public void CreatePrivateEndpoints(Manifest cartridge)
{
if (cartridge == null)
{
throw new ArgumentNullException("cartridge");
}
if (cartridge.Endpoints == null || cartridge.Endpoints.Count == 0)
{
return;
}
foreach (Endpoint endpoint in cartridge.Endpoints)
{
string privateIp = "0.0.0.0";
container.AddEnvVar(endpoint.PrivateIpName, privateIp);
string port = container.ReadEnvVar("PRISON_PORT");
if (string.IsNullOrWhiteSpace(port))
{
Logger.Error("No prison port available for gear {0}", this.container.Uuid);
throw new Exception(string.Format("No prison port available for gear {0}", this.container.Uuid));
}
container.AddEnvVar(endpoint.PrivatePortName, port);
//if (!string.IsNullOrWhiteSpace(endpoint.WebsocketPortName) && !string.IsNullOrWhiteSpace(endpoint.WebsocketPort))
//{
// string websocketPort = endpoint.WebsocketPort == "0" ? Network.GrabEphemeralPort().ToString() : endpoint.WebsocketPort;
// container.AddEnvVar(endpoint.WebsocketPortName, websocketPort);
//}
}
}
public void Create()
{
Guid prisonGuid = Guid.Parse(container.Uuid.PadLeft(32, '0'));
Logger.Debug("Creating prison with guid: {0}", prisonGuid);
Uhuru.Prison.Prison prison = new Uhuru.Prison.Prison(prisonGuid);
prison.Tag = "oo";
Uhuru.Prison.PrisonRules prisonRules = new Uhuru.Prison.PrisonRules();
prisonRules.CellType = Prison.RuleType.None;
prisonRules.CellType |= Prison.RuleType.Memory;
prisonRules.CellType |= Prison.RuleType.CPU;
prisonRules.CellType |= Prison.RuleType.WindowStation;
prisonRules.CellType |= Prison.RuleType.Httpsys;
prisonRules.CellType |= Prison.RuleType.IISGroup;
prisonRules.CPUPercentageLimit = Convert.ToInt64(Node.ResourceLimits["cpu_quota"]);
prisonRules.ActiveProcessesLimit = Convert.ToInt32(Node.ResourceLimits["max_processes"]);
prisonRules.PriorityClass = ProcessPriorityClass.Normal;
// TODO: vladi: make sure these limits are ok being the same
prisonRules.NetworkOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]);
prisonRules.AppPortOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]);
prisonRules.TotalPrivateMemoryLimitBytes = Convert.ToInt64(Node.ResourceLimits["max_memory"]) * 1024 * 1024;
prisonRules.DiskQuotaBytes = Convert.ToInt64(Node.ResourceLimits["quota_blocks"]) * 1024;
prisonRules.PrisonHomePath = container.ContainerDir;
prisonRules.UrlPortAccess = Network.GetUniquePredictablePort(@"c:\openshift\ports");
Logger.Debug("Assigning port {0} to gear {1}", prisonRules.UrlPortAccess, container.Uuid);
prison.Lockdown(prisonRules);
// Configure SSHD for the new prison user
string binLocation = Path.GetDirectoryName(this.GetType().Assembly.Location);
string configureScript = Path.GetFullPath(Path.Combine(binLocation, @"powershell\Tools\sshd\configure-sshd.ps1"));
Sshd.ConfigureSshd(NodeConfig.Values["SSHD_BASE_DIR"], container.Uuid, Environment.UserName, container.ContainerDir, NodeConfig.Values["GEAR_SHELL"]);
this.container.InitializeHomedir(this.container.BaseDir, this.container.ContainerDir);
container.AddEnvVar("PRISON_PORT", prisonRules.UrlPortAccess.ToString());
LinuxFiles.TakeOwnershipOfGearHome(this.container.ContainerDir, prison.User.Username);
}
public ReturnStatus Execute()
{
ReturnStatus status = new ReturnStatus();
try
{
ApplicationContainer container = new ApplicationContainer(WithAppUuid, WithContainerUuid, null, WithAppName,
WithContainerName, WithNamespace, null, null, null);
container.AddEnvVar(WithKey, WithValue);
status.Output = string.Empty;
status.ExitCode = 0;
}
catch (Exception ex)
{
Logger.Error("Error running oo-env-var-add command: {0} - {1}", ex.Message, ex.StackTrace);
status.Output = ex.ToString();
status.ExitCode = -1;
}
return status;
}
public void Create()
{
Guid prisonGuid = Guid.Parse(container.Uuid.PadLeft(32, '0'));
Logger.Debug("Creating prison with guid: {0}", prisonGuid);
Uhuru.Prison.Prison prison = new Uhuru.Prison.Prison(prisonGuid);
prison.Tag = "oo";
Uhuru.Prison.PrisonRules prisonRules = new Uhuru.Prison.PrisonRules();
prisonRules.CellType = Prison.RuleType.None;
prisonRules.CellType |= Prison.RuleType.Memory;
prisonRules.CellType |= Prison.RuleType.CPU;
prisonRules.CellType |= Prison.RuleType.WindowStation;
prisonRules.CellType |= Prison.RuleType.Httpsys;
prisonRules.CellType |= Prison.RuleType.IISGroup;
// prisonRules.CellType |= Prison.RuleType.Filesystem;
prisonRules.CellType |= Prison.RuleType.MsSqlInstance;
prisonRules.CPUPercentageLimit = Convert.ToInt64(Node.ResourceLimits["cpu_quota"]);
prisonRules.ActiveProcessesLimit = Convert.ToInt32(Node.ResourceLimits["max_processes"]);
prisonRules.PriorityClass = ProcessPriorityClass.BelowNormal;
// TODO: vladi: make sure these limits are ok being the same
prisonRules.NetworkOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]);
prisonRules.AppPortOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]);
prisonRules.TotalPrivateMemoryLimitBytes = Convert.ToInt64(Node.ResourceLimits["max_memory"]) * 1024 * 1024;
prisonRules.DiskQuotaBytes = Convert.ToInt64(Node.ResourceLimits["quota_blocks"]) * 1024;
prisonRules.PrisonHomePath = container.ContainerDir;
prisonRules.UrlPortAccess = Network.GetUniquePredictablePort(@"c:\openshift\ports");
Logger.Debug("Assigning port {0} to gear {1}", prisonRules.UrlPortAccess, container.Uuid);
prison.Lockdown(prisonRules);
// Configure SSHD for the new prison user
string binLocation = Path.GetDirectoryName(this.GetType().Assembly.Location);
string configureScript = Path.GetFullPath(Path.Combine(binLocation, @"powershell\Tools\sshd\configure-sshd.ps1"));
ProcessResult result = ProcessExtensions.RunCommandAndGetOutput(ProcessExtensions.Get64BitPowershell(), string.Format(
@"-ExecutionPolicy Bypass -InputFormat None -noninteractive -file {0} -targetDirectory {2} -user {1} -windowsUser {5} -userHomeDir {3} -userShell {4}",
configureScript,
container.Uuid,
NodeConfig.Values["SSHD_BASE_DIR"],
container.ContainerDir,
NodeConfig.Values["GEAR_SHELL"],
Environment.UserName));
if (result.ExitCode != 0)
{
throw new Exception(string.Format("Error setting up sshd for gear {0} - rc={1}; out={2}; err={3}", container.Uuid, result.ExitCode, result.StdOut, result.StdErr));
}
this.container.InitializeHomedir(this.container.BaseDir, this.container.ContainerDir);
container.AddEnvVar("PRISON_PORT", prisonRules.UrlPortAccess.ToString());
LinuxFiles.TakeOwnershipOfGearHome(this.container.ContainerDir, prison.User.Username);
}