vagrant-lxc 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 70552f58b3dff461e6c8f585b581fcbe48eb8e33
-  data.tar.gz: 1e83aa6c65f3c3d82f78902db6def724fe13c262
+  metadata.gz: 53e892dfb1ea3897de7672db8cee129a7f5b65c8
+  data.tar.gz: 9a2767f8b694f2c3a9bbb94674c9cef9c5eec8bc
 SHA512:
-  metadata.gz: d9c31869f568c381c36b49f5a2653d1479cb4598bb58c8b277afdd7e35b09f7db5613a493fe8eac58761cc23cc4dea52f93286a2883b3917fd59bbaaf8e29ee4
-  data.tar.gz: c82b8cb7240620f0d7e23e7969d73f16cf35752ef8044927de2fe3a027cf864cdb0b8819844bb6ace0d9f0afcc70dc07f1598db43b5f3d2707827e9af542e577
+  metadata.gz: ca4237b0ce604a2e66e0c53252d5d5b6491e764dee60ff76e224eb0669a6171b3321422ebcf84ad6ef4c99f756d807d9987a52e28f3050c5f5f9bbc85aa5dcc0
+  data.tar.gz: 1db202a14678a2a86cab86d4c0cc607d676b30d29b0a125193dc610f7452f19cd0dc0b43c0b0b5111d3cc43c5d6bf1a031e14b8b6d34d4c75be251b138ea5677

data/CHANGELOG.md

@@ -1,4 +1,29 @@
-## [0.4.0](https://github.com/fgrehm/vagrant-lxc/compare/v0.3.4...master) (unreleased)
+## [0.5.0](https://github.com/fgrehm/vagrant-lxc/compare/v0.4.0...v0.5.0) (Aug 1, 2013)
+
+BACKWARDS INCOMPATIBILITIES:
+
+  - To align with Vagrant's core behaviour, forwarded ports are no longer attached
+    to 127.0.0.1 and `redir`'s `--laddr` parameter is skipped in case the `:host_ip`
+    config is not provided, that means `redir` will listen on connections coming
+    from any of the host's IPs.
+
+FEATURES:
+
+  - Add support for salt-minion and add latest dev release for ubuntu codenamed saucy [#116](https://github.com/fgrehm/vagrant-lxc/pull/116)
+  - Add support for using a sudo wrapper script [#90](https://github.com/fgrehm/vagrant-lxc/issues/90)
+  - `redir` will log to `/var/log/syslog` if `REDIR_LOG` env var is provided
+
+IMPROVEMENTS:
+
+  - Error out if dependencies are not installed [#11](https://github.com/fgrehm/vagrant-lxc/issues/11) / [#112](https://github.com/fgrehm/vagrant-lxc/issues/112)
+  - Support for specifying host interface/ip for binding `redir` [#76](https://github.com/fgrehm/vagrant-lxc/issues/76)
+  - Add Vagrantfile VM name to the container name [#115](https://github.com/fgrehm/vagrant-lxc/issues/115)
+  - Properly handle forwarded port collisions [#5](https://github.com/fgrehm/vagrant-lxc/issues/5)
+  - Container's customizations are now written to the config file (usually
+    kept under `/var/lib/lxc/CONTAINER/config`) instead of passed in as a `-s`
+    parameter to `lxc-start`
+
+## [0.4.0](https://github.com/fgrehm/vagrant-lxc/compare/v0.3.4...v0.4.0) (Jul 18, 2013)
 
 FEATURES:
 

data/Gemfile

@@ -15,6 +15,8 @@ end
 
 group :development, :test do
   gem 'rake'
+  # Update https://github.com/fgrehm/vagrant-lxc/issues/111 once we are able to
+  # upgrade to a newer release
   gem 'rspec',       '~> 2.13.0'
   gem 'rspec-fire',  require: 'rspec/fire'
   gem 'rspec-spies', require: false

data/Gemfile.lock

@@ -1,20 +1,20 @@
 GIT
   remote: git://github.com/fgrehm/vagrant-cachier.git
-  revision: ae6cb5bcfbdbb2157867d77ded8f2b6f430c0f6c
+  revision: f5d9ce507239535326a0a0395c890cc7a27d73f1
   specs:
-    vagrant-cachier (0.2.0)
+    vagrant-cachier (0.3.0.dev)
 
