From 1a4709147a4e6cbebd394ce1a157a14e4c55db6b Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 25 Mar 2014 22:09:34 +0000 Subject: [PATCH] customize: Add various options from virt-builder. This adds the following options to virt-customize: --attach --attach-format -m / --memsize --network / --no-network --smp This fixes commit 2b208d84db080659badbb70044497aae040592e7. --- customize/main.ml | 54 ++++++++++++++++++++--- customize/virt-customize.pod | 83 ++++++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+), 6 deletions(-) diff --git a/customize/main.ml b/customize/main.ml index 74ecb8ead..17ed11ed2 100644 --- a/customize/main.ml +++ b/customize/main.ml @@ -19,6 +19,8 @@ open Common_gettext.Gettext open Common_utils +open Customize_cmdline + open Printf module G = Guestfs @@ -28,13 +30,25 @@ let () = Random.self_init () let prog = Filename.basename Sys.executable_name let main () = + let attach = ref [] in + let attach_format = ref None in + let set_attach_format = function + | "auto" -> attach_format := None + | s -> attach_format := Some s + in + let attach_disk s = attach := (!attach_format, s) :: !attach in let debug_gc = ref false in let domain = ref None in let dryrun = ref false in let files = ref [] in let format = ref "auto" in - let quiet = ref false in let libvirturi = ref "" in + let memsize = ref None in + let set_memsize arg = memsize := Some arg in + let network = ref true in + let quiet = ref false in + let smp = ref None in + let set_smp arg = smp := Some arg in let trace = ref false in let verbose = ref false in @@ -60,6 +74,9 @@ let main () = let argspec = [ "-a", Arg.String add_file, s_"file" ^ " " ^ s_"Add disk image file"; "--add", Arg.String add_file, s_"file" ^ " " ^ s_"Add disk image file"; + "--attach", Arg.String attach_disk, "iso" ^ " " ^ s_"Attach data disk/ISO during install"; + "--attach-format", Arg.String set_attach_format, + "format" ^ " " ^ s_"Set attach disk format"; "-c", Arg.Set_string libvirturi, s_"uri" ^ " " ^ s_"Set libvirt URI"; "--connect", Arg.Set_string libvirturi, s_"uri" ^ " " ^ s_"Set libvirt URI"; "--debug-gc", Arg.Set debug_gc, " " ^ s_"Debug GC and memory allocations (internal)"; @@ -70,8 +87,13 @@ let main () = "--dry-run", Arg.Set dryrun, " " ^ s_"Perform a dry run"; "--format", Arg.Set_string format, s_"format" ^ " " ^ s_"Set format (default: auto)"; "--long-options", Arg.Unit display_long_options, " " ^ s_"List long options"; + "-m", Arg.Int set_memsize, "mb" ^ " " ^ s_"Set memory size"; + "--memsize", Arg.Int set_memsize, "mb" ^ " " ^ s_"Set memory size"; + "--network", Arg.Set network, " " ^ s_"Enable appliance network (default)"; + "--no-network", Arg.Clear network, " " ^ s_"Disable appliance network"; "-q", Arg.Set quiet, " " ^ s_"Don't print log messages"; "--quiet", Arg.Set quiet, " " ^ s_"Don't print log messages"; + "--smp", Arg.Int set_smp, "vcpus" ^ " " ^ s_"Set number of vCPUs"; "-v", Arg.Set verbose, " " ^ s_"Enable debugging messages"; "--verbose", Arg.Set verbose, " " ^ s_"Enable debugging messages"; "-V", Arg.Unit display_version, " " ^ s_"Display version and exit"; @@ -145,9 +167,13 @@ read the man page virt-customize(1). in (* Dereference the rest of the args. *) + let attach = List.rev !attach in let debug_gc = !debug_gc in let dryrun = !dryrun in + let memsize = !memsize in + let network = !network in let quiet = !quiet in + let smp = !smp in let trace = !trace in let verbose = !verbose in @@ -158,11 +184,27 @@ read the man page virt-customize(1). msg (f_"Examining the guest ..."); (* Connect to libguestfs. *) - let g = new G.guestfs () in - if trace then g#set_trace true; - if verbose then g#set_verbose true; - add g dryrun; - g#launch (); + let g = + let g = new G.guestfs () in + if trace then g#set_trace true; + if verbose then g#set_verbose true; + + (match memsize with None -> () | Some memsize -> g#set_memsize memsize); + (match smp with None -> () | Some smp -> g#set_smp smp); + g#set_network network; + g#set_selinux ops.flags.selinux_relabel; + + (* Add disks. *) + add g dryrun; + + (* Attach ISOs, if we have any. *) + List.iter ( + fun (format, file) -> + g#add_drive_opts ?format ~readonly:true file; + ) attach; + + g#launch (); + g in (* Inspection. *) (match Array.to_list (g#inspect_os ()) with diff --git a/customize/virt-customize.pod b/customize/virt-customize.pod index 9c7f0fdab..58c13c2d9 100644 --- a/customize/virt-customize.pod +++ b/customize/virt-customize.pod @@ -48,6 +48,27 @@ force a particular format use the I<--format> option. Add a remote disk. The URI format is compatible with guestfish. See L. +=item B<--attach> ISOFILE + +The given disk is attached to the libguestfs appliance. This is used +to provide extra software repositories or other data for +customization. + +You probably want to ensure the volume(s) or filesystems in the +attached disks are labelled (or use an ISO volume name) so that you +can mount them by label in your run-scripts: + + mkdir /tmp/mount + mount LABEL=EXTRA /tmp/mount + +You can have multiple I<--attach> options, and the format can be any +disk format (not just an ISO). + +=item B<--attach-format> FORMAT + +Specify the disk format for the next I<--attach> option. The +C is usually C or C. Use C for ISOs. + =item B<-c> URI =item B<--connect> URI @@ -96,6 +117,64 @@ If you have untrusted raw-format guest disk images, you should use this option to specify the disk format. This avoids a possible security problem with malicious guests (CVE-2010-3851). +=item B<-m> MB + +=item B<--memsize> MB + +Change the amount of memory allocated to I<--run> scripts. Increase +this if you find that I<--run> scripts or the I<--install> option are +running out of memory. + +The default can be found with this command: + + guestfish get-memsize + +=item B<--network> + +=item B<--no-network> + +Enable or disable network access from the guest during the installation. + +Enabled is the default. Use I<--no-network> to disable access. + +The network only allows outgoing connections and has other minor +limitations. See L. + +If you use I<--no-network> then certain other options such as +I<--install> will not work. + +This does not affect whether the guest can access the network once it +has been booted, because that is controlled by your hypervisor or +cloud environment and has nothing to do with virt-customize. + +Generally speaking you should I use I<--no-network>. But here +are some reasons why you might want to: + +=over 4 + +=item 1. + +Because the libguestfs backend that you are using doesn't support the +network. (See: L). + +=item 2. + +Any software you need to install comes from an attached ISO, so you +don't need the network. + +=item 3. + +You don't want untrusted guest code trying to access your host network +when running virt-customize. This is particularly an issue when you +don't trust the source of the operating system templates. (See +L below). + +=item 4. + +You don't have a host network (eg. in secure/restricted environments). + +=back + =item B<-q> =item B<--quiet> @@ -104,6 +183,10 @@ Don't print log messages. To enable detailed logging of individual file operations, use I<-x>. +=item B<--smp> N + +Enable N E 2 virtual CPUs for I<--run> scripts to use. + =item B<-v> =item B<--verbose>