summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsever-sever <v.gletenko@vyos.io>2021-04-23 13:11:45 +0000
committersever-sever <v.gletenko@vyos.io>2021-04-27 09:25:30 +0000
commitb141b56e6779644826129cf0899a87f28058c7ea (patch)
tree3173ec0d09fefe3c5649b1d358c43c1915a5b5d0
parent821d9e4d36d7520973d6f2cd146feebb9918227a (diff)
downloadvyos-1x-b141b56e6779644826129cf0899a87f28058c7ea.tar.gz
vyos-1x-b141b56e6779644826129cf0899a87f28058c7ea.zip
container: T2216: Add binding for ports and volumes
-rw-r--r--interface-definitions/containers.xml.in75
-rwxr-xr-xsrc/conf_mode/containers.py26
-rwxr-xr-xsrc/validators/port-range19
3 files changed, 118 insertions, 2 deletions
diff --git a/interface-definitions/containers.xml.in b/interface-definitions/containers.xml.in
index 47b41c834..6fc53c105 100644
--- a/interface-definitions/containers.xml.in
+++ b/interface-definitions/containers.xml.in
@@ -64,6 +64,81 @@
</leafNode>
</children>
</tagNode>
+ <tagNode name="port">
+ <properties>
+ <help>Publish port to the container</help>
+ </properties>
+ <children>
+ <leafNode name="source">
+ <properties>
+ <help>Source host port</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Source host port</description>
+ </valueHelp>
+ <valueHelp>
+ <format>start-end</format>
+ <description>Source host port range (e.g. 10025-10030)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="port-range"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="destination">
+ <properties>
+ <help>Destination container port</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Destination container port</description>
+ </valueHelp>
+ <valueHelp>
+ <format>start-end</format>
+ <description>Destination container port range (e.g. 10025-10030)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="port-range"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="protocol">
+ <properties>
+ <help>Protocol tcp/udp</help>
+ <completionHelp>
+ <list>tcp udp</list>
+ </completionHelp>
+ <constraint>
+ <regex>^(tcp|udp)$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ <tagNode name="volume">
+ <properties>
+ <help>Mount a volume into the container</help>
+ </properties>
+ <children>
+ <leafNode name="source">
+ <properties>
+ <help>Source host directory</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Source host directory</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="destination">
+ <properties>
+ <help>Destination container directory</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Destination container directory</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
</children>
</tagNode>
<tagNode name="network">
diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py
index 9b7a52d26..5efdb6a2f 100755
--- a/src/conf_mode/containers.py
+++ b/src/conf_mode/containers.py
@@ -221,14 +221,36 @@ def apply(container):
env_opt = '-e '
env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items())
+ # Publish ports
+ port = ''
+ if 'port' in container_config:
+ protocol = ''
+ for portmap in container_config['port']:
+ if 'protocol' in container_config['port'][portmap]:
+ protocol = container_config['port'][portmap]['protocol']
+ protocol = f'/{protocol}'
+ else:
+ protocol = '/tcp'
+ sport = container_config['port'][portmap]['source']
+ dport = container_config['port'][portmap]['destination']
+ port += f' -p {sport}:{dport}{protocol}'
+
+ # Bind volume
+ volume = ''
+ if 'volume' in container_config:
+ for vol in container_config['volume']:
+ svol = container_config['volume'][vol]['source']
+ dvol = container_config['volume'][vol]['destination']
+ volume += f' -v {svol}:{dvol}'
+
if 'allow_host_networks' in container_config:
- _cmd(f'podman run -dit --name {name} --net host {env_opt} {image}')
+ _cmd(f'podman run -dit --name {name} --net host {port} {volume} {env_opt} {image}')
else:
for network in container_config['network']:
ipparam = ''
if 'address' in container_config['network'][network]:
ipparam = '--ip ' + container_config['network'][network]['address']
- _cmd(f'podman run --name {name} -dit --net {network} {ipparam} {env_opt} {image}')
+ _cmd(f'podman run --name {name} -dit --net {network} {ipparam} {port} {volume} {env_opt} {image}')
# Else container is already created. Just start it.
# It's needed after reboot.
diff --git a/src/validators/port-range b/src/validators/port-range
new file mode 100755
index 000000000..abf0b09d5
--- /dev/null
+++ b/src/validators/port-range
@@ -0,0 +1,19 @@
+#!/usr/bin/python3
+
+import sys
+import re
+
+if __name__ == '__main__':
+ if len(sys.argv)>1:
+ port_range = sys.argv[1]
+ if re.search('[0-9]{1,5}-[0-9]{1,5}', port_range):
+ for tmp in port_range.split('-'):
+ if int(tmp) not in range(1, 65535):
+ sys.exit(1)
+ else:
+ if int(port_range) not in range(1, 65535):
+ sys.exit(1)
+ else:
+ sys.exit(2)
+
+ sys.exit(0)