F #4089: Add checks to fc operations. CentOS7 support

share/sudoers/sudoers.rb

@@ -51,7 +51,8 @@ class Sudoers
                 'arping',
                 'ip'
             ],
-            :MARKET => %W[#{lib_location}/sh/create_container_image.sh]
+            :MARKET => %W[#{lib_location}/sh/create_container_image.sh],
+            :FC     => %w[/usr/bin/jailer mount umount rmdir cp mkdir rm]
         }
     end
 

src/vmm_mad/remotes/firecracker/shutdown

@@ -27,16 +27,26 @@ vm_id = ARGV[2]
 xml = STDIN.read
 
 # TODO, custom socket path for client
-# rubocop:disable Layout/LineLength
-client = FirecrackerClient.new("/srv/jailer/firecracker/one-#{vm_id}/root/api.socket")
-# rubocop:enable Layout/LineLength
+died = false
+
+begin
+    socket = "/srv/jailer/firecracker/one-#{vm_id}/root/api.socket"
+    client = FirecrackerClient.new(socket)
+rescue
+    died = true
+end
+
 microvm = MicroVM.new_from_xml(xml, client)
 
 # Stop VNC
 microvm.vnc('stop')
 
-rc = microvm.shutdown
+if !died
+    rc = microvm.shutdown
+    exit(-1) unless rc
+end
 
-rc = microvm.clean if rc
+microvm.clean
+
+exit (0)
 
-exit(-1) unless rc

src/vmm_mad/remotes/lib/firecracker/microvm.rb

@@ -146,6 +146,7 @@ class MicroVM
         next while !File.read(path).empty? && (Time.now - t_start < timeout)
 
         File.read(path).empty?
+    rescue Errno::ENOENT
     end
 
     #---------------------------------------------------------------------------
@@ -191,9 +192,12 @@ class MicroVM
     def create
         cmd = ''
 
+        #TODO: make screen oprions configurable to support different versions
+        #TODO: make screen configurable to enable use of tmux etc..
         if @one.vnc?
-            cmd << "screen -L -Logfile /tmp/fc-log-#{@one.vm_id} " \
-                   "-dmS #{@one.vm_name} "
+            cmd << "screen -L"
+            cmd << " -Logfile /tmp/fc-log-#{@one.vm_id}" if false
+            cmd << " -dmS #{@one.vm_name}"
         end
 
         # Build jailer command paramas

src/vmm_mad/remotes/lib/firecracker/opennebula_vm.rb

@@ -196,7 +196,7 @@ class OpenNebulaVM
                 'drive_id'       => "disk.#{disk_id}",
                 'path_on_host'   => "disk.#{disk_id}",
                 'is_root_device' => rootfs_id == disk_id,
-                'is_read_only'   => n['READONLY'].casecmp?('yes')
+                'is_read_only'   => n['READONLY'].casecmp('yes') == 0
             }
 
             array << drive

src/vnm_mad/remotes/bridge/clean.d/firecracker

@@ -19,57 +19,86 @@
 $LOAD_PATH << File.dirname(__FILE__)
 $LOAD_PATH << File.join(File.dirname(__FILE__), '../..')
 
-require 'vnmmad'
+require_relative '../../command'
+require_relative '../../vnmmad'
+
 require 'open3'
 require 'base64'
 require 'rexml/document'
 
-template64 = STDIN.read
-deploy_id = ARGV[0]
+#----------------------------------------------------------------------------
+# Constants and helper functions
+#----------------------------------------------------------------------------
+def command(cmd)
+    if VNMMAD::VNMNetwork::COMMANDS.key?(cmd.to_sym)
+        cmd_str = (VNMMAD::VNMNetwork::COMMANDS[cmd.to_sym]).to_s
+    else
+        cmd_str = cmd.to_s
+    end
 
-xpath_nics = "//TEMPLATE/NIC[VN_MAD='bridge']"
-xpath_hv   = '//HISTORY/VM_MAD'
+    cmd_str
+end
+
+XPATH_NICS = "//TEMPLATE/NIC"
+XPATH_HV   = '//HISTORY/VM_MAD'
+#----------------------------------------------------------------------------
+
+template64 = STDIN.read
+deploy_id  = ARGV[0]
 
 template = REXML::Document.new(Base64.decode64(template64))
 
-hypervisor = template.elements[xpath_hv].text
+hypervisor = template.elements[XPATH_HV].text
 
 exit 0 if hypervisor != 'firecracker'
 
 if deploy_id.nil? || deploy_id.empty?
-    vm_id = template.elements['/VM/ID'].text
+    vm_id     = template.elements['/VM/ID'].text
     deploy_id = "one-#{vm_id}"
 end
 
