← Back to branch summary

~cjwatson/launchpad-buildd/rename-slave-prep

« back to all changes in this revision

Viewing changes to lpbuildd/target/lxd.py

  • Committer: Colin Watson
  • Date: 2018-11-07 11:48:18 UTC
  • mfrom: (352.1.1 bionic-lxd3)
  • Revision ID: cjwatson@canonical.com-20181107114818-62ve3dp5f1eyfair
[r=cjwatson] Update LXD backend to work with newer LXD versions.

Show diffs side-by-side

added added

removed removed

Lines of Context:
lpbuildd/target/lxd.py
277
277
            old_profile.delete()
278
278
 
279
279
        raw_lxc_config = [
280
 
            ("lxc.aa_profile", "unconfined"),
281
280
            ("lxc.cap.drop", ""),
282
281
            ("lxc.cap.drop", "sys_time sys_module"),
283
282
            ("lxc.cgroup.devices.deny", ""),
284
283
            ("lxc.cgroup.devices.allow", ""),
285
284
            ("lxc.mount.auto", ""),
286
285
            ("lxc.mount.auto", "proc:rw sys:rw"),
287
 
            ("lxc.network.0.ipv4", ipv4_address),
288
 
            ("lxc.network.0.ipv4.gateway", self.ipv4_network.ip),
289
286
            ]
 
287
 
 
288
        lxc_version = self._client.host_info["environment"]["driver_version"]
 
289
        major, minor = [int(v) for v in lxc_version.split(".")[0:2]]
 
290
 
 
291
        if major >= 3:
 
292
            raw_lxc_config.extend([
 
293
                ("lxc.apparmor.profile", "unconfined"),
 
294
                ("lxc.net.0.ipv4.address", ipv4_address),
 
295
                ("lxc.net.0.ipv4.gateway", self.ipv4_network.ip),
 
296
                ])
 
297
        else:
 
298
            raw_lxc_config.extend([
 
299
                ("lxc.aa_profile", "unconfined"),
 
300
                ("lxc.network.0.ipv4", ipv4_address),
 
301
                ("lxc.network.0.ipv4.gateway", self.ipv4_network.ip),
 
302
                ])
 
303
 
290
304
        # Linux 4.4 on powerpc doesn't support all the seccomp bits that LXD
291
305
        # needs.
292
306
        if self.arch == "powerpc":
296
310
            "security.nesting": "true",
297
311
            "raw.lxc": "".join(
298
312
                "{key}={value}\n".format(key=key, value=value)
299
 
                for key, value in raw_lxc_config),
 
313
                for key, value in sorted(raw_lxc_config)),
300
314
            }
301
315
        devices = {
302
316
            "eth0": {
306
320
                "type": "nic",
307
321
                },
308
322
            }
 
323
        if major >= 3:
 
324
            devices["root"] = {
 
325
                "path": "/",
 
326
                "pool": "default",
 
327
                "type": "disk",
 
328
                }
309
329
        self.client.profiles.create(self.profile_name, config, devices)
310
330
 
311
331
    def start(self):
341
361
            hostname_file.flush()
342
362
            os.fchmod(hostname_file.fileno(), 0o644)
343
363
            self.copy_in(hostname_file.name, "/etc/hostname")
344
 
        self.copy_in("/etc/resolv.conf", "/etc/resolv.conf")
 
364
 
 
365
        resolv_conf = "/etc/resolv.conf"
 
366
 
 
367
        if os.path.islink(resolv_conf):
 
368
            resolv_conf = os.path.realpath(resolv_conf)
 
369
            if (resolv_conf == "/run/systemd/resolve/stub-resolv.conf" and
 
370
                os.path.isfile("/run/systemd/resolve/resolv.conf")):
 
371
                    resolv_conf = "/run/systemd/resolve/resolv.conf"
 
372
 
 
373
        self.copy_in(resolv_conf, "/etc/resolv.conf")
 
374
 
345
375
        with tempfile.NamedTemporaryFile(mode="w+") as policy_rc_d_file:
346
376
            policy_rc_d_file.write(policy_rc_d)
347
377
            policy_rc_d_file.flush()
481
511
            data = source_file.read()
482
512
            mode = stat.S_IMODE(os.fstat(source_file.fileno()).st_mode)
483
513
            headers = {
484
 
                "X-LXD-uid": 0,
485
 
                "X-LXD-gid": 0,
 
514
                "X-LXD-uid": "0",
 
515
                "X-LXD-gid": "0",
486
516
                "X-LXD-mode": "%#o" % mode,
487
517
                }
488
518
            try: