expose network configuration as envs to containers

xc/src/container/mod.rs

@@ -67,17 +67,29 @@ pub struct CreateContainer {
     pub root: String,
     /// The devfs ruleset id assigned to this container
     pub devfs_ruleset_id: u16,
+
     pub ip_alloc: Vec<IpAssign>,
+
     pub mount_req: Vec<Mount>,
+
     pub vnet: bool,
+
     pub init: Vec<Jexec>,
+
     pub deinit: Vec<Jexec>,
+
     pub main: Option<Jexec>,
+
     pub linux: bool,
+
     pub main_norun: bool,
+
     pub init_norun: bool,
+
     pub deinit_norun: bool,
+
     pub persist: bool,
+
     pub no_clean: bool,
     /// Do not create /proc automatically and abort mounting procfs if the directory is missing.
     pub linux_no_create_proc_dir: bool,
@@ -87,6 +99,7 @@ pub struct CreateContainer {
     pub linux_no_mount_sys: bool,
     /// Do not mount linux procfs
     pub linux_no_mount_proc: bool,
+
     pub zfs_origin: Option<String>,
 
     pub origin_image: Option<JailImage>,
@@ -108,6 +121,8 @@ pub struct CreateContainer {
     pub children_max: u32,
 
     pub main_ip_selector: Option<MainAddressSelector>,
+
+    pub envs: HashMap<String, String>,
 }
 
 impl CreateContainer {
@@ -413,7 +428,8 @@ impl CreateContainer {
             started: None,
             finished_at: None,
             jailed_datasets: self.jailed_datasets,
-            main_ip_selector: None,
+            main_ip_selector: self.main_ip_selector,
+            envs: self.envs
         })
     }
 }

xc/src/container/runner/mod.rs

@@ -194,9 +194,10 @@ impl ProcessRunner {
         info!("spawn: {exec:#?}");
         container_runner::spawn_process!(|| (self.container.jid, id, exec));
 
+        let mut envs = self.container.envs.clone();
+
         let jail = freebsd::jail::RunningJail::from_jid_unchecked(self.container.jid);
-        let paths = exec
-            .envs
+        let paths = envs
             .get("PATH")
             .cloned()
             .unwrap_or_else(|| "/bin:/usr/bin:/sbin:/usr/sbin".to_string());
@@ -247,11 +248,48 @@ impl ProcessRunner {
             },
         };
 
+
+        for (key, value) in exec.envs.iter() {
+            envs.insert(key.to_string(), value.to_string());
+        }
+
+        if let Some(address) = self.container.main_address() {
+            // allow faking the environ to make debugging easier
+            if !envs.contains_key("XC_MAIN_IP") {
+                envs.insert("XC_MAIN_IP".to_string(), address.address.to_string());
+            }
+            if !envs.contains_key("XC_MAIN_IFACE") {
+                envs.insert("XC_MAIN_IFACE".to_string(), address.interface);
+            }
+        }
+
+        let mut networks_count = 0;
+        for network in self.container.networks() {
+            networks_count += 1;
+            let network_name = network.network.as_ref().unwrap();
+            envs.insert(
+                format!("XC_NETWORK_{network_name}_ADDR_COUNT"),
+                network.addresses.len().to_string()
+            );
+            envs.insert(
+                format!("XC_NETWORK_{network_name}_IFACE"),
+                network.interface.to_string(),
+            );
+            for (i, addr) in network.addresses.iter().enumerate() {
+                envs.insert(format!("XC_NETWORK_{network_name}_ADDR_{i}"), addr.to_string());
+            }
+        }
+
+        envs.insert("XC_NETWORKS_COUNT".to_string(), networks_count.to_string());
+
+        envs.insert("XC_ID".to_string(), self.container.id.to_string());
+
+
         let mut cmd = std::process::Command::new(&exec.arg0);
 
         cmd.env_clear()
             .args(&exec.args)
-            .envs(&exec.envs)
+            .envs(envs)
             .jail(&jail)
             .juid(uid)
             .jgid(gid);

xc/src/container/running.rs

@@ -27,7 +27,7 @@ use crate::container::request::Mount;
 use crate::container::ContainerManifest;
 use crate::models::exec::Jexec;
 use crate::models::jail_image::JailImage;
-use crate::models::network::{DnsSetting, IpAssign, MainAddressSelector};
+use crate::models::network::{DnsSetting, IpAssign, MainAddressSelector, AssignedAddress};
 use crate::util::realpath;
 
 use anyhow::Context;
@@ -93,6 +93,28 @@ pub struct RunningContainer {
     pub jailed_datasets: Vec<PathBuf>,
 
     pub main_ip_selector: Option<MainAddressSelector>,
+
+    pub envs: HashMap<String, String>,
+}
+
+pub struct ContainerNetworkIter<'a>(std::slice::Iter<'a, IpAssign>);
+
+impl<'a> Iterator for ContainerNetworkIter<'a> {
+    type Item = &'a IpAssign;
+    fn next(&mut self) -> Option<Self::Item> {
+        loop {
+            match self.0.next() {
+                None => return None,
+                x@Some(assign) => {
+                    if assign.network.is_none() {
+                        continue
+                    } else {
+                        return x
+                    }
+                }
+            }
+        }
+    }
 }
 
 impl RunningContainer {
@@ -158,34 +180,12 @@ impl RunningContainer {
         Ok(())
     }
 