 GIT
   remote: git://github.com/fgrehm/vagrant-pristine.git
-  revision: 45a8d75f048bd611e337583496eb2b48b6998bbd
+  revision: 5c400d7850fc5f98d9601b59f4c3bd74818650de
   specs:
-    vagrant-pristine (0.1.0)
+    vagrant-pristine (0.2.0)
 
 GIT
   remote: git://github.com/mitchellh/vagrant.git
-  revision: 6d26c86c4c3f65e2e59f4dda6bca9cd9235de704
+  revision: 2282a88f3dfde65b881758b4643480cba4468c4a
   specs:
-    vagrant (1.2.4.dev)
+    vagrant (1.2.7.dev)
       childprocess (~> 0.3.7)
       erubis (~> 2.7.0)
       i18n (~> 0.6.0)
@@ -25,7 +25,7 @@ GIT
 PATH
   remote: .
   specs:
-    vagrant-lxc (0.4.0)
+    vagrant-lxc (0.5.0)
 
 GEM
   remote: https://rubygems.org/
@@ -60,7 +60,7 @@ GEM
       rb-kqueue (>= 0.2)
     log4r (1.1.10)
     lumberjack (1.0.4)
-    method_source (0.8.1)
+    method_source (0.8.2)
     mime-types (1.23)
     multi_json (1.7.7)
     net-scp (1.1.2)
@@ -94,7 +94,7 @@ GEM
       multi_json (~> 1.0)
       simplecov-html (~> 0.7.1)
     simplecov-html (0.7.1)
-    slop (3.4.5)
+    slop (3.4.6)
     thor (0.18.1)
     vagrant-omnibus (1.1.0)
 

data/README.md

@@ -5,18 +5,16 @@
 [LXC](http://lxc.sourceforge.net/) provider for [Vagrant](http://www.vagrantup.com/) 1.1+
 
 This is a Vagrant plugin that allows it to control and provision Linux Containers
-as an alternative to the built in Vagrant VirtualBox provider for Linux hosts.
+as an alternative to the built in VirtualBox provider for Linux hosts.
 
 Check out this [blog post](http://fabiorehm.com/blog/2013/04/28/lxc-provider-for-vagrant)
 to see the plugin in action and find out more about it.
 
-## Features
+## Features / Limitations
 
-* Vagrant's `up`, `halt`, `reload`, `destroy`, `ssh`, `provision` and `package`
-* Shared folders
-* Provisioning with any built-in Vagrant provisioner
-* Port forwarding
-* Setting container's host name
+* Provides the same workflow as the Vagrant VirtualBox provider
+* Port forwarding via [`redir`](http://linux.die.net/man/1/redir)
+* Does not support private networks
 
 *Please refer to the [closed issues](https://github.com/fgrehm/vagrant-lxc/issues?labels=&milestone=&page=1&state=closed)
 and the [changelog](CHANGELOG.md) for most up to date information.*
@@ -27,7 +25,7 @@ and the [changelog](CHANGELOG.md) for most up to date information.*
 * [Vagrant 1.1+](http://downloads.vagrantup.com/)
 * lxc 0.7.5+
 * redir (if you are planning to use port forwarding)
-* A [bug-free](#help-im-unable-to-restart-containers) kernel
+* A [bug-free](https://github.com/fgrehm/vagrant-lxc/wiki/Troubleshooting#im-unable-to-restart-containers) kernel
 
 The plugin is known to work better and pretty much out of the box on Ubuntu 12.04+
 hosts and installing the dependencies on it basically means a `apt-get install lxc redir`
@@ -35,8 +33,8 @@ and a `apt-get update && apt-get dist-upgrade` to upgrade the kernel.
 