-rc = nil
-e = nil
+rc    = nil
+e     = nil
+error = false
 
-template.elements.each(xpath_nics) do |nic_element|
+template.elements.each(XPATH_NICS) do |nic_element|
     nic_id  = Integer(nic_element.elements['//NIC_ID'].text)
     bridge  = nic_element.elements['//BRIDGE'].text
     if_name = "#{deploy_id}-#{nic_id}"
 
+    # check if interface is already defined
+    cmd = "#{command(:ip)} link show #{if_name}"
+    _, _, rc = Open3.capture3(cmd)
+
+    next if rc.success?
+
     # Del tap interface from the bridge
-    cmd = "sudo brctl delif #{bridge} #{if_name}"
+    cmd = "#{command(:ip)} link set #{if_name} nomaster"
     _, e, rc = Open3.capture3(cmd)
 
-    break unless rc.success?
+    if !rc.success?
+        error = true
+        break
+    end
 
     # Del tap device
-    cmd = "sudo ip tuntap del #{if_name} mode tap"
+    cmd = "#{command(:ip)} tuntap del #{if_name} mode tap"
     _, e, rc = Open3.capture3(cmd)
 
-    break unless rc.success?
+    if !rc.success?
+        error = true
+        break
+    end
 end
 
-if !rc.success?
+if error
     OpenNebula.log_error(e)
     exit(-1)
 end
 
 # rubocop:disable Lint/RescueException
 begin
-    hm = VNMMAD::NoVLANDriver.from_base64(template64, xpath_nics, deploy_id)
+    hm = VNMMAD::NoVLANDriver.from_base64(template64, XPATH_NICS, deploy_id)
     hm.deactivate
 rescue Exception => e
     OpenNebula.log_error(e.message)

src/vnm_mad/remotes/bridge/pre.d/firecracker

@@ -20,44 +20,67 @@ require 'open3'
 require 'base64'
 require 'rexml/document'
 
-template64 = STDIN.read
-deploy_id = ARGV[0]
+require_relative '../../command'
 
-xpath_nics = "//TEMPLATE/NIC[VN_MAD='bridge']"
-xpath_hv   = '//HISTORY/VM_MAD'
+#----------------------------------------------------------------------------
+# Constants and helper functions
+#----------------------------------------------------------------------------
+def command(cmd)
+    if VNMMAD::VNMNetwork::COMMANDS.key?(cmd.to_sym)
+        cmd_str = (VNMMAD::VNMNetwork::COMMANDS[cmd.to_sym]).to_s
+    else
+        cmd_str = cmd.to_s
+    end
+
+    cmd_str
+end
+
+XPATH_NICS = "//TEMPLATE/NIC"
+XPATH_HV   = '//HISTORY/VM_MAD'
+#----------------------------------------------------------------------------
+
+template64 = STDIN.read
+deploy_id  = ARGV[0]
 
 template = REXML::Document.new(Base64.decode64(template64))
 
-hypervisor = template.elements[xpath_hv].text
+hypervisor = template.elements[XPATH_HV].text
 
 exit 0 if hypervisor != 'firecracker'
 
 if deploy_id.nil? || deploy_id.empty?
-    vm_id = template.elements['/VM/ID'].text
+    vm_id     = template.elements['/VM/ID'].text
     deploy_id = "one-#{vm_id}"
 end
 
 rc = nil
 
-template.elements.each(xpath_nics) do |nic_element|
+template.elements.each(XPATH_NICS) do |nic_element|
     nic_id  = Integer(nic_element.elements['//NIC_ID'].text)
     bridge  = nic_element.elements['//BRIDGE'].text
+
     if_name = "#{deploy_id}-#{nic_id}"
 
+    # check if interface is already defined
+    cmd = "#{command(:ip)} link show #{if_name}"
+    _, _, rc = Open3.capture3(cmd)
+
+    next if rc.success?
+
     # create tap device
-    cmd = "sudo ip tuntap add #{if_name} mode tap"
+    cmd = "#{command(:ip)} tuntap add #{if_name} mode tap"
     _, _, rc = Open3.capture3(cmd)
 
     break unless rc.success?
 
     # set tap interface up
-    cmd = "sudo ip link set #{if_name} up"
+    cmd = "#{command(:ip)} link set #{if_name} up"
     _, _, rc = Open3.capture3(cmd)
 
     break unless rc.success?
 
     # Add tap interface to the bridge
-    cmd = "sudo brctl addif #{bridge} #{if_name}"
+    cmd = "#{command(:ip)} link set #{if_name} master #{bridge}"
     _, _, rc = Open3.capture3(cmd)
 
     break unless rc.success?