Config fix ups

Signed-off-by: Chuck Short <chuck.short@canonical.com>

etc/lxd/lxd.template

@@ -0,0 +1,18 @@
+# Distribution configuration
+lxc.include = {{lxd_common_config}}
+lxc.include = {{lxd_userns_config}}
+lxc.arch = x86_64
+
+# Container specific configuration
+lxc.id_map = u 0 {{lxd_user}} {{lxd_uoffset}}
+lxc.id_map = g 0 {{lxd_group}} {{lxd_goffset}}
+lxc.rootfs = {{lxd_rootfs}}
+lxc.utsname = {{lxd_name}}
+lxc.logfile = {{lxd_logfile}}
+lxc.console.logfile {{lxd_console_file}}
+
+# Container network
+lxc.network.type = veth
+lxc.network.hwaddr = {{lxd_mac_addr}}
+lxc.network.link = {{lxd_network_link}}
+

etc/nova/rootwrap.d/lxd.filters

@@ -2,6 +2,5 @@
 # This file should be owned by (and only-writable by) the root user
 
 [Filters]
-cgm: CommandFilter, cgm, root
 lxc-usernet-manage: CommandFilter, lxc-usernet-manage, root
 btrfs: CommandFilter, btrfs, root

nclxd/nova/virt/lxd/client.py

@@ -130,7 +130,7 @@ class Client(object):
 
     def destroy(self, name):
         container_delete = False
-        resp = self._make_request('DELETE', '/1.0/containers/%s' % name )
+        resp = self._make_request('DELETE', '/1.0/containers/%s' % name)
         if resp.status == 202:
             container_delete = True
         return container_delete

nclxd/nova/virt/lxd/config.py

@@ -14,12 +14,15 @@
 
 import os
 
+import jinja2
+
 from oslo.config import cfg
 from nova.i18n import _LW, _
 
 from nova import exception
 from nova import utils
 
+from . import utils as container_utils
 
 from nova.openstack.common import log as logging
 
@@ -28,49 +31,66 @@ LOG = logging.getLogger(__name__)
 
 
 class LXDSetConfig(object):
-    def __init__(self, container, instance, idmap, image_meta, network_info):
+    def __init__(self, container, instance, image_meta, network_info):
         self.container = container
         self.instance = instance
-        self.idmap = idmap
         self.image_meta = image_meta
         self.network_info = network_info
 
         self.config = {}
 
     def write_config(self):
-        lxc_template = self._get_lxc_template()
+        lxc_template = self.get_lxd_template()
         if lxc_template:
-            self._write_lxc_template(lxc_template)
-            self.container.load_config()
-            self.config_lxc_name()
-            self.config_lxc_rootfs()
-            self.config_lxc_user()
-            self.config_lxc_logging()
-            self.config_lxc_network()
-            self.config_lxc_console()
-            self.config_lxc_limits()
-            self.container.save_config()
+            net = self.config_lxd_network()
+            (user, uoffset) = container_utils.parse_subfile(CONF.lxd.lxd_default_user,
+                                                            '/etc/sbuid')
+            (group, goffset) = container_utils.parse_subfile(CONF.lxd.lxd_default_user,
+                                                             '/etc/subgid')
+            self.config = {
+                'lxd_common_config': '%s/%s.common.conf' % (CONF.lxd.lxd_config_dir,
+                                                                       lxc_template),
+                'lxd_userns_config': '%s/%s.userns.conf' % (CONF.lxd.lxd_config_dir,
+                                                            lxc_template),
+                'lxd_rootfs': self.config_lxd_rootfs(),
+                'lxd_name': self.config_lxd_name(),
+                'lxd_logfile': self.config_lxd_logging(),
+                'lxd_console_file': self.config_lxd_console(),
+                'lxd_mac_addr': net['mac'],
+                'lxd_network_link': net['link'],
+                'lxd_user': user,
+                'lxd_uoffset': uoffset,
+                'lxd_group': group,
+                'lxd_goffset': goffset
+            }
 
-    def config_lxc_name(self):
+        tmpl_path, tmpl_file = os.path.split(CONF.lxd.lxd_config_template)
+        env = jinja2.Environment(loader=jinja2.FileSystemLoader(tmpl_path),
+                                 trim_blocks=True)
+        template = env.get_template(tmpl_file)
+        tmpl = template.render(self.config)
+        config_file = container_utils.get_container_config(self.instance)
+        f = open(config_file, 'w')
+        f.write(tmpl)
+        f.close()
+
+    def config_lxd_name(self):
         if self.instance:
-            self.container.append_config_item('lxc.utsname',
-                                 self.instance['uuid'])
+            return self.instance['uuid']
 
