func (s *UserDataSuite) TestGenerateNetworkConfig(c *gc.C) {
// No config or no interfaces - no error, but also noting to generate.
data, err := containerinit.GenerateNetworkConfig(nil)
c.Assert(err, jc.ErrorIsNil)
c.Assert(data, gc.HasLen, 0)
netConfig := container.BridgeNetworkConfig("foo", 0, nil)
data, err = containerinit.GenerateNetworkConfig(netConfig)
c.Assert(err, jc.ErrorIsNil)
c.Assert(data, gc.HasLen, 0)
// Test with all interface types.
netConfig = container.BridgeNetworkConfig("foo", 0, s.fakeInterfaces)
data, err = containerinit.GenerateNetworkConfig(netConfig)
c.Assert(err, jc.ErrorIsNil)
c.Assert(data, gc.Equals, s.expectedNetConfig)
}
func (s *UserDataSuite) TestGenerateNetworkConfig(c *gc.C) {
data, err := containerinit.GenerateNetworkConfig(nil)
c.Assert(err, gc.ErrorMatches, "missing container network config")
c.Assert(data, gc.Equals, "")
netConfig := container.BridgeNetworkConfig("foo", 0, nil)
data, err = containerinit.GenerateNetworkConfig(netConfig)
c.Assert(err, jc.ErrorIsNil)
c.Assert(data, gc.Equals, s.expectedFallbackConfig)
// Test with all interface types.
netConfig = container.BridgeNetworkConfig("foo", 0, s.fakeInterfaces)
data, err = containerinit.GenerateNetworkConfig(netConfig)
c.Assert(err, jc.ErrorIsNil)
c.Assert(data, gc.Equals, s.expectedSampleConfig)
}
// CreateContainer creates or clones an LXC container.
func (manager *containerManager) CreateContainer(
instanceConfig *instancecfg.InstanceConfig,
series string,
networkConfig *container.NetworkConfig,
storageConfig *container.StorageConfig,
) (inst instance.Instance, _ *instance.HardwareCharacteristics, err error) {
// Check our preconditions
if manager == nil {
panic("manager is nil")
} else if series == "" {
panic("series not set")
} else if networkConfig == nil {
panic("networkConfig is nil")
} else if storageConfig == nil {
panic("storageConfig is nil")
}
// Log how long the start took
defer func(start time.Time) {
if err == nil {
logger.Tracef("container %q started: %v", inst.Id(), time.Now().Sub(start))
}
}(time.Now())
name := names.NewMachineTag(instanceConfig.MachineId).String()
if manager.name != "" {
name = fmt.Sprintf("%s-%s", manager.name, name)
}
// Create the cloud-init.
directory, err := container.NewDirectory(name)
if err != nil {
return nil, nil, errors.Annotate(err, "failed to create a directory for the container")
}
logger.Tracef("write cloud-init")
userDataFilename, err := containerinit.WriteUserData(instanceConfig, networkConfig, directory)
if err != nil {
return nil, nil, errors.Annotate(err, "failed to write user data")
}
var lxcContainer golxc.Container
if manager.createWithClone {
templateContainer, err := EnsureCloneTemplate(
manager.backingFilesystem,
series,
networkConfig,
instanceConfig.AuthorizedKeys,
instanceConfig.AptProxySettings,
instanceConfig.AptMirror,
instanceConfig.EnableOSRefreshUpdate,
instanceConfig.EnableOSUpgrade,
manager.imageURLGetter,
manager.useAUFS,
)
if err != nil {
return nil, nil, errors.Annotate(err, "failed to retrieve the template to clone")
}
templateParams := []string{
"--debug", // Debug errors in the cloud image
"--userdata", userDataFilename, // Our groovey cloud-init
"--hostid", name, // Use the container name as the hostid
}
var extraCloneArgs []string
if manager.backingFilesystem == Btrfs || manager.useAUFS {
extraCloneArgs = append(extraCloneArgs, "--snapshot")
}
if manager.backingFilesystem != Btrfs && manager.useAUFS {
extraCloneArgs = append(extraCloneArgs, "--backingstore", "aufs")
}
lock, err := AcquireTemplateLock(templateContainer.Name(), "clone")
if err != nil {
return nil, nil, errors.Annotate(err, "failed to acquire lock on template")
}
defer lock.Unlock()
// Ensure the run-time effective config of the template
// container has correctly ordered network settings, otherwise
// Clone() below will fail. This is needed in case we haven't
// created a new template now but are reusing an existing one.
