public void CreatePrivateEndpoints(Manifest cartridge) { if (cartridge == null) { throw new ArgumentNullException("cartridge"); } if (cartridge.Endpoints == null || cartridge.Endpoints.Count == 0) { return; } foreach (Endpoint endpoint in cartridge.Endpoints) { string privateIp = "0.0.0.0"; container.AddEnvVar(endpoint.PrivateIpName, privateIp); string port = container.ReadEnvVar("PRISON_PORT"); if (string.IsNullOrWhiteSpace(port)) { Logger.Error("No prison port available for gear {0}", this.container.Uuid); throw new Exception(string.Format("No prison port available for gear {0}", this.container.Uuid)); } container.AddEnvVar(endpoint.PrivatePortName, port); //if (!string.IsNullOrWhiteSpace(endpoint.WebsocketPortName) && !string.IsNullOrWhiteSpace(endpoint.WebsocketPort)) //{ // string websocketPort = endpoint.WebsocketPort == "0" ? Network.GrabEphemeralPort().ToString() : endpoint.WebsocketPort; // container.AddEnvVar(endpoint.WebsocketPortName, websocketPort); //} } }
public void Create() { Guid prisonGuid = Guid.Parse(container.Uuid.PadLeft(32, '0')); Logger.Debug("Creating prison with guid: {0}", prisonGuid); Uhuru.Prison.Prison prison = new Uhuru.Prison.Prison(prisonGuid); prison.Tag = "oo"; Uhuru.Prison.PrisonRules prisonRules = new Uhuru.Prison.PrisonRules(); prisonRules.CellType = Prison.RuleType.None; prisonRules.CellType |= Prison.RuleType.Memory; prisonRules.CellType |= Prison.RuleType.CPU; prisonRules.CellType |= Prison.RuleType.WindowStation; prisonRules.CellType |= Prison.RuleType.Httpsys; prisonRules.CellType |= Prison.RuleType.IISGroup; prisonRules.CPUPercentageLimit = Convert.ToInt64(Node.ResourceLimits["cpu_quota"]); prisonRules.ActiveProcessesLimit = Convert.ToInt32(Node.ResourceLimits["max_processes"]); prisonRules.PriorityClass = ProcessPriorityClass.Normal; // TODO: vladi: make sure these limits are ok being the same prisonRules.NetworkOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]); prisonRules.AppPortOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]); prisonRules.TotalPrivateMemoryLimitBytes = Convert.ToInt64(Node.ResourceLimits["max_memory"]) * 1024 * 1024; prisonRules.DiskQuotaBytes = Convert.ToInt64(Node.ResourceLimits["quota_blocks"]) * 1024; prisonRules.PrisonHomePath = container.ContainerDir; prisonRules.UrlPortAccess = Network.GetUniquePredictablePort(@"c:\openshift\ports"); Logger.Debug("Assigning port {0} to gear {1}", prisonRules.UrlPortAccess, container.Uuid); prison.Lockdown(prisonRules); // Configure SSHD for the new prison user string binLocation = Path.GetDirectoryName(this.GetType().Assembly.Location); string configureScript = Path.GetFullPath(Path.Combine(binLocation, @"powershell\Tools\sshd\configure-sshd.ps1")); Sshd.ConfigureSshd(NodeConfig.Values["SSHD_BASE_DIR"], container.Uuid, Environment.UserName, container.ContainerDir, NodeConfig.Values["GEAR_SHELL"]); this.container.InitializeHomedir(this.container.BaseDir, this.container.ContainerDir); container.AddEnvVar("PRISON_PORT", prisonRules.UrlPortAccess.ToString()); LinuxFiles.TakeOwnershipOfGearHome(this.container.ContainerDir, prison.User.Username); }
public ReturnStatus Execute() { ReturnStatus status = new ReturnStatus(); try { ApplicationContainer container = new ApplicationContainer(WithAppUuid, WithContainerUuid, null, WithAppName, WithContainerName, WithNamespace, null, null, null); container.AddEnvVar(WithKey, WithValue); status.Output = string.Empty; status.ExitCode = 0; } catch (Exception ex) { Logger.Error("Error running oo-env-var-add command: {0} - {1}", ex.Message, ex.StackTrace); status.Output = ex.ToString(); status.ExitCode = -1; } return status; }
public void Create() { Guid prisonGuid = Guid.Parse(container.Uuid.PadLeft(32, '0')); Logger.Debug("Creating prison with guid: {0}", prisonGuid); Uhuru.Prison.Prison prison = new Uhuru.Prison.Prison(prisonGuid); prison.Tag = "oo"; Uhuru.Prison.PrisonRules prisonRules = new Uhuru.Prison.PrisonRules(); prisonRules.CellType = Prison.RuleType.None; prisonRules.CellType |= Prison.RuleType.Memory; prisonRules.CellType |= Prison.RuleType.CPU; prisonRules.CellType |= Prison.RuleType.WindowStation; prisonRules.CellType |= Prison.RuleType.Httpsys; prisonRules.CellType |= Prison.RuleType.IISGroup; // prisonRules.CellType |= Prison.RuleType.Filesystem; prisonRules.CellType |= Prison.RuleType.MsSqlInstance; prisonRules.CPUPercentageLimit = Convert.ToInt64(Node.ResourceLimits["cpu_quota"]); prisonRules.ActiveProcessesLimit = Convert.ToInt32(Node.ResourceLimits["max_processes"]); prisonRules.PriorityClass = ProcessPriorityClass.BelowNormal; // TODO: vladi: make sure these limits are ok being the same prisonRules.NetworkOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]); prisonRules.AppPortOutboundRateLimitBitsPerSecond = Convert.ToInt64(Node.ResourceLimits["max_upload_bandwidth"]); prisonRules.TotalPrivateMemoryLimitBytes = Convert.ToInt64(Node.ResourceLimits["max_memory"]) * 1024 * 1024; prisonRules.DiskQuotaBytes = Convert.ToInt64(Node.ResourceLimits["quota_blocks"]) * 1024; prisonRules.PrisonHomePath = container.ContainerDir; prisonRules.UrlPortAccess = Network.GetUniquePredictablePort(@"c:\openshift\ports"); Logger.Debug("Assigning port {0} to gear {1}", prisonRules.UrlPortAccess, container.Uuid); prison.Lockdown(prisonRules); // Configure SSHD for the new prison user string binLocation = Path.GetDirectoryName(this.GetType().Assembly.Location); string configureScript = Path.GetFullPath(Path.Combine(binLocation, @"powershell\Tools\sshd\configure-sshd.ps1")); ProcessResult result = ProcessExtensions.RunCommandAndGetOutput(ProcessExtensions.Get64BitPowershell(), string.Format( @"-ExecutionPolicy Bypass -InputFormat None -noninteractive -file {0} -targetDirectory {2} -user {1} -windowsUser {5} -userHomeDir {3} -userShell {4}", configureScript, container.Uuid, NodeConfig.Values["SSHD_BASE_DIR"], container.ContainerDir, NodeConfig.Values["GEAR_SHELL"], Environment.UserName)); if (result.ExitCode != 0) { throw new Exception(string.Format("Error setting up sshd for gear {0} - rc={1}; out={2}; err={3}", container.Uuid, result.ExitCode, result.StdOut, result.StdErr)); } this.container.InitializeHomedir(this.container.BaseDir, this.container.ContainerDir); container.AddEnvVar("PRISON_PORT", prisonRules.UrlPortAccess.ToString()); LinuxFiles.TakeOwnershipOfGearHome(this.container.ContainerDir, prison.User.Username); }