2014-01-08 21:47:57 -05:00
|
|
|
package lxc
|
|
|
|
|
|
|
|
import (
|
2014-05-05 17:45:14 -04:00
|
|
|
"encoding/json"
|
2014-01-09 18:04:45 -05:00
|
|
|
"fmt"
|
2014-07-16 18:37:10 -04:00
|
|
|
"io"
|
2014-01-10 21:21:41 -05:00
|
|
|
"io/ioutil"
|
2014-01-13 21:36:59 -05:00
|
|
|
"log"
|
2014-01-10 21:09:07 -05:00
|
|
|
"os"
|
2014-01-08 21:47:57 -05:00
|
|
|
"os/exec"
|
2014-01-10 21:09:07 -05:00
|
|
|
"path"
|
2014-01-28 10:17:51 -05:00
|
|
|
"path/filepath"
|
2014-05-31 13:20:07 -04:00
|
|
|
"runtime"
|
2014-01-08 21:47:57 -05:00
|
|
|
"strconv"
|
2014-01-09 18:04:45 -05:00
|
|
|
"strings"
|
2014-01-13 21:36:59 -05:00
|
|
|
"syscall"
|
2014-01-09 18:04:45 -05:00
|
|
|
"time"
|
2014-05-01 13:08:18 -04:00
|
|
|
|
2014-06-10 22:58:15 -04:00
|
|
|
"github.com/docker/libcontainer/cgroups"
|
|
|
|
"github.com/docker/libcontainer/label"
|
|
|
|
"github.com/docker/libcontainer/mount/nodes"
|
2014-07-24 18:19:50 -04:00
|
|
|
"github.com/docker/docker/daemon/execdriver"
|
|
|
|
"github.com/docker/docker/pkg/term"
|
|
|
|
"github.com/docker/docker/utils"
|
2014-07-16 18:37:10 -04:00
|
|
|
"github.com/kr/pty"
|
2014-01-08 21:47:57 -05:00
|
|
|
)
|
|
|
|
|
2014-01-13 21:36:59 -05:00
|
|
|
const DriverName = "lxc"
|
|
|
|
|
|
|
|
func init() {
|
2014-01-15 16:57:07 -05:00
|
|
|
execdriver.RegisterInitFunc(DriverName, func(args *execdriver.InitArgs) error {
|
2014-05-31 13:20:07 -04:00
|
|
|
runtime.LockOSThread()
|
2014-03-03 13:19:00 -05:00
|
|
|
if err := setupEnv(args); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2014-01-13 21:36:59 -05:00
|
|
|
if err := setupHostname(args); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if err := setupNetworking(args); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2014-06-19 14:07:57 -04:00
|
|
|
if err := finalizeNamespace(args); err != nil {
|
2014-01-13 21:36:59 -05:00
|
|
|
return err
|
|
|
|
}
|
2014-01-20 19:05:07 -05:00
|
|
|
|
2014-01-13 21:36:59 -05:00
|
|
|
path, err := exec.LookPath(args.Args[0])
|
|
|
|
if err != nil {
|
|
|
|
log.Printf("Unable to locate %v", args.Args[0])
|
|
|
|
os.Exit(127)
|
|
|
|
}
|
|
|
|
if err := syscall.Exec(path, args.Args, os.Environ()); err != nil {
|
2014-01-17 19:53:13 -05:00
|
|
|
return fmt.Errorf("dockerinit unable to execute %s - %s", path, err)
|
2014-01-13 21:36:59 -05:00
|
|
|
}
|
|
|
|
panic("Unreachable")
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2014-01-08 21:47:57 -05:00
|
|
|
type driver struct {
|
2014-05-01 13:08:18 -04:00
|
|
|
root string // root path for the driver to use
|
2014-06-03 03:46:01 -04:00
|
|
|
initPath string
|
2014-05-01 13:08:18 -04:00
|
|
|
apparmor bool
|
|
|
|
sharedRoot bool
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-06-03 03:46:01 -04:00
|
|
|
func NewDriver(root, initPath string, apparmor bool) (*driver, error) {
|
2014-01-08 21:47:57 -05:00
|
|
|
// setup unconfined symlink
|
2014-01-10 21:09:07 -05:00
|
|
|
if err := linkLxcStart(root); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2014-01-09 18:04:45 -05:00
|
|
|
return &driver{
|
2014-05-01 13:08:18 -04:00
|
|
|
apparmor: apparmor,
|
|
|
|
root: root,
|
2014-06-03 03:46:01 -04:00
|
|
|
initPath: initPath,
|
2014-05-01 13:08:18 -04:00
|
|
|
sharedRoot: rootIsShared(),
|
2014-01-09 18:04:45 -05:00
|
|
|
}, nil
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-01-13 19:10:23 -05:00
|
|
|
func (d *driver) Name() string {
|
2014-01-16 14:59:46 -05:00
|
|
|
version := d.version()
|
|
|
|
return fmt.Sprintf("%s-%s", DriverName, version)
|
2014-01-13 14:13:49 -05:00
|
|
|
}
|
|
|
|
|
2014-02-21 15:32:14 -05:00
|
|
|
func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallback execdriver.StartCallback) (int, error) {
|
2014-07-16 18:37:10 -04:00
|
|
|
var (
|
|
|
|
term execdriver.Terminal
|
|
|
|
err error
|
|
|
|
)
|
|
|
|
|
|
|
|
if c.Tty {
|
|
|
|
term, err = NewTtyConsole(c, pipes)
|
|
|
|
} else {
|
|
|
|
term, err = execdriver.NewStdConsole(c, pipes)
|
2014-02-21 15:32:14 -05:00
|
|
|
}
|
2014-07-16 18:37:10 -04:00
|
|
|
c.Terminal = term
|
|
|
|
|
2014-06-03 03:46:01 -04:00
|
|
|
c.Mounts = append(c.Mounts, execdriver.Mount{d.initPath, c.InitPath, false, true})
|
2014-07-16 18:37:10 -04:00
|
|
|
|
2014-05-05 17:45:14 -04:00
|
|
|
if err := d.generateEnvConfig(c); err != nil {
|
|
|
|
return -1, err
|
|
|
|
}
|
2014-01-15 20:26:04 -05:00
|
|
|
configPath, err := d.generateLXCConfig(c)
|
|
|
|
if err != nil {
|
|
|
|
return -1, err
|
|
|
|
}
|
2014-01-08 21:47:57 -05:00
|
|
|
params := []string{
|
2014-01-13 19:18:46 -05:00
|
|
|
"lxc-start",
|
2014-01-10 17:26:29 -05:00
|
|
|
"-n", c.ID,
|
2014-01-15 20:26:04 -05:00
|
|
|
"-f", configPath,
|
2014-01-08 21:47:57 -05:00
|
|
|
"--",
|
|
|
|
c.InitPath,
|
2014-01-13 14:13:49 -05:00
|
|
|
"-driver",
|
2014-01-16 18:09:00 -05:00
|
|
|
DriverName,
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-03-16 15:52:27 -04:00
|
|
|
if c.Network.Interface != nil {
|
2014-01-08 21:47:57 -05:00
|
|
|
params = append(params,
|
2014-03-16 15:52:27 -04:00
|
|
|
"-g", c.Network.Interface.Gateway,
|
|
|
|
"-i", fmt.Sprintf("%s/%d", c.Network.Interface.IPAddress, c.Network.Interface.IPPrefixLen),
|
2014-01-08 21:47:57 -05:00
|
|
|
)
|
|
|
|
}
|
2014-03-16 15:52:27 -04:00
|
|
|
params = append(params,
|
|
|
|
"-mtu", strconv.Itoa(c.Network.Mtu),
|
|
|
|
)
|
2014-01-08 21:47:57 -05:00
|
|
|
|
|
|
|
if c.User != "" {
|
|
|
|
params = append(params, "-u", c.User)
|
|
|
|
}
|
|
|
|
|
|
|
|
if c.Privileged {
|
2014-01-10 21:09:07 -05:00
|
|
|
if d.apparmor {
|
|
|
|
params[0] = path.Join(d.root, "lxc-start-unconfined")
|
|
|
|
|
|
|
|
}
|
2014-01-08 21:47:57 -05:00
|
|
|
params = append(params, "-privileged")
|
|
|
|
}
|
|
|
|
|
|
|
|
if c.WorkingDir != "" {
|
|
|
|
params = append(params, "-w", c.WorkingDir)
|
|
|
|
}
|
|
|
|
|
2014-07-10 15:31:01 -04:00
|
|
|
if len(c.CapAdd) > 0 {
|
|
|
|
params = append(params, "-cap-add", strings.Join(c.CapAdd, " "))
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(c.CapDrop) > 0 {
|
|
|
|
params = append(params, "-cap-drop", strings.Join(c.CapDrop, " "))
|
|
|
|
}
|
|
|
|
|
2014-01-21 04:19:12 -05:00
|
|
|
params = append(params, "--", c.Entrypoint)
|
|
|
|
params = append(params, c.Arguments...)
