2018-02-05 16:05:59 -05:00
|
|
|
package daemon // import "github.com/docker/docker/daemon"
|
2014-09-09 00:19:32 -04:00
|
|
|
|
|
|
|
import (
|
2018-04-19 18:30:59 -04:00
|
|
|
"context"
|
Remove static errors from errors package.
Moving all strings to the errors package wasn't a good idea after all.
Our custom implementation of Go errors predates everything that's nice
and good about working with errors in Go. Take as an example what we
have to do to get an error message:
```go
func GetErrorMessage(err error) string {
switch err.(type) {
case errcode.Error:
e, _ := err.(errcode.Error)
return e.Message
case errcode.ErrorCode:
ec, _ := err.(errcode.ErrorCode)
return ec.Message()
default:
return err.Error()
}
}
```
This goes against every good practice for Go development. The language already provides a simple, intuitive and standard way to get error messages, that is calling the `Error()` method from an error. Reinventing the error interface is a mistake.
Our custom implementation also makes very hard to reason about errors, another nice thing about Go. I found several (>10) error declarations that we don't use anywhere. This is a clear sign about how little we know about the errors we return. I also found several error usages where the number of arguments was different than the parameters declared in the error, another clear example of how difficult is to reason about errors.
Moreover, our custom implementation didn't really make easier for people to return custom HTTP status code depending on the errors. Again, it's hard to reason about when to set custom codes and how. Take an example what we have to do to extract the message and status code from an error before returning a response from the API:
```go
switch err.(type) {
case errcode.ErrorCode:
daError, _ := err.(errcode.ErrorCode)
statusCode = daError.Descriptor().HTTPStatusCode
errMsg = daError.Message()
case errcode.Error:
// For reference, if you're looking for a particular error
// then you can do something like :
// import ( derr "github.com/docker/docker/errors" )
// if daError.ErrorCode() == derr.ErrorCodeNoSuchContainer { ... }
daError, _ := err.(errcode.Error)
statusCode = daError.ErrorCode().Descriptor().HTTPStatusCode
errMsg = daError.Message
default:
// This part of will be removed once we've
// converted everything over to use the errcode package
// FIXME: this is brittle and should not be necessary.
// If we need to differentiate between different possible error types,
// we should create appropriate error types with clearly defined meaning
errStr := strings.ToLower(err.Error())
for keyword, status := range map[string]int{
"not found": http.StatusNotFound,
"no such": http.StatusNotFound,
"bad parameter": http.StatusBadRequest,
"conflict": http.StatusConflict,
"impossible": http.StatusNotAcceptable,
"wrong login/password": http.StatusUnauthorized,
"hasn't been activated": http.StatusForbidden,
} {
if strings.Contains(errStr, keyword) {
statusCode = status
break
}
}
}
```
You can notice two things in that code:
1. We have to explain how errors work, because our implementation goes against how easy to use Go errors are.
2. At no moment we arrived to remove that `switch` statement that was the original reason to use our custom implementation.
This change removes all our status errors from the errors package and puts them back in their specific contexts.
IT puts the messages back with their contexts. That way, we know right away when errors used and how to generate their messages.
It uses custom interfaces to reason about errors. Errors that need to response with a custom status code MUST implementent this simple interface:
```go
type errorWithStatus interface {
HTTPErrorStatusCode() int
}
```
This interface is very straightforward to implement. It also preserves Go errors real behavior, getting the message is as simple as using the `Error()` method.
I included helper functions to generate errors that use custom status code in `errors/errors.go`.
By doing this, we remove the hard dependency we have eeverywhere to our custom errors package. Yes, you can use it as a helper to generate error, but it's still very easy to generate errors without it.
Please, read this fantastic blog post about errors in Go: http://dave.cheney.net/2014/12/24/inspecting-errors
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-25 10:53:35 -05:00
|
|
|
"fmt"
|
2014-09-09 00:19:32 -04:00
|
|
|
"io"
|
2019-03-13 16:04:28 -04:00
|
|
|
"runtime"
|
2014-09-23 17:47:33 -04:00
|
|
|
"strings"
|
2015-07-08 14:13:47 -04:00
|
|
|
"time"
|
2014-09-09 00:19:32 -04:00
|
|
|
|
2016-09-06 14:18:12 -04:00
|
|
|
"github.com/docker/docker/api/types"
|
|
|
|
"github.com/docker/docker/api/types/strslice"
|
2015-11-12 14:55:17 -05:00
|
|
|
"github.com/docker/docker/container"
|
2017-01-19 11:02:51 -05:00
|
|
|
"github.com/docker/docker/container/stream"
|
2015-11-20 17:35:16 -05:00
|
|
|
"github.com/docker/docker/daemon/exec"
|
2018-01-11 14:53:06 -05:00
|
|
|
"github.com/docker/docker/errdefs"
|
2015-06-29 16:27:54 -04:00
|
|
|
"github.com/docker/docker/pkg/pools"
|
2021-07-09 18:11:57 -04:00
|
|
|
"github.com/moby/sys/signal"
|
2020-04-16 05:31:08 -04:00
|
|
|
"github.com/moby/term"
|
2019-08-05 10:37:47 -04:00
|
|
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
2017-07-19 10:20:13 -04:00
|
|
|
"github.com/pkg/errors"
|
2017-07-26 17:42:13 -04:00
|
|
|
"github.com/sirupsen/logrus"
|
2014-09-09 00:19:32 -04:00
|
|
|
)
|
|
|
|
|
2016-04-18 05:48:13 -04:00
|
|
|
// Seconds to wait after sending TERM before trying KILL
|
2019-01-09 13:24:03 -05:00
|
|
|
const termProcessTimeout = 10 * time.Second
|
2016-04-18 05:48:13 -04:00
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) registerExecCommand(container *container.Container, config *exec.Config) {
|
2015-02-26 06:03:44 -05:00
|
|
|
// Storing execs in container in order to kill them gracefully whenever the container is stopped or removed.
|
2015-11-12 14:55:17 -05:00
|
|
|
container.ExecCommands.Add(config.ID, config)
|
2016-11-15 14:45:20 -05:00
|
|
|
// Storing execs in daemon for easy access via Engine API.
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.execCommands.Add(config.ID, config)
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
|
|
|
|
2015-09-11 22:50:21 -04:00
|
|
|
// ExecExists looks up the exec instance and returns a bool if it exists or not.
|
2015-11-12 14:55:17 -05:00
|
|
|
// It will also return the error produced by `getConfig`
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) ExecExists(name string) (bool, error) {
|
|
|
|
if _, err := daemon.getExecConfig(name); err != nil {
|
2015-09-11 22:50:21 -04:00
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// getExecConfig looks up the exec instance by name. If the container associated
|
|
|
|
// with the exec instance is stopped or paused, it will return an error.
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) getExecConfig(name string) (*exec.Config, error) {
|
|
|
|
ec := daemon.execCommands.Get(name)
|
2018-04-09 02:51:17 -04:00
|
|
|
if ec == nil {
|
|
|
|
return nil, errExecNotFound(name)
|
|
|
|
}
|
2015-07-09 22:39:57 -04:00
|
|
|
|
|
|
|
// If the exec is found but its container is not in the daemon's list of
|
2015-11-19 00:51:26 -05:00
|
|
|
// containers then it must have been deleted, in which case instead of
|
2015-07-09 22:39:57 -04:00
|
|
|
// saying the container isn't running, we should return a 404 so that
|
|
|
|
// the user sees the same error now that they will after the
|
|
|
|
// 5 minute clean-up loop is run which erases old/dead execs.
|
2019-08-09 08:10:07 -04:00
|
|
|
ctr := daemon.containers.Get(ec.ContainerID)
|
|
|
|
if ctr == nil {
|
2018-04-09 02:51:17 -04:00
|
|
|
return nil, containerNotFound(name)
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
if !ctr.IsRunning() {
|
2021-03-22 08:20:40 -04:00
|
|
|
return nil, errNotRunning(ctr.ID)
|
2018-04-09 02:51:17 -04:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
if ctr.IsPaused() {
|
|
|
|
return nil, errExecPaused(ctr.ID)
|
2018-04-09 02:51:17 -04:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
if ctr.IsRestarting() {
|
|
|
|
return nil, errContainerIsRestarting(ctr.ID)
|
2018-04-09 02:51:17 -04:00
|
|
|
}
|
|
|
|
return ec, nil
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) unregisterExecCommand(container *container.Container, execConfig *exec.Config) {
|
2017-09-22 09:52:41 -04:00
|
|
|
container.ExecCommands.Delete(execConfig.ID, execConfig.Pid)
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.execCommands.Delete(execConfig.ID, execConfig.Pid)
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
2014-09-09 00:19:32 -04:00
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) getActiveContainer(name string) (*container.Container, error) {
|
2019-08-09 08:10:07 -04:00
|
|
|
ctr, err := daemon.GetContainer(name)
|
2014-12-16 18:06:35 -05:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
|
|
|
|
2019-08-09 08:10:07 -04:00
|
|
|
if !ctr.IsRunning() {
|
|
|
|
return nil, errNotRunning(ctr.ID)
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
if ctr.IsPaused() {
|
Remove static errors from errors package.
