Commit ff19b420 authored by Pascal Meunier's avatar Pascal Meunier

reimplemented Username-based mounts for Docker; implemented support for Docker add-host option

parent 57d9d6c0
......@@ -2164,6 +2164,12 @@ class ContainerDocker(Container):
# cleanup: don't keep image around after it's done
# detached execution so container keeps running after tool is done
args += ['--rm', '-d']
# example add-host options:
# args += ['--add-host=datacenterhub.org:10.111.11.100']
# args += ['--add-host=dev.datacenterhub.org:10.111.13.100']
if 'DOCKER_ADD_HOSTS' in self.k:
for h in self.k['DOCKER_ADD_HOSTS']:
args += ['--add-host=' + h ]
# mount Xvnc volume for weber tools that verify the vnc password and so need to read /var/run/Xvnc/passwd-*
args += ['-v', '%d.Xvnc:/var/run/Xvnc' % self.veid]
# connect to toolnet
......@@ -2280,6 +2286,28 @@ class ContainerDocker(Container):
if not os.path.exists(source_mount):
continue
args += ['-v', source_mount + ':' + source_mount]
# Username-based mounts
# uses bind mounts from an already mounted filesystem, which has a directory for each user
# the mounted directory is the username
if self.k["USER_MOUNT"]:
for mount_pt in self.k["USER_MOUNT_POINTS"]:
# mount_pt must already exist
if not os.path.exists(mount_pt):
log("Mount point '%s' does not exist" % mount_pt)
continue
source_mount = mount_pt + user
# check if source exists
if not os.path.exists(source_mount):
# create it as the user, not root
mk_args = ['/bin/su', user, '-c', "mkdir -m 0700 " + source_mount]
p = subprocess.Popen(mk_args)
p.communicate()
if p.returncode != 0:
if VERBOSE:
log("Warning: '%s' did not exist, could not create it as user '%s', so will not be mounted\n" % (source_mount, user))
continue
args += ['-v', source_mount + ':' + source_mount]
# Mount public project file areas
# can be a different path from user membership-based mounts
if "PROJECT_PUBLIC_MOUNT" in self.k and self.k["PROJECT_PUBLIC_MOUNT"]:
......@@ -2319,6 +2347,7 @@ class ContainerDocker(Container):
# memory-swap must be >= memory
if 'DOCKER_MEM_SWAP' in self.k:
args += ['--memory-swap', self.k["DOCKER_MEM_SWAP"]]
# don't use this Docker option, it results in unresponsive containers: args += ['--oom-kill-disable']
if 'DOCKER_MEM_RESERVATION' in self.k:
args += ['--memory-reservation', self.k["DOCKER_MEM_RESERVATION"]]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment