[pve-devel] [PATCH container v4 1/1] add hookscript to containers

Dominik Csapak d.csapak at proxmox.com
Thu Jan 31 14:33:40 CET 2019


this adds the config (hookscript) and executes it
on four points in time for the container

the same notes as with vms are in place regarding
when the script is called

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
changes from v3:
* more concise check
 src/PVE/LXC.pm            |  9 +++++++++
 src/PVE/LXC/Config.pm     | 12 +++++++++++-
 src/lxc-pve-poststop-hook |  3 +++
 3 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 450a4e5..8f560c5 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -26,6 +26,7 @@ use PVE::AccessControl;
 use PVE::ProcFSTools;
 use PVE::Syscall;
 use PVE::LXC::Config;
+use PVE::GuestHelpers;
 
 use Time::HiRes qw (gettimeofday);
 
@@ -1111,6 +1112,9 @@ sub check_ct_modify_config_perm {
 	} elsif ($opt eq 'features') {
 	    # For now this is restricted to root at pam
 	    raise_perm_exc("changing feature flags is only allowed for root\@pam");
+	} elsif ($opt eq 'hookscript') {
+	    # For now this is restricted to root at pam
+	    raise_perm_exc("changing the hookscript is only allowed for root\@pam");
 	} else {
 	    $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']);
 	}
@@ -1913,11 +1917,13 @@ sub vm_start {
 
     my $cmd = ['systemctl', 'start', "pve-container\@$vmid"];
 
+    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-start', 1);
     eval { PVE::Tools::run_command($cmd); };
     if (my $err = $@) {
 	unlink $skiplock_flag_fn;
 	die $err;
     }
+    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-start');
 
     return;
 }
@@ -1940,6 +1946,9 @@ sub vm_stop {
 	die "failed to open container ${vmid}'s command socket: $!\n";
     }
 
+    my $conf = PVE::LXC::Config->load_config($vmid);
+    PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'pre-stop');
+
     # Stop the container:
 
     my $cmd = ['lxc-stop', '-n', $vmid];
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 061ec8e..7274e3a 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -5,6 +5,7 @@ use warnings;
 
 use PVE::AbstractConfig;
 use PVE::Cluster qw(cfs_register_file);
+use PVE::GuestHelpers;
 use PVE::INotify;
 use PVE::JSONSchema qw(get_standard_option);
 use PVE::Tools;
@@ -457,6 +458,12 @@ my $confdesc = {
 	format => $features_desc,
 	description => "Allow containers access to advanced features.",
     },
+    hookscript => {
+	optional => 1,
+	type => 'string',
+	format => 'pve-volume-id',
+	description => 'Script that will be exectued during various steps in the containers lifetime.',
+    },
 };
 
 my $valid_lxc_conf_keys = {
@@ -896,7 +903,7 @@ sub update_pct_config {
 		delete $conf->{$opt};
 		PVE::LXC::write_cgroup_value("memory", $vmid,
 					     "memory.memsw.limit_in_bytes", -1);
-	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup') {
+	    } elsif ($opt eq 'description' || $opt eq 'onboot' || $opt eq 'startup' || $opt eq 'hookscript') {
 		delete $conf->{$opt};
 	    } elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' ||
 		     $opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') {
@@ -1091,6 +1098,9 @@ sub update_pct_config {
 	} elsif ($opt eq 'features') {
 	    next if $hotplug_error->($opt);
 	    $conf->{$opt} = $value;
+	} elsif ($opt eq 'hookscript') {
+	    PVE::GuestHelpers::check_hookscript($value);
+	    $conf->{$opt} = $value;
 	} else {
 	    die "implement me: $opt";
 	}
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index 654aa26..dc7938e 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop-hook
@@ -20,6 +20,7 @@ use PVE::CLIHandler;
 use PVE::Storage;
 use PVE::Storage::Plugin;
 use PVE::LXC;
+use PVE::GuestHelpers;
 use Data::Dumper;
 
 use base qw(PVE::CLIHandler);
@@ -90,6 +91,8 @@ __PACKAGE__->register_method ({
 	    exit(1);
 	}
 
+	PVE::GuestHelpers::exec_hookscript($conf, $vmid, 'post-stop');
+
 	return undef;
     }});
 
-- 
2.11.0





More information about the pve-devel mailing list