vagabond 0.1.0

data/lib/vagabond/cookbooks/lxc/libraries/lxc.rb

@@ -0,0 +1,279 @@
+class Lxc
+  class CommandFailed < StandardError
+  end
+  
+  attr_reader :name
+
+  class << self
+
+    attr_accessor :use_sudo
+
+    def sudo
+      case use_sudo
+      when TrueClass
+        'sudo '
+      when String
+        "#{use_sudo} "
+      end
+    end
+        
+    # List running containers
+    def running
+      full_list[:running]
+    end
+
+    # List stopped containers
+    def stopped
+      full_list[:stopped]
+    end
+
+    # List frozen containers
+    def frozen
+      full_list[:frozen]
+    end
+
+    # name:: name of container
+    # Returns if container exists
+    def exists?(name)
+      list.include?(name)
+    end
+
+    # List of containers
+    def list
+      %x{#{sudo}lxc-ls}.split("\n").uniq
+    end
+
+    # name:: Name of container
+    # Returns information about given container
+    def info(name)
+      res = {:state => nil, :pid => nil}
+      info = %x{#{sudo}lxc-info -n #{name}}.split("\n")
+      parts = info.first.split(' ')
+      res[:state] = parts.last.downcase.to_sym
+      parts = info.last.split(' ')
+      res[:pid] = parts.last.to_i
+      res
+    end
+
+    # Return full container information list
+    def full_list
+      res = {}
+      list.each do |item|
+        item_info = info(item)
+        res[item_info[:state]] ||= []
+        res[item_info[:state]] << item
+      end
+      res
+    end
+
+    # ip:: IP address
+    # Returns if IP address is alive
+    def connection_alive?(ip)
+      %x{ping -c 1 -W 1 #{ip}}
+      $?.exitstatus == 0
+    end
+  end
+
+  # name:: name of container
+  # args:: Argument hash
+  #   - :base_path -> path to container directory
+  #   - :dnsmasq_lease_file -> path to lease file
+  def initialize(name, args={})
+    @name = name
+    @base_path = args[:base_path] || '/var/lib/lxc'
+    @lease_file = args[:dnsmasq_lease_file] || '/var/lib/misc/dnsmasq.leases'
+  end
+
+  # Returns if container exists
+  def exists?
+    self.class.exists?(name)
+  end
+
+  # Returns if container is running
+  def running?
+    self.class.info(name)[:state] == :running
+  end
+
+  # Returns if container is stopped
+  def stopped?
+    self.class.info(name)[:state] == :stopped
+  end
+ 
+  # Returns if container is frozen
+  def frozen?
+    self.class.info(name)[:state] == :frozen
+  end
+
+  # retries:: Number of discovery attempt (3 second sleep intervals)
+  # Returns container IP
+  def container_ip(retries=0, raise_on_fail=false)
+    retries.to_i.times do
+      ip = hw_detected_address || leased_address || lxc_stored_address
+      return ip if ip && self.class.connection_alive?(ip)
+      Chef::Log.warn "LXC IP discovery: Failed to detect live IP"
+      sleep(3)
+    end
+    raise "Failed to detect live IP address for container: #{name}" if raise_on_fail
+  end
+
+  # Container address via lxc config file
+  def lxc_stored_address
+    ip = File.readlines(container_config).detect{|line|
+      line.include?('ipv4')
+    }.to_s.split('=').last.to_s.strip
+    if(ip.to_s.empty?)
+      nil
+    else
+      Chef::Log.info "LXC Discovery: Found container address via storage: #{ip}"
+      ip
+    end
+  end
+
+  # Container address via dnsmasq lease
+  def leased_address
+    ip = nil
+    if(File.exists?(@lease_file))
+      leases = File.readlines(@lease_file).map{|line| line.split(' ')}
+      leases.each do |lease|
+        if(lease.include?(name))
+          ip = lease[2]
+        end
+      end
+    end
+    if(ip.to_s.empty?)
+      nil
+    else
