[pve-devel] [PATCH container 1/1] add hookscript to containers

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed Jan 23 15:29:20 CET 2019


same as qemu-server, I'd limit adding a hookscript to a CT config to
root at pam (for now).

On Mon, Jan 21, 2019 at 09:44:36AM +0100, Dominik Csapak wrote:
> this adds the config (hookscript) and executes it
> on four points in time for the container
> 
> the same notes as with vms are in place regarding
> when the script is called
> 
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
>  src/PVE/LXC.pm            |  6 ++++++
>  src/PVE/LXC/Config.pm     | 18 +++++++++++++++++-
>  src/lxc-pve-poststop-hook |  3 +++
>  3 files changed, 26 insertions(+), 1 deletion(-)
> 
> diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
> index ab15ec0..445f9c0 100644
> --- a/src/PVE/LXC.pm
> +++ b/src/PVE/LXC.pm
> @@ -26,6 +26,7 @@ use PVE::AccessControl;
>  use PVE::ProcFSTools;
>  use PVE::Syscall;
>  use PVE::LXC::Config;
> +use PVE::GuestHelpers;
>  
>  use Time::HiRes qw (gettimeofday);
>  
> @@ -1912,11 +1913,13 @@ sub vm_start {
>  
>      my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
>  
> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
>      eval { PVE::Tools::run_command($cmd); };
>      if (my $err = $@) {
>  	unlink $skiplock_flag_fn;
>  	die $err;
>      }
> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-start');
>  
>      return;
>  }
> @@ -1939,6 +1942,9 @@ sub vm_stop {
>  	die "failed to open container ${vmid}'s command socket: $!\n";
>      }
>  
> +    my $conf = PVE::LXC::Config->load_config($vmid);
> +    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-stop');
> +
>      # Stop the container:
>  
>      my $cmd = ['lxc-stop', '-n', $vmid];
> diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
> index 061ec8e..c1e2011 100644
> --- a/src/PVE/LXC/Config.pm
> +++ b/src/PVE/LXC/Config.pm
> @@ -457,6 +457,12 @@ my $confdesc = {
>  	format => $features_desc,
>  	description => "Allow containers access to advanced features.",
>      },
> +    hookscript => {
> +	optional => 1,
> +	type => 'string',
> +	format => 'pve-volume-id',
> +	description => 'Script that will be exectued during various steps in the containers lifetime.',
> +    },
>  };
>  
>  my $valid_lxc_conf_keys = {
> @@ -896,7 +902,7 @@ sub update_pct_config {
>  		delete $conf->{$opt};
>  		PVE::LXC::write_cgroup_value("memory", $vmid,
>  					     "memory.memsw.limit_in_bytes", -1);
> -	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup') {
> +	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup' || $opt eq 'hookscript') {
>  		delete $conf->{$opt};
>  	    } elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' ||
>  		     $opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') {
> @@ -1091,6 +1097,16 @@ sub update_pct_config {
>  	} elsif ($opt eq 'features') {
>  	    next if $hotplug_error->($opt);
>  	    $conf->{$opt} = $value;
> +	} elsif ($opt eq 'hookscript') {
> +	    my $storage_cfg = PVE::Storage::config();
> +	    my ($path, undef, $type) = PVE::Storage::path($storage_cfg, $value);
> +
> +	    die "'$value' is not in the scripts directory\n"
> +		if $type ne 'scripts';
> +
> +	    warn "script '$path' is not found, setting anyway\n"
> +		if ! -f $path;

and also here - does this really make sense?

> +	    $conf->{$opt} = $value;
>  	} else {
>  	    die "implement me: $opt";
>  	}
> diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
> index 654aa26..dc7938e 100755
> --- a/src/lxc-pve-poststop-hook
> +++ b/src/lxc-pve-poststop-hook
> @@ -20,6 +20,7 @@ use PVE::CLIHandler;
>  use PVE::Storage;
>  use PVE::Storage::Plugin;
>  use PVE::LXC;
> +use PVE::GuestHelpers;
>  use Data::Dumper;
>  
>  use base qw(PVE::CLIHandler);
> @@ -90,6 +91,8 @@ __PACKAGE__->register_method ({
>  	    exit(1);
>  	}
>  
> +	PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-stop');
> +
>  	return undef;
>      }});
>  
> -- 
> 2.11.0
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel




More information about the pve-devel mailing list