// See LP bug #1414016.
configPath := containerConfigFilename(templateContainer.Name())
if _, err := reorderNetworkConfig(configPath); err != nil {
return nil, nil, errors.Annotate(err, "failed to reorder network settings")
}
lxcContainer, err = templateContainer.Clone(name, extraCloneArgs, templateParams)
if err != nil {
return nil, nil, errors.Annotate(err, "lxc container cloning failed")
}
} else {
// Note here that the lxcObjectFacotry only returns a valid container
// object, and doesn't actually construct the underlying lxc container on
// disk.
lxcContainer = LxcObjectFactory.New(name)
templateParams := []string{
"--debug", // Debug errors in the cloud image
"--userdata", userDataFilename, // Our groovey cloud-init
"--hostid", name, // Use the container name as the hostid
"-r", series,
}
var caCert []byte
if manager.imageURLGetter != nil {
arch := arch.HostArch()
imageURL, err := manager.imageURLGetter.ImageURL(instance.LXC, series, arch)
if err != nil {
return nil, nil, errors.Annotatef(err, "cannot determine cached image URL")
}
templateParams = append(templateParams, "-T", imageURL)
caCert = manager.imageURLGetter.CACert()
}
err = createContainer(
lxcContainer,
directory,
networkConfig,
nil,
templateParams,
caCert,
)
if err != nil {
return nil, nil, errors.Trace(err)
}
}
if err := autostartContainer(name); err != nil {
return nil, nil, errors.Annotate(err, "failed to configure the container for autostart")
}
if err := mountHostLogDir(name, manager.logdir); err != nil {
return nil, nil, errors.Annotate(err, "failed to mount the directory to log to")
}
if storageConfig.AllowMount {
// Add config to allow loop devices to be mounted inside the container.
if err := allowLoopbackBlockDevices(name); err != nil {
return nil, nil, errors.Annotate(err, "failed to configure the container for loopback devices")
}
}
// Update the network settings inside the run-time config of the
// container (e.g. /var/lib/lxc/<name>/config) before starting it.
netConfig := generateNetworkConfig(networkConfig)
if err := updateContainerConfig(name, netConfig); err != nil {
return nil, nil, errors.Annotate(err, "failed to update network config")
}
configPath := containerConfigFilename(name)
logger.Tracef("updated network config in %q for container %q", configPath, name)
// Ensure the run-time config of the new container has correctly
// ordered network settings, otherwise Start() below will fail. We
// need this now because after lxc-create or lxc-clone the initial
// lxc.conf generated inside createContainer gets merged with
// other settings (e.g. system-wide overrides, changes made by
// hooks, etc.) and the result can still be incorrectly ordered.
// See LP bug #1414016.
if _, err := reorderNetworkConfig(configPath); err != nil {
return nil, nil, errors.Annotate(err, "failed to reorder network settings")
}
// To speed-up the initial container startup we pre-render the
// /etc/network/interfaces directly inside the rootfs. This won't
// work if we use AUFS snapshots, so it's disabled if useAUFS is
// true (for now).
if networkConfig != nil && len(networkConfig.Interfaces) > 0 {
interfacesFile := filepath.Join(LxcContainerDir, name, "rootfs", etcNetworkInterfaces)
if manager.useAUFS {
logger.Tracef("not pre-rendering %q when using AUFS-backed rootfs", interfacesFile)
} else {
data, err := containerinit.GenerateNetworkConfig(networkConfig)
if err != nil {
return nil, nil, errors.Annotatef(err, "failed to generate %q", interfacesFile)
}
if err := utils.AtomicWriteFile(interfacesFile, []byte(data), 0644); err != nil {
return nil, nil, errors.Annotatef(err, "cannot write generated %q", interfacesFile)
}
logger.Tracef("pre-rendered network config in %q", interfacesFile)
}
}
// Start the lxc container with the appropriate settings for
// grabbing the console output and a log file.
consoleFile := filepath.Join(directory, "console.log")
lxcContainer.SetLogFile(filepath.Join(directory, "container.log"), golxc.LogDebug)
logger.Tracef("start the container")
// We explicitly don't pass through the config file to the container.Start
// method as we have passed it through at container creation time. This
// is necessary to get the appropriate rootfs reference without explicitly
// setting it ourselves.
