2014-02-24 19:42:30 -05:00
|
|
|
package docker
|
2014-02-21 20:11:57 -05:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
|
|
|
|
"github.com/dotcloud/docker/execdriver"
|
2014-02-22 04:21:26 -05:00
|
|
|
"github.com/dotcloud/docker/execdriver/lxc"
|
2014-02-24 18:47:23 -05:00
|
|
|
"github.com/dotcloud/docker/pkg/cgroups"
|
2014-02-21 20:11:57 -05:00
|
|
|
"github.com/dotcloud/docker/pkg/libcontainer"
|
|
|
|
|
"github.com/dotcloud/docker/pkg/libcontainer/nsinit"
|
2014-02-22 04:28:59 -05:00
|
|
|
"io"
|
2014-02-21 20:11:57 -05:00
|
|
|
"io/ioutil"
|
|
|
|
|
"os"
|
|
|
|
|
"os/exec"
|
|
|
|
|
"path/filepath"
|
2014-02-24 18:47:23 -05:00
|
|
|
"strconv"
|
2014-02-21 20:11:57 -05:00
|
|
|
"strings"
|
|
|
|
|
"syscall"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
DriverName = "namespaces"
|
|
|
|
|
Version = "0.1"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
ErrNotSupported = errors.New("not supported")
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
execdriver.RegisterInitFunc(DriverName, func(args *execdriver.InitArgs) error {
|
2014-02-24 15:21:13 -05:00
|
|
|
var container *libcontainer.Container
|
|
|
|
|
f, err := os.Open("container.json")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := json.NewDecoder(f).Decode(&container); err != nil {
|
|
|
|
|
f.Close()
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
f.Close()
|
|
|
|
|
|
|
|
|
|
cwd, err := os.Getwd()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
syncPipe, err := nsinit.NewSyncPipeFromFd(0, uintptr(args.Pipe))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := nsinit.Init(container, cwd, args.Console, syncPipe, args.Args); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2014-02-21 20:11:57 -05:00
|
|
|
return nil
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type driver struct {
|
2014-02-24 17:11:09 -05:00
|
|
|
root string
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-24 17:11:09 -05:00
|
|
|
type info struct {
|
|
|
|
|
ID string
|
|
|
|
|
driver *driver
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (i *info) IsRunning() bool {
|
2014-02-24 17:35:27 -05:00
|
|
|
p := filepath.Join(i.driver.root, "containers", i.ID, "root", ".nspid")
|
2014-02-24 17:11:09 -05:00
|
|
|
if _, err := os.Stat(p); err == nil {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewDriver(root string) (*driver, error) {
|
|
|
|
|
return &driver{
|
|
|
|
|
root: root,
|
|
|
|
|
}, nil
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallback execdriver.StartCallback) (int, error) {
|
|
|
|
|
var (
|
2014-02-22 04:21:26 -05:00
|
|
|
term nsinit.Terminal
|
|
|
|
|
container = createContainer(c)
|
|
|
|
|
factory = &dockerCommandFactory{c}
|
|
|
|
|
stateWriter = &dockerStateWriter{
|
|
|
|
|
callback: startCallback,
|
|
|
|
|
c: c,
|
|
|
|
|
dsw: &nsinit.DefaultStateWriter{c.Rootfs},
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
2014-02-22 04:21:26 -05:00
|
|
|
)
|
|
|
|
|
if c.Tty {
|
|
|
|
|
term = &dockerTtyTerm{
|
|
|
|
|
pipes: pipes,
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
} else {
|
2014-02-22 04:21:26 -05:00
|
|
|
term = &dockerStdTerm{
|
|
|
|
|
pipes: pipes,
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
}
|
2014-02-22 04:21:26 -05:00
|
|
|
c.Terminal = term
|
|
|
|
|
if err := writeContainerFile(container, c.Rootfs); err != nil {
|
|
|
|
|
return -1, err
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
2014-02-22 04:21:26 -05:00
|
|
|
args := append([]string{c.Entrypoint}, c.Arguments...)