|
|
|
|
|
2014-01-10 21:21:41 -05:00
|
|
|
if d.sharedRoot {
|
|
|
|
// lxc-start really needs / to be non-shared, or all kinds of stuff break
|
|
|
|
// when lxc-start unmount things and those unmounts propagate to the main
|
|
|
|
// mount namespace.
|
|
|
|
// What we really want is to clone into a new namespace and then
|
|
|
|
// mount / MS_REC|MS_SLAVE, but since we can't really clone or fork
|
|
|
|
// without exec in go we have to do this horrible shell hack...
|
|
|
|
shellString :=
|
|
|
|
"mount --make-rslave /; exec " +
|
|
|
|
utils.ShellQuoteArguments(params)
|
|
|
|
|
|
|
|
params = []string{
|
|
|
|
"unshare", "-m", "--", "/bin/sh", "-c", shellString,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-01-10 14:44:35 -05:00
|
|
|
var (
|
|
|
|
name = params[0]
|
|
|
|
arg = params[1:]
|
|
|
|
)
|
|
|
|
aname, err := exec.LookPath(name)
|
|
|
|
if err != nil {
|
|
|
|
aname = name
|
2014-01-09 18:04:45 -05:00
|
|
|
}
|
2014-01-10 14:44:35 -05:00
|
|
|
c.Path = aname
|
|
|
|
c.Args = append([]string{name}, arg...)
|
|
|
|
|
2014-02-17 18:14:30 -05:00
|
|
|
if err := nodes.CreateDeviceNodes(c.Rootfs, c.AutoCreatedDevices); err != nil {
|
|
|
|
return -1, err
|
|
|
|
}
|
|
|
|
|
2014-01-10 14:44:35 -05:00
|
|
|
if err := c.Start(); err != nil {
|
2014-01-13 18:02:12 -05:00
|
|
|
return -1, err
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-01-13 18:02:12 -05:00
|
|
|
var (
|
|
|
|
waitErr error
|
|
|
|
waitLock = make(chan struct{})
|
|
|
|
)
|
2014-05-27 16:52:05 -04:00
|
|
|
|
2014-01-10 18:06:16 -05:00
|
|
|
go func() {
|
|
|
|
if err := c.Wait(); err != nil {
|
2014-01-30 17:59:21 -05:00
|
|
|
if _, ok := err.(*exec.ExitError); !ok { // Do not propagate the error if it's simply a status code != 0
|
|
|
|
waitErr = err
|
|
|
|
}
|
2014-01-10 18:06:16 -05:00
|
|
|
}
|
2014-01-13 18:02:12 -05:00
|
|
|
close(waitLock)
|
2014-01-10 18:06:16 -05:00
|
|
|
}()
|
|
|
|
|
2014-01-13 18:02:12 -05:00
|
|
|
// Poll lxc for RUNNING status
|
2014-03-05 20:57:27 -05:00
|
|
|
pid, err := d.waitForStart(c, waitLock)
|
|
|
|
if err != nil {
|
2014-03-11 14:39:28 -04:00
|
|
|
if c.Process != nil {
|
|
|
|
c.Process.Kill()
|
2014-05-27 16:52:05 -04:00
|
|
|
c.Wait()
|
2014-03-11 14:39:28 -04:00
|
|
|
}
|
2014-01-13 18:02:12 -05:00
|
|
|
return -1, err
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
2014-05-27 16:52:05 -04:00
|
|
|
|
2014-03-05 20:57:27 -05:00
|
|
|
c.ContainerPid = pid
|
2014-01-13 18:02:12 -05:00
|
|
|
|
|
|
|
if startCallback != nil {
|
|
|
|
startCallback(c)
|
|
|
|
}
|
|
|
|
|
|
|
|
<-waitLock
|
|
|
|
|
2014-01-28 05:16:02 -05:00
|
|
|
return getExitCode(c), waitErr
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Return the exit code of the process
|
|
|
|
// if the process has not exited -1 will be returned
|
|
|
|
func getExitCode(c *execdriver.Command) int {
|
|
|
|
if c.ProcessState == nil {
|
|
|
|
return -1
|
|
|
|
}
|
|
|
|
return c.ProcessState.Sys().(syscall.WaitStatus).ExitStatus()
