2016-06-07 03:45:21 -04:00
|
|
|
// +build linux solaris
|
|
|
|
|
2016-03-18 14:50:19 -04:00
|
|
|
package libcontainerd
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2016-06-02 14:10:55 -04:00
|
|
|
"io"
|
2016-03-18 14:50:19 -04:00
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2016-10-18 14:18:19 -04:00
|
|
|
"sync"
|
2016-10-14 19:31:27 -04:00
|
|
|
"time"
|
2016-03-18 14:50:19 -04:00
|
|
|
|
2017-05-09 10:39:23 -04:00
|
|
|
containerd "github.com/containerd/containerd/api/grpc/types"
|
2016-09-20 11:10:04 -04:00
|
|
|
"github.com/docker/docker/pkg/ioutils"
|
2016-11-08 12:59:49 -05:00
|
|
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
2017-07-26 17:42:13 -04:00
|
|
|
"github.com/sirupsen/logrus"
|
2016-10-14 19:31:27 -04:00
|
|
|
"github.com/tonistiigi/fifo"
|
2016-03-18 14:50:19 -04:00
|
|
|
"golang.org/x/net/context"
|
2017-05-23 10:22:32 -04:00
|
|
|
"golang.org/x/sys/unix"
|
2016-03-18 14:50:19 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
type container struct {
|
|
|
|
containerCommon
|
|
|
|
|
|
|
|
// Platform specific fields are below here.
|
|
|
|
pauseMonitor
|
2016-05-23 17:49:50 -04:00
|
|
|
oom bool
|
|
|
|
runtime string
|
|
|
|
runtimeArgs []string
|
|
|
|
}
|
|
|
|
|
|
|
|
type runtime struct {
|
|
|
|
path string
|
|
|
|
args []string
|
|
|
|
}
|
|
|
|
|
|
|
|
// WithRuntime sets the runtime to be used for the created container
|
|
|
|
func WithRuntime(path string, args []string) CreateOption {
|
|
|
|
return runtime{path, args}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (rt runtime) Apply(p interface{}) error {
|
|
|
|
if pr, ok := p.(*container); ok {
|
|
|
|
pr.runtime = rt.path
|
|
|
|
pr.runtimeArgs = rt.args
|
|
|
|
}
|
|
|
|
return nil
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func (ctr *container) clean() error {
|
2016-04-21 16:58:21 -04:00
|
|
|
if os.Getenv("LIBCONTAINERD_NOCLEAN") == "1" {
|
|
|
|
return nil
|
|
|
|
}
|
2016-03-18 14:50:19 -04:00
|
|
|
if _, err := os.Lstat(ctr.dir); err != nil {
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := os.RemoveAll(ctr.dir); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-04-18 14:01:02 -04:00
|
|
|
// cleanProcess removes the fifos used by an additional process.
|
|
|
|
// Caller needs to lock container ID before calling this method.
|
|
|
|
func (ctr *container) cleanProcess(id string) {
|
|
|
|
if p, ok := ctr.processes[id]; ok {
|
2017-05-23 10:22:32 -04:00
|
|
|
for _, i := range []int{unix.Stdin, unix.Stdout, unix.Stderr} {
|
2016-11-08 12:59:49 -05:00
|
|
|
if err := os.Remove(p.fifo(i)); err != nil && !os.IsNotExist(err) {
|
2016-07-22 18:20:14 -04:00
|
|
|
logrus.Warnf("libcontainerd: failed to remove %v for process %v: %v", p.fifo(i), id, err)
|
2016-04-18 14:01:02 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
delete(ctr.processes, id)
|
|
|
|
}
|
|
|
|
|
2016-03-18 14:50:19 -04:00
|
|
|
func (ctr *container) spec() (*specs.Spec, error) {
|
|
|
|
var spec specs.Spec
|
|
|
|
dt, err := ioutil.ReadFile(filepath.Join(ctr.dir, configFilename))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := json.Unmarshal(dt, &spec); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &spec, nil
|
|
|
|
}
|
|
|
|
|
2017-06-21 13:42:27 -04:00
|
|
|
func (ctr *container) start(spec *specs.Spec, checkpoint, checkpointDir string, attachStdio StdioCallback) (err error) {
|
2016-10-18 14:18:19 -04:00
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
defer cancel()
|
|
|
|
ready := make(chan struct{})
|
|
|
|
|
2017-01-13 14:06:51 -05:00
|
|
|
fifoCtx, cancel := context.WithCancel(context.Background())
|
|
|
|
defer func() {
|
|
|
|
if err != nil {
|
|
|
|
cancel()
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
iopipe, err := ctr.openFifos(fifoCtx, spec.Process.Terminal)
|
2016-03-18 14:50:19 -04:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2016-10-18 14:18:19 -04:00
|
|
|
var stdinOnce sync.Once
|
|
|
|
|
2016-09-20 11:10:04 -04:00
|
|
|
// we need to delay stdin closure after container start or else "stdin close"
|
|
|
|
// event will be rejected by containerd.
