* [pve-devel] SPAM: [PATCH v2 container 0/2] fix #3443: unique machine-id for containers @ 2021-05-26 14:18 Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH container 1/2] setup: clear /etc/machine-id for newly created containers Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone Oguz Bektas 0 siblings, 2 replies; 4+ messages in thread From: Oguz Bektas @ 2021-05-26 14:18 UTC (permalink / raw) To: pve-devel v1 -> v2: * remove crontab change * detect if container is using systemd * handle clones (truncate) Oguz Bektas (2): setup: clear /etc/machine-id for newly created containers clear machine-id also after container clone src/PVE/API2/LXC.pm | 19 ++++++++++++++++++- src/PVE/LXC/Setup.pm | 10 ++++++++++ src/PVE/LXC/Setup/Base.pm | 25 +++++++++++++++++++++++++ 3 files changed, 53 insertions(+), 1 deletion(-) -- 2.20.1 ^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH container 1/2] setup: clear /etc/machine-id for newly created containers 2021-05-26 14:18 [pve-devel] SPAM: [PATCH v2 container 0/2] fix #3443: unique machine-id for containers Oguz Bektas @ 2021-05-26 14:18 ` Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone Oguz Bektas 1 sibling, 0 replies; 4+ messages in thread From: Oguz Bektas @ 2021-05-26 14:18 UTC (permalink / raw) To: pve-devel this way when new containers are created they will have a unique /etc/machine-id Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> --- v1->v2: * incorporated thomas' suggestions src/PVE/LXC/Setup.pm | 10 ++++++++++ src/PVE/LXC/Setup/Base.pm | 25 +++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/src/PVE/LXC/Setup.pm b/src/PVE/LXC/Setup.pm index 8b8fee9..c31a164 100644 --- a/src/PVE/LXC/Setup.pm +++ b/src/PVE/LXC/Setup.pm @@ -352,6 +352,16 @@ sub pre_start_hook { $self->protected_call($code); } +sub clear_machine_id { + my ($self, $conf, $clone) = @_; + + my $code = sub { + $self->{plugin}->clear_machine_id($self->{conf}, $clone); + }; + $self->protected_call($code); + +} + sub post_create_hook { my ($self, $root_password, $ssh_keys) = @_; diff --git a/src/PVE/LXC/Setup/Base.pm b/src/PVE/LXC/Setup/Base.pm index d73335b..21074b7 100644 --- a/src/PVE/LXC/Setup/Base.pm +++ b/src/PVE/LXC/Setup/Base.pm @@ -476,6 +476,30 @@ sub set_timezone { } } +sub clear_machine_id { + my ($self, $conf, $clone) = @_; + + my $uses_systemd = $self->ct_is_executable("/lib/systemd/systemd") + || $self->ct_is_executable("/usr/lib/systemd/systemd"); + + my $dbus_machine_id_path = "/var/lib/dbus/machine-id"; + my $machine_id_path = "/etc/machine-id"; + if ( + $self->ct_file_exists($dbus_machine_id_path) + && !$self->ct_is_symlink($dbus_machine_id_path) + && $uses_systemd + ) { + $self->ct_unlink($dbus_machine_id_path); + } + + # don't remove file if container is being cloned + if ($clone) { + $self->ct_file_set_contents($machine_id_path, "\n"); + } else { + $self->ct_unlink($machine_id_path); + } +} + sub pre_start_hook { my ($self, $conf) = @_; @@ -491,6 +515,7 @@ sub pre_start_hook { sub post_create_hook { my ($self, $conf, $root_password, $ssh_keys) = @_; + $self->clear_machine_id($conf); $self->template_fixup($conf); &$randomize_crontab($self, $conf); -- 2.20.1 ^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone 2021-05-26 14:18 [pve-devel] SPAM: [PATCH v2 container 0/2] fix #3443: unique machine-id for containers Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH container 1/2] setup: clear /etc/machine-id for newly created containers Oguz Bektas @ 2021-05-26 14:18 ` Oguz Bektas 2021-05-27 5:37 ` Fabian Grünbichler 1 sibling, 1 reply; 4+ messages in thread From: Oguz Bektas @ 2021-05-26 14:18 UTC (permalink / raw) To: pve-devel pass $clone=1 to avoid