-    def config_lxc_rootfs(self):
-        container_rootfs = self._get_container_rootfs()
+    def config_lxd_rootfs(self):
+        container_rootfs = container_utils.get_container_rootfs(self.instance)
         if not os.path.exists(container_rootfs):
             msg = _('Container rootfs not found')
             raise exception.InstanceNotReady(msg)
 
-        self.container.append_config_item('lxc.rootfs', container_rootfs)
+        return container_rootfs
 
-    def config_lxc_logging(self):
-        self.container.append_config_item(
-            'lxc.logfile',
-            self._get_container_logfile()
-        )
+    def config_lxd_logging(self):
+        return container_utils.get_container_logfile(self.instance)
 
-    def config_lxc_network(self):
+    def config_lxd_network(self):
+        net = {}
         if self.network_info:
             # NOTE(jamespage) this does not deal with multiple nics.
             for vif in self.network_info:
@@ -82,59 +102,27 @@ class LXDSetConfig(object):
             if vif_type == 'ovs':
                 bridge = 'qbr%s' % vif_id
 
-            self.container.append_config_item('lxc.network.type', 'veth')
-            self.container.append_config_item('lxc.network.hwaddr', mac)
-            self.container.append_config_item('lxc.network.link', bridge)
+            net = {'mac': mac,
+                   'link': bridge}
+        return net
 
-    def config_lxc_console(self):
-        self.container.append_config_item(
-            'lxc.console.logfile',
-            self._get_container_console()
-        )
+    def config_lxd_console(self):
+        return container_utils.get_container_console(self.instance)
 
-
-    def config_lxc_limits(self):
+    def config_lxd_limits(self):
         pass
 
-    def config_lxc_user(self):
-        for ent in self.idmap.lxc_conf_lines():
-           self.container.append_config_item(*ent)
-
-    def _get_lxc_template(self):
+    def get_lxd_template(self):
         LOG.debug('Fetching LXC template')
 
         templates = []
         if (self.image_meta and
                 self.image_meta.get('properties', {}).get('template')):
-            lxc_template = self.image_meta['propeties'].get('template')
+            lxc_template = self.image_meta['properties'].get('template')
         else:
             lxc_template = CONF.lxd.lxd_default_template
         path = os.listdir(CONF.lxd.lxd_template_dir)
         for line in path:
             templates.append(line.replace('lxc-', ''))
         if lxc_template in templates:
-            return lxc_template
-
-    def _write_lxc_template(self, template_name):
-        config_file = self._get_container_config()
-        f = open(config_file, 'w')
-        f.write('lxc.include = %s/%s.common.conf\n' % (CONF.lxd.lxd_config_dir,
-                                                       template_name))
-        f.write('lxc.include = %s/%s.userns.conf\n' % (CONF.lxd.lxd_config_dir,
-                                                       template_name))
-        f.close()
-
-    def _get_container_config(self):
-        return os.path.join(CONF.lxd.lxd_root_dir, self.instance['uuid'], 'config')
-
-
-    def _get_container_rootfs(self):
-        return os.path.join(CONF.lxd.lxd_root_dir, self.instance['uuid'], 'rootfs')
-
-    def _get_container_logfile(self):
-        return os.path.join(CONF.lxd.lxd_root_dir, self.instance['uuid'],
-                        'container.logfile')
-
-    def _get_container_console(self):
-        return os.path.join(CONF.lxd.lxd_root_dir, self.instance['uuid'],
-                        'container.console')
+            return lxc_template

nclxd/nova/virt/lxd/container.py

@@ -13,13 +13,11 @@
 #    under the License.
 
 import os
-import pwd
-import uuid
 
 import lxc
 
 from oslo.config import cfg
-from oslo.utils import importutils, units
+from oslo.utils import units
 
 from nova.i18n import _, _LW, _LE, _LI
 from nova.openstack.common import log as logging
@@ -48,13 +46,12 @@ class Container(object):
         self.virtapi = virtapi
         self.firewall_driver = firewall
 
-        self.idmap = container_utils.LXCUserIdMap()
         self.vif_driver = vif.LXDGenericDriver()
 
     def init_container(self):
         if not os.path.exists(CONF.lxd.lxd_socket):
             msg = _('LXD is not running.')
-            raise exception(msg)
+            raise Exception(msg)
 
     def get_console_log(self, instance):
         console_log = os.path.join(CONF.lxd.lxd_root_dir,
@@ -91,7 +88,6 @@ class Container(object):
         container = lxc.Container(instance_name)
         container.set_config_path(CONF.lxd.lxd_root_dir)
 