+      Chef::Log.info "LXC Discovery: Found container address via DHCP lease: #{ip}"
+      ip
+    end
+  end
+
+  def hw_detected_address
+    hw = File.readlines(container_config).detect{|line|
+      line.include?('hwaddr')
+    }.to_s.split('=').last.to_s.strip
+    running? # need to do a list!
+    ip = File.readlines('/proc/net/arp').detect{|line|
+      line.include?(hw)
+    }.to_s.split(' ').first.to_s.strip
+    if(ip.to_s.empty?)
+      nil
+    else
+      Chef::Log.info "LXC Discovery: Found container address via HW addr: #{ip}"
+      ip
+    end
+  end
+  
+  def sudo
+    self.class.sudo
+  end
+    
+  # Full path to container
+  def container_path
+    File.join(@base_path, name)
+  end
+  alias_method :path, :container_path
+
+  # Full path to container configuration file
+  def container_config
+    File.join(container_path, 'config')
+  end
+  alias_method :config, :container_config
+
+  def container_rootfs
+    File.join(container_path, 'rootfs')
+  end
+  alias_method :rootfs, :container_rootfs
+
+  def expand_path(path)
+    File.join(container_rootfs, path)
+  end
+
+  # Start the container
+  def start
+    run_command("#{sudo}lxc-start -n #{name} -d")
+    run_command("#{sudo}lxc-wait -n #{name} -s RUNNING", :allow_failure_retry => 2)
+  end
+
+  # Stop the container
+  def stop
+    run_command("#{sudo}lxc-stop -n #{name}")
+    run_command("#{sudo}lxc-wait -n #{name} -s STOPPED", :allow_failure_retry => 2)
+  end
+  
+  # Freeze the container
+  def freeze
+    run_command("#{sudo}lxc-freeze -n #{name}")
+    run_command("#{sudo}lxc-wait -n #{name} -s FROZEN", :allow_failure_retry => 2)
+  end
+
+  # Unfreeze the container
+  def unfreeze
+    run_command("#{sudo}lxc-unfreeze -n #{name}")
+    run_command("#{sudo}lxc-wait -n #{name} -s RUNNING", :allow_failure_retry => 2)
+  end
+
+  # Shutdown the container
+  def shutdown
+    run_command("#{sudo}lxc-shutdown -n #{name}")
+    run_command("#{sudo}lxc-wait -n #{name} -s STOPPED", :allow_failure_retry => 2)
+  end
+
+  def knife_container(cmd, ip)
+    require 'chef/knife/ssh'
+    Chef::Knife::Ssh.load_deps
+    k = Chef::Knife::Ssh.new([
+      ip, '-m', '-i', '/opt/hw-lxc-config/id_rsa', '--no-host-key-verify', cmd
+    ])
+    e = nil
+    begin
+      e = k.run
+    rescue SystemExit => e
+    end
+    raise CommandFailed.new(cmd) if e.nil? || e != 0
+  end
+
+  # Simple helper to shell out
+  def run_command(cmd, args={})
+    retries = args[:allow_failure_retry].to_i
+    begin
+      shlout = Mixlib::ShellOut.new(cmd, 
+        :logger => Chef::Log.logger, 
+        :live_stream => STDOUT
+      )
+      shlout.run_command
+      shlout.error!
+    rescue Mixlib::ShellOut::ShellCommandFailed, CommandFailed
+      if(args[:allow_failure])
+        true
+      elsif(retries > 0)
+        Chef::Log.warn "LXC run command failed: #{cmd}"
+        Chef::Log.warn "Retrying command. #{args[:allow_failure_retry].to_i - retries} of #{args[:allow_failure_retry].to_i} retries remain"
+        retries -= 1
+        retry
+      else
+        raise
+      end
+    end
+  end
+
+  # cmd:: Shell command string
+  # retries:: Number of retry attempts (1 second sleep interval)
+  # Runs command in container via ssh
+  def container_command(cmd, retries=1)
+    begin
+      knife_container(cmd, container_ip(5))
+    rescue => e
+      if(retries.to_i > 0)
+        Chef::Log.info "Encountered error running container command (#{cmd}): #{e}"
+        Chef::Log.info "Retrying command..."
+        retries = retries.to_i - 1
+        sleep(1)
+        retry
+      else
+        raise e
+      end
+    end
+  end
+
+end