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-01-20 19:05:07 -05:00
|
|
|
func (d *driver) Kill(c *execdriver.Command, sig int) error {
|
2014-03-06 17:14:25 -05:00
|
|
|
return KillLxc(c.ID, sig)
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-05-21 17:06:18 -04:00
|
|
|
func (d *driver) Pause(c *execdriver.Command) error {
|
|
|
|
_, err := exec.LookPath("lxc-freeze")
|
|
|
|
if err == nil {
|
|
|
|
output, errExec := exec.Command("lxc-freeze", "-n", c.ID).CombinedOutput()
|
|
|
|
if errExec != nil {
|
|
|
|
return fmt.Errorf("Err: %s Output: %s", errExec, output)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *driver) Unpause(c *execdriver.Command) error {
|
|
|
|
_, err := exec.LookPath("lxc-unfreeze")
|
|
|
|
if err == nil {
|
|
|
|
output, errExec := exec.Command("lxc-unfreeze", "-n", c.ID).CombinedOutput()
|
|
|
|
if errExec != nil {
|
|
|
|
return fmt.Errorf("Err: %s Output: %s", errExec, output)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2014-03-26 02:48:16 -04:00
|
|
|
func (d *driver) Terminate(c *execdriver.Command) error {
|
|
|
|
return KillLxc(c.ID, 9)
|
|
|
|
}
|
|
|
|
|
2014-01-16 14:59:46 -05:00
|
|
|
func (d *driver) version() string {
|
2014-02-27 19:32:58 -05:00
|
|
|
var (
|
|
|
|
version string
|
|
|
|
output []byte
|
|
|
|
err error
|
|
|
|
)
|
|
|
|
if _, errPath := exec.LookPath("lxc-version"); errPath == nil {
|
|
|
|
output, err = exec.Command("lxc-version").CombinedOutput()
|
|
|
|
} else {
|
|
|
|
output, err = exec.Command("lxc-start", "--version").CombinedOutput()
|
|
|
|
}
|
|
|
|
if err == nil {
|
|
|
|
version = strings.TrimSpace(string(output))
|
|
|
|
if parts := strings.SplitN(version, ":", 2); len(parts) == 2 {
|
|
|
|
version = strings.TrimSpace(parts[1])
|
2014-01-10 21:09:07 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return version
|
|
|
|
}
|
|
|
|
|
2014-03-06 17:14:25 -05:00
|
|
|
func KillLxc(id string, sig int) error {
|
2014-01-30 12:42:28 -05:00
|
|
|
var (
|
|
|
|
err error
|
|
|
|
output []byte
|
|
|
|
)
|
|
|
|
_, err = exec.LookPath("lxc-kill")
|
|
|
|
if err == nil {
|
2014-03-06 17:14:25 -05:00
|
|
|
output, err = exec.Command("lxc-kill", "-n", id, strconv.Itoa(sig)).CombinedOutput()
|
2014-01-30 12:42:28 -05:00
|
|
|
} else {
|
2014-03-06 17:14:25 -05:00
|
|
|
output, err = exec.Command("lxc-stop", "-k", "-n", id, strconv.Itoa(sig)).CombinedOutput()
|
2014-01-30 12:42:28 -05:00
|
|
|
}
|
2014-01-10 18:34:03 -05:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("Err: %s Output: %s", err, output)
|
|
|
|
}
|
|
|
|
return nil
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-03-05 20:57:27 -05:00
|
|
|
// wait for the process to start and return the pid for the process
|
|
|
|
func (d *driver) waitForStart(c *execdriver.Command, waitLock chan struct{}) (int, error) {
|
2014-01-10 17:26:29 -05:00
|
|
|
var (
|
|
|
|
err error
|
|
|
|
output []byte
|
|
|
|
)
|
2014-01-09 18:04:45 -05:00
|
|
|
// We wait for the container to be fully running.
