lxc: get rid of custom container detection code

The mechanism for detecting whether or not the task is in a container here (checking if we're in the / cgroup) is very broken, and will not work with cgroup namespaces (to land in kernel 4.5, but will be backported to xenial's 4.4 kernel). Instead, we should use the running-in-container script, as provided by the init-system-helpers package, which encapsulates all the logic required for various init systems. (n.b. that this adds a dependency; I'm not sure how juju handles this.) Also, I've mode the code to container/ instead of in lxc/lxcutils in anticipation of the lxd container type which will also need to use this function. Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
juju · Feb 4, 2016 · 24fef1a · 24fef1a
1 parent b59d585
commit 24fef1a
Show file tree

Hide file tree

Showing 8 changed files with 17 additions and 177 deletions.
diff --git a/cmd/jujud/agent/machine.go b/cmd/jujud/agent/machine.go
@@ -53,7 +53,6 @@ import (
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/kvm"
 	"github.com/juju/juju/container/lxc"
-	"github.com/juju/juju/container/lxc/lxcutils"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/simplestreams"
@@ -1943,10 +1942,8 @@ func (a *MachineAgent) uninstallAgent(agentConfig agent.Config) error {
 
 	errors = append(errors, a.removeJujudSymlinks()...)
 
-	insideLXC, err := lxcutils.RunningInsideLXC()
-	if err != nil {
-		errors = append(errors, err)
-	} else if insideLXC {
+	insideLXC := container.RunningInContainer()
+	if insideLXC {
 		// We're running inside LXC, so loop devices may leak. Detach
 		// any loop devices that are backed by files on this machine.
 		//

diff --git a/container/lxc/lxc.go b/container/lxc/lxc.go
@@ -31,7 +31,6 @@ import (
 	"github.com/juju/juju/cloudconfig/containerinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc/lxcutils"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/storage/looputil"
 )
@@ -44,7 +43,6 @@ var (
 	LxcRestartDir    = "/etc/lxc/auto"
 	LxcObjectFactory = golxc.Factory()
 	runtimeGOOS      = runtime.GOOS
-	runningInsideLXC = lxcutils.RunningInsideLXC
 	writeWgetTmpFile = ioutil.WriteFile
 )
 
@@ -91,10 +89,7 @@ func IsLXCSupported() (bool, error) {
 		return false, nil
 	}
 	// We do not support running nested LXC containers.
-	insideLXC, err := runningInsideLXC()
-	if err != nil {
-		return false, errors.Trace(err)
-	}
+	insideLXC := container.RunningInContainer()
 	return !insideLXC, nil
 }
 

diff --git a/container/lxc/lxcutils/export_test.go b/container/lxc/lxcutils/export_test.go
diff --git a/container/lxc/lxcutils/lxcutils_test.go b/container/lxc/lxcutils/lxcutils_test.go
diff --git a/container/lxc/lxcutils/utils.go b/container/lxc/lxcutils/utils.go
diff --git a/container/lxc/lxcutils/utils_linux.go b/container/lxc/lxcutils/utils_linux.go
diff --git a/container/lxc/lxcutils/utils_notlinux.go b/container/lxc/lxcutils/utils_notlinux.go
diff --git a/container/utils.go b/container/utils.go
@@ -0,0 +1,14 @@
+package container
+
+import (
+	"os/exec"
+)
+
+func RunningInContainer() bool {
+	/* running-in-container is in init-scripts-helpers, and is smart enough
+	 * to ask both systemd and upstart whether or not they know if the task
+	 * is running in a container.
+	 */
+	cmd := exec.Command("running-in-container")
+	return cmd.Run() == nil
+}