From d037e01e7c02dc43738681510e3e5f6362bf8e53 Mon Sep 17 00:00:00 2001 From: Thomas Parrott Date: Tue, 8 Oct 2024 15:45:01 +0100 Subject: [PATCH 1/2] lxd-stophook: Adds stop hook wrapper for the lxd command This command is intended to replace the `lxd` command in the snap so that existing running containers that are stopping will call this script as part of their stop hooks. This will then "route" the command to the `lxd-user` command that will be statically compiled so that it can connect to the running LXD daemon via the unix socket to indicate the container is stopping, even after refreshing the LXD snap to a different core base snap. Signed-off-by: Thomas Parrott (cherry picked from commit 4d10cbd366cd4e9d0bc05c7f12073f620e20941d) --- snapcraft.yaml | 1 + snapcraft/wrappers/lxd-stophook | 9 +++++++++ 2 files changed, 10 insertions(+) create mode 100755 snapcraft/wrappers/lxd-stophook diff --git a/snapcraft.yaml b/snapcraft.yaml index 168efac6..c32bde97 100644 --- a/snapcraft.yaml +++ b/snapcraft.yaml @@ -1618,6 +1618,7 @@ parts: organize: commands/snap-query: bin/ hooks/: snap/hooks/ + wrappers/lxd-stophook: bin/lxd wrappers/gpu-2404-custom-wrapper: bin/ wrappers/editor: bin/ wrappers/remote-viewer: bin/ diff --git a/snapcraft/wrappers/lxd-stophook b/snapcraft/wrappers/lxd-stophook new file mode 100755 index 00000000..fbb01f41 --- /dev/null +++ b/snapcraft/wrappers/lxd-stophook @@ -0,0 +1,9 @@ +#!/bin/sh +# Use exec so that this script process is replaced. +# This avoids polluting the process tree with this wrapper script. +if [ "$1" = "callhook" ]; then + exec /snap/lxd/current/bin/lxd-user "$@" +fi + +echo "lxd-stophook: Invalid argument: ${1}" >&2 +exit 1 From 74e8bc728ba2e4204decb398fe6b053427194424 Mon Sep 17 00:00:00 2001 From: Thomas Parrott Date: Wed, 9 Oct 2024 14:38:13 +0100 Subject: [PATCH 2/2] lxd: Build lxd server binary into /sbin The PATH inside the snap is configured to prefer /sbin over /bin so the lxd binary will still be called by default. The lxd-stophook-wrapper script which will be placed into `/bin/lxd`. Because containers are configured to call `/snap/lxd/current/bin/lxd callhook` which in turn will be routed to `/snap/lxd/current/bin/lxd-user` by the lxd-stophook-wrapper script, which will then connect to LXD's unix socket to indicate to the server that the container is stopping. Because lxd-user is compiled as a static binary this will work across snap core base changes. Also update LXD_EXEC_PATH env var so that LXD will still directly execute itself when needed, rather than going via the lxd-stophook wrapper script. Signed-off-by: Thomas Parrott (cherry picked from commit 75de117a9ca456a082c6a141ee32178197e9974f) --- snapcraft.yaml | 16 +++++++++++++--- snapcraft/commands/daemon.start | 2 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/snapcraft.yaml b/snapcraft.yaml index c32bde97..c9f0419c 100644 --- a/snapcraft.yaml +++ b/snapcraft.yaml @@ -1415,7 +1415,12 @@ parts: # Build the binaries go build -trimpath -o "${CRAFT_PART_INSTALL}/bin/lxc" github.com/canonical/lxd/lxc - go build -trimpath -o "${CRAFT_PART_INSTALL}/bin/lxd" -tags=libsqlite3 github.com/canonical/lxd/lxd + + # Build LXD server binary into ${CRAFT_PART_INSTALL}/sbin/lxd so that it does not conflict with the + # lxd-stophook wrapper script which is stored in ${CRAFT_PART_INSTALL}/bin/lxd. + # This way when a container stops it will call "/snap/lxd/current/bin/lxd callhook" which is handled by the + # lxd-stophook script, which in turn will execute "/snap/lxd/current/bin/lxd-user callhook" to notify LXD. + go build -trimpath -o "${CRAFT_PART_INSTALL}/sbin/lxd" -tags=libsqlite3 github.com/canonical/lxd/lxd # Build static binaries CGO_ENABLED=0 go build -trimpath -o "${CRAFT_PART_INSTALL}/bin/lxd-agent" -tags=agent,netgo github.com/canonical/lxd/lxd-agent @@ -1456,7 +1461,7 @@ parts: usr/share/misc/: share/misc/ var/lib/usbutils/usb.ids: share/misc/ usr/sbin/: bin/ - sbin/: bin/ + sbin/sgdisk: bin/ prime: - bin/dnsmasq - bin/getfattr @@ -1477,9 +1482,9 @@ parts: - share/misc/usb.ids - bin/lxc - - bin/lxd - bin/lxd-agent - bin/lxd-user + - sbin/lxd lxd-ui: source: https://github.com/canonical/lxd-ui @@ -1562,10 +1567,12 @@ parts: rm -rf "${CRAFT_PRIME}/usr/share/" # Strip binaries (excluding shell scripts and LXCFS) + # The "${CRAFT_PRIME}/bin/lxd" file is ignored as that is the lxd-stophook wrapper script. find "${CRAFT_PRIME}"/bin -type f \ -not -path "${CRAFT_PRIME}/bin/ceph" \ -not -path "${CRAFT_PRIME}/bin/editor" \ -not -path "${CRAFT_PRIME}/bin/lxc-checkconfig" \ + -not -path "${CRAFT_PRIME}/bin/lxd" \ -not -path "${CRAFT_PRIME}/bin/nvidia-container-cli" \ -not -path "${CRAFT_PRIME}/bin/remote-viewer" \ -not -path "${CRAFT_PRIME}/bin/snap-query" \ @@ -1577,6 +1584,9 @@ parts: -not -path "${CRAFT_PRIME}/bin/gpu-2404-custom-wrapper" \ -exec strip --strip-all {} + + # This is the actual LXD binary. + strip --strip-all "${CRAFT_PRIME}/sbin/lxd" + # Strip binaries not under bin/ due to being dynamically # added to the path with `snap set lxd`, like `criu.enable=true` for binary in "${CRAFT_PRIME}/criu/criu"; do diff --git a/snapcraft/commands/daemon.start b/snapcraft/commands/daemon.start index fdec8032..774d0d13 100755 --- a/snapcraft/commands/daemon.start +++ b/snapcraft/commands/daemon.start @@ -23,7 +23,7 @@ export HOME="/tmp/" export LXD_DIR="${SNAP_COMMON}/lxd/" export LXD_LXC_TEMPLATE_CONFIG="${SNAP_CURRENT}/lxc/config/" export LXD_LXC_HOOK="${SNAP_CURRENT}/lxc/hooks/" -export LXD_EXEC_PATH="${SNAP_CURRENT}/bin/lxd" +export LXD_EXEC_PATH="${SNAP_CURRENT}/sbin/lxd" export LD_LIBRARY_PATH="${LD_LIBRARY_PATH:-}:${SNAP_CURRENT}/lib:${SNAP_CURRENT}/lib/${ARCH}:${SNAP_CURRENT}/lib/${ARCH}/ceph" export PATH="${PATH}:${SNAP_CURRENT}/bin" export LXD_CLUSTER_UPDATE="${SNAP_CURRENT}/commands/refresh"