|
|
|
|
// Timeout after 5 seconds. In case of broken pipe, just retry.
|
|
|
|
// Note: The container can run and finish correctly before
|
|
|
|
// the end of this loop
|
|
|
|
for now := time.Now(); time.Since(now) < 5*time.Second; {
|
2014-01-10 19:11:19 -05:00
|
|
|
select {
|
2014-01-13 18:02:12 -05:00
|
|
|
case <-waitLock:
|
2014-01-10 19:11:19 -05:00
|
|
|
// If the process dies while waiting for it, just return
|
2014-03-05 20:57:27 -05:00
|
|
|
return -1, nil
|
2014-01-10 19:11:19 -05:00
|
|
|
default:
|
2014-01-10 17:26:29 -05:00
|
|
|
}
|
|
|
|
|
2014-01-15 14:46:25 -05:00
|
|
|
output, err = d.getInfo(c.ID)
|
2014-05-10 18:05:02 -04:00
|
|
|
if err == nil {
|
|
|
|
info, err := parseLxcInfo(string(output))
|
2014-01-09 18:04:45 -05:00
|
|
|
if err != nil {
|
2014-03-05 20:57:27 -05:00
|
|
|
return -1, err
|
2014-01-09 18:04:45 -05:00
|
|
|
}
|
2014-05-10 18:05:02 -04:00
|
|
|
if info.Running {
|
|
|
|
return info.Pid, nil
|
|
|
|
}
|
2014-01-09 18:04:45 -05:00
|
|
|
}
|
|
|
|
time.Sleep(50 * time.Millisecond)
|
|
|
|
}
|
2014-03-05 20:57:27 -05:00
|
|
|
return -1, execdriver.ErrNotRunning
|
2014-01-08 21:47:57 -05:00
|
|
|
}
|
|
|
|
|
2014-01-15 14:46:25 -05:00
|
|
|
func (d *driver) getInfo(id string) ([]byte, error) {
|
2014-03-05 20:57:27 -05:00
|
|
|
return exec.Command("lxc-info", "-n", id).CombinedOutput()
|
2014-01-15 14:46:25 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
type info struct {
|
|
|
|
ID string
|
|
|
|
driver *driver
|
|
|
|
}
|
|
|
|
|
|
|
|
func (i *info) IsRunning() bool {
|
|
|
|
var running bool
|
|
|
|
|
|
|
|
output, err := i.driver.getInfo(i.ID)
|
|
|
|
if err != nil {
|
2014-02-07 22:09:52 -05:00
|
|
|
utils.Errorf("Error getting info for lxc container %s: %s (%s)", i.ID, err, output)
|
|
|
|
return false
|
2014-01-15 14:46:25 -05:00
|
|
|
}
|
|
|
|
if strings.Contains(string(output), "RUNNING") {
|
|
|
|
running = true
|
|
|
|
}
|
|
|
|
return running
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *driver) Info(id string) execdriver.Info {
|
|
|
|
return &info{
|
|
|
|
ID: id,
|
|
|
|
driver: d,
|
|
|
|
}
|
2014-01-10 17:26:29 -05:00
|
|
|
}
|
2014-01-10 21:09:07 -05:00
|
|
|
|
2014-01-28 10:17:51 -05:00
|
|
|
func (d *driver) GetPidsForContainer(id string) ([]int, error) {
|
|
|
|
pids := []int{}
|
|
|
|
|
2014-02-24 14:08:20 -05:00
|
|
|
// cpu is chosen because it is the only non optional subsystem in cgroups
|
|
|
|
subsystem := "cpu"
|
2014-01-28 10:17:51 -05:00
|
|
|
cgroupRoot, err := cgroups.FindCgroupMountpoint(subsystem)
|
|
|
|
if err != nil {
|
|
|
|
return pids, err
|
|
|
|
}
|
|
|
|
|
|
|
|
cgroupDir, err := cgroups.GetThisCgroupDir(subsystem)
|
|
|
|
if err != nil {
|
|
|
|
return pids, err
|
|
|
|
}
|
|
|
|
|
|
|
|
filename := filepath.Join(cgroupRoot, cgroupDir, id, "tasks")
|
|
|
|
