1 # Copyright 2005 Princeton University
3 #$Id: vserver.py,v 1.72 2007/08/02 16:01:59 dhozac Exp $
18 import cpulimit, bwlimit
20 from vserverimpl import DLIMIT_INF
21 from vserverimpl import VC_LIM_KEEP
22 from vserverimpl import VLIMIT_NSOCK
23 from vserverimpl import VLIMIT_OPENFD
24 from vserverimpl import VLIMIT_ANON
25 from vserverimpl import VLIMIT_SHMEM
28 # these are the flags taken from the kernel linux/vserver/legacy.h
31 FLAGS_SCHED = 2 # XXX - defined in util-vserver/src/chcontext.c
39 RLIMITS = { "NSOCK": VLIMIT_NSOCK,
40 "OPENFD": VLIMIT_OPENFD,
42 "SHMEM": VLIMIT_SHMEM}
44 # add in the platform supported rlimits
45 for entry in resource.__dict__.keys():
46 if entry.find("RLIMIT_")==0:
47 k = entry[len("RLIMIT_"):]
48 if not RLIMITS.has_key(k):
49 RLIMITS[k]=resource.__dict__[entry]
51 print "WARNING: duplicate RLIMITS key %s" % k
53 class NoSuchVServer(Exception): pass
57 def __init__(self, name, directory):
61 if not (os.path.isdir(self.dir) and
62 os.access(self.dir, os.R_OK | os.W_OK | os.X_OK)):
63 raise NoSuchVServer, "%s does not exist" % self.dir
65 def get(self, option, default = None):
68 return self.cache[option]
70 f = open(os.path.join(self.dir, option), "r")
71 buf = f.read().rstrip()
75 if default is not None:
78 raise KeyError, "Key %s is not set for %s" % (option, self.name)
80 def update(self, option, value):
85 old_umask = os.umask(0022)
86 filename = os.path.join(self.dir, option)
88 os.makedirs(os.path.dirname(filename), 0755)
91 f = open(filename, 'w')
92 if isinstance(value, list):
93 f.write("%s\n" % "\n".join(value))
95 f.write("%s\n" % value)
101 def unset(self, option):
106 filename = os.path.join(self.dir, option)
109 os.removedirs(os.path.dirname(filename))
118 def add_to_cache(cache, dirname, fnames):
120 full_name = os.path.join(dirname, file)
121 if os.path.islink(full_name):
123 elif (os.path.isfile(full_name) and
124 os.access(full_name, os.R_OK)):
125 f = open(full_name, "r")
126 cache[full_name.replace(os.path.join(self.dir, ''),
127 '')] = f.read().rstrip()
129 os.path.walk(self.dir, add_to_cache, self.cache)
134 INITSCRIPTS = [('/etc/rc.vinit', 'start'),
135 ('/etc/rc.d/rc', '%(runlevel)d')]
137 def __init__(self, name, vm_id = None, vm_running = None, logfile=None):
140 self.dir = "%s/%s" % (vserverimpl.VSERVER_BASEDIR, name)
141 if not (os.path.isdir(self.dir) and
142 os.access(self.dir, os.R_OK | os.W_OK | os.X_OK)):
143 raise NoSuchVServer, "no such vserver: " + name
144 self.config = VServerConfig(name, "/etc/vservers/%s" % name)
145 self.remove_caps = ~vserverimpl.CAP_SAFE;
147 vm_id = int(self.config.get('context'))
149 if vm_running == None:
150 vm_running = self.is_running()
151 self.vm_running = vm_running
152 self.logfile = logfile
154 # inspired from nodemanager's logger
158 fd = os.open(self.logfile,os.O_WRONLY | os.O_CREAT | os.O_APPEND, 0600)
159 if not msg.endswith('\n'): msg += '\n'
160 os.write(fd, '%s: %s' % (time.asctime(time.gmtime()), msg))
163 print '%s: (%s failed to open) %s'%(time.asctime(time.gmtime()),self.logfile,msg)
165 def set_rlimit(self, type, hard, soft, min):
166 """Generic set resource limit function for vserver"""
170 if hard <> VC_LIM_KEEP:
171 self.config.update('rlimits/%s.hard' % type.lower(), hard)
173 if soft <> VC_LIM_KEEP:
174 self.config.update('rlimits/%s.soft' % type.lower(), soft)
176 if min <> VC_LIM_KEEP:
177 self.config.update('rlimits/%s.min' % type.lower(), min)
180 if self.is_running() and update:
181 resource_type = RLIMITS[type]
183 vserverimpl.setrlimit(self.ctx, resource_type, hard, soft, min)
185 self.log("Error: setrlimit(%d, %s, %d, %d, %d): %s"
186 % (self.ctx, type.lower(), hard, soft, min))
190 def get_prefix_from_capabilities(self, capabilities, prefix):
191 split_caps = capabilities.split(',')
192 return ",".join(["%s" % (c) for c in split_caps if c.startswith(prefix.upper()) or c.startswith(prefix.lower())])
194 def get_bcaps_from_capabilities(self, capabilities):
195 return self.get_prefix_from_capabilities(capabilities, "cap_")
197 def get_ccaps_from_capabilities(self, capabilities):
198 return self.get_prefix_from_capabilities(capabilities, "vxc_")
200 def set_capabilities_config(self, capabilities):
201 bcaps = self.get_bcaps_from_capabilities(capabilities)
202 ccaps = self.get_ccaps_from_capabilities(capabilities)
203 self.config.update('bcapabilities', bcaps)
204 self.config.update('ccapabilities', ccaps)
205 ret = vserverimpl.setbcaps(self.ctx, vserverimpl.text2bcaps(bcaps))
208 return vserverimpl.setccaps(self.ctx, vserverimpl.text2ccaps(ccaps))
210 def get_capabilities(self):
211 bcaps = vserverimpl.bcaps2text(vserverimpl.getbcaps(self.ctx))
