X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sliver_vs.py;h=3e0067e8260327af617f7d2b8f2bf75d3c43d479;hb=ca573a9fe347091f0d7b1d4e493cbc955afb9c37;hp=ac1f0ba99033c9b58a609ad74f523dc7098db607;hpb=b72847d49ccde12e549b4d7f602e892ea64009a0;p=nodemanager.git diff --git a/sliver_vs.py b/sliver_vs.py index ac1f0ba..3e0067e 100644 --- a/sliver_vs.py +++ b/sliver_vs.py @@ -18,7 +18,6 @@ don't have to guess if there is a running process or not. import errno import os -import threading import time import vserver @@ -29,33 +28,45 @@ import tools # special constant that tells vserver to keep its existing settings KEEP_LIMIT = vserver.VC_LIM_KEEP +# populate the sliver/vserver specific default allocations table, +# which is used to look for slice attributes +DEFAULT_ALLOCATION = {} +for rlimit in vserver.RLIMITS.keys(): + rlim = rlimit.lower() + DEFAULT_ALLOCATION["%s_min"%rlim]=KEEP_LIMIT + DEFAULT_ALLOCATION["%s_soft"%rlim]=KEEP_LIMIT + DEFAULT_ALLOCATION["%s_hard"%rlim]=KEEP_LIMIT + class Sliver_VS(accounts.Account, vserver.VServer): """This class wraps vserver.VServer to make its interface closer to what we need.""" SHELL = '/bin/vsh' TYPE = 'sliver.VServer' - _init_disk_info_sem = threading.Semaphore(1) + _init_disk_info_sem = tools.NMLock("/var/run/nm-disk-info.lock") def __init__(self, rec): + logger.verbose ('initing Sliver_VS with name=%s'%rec['name']) try: - vserver.VServer.__init__(self, rec['name']) + vserver.VServer.__init__(self, rec['name'],logfile='/var/log/nm') except Exception, err: if not isinstance(err, vserver.NoSuchVServer): # Probably a bad vserver or vserver configuration file - logger.log_exc() + logger.log_exc(self.name) logger.log('%s: recreating bad vserver' % rec['name']) self.destroy(rec['name']) self.create(rec['name'], rec['vref']) - vserver.VServer.__init__(self, rec['name']) + vserver.VServer.__init__(self, rec['name'],logfile='/var/log/nm') self.keys = '' self.rspec = {} self.initscript = '' self.disk_usage_initialized = False + self.initscriptchanged = False self.configure(rec) @staticmethod def create(name, vref = None): + logger.verbose('Sliver_VS:create - name=%s'%name) if vref is not None: logger.log_call('/usr/sbin/vuseradd', '-t', vref, name) else: @@ -80,8 +91,10 @@ class Sliver_VS(accounts.Account, vserver.VServer): fd = os.open('/etc/rc.vinit', flags, 0755) os.write(fd, new_initscript) os.close(fd) - try: self.chroot_call(install_initscript) - except: logger.log_exc() + try: + self.chroot_call(install_initscript) + self.initscriptchanged = True + except: logger.log_exc(self.name) accounts.Account.configure(self, rec) # install ssh keys @@ -97,6 +110,7 @@ class Sliver_VS(accounts.Account, vserver.VServer): os._exit(0) else: os.waitpid(child_pid, 0) else: logger.log('%s: not starting, is not enabled' % self.name) + self.initscriptchanged = False def stop(self): logger.log('%s: stopping' % self.name) @@ -114,35 +128,24 @@ class Sliver_VS(accounts.Account, vserver.VServer): finally: Sliver_VS._init_disk_info_sem.release() logger.log('%s: computing disk usage: ended' % self.name) self.disk_usage_initialized = True - vserver.VServer.set_disklimit(self, disk_max) - except OSError: + vserver.VServer.set_disklimit(self, max(disk_max, self.disk_blocks)) + except: logger.log('%s: failed to set max disk usage' % self.name) - logger.log_exc() - - # set min/soft/hard values for 'as', 'rss', 'nproc' and openfd - # Note that vserver currently only implements support for hard limits - - as_min = self.rspec['as_min'] - as_soft = self.rspec['as_soft'] - as_hard = self.rspec['as_hard'] - self.set_AS_config(as_hard, as_soft, as_min) - - rss_min = self.rspec['rss_min'] - rss_soft = self.rspec['rss_soft'] - rss_hard = self.rspec['rss_hard'] - self.set_RSS_config(rss_hard, rss_soft, rss_min) - - nproc_min = self.rspec['nproc_min'] - nproc_soft = self.rspec['nproc_soft'] - nproc_hard = self.rspec['nproc_hard'] - self.set_NPROC_config(nproc_hard, nproc_soft, nproc_min) - - openfd_min = self.rspec['openfd_min'] - openfd_soft = self.rspec['openfd_soft'] - openfd_hard = self.rspec['openfd_hard'] - self.set_OPENFD_config(openfd_hard, openfd_soft, openfd_min) - - self.set_WHITELISTED_config(self.rspec['whitelist']) + logger.log_exc(self.name) + + # get/set the min/soft/hard values for all of the vserver + # related RLIMITS. Note that vserver currently only + # implements support for hard limits. + for limit in vserver.RLIMITS.keys(): + type = limit.lower() + minimum = self.rspec['%s_min'%type] + soft = self.rspec['%s_soft'%type] + hard = self.rspec['%s_hard'%type] + self.set_rlimit_config(limit, hard, soft, minimum) + + self.set_capabilities_config(self.rspec['capabilities']) + if self.rspec['capabilities']: + logger.log('%s: setting capabilities to %s' % (self.name, self.rspec['capabilities'])) if False: # this code was commented out before # N.B. net_*_rate are in kbps because of XML-RPC maxint @@ -159,13 +162,29 @@ class Sliver_VS(accounts.Account, vserver.VServer): cpu_min = self.rspec['cpu_min'] cpu_share = self.rspec['cpu_share'] - if self.rspec['enabled'] > 0 and self.rspec['whitelist'] == 1: + if self.rspec['enabled'] > 0: if cpu_min >= 50: # at least 5%: keep people from shooting themselves in the foot logger.log('%s: setting cpu share to %d%% guaranteed' % (self.name, cpu_min/10.0)) self.set_sched_config(cpu_min, vserver.SCHED_CPU_GUARANTEED) else: logger.log('%s: setting cpu share to %d' % (self.name, cpu_share)) self.set_sched_config(cpu_share, 0) + # if IP address isn't set (even to 0.0.0.0), sliver won't be able to use network + if self.rspec['ip_addresses'] != '0.0.0.0': + logger.log('%s: setting IP address(es) to %s' % (self.name, self.rspec['ip_addresses'])) + self.set_ipaddresses_config(self.rspec['ip_addresses']) + + if False: # Does not work properly yet. + if self.have_limits_changed(): + logger.log('%s: limits have changed --- restarting' % self.name) + stopcount = 10 + while self.is_running() and stopcount > 0: + self.stop() + delay = 1 + time.sleep(delay) + stopcount = stopcount - 1 + self.start() + else: # tell vsh to disable remote login by setting CPULIMIT to 0 logger.log('%s: disabling remote login' % self.name) self.set_sched_config(0, 0)