if _, err := os.Stat(filename); os.IsNotExist(err) {
|
|
|
|
// With more recent lxc versions use, cgroup will be in lxc/
|
|
|
|
filename = filepath.Join(cgroupRoot, cgroupDir, "lxc", id, "tasks")
|
|
|
|
}
|
|
|
|
|
|
|
|
output, err := ioutil.ReadFile(filename)
|
|
|
|
if err != nil {
|
|
|
|
return pids, err
|
|
|
|
}
|
|
|
|
for _, p := range strings.Split(string(output), "\n") {
|
|
|
|
if len(p) == 0 {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
pid, err := strconv.Atoi(p)
|
|
|
|
if err != nil {
|
|
|
|
return pids, fmt.Errorf("Invalid pid '%s': %s", p, err)
|
|
|
|
}
|
|
|
|
pids = append(pids, pid)
|
|
|
|
}
|
|
|
|
return pids, nil
|
|
|
|
}
|
|
|
|
|
2014-01-10 21:09:07 -05:00
|
|
|
func linkLxcStart(root string) error {
|
|
|
|
sourcePath, err := exec.LookPath("lxc-start")
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
targetPath := path.Join(root, "lxc-start-unconfined")
|
|
|
|
|
|
|
|
if _, err := os.Lstat(targetPath); err != nil && !os.IsNotExist(err) {
|
|
|
|
return err
|
|
|
|
} else if err == nil {
|
|
|
|
if err := os.Remove(targetPath); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return os.Symlink(sourcePath, targetPath)
|
|
|
|
}
|
2014-01-10 21:21:41 -05:00
|
|
|
|
2014-01-13 18:09:41 -05:00
|
|
|
// TODO: This can be moved to the mountinfo reader in the mount pkg
|
2014-01-10 21:21:41 -05:00
|
|
|
func rootIsShared() bool {
|
|
|
|
if data, err := ioutil.ReadFile("/proc/self/mountinfo"); err == nil {
|
|
|
|
for _, line := range strings.Split(string(data), "\n") {
|
|
|
|
cols := strings.Split(line, " ")
|
|
|
|
if len(cols) >= 6 && cols[4] == "/" {
|
|
|
|
return strings.HasPrefix(cols[6], "shared")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// No idea, probably safe to assume so
|
|
|
|
return true
|
|
|
|
}
|
2014-01-15 20:26:04 -05:00
|
|
|
|
2014-01-20 19:05:07 -05:00
|
|
|
func (d *driver) generateLXCConfig(c *execdriver.Command) (string, error) {
|
2014-03-27 04:57:01 -04:00
|
|
|
var (
|
|
|
|
process, mount string
|
|
|
|
root = path.Join(d.root, "containers", c.ID, "config.lxc")
|
|
|
|
labels = c.Config["label"]
|
|
|
|
)
|
2014-01-15 20:26:04 -05:00
|
|
|
fo, err := os.Create(root)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
defer fo.Close()
|
|
|
|
|
2014-03-27 04:57:01 -04:00
|
|
|
if len(labels) > 0 {
|
|
|
|
process, mount, err = label.GenLabels(labels[0])
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-01-15 20:26:04 -05:00
|
|
|
if err := LxcTemplateCompiled.Execute(fo, struct {
|
2014-01-20 19:05:07 -05:00
|
|
|
*execdriver.Command
|
2014-05-01 13:08:18 -04:00
|
|
|
AppArmor bool
|
|
|
|
ProcessLabel string
|
|
|
|
MountLabel string
|
2014-01-15 20:26:04 -05:00
|
|
|
}{
|
2014-05-01 13:08:18 -04:00
|
|
|
Command: c,
|
|
|
|
AppArmor: d.apparmor,
|
|
|
|
ProcessLabel: process,
|
|
|
|