 Some manual steps are required to set up a Linode machine prior to using this
 plugin, please check https://github.com/fgrehm/vagrant-lxc/wiki/Usage-on-Linode
-for more information. The same applies to Debian hosts and documentation will be
-provided soon.
+for more information. Documentation on how to set things up for other distros
+[are welcome](https://github.com/fgrehm/vagrant-lxc/wiki) :)
 
 If you are on a Mac or Windows machine, you might want to have a look at this
 blog post for some ideas on how to set things up: http://the.taoofmac.com/space/HOWTO/Vagrant
@@ -89,12 +87,50 @@ Vagrant.configure("2") do |config|
 end
 ```
 
-This will make vagrant-lxc pass in `-s lxc.cgroup.memory.limit_in_bytes=1024M`
-to `lxc-start` when booting containers. This will override any previously value
-set from container's configuration file that is usually kept under
-`/var/lib/lxc/<container-name>/config`.
+vagrant-lxc will then write out `lxc.cgroup.memory.limit_in_bytes='1024M'` to the
+container config file (usually kept under `/var/lib/lxc/<container-name>/config`)
+prior to starting it.
 
-For other configuration options, please check [lxc.conf manpages](http://manpages.ubuntu.com/manpages/quantal/man5/lxc.conf.5.html).
+For other configuration options, please check the [lxc.conf manpages](http://manpages.ubuntu.com/manpages/quantal/man5/lxc.conf.5.html).
+
+
+### Avoiding `sudo` passwords
+
+This plugin requires **a lot** of `sudo`ing since [user namespaces](https://wiki.ubuntu.com/UserNamespace)
+are not supported on mainstream kernels. In order to work around that we can use
+a really dumb **AND INSECURE** Ruby wrapper script like the one below and add
+a `NOPASSWD` entry to our `/etc/sudoers` file:
+
+```ruby
+#!/usr/bin/env ruby
+exec ARGV.join(' ')
+```
+
+For example, you can save the code above under your `/usr/bin/lxc-vagrant-wrapper`,
+turn it into an executable script by running `chmod +x /usr/bin/lxc-vagrant-wrapper`
+and add the line below to your `/etc/sudoers` file:
+
+```
+USERNAME ALL=NOPASSWD:/usr/bin/lxc-vagrant-wrapper
+```
+
+*__WARNING__: the `/usr/bin/lxc-vagrant-wrapper` + `/etc/sudoers` combination
+above allows `USERNAME` to run any privileged command without a password. You
+might want to think twice before using that on a machine with sensitive data.*
+
+In order to tell vagrant-lxc to use that script when `sudo` is needed, you can
+pass in the path to the script as a configuration for the provider:
+
+```ruby
+Vagrant.configure("2") do |config|
+  config.vm.provider :lxc do |lxc|
+    lxc.sudo_wrapper = '/usr/bin/lxc-vagrant-wrapper'
+  end
+end
+```
+
+If you want to set the `sudo_wrapper` globally, just add the code above to your
+`~/.vagrant.d/Vagrantfile`.
 
 
 ### Base boxes
@@ -104,18 +140,6 @@ for a list of [pre built](https://github.com/fgrehm/vagrant-lxc/wiki/Base-boxes#
 base boxes and information on [how to build your own](https://github.com/fgrehm/vagrant-lxc/wiki/Base-boxes#building-your-own).
 
 
-## Current limitations
-
-* The plugin does not detect forwarded ports collision, right now you are
-  responsible for taking care of that.
-* There is a hell lot of `sudo`s involved and this will probably be around until
-  [user namespaces](https://wiki.ubuntu.com/LxcSecurity) are supported or I'm able to handle [#90](https://github.com/fgrehm/vagrant-lxc/issues/90)
-* [Does not tell you if dependencies are not met](https://github.com/fgrehm/vagrant-lxc/issues/11)
-  (will probably just throw up some random error)
-* + bunch of other [core features](https://github.com/fgrehm/vagrant-lxc/issues?labels=core&milestone=&page=1&state=open)
-  and some known [bugs](https://github.com/fgrehm/vagrant-lxc/issues?labels=bug&page=1&state=open)
-
-
 ## More information
 
 Please refer the [wiki](https://github.com/fgrehm/vagrant-lxc/wiki) for more

data/boxes/common/install-salt

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+cache=`readlink -f .`
+rootfs="${cache}/rootfs"
+
+echo "installing salt"
+chroot $rootfs apt-add-repository -y ppa:saltstack/salt