Moving all strings to the errors package wasn't a good idea after all.
Our custom implementation of Go errors predates everything that's nice
and good about working with errors in Go. Take as an example what we
have to do to get an error message:
```go
func GetErrorMessage(err error) string {
switch err.(type) {
case errcode.Error:
e, _ := err.(errcode.Error)
return e.Message
case errcode.ErrorCode:
ec, _ := err.(errcode.ErrorCode)
return ec.Message()
default:
return err.Error()
}
}
```
This goes against every good practice for Go development. The language already provides a simple, intuitive and standard way to get error messages, that is calling the `Error()` method from an error. Reinventing the error interface is a mistake.
Our custom implementation also makes very hard to reason about errors, another nice thing about Go. I found several (>10) error declarations that we don't use anywhere. This is a clear sign about how little we know about the errors we return. I also found several error usages where the number of arguments was different than the parameters declared in the error, another clear example of how difficult is to reason about errors.
Moreover, our custom implementation didn't really make easier for people to return custom HTTP status code depending on the errors. Again, it's hard to reason about when to set custom codes and how. Take an example what we have to do to extract the message and status code from an error before returning a response from the API:
```go
switch err.(type) {
case errcode.ErrorCode:
daError, _ := err.(errcode.ErrorCode)
statusCode = daError.Descriptor().HTTPStatusCode
errMsg = daError.Message()
case errcode.Error:
// For reference, if you're looking for a particular error
// then you can do something like :
// import ( derr "github.com/docker/docker/errors" )
// if daError.ErrorCode() == derr.ErrorCodeNoSuchContainer { ... }
daError, _ := err.(errcode.Error)
statusCode = daError.ErrorCode().Descriptor().HTTPStatusCode
errMsg = daError.Message
default:
// This part of will be removed once we've
// converted everything over to use the errcode package
// FIXME: this is brittle and should not be necessary.
// If we need to differentiate between different possible error types,
// we should create appropriate error types with clearly defined meaning
errStr := strings.ToLower(err.Error())
for keyword, status := range map[string]int{
"not found": http.StatusNotFound,
"no such": http.StatusNotFound,
"bad parameter": http.StatusBadRequest,
"conflict": http.StatusConflict,
"impossible": http.StatusNotAcceptable,
"wrong login/password": http.StatusUnauthorized,
"hasn't been activated": http.StatusForbidden,
} {
if strings.Contains(errStr, keyword) {
statusCode = status
break
}
}
}
```
You can notice two things in that code:
1. We have to explain how errors work, because our implementation goes against how easy to use Go errors are.
2. At no moment we arrived to remove that `switch` statement that was the original reason to use our custom implementation.
This change removes all our status errors from the errors package and puts them back in their specific contexts.
IT puts the messages back with their contexts. That way, we know right away when errors used and how to generate their messages.
It uses custom interfaces to reason about errors. Errors that need to response with a custom status code MUST implementent this simple interface:
```go
type errorWithStatus interface {
HTTPErrorStatusCode() int
}
```
This interface is very straightforward to implement. It also preserves Go errors real behavior, getting the message is as simple as using the `Error()` method.
I included helper functions to generate errors that use custom status code in `errors/errors.go`.
By doing this, we remove the hard dependency we have eeverywhere to our custom errors package. Yes, you can use it as a helper to generate error, but it's still very easy to generate errors without it.