MountLabel: mount,
|
2014-01-15 20:26:04 -05:00
|
|
|
}); err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return root, nil
|
|
|
|
}
|
2014-05-05 17:45:14 -04:00
|
|
|
|
|
|
|
func (d *driver) generateEnvConfig(c *execdriver.Command) error {
|
|
|
|
data, err := json.Marshal(c.Env)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
p := path.Join(d.root, "containers", c.ID, "config.env")
|
|
|
|
c.Mounts = append(c.Mounts, execdriver.Mount{p, "/.dockerenv", false, true})
|
|
|
|
|
|
|
|
return ioutil.WriteFile(p, data, 0600)
|
|
|
|
}
|
2014-07-16 18:37:10 -04:00
|
|
|
|
|
|
|
type TtyConsole struct {
|
|
|
|
MasterPty *os.File
|
|
|
|
SlavePty *os.File
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewTtyConsole(command *execdriver.Command, pipes *execdriver.Pipes) (*TtyConsole, error) {
|
|
|
|
// lxc is special in that we cannot create the master outside of the container without
|
|
|
|
// opening the slave because we have nothing to provide to the cmd. We have to open both then do
|
|
|
|
// the crazy setup on command right now instead of passing the console path to lxc and telling it
|
|
|
|
// to open up that console. we save a couple of openfiles in the native driver because we can do
|
|
|
|
// this.
|
|
|
|
ptyMaster, ptySlave, err := pty.Open()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
tty := &TtyConsole{
|
|
|
|
MasterPty: ptyMaster,
|
|
|
|
SlavePty: ptySlave,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := tty.AttachPipes(&command.Cmd, pipes); err != nil {
|
|
|
|
tty.Close()
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
command.Console = tty.SlavePty.Name()
|
|
|
|
|
|
|
|
return tty, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *TtyConsole) Master() *os.File {
|
|
|
|
return t.MasterPty
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *TtyConsole) Resize(h, w int) error {
|
|
|
|
return term.SetWinsize(t.MasterPty.Fd(), &term.Winsize{Height: uint16(h), Width: uint16(w)})
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *TtyConsole) AttachPipes(command *exec.Cmd, pipes *execdriver.Pipes) error {
|
|
|
|
command.Stdout = t.SlavePty
|
|
|
|
command.Stderr = t.SlavePty
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
if wb, ok := pipes.Stdout.(interface {
|
|
|
|
CloseWriters() error
|
|
|
|
}); ok {
|
|
|
|
defer wb.CloseWriters()
|
|
|
|
}
|
|
|
|
|
|
|
|
io.Copy(pipes.Stdout, t.MasterPty)
|
|
|
|
}()
|
|
|
|
|
|
|
|
if pipes.Stdin != nil {
|
|
|
|
command.Stdin = t.SlavePty
|
|
|
|
command.SysProcAttr.Setctty = true
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
io.Copy(t.MasterPty, pipes.Stdin)
|
|
|
|
|
|
|
|
pipes.Stdin.Close()
|
|
|
|
}()
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (t *TtyConsole) Close() error {
|
|
|
|
t.SlavePty.Close()
|
|
|
|
return t.MasterPty.Close()
|
|
|
|
}
|