Skip to content

L
lxc
Switch branch/tag
  1. 27 Jun, 2013 1 commit
  3. 24 Jun, 2013 2 commits
  5. 19 Jun, 2013 1 commit
  7. 18 Jun, 2013 1 commit
  9. 13 Jun, 2013 1 commit
  11. 12 Jun, 2013 2 commits
    • console API improvements · b5159817
      Dwight Engen authored 
      Add a higher level console API that opens a tty/console and runs the
mainloop as well. Rename existing API to console_getfd(). Use these in
the python binding.

Allow attaching a console peer after container bootup, including if the
container was launched with -d. This is made possible by allocation of a
"proxy" pty as the peer when the console is attached to.

Improve handling of SIGWINCH, the pty size will be correctly set at the
beginning of a session and future changes when using the lxc_console() API
will be propagated to it as well.

Refactor some common code between lxc_console.c and console.c. The variable
wait4q (renamed to saw_escape) was static, making the mainloop callback not
safe across threads. This wasn't a problem when the callback was in the
non-threaded lxc-console, but now that it is internal to console.c, we have
to take care of it. This is now contained in a per-tty state structure.

Don't attempt to open /dev/null as the console peer since /dev/null cannot
be added to the mainloop (epoll_ctl() fails with EPERM). This isn't needed
to get the console setup (and the log to work) since the case of not having
a peer at console init time has to be handled to allow for attaching to it
later.

Move signalfd libc wrapper/replacement to utils.h.
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxc-init: continue even if we fail to mount /dev/mqueue · 5d4d3ebb
      Natanael Copa authored 
      The 'lxc-init' (a lightweight init process used by lxc-execute in place
of upstart etc) tries to mount /dev/mqueue during startup. If that fails
(for instance due to missing support for mqueue in kernel) then it
aborts execution and returns -1. This is unreasonable as very few
applications actually need /dev/mqueue.

This similar to what we do with /dev/shm.
Signed-off-by: 's avatarNatanael Copa <ncopa@alpinelinux.org>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  13. 11 Jun, 2013 1 commit
  15. 10 Jun, 2013 6 commits
  17. 05 Jun, 2013 2 commits
  19. 03 Jun, 2013 7 commits
  21. 31 May, 2013 4 commits
  23. 29 May, 2013 4 commits
  25. 28 May, 2013 2 commits
  27. 26 May, 2013 1 commit
    • Move container creation fully into the api · 1897e3bc
      Serge Hallyn authored 
      1. implement bdev->create:

python and lua: send NULL for bdevtype and bdevspecs.
They'll want to be updated to pass those in in a way that makes
sense, but I can't think about that right now.

2. templates: pass --rootfs

If the container is backed by a device which must be mounted (i.e.
lvm) then pass the actual rootfs mount destination to the
templates.

Note that the lxc.rootfs can be a mounted block device.  The template
should actually be installing the rootfs under the path where the
lxc.rootfs is *mounted*.

Still, some people like to run templates by hand and assume purely
directory backed containers, so continue to support that use case
(i.e. if no --rootfs is listed).

Make sure the templates don't re-write lxc.rootfs if it is
already in the config.  (Most were already checking for that)

3. Replace lxc-create script with lxc_create.c program.

Changelog:
May 24: when creating a container, create $lxcpath/$name/partial,
and flock it.  When done, close that file and unlink it.  In
lxc_container_new() and lxcapi_start(), check for this file.  If
it is locked, create is ongoing.  If it exists but is not locked,
create() was killed - remove the container.

May 24: dont disk-lock during lxcapi_create.  The partial lock
is sufficient.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
  29. 25 May, 2013 5 commits
    • destroy: implement in the api · 60bf62d4
      Serge Hallyn authored 
      This requires implementing bdev->ops->destroy() for each of the backing
store types.  Then implementing lxcapi_clone(), writing lxc_destroy.c
using the api, and removing the lxc-destroy.in script.

(this also has a few other cleanups, like marking some functions
static)

Changelog:
	fold into destroy: fix zfs destroy
	destroy: use correct program name in help
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • lxc-stop: use api, remove lxc_shutdown, extend lxc-stop functionality · 3e625e2d
      Serge Hallyn authored 
      implement c->reboot(c) in the api.

Also if the container is not running, return -2.  Currently
lxc-stop will return 0, so you cannot tell the difference
between successfull stopping and noop.

Per stgraber's email:

 - Remove lxc-shutdown
 - Change lxc-stop so that:
   * Default behaviour is to call shutdown(), wait 15s for STOPPED, if
not STOPPED, print a message to the user and call stop() [ NOTE:
actually 60 seconds per followup thread]
   * We have a -r option to reboot the container (with proper check that
the container indeed rebooted within the next 15s)
   * We have a -s option to shutdown the container without the automatic
fallback to stop()
   * Add a -k option allowing a user to just kill a container
(equivalent to old lxc-stop, no shutdown() call and no delay).

and update manpages.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • locking: update per Dwight's comment · 5cee8c50
      Serge Hallyn authored 
      Create three pairs of functions:
	int process_lock(void);
	void process_unlock(void);
	int container_mem_lock(struct lxc_container *c)
	void container_mem_unlock(struct lxc_container *c)
	int container_disk_lock(struct lxc_container *c);
	void container_disk_unlock(struct lxc_container *c);

and use those in lxccontainer.c

process_lock() is to protect the process state among multiple threads.
container_mem_lock() is to protect a struct container among multiple
threads.  container_disk_lock is to protect a container on disk.

Also remove the lock in lxcapi_init_pid() as Dwight suggested.

Fix a typo (s/container/contain) spotted by Dwight.

More locking fixes are needed, but let's first the the fundamentals
right.  How close does this get us?

Changelog: v2:
	fix lxclock compile
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: 's avatarDwight Engen <dwight.engen@oracle.com>
    • lxclock: Replace named sempahore with flock · df271a59
      Serge Hallyn authored 
      The problem: if a task is killed while holding a posix semaphore,
there appears to be no way to have the semaphore be reliably
autmoatically released.  The only trick which seemed promising
is to store the pid of the lock holder in some file and have
later lock seekers check whether that task has died.

Instead of going down that route, this patch switches from a
named posix semaphore to flock.  The advantage is that when
the task is killed, its fds are closed and locks are automatically
released.

The disadvantage of flock is that we can't rely on it to exclude
threads.  Therefore c->slock must now always be wrapped inside
c->privlock.

This patch survived basic testing with the lxcapi_create patchset,
where now killing lxc-create while it was holding the lock did
not lock up future api commands.
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>
    • fix memory leaks in cgroup functions · 2acf7795
      Dwight Engen authored 
      There were several memory leaks in the cgroup functions, notably in the
success cases.

The cgpath test program was refactored and additional tests added to it.
It was used in various modes under valgrind to test that the leaks were
fixed.

Simplify lxc_cgroup_path_get() and cgroup_path_get by having them return a
char * instead of an int and an output char * argument. The only return
values ever used were -1 and 0, which are now handled with NULL and non-NULL
returns respectively.

Use consistent variable names of cgabspath when refering to an absolute path
to a cgroup subsystem or file, and cgrelpath when refering to a container
"group/name" within the cgroup heirarchy.

Remove unused subsystem argument to lxc_cmd_get_cgroup_path().

Remove unused #define MAXPRIOLEN

Make template arg to lxcapi_create() const
Signed-off-by: 's avatarDwight Engen <dwight.engen@oracle.com>
Signed-off-by: 's avatarSerge Hallyn <serge.hallyn@ubuntu.com>