2018-02-05 16:05:59 -05:00
|
|
|
package daemon // import "github.com/docker/docker/daemon"
|
2015-04-29 18:53:35 -04:00
|
|
|
|
2016-10-13 17:51:10 -04:00
|
|
|
import (
|
2016-12-01 11:11:15 -05:00
|
|
|
"fmt"
|
|
|
|
"os"
|
|
|
|
|
2016-10-13 17:51:10 -04:00
|
|
|
"github.com/docker/docker/container"
|
2021-04-05 20:24:47 -04:00
|
|
|
"github.com/docker/docker/libnetwork"
|
2021-05-27 20:15:56 -04:00
|
|
|
"github.com/docker/docker/pkg/system"
|
2016-12-01 11:11:15 -05:00
|
|
|
"github.com/pkg/errors"
|
2017-07-26 17:42:13 -04:00
|
|
|
"github.com/sirupsen/logrus"
|
2016-10-13 17:51:10 -04:00
|
|
|
)
|
2015-04-29 18:53:35 -04:00
|
|
|
|
2015-11-12 14:55:17 -05:00
|
|
|
func (daemon *Daemon) setupLinkedContainers(container *container.Container) ([]string, error) {
|
2015-04-29 18:53:35 -04:00
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2017-05-11 14:55:03 -04:00
|
|
|
func (daemon *Daemon) setupConfigDir(c *container.Container) (setupErr error) {
|
|
|
|
if len(c.ConfigReferences) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2018-01-17 10:49:58 -05:00
|
|
|
localPath := c.ConfigsDirPath()
|
2017-05-11 14:55:03 -04:00
|
|
|
logrus.Debugf("configs: setting up config dir: %s", localPath)
|
|
|
|
|
|
|
|
// create local config root
|
2017-06-01 21:59:11 -04:00
|
|
|
if err := system.MkdirAllWithACL(localPath, 0, system.SddlAdministratorsLocalSystem); err != nil {
|
2017-05-11 14:55:03 -04:00
|
|
|
return errors.Wrap(err, "error creating config dir")
|
|
|
|
}
|
|
|
|
|
|
|
|
defer func() {
|
|
|
|
if setupErr != nil {
|
|
|
|
if err := os.RemoveAll(localPath); err != nil {
|
|
|
|
logrus.Errorf("error cleaning up config dir: %s", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
if c.DependencyStore == nil {
|
|
|
|
return fmt.Errorf("config store is not initialized")
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, configRef := range c.ConfigReferences {
|
|
|
|
// TODO (ehazlett): use type switch when more are supported
|
|
|
|
if configRef.File == nil {
|
2019-02-07 15:27:08 -05:00
|
|
|
// Runtime configs are not mounted into the container, but they're
|
|
|
|
// a valid type of config so we should not error when we encounter
|
|
|
|
// one.
|
|
|
|
if configRef.Runtime == nil {
|
|
|
|
logrus.Error("config target type is not a file or runtime target")
|
|
|
|
}
|
|
|
|
// However, in any case, this isn't a file config, so we have no
|
|
|
|
// further work to do
|
2017-05-11 14:55:03 -04:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2019-08-09 08:51:11 -04:00
|
|
|
fPath, err := c.ConfigFilePath(*configRef)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "error getting config file path for container")
|
|
|
|
}
|
2017-05-11 14:55:03 -04:00
|
|
|
log := logrus.WithFields(logrus.Fields{"name": configRef.File.Name, "path": fPath})
|
|
|
|
|
|
|
|
log.Debug("injecting config")
|
2017-06-15 14:11:48 -04:00
|
|
|
config, err := c.DependencyStore.Configs().Get(configRef.ConfigID)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "unable to get config from config store")
|
2017-05-11 14:55:03 -04:00
|
|
|
}
|
2021-08-24 06:10:50 -04:00
|
|
|
if err := os.WriteFile(fPath, config.Spec.Data, configRef.File.Mode); err != nil {
|
2017-05-11 14:55:03 -04:00
|
|
|
return errors.Wrap(err, "error injecting config")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-11-12 14:55:17 -05:00
|
|
|
func (daemon *Daemon) setupIpcDirs(container *container.Container) error {
|
2015-08-03 18:05:34 -04:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-04-06 15:01:29 -04:00
|
|
|
// TODO Windows: Fix Post-TP5. This is a hack to allow docker cp to work
|
2015-11-12 14:55:17 -05:00
|
|
|
// against containers which have volumes. You will still be able to cp
|
|
|
|
// to somewhere on the container drive, but not to any mounted volumes
|
|
|
|
// inside the container. Without this fix, docker cp is broken to any
|
|
|
|
// container which has a volume, regardless of where the file is inside the
|
|
|
|
// container.
|
|
|
|
func (daemon *Daemon) mountVolumes(container *container.Container) error {
|
2015-08-03 18:05:34 -04:00
|
|
|
return nil
|
|
|
|
}
|
2015-09-24 17:59:23 -04:00
|
|
|
|
2016-12-01 11:11:15 -05:00
|
|
|
func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
|
|
|
|
if len(c.SecretReferences) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2017-12-18 16:02:23 -05:00
|
|
|
localMountPath, err := c.SecretMountPath()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-12-01 11:11:15 -05:00
|
|
|
logrus.Debugf("secrets: setting up secret dir: %s", localMountPath)
|
|
|
|
|
|
|
|
// create local secret root
|
2017-06-01 21:59:11 -04:00
|
|
|
if err := system.MkdirAllWithACL(localMountPath, 0, system.SddlAdministratorsLocalSystem); err != nil {
|
2016-12-01 11:11:15 -05:00
|
|
|
return errors.Wrap(err, "error creating secret local directory")
|
|
|
|
}
|
|
|
|
|
|
|
|
defer func() {
|
|
|
|
if setupErr != nil {
|
|
|
|
if err := os.RemoveAll(localMountPath); err != nil {
|
|
|
|
logrus.Errorf("error cleaning up secret mount: %s", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
if c.DependencyStore == nil {
|
|
|
|
return fmt.Errorf("secret store is not initialized")
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, s := range c.SecretReferences {
|
|
|
|
// TODO (ehazlett): use type switch when more are supported
|
|
|
|
if s.File == nil {
|
|
|
|
logrus.Error("secret target type is not a file target")
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
// secrets are created in the SecretMountPath on the host, at a
|
|
|
|
// single level
|
2017-12-18 16:02:23 -05:00
|
|
|
fPath, err := c.SecretFilePath(*s)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-12-01 11:11:15 -05:00
|
|
|
logrus.WithFields(logrus.Fields{
|
|
|
|
"name": s.File.Name,
|
|
|
|
"path": fPath,
|
|
|
|
}).Debug("injecting secret")
|
2017-06-15 14:11:48 -04:00
|
|
|
secret, err := c.DependencyStore.Secrets().Get(s.SecretID)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "unable to get secret from secret store")
|
2016-12-01 11:11:15 -05:00
|
|
|
}
|
2021-08-24 06:10:50 -04:00
|
|
|
if err := os.WriteFile(fPath, secret.Spec.Data, s.File.Mode); err != nil {
|
2016-12-01 11:11:15 -05:00
|
|
|
return errors.Wrap(err, "error injecting secret")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-11-12 14:55:17 -05:00
|
|
|
func killProcessDirectly(container *container.Container) error {
|
2015-11-11 16:53:38 -05:00
|
|
|
return nil
|
|
|
|
}
|
2016-03-09 23:33:21 -05:00
|
|
|
|
|
|
|
func isLinkable(child *container.Container) bool {
|
|
|
|
return false
|
|
|
|
}
|
2016-04-20 18:35:11 -04:00
|
|
|
|
|
|
|
func enableIPOnPredefinedNetwork() bool {
|
|
|
|
return true
|
|
|
|
}
|
2016-09-21 15:02:20 -04:00
|
|
|
|
2019-03-20 05:26:43 -04:00
|
|
|
// serviceDiscoveryOnDefaultNetwork indicates if service discovery is supported on the default network
|
|
|
|
func serviceDiscoveryOnDefaultNetwork() bool {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2018-07-17 15:11:38 -04:00
|
|
|
func (daemon *Daemon) setupPathsAndSandboxOptions(container *container.Container, sboxOptions *[]libnetwork.SandboxOption) error {
|
2016-10-13 17:51:10 -04:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2017-06-12 18:20:23 -04:00
|
|
|
func (daemon *Daemon) initializeNetworkingPaths(container *container.Container, nc *container.Container) error {
|
|
|
|
|
|
|
|
if nc.HostConfig.Isolation.IsHyperV() {
|
|
|
|
return fmt.Errorf("sharing of hyperv containers network is not supported")
|
|
|
|
}
|
|
|
|
|
2017-02-28 23:03:43 -05:00
|
|
|
container.NetworkSharedContainerID = nc.ID
|
2017-06-12 18:20:23 -04:00
|
|
|
|
|
|
|
if nc.NetworkSettings != nil {
|
|
|
|
for n := range nc.NetworkSettings.Networks {
|
2018-01-15 12:26:43 -05:00
|
|
|
sn, err := daemon.FindNetwork(n)
|
2017-06-12 18:20:23 -04:00
|
|
|
if err != nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2018-05-10 16:44:09 -04:00
|
|
|
ep, err := getEndpointInNetwork(nc.Name, sn)
|
2017-06-12 18:20:23 -04:00
|
|
|
if err != nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
data, err := ep.DriverInfo()
|
|
|
|
if err != nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
if data["GW_INFO"] != nil {
|
|
|
|
gwInfo := data["GW_INFO"].(map[string]interface{})
|
|
|
|
if gwInfo["hnsid"] != nil {
|
|
|
|
container.SharedEndpointList = append(container.SharedEndpointList, gwInfo["hnsid"].(string))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if data["hnsid"] != nil {
|
|
|
|
container.SharedEndpointList = append(container.SharedEndpointList, data["hnsid"].(string))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
2016-10-13 17:51:10 -04:00
|
|
|
}
|