Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add cgroup support via systemd-run #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

add cgroup support via systemd-run #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6e65f8a
d-run: replace custom fakeroot by standard User
xi Aug 5, 2023
1d5414e
add cgroup support via systemd-run
xi Aug 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ This is the full list of values from docker's
[`config.json`](https://github.com/opencontainers/image-spec/blob/main/config.md)
that are actually used by `d-run`:

- `User`
- `Hostname`
- `WorkingDir`
- `Env`
Expand All @@ -22,7 +23,6 @@ that are actually used by `d-run`:
`d-run` uses the following additional values:

- `net` (bool) - enable networking (default: false)
- `fakeroot` (bool) - map UID and GID to 0 (default: false)
- `rw` (bool) - allow to modify the base image (default: false)

You are encouraged to modify this file, e.g. to add a volume or change the
Expand Down
53 changes: 44 additions & 9 deletions d-run
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
import os
import json
import argparse
import grp
import pwd


def make_volume(path, dir):
Expand All @@ -25,7 +27,22 @@ def make_volume(path, dir):
return [op, hostpath, path]


def build_cmd(dir, config):
def parse_user(user):
uid = user
gid = None

if ':' in user:
uid, gid = uid.split(':', 1)
if not gid.isdigit():
gid = grp.getgrnam(gid).gr_gid

if not uid.isdigit():
uid = pwd.getpwnam('tobias').pw_uid

return uid, gid


def build_bwrap(dir, config):
cmd = [
'bwrap',
'--bind', os.path.join(dir, 'rootfs'), '/',
Expand Down Expand Up @@ -59,11 +76,11 @@ def build_cmd(dir, config):
if not config.get('rw'):
cmd += ['--remount-ro', '/']

if config.get('fakeroot'):
cmd += [
'--uid', '0',
'--gid', '0',
]
if config.get('User'):
uid, gid = parse_user(config['User'])
cmd += ['--uid', uid]
if gid is not None:
cmd += ['--gid', gid]

if config.get('Entrypoint'):
cmd += config['Entrypoint']
Expand All @@ -73,12 +90,30 @@ def build_cmd(dir, config):
return cmd


def build_cmd(dir, config):
cmd = [
'systemd-run',
'--user',
'--scope',
'--quiet',
]

if config.get('CpuShares'):
cmd += ['-p', f'CPUWeight={config["CpuShares"]}']
if config.get('Memory'):
cmd += ['-p', f'MemoryMax={config["Memory"]}']
if config.get('MemorySwap'):
cmd += ['-p', f'MemorySwapMax={config["MemorySwap"]}']

return cmd + build_bwrap(dir, config)


def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument('dir')
parser.add_argument('-v', '--volume', action='append')
parser.add_argument('-u', '--user')
parser.add_argument('-n', '--net', action='store_true')
parser.add_argument('-r', '--fakeroot', action='store_true')
parser.add_argument('-w', '--rw', action='store_true')
parser.add_argument('cmd', nargs='*')
return parser.parse_args()
Expand All @@ -96,8 +131,8 @@ if __name__ == '__main__':
config['net'] = True
if args.rw:
config['rw'] = True
if args.fakeroot:
config['fakeroot'] = True
if args.user:
config['User'] = args.user
if args.volume:
if not config.get('Volumes'):
config['Volumes'] = {}
Expand Down