diff options
| -rw-r--r-- | interface-definitions/container.xml.in | 8 | ||||
| -rw-r--r-- | python/vyos/version.py | 4 | ||||
| -rw-r--r-- | smoketest/config-tests/container-simple | 1 | ||||
| -rw-r--r-- | smoketest/configs/container-simple | 1 | ||||
| -rwxr-xr-x | src/conf_mode/container.py | 11 |
5 files changed, 16 insertions, 9 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in index e7dacea36..2296a3e9e 100644 --- a/interface-definitions/container.xml.in +++ b/interface-definitions/container.xml.in @@ -15,9 +15,15 @@ <constraintErrorMessage>Container name must be alphanumeric and can contain hyphens</constraintErrorMessage> </properties> <children> + <leafNode name="allow-host-pid"> + <properties> + <help>Allow sharing host process namespace with container</help> + <valueless/> + </properties> + </leafNode> <leafNode name="allow-host-networks"> <properties> - <help>Allow host networks in container</help> + <help>Allow sharing host networking with container</help> <valueless/> </properties> </leafNode> diff --git a/python/vyos/version.py b/python/vyos/version.py index 47a10e201..86e96d0ec 100644 --- a/python/vyos/version.py +++ b/python/vyos/version.py @@ -33,11 +33,11 @@ import os import requests import vyos.defaults +from vyos.system.image import is_live_boot from vyos.utils.file import read_file from vyos.utils.file import read_json from vyos.utils.process import popen -from vyos.utils.process import run from vyos.utils.process import DEVNULL version_file = os.path.join(vyos.defaults.directories['data'], 'version.json') @@ -85,7 +85,7 @@ def get_full_version_data(fname=version_file): # In installed images, the squashfs image file is named after its image version, # while on livecd it's just "filesystem.squashfs", that's how we tell a livecd boot # from an installed image - if run(""" grep -e '^overlay.*/filesystem.squashfs' /proc/mounts >/dev/null """) == 0: + if is_live_boot(): boot_via = "livecd" else: boot_via = "installed image" diff --git a/smoketest/config-tests/container-simple b/smoketest/config-tests/container-simple index 299af64cb..cc80ef4cf 100644 --- a/smoketest/config-tests/container-simple +++ b/smoketest/config-tests/container-simple @@ -8,5 +8,6 @@ set container name c01 capability 'net-bind-service' set container name c01 capability 'net-raw' set container name c01 image 'busybox:stable' set container name c02 allow-host-networks +set container name c02 allow-host-pid set container name c02 capability 'sys-time' set container name c02 image 'busybox:stable' diff --git a/smoketest/configs/container-simple b/smoketest/configs/container-simple index 05efe05e9..82983afb7 100644 --- a/smoketest/configs/container-simple +++ b/smoketest/configs/container-simple @@ -7,6 +7,7 @@ container { } name c02 { allow-host-networks + allow-host-pid cap-add sys-time image busybox:stable } diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index a73a18ffa..91a10e891 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -329,9 +329,13 @@ def generate_run_arguments(name, container_config): prop = vol_config['propagation'] volume += f' --volume {svol}:{dvol}:{mode},{prop}' + host_pid = '' + if 'allow_host_pid' in container_config: + host_pid = '--pid host' + container_base_cmd = f'--detach --interactive --tty --replace {capabilities} ' \ f'--memory {memory}m --shm-size {shared_memory}m --memory-swap 0 --restart {restart} ' \ - f'--name {name} {hostname} {device} {port} {volume} {env_opt} {label} {uid}' + f'--name {name} {hostname} {device} {port} {volume} {env_opt} {label} {uid} {host_pid}' entrypoint = '' if 'entrypoint' in container_config: @@ -339,11 +343,6 @@ def generate_run_arguments(name, container_config): entrypoint = json_write(container_config['entrypoint'].split()).replace('"', """) entrypoint = f'--entrypoint '{entrypoint}'' - hostname = '' - if 'host_name' in container_config: - hostname = container_config['host_name'] - hostname = f'--hostname {hostname}' - command = '' if 'command' in container_config: command = container_config['command'].strip() |