-        info = {}
         if self.client.running(instance['uuid']):
             pstate = power_state.RUNNING
         else:
@@ -133,7 +129,7 @@ class Container(object):
         self.client.start(instance['uuid'])
 
     def _write_config(self, container, instance, network_info, image_meta):
-        self.config = config.LXDSetConfig(container, instance, self.idmap,
+        self.config = config.LXDSetConfig(container, instance,
                                           image_meta, network_info)
         self.config.write_config()
 

nclxd/nova/virt/lxd/driver.py

@@ -22,7 +22,6 @@ Nova LXD Driver
 """
 
 import socket
-import contextlib
 import multiprocessing
 
 from oslo.utils import units
@@ -62,8 +61,8 @@ lxd_opts = [
                default='ubuntu-cloud',
                help='Default LXC template'),
     cfg.StrOpt('lxd_config_template',
-               default='/etc/lxd/config.tmpl',
-               help='container config'),
+               default='/etc/lxd/lxd.template',
+               help='container config template'),
     cfg.StrOpt('lxd_template_dir',
                default='/usr/share/lxc/templates',
                help='Default template directory'),

nclxd/nova/virt/lxd/utils.py

@@ -38,63 +38,29 @@ def write_lxc_usernet(instance, bridge, user=None, count=1):
     utils.execute('lxc-usernet-manage', 'set', user, bridge, str(count),
                   run_as_root=True, check_exit_code=[0])
 
-
-class LXCIdMap(object):
-
-    def __init__(self, ustart, unum, gstart, gnum):
-        self.ustart = int(ustart)
-        self.unum = int(unum)
-        self.gstart = int(gstart)
-        self.gnum = int(gnum)
-
-    def usernsexec_margs(self, with_read=None):
-        if with_read:
-            if with_read == "user":
-                with_read = os.getuid()
-            unum = self.unum - 1
-            rflag = ['-m', 'u:%s:%s:1' % (self.ustart + self.unum, with_read)]
-            print(
-                "================ rflag: %s ==================" %
-                (str(rflag)))
-        else:
-            unum = self.unum
-            rflag = []
-
-        return ['-m', 'u:0:%s:%s' % (self.ustart, unum),
-                '-m', 'g:0:%s:%s' % (self.gstart, self.gnum)] + rflag
-
-    def lxc_conf_lines(self):
-        return (('lxc.id_map', 'u 0 %s %s' % (self.ustart, self.unum)),
-                ('lxc.id_map', 'g 0 %s %s' % (self.gstart, self.gnum)))
-
-    def get_user(self):
-        return (self.ustart, self.gstart)
-
-
-class LXCUserIdMap(LXCIdMap):
-
-    def __init__(self, user=None, group=None, subuid_f="/etc/subuid",
-                 subgid_f="/etc/subgid"):
-        if user is None:
-            user = pwd.getpwuid(os.getuid())[0]
-        if group is None:
-            group = grp.getgrgid(os.getgid()).gr_name
-
-        def parse_sfile(fname, name):
-            line = None
-            with open(fname, "r") as fp:
-                for cline in fp:
-                    if cline.startswith(name + ":"):
-                        line = cline
-                        break
+def parse_subfile(name, fname):
+    line = None
+    with open(fname, "r") as fp:
+        for cline in fp:
+            if cline.startswith(name + ":"):
+                line = cline
+                break
             if line is None:
                 raise ValueError("%s not found in %s" % (name, fname))
             toks = line.split(":")
-            return (toks[1], toks[2])
+    return (toks[1], toks[2])
 
-        ustart, unum = parse_sfile(subuid_f, user)
-        gstart, gnum = parse_sfile(subgid_f, group)
+def get_container_config(instance):
+    return os.path.join(CONF.lxd.lxd_root_dir, instance['uuid'], 'config')
 
-        self.user = user
-        self.group = group
-        super(LXCUserIdMap, self).__init__(ustart, unum, gstart, gnum)
+
+def get_container_rootfs(instance):
+    return os.path.join(CONF.lxd.lxd_root_dir,instance['uuid'], 'rootfs')
+
+def get_container_logfile(instance):
+        return os.path.join(CONF.lxd.lxd_root_dir, instance['uuid'],
+                        'container.logfile')
+
+def get_container_console(instance):
+    return os.path.join(CONF.lxd.lxd_root_dir, instance['uuid'],
+                        'container.console')