212 ccaps = vserverimpl.ccaps2text(vserverimpl.getccaps(self.ctx))
215 return (bcaps + ccaps)
217 def get_capabilities_config(self):
218 bcaps = self.config.get('bcapabilities', '')
219 ccaps = self.config.get('ccapabilities', '')
222 return (bcaps + ccaps)
224 def set_ipaddresses(self, addresses):
225 vserverimpl.netremove(self.ctx, "all")
226 for a in addresses.split(","):
227 vserverimpl.netadd(self.ctx, a)
229 def set_ipaddresses_config(self, addresses):
231 for a in addresses.split(","):
232 self.config.update("interfaces/%d/ip" % i, a)
234 while self.config.unset("interfaces/%d/ip" % i):
236 self.set_ipaddresses(addresses)
238 def get_ipaddresses_config(self):
242 r = self.config.get("interfaces/%d/ip" % i, '')
249 def get_ipaddresses(self):
250 # No clean way to do this right now.
253 def get_unshare_netns_config(self):
255 unshare_netns = int(self.config.get('spaces/net'))
258 return unshare_netns;
260 def __do_chroot(self):
264 def chroot_call(self, fn, *args):
266 cwd_fd = os.open(".", os.O_RDONLY)
268 root_fd = os.open("/", os.O_RDONLY)
281 def set_disklimit(self, block_limit):
282 # block_limit is in kB
285 vserverimpl.unsetdlimit(self.dir, self.ctx)
287 self.log("Unexpected error with unsetdlimit for context %d" % self.ctx)
291 block_usage = vserverimpl.DLIMIT_KEEP
292 inode_usage = vserverimpl.DLIMIT_KEEP
294 # init_disk_info() must have been called to get usage values
295 block_usage = self.disk_blocks
296 inode_usage = self.disk_inodes
299 vserverimpl.setdlimit(self.dir,
304 vserverimpl.DLIMIT_INF, # inode limit
305 2) # %age reserved for root
307 self.log("Unexpected error with setdlimit for context %d" % self.ctx)
310 self.config.update('dlimits/0/space_total', block_limit)
312 def is_running(self):
313 return vserverimpl.isrunning(self.ctx)
315 def get_disklimit(self):
318 (self.disk_blocks, block_limit, self.disk_inodes, inode_limit,
319 reserved) = vserverimpl.getdlimit(self.dir, self.ctx)
321 if ex.errno != errno.ESRCH:
323 # get here if no vserver disk limit has been set for xid
328 def set_sched_config(self, cpu_min, cpu_share):
330 """ Write current CPU scheduler parameters to the vserver
331 configuration file. This method does not modify the kernel CPU
332 scheduling parameters for this context. """
334 self.config.update('sched/fill-rate', cpu_min)
335 self.config.update('sched/fill-rate2', cpu_share)
337 self.config.unset('sched/idle-time')
339 if self.is_running():
340 self.set_sched(cpu_min, cpu_share)
342 def set_sched(self, cpu_min, cpu_share):
343 """ Update kernel CPU scheduling parameters for this context. """
344 vserverimpl.setsched(self.ctx, cpu_min, cpu_share)
347 # have no way of querying scheduler right now on a per vserver basis
350 def set_bwlimit(self, minrate = bwlimit.bwmin, maxrate = None,
351 exempt_min = None, exempt_max = None,
352 share = None, dev = "eth0"):
355 bwlimit.off(self.ctx, dev)
357 bwlimit.on(self.ctx, dev, share,
358 minrate, maxrate, exempt_min, exempt_max)
360 def get_bwlimit(self, dev = "eth0"):
362 result = bwlimit.get(self.ctx)
363 # result of bwlimit.get is (ctx, share, minrate, maxrate)
368 def open(self, filename, mode = "r", bufsize = -1):
370 return self.chroot_call(open, filename, mode, bufsize)
372 def __do_chcontext(self, state_file):
375 print >>state_file, "%u" % self.ctx
378 if vserverimpl.chcontext(self.ctx, vserverimpl.text2bcaps(self.get_capabilities_config()), self.get_unshare_netns_config()):
380 vserverimpl.setup_done(self.ctx)
382 def __prep(self, runlevel):
384 """ Perform all the crap that the vserver script does before
385 actually executing the startup scripts. """
387 # remove /var/run and /var/lock/subsys files
388 # but don't remove utmp from the top-level /var/run
390 LOCKDIR = "/var/lock/subsys"
391 filter_fn = lambda fs: filter(lambda f: f != 'utmp', fs)
392 garbage = reduce((lambda (out, ff), (dir, subdirs, files):
393 (out + map((dir + "/").__add__, ff(files)),
395 list(os.walk(RUNDIR)),
397 garbage += filter(os.path.isfile, map((LOCKDIR + "/").__add__,
398 os.listdir(LOCKDIR)))
403 # set the initial runlevel
404 vserverimpl.setrunlevel(RUNDIR + "/utmp", runlevel)
406 # mount /proc and /dev/pts
407 self.__do_mount("none", self.dir, "/proc", "proc")
408 # XXX - magic mount options
409 self.__do_mount("none", self.dir, "/dev/pts", "devpts", 0, "gid=5,mode=0620")
411 def __do_mount(self, *mount_args):
414 vserverimpl.mount(*mount_args)
416 if ex.errno == errno.EBUSY:
417 # assume already mounted
422 self.config.cache_it()
424 self.__do_chcontext(None)
426 def start(self, runlevel = 3):
429 # Parent should just return.