Please, read this fantastic blog post about errors in Go: http://dave.cheney.net/2014/12/24/inspecting-errors
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-25 10:53:35 -05:00
|
|
|
return nil, errExecPaused(name)
|
2014-11-27 11:08:39 -05:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
if ctr.IsRestarting() {
|
|
|
|
return nil, errContainerIsRestarting(ctr.ID)
|
2016-01-25 10:38:03 -05:00
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
return ctr, nil
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
2014-09-09 00:19:32 -04:00
|
|
|
|
2015-07-30 17:01:53 -04:00
|
|
|
// ContainerExecCreate sets up an exec in a running container.
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) ContainerExecCreate(name string, config *types.ExecConfig) (string, error) {
|
|
|
|
cntr, err := daemon.getActiveContainer(name)
|
2014-12-01 12:16:49 -05:00
|
|
|
if err != nil {
|
2015-04-17 01:36:23 -04:00
|
|
|
return "", err
|
2014-12-01 12:16:49 -05:00
|
|
|
}
|
2014-09-15 18:56:47 -04:00
|
|
|
|
2016-02-29 06:28:37 -05:00
|
|
|
cmd := strslice.StrSlice(config.Cmd)
|
2019-08-09 07:19:49 -04:00
|
|
|
entrypoint, args := daemon.getEntrypointAndArgs(strslice.StrSlice{}, cmd)
|
2014-09-09 00:19:32 -04:00
|
|
|
|
2016-01-03 17:03:39 -05:00
|
|
|
keys := []byte{}
|
|
|
|
if config.DetachKeys != "" {
|
|
|
|
keys, err = term.ToBytes(config.DetachKeys)
|
|
|
|
if err != nil {
|
2016-03-23 07:34:47 -04:00
|
|
|
err = fmt.Errorf("Invalid escape keys (%s) provided", config.DetachKeys)
|
|
|
|
return "", err
|
2016-01-03 17:03:39 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-11-20 17:35:16 -05:00
|
|
|
execConfig := exec.NewConfig()
|
|
|
|
execConfig.OpenStdin = config.AttachStdin
|
|
|
|
execConfig.OpenStdout = config.AttachStdout
|
|
|
|
execConfig.OpenStderr = config.AttachStderr
|
2016-12-21 16:42:39 -05:00
|
|
|
execConfig.ContainerID = cntr.ID
|
2016-01-03 17:03:39 -05:00
|
|
|
execConfig.DetachKeys = keys
|
2016-03-18 14:50:19 -04:00
|
|
|
execConfig.Entrypoint = entrypoint
|
|
|
|
execConfig.Args = args
|
|
|
|
execConfig.Tty = config.Tty
|
|
|
|
execConfig.Privileged = config.Privileged
|
|
|
|
execConfig.User = config.User
|
2017-12-01 03:06:07 -05:00
|
|
|
execConfig.WorkingDir = config.WorkingDir
|
2016-09-28 16:34:47 -04:00
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
linkedEnv, err := daemon.setupLinkedContainers(cntr)
|
2016-09-28 18:21:33 -04:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
2016-09-09 19:50:54 -04:00
|
|
|
}
|
2016-12-21 16:42:39 -05:00
|
|
|
execConfig.Env = container.ReplaceOrAppendEnvValues(cntr.CreateDaemonEnvironment(config.Tty, linkedEnv), config.Env)
|
2016-03-18 14:50:19 -04:00
|
|
|
if len(execConfig.User) == 0 {
|
2016-12-21 16:42:39 -05:00
|
|
|
execConfig.User = cntr.Config.User
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
2017-12-01 03:06:07 -05:00
|
|
|
if len(execConfig.WorkingDir) == 0 {
|
|
|
|
execConfig.WorkingDir = cntr.Config.WorkingDir
|
|
|
|
}
|
2014-09-15 18:56:47 -04:00
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.registerExecCommand(cntr, execConfig)
|
2014-09-15 18:56:47 -04:00
|
|
|
|
2017-12-08 03:01:34 -05:00
|
|
|
attributes := map[string]string{
|
|
|
|
"execID": execConfig.ID,
|
|
|
|
}
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.LogContainerEventWithAttributes(cntr, "exec_create: "+execConfig.Entrypoint+" "+strings.Join(execConfig.Args, " "), attributes)
|
2014-09-15 18:56:47 -04:00
|
|
|
|
2015-11-20 17:35:16 -05:00
|
|
|
return execConfig.ID, nil
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
|
|
|
|
2015-07-30 17:01:53 -04:00
|
|
|
// ContainerExecStart starts a previously set up exec instance. The
|
|
|
|
// std streams are set up.
|
2016-04-18 05:48:13 -04:00
|
|
|
// If ctx is cancelled, the process is terminated.
