
+
homepage: https://github.com/mabels/gem-linux-lxc
|
24
|
+
licenses:
|
25
|
+
- MIT
|
26
|
+
metadata: {}
|
27
|
+
post_install_message:
|
28
|
+
rdoc_options: []
|
29
|
+
require_paths:
|
30
|
+
- lib
|
31
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
32
|
+
requirements:
|
33
|
+
- - ">="
|
34
|
+
- !ruby/object:Gem::Version
|
35
|
+
version: '0'
|
36
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
requirements: []
|
42
|
+
rubyforge_project:
|
43
|
+
rubygems_version: 2.0.14
|
44
|
+
signing_key:
|
45
|
+
specification_version: 4
|
46
|
+
summary: Parse the output of ip addr on a linux system
|
47
|
+
test_files:
|
48
|
+
- test/linux_lxc_test.rb
|
49
|
+
has_rdoc:
|