diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-01-21 14:09:20 +0100 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2023-01-21 14:09:20 +0100 |
| commit | 275ea7303cfdb79c042da1b710622aee17a488a8 (patch) | |
| tree | c027f6e629a4eea51d0ddc3887b9eb3f3f7165ee /src/conf_mode | |
| parent | 1e2238e3870309f48506a25c730661936b09a9d1 (diff) | |
| download | vyos-1x-275ea7303cfdb79c042da1b710622aee17a488a8.tar.gz vyos-1x-275ea7303cfdb79c042da1b710622aee17a488a8.zip | |
container: T4947: support mounting container volumes as ro or rw
Whenever a container is used and a folder is mounted, this happenes as
read-write which is the default in Docker/Podman - so is the default in VyOS.
A new option is added "set container name foo volume mode <ro|rw>" to specify
explicitly if rw (default) or ro should be used for this mounted folder.
Diffstat (limited to 'src/conf_mode')
| -rwxr-xr-x | src/conf_mode/container.py | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index 7567444db..08861053d 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -75,6 +75,8 @@ def get_config(config=None): default_values = defaults(base + ['name']) if 'port' in default_values: del default_values['port'] + if 'volume' in default_values: + del default_values['volume'] for name in container['name']: container['name'][name] = dict_merge(default_values, container['name'][name]) @@ -85,6 +87,13 @@ def get_config(config=None): default_values = defaults(base + ['name', 'port']) container['name'][name]['port'][port] = dict_merge( default_values, container['name'][name]['port'][port]) + # XXX: T2665: we can not safely rely on the defaults() when there are + # tagNodes in place, it is better to blend in the defaults manually. + if 'volume' in container['name'][name]: + for volume in container['name'][name]['volume']: + default_values = defaults(base + ['name', 'volume']) + container['name'][name]['volume'][volume] = dict_merge( + default_values, container['name'][name]['volume'][volume]) # Delete container network, delete containers tmp = node_changed(conf, base + ['network']) @@ -245,7 +254,7 @@ def generate_run_arguments(name, container_config): env_opt = '' if 'environment' in container_config: for k, v in container_config['environment'].items(): - env_opt += f" -e \"{k}={v['value']}\"" + env_opt += f" --env \"{k}={v['value']}\"" # Publish ports port = '' @@ -255,7 +264,7 @@ def generate_run_arguments(name, container_config): protocol = container_config['port'][portmap]['protocol'] sport = container_config['port'][portmap]['source'] dport = container_config['port'][portmap]['destination'] - port += f' -p {sport}:{dport}/{protocol}' + port += f' --publish {sport}:{dport}/{protocol}' # Bind volume volume = '' @@ -263,7 +272,8 @@ def generate_run_arguments(name, container_config): for vol, vol_config in container_config['volume'].items(): svol = vol_config['source'] dvol = vol_config['destination'] - volume += f' -v {svol}:{dvol}' + mode = vol_config['mode'] + volume += f' --volume {svol}:{dvol}:{mode}' container_base_cmd = f'--detach --interactive --tty --replace {cap_add} ' \ f'--memory {memory}m --shm-size {shared_memory}m --memory-swap 0 --restart {restart} ' \ |