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) ContainerExecStart(ctx context.Context, name string, stdin io.Reader, stdout io.Writer, stderr io.Writer) (err error) {
|
2014-09-15 18:56:47 -04:00
|
|
|
var (
|
|
|
|
cStdin io.ReadCloser
|
|
|
|
cStdout, cStderr io.Writer
|
|
|
|
)
|
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
ec, err := daemon.getExecConfig(name)
|
2014-09-15 19:14:04 -04:00
|
|
|
if err != nil {
|
2021-03-13 15:41:32 -05:00
|
|
|
return err
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
|
|
|
|
2015-09-11 22:50:21 -04:00
|
|
|
ec.Lock()
|
2016-01-15 11:57:23 -05:00
|
|
|
if ec.ExitCode != nil {
|
|
|
|
ec.Unlock()
|
Remove static errors from errors package.
Moving all strings to the errors package wasn't a good idea after all.
Our custom implementation of Go errors predates everything that's nice
and good about working with errors in Go. Take as an example what we
have to do to get an error message:
```go
func GetErrorMessage(err error) string {
switch err.(type) {
case errcode.Error:
e, _ := err.(errcode.Error)
return e.Message
case errcode.ErrorCode:
ec, _ := err.(errcode.ErrorCode)
return ec.Message()
default:
return err.Error()
}
}
```
This goes against every good practice for Go development. The language already provides a simple, intuitive and standard way to get error messages, that is calling the `Error()` method from an error. Reinventing the error interface is a mistake.
Our custom implementation also makes very hard to reason about errors, another nice thing about Go. I found several (>10) error declarations that we don't use anywhere. This is a clear sign about how little we know about the errors we return. I also found several error usages where the number of arguments was different than the parameters declared in the error, another clear example of how difficult is to reason about errors.
Moreover, our custom implementation didn't really make easier for people to return custom HTTP status code depending on the errors. Again, it's hard to reason about when to set custom codes and how. Take an example what we have to do to extract the message and status code from an error before returning a response from the API:
```go
switch err.(type) {
case errcode.ErrorCode:
daError, _ := err.(errcode.ErrorCode)
statusCode = daError.Descriptor().HTTPStatusCode
errMsg = daError.Message()
case errcode.Error:
// For reference, if you're looking for a particular error
// then you can do something like :
// import ( derr "github.com/docker/docker/errors" )
// if daError.ErrorCode() == derr.ErrorCodeNoSuchContainer { ... }
daError, _ := err.(errcode.Error)
statusCode = daError.ErrorCode().Descriptor().HTTPStatusCode
errMsg = daError.Message
default:
// This part of will be removed once we've
// converted everything over to use the errcode package
// FIXME: this is brittle and should not be necessary.
// If we need to differentiate between different possible error types,
// we should create appropriate error types with clearly defined meaning
errStr := strings.ToLower(err.Error())
for keyword, status := range map[string]int{
"not found": http.StatusNotFound,
"no such": http.StatusNotFound,
"bad parameter": http.StatusBadRequest,
"conflict": http.StatusConflict,
"impossible": http.StatusNotAcceptable,
"wrong login/password": http.StatusUnauthorized,
"hasn't been activated": http.StatusForbidden,
} {
if strings.Contains(errStr, keyword) {
statusCode = status
break
}
}
}
```
You can notice two things in that code:
1. We have to explain how errors work, because our implementation goes against how easy to use Go errors are.
2. At no moment we arrived to remove that `switch` statement that was the original reason to use our custom implementation.
This change removes all our status errors from the errors package and puts them back in their specific contexts.
IT puts the messages back with their contexts. That way, we know right away when errors used and how to generate their messages.
It uses custom interfaces to reason about errors. Errors that need to response with a custom status code MUST implementent this simple interface:
```go
type errorWithStatus interface {
HTTPErrorStatusCode() int
}
```
This interface is very straightforward to implement. It also preserves Go errors real behavior, getting the message is as simple as using the `Error()` method.
I included helper functions to generate errors that use custom status code in `errors/errors.go`.
By doing this, we remove the hard dependency we have eeverywhere to our custom errors package. Yes, you can use it as a helper to generate error, but it's still very easy to generate errors without it.
Please, read this fantastic blog post about errors in Go: http://dave.cheney.net/2014/12/24/inspecting-errors
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-25 10:53:35 -05:00
|
|
|
err := fmt.Errorf("Error: Exec command %s has already run", ec.ID)
|
2017-11-28 23:09:37 -05:00
|
|
|
return errdefs.Conflict(err)
|
2016-01-15 11:57:23 -05:00
|
|
|
}
|
|
|
|
|
2015-09-11 22:50:21 -04:00
|
|
|
if ec.Running {
|
|
|
|
ec.Unlock()
|
2017-11-28 23:09:37 -05:00
|
|
|
return errdefs.Conflict(fmt.Errorf("Error: Exec command %s is already running", ec.ID))
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
2015-09-11 22:50:21 -04:00
|
|
|
ec.Running = true
|
2017-01-21 06:35:54 -05:00
|
|
|
ec.Unlock()
|
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
c := daemon.containers.Get(ec.ContainerID)
|
2021-03-13 15:41:32 -05:00
|
|
|
if c == nil {
|
|
|
|
return containerNotFound(ec.ContainerID)
|
|
|
|
}
|
2017-01-21 06:35:54 -05:00
|
|
|
logrus.Debugf("starting exec command %s in container %s", ec.ID, c.ID)
|
2017-12-08 03:01:34 -05:00
|
|
|
attributes := map[string]string{
|
|
|
|
"execID": ec.ID,
|
|
|
|
}
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.LogContainerEventWithAttributes(c, "exec_start: "+ec.Entrypoint+" "+strings.Join(ec.Args, " "), attributes)
|
2017-01-21 06:35:54 -05:00
|
|
|
|
2016-03-18 14:50:19 -04:00
|
|
|
defer func() {
|
|
|
|
if err != nil {
|
2017-01-21 06:35:54 -05:00
|
|
|
ec.Lock()
|
2016-03-18 14:50:19 -04:00
|
|
|
ec.Running = false
|
|
|
|
exitCode := 126
|
|
|
|
ec.ExitCode = &exitCode
|
2017-01-21 06:35:54 -05:00
|
|
|
if err := ec.CloseStreams(); err != nil {
|
|
|
|
logrus.Errorf("failed to cleanup exec %s streams: %s", c.ID, err)
|
|
|
|
}
|
|
|
|
ec.Unlock()
|
2017-09-22 09:52:41 -04:00
|
|
|
c.ExecCommands.Delete(ec.ID, ec.Pid)
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
}()
|
2014-11-14 06:34:59 -05:00
|
|
|
|
2016-02-24 21:04:44 -05:00
|
|
|
if ec.OpenStdin && stdin != nil {
|
2014-09-15 18:56:47 -04:00
|
|
|
r, w := io.Pipe()
|
|
|
|
go func() {
|
|
|
|
defer w.Close()
|
2016-06-11 16:16:55 -04:00
|
|
|
defer logrus.Debug("Closing buffered stdin pipe")
|
2015-06-29 16:27:54 -04:00
|
|
|
pools.Copy(w, stdin)
|
2014-09-15 18:56:47 -04:00
|
|
|
}()
|
|
|
|
cStdin = r
|
|
|
|
}
|
2015-09-11 22:50:21 -04:00
|
|
|
if ec.OpenStdout {
|
2015-04-17 01:36:23 -04:00
|
|
|
cStdout = stdout
|
2014-09-15 18:56:47 -04:00
|
|
|
}
|
2015-09-11 22:50:21 -04:00
|
|
|
if ec.OpenStderr {
|
2015-04-17 01:36:23 -04:00
|
|
|
cStderr = stderr
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
|
|
|
|
2015-09-11 22:50:21 -04:00
|
|
|
if ec.OpenStdin {
|
2016-11-14 15:15:09 -05:00
|
|
|
ec.StreamConfig.NewInputPipes()
|
2014-09-09 00:19:32 -04:00
|
|
|
} else {
|
2016-11-14 15:15:09 -05:00
|
|
|
ec.StreamConfig.NewNopInputPipe()
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
|
|
|
|
2019-03-13 16:04:28 -04:00
|
|
|
p := &specs.Process{}
|
|
|
|
if runtime.GOOS != "windows" {
|
2019-08-09 08:10:07 -04:00
|
|
|
ctr, err := daemon.containerdCli.LoadContainer(ctx, ec.ContainerID)
|
2019-03-13 16:04:28 -04:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2019-08-09 08:10:07 -04:00
|
|
|
spec, err := ctr.Spec(ctx)
|
2019-03-13 16:04:28 -04:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
p = spec.Process
|
2017-09-22 09:52:41 -04:00
|
|
|
}
|
2019-03-13 16:04:28 -04:00
|
|
|
p.Args = append([]string{ec.Entrypoint}, ec.Args...)
|
|
|
|
p.Env = ec.Env
|
|
|
|
p.Cwd = ec.WorkingDir
|
|
|
|
p.Terminal = ec.Tty
|
|
|
|
|
2017-09-22 09:52:41 -04:00
|
|
|
if p.Cwd == "" {
|
|
|
|
p.Cwd = "/"
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
2015-10-05 20:21:50 -04:00
|
|
|
|
2019-08-09 07:19:49 -04:00
|
|
|
if err := daemon.execSetPlatformOpt(c, ec, p); err != nil {
|
2016-07-15 17:12:07 -04:00
|
|
|
return err
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
|
|
|
|
2017-01-30 07:49:22 -05:00
|
|
|
attachConfig := stream.AttachConfig{
|
2017-01-19 11:02:51 -05:00
|
|
|
TTY: ec.Tty,
|
2017-01-30 07:49:22 -05:00
|
|
|
UseStdin: cStdin != nil,
|
|
|
|
UseStdout: cStdout != nil,
|
|
|
|
UseStderr: cStderr != nil,
|
2017-01-19 11:02:51 -05:00
|
|
|
Stdin: cStdin,
|
|
|
|
Stdout: cStdout,
|
|
|
|
Stderr: cStderr,
|
|
|
|
DetachKeys: ec.DetachKeys,
|
|
|
|
CloseStdin: true,
|
|
|
|
}
|
2017-01-30 07:49:22 -05:00
|
|
|
ec.StreamConfig.AttachStreams(&attachConfig)
|
|
|
|
attachErr := ec.StreamConfig.CopyStreams(ctx, &attachConfig)
|
2014-11-17 18:50:09 -05:00
|
|
|
|
2017-09-22 09:52:41 -04:00
|
|
|
// Synchronize with libcontainerd event loop
|
|
|
|
ec.Lock()
|
|
|
|
c.ExecCommands.Lock()
|
2019-08-09 07:19:49 -04:00
|
|
|
systemPid, err := daemon.containerd.Exec(ctx, c.ID, ec.ID, p, cStdin != nil, ec.InitializeStdio)
|
2018-06-07 23:07:48 -04:00
|
|
|
// the exec context should be ready, or error happened.
|
|
|
|
// close the chan to notify readiness
|
|
|
|
close(ec.Started)
|
2016-10-17 13:49:36 -04:00
|
|
|
if err != nil {
|
2017-09-22 09:52:41 -04:00
|
|
|
c.ExecCommands.Unlock()
|
|
|
|
ec.Unlock()
|
2017-07-19 10:20:13 -04:00
|
|
|
return translateContainerdStartErr(ec.Entrypoint, ec.SetExitCode, err)
|
2014-11-17 18:50:09 -05:00
|
|
|
}
|
2016-10-17 13:49:36 -04:00
|
|
|
ec.Pid = systemPid
|
2017-09-22 09:52:41 -04:00
|
|
|
c.ExecCommands.Unlock()
|
2016-10-17 13:49:36 -04:00
|
|
|
ec.Unlock()
|
2014-11-17 18:50:09 -05:00
|
|
|
|
2016-04-18 05:48:13 -04:00
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
|
|
|
logrus.Debugf("Sending TERM signal to process %v in container %v", name, c.ID)
|
2022-05-01 18:05:21 -04:00
|
|
|
daemon.containerd.SignalProcess(ctx, c.ID, name, signal.SignalMap["TERM"])
|
2019-01-09 13:24:03 -05:00
|
|
|
|
|
|
|
timeout := time.NewTimer(termProcessTimeout)
|
|
|
|
defer timeout.Stop()
|
|
|
|
|
2016-04-18 05:48:13 -04:00
|
|
|
select {
|
2019-01-09 13:24:03 -05:00
|
|
|
case <-timeout.C:
|
|
|
|
logrus.Infof("Container %v, process %v failed to exit within %v of signal TERM - using the force", c.ID, name, termProcessTimeout)
|
2022-05-01 18:05:21 -04:00
|
|
|
daemon.containerd.SignalProcess(ctx, c.ID, name, signal.SignalMap["KILL"])
|
2016-04-18 05:48:13 -04:00
|
|
|
case <-attachErr:
|
|
|
|
// TERM signal worked
|
|
|
|
}
|
2018-03-22 12:38:59 -04:00
|
|
|
return ctx.Err()
|
2016-04-18 05:48:13 -04:00
|
|
|
case err := <-attachErr:
|
|
|
|
if err != nil {
|
2017-03-30 23:01:41 -04:00
|
|
|
if _, ok := err.(term.EscapeError); !ok {
|
2017-11-28 23:09:37 -05:00
|
|
|
return errdefs.System(errors.Wrap(err, "exec attach failed"))
|
2016-05-22 10:04:39 -04:00
|
|
|
}
|
2017-12-08 03:01:34 -05:00
|
|
|
attributes := map[string]string{
|
|
|
|
"execID": ec.ID,
|
|
|
|
}
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.LogContainerEventWithAttributes(c, "exec_detach", attributes)
|
2016-04-18 05:48:13 -04:00
|
|
|
}
|
2016-03-18 14:50:19 -04:00
|
|
|
}
|
|
|
|
return nil
|
2014-09-09 00:19:32 -04:00
|
|
|
}
|
2015-07-08 14:13:47 -04:00
|
|
|
|
|
|
|
// execCommandGC runs a ticker to clean up the daemon references
|
|
|
|
// of exec configs that are no longer part of the container.
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) execCommandGC() {
|
2015-07-08 14:13:47 -04:00
|
|
|
for range time.Tick(5 * time.Minute) {
|
|
|
|
var (
|
|
|
|
cleaned int
|
2019-08-09 07:19:49 -04:00
|
|
|
liveExecCommands = daemon.containerExecIds()
|
2015-07-08 14:13:47 -04:00
|
|
|
)
|
2019-08-09 07:19:49 -04:00
|
|
|
for id, config := range daemon.execCommands.Commands() {
|
2015-11-20 17:35:16 -05:00
|
|
|
if config.CanRemove {
|
2015-07-08 14:13:47 -04:00
|
|
|
cleaned++
|
2019-08-09 07:19:49 -04:00
|
|
|
daemon.execCommands.Delete(id, config.Pid)
|
2015-07-09 17:51:10 -04:00
|
|
|
} else {
|
|
|
|
if _, exists := liveExecCommands[id]; !exists {
|
2015-11-20 17:35:16 -05:00
|
|
|
config.CanRemove = true
|
2015-07-09 17:51:10 -04:00
|
|
|
}
|
2015-07-08 14:13:47 -04:00
|
|
|
}
|
|
|
|
}
|
2015-07-13 13:36:36 -04:00
|
|
|
if cleaned > 0 {
|
|
|
|
logrus.Debugf("clean %d unused exec commands", cleaned)
|
|
|
|
}
|
2015-07-08 14:13:47 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// containerExecIds returns a list of all the current exec ids that are in use
|
|
|
|
// and running inside a container.
|
2019-08-09 07:19:49 -04:00
|
|
|
func (daemon *Daemon) containerExecIds() map[string]struct{} {
|
2015-07-08 14:13:47 -04:00
|
|
|
ids := map[string]struct{}{}
|
2019-08-09 07:19:49 -04:00
|
|
|
for _, c := range daemon.containers.List() {
|
2015-11-12 14:55:17 -05:00
|
|
|
for _, id := range c.ExecCommands.List() {
|
2015-07-08 14:13:47 -04:00
|
|
|
ids[id] = struct{}{}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return ids
|
|
|
|
}
|