removing the file. instead we truncate it to an empty file Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> --- src/PVE/API2/LXC.pm | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm index a9ea3a6..413f466 100644 --- a/src/PVE/API2/LXC.pm +++ b/src/PVE/API2/LXC.pm @@ -1594,7 +1594,24 @@ __PACKAGE__->register_method({ }; PVE::Firewall::clone_vmfw_conf($vmid, $newid); - return $rpcenv->fork_worker('vzclone', $vmid, $authuser, $realcmd); + + my $task = eval { + return $rpcenv->fork_worker('vzclone', $vmid, $authuser, $realcmd); + }; + if (my $err = $@) { + warn $@ if $@; + die $err; + } + + my $lastconf = PVE::LXC::Config->load_config($newid); + my $rootdir = PVE::LXC::mount_all($newid, $storecfg, $lastconf, 1); + my $lxc_setup = PVE::LXC::Setup->new($lastconf, $rootdir); + $lxc_setup->clear_machine_id($lastconf, 1); + PVE::LXC::umount_all($newid, $storecfg, $lastconf, 1); + + return $task; + + }}); -- 2.20.1 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone 2021-05-26 14:18 ` [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone Oguz Bektas @ 2021-05-27 5:37 ` Fabian Grünbichler 0 siblings, 0 replies; 4+ messages in thread From: Fabian Grünbichler @ 2021-05-27 5:37 UTC (permalink / raw) To: Proxmox VE development discussion On May 26, 2021 4:18 pm, Oguz Bektas wrote: > pass $clone=1 to avoid removing the file. instead we truncate it to an > empty file > > Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> > --- > > src/PVE/API2/LXC.pm | 19 ++++++++++++++++++- > 1 file changed, 18 insertions(+), 1 deletion(-) > > diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm > index a9ea3a6..413f466 100644 > --- a/src/PVE/API2/LXC.pm > +++ b/src/PVE/API2/LXC.pm > @@ -1594,7 +1594,24 @@ __PACKAGE__->register_method({ > }; > > PVE::Firewall::clone_vmfw_conf($vmid, $newid); > - return $rpcenv->fork_worker('vzclone', $vmid, $authuser, $realcmd); > + > + my $task = eval { > + return $rpcenv->fork_worker('vzclone', $vmid, $authuser, $realcmd); this forks the task worker that does the actual cloning of mountpoints/volumes, so after this point that code ($realcmd) will run concurrent to the rest of the API worker itself handling the request. doing anything after forking the task worker is almost always wrong. > + }; > + if (my $err = $@) { > + warn $@ if $@; > + die $err; > + } > + > + my $lastconf = PVE::LXC::Config->load_config($newid); this config might or might not contain any of the updated/cloned volumes, this is entirely up to the speed of cloning > + my $rootdir = PVE::LXC::mount_all($newid, $storecfg, $lastconf, 1); so this might or might not mount anything? > + my $lxc_setup = PVE::LXC::Setup->new($lastconf, $rootdir); > + $lxc_setup->clear_machine_id($lastconf, 1); > + PVE::LXC::umount_all($newid, $storecfg, $lastconf, 1); in which case this might or might not do anything > + > + return $task; why do you not simply clear the machine ID at the end of the task worker? > + > + > }}); > > > -- > 2.20.1 > > > _______________________________________________ > pve-devel mailing list > pve-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > > > ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-05-27 5:37 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-05-26 14:18 [pve-devel] SPAM: [PATCH v2 container 0/2] fix #3443: unique machine-id for containers Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH container 1/2] setup: clear /etc/machine-id for newly created containers Oguz Bektas 2021-05-26 14:18 ` [pve-devel] [PATCH v2 container 2/2] clear /etc/machine-id also after container clone Oguz Bektas 2021-05-27 5:37 ` Fabian Grünbichler
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox