1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Merge pull request #41656 from thaJeztah/unexport_things

This commit is contained in:
Akihiro Suda 2021-06-08 12:07:40 +09:00 committed by GitHub
commit 0ad2293d0e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 40 additions and 28 deletions

View file

@ -65,8 +65,8 @@ func (cli *DaemonCli) getPlatformContainerdDaemonOpts() ([]supervisor.DaemonOpt,
opts := []supervisor.DaemonOpt{ opts := []supervisor.DaemonOpt{
supervisor.WithOOMScore(cli.Config.OOMScoreAdjust), supervisor.WithOOMScore(cli.Config.OOMScoreAdjust),
supervisor.WithPlugin("linux", &linux.Config{ supervisor.WithPlugin("linux", &linux.Config{
Shim: daemon.DefaultShimBinary, Shim: config.DefaultShimBinary,
Runtime: daemon.DefaultRuntimeBinary, Runtime: config.DefaultRuntimeBinary,
RuntimeRoot: filepath.Join(cli.Config.Root, "runc"), RuntimeRoot: filepath.Join(cli.Config.Root, "runc"),
ShimDebug: cli.Config.Debug, ShimDebug: cli.Config.Debug,
}), }),

View file

@ -44,7 +44,12 @@ const (
DisableNetworkBridge = "none" DisableNetworkBridge = "none"
// DefaultInitBinary is the name of the default init binary // DefaultInitBinary is the name of the default init binary
DefaultInitBinary = "docker-init" DefaultInitBinary = "docker-init"
// DefaultShimBinary is the default shim to be used by containerd if none
// is specified
DefaultShimBinary = "containerd-shim"
// DefaultRuntimeBinary is the default runtime to be used by
// containerd if none is specified
DefaultRuntimeBinary = "runc"
// StockRuntimeName is the reserved name/alias used to represent the // StockRuntimeName is the reserved name/alias used to represent the
// OCI runtime being shipped with the docker daemon package. // OCI runtime being shipped with the docker daemon package.
StockRuntimeName = "runc" StockRuntimeName = "runc"

View file

@ -751,7 +751,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
} }
// Ensure that we have a correct root key limit for launching containers. // Ensure that we have a correct root key limit for launching containers.
if err := ModifyRootKeyLimit(); err != nil { if err := modifyRootKeyLimit(); err != nil {
logrus.Warnf("unable to modify root key limit, number of containers could be limited by this quota: %v", err) logrus.Warnf("unable to modify root key limit, number of containers could be limited by this quota: %v", err)
} }

View file

@ -14,6 +14,7 @@ import (
"runtime/debug" "runtime/debug"
"strconv" "strconv"
"strings" "strings"
"sync"
"time" "time"
"github.com/containerd/cgroups" "github.com/containerd/cgroups"
@ -56,14 +57,6 @@ import (
const ( const (
isWindows = false isWindows = false
// DefaultShimBinary is the default shim to be used by containerd if none
// is specified
DefaultShimBinary = "containerd-shim"
// DefaultRuntimeBinary is the default runtime to be used by
// containerd if none is specified
DefaultRuntimeBinary = "runc"
// See https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/tree/kernel/sched/sched.h?id=8cd9234c64c584432f6992fe944ca9e46ca8ea76#n269 // See https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/tree/kernel/sched/sched.h?id=8cd9234c64c584432f6992fe944ca9e46ca8ea76#n269
linuxMinCPUShares = 2 linuxMinCPUShares = 2
linuxMaxCPUShares = 262144 linuxMaxCPUShares = 262144
@ -620,8 +613,8 @@ func getCD(config *config.Config) string {
return "" return ""
} }
// VerifyCgroupDriver validates native.cgroupdriver // verifyCgroupDriver validates native.cgroupdriver
func VerifyCgroupDriver(config *config.Config) error { func verifyCgroupDriver(config *config.Config) error {
cd := getCD(config) cd := getCD(config)
if cd == "" || cd == cgroupFsDriver || cd == cgroupSystemdDriver { if cd == "" || cd == cgroupFsDriver || cd == cgroupSystemdDriver {
return nil return nil
@ -638,19 +631,33 @@ func UsingSystemd(config *config.Config) bool {
return true return true
} }
// On cgroup v2 hosts, default to systemd driver // On cgroup v2 hosts, default to systemd driver
if getCD(config) == "" && cgroups.Mode() == cgroups.Unified && IsRunningSystemd() { if getCD(config) == "" && cgroups.Mode() == cgroups.Unified && isRunningSystemd() {
return true return true
} }
return false return false
} }
// IsRunningSystemd is from https://github.com/opencontainers/runc/blob/46be7b612e2533c494e6a251111de46d8e286ed5/libcontainer/cgroups/systemd/common.go#L27-L33 var (
func IsRunningSystemd() bool { runningSystemd bool
fi, err := os.Lstat("/run/systemd/system") detectSystemd sync.Once
if err != nil { )
return false
} // isRunningSystemd checks whether the host was booted with systemd as its init
return fi.IsDir() // system. This functions similarly to systemd's `sd_booted(3)`: internally, it
// checks whether /run/systemd/system/ exists and is a directory.
// http://www.freedesktop.org/software/systemd/man/sd_booted.html
//
// NOTE: This function comes from package github.com/coreos/go-systemd/util
// It was borrowed here to avoid a dependency on cgo.
func isRunningSystemd() bool {
detectSystemd.Do(func() {
fi, err := os.Lstat("/run/systemd/system")
if err != nil {
return
}
runningSystemd = fi.IsDir()
})
return runningSystemd
} }
// verifyPlatformContainerSettings performs platform-specific validation of the // verifyPlatformContainerSettings performs platform-specific validation of the
@ -753,7 +760,7 @@ func verifyDaemonSettings(conf *config.Config) error {
if !conf.BridgeConfig.EnableIPTables && conf.BridgeConfig.EnableIPMasq { if !conf.BridgeConfig.EnableIPTables && conf.BridgeConfig.EnableIPMasq {
conf.BridgeConfig.EnableIPMasq = false conf.BridgeConfig.EnableIPMasq = false
} }
if err := VerifyCgroupDriver(conf); err != nil { if err := verifyCgroupDriver(conf); err != nil {
return err return err
} }
if conf.CgroupParent != "" && UsingSystemd(conf) { if conf.CgroupParent != "" && UsingSystemd(conf) {

View file

@ -18,10 +18,10 @@ const (
rootKeyByteMultiplier = 25 rootKeyByteMultiplier = 25
) )
// ModifyRootKeyLimit checks to see if the root key limit is set to // modifyRootKeyLimit checks to see if the root key limit is set to
// at least 1000000 and changes it to that limit along with the maxbytes // at least 1000000 and changes it to that limit along with the maxbytes
// allocated to the keys at a 25 to 1 multiplier. // allocated to the keys at a 25 to 1 multiplier.
func ModifyRootKeyLimit() error { func modifyRootKeyLimit() error {
value, err := readRootKeyLimit(rootKeyFile) value, err := readRootKeyLimit(rootKeyFile)
if err != nil { if err != nil {
return err return err

View file

@ -2,7 +2,7 @@
package daemon // import "github.com/docker/docker/daemon" package daemon // import "github.com/docker/docker/daemon"
// ModifyRootKeyLimit is a noop on unsupported platforms. // modifyRootKeyLimit is a noop on unsupported platforms.
func ModifyRootKeyLimit() error { func modifyRootKeyLimit() error {
return nil return nil
} }

View file

@ -19,7 +19,7 @@ func (daemon *Daemon) reloadPlatform(conf *config.Config, attributes map[string]
if conf.IsValueSet("runtimes") { if conf.IsValueSet("runtimes") {
// Always set the default one // Always set the default one
conf.Runtimes[config.StockRuntimeName] = types.Runtime{Path: DefaultRuntimeBinary} conf.Runtimes[config.StockRuntimeName] = types.Runtime{Path: config.DefaultRuntimeBinary}
if err := daemon.initRuntimes(conf.Runtimes); err != nil { if err := daemon.initRuntimes(conf.Runtimes); err != nil {
return err return err
} }