|
2014-02-24 16:40:17 -05:00
|
|
|
return nsinit.Exec(container, factory, stateWriter, term, "", args)
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) Kill(p *execdriver.Command, sig int) error {
|
2014-02-24 17:35:27 -05:00
|
|
|
return syscall.Kill(p.Process.Pid, syscall.Signal(sig))
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) Restore(c *execdriver.Command) error {
|
2014-02-24 19:35:11 -05:00
|
|
|
var (
|
|
|
|
|
nspid int
|
|
|
|
|
p = filepath.Join(d.root, "containers", c.ID, "root", ".nspid")
|
|
|
|
|
)
|
|
|
|
|
f, err := os.Open(p)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
|
|
|
|
if _, err := fmt.Fscanf(f, "%d", &nspid); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
proc, err := os.FindProcess(nspid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
_, err = proc.Wait()
|
|
|
|
|
return err
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) Info(id string) execdriver.Info {
|
2014-02-24 17:11:09 -05:00
|
|
|
return &info{
|
|
|
|
|
ID: id,
|
|
|
|
|
driver: d,
|
|
|
|
|
}
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) Name() string {
|
|
|
|
|
return fmt.Sprintf("%s-%s", DriverName, Version)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *driver) GetPidsForContainer(id string) ([]int, error) {
|
2014-02-24 18:47:23 -05:00
|
|
|
pids := []int{}
|
|
|
|
|
|
2014-02-24 19:26:06 -05:00
|
|
|
subsystem := "devices"
|
2014-02-24 18:47:23 -05:00
|
|
|
cgroupRoot, err := cgroups.FindCgroupMountpoint(subsystem)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return pids, err
|
|
|
|
|
}
|
|
|
|
|
cgroupDir, err := cgroups.GetThisCgroupDir(subsystem)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return pids, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
filename := filepath.Join(cgroupRoot, cgroupDir, id, "tasks")
|
|
|
|
|
if _, err := os.Stat(filename); os.IsNotExist(err) {
|
|
|
|
|
filename = filepath.Join(cgroupRoot, cgroupDir, "docker", id, "tasks")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
output, err := ioutil.ReadFile(filename)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return pids, err
|
|
|
|
|
}
|
|
|
|
|
for _, p := range strings.Split(string(output), "\n") {
|
|
|
|
|
if len(p) == 0 {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
pid, err := strconv.Atoi(p)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return pids, fmt.Errorf("Invalid pid '%s': %s", p, err)
|
|
|
|
|
}
|
|
|
|
|
pids = append(pids, pid)
|
|
|
|
|
}
|
|
|
|
|
return pids, nil
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func writeContainerFile(container *libcontainer.Container, rootfs string) error {
|
|
|
|
|
data, err := json.Marshal(container)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return ioutil.WriteFile(filepath.Join(rootfs, "container.json"), data, 0755)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getEnv(key string, env []string) string {
|
|
|
|
|
for _, pair := range env {
|
|
|
|
|
parts := strings.Split(pair, "=")
|
|
|
|
|
if parts[0] == key {
|
|
|
|
|
return parts[1]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return ""
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-22 04:21:26 -05:00
|
|
|
type dockerCommandFactory struct {
|
|
|
|
|
c *execdriver.Command
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// createCommand will return an exec.Cmd with the Cloneflags set to the proper namespaces
|
|
|
|
|
// defined on the container's configuration and use the current binary as the init with the
|
|
|
|
|
// args provided
|
2014-02-22 04:21:26 -05:00
|
|
|
func (d *dockerCommandFactory) Create(container *libcontainer.Container,
|
|
|
|
|
console, logFile string, syncFd uintptr, args []string) *exec.Cmd {
|
|
|
|
|
c := d.c
|
2014-02-24 15:21:13 -05:00
|
|
|
// we need to join the rootfs because nsinit will setup the rootfs and chroot
|
|
|
|
|
initPath := filepath.Join(c.Rootfs, c.InitPath)
|
|
|
|
|
|
|
|
|
|
c.Path = initPath
|
2014-02-21 20:11:57 -05:00
|
|
|
c.Args = append([]string{
|
2014-02-24 15:21:13 -05:00
|
|
|
initPath,
|
|
|
|
|
"-driver", DriverName,
|
2014-02-21 20:11:57 -05:00
|
|
|
"-console", console,
|
2014-02-22 04:21:26 -05:00
|
|
|
"-pipe", fmt.Sprint(syncFd),
|
2014-02-24 16:40:17 -05:00
|
|
|
"-log", logFile,
|
2014-02-21 20:11:57 -05:00
|
|
|
}, args...)
