[PATCH] procd: Adding support to detect Pantavisor Container Platform
Daniel Golle
daniel at makrotopia.org
Mon Mar 22 11:53:35 GMT 2021
On Mon, Mar 22, 2021 at 05:00:06PM +0530, Gaurav Pathak wrote:
> On Mon, Mar 22, 2021 at 10:42:25AM +0000, Daniel Golle wrote:
> > On Mon, Mar 22, 2021 at 03:38:25PM +0530, Gaurav Pathak wrote:
> > > > I assume that if this is a custom downstream version then the change is
> > > > not applicable for merge into upstream owrt. please explain what "custom
> > > > version" means.
> > >
> > > Actually, we don't use a custom version of lxc, we use the upstream stable lxc.
> > > The reason for this patch is that the hardcoded mount of /dev prevents our way of usage of openwrt in containers.
> >
> > In that case I believe the best is to revert the patch which applies a
> > Pantavisor-specific hack to detect if running inside a container and
> > switch to a method which works for all users of LXC equally (like it
> > is has already been done for Docker, see container.h in procd sources).
> >
> We tried to use the existing implementation that is in is_container() without any modification,
> but the key difference is that we use a container to run a full system container rather than just a "normal" app container,
> the current logic is correct when we use openwrt as an app container in our lxc based pantavisor,
> but it will do too much for the containers on our system that are suppose to run like the "main OS", like our pv-root plaforms.
The logic in container.h is made for exactly that (ie. full-system
container rather than App container). If you are using unmodified LXC
this should work without problems as LXC sets an environment variabel
(container=lxc) and we do detect the presence of that environment
variable in container.h.
Hence the easiest way would be you just use that existing mechanism
(ie. just go with LXC defaults which do set that env variable) as that
would not require any Pantavisor-specific hacks in our codebase.
More information about the openwrt-devel
mailing list