430 self.vm_running = True
435 # so we don't chcontext with priv'ed fds
436 close_nonstandard_fds()
441 # open state file to record vserver info
442 state_file = open("/var/run/vservers/%s" % self.name, "w")
444 # use /dev/null for stdin, /var/log/boot.log for stdout/err
445 fd = os.open("/dev/null", os.O_RDONLY)
450 # perform pre-init cleanup
451 self.__prep(runlevel)
453 self.config.cache_it()
455 log = open("/var/log/boot.log", "a", 0)
456 if log.fileno() != 1:
457 os.dup2(log.fileno(), 1)
460 print >>log, ("%s: starting the virtual server %s" %
461 (time.asctime(time.gmtime()), self.name))
462 # execute each init script in turn
463 # XXX - we don't support all scripts that vserver script does
464 self.__do_chcontext(state_file)
465 for cmd in self.INITSCRIPTS:
467 # enter vserver context
468 arg_subst = { 'runlevel': runlevel }
469 cmd_args = [cmd[0]] + map(lambda x: x % arg_subst,
471 if os.path.isfile(cmd[0]):
472 print >>log, "executing '%s'" % " ".join(cmd_args)
473 os.spawnvp(os.P_NOWAIT,cmd[0],cmd_args)
475 print >>log, traceback.format_exc()
477 # we get here due to an exception in the top-level child process
478 except Exception, ex:
479 self.log(traceback.format_exc())
482 def set_resources(self):
484 """ Called when vserver context is entered for first time,
485 should be overridden by subclass. """
489 def init_disk_info(self):
491 dlimit = vserverimpl.getdlimit(self.dir, self.ctx)
492 self.disk_blocks = dlimit[0]
493 self.disk_inodes = dlimit[2]
494 return self.disk_blocks * 1024
497 cmd = "/usr/sbin/vdu --script --space --inodes --blocksize 1024 --xid %d %s" % (self.ctx, self.dir)
498 p = subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE,
499 stdout=subprocess.PIPE, stderr=subprocess.PIPE,
502 line = p.stdout.readline()
504 sys.stderr.write(p.stderr.read())
509 (space, inodes) = line.split()
510 self.disk_inodes = int(inodes)
511 self.disk_blocks = int(space)
512 #(self.disk_inodes, self.disk_blocks) = vduimpl.vdu(self.dir)
514 return self.disk_blocks * 1024
516 def stop(self, signal = signal.SIGKILL):
517 vserverimpl.killall(self.ctx, signal)
518 self.vm_running = False
520 def setname(self, slice_id):
521 '''Set vcVHI_CONTEXT field in kernel to slice_id'''
522 vserverimpl.setname(self.ctx, slice_id)
525 '''Get vcVHI_CONTEXT field in kernel'''
526 return vserverimpl.getname(self.ctx)
529 def create(vm_name, static = False, ctor = VServer):
531 options = ['vuseradd']
533 options += ['--static']
534 ret = os.spawnvp(os.P_WAIT, 'vuseradd', options + [vm_name])
535 if not os.WIFEXITED(ret) or os.WEXITSTATUS(ret) != 0:
536 out = "system command ('%s') " % options
537 if os.WIFEXITED(ret):
538 out += "failed, rc = %d" % os.WEXITSTATUS(ret)
540 out += "killed by signal %d" % os.WTERMSIG(ret)
541 raise SystemError, out
542 vm_id = pwd.getpwnam(vm_name)[2]
544 return ctor(vm_name, vm_id)
547 def close_nonstandard_fds():
548 """Close all open file descriptors other than 0, 1, and 2."""
550 for fd in range(3, os.sysconf(_SC_OPEN_MAX)):
552 except OSError: pass # most likely an fd that isn't open
git://git.onelab.eu / util-vserver-pl.git / blob