Commit c3656af5 authored by Pascal Meunier's avatar Pascal Meunier

reimplement capability to mount arbitrary fs paths like /data subdirectories...

reimplement capability to mount arbitrary fs paths like /data subdirectories inside tool containers.  Also socat for filexfer forwarding to tool container instead of service container
parent 523d8058
......@@ -1874,7 +1874,16 @@ class ContainerDocker(Container):
if p.returncode != 0:
raise MaxwellError("Unable to start VNC server: %s%s" %(stdout, stderr))
# def start_filexfer(self): Use parent's version
def start_filexfer(self):
"""Start a socat forwarder for filexfer. We never kill it.
If we can't start one, that means there's already one running.
Docker difference: connect to tool container, not service container.
Consider instead adding a firewall rule like:
iptables -t nat -A PREROUTING -i extif -p tcp --dport port --to-destination self.tool_container_IP:port
"""
port = self.veid + self.k["FILEXFER_PORTS"]
os.system("socat tcp4-listen:%d,fork,reuseaddr,linger=0 tcp4:%s:%d > /dev/null 2>&1 &"
% (port, self.tool_container_IP, port))
def __is_running(self, name):
"""
......@@ -2226,7 +2235,13 @@ class ContainerDocker(Container):
gid = groupinfo[2]
args += ['-e', "group_%s=%s:x:%d:%s\n" % (defgroup.replace('-', '_'), defgroup, gid, user)]
# mount user's home directory
args += ['-v', account.ext_homedir() + ':' + account.homedir]
# extra mount points
if 'EXTRA_MOUNT_PATHS' in self.k:
for mnt_pt in self.k['EXTRA_MOUNT_PATHS']:
args += ['-v', mnt_pt[0] + ':' + mnt_pt[1]]
# USER environment variable used for xauth operation
# Can't use the --user option because we need root to setup account and group information
args += ['-e', 'USER='+user]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment