Spotter-Cluster/spoc
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix ephemeral layer addition

Browse Source
This commit is contained in:
Disassembler 2020-02-07 23:20:53 +01:00
parent 645735a306
commit 81ecaed95e
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
usr/lib/python3.8/spoc/container.py
View File

@ -75,6 +75,9 @@ class Container:
# Prepares container rootfs # Prepares container rootfs
# Called in lxc.hook.pre-start as the standard mount options are insufficient for rootless containers (see notes for overlayfs below) # Called in lxc.hook.pre-start as the standard mount options are insufficient for rootless containers (see notes for overlayfs below)
layers = [os.path.join(LAYERS_DIR, layer) for layer in self.layers] layers = [os.path.join(LAYERS_DIR, layer) for layer in self.layers]
if not self.build:
# Add ephemeral layer if the container is not created as part of build process
layers.append(self.ephemeral_layer_path)
if len(layers) > 1: if len(layers) > 1:
# Multiple layers require overlayfs, however non-root users don't normally have capability to create overlayfs mounts - https://www.spinics.net/lists/linux-fsdevel/msg105877.html # Multiple layers require overlayfs, however non-root users don't normally have capability to create overlayfs mounts - https://www.spinics.net/lists/linux-fsdevel/msg105877.html
# Standard linux kernels currently doesn't support overlay mounts in user namespaces (lxc.hook.pre-mount) # Standard linux kernels currently doesn't support overlay mounts in user namespaces (lxc.hook.pre-mount)
@ -110,11 +113,6 @@ class Container:
# Chown is possible only when the process is running as root, for user namespaces, see https://linuxcontainers.org/lxc/manpages/man1/lxc-usernsexec.1.html # Chown is possible only when the process is running as root, for user namespaces, see https://linuxcontainers.org/lxc/manpages/man1/lxc-usernsexec.1.html
os.chown(self.ephemeral_layer_path, 100000, 100000) os.chown(self.ephemeral_layer_path, 100000, 100000)
# Create container configuration file based on the container definition # Create container configuration file based on the container definition
layers = [os.path.join(LAYERS_DIR, layer) for layer in self.layers]
if not self.build:
# Add ephemeral layer if the container is not created as part of build process
layers.append(self.ephemeral_layer_path)
layers = ','.join(layers)
mounts = '\n'.join([f'lxc.mount.entry = {os.path.join(VOLUME_DIR, v)} {m[0]} none bind,create={"dir" if m[1] else "file"} 0 0' for v,m in self.mounts.items()]) mounts = '\n'.join([f'lxc.mount.entry = {os.path.join(VOLUME_DIR, v)} {m[0]} none bind,create={"dir" if m[1] else "file"} 0 0' for v,m in self.mounts.items()])
env = '\n'.join([f'lxc.environment = {k}={v}' for k,v in self.env.items()]) env = '\n'.join([f'lxc.environment = {k}={v}' for k,v in self.env.items()])
uid = self.uid if self.uid else 0 uid = self.uid if self.uid else 0