|
2016-10-17 17:39:52 -04:00
|
|
|
// stdin closure happens in attachStdio
|
2016-09-20 11:10:04 -04:00
|
|
|
stdin := iopipe.Stdin
|
|
|
|
iopipe.Stdin = ioutils.NewWriteCloserWrapper(stdin, func() error {
|
2016-10-18 14:18:19 -04:00
|
|
|
var err error
|
|
|
|
stdinOnce.Do(func() { // on error from attach we don't know if stdin was already closed
|
|
|
|
err = stdin.Close()
|
|
|
|
go func() {
|
2016-11-21 17:10:34 -05:00
|
|
|
select {
|
|
|
|
case <-ready:
|
|
|
|
case <-ctx.Done():
|
|
|
|
}
|
2016-10-18 14:18:19 -04:00
|
|
|
select {
|
|
|
|
case <-ready:
|
|
|
|
if err := ctr.sendCloseStdin(); err != nil {
|
2016-10-25 21:34:35 -04:00
|
|
|
logrus.Warnf("failed to close stdin: %+v", err)
|
2016-10-18 14:18:19 -04:00
|
|
|
}
|
2016-11-21 17:10:34 -05:00
|
|
|
default:
|
2016-10-18 14:18:19 -04:00
|
|
|
}
|
|
|
|
}()
|
|
|
|
})
|
|
|
|
return err
|
2016-09-20 11:10:04 -04:00
|
|
|
})
|
|
|
|
|
2016-03-18 14:50:19 -04:00
|
|
|
r := &containerd.CreateContainerRequest{
|
2016-05-12 10:52:00 -04:00
|
|
|
Id: ctr.containerID,
|
|
|
|
BundlePath: ctr.dir,
|
2017-05-23 10:22:32 -04:00
|
|
|
Stdin: ctr.fifo(unix.Stdin),
|
|
|
|
Stdout: ctr.fifo(unix.Stdout),
|
|
|
|
Stderr: ctr.fifo(unix.Stderr),
|
2016-05-12 10:52:00 -04:00
|
|
|
Checkpoint: checkpoint,
|
|
|
|
CheckpointDir: checkpointDir,
|
2016-03-31 01:03:10 -04:00
|
|
|
// check to see if we are running in ramdisk to disable pivot root
|
|
|
|
NoPivotRoot: os.Getenv("DOCKER_RAMDISK") != "",
|
2016-05-23 17:49:50 -04:00
|
|
|
Runtime: ctr.runtime,
|
|
|
|
RuntimeArgs: ctr.runtimeArgs,
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
ctr.client.appendContainer(ctr)
|
|
|
|
|
2016-10-17 17:39:52 -04:00
|
|
|
if err := attachStdio(*iopipe); err != nil {
|
2016-03-18 14:50:19 -04:00
|
|
|
ctr.closeFifos(iopipe)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2016-09-20 11:10:04 -04:00
|
|
|
resp, err := ctr.client.remote.apiClient.CreateContainer(context.Background(), r)
|
|
|
|
if err != nil {
|
|
|
|
ctr.closeFifos(iopipe)
|
2016-03-18 14:50:19 -04:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
ctr.systemPid = systemPid(resp.Container)
|
2016-10-18 14:18:19 -04:00
|
|
|
close(ready)
|
2016-03-18 14:50:19 -04:00
|
|
|
|
|
|
|
return ctr.client.backend.StateChanged(ctr.containerID, StateInfo{
|
2016-04-01 20:02:38 -04:00
|
|
|
CommonStateInfo: CommonStateInfo{
|
|
|
|
State: StateStart,
|
|
|
|
Pid: ctr.systemPid,
|
|
|
|
}})
|
2017-06-21 13:42:27 -04:00
|
|
|
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func (ctr *container) newProcess(friendlyName string) *process {
|
|
|
|
return &process{
|
|
|
|
dir: ctr.dir,
|
|
|
|
processCommon: processCommon{
|
|
|
|
containerID: ctr.containerID,
|
|
|
|
friendlyName: friendlyName,
|
|
|
|
client: ctr.client,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctr *container) handleEvent(e *containerd.Event) error {
|
|
|
|
ctr.client.lock(ctr.containerID)
|
|
|
|
defer ctr.client.unlock(ctr.containerID)
|
|
|
|
switch e.Type {
|
|
|
|
case StateExit, StatePause, StateResume, StateOOM:
|
|
|
|
st := StateInfo{
|
2016-04-01 20:02:38 -04:00
|
|
|
CommonStateInfo: CommonStateInfo{
|
|
|
|
State: e.Type,
|
|
|
|
ExitCode: e.Status,
|
|
|
|
},
|
2016-03-18 14:50:19 -04:00
|
|
|
OOMKilled: e.Type == StateExit && ctr.oom,
|
|
|
|
}
|
|
|
|
if e.Type == StateOOM {
|
|
|
|
ctr.oom = true
|
|
|
|
}
|
|
|
|
if e.Type == StateExit && e.Pid != InitFriendlyName {
|
|
|
|
st.ProcessID = e.Pid
|
|
|
|
st.State = StateExitProcess
|
|
|
|
}
|
2016-08-03 16:45:46 -04:00
|
|
|
|
|
|
|
// Remove process from list if we have exited
|
|
|
|
switch st.State {
|
|
|
|
case StateExit:
|
|
|
|
ctr.clean()
|
|
|
|
ctr.client.deleteContainer(e.Id)
|
|
|
|
case StateExitProcess:
|
|
|
|
ctr.cleanProcess(st.ProcessID)
|
|
|
|
}
|
|
|
|
ctr.client.q.append(e.Id, func() {
|
|
|
|
if err := ctr.client.backend.StateChanged(e.Id, st); err != nil {
|
|
|
|
logrus.Errorf("libcontainerd: backend.StateChanged(): %v", err)
|
|
|
|
}
|
2016-03-18 14:50:19 -04:00
|
|
|
if e.Type == StatePause || e.Type == StateResume {
|
|
|
|
ctr.pauseMonitor.handle(e.Type)
|
|
|
|
}
|
|
|
|
if e.Type == StateExit {
|
|
|
|
if en := ctr.client.getExitNotifier(e.Id); en != nil {
|
|
|
|
en.close()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
default:
|
2016-07-22 18:20:14 -04:00
|
|
|
logrus.Debugf("libcontainerd: event unhandled: %+v", e)
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2016-06-02 14:10:55 -04:00
|
|
|
|
|
|
|
// discardFifos attempts to fully read the container fifos to unblock processes
|
|
|
|
// that may be blocked on the writer side.
|
|
|
|
func (ctr *container) discardFifos() {
|
2016-10-14 19:31:27 -04:00
|
|
|
ctx, _ := context.WithTimeout(context.Background(), 3*time.Second)
|
2017-05-23 10:22:32 -04:00
|
|
|
for _, i := range []int{unix.Stdout, unix.Stderr} {
|
|
|
|
f, err := fifo.OpenFifo(ctx, ctr.fifo(i), unix.O_RDONLY|unix.O_NONBLOCK, 0)
|
2016-10-14 19:31:27 -04:00
|
|
|
if err != nil {
|
|
|
|
logrus.Warnf("error opening fifo %v for discarding: %+v", f, err)
|
|
|
|
continue
|
|
|
|
}
|
2016-06-02 14:10:55 -04:00
|
|
|
go func() {
|
2016-10-14 19:31:27 -04:00
|
|
|
io.Copy(ioutil.Discard, f)
|
2016-06-02 14:10:55 -04:00
|
|
|
}()
|
|
|
|
}
|
|
|
|
}
|