+chroot $rootfs apt-get update
+chroot $rootfs apt-get install salt-minion -y --force-yes
+
+rm -rf $rootfs/tmp/*

data/boxes/ubuntu/finalize

@@ -148,12 +148,18 @@ write_sourceslist()
 deb [arch=$2] $MIRROR ${release} main restricted universe multiverse
 deb [arch=$2] $MIRROR ${release}-updates main restricted universe multiverse
 deb [arch=$2] $SECURITY_MIRROR ${release}-security main restricted universe multiverse
+deb-src [arch=$2] $MIRROR ${release} main restricted universe multiverse
+deb-src [arch=$2] $MIRROR ${release}-updates main restricted universe multiverse
+deb-src [arch=$2] $SECURITY_MIRROR ${release}-security main restricted universe multiverse
 EOF
     else
         cat >> "$1/etc/apt/sources.list" << EOF
 deb $MIRROR ${release} main restricted universe multiverse
 deb $MIRROR ${release}-updates main restricted universe multiverse
 deb $SECURITY_MIRROR ${release}-security main restricted universe multiverse
+deb-src $MIRROR ${release} main restricted universe multiverse
+deb-src $MIRROR ${release}-updates main restricted universe multiverse
+deb-src $SECURITY_MIRROR ${release}-security main restricted universe multiverse
 EOF
     fi
 }
@@ -248,7 +254,7 @@ post_process()
     release=$2
     trim_container=$3
 
-    if [ $trim_container -eq 1 ]; then
+    if [[ $trim_container -eq 1 ]]; then
         trim $rootfs $release
     elif [ ! -f $rootfs/etc/init/container-detect.conf ]; then
         # Make sure we have a working resolv.conf

data/example/Vagrantfile

@@ -10,7 +10,6 @@ Vagrant.configure("2") do |config|
 
   config.vm.provider :lxc do |lxc|
     lxc.customize 'cgroup.memory.limit_in_bytes', '400M'
-    lxc.customize 'cgroup.memory.memsw.limit_in_bytes', '500M'
   end
 
   config.vm.provision :shell, :inline => <<-SCRIPT

data/lib/vagrant-lxc/action.rb

@@ -8,6 +8,8 @@ require 'vagrant-lxc/action/destroy'
 require 'vagrant-lxc/action/destroy_confirm'
 require 'vagrant-lxc/action/disconnect'
 require 'vagrant-lxc/action/compress_rootfs'
+require 'vagrant-lxc/action/fetch_ip_with_lxc_attach'
+require 'vagrant-lxc/action/fetch_ip_from_dnsmasq_leases'
 require 'vagrant-lxc/action/forced_halt'
 require 'vagrant-lxc/action/forward_ports'
 require 'vagrant-lxc/action/handle_box_metadata'
@@ -25,7 +27,6 @@ module Vagrant
       # machine back up with the new configuration.
       def self.action_reload
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::Call, Created do |env1, b2|
             if !env1[:result]
               b2.use Message, :not_created
@@ -44,10 +45,9 @@ module Vagrant
       # a bootup (i.e. not saved).
       def self.action_boot
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use ClearForwardedPorts
           b.use Vagrant::Action::Builtin::Provision
           b.use Vagrant::Action::Builtin::EnvSet, :port_collision_repair => true
-          # b.use PrepareForwardedPortCollisionParams
+          b.use Vagrant::Action::Builtin::HandleForwardedPortCollisions
           b.use ShareFolders
           b.use Vagrant::Action::Builtin::SetHostname
           b.use ForwardPorts
@@ -58,7 +58,6 @@ module Vagrant
       # This action just runs the provisioners on the machine.
       def self.action_provision
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::ConfigValidate
           b.use Vagrant::Action::Builtin::Call, Created do |env1, b2|
             if !env1[:result]
@@ -82,7 +81,6 @@ module Vagrant
       # A precondition of this action is that the container exists.
       def self.action_start
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::ConfigValidate
           b.use Vagrant::Action::Builtin::Call, IsRunning do |env, b2|
             # If the VM is running, then our work here is done, exit
@@ -97,7 +95,6 @@ module Vagrant
       # container, configuring metadata, and booting.
       def self.action_up
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::ConfigValidate
           b.use Vagrant::Action::Builtin::Call, Created do |env, b2|
             # If the VM is NOT created yet, then do the setup steps
@@ -115,7 +112,6 @@ module Vagrant
       # the virtual machine, gracefully or by force.
       def self.action_halt
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::Call, Created do |env, b2|
             if env[:result]
               # TODO: Remove this on / after 0.4
@@ -138,7 +134,6 @@ module Vagrant
       # freeing the resources of the underlying virtual machine.
       def self.action_destroy
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::Call, Created do |env1, b2|
             if !env1[:result]
               b2.use Message, :not_created
@@ -162,7 +157,6 @@ module Vagrant
       # This action packages the virtual machine into a single box file.
       def self.action_package
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use Vagrant::Action::Builtin::Call, Created do |env1, b2|
             if !env1[:result]
               b2.use Message, :not_created
@@ -177,10 +171,19 @@ module Vagrant
         end
       end
 
+      # This action is called to read the IP of the container. The IP found
+      # is expected to be put into the `:machine_ip` key.
+      def self.action_fetch_ip
+        Vagrant::Action::Builder.new.tap do |b|
+          b.use Vagrant::Action::Builtin::ConfigValidate
+          b.use FetchIpWithLxcAttach
+          b.use FetchIpFromDnsmasqLeases
+        end
+      end
+
       # This is the action that will exec into an SSH shell.
       def self.action_ssh
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use CheckCreated
           b.use CheckRunning
           b.use Vagrant::Action::Builtin::SSHExec
@@ -190,7 +193,6 @@ module Vagrant
       # This is the action that will run a single SSH command.
       def self.action_ssh_run
         Vagrant::Action::Builder.new.tap do |b|
-          # b.use CheckDependencies
           b.use CheckCreated
           b.use CheckRunning
           b.use Vagrant::Action::Builtin::SSHRun

data/lib/vagrant-lxc/action/clear_forwarded_ports.rb

@@ -15,7 +15,7 @@ module Vagrant
             redir_pids.each do |pid|
               next unless is_redir_pid?(pid)
               @logger.debug "Killing pid #{pid}"
-              system "sudo pkill -TERM -P #{pid}"
+              system "pkill -TERM -P #{pid}"
             end
 
             remove_redir_pids

data/lib/vagrant-lxc/action/create.rb

@@ -7,7 +7,7 @@ module Vagrant
         end
 
         def call(env)
-          container_name = env[:root_path].basename.to_s
+          container_name = "#{env[:root_path].basename.to_s}_#{env[:machine].name}"
           container_name.gsub!(/[^-a-z0-9_]/i, "")
           container_name << "-#{Time.now.to_i}"
 

data/lib/vagrant-lxc/action/fetch_ip_from_dnsmasq_leases.rb

@@ -0,0 +1,48 @@
+module Vagrant
+  module LXC
+    module Action
+      class FetchIpFromDnsmasqLeases
+        def initialize(app, env)
+          @app    = app
+          @logger = Log4r::Logger.new("vagrant::lxc::action::fetch_ip_from_dnsmasq_leases")
+        end
+
+        def call(env)
+          env[:machine_ip] ||= assigned_ip(env)
+          @app.call(env)
+        end
+
+        def assigned_ip(env)
+          mac_address = env[:machine].provider.driver.mac_address
+          ip = nil
+          10.times do
+            dnsmasq_leases = read_dnsmasq_leases
+            @logger.debug 'Attempting to load ip from dnsmasq leases'
+            @logger.debug dnsmasq_leases
+            if dnsmasq_leases =~ /#{Regexp.escape mac_address}\s+([0-9.]+)\s+/
+              ip = $1.to_s
+              break
+            else
+              @logger.debug 'Ip could not be parsed from dnsmasq leases file'
+              sleep 2
+            end
+          end
+          ip
+        end
+
+        LEASES_PATHS = %w(
+          /var/lib/misc/dnsmasq.*.leases
+          /var/lib/misc/dnsmasq.leases
+          /var/lib/dnsmasq/dnsmasq.leases
+          /var/db/dnsmasq.leases
+        )
+
+        def read_dnsmasq_leases
+          Dir["{#{LEASES_PATHS.join(',')}}"].map do |file|
+            File.read(file)
+          end.join("\n")
+        end
+      end
+    end
+  end
+end