data/lib/vagabond/cookbooks/lxc/libraries/lxc_expanded_resources.rb

@@ -0,0 +1,40 @@
+module ChefLxc
+  module Resource
+
+    def container(arg=nil)
+      set_or_return(:container, arg, :kind_of => [String], :required => true)
+    end
+
+    def lxc
+      @lxc ||= Lxc.new(
+        @container,
+        :base_dir => node[:lxc][:container_directory]
+      )
+    end
+
+    def path(arg=nil)
+      arg ? super(arg) : lxc.expand_path(super(arg))
+    end
+
+    def self.included(base)
+      base.class_eval do
+        def initialize(*args)
+          super
+          @container = nil
+        end
+      end
+    end
+  end
+end
+
+class Chef
+  class Resource
+    class LxcTemplate < Template
+      include ChefLxc::Resource
+    end
+
+    class LxcFile < File
+      include ChefLxc::Resource
+    end
+  end
+end

data/lib/vagabond/cookbooks/lxc/libraries/lxc_file_config.rb

@@ -0,0 +1,81 @@
+class LxcFileConfig
+
+  attr_reader :network
+  attr_reader :base
+
+  class << self
+    def generate_config(resource)
+      config = []
+      config << "lxc.utsname = #{resource.utsname}"
+      [resource.network].flatten.each do |net_hash|
+        nhsh = Mash.new(net_hash)
+        flags = nhsh.delete(:flags)
+        %w(type link).each do |k|
+          config << "lxc.network.#{k} = #{nhsh.delete(k)}" if nhsh[k]
+        end
+        nhsh.each_pair do |k,v|
+          config << "lxc.network.#{k} = #{v}"
+        end
+        if(flags)
+          config << "lxc.network.flags = #{flags}"
+        end
+      end
+      if(resource.cap_drop)
+        config << "lxc.cap.drop = #{Array(resource.cap_drop).join(' ')}"
+      end
+      %w(pts tty arch devttydir mount mount_entry rootfs rootfs_mount pivotdir).each do |k|
+        config << "lxc.#{k.sub('_', '.')} = #{resource.send(k)}" if resource.send(k)
+      end
+      prefix = 'lxc.cgroup'
+      resource.cgroup.each_pair do |key, value|
+        if(value.is_a?(Array))
+          value.each do |val|
+            config << "#{prefix}.#{key} = #{val}"
+          end
+        else
+          config << "#{prefix}.#{key} = #{value}"
+        end
+      end
+      config.join("\n") + "\n"
+    end
+
+  end
+
+  def initialize(path)
+    raise 'LXC config file not found' unless File.exists?(path)
+    @path = path
+    @network = []
+    @base = Mash.new
+    parse!
+  end
+
+  private
+
+  def parse!
+    cur_net = nil
+    File.readlines(@path).each do |line|
+      if(line.start_with?('lxc.network'))
+        parts = line.split('=')
+        name = parts.first.split('.').last.strip
+        if(name.to_sym == :type)
+          @network << cur_net if cur_net
+          cur_net = Mash.new
+        end
+        if(cur_net)
+          cur_net[name] = parts.last.strip
+        else
+          raise "Expecting 'lxc.network.type' to start network config block. Found: 'lxc.network.#{name}'"
+        end
+      else
+        parts = line.split('=')
+        name = parts.first.sub('lxc.', '').strip
+        if(@base[name])
+          @base[name] = [@base[name], parts.last.strip].flatten
+        else
+          @base[name] = parts.last
+        end
+      end
+    end
+    @network << cur_net if cur_net
+  end
+end

data/lib/vagabond/cookbooks/lxc/metadata.rb

@@ -0,0 +1,11 @@
+maintainer       "Chris Roberts"
+maintainer_email "chrisroberts.code@gmail.com"
+license          "Apache 2.0"
+description      "Chef driven Linux Containers"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version          "0.1.1"
+
+supports 'ubuntu', '12.04'
+
+depends 'omnibus_updater'
+suggests 'bridger'

data/lib/vagabond/cookbooks/lxc/providers/config.rb

@@ -0,0 +1,82 @@
+require 'securerandom'
+
+def load_current_resource
+  new_resource._lxc Lxc.new(
+    new_resource.name,
+    :base_dir => node[:lxc][:container_directory],
+    :dnsmasq_lease_file => node[:lxc][:dnsmasq_lease_file]
+  )
+  new_resource.utsname new_resource.name unless new_resource.utsname
+  new_resource.rootfs new_resource._lxc.rootfs unless new_resource.rootfs
+  new_resource.default_bridge node[:lxc][:bridge] unless new_resource.default_bridge
+  new_resource.mount ::File.join(new_resource._lxc.path, 'fstab') unless new_resource.mount
+  config = LxcFileConfig.new(new_resource._lxc.container_config)
+  if((new_resource.network.nil? || new_resource.network.empty?))
+    if(config.network.empty?)
+      default_net = {
+        :type => :veth,
+        :link => new_resource.default_bridge,
+        :flags => :up,
+        :hwaddr => "00:16:3e#{SecureRandom.hex(3).gsub(/(..)/, ':\1')}"
+      }
+      default_net.merge!(:ipv4 => new_resource.static_ip) if new_resource.static_ip
+    else
+      default_net = config.network.first
+      default_net.merge!(:link => new_resource.default_bridge)
+      default_net.merge!(:ipv4 => new_resource.static_ip) if new_resource.static_ip
+    end
+    new_resource.network(default_net)
+  else
+    [new_resource.network].flatten.each_with_index do |net_hash, idx|
+      if(config.network[idx].nil? || config.network[idx][:hwaddr].nil?)
+        net_hash[:hwaddr] ||= "00:16:3e#{SecureRandom.hex(3).gsub(/(..)/, ':\1')}"
+      end
+    end
+  end
+  new_resource.cgroup(
+    Chef::Mixin::DeepMerge.merge(
+      Mash.new(
+        'devices.deny' => 'a',
+        'devices.allow' => [
+          'c *:* m',
+          'b *:* m',
+          'c 1:3 rwm',
+          'c 1:5 rwm',
+          'c 5:1 rwm',
+          'c 5:0 rwm',
+          'c 1:9 rwm',
+          'c 1:8 rwm',
+          'c 136:* rwm',
+          'c 5:2 rwm',
+          'c 254:0 rwm',
+          'c 10:229 rwm',
+          'c 10:200 rwm',
+          'c 1:7 rwm',
+          'c 10:228 rwm',
+          'c 10:232 rwm'
+        ]
+      ),
+      new_resource.cgroup
+    )
+  )
+end
+
+action :create do
+  ruby_block "lxc config_updater[#{new_resource.utsname}]" do
+    block do
+      new_resource.updated_by_last_action(true)
+    end
+    action :nothing
+  end
+
+  directory new_resource._lxc.container_path do
+    action :create
+  end
+
+  file "lxc update_config[#{new_resource.utsname}]" do
+    path new_resource._lxc.container_config
+    content LxcFileConfig.generate_config(new_resource)
+    mode 0644
+    notifies :create, resources(:ruby_block => "lxc config_updater[#{new_resource.utsname}]"), :immediately
+  end
+end