Commit graph

139 commits

Author SHA1 Message Date
Virgil Dupras
530a899467 Add support for unprivileged containers
fixes #312

I've also remove the "EXPERIMENTAL" flag to bridge support in the README.
It's been there long enough.
2018-02-17 21:53:16 -05:00
Virgil Dupras
2ae84fcc51 Revert tmpfs mount removal
To fix #406, I reverted the tmpfs mount we add at boot time. As we can
see in #455, it was a bad idea.

In addition to bringing back that mount, I've also added a
`tmpfs_mount_size` config that allows to change the size of the mount
from its default `2G`. It's also possible to disable the mount
altogether.

fixes #455
2018-02-02 16:02:17 -05:00
Virgil Dupras
1c27047f4b Remove tmpfs mount on /tmp and bring back /tmp cleanup on halt
fixes #406 because the `tmpfs` mount isn't needed anymore.

Careful considerations had to be taken because #68 mentions host-side
data loss when cleaning up `/tmp`. We mitigate this by ensuring that all
mounts under `/tmp` are unmounted before we proceed with our `rm -rf`
operation.

More context about this issue can be found in #360.
2018-01-13 23:00:46 -05:00
Virgil Dupras
c74ddbf2fc create: with LXC 2.1+ run lxc-update-config on new boxes
When running with LXC 2.1+, ensure that our boxes have up-to-date config
keys by running the `lxc-update-config` utility that ships with LXC
2.1+.

When the command doesn't exist (LXC <2.1), we do nothing.

ref #445
2018-01-13 21:03:34 -05:00
Virgil Dupras
aa777653f4 Use lxc-info instead of lxc-attach to retrieve container IP
`lxc-info -iH` to retrieve IP address was not available in early LXC
development but was there at LXC 1.0. Because we've bumped our minimum
LXC requirement to v1.0 recently, we can simplify the IP retrieval
process and also get rid of the `dnsmasq` fallback.
2018-01-13 15:53:28 -05:00
Hugo Fonseca
cac4910296 tries amount of fetching ip is now configurable 2016-11-09 14:38:05 +00:00
Hugo Fonseca
2d63603d85 Increase the re-tries amount 2016-11-07 15:34:48 +00:00
Franz Pletz
0c353598f8 Merge pull request #362 from ccope/halt-lvm-fix
remove /tmp cleanup command, fixes lvm rootfs
2015-08-28 14:50:51 +02:00
Michael Stucki
40ced9d3d1 Do not remove system bridge virbr0 2015-08-25 15:12:32 +02:00
Michael Stucki
eb503e42fd Fix variable name 2015-08-25 14:38:44 +02:00
Andriy
5329e8837e Update gc_private_network_bridges.rb 2015-08-25 14:38:31 +02:00
Cam Cope
5fb0bcbcbc make /tmp a tmpfs 2015-08-17 17:43:45 -07:00
Cam Cope
eba671c54d remove /tmp cleanup, fixes lvm rootfs 2015-08-17 17:43:24 -07:00
Antonio Terceiro
81f2c13541 forward_ports: bind to localhost only by default
This has been raised as security concern on vagrant itself, and fixed
there some time ago.
2015-07-19 12:29:27 -03:00
Fabio Rehm
55bbadef6f Merge pull request #352 from ccope/private_dhcp
Support private networking using DHCP
2015-04-06 10:56:38 -03:00
Aron Griffis
7d017ada1e Mount the selinux sys dir read-only [GH-301] 2015-03-24 17:42:11 -04:00
Cam Cope
5da3fc8be5 support containers with dhcp private networking 2015-03-08 19:58:29 -07:00
Fabio Rehm
fb23e606cc action/create: Trim automatically generated container names to 64 chars
Fixes GH-337
2015-01-11 21:30:11 -02:00
Fabio Rehm
ef06ea622e Remove blank file 2015-01-11 21:18:56 -02:00
Fabio Rehm
447d0dfc42 Experimental support for private networking [GH-298] 2015-01-11 20:59:38 -02:00
Fabio Rehm
bf3a9a5039 action: Some more tweaks around private networking + new pipework code [GH-298] 2015-01-08 03:57:49 -02:00
Fabio Rehm
28bdbe371d Merge remote-tracking branch 'origin/private-networks' into next 2015-01-08 02:28:45 -02:00
Fabio Rehm
752fa9b4e5 action/fetch_ip_with_lxc_attach: Attach to the MOUNT namespace in order to fix GH-300 2014-07-24 21:58:04 -03:00
Fabio Rehm
5232f2c7b1 Begin work on supporting private networks 2014-06-09 00:48:52 -03:00
Fabio Rehm
2db9aa89a1 action/ip_from_dnsmasq: Handle nil container hwaddr value 2014-05-12 23:56:39 -03:00
Fabio Rehm
d7935e55f3 action/boot: Bind mount /sys/fs/pstore to same path on containers to fix some apparmor issues when starting Ubuntu 14.04 containers
Fix GH-278
2014-05-12 23:27:14 -03:00
Kristof Willaert
6b5c00089d Make MAC address regex check case insensitive
The regex check for the container MAC address presence in the
dnsmasq leases file is case sensitive. Dnsmasq outputs uppercase
addresses in the leases file.

As MAC addresses are generally considered case insensitive, it
makes sense to relax the regular expression check to allow for this.
2014-05-08 14:30:14 +02:00
Fabio Rehm
4c3143aa34 Merge branch 'backingstore_options' of https://github.com/tailhook/vagrant-lxc
Conflicts:
	lib/vagrant-lxc/config.rb
2014-05-03 23:42:39 -03:00
Fabio Rehm
a0fe2f9cf0 action/clear_forwarded_ports: Fix privileged port detection and simplify code [GH-259] 2014-05-03 23:28:59 -03:00
Fabio Rehm
84bdb5cb22 Fix code indentation 2014-05-03 23:28:04 -03:00
Fabio Rehm
ee63d2b2ae Merge branch 'sudo-for-redir' of https://github.com/guerremdq/vagrant-lxc 2014-05-03 23:14:29 -03:00
guerremdq
0b1fffc6e3 clean redir pid with sudo only if port is < than 1024 2014-04-29 00:02:16 -03:00
Cam Cope
a9248cb697 add backingstore parameters 2014-04-28 17:17:59 +03:00
guerremdq
697d8bde08 only use sudo with redir when port number is lower than 1024 2014-03-23 13:39:42 -03:00
Fabio Rehm
164afc7839 package: Nicely handle optional lxc-template on base boxes when packaging 2014-03-21 19:30:28 -03:00
guerremdq
fd948f8552 Add sudo for redir 2014-03-20 17:01:45 -03:00
Fabio Rehm
4f49be03ad core: Make lxc-template optional [GH-254] 2014-03-14 00:32:03 -03:00
Fabio Rehm
c9fe9e552e Merge branch 'master' of github.com:vorlock/vagrant-lxc 2014-03-13 23:07:55 -03:00
Fabio Rehm
ad63452651 Nitpick 2014-03-13 23:07:05 -03:00
Franz Pletz
be12f11ced Set container utsname to configured hostname per default
Previously, the utsname of a machine was set to the vagrant machine ID.
As the utsname represents the hostname of the machine and is independent
from the name of the actual LXC container, the hostname that was
specified in the Vagrantfile should be used instead. If no hostname is
provided, the machine ID will be used like before.

Additionally, this will trigger the DHCP client in the container to send
the correct hostname to the DHCP server on the first request at boot.
Vagrant sets the configured hostname only after the network is up. If
for example automatic DNS updates are configured, the right DNS record
will be created every time.
2014-03-13 19:06:05 +01:00
Marcin Kulisz
e84f9e2b4a Added dnsmasq leases file location for libvirt 2014-03-13 09:49:24 +00:00
Fabio Rehm
38ae9441fc package: lxc-config should be included when repackaging boxes 2014-03-13 00:57:37 -03:00
Fabio Rehm
61002b9bb8 core: Remove actions that check for containers statuses 2014-03-13 00:57:37 -03:00
Fabio Rehm
71b02ab511 We dont need to provide support for all versions on the 1.1.x series ;) 2014-03-13 00:57:37 -03:00
Fabio Rehm
23e82594e1 backports: Add Action::Message 2014-03-13 00:57:36 -03:00
Fabio Rehm
bb8514b518 core: "Tag" ShareFolders action as backport functionality 2014-03-13 00:57:36 -03:00
Fabio Rehm
d5abb523de core: Implement support for built in synced folders and add required logic for NFS 2014-03-13 00:57:36 -03:00
Fabio Rehm
4fbd7c0182 core: Move WaitForCommunicator to backports and make it generic 2014-03-13 00:57:36 -03:00
Fabio Rehm
deac5930cc action/handle_box_metadata: Implement support for 1.0.0 base boxes 2014-03-09 21:21:39 -03:00
Fabio Rehm
6e7ab85dad Use a safer random name for containers (closes GH-192)
if the same vagrantfile is up'd in the same second in the same basedir
this caused a conflict
2014-02-02 19:43:51 -02:00