if err = lxcContainer.Start("", consoleFile); err != nil {
logger.Warningf("container failed to start %v", err)
// if the container fails to start we should try to destroy it
// check if the container has been constructed
if lxcContainer.IsConstructed() {
// if so, then we need to destroy the leftover container
if derr := lxcContainer.Destroy(); derr != nil {
// if an error is reported there is probably a leftover
// container that the user should clean up manually
logger.Errorf("container failed to start and failed to destroy: %v", derr)
return nil, nil, errors.Annotate(err, "container failed to start and failed to destroy: manual cleanup of containers needed")
}
logger.Warningf("container failed to start and was destroyed - safe to retry")
return nil, nil, errors.Wrap(err, instance.NewRetryableCreationError("container failed to start and was destroyed: "+lxcContainer.Name()))
}
logger.Warningf("container failed to start: %v", err)
return nil, nil, errors.Annotate(err, "container failed to start")
}
hardware := &instance.HardwareCharacteristics{
Arch: &version.Current.Arch,
}
return &lxcInstance{lxcContainer, name}, hardware, nil
}
func (manager *containerManager) CreateContainer(
instanceConfig *instancecfg.InstanceConfig,
cons constraints.Value,
series string,
networkConfig *container.NetworkConfig,
storageConfig *container.StorageConfig,
callback container.StatusCallback,
) (inst instance.Instance, _ *instance.HardwareCharacteristics, err error) {
defer func() {
if err != nil {
callback(status.ProvisioningError, fmt.Sprintf("Creating container: %v", err), nil)
}
}()
if manager.client == nil {
manager.client, err = ConnectLocal()
if err != nil {
err = errors.Annotatef(err, "failed to connect to local LXD")
return
}
}
err = manager.client.EnsureImageExists(series,
lxdclient.DefaultImageSources,
func(progress string) {
callback(status.Provisioning, progress, nil)
})
if err != nil {
err = errors.Annotatef(err, "failed to ensure LXD image")
return
}
name, err := manager.namespace.Hostname(instanceConfig.MachineId)
if err != nil {
return nil, nil, errors.Trace(err)
}
// Do not pass networkConfig, as we want to directly inject our own ENI
// rather than using cloud-init.
userData, err := containerinit.CloudInitUserData(instanceConfig, nil)
if err != nil {
return
}
metadata := map[string]string{
lxdclient.UserdataKey: string(userData),
// An extra piece of info to let people figure out where this
// thing came from.
"user.juju-model": manager.modelUUID,
// Make sure these come back up on host reboot.
"boot.autostart": "true",
}
nics, err := networkDevices(networkConfig)
if err != nil {
return
}
// TODO(macgreagoir) This might be dead code. Do we always get
// len(nics) > 0?
profiles := []string{}
if len(nics) == 0 {
logger.Infof("instance %q configured with %q profile", name, lxdDefaultProfileName)
profiles = append(profiles, lxdDefaultProfileName)
} else {
logger.Infof("instance %q configured with %v network devices", name, nics)
}
// Push the required /etc/network/interfaces file to the container.
// By pushing this file (which happens after LXD init, and before LXD
// start) we ensure that we get Juju's version of ENI, as opposed to
// the default LXD version, which may assume it can do DHCP over eth0.
// Especially on a multi-nic host, it is possible for MAAS to provide
// DHCP on a different space to that which the container eth0 interface
// will be bridged, or not provide DHCP at all.
eni, err := containerinit.GenerateNetworkConfig(networkConfig)
if err != nil {
err = errors.Annotatef(err, "failed to generate /etc/network/interfaces content")
return
}
spec := lxdclient.InstanceSpec{
Name: name,
Image: manager.client.ImageNameForSeries(series),
Metadata: metadata,
Devices: nics,
Profiles: profiles,
Files: lxdclient.Files{
lxdclient.File{
Content: []byte(eni),
Path: "/etc/network/interfaces",
GID: 0,
UID: 0,
Mode: 0644,
},
},
}
logger.Infof("starting instance %q (image %q)...", spec.Name, spec.Image)
callback(status.Provisioning, "Starting container", nil)
_, err = manager.client.AddInstance(spec)
if err != nil {
return
}
callback(status.Running, "Container started", nil)
inst = &lxdInstance{name, manager.client}
return
}