Skip to content

L
lxc
Switch branch/tag
  1. 11 Oct, 2017 1 commit
    • lxccontainer: implement container live patching · 0d9cd9c3
      Christian Brauner authored 
      This adds set_running_config_item() which is the analogue of
get_running_config_item(). In essence it allows a caller to livepatch the
container's in-memory configuration. This POC is severly limited. Here are the
most obvious ones:
- Only the container's in-memory config can be updated but no further actions
  (e.g. on-disk actions) are made.
- Only keys in the "lxc.net." namespace can be changed. This POC also allows
  updating an existing network. For example it allows to change the network
  type of an existing network. This is obviously nonsense and in a non-POC
  implementation this should be blocked.

Use Case:
Callers can hotplug a new network for the container. For example, LXD can
create a pair of veth devices in the host and in the container and add it to
the container's in-memory config. This means, the container can later be
queried for the name of the device later on etc. Note that liblxc will
currently not delete hotplugged network devices on container shutdown since it
won't have the ifindex of the container.

Relates to https://github.com/lxc/lxd/issues/3920 .
Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
  3. 06 Oct, 2017 4 commits
  5. 05 Oct, 2017 4 commits
  7. 04 Oct, 2017 1 commit
    • implement lxc_string_split_quoted · 3dca1af0
      Serge Hallyn authored 
      lxc_string_split_quoted() splits a string on spaces, but keeps
groups in single or double qoutes together.  In other words,
generally what we'd want for argv behavior.

Switch lxc-execute to use this for lxc.execute.cmd.

Switch lxc-oci template to put the lxc.execute.cmd inside single
quotes, because parse_line() will eat those.  If we don't do that,
then if we have lxc.execute.cmd = /bin/echo "hello, world", then the
last double quote will disappear.
Signed-off-by: 's avatarSerge Hallyn <shallyn@cisco.com>
  9. 03 Oct, 2017 4 commits
  11. 02 Oct, 2017 5 commits
  13. 01 Oct, 2017 1 commit
  15. 30 Sep, 2017 1 commit
    • add a start-host hook (v2) · 08dd2805
      Serge Hallyn authored 
      This should satisfy several use cases.  The one I tested for was CNI.
I replaced the network configuration in a root owned container with:

lxc.net.0.type = empty
lxc.hook.start-host = /bin/lxc-start-netns

where /bin/lxc-start-netns contained:

=================================

echo "starting" > /tmp/debug
ip link add host1 type veth peer name peer1
ip link set host1 master lxcbr0
ip link set host1 up
ip link set peer1 netns "${LXC_PID}"
=================================

The nic 'peer1' was placed into the container as expected.

For this to work, we pass the container init's pid as LXC_PID in
an environment variable, since lxc-info cannot work at that point.
Signed-off-by: 's avatarSerge Hallyn <shallyn@cisco.com>
  17. 29 Sep, 2017 2 commits
  19. 28 Sep, 2017 2 commits
  21. 27 Sep, 2017 2 commits
  23. 25 Sep, 2017 2 commits
  25. 24 Sep, 2017 1 commit
  27. 23 Sep, 2017 1 commit
  29. 20 Sep, 2017 4 commits
  31. 19 Sep, 2017 5 commits