private void StartDropletInstance(DropletInstance instance, string sha1, string executableFile, string executableUri) { try { try { instance.Lock.EnterWriteLock(); var containerRules = new CloudFoundry.WindowsPrison.PrisonConfiguration(); containerRules.PrisonHomeRootPath = instance.Properties.Directory; containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.WindowStation; containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.IISGroup; containerRules.TotalPrivateMemoryLimitBytes = instance.Properties.MemoryQuotaBytes; containerRules.PriorityClass = ProcessPriorityClass.BelowNormal; containerRules.ActiveProcessesLimit = 10; if (this.uploadThrottleBitsps > 0) { containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.Network; containerRules.NetworkOutboundRateLimitBitsPerSecond = this.uploadThrottleBitsps; containerRules.AppPortOutboundRateLimitBitsPerSecond = this.uploadThrottleBitsps; } containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.Httpsys; containerRules.UrlPortAccess = instance.Properties.Port; if (this.useDiskQuota) { containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.Disk; containerRules.DiskQuotaBytes = instance.Properties.DiskQuotaBytes; } //var prisonInfo = new ProcessPrisonCreateInfo(); //prisonInfo.Id = instance.Properties.InstanceId; //prisonInfo.TotalPrivateMemoryLimitBytes = instance.Properties.MemoryQuotaBytes; //if (this.useDiskQuota) //{ // prisonInfo.DiskQuotaBytes = instance.Properties.DiskQuotaBytes; // prisonInfo.DiskQuotaPath = instance.Properties.Directory; //} //if (this.uploadThrottleBitsps > 0) //{ // prisonInfo.NetworkOutboundRateLimitBitsPerSecond = this.uploadThrottleBitsps; //} //prisonInfo.UrlPortAccess = instance.Properties.Port; instance.Prison.Tag = "dea"; instance.Properties.ContainerId = instance.Prison.Id.ToString(); Logger.Info("Creating Process Prisson: {0}", instance.Properties.ContainerId); instance.Prison.Lockdown(containerRules); //instance.Prison.Create(prisonInfo); Logger.Info("Opening firewall port {0} for instance {1}", instance.Properties.Port, instance.Properties.LoggingId); FirewallTools.OpenPort(instance.Properties.Port, instance.Properties.InstanceId); instance.Properties.WindowsUserName = instance.Prison.User.UserName; instance.Properties.WindowsPassword = instance.Prison.User.Password; //instance.Properties.WindowsPassword = instance.Prison.WindowsPassword; //instance.Properties.WindowsUserName = instance.Prison.WindowsUsername; } finally { instance.Lock.ExitWriteLock(); } string tgzFile = Path.Combine(this.fileResources.StagedDir, sha1 + ".tgz"); this.fileResources.PrepareAppDirectory(executableFile, executableUri, sha1, tgzFile, instance); Logger.Debug(Strings.Downloadcompleate); string starting = string.Format(CultureInfo.InvariantCulture, Strings.StartingUpInstanceOnPort, instance.Properties.LoggingId, instance.Properties.Port); Logger.Info(starting); Logger.Debug(Strings.Clients, this.monitoring.Clients); Logger.Debug(Strings.ReservedMemoryUsageMb, this.monitoring.MemoryReservedMbytes, this.monitoring.MaxMemoryMbytes); try { instance.Lock.EnterWriteLock(); instance.Properties.EnvironmentVariables.Add(VcapWindowsUserVariable, instance.Properties.WindowsUserName); instance.Properties.EnvironmentVariables.Add(VcapWindowsUserPasswordVariable, instance.Properties.WindowsPassword); instance.Prison.User.SetUserEnvironmentVariables(instance.Properties.EnvironmentVariables); } finally { instance.Lock.ExitWriteLock(); } DateTime start = DateTime.Now; string startSciprtPath = this.CreateStartScript(instance); instance.Prison.Execute(null, startSciprtPath, Path.Combine(instance.Properties.Directory, "app"), false, null, null, null, null); Logger.Debug(Strings.TookXTimeToLoadConfigureAndStartDebugMessage, (DateTime.Now - start).TotalSeconds); try { instance.Lock.EnterWriteLock(); if (!instance.Properties.StopProcessed) { this.droplets.ScheduleSnapshotAppState(); } } finally { instance.Lock.ExitWriteLock(); } if (File.Exists(this.logyardUidPath)) { LogyardInstanceRequest logyardMsg = new LogyardInstanceRequest(); logyardMsg.AppGUID = instance.Properties.DropletId; logyardMsg.AppName = instance.Properties.Name; logyardMsg.AppSpace = ""; logyardMsg.DockerId = instance.Properties.InstanceId; logyardMsg.Index = -1; Dictionary<string, string> logfiles = new Dictionary<string, string>(); logfiles["stdout"] = @"logs\stdout.log"; logfiles["stderr"] = @"logs\stderr.log"; logyardMsg.LogFiles = logfiles; logyardMsg.Type = "app"; logyardMsg.RootPath = instance.Properties.Directory; string logyardId = File.ReadAllText(this.logyardUidPath).Trim(); this.deaReactor.SendLogyardNotification(logyardId, logyardMsg.SerializeToJson()); } this.DetectAppReady(instance); } catch (Exception ex) { Logger.Warning(Strings.FailedStagingAppDir, instance.Properties.Directory, instance.Properties.LoggingId, ex.ToString()); try { instance.Lock.EnterWriteLock(); instance.Properties.State = DropletInstanceState.Crashed; instance.Properties.ExitReason = DropletExitReason.Crashed; instance.Properties.StateTimestamp = DateTime.Now; this.StopDroplet(instance); } finally { instance.Lock.ExitWriteLock(); } } }
public void CreatePrison() { if (this.Container.IsLocked) { return; } this.Lock.EnterWriteLock(); var containerRules = new CloudFoundry.WindowsPrison.PrisonConfiguration(); containerRules.PrisonHomeRootPath = this.Properties.Directory; containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.WindowStation; containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.IISGroup; containerRules.TotalPrivateMemoryLimitBytes = this.Properties.MemoryQuotaBytes; containerRules.PriorityClass = ProcessPriorityClass.BelowNormal; containerRules.ActiveProcessesLimit = 10; if (this.Properties.UploadThrottleBitsps > 0) { containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.Network; containerRules.NetworkOutboundRateLimitBitsPerSecond = this.Properties.UploadThrottleBitsps; containerRules.AppPortOutboundRateLimitBitsPerSecond = this.Properties.UploadThrottleBitsps; } if (this.Properties.UseDiskQuota) { containerRules.Rules |= CloudFoundry.WindowsPrison.RuleTypes.Disk; containerRules.DiskQuotaBytes = this.Properties.DiskQuotaBytes; } Logger.Info("Creating Process Prison: {0}", this.Container.Id.ToString()); this.Container.Tag = "dea"; this.Container.Lockdown(containerRules); this.Properties.WindowsUserName = this.Container.User.UserName; this.Properties.WindowsPassword = this.Container.User.Password; this.Properties.InstanceId = this.Container.Id.ToString(); this.Lock.ExitWriteLock(); // Explode the app into its directory and optionally bind its local runtime. Directory.CreateDirectory(this.Properties.Directory); DirectoryInfo deploymentDirInfo = new DirectoryInfo(this.Properties.Directory); DirectorySecurity deploymentDirSecurity = deploymentDirInfo.GetAccessControl(); // Owner is important to account for disk quota deploymentDirSecurity.SetOwner(new NTAccount(this.Properties.WindowsUserName)); deploymentDirSecurity.SetAccessRule( new FileSystemAccessRule( this.Properties.WindowsUserName, FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify | FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None | PropagationFlags.InheritOnly, AccessControlType.Allow)); using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { deploymentDirInfo.SetAccessControl(deploymentDirSecurity); } }