-    pub fn main_address(&self) -> Option<IpAddr> {
-        match &self.main_ip_selector {
-            Some(MainAddressSelector::Ip(address)) => Some(*address),
-            Some(MainAddressSelector::Network(network)) => {
-                for alloc in self.ip_alloc.iter() {
-                    match alloc.network.as_ref() {
-                        Some(_network) if network == _network => {
-                            match alloc.addresses.first() {
-                                None => continue,
-                                Some(addr) => return Some(addr.addr())
-                            }
-                        },
-                        _ => continue
-                    }
-                }
-                None
-            },
-            None => {
-                for alloc in self.ip_alloc.iter() {
-                    if alloc.network.is_some() {
-                        if let Some(address) = alloc.addresses.first() {
-                            return Some(address.addr())
-                        }
-                    }
-                }
-                None
-            },
-        }
+    pub fn main_address(&self) -> Option<AssignedAddress> {
+        MainAddressSelector::select(&self.main_ip_selector, self.ip_alloc.iter())
+    }
+
+    pub fn networks(&self) -> ContainerNetworkIter<'_> {
+        ContainerNetworkIter(self.ip_alloc.iter())
     }
 
     pub fn serialized(&self) -> ContainerManifest {
@@ -224,7 +224,7 @@ impl RunningContainer {
             started: self.started,
             finished_at: self.finished_at,
             created: self.created,
-            main_address: self.main_address(),
+            main_address: self.main_address().map(|a| a.address),
         }
     }
 }

xc/src/models/network.rs

@@ -163,6 +163,60 @@ pub enum MainAddressSelector {
     Ip(IpAddr)
 }
 
+pub struct AssignedAddress {
+    pub interface: String,
+    pub address: IpAddr,
+}
+
+impl AssignedAddress {
+    pub fn new(interface: String, address: IpAddr) -> AssignedAddress {
+        AssignedAddress {
+            interface,
+            address,
+        }
+    }
+}
+
+impl MainAddressSelector {
+    pub fn select<'a, I: Iterator<Item = &'a IpAssign>>(selector: &Option<Self>, pool: I) -> Option<AssignedAddress> {
+        match selector {
+            None => {
+                for alloc in pool {
+                    if alloc.network.is_some() {
+                        if let Some(address) = alloc.addresses.first() {
+                            return Some(AssignedAddress::new(alloc.interface.to_string(), address.addr()))
+                        }
+                    }
+                }
+                None
+            },
+            Some(MainAddressSelector::Ip(address)) => /*Some(*address)*/ {
+                for alloc in pool {
+                    if alloc.addresses.iter().any(|addr| addr.addr() == *address) {
+                        return Some(AssignedAddress::new(alloc.interface.to_string(), *address))
+                    }
+                }
+                None
+            },
+            Some(MainAddressSelector::Network(network)) => {
+                for alloc in pool {
+                    match alloc.network.as_ref() {
+                        Some(_network) if network == _network => {
+                            match alloc.addresses.first() {
+                                None => continue,
+                                Some(addr) =>
+                                    return Some(AssignedAddress::new(alloc.interface.to_string(), addr.addr()))
+                            }
+                        },
+                        _ => continue
+                    }
+                }
+                None
+            }
+        }
+    }
+}
+
 impl std::fmt::Display for MainAddressSelector {
     fn fmt(&self, formatter: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {

xcd/src/instantiate.rs

@@ -460,6 +460,8 @@ impl InstantiateBlueprint {
 
         let devfs_ruleset_id = devfs_store.get_ruleset_id(&devfs_rules);
 
+        envs.insert("XC_DEVFS_RULESET".to_string(), devfs_ruleset_id.to_string());
+
         let main = match &request.request.entry_point {
             Some(spec) => {
                 let args = {

xcd/src/site.rs

@@ -448,6 +448,7 @@ impl Site {
                     jailed_datasets: blueprint.jailed_datasets,
                     children_max: blueprint.children_max,
                     main_ip_selector: blueprint.main_ip_selector,
+                    envs: blueprint.envs,
                 };
 
                 for iface in blueprint.created_interfaces.iter() {