|
|
|
|
|
c.SysProcAttr = &syscall.SysProcAttr{
|
|
|
|
|
Cloneflags: uintptr(nsinit.GetNamespaceFlags(container.Namespaces)),
|
|
|
|
|
}
|
|
|
|
|
c.Env = container.Env
|
|
|
|
|
c.Dir = c.Rootfs
|
2014-02-22 04:21:26 -05:00
|
|
|
|
|
|
|
|
return &c.Cmd
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type dockerStateWriter struct {
|
|
|
|
|
dsw nsinit.StateWriter
|
|
|
|
|
c *execdriver.Command
|
|
|
|
|
callback execdriver.StartCallback
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *dockerStateWriter) WritePid(pid int) error {
|
|
|
|
|
err := d.dsw.WritePid(pid)
|
|
|
|
|
if d.callback != nil {
|
|
|
|
|
d.callback(d.c)
|
|
|
|
|
}
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *dockerStateWriter) DeletePid() error {
|
|
|
|
|
return d.dsw.DeletePid()
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func createContainer(c *execdriver.Command) *libcontainer.Container {
|
|
|
|
|
container := getDefaultTemplate()
|
|
|
|
|
|
|
|
|
|
container.Hostname = getEnv("HOSTNAME", c.Env)
|
|
|
|
|
container.Tty = c.Tty
|
|
|
|
|
container.User = c.User
|
|
|
|
|
container.WorkingDir = c.WorkingDir
|
|
|
|
|
container.Env = c.Env
|
|
|
|
|
|
|
|
|
|
container.Env = append(container.Env, "container=docker")
|
|
|
|
|
|
|
|
|
|
if c.Network != nil {
|
|
|
|
|
container.Network = &libcontainer.Network{
|
|
|
|
|
Mtu: c.Network.Mtu,
|
|
|
|
|
Address: fmt.Sprintf("%s/%d", c.Network.IPAddress, c.Network.IPPrefixLen),
|
|
|
|
|
Gateway: c.Network.Gateway,
|
2014-02-22 04:21:26 -05:00
|
|
|
Type: "veth",
|
|
|
|
|
Context: libcontainer.Context{
|
|
|
|
|
"prefix": "dock",
|
|
|
|
|
"bridge": c.Network.Bridge,
|
|
|
|
|
},
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
}
|
2014-02-24 19:26:06 -05:00
|
|
|
container.Cgroups.Name = c.ID
|
2014-02-21 20:11:57 -05:00
|
|
|
if c.Privileged {
|
|
|
|
|
container.Capabilities = nil
|
2014-02-24 18:47:23 -05:00
|
|
|
container.Cgroups.DeviceAccess = true
|
2014-02-21 20:11:57 -05:00
|
|
|
}
|
|
|
|
|
if c.Resources != nil {
|
|
|
|
|
container.Cgroups.CpuShares = c.Resources.CpuShares
|
|
|
|
|
container.Cgroups.Memory = c.Resources.Memory
|
|
|
|
|
container.Cgroups.MemorySwap = c.Resources.MemorySwap
|
|
|
|
|
}
|
|
|
|
|
return container
|
|
|
|
|
}
|
2014-02-22 04:21:26 -05:00
|
|
|
|
|
|
|
|
type dockerStdTerm struct {
|
|
|
|
|
lxc.StdConsole
|
|
|
|
|
pipes *execdriver.Pipes
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *dockerStdTerm) Attach(cmd *exec.Cmd) error {
|
|
|
|
|
return d.AttachPipes(cmd, d.pipes)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (d *dockerStdTerm) SetMaster(master *os.File) {
|
|
|
|
|
// do nothing
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type dockerTtyTerm struct {
|
|
|
|
|
lxc.TtyConsole
|
|
|
|
|
pipes *execdriver.Pipes
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (t *dockerTtyTerm) Attach(cmd *exec.Cmd) error {
|
2014-02-22 04:28:59 -05:00
|
|
|
go io.Copy(t.pipes.Stdout, t.MasterPty)
|
|
|
|
|
if t.pipes.Stdin != nil {
|
|
|
|
|
go io.Copy(t.MasterPty, t.pipes.Stdin)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
2014-02-22 04:21:26 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (t *dockerTtyTerm) SetMaster(master *os.File) {
|
|
|
|
|
t.MasterPty = master
|
|
|
|
|
}
|
