[pve-devel] [PATCH container v2 1/1] add hookscript to containers
Dominik Csapak
d.csapak at proxmox.com
Thu Jan 24 12:30:56 CET 2019
this adds the config (hookscript) and executes it
on four points in time for the container
the same notes as with vms are in place regarding
when the script is called
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
changes from v1:
* correctly check for root at pam
* abort setting when script does not exist
src/PVE/LXC.pm | 9 +++++++++
src/PVE/LXC/Config.pm | 19 ++++++++++++++++++-
src/lxc-pve-poststop-hook | 3 +++
3 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index ab15ec0..f72553f 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -26,6 +26,7 @@ use PVE::AccessControl;
use PVE::ProcFSTools;
use PVE::Syscall;
use PVE::LXC::Config;
+use PVE::GuestHelpers;
use Time::HiRes qw (gettimeofday);
@@ -1110,6 +1111,9 @@ sub check_ct_modify_config_perm {
} elsif ($opt eq 'features') {
# For now this is restricted to root at pam
raise_perm_exc("changing feature flags is only allowed for root\@pam");
+ } elsif ($opt eq 'hookscript') {
+ # For now this is restricted to root at pam
+ raise_perm_exc("changing the hookscript is only allowed for root\@pam");
} else {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']);
}
@@ -1912,11 +1916,13 @@ sub vm_start {
my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
+ PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
eval { PVE::Tools::run_command($cmd); };
if (my $err = $@) {
unlink $skiplock_flag_fn;
die $err;
}
+ PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-start');
return;
}
@@ -1939,6 +1945,9 @@ sub vm_stop {
die "failed to open container ${vmid}'s command socket: $!\n";
}
+ my $conf = PVE::LXC::Config->load_config($vmid);
+ PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-stop');
+
# Stop the container:
my $cmd = ['lxc-stop', '-n', $vmid];
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 061ec8e..7f639ed 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -457,6 +457,12 @@ my $confdesc = {
format => $features_desc,
description => "Allow containers access to advanced features.",
},
+ hookscript => {
+ optional => 1,
+ type => 'string',
+ format => 'pve-volume-id',
+ description => 'Script that will be exectued during various steps in the containers lifetime.',
+ },
};
my $valid_lxc_conf_keys = {
@@ -896,7 +902,7 @@ sub update_pct_config {
delete $conf->{$opt};
PVE::LXC::write_cgroup_value("memory", $vmid,
"memory.memsw.limit_in_bytes", -1);
- } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup') {
+ } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup' || $opt eq 'hookscript') {
delete $conf->{$opt};
} elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' ||
$opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') {
@@ -1091,6 +1097,17 @@ sub update_pct_config {
} elsif ($opt eq 'features') {
next if $hotplug_error->($opt);
$conf->{$opt} = $value;
+ } elsif ($opt eq 'hookscript') {
+ my $storage_cfg = PVE::Storage::config();
+ my ($path, undef, $type) = PVE::Storage::path($storage_cfg, $value);
+
+ die "'$value' is not in the scripts directory\n"
+ if $type ne 'scripts';
+
+ die "script '$value' does not exist\n"
+ if ! -f $path;
+
+ $conf->{$opt} = $value;
} else {
die "implement me: $opt";
}
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index 654aa26..dc7938e 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop-hook
@@ -20,6 +20,7 @@ use PVE::CLIHandler;
use PVE::Storage;
use PVE::Storage::Plugin;
use PVE::LXC;
+use PVE::GuestHelpers;
use Data::Dumper;
use base qw(PVE::CLIHandler);
@@ -90,6 +91,8 @@ __PACKAGE__->register_method ({
exit(1);
}
+ PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-stop');
+
return undef;
}});
--
2.11.0
More information about the pve-devel
mailing list