From 017246768e097c5fcd5283e23f19f075ff9f9d4e Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 14 Jul 2016 15:01:23 -0400 Subject: [PATCH] Add support for use of ext4 in containers By default, LXD won't allow an unpriviledged container to format and mount a block device, so although a block device can be passed to a container, its not possible to use it from inside the container. Add a configuration flag to turn on support for use of ext4 within user namespaces, allow unpriviledged LXD containers to format and mount ext4 formatted block devices from inside of the container. Change-Id: I8eace1e7b7d4db14a3dc9f82080ac1b0ca29e892 --- config.yaml | 6 +++++- hooks/lxd_utils.py | 9 +++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/config.yaml b/config.yaml index 2bef7a8..8dd2f6f 100644 --- a/config.yaml +++ b/config.yaml @@ -40,4 +40,8 @@ options: type: boolean default: False description: Use LXD source from github. - + enable-ext4-userns: + type: boolean + default: false + description: | + Enable use of EXT4 in LXD containers for block storage support. diff --git a/hooks/lxd_utils.py b/hooks/lxd_utils.py index 52b4f77..a66d3db 100644 --- a/hooks/lxd_utils.py +++ b/hooks/lxd_utils.py @@ -97,6 +97,7 @@ LXD_GIT = 'github.com/lxc/lxd' DEFAULT_LOOPBACK_SIZE = '10G' PW_LENGTH = 16 ZFS_POOL_NAME = 'lxd' +EXT4_USERNS_MOUNTS = "/sys/module/ext4/parameters/userns_mounts" def install_lxd(): @@ -416,12 +417,20 @@ def configure_lxd_host(): 'core.https_address', '[::]'] check_call(cmd) + # configure live migration if ubuntu_release == 'xenial': apt_install('linux-image-extra-%s' % os.uname()[2], fatal=True) if ubuntu_release >= 'xenial': modprobe('netlink_diag') + + if os.path.exists(EXT4_USERNS_MOUNTS): + with open(EXT4_USERNS_MOUNTS, 'w') as userns_mounts: + userns_mounts.write( + 'Y\n' if config('enable-ext4-userns') else 'N\n' + ) + elif ubuntu_release == "vivid": log('Vivid deployment - loading overlay kernel module', level=INFO) cmd = ['modprobe', 'overlay']