Re: [libvirt] [sandbox PATCH v2 11/19] Image: Add run function

On Mon, Aug 10, 2015 at 05:16:19PM +0100, Daniel P. Berrange wrote: > On Tue, Aug 04, 2015 at 08:11:17PM +0000, Eren Yagdiran wrote: > > Run an already-built template > > If there is no execution command specified by user, source.get_command will > > find the command to invoke > > --- > > virt-sandbox-image/virt-sandbox-image.py | 24 ++++++++++++++++++++++++ > > 1 file changed, 24 insertions(+) > > > > diff --git a/virt-sandbox-image/virt-sandbox-image.py b/virt-sandbox-image/virt-sandbox-image.py > > index 4c19fa8..e20ce22 100755 > > --- a/virt-sandbox-image/virt-sandbox-image.py > > +++ b/virt-sandbox-image/virt-sandbox-image.py > > @@ -101,6 +101,30 @@ def check_connect(connectstr): > > raise ValueError("%s is not supported by Virt-sandbox" %connectstr) > > return True > > > > +def run(args): > > + try: > > + if args.connect is not None: > > + check_connect(args.connect) > > + source = dynamic_source_loader(args.source) > > + diskfile,configfile = source.get_disk(name=args.name,path=args.imagepath) > > + > > + format = "qcow2" > > + commandToRun = args.igniter > > + if commandToRun is None: > > + commandToRun = source.get_command(configfile) > > + cmd = ['virt-sandbox'] > > + if args.connect is not None: > > + cmd.append("-c") > > + cmd.append(args.connect) > > + params = ['-m','host-image:/=%s,format=%s' %(diskfile,format), > > + '--', > > + commandToRun] > > + cmd = cmd + params > > + subprocess.call(cmd) > > + > > + except Exception,e: > > + print "Run Error %s" % str(e) > > This code actually ends up launching a sandbox using the template file as > the root disk image. This is not good, because we need to be able to run > multiple instances of the sandbox, all using the same template file. As > such we need to be able to create a new temporary disk image for each > sandbox instance, that is an overlay on the main template, an then > delete this temporary disk at shutdown. Or if we make sure / is read-only that would avoid the problem I mention here. With normal docker toolchain is / read-only by default, or do they make it writable with a throw-away snapshot ?