From fb08b8b221a9a722910d63db678ffb5a8f91b517 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Wed, 26 Feb 2014 19:19:14 -0800 Subject: [PATCH] Code review updates Docker-DCO-1.1-Signed-off-by: Michael Crosby (github: crosbymichael) --- execdriver/native/default_template.go | 2 +- execdriver/native/driver.go | 2 +- execdriver/native/info.go | 2 +- pkg/libcontainer/README.md | 12 +++++++----- pkg/libcontainer/network/strategy.go | 4 ++-- pkg/libcontainer/nsinit/exec.go | 4 +--- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/execdriver/native/default_template.go b/execdriver/native/default_template.go index 102967a489..91fd646c8e 100644 --- a/execdriver/native/default_template.go +++ b/execdriver/native/default_template.go @@ -7,7 +7,7 @@ import ( "github.com/dotcloud/docker/pkg/libcontainer" ) -// createContainer populates and configrues the container type with the +// createContainer populates and configures the container type with the // data provided by the execdriver.Command func createContainer(c *execdriver.Command) *libcontainer.Container { container := getDefaultTemplate() diff --git a/execdriver/native/driver.go b/execdriver/native/driver.go index ba7e8a719f..dc1c903f01 100644 --- a/execdriver/native/driver.go +++ b/execdriver/native/driver.go @@ -58,7 +58,7 @@ type driver struct { } func NewDriver(root string) (*driver, error) { - if err := os.MkdirAll(root, 0655); err != nil { + if err := os.MkdirAll(root, 0700); err != nil { return nil, err } return &driver{ diff --git a/execdriver/native/info.go b/execdriver/native/info.go index 5223feee83..aef2f85c6b 100644 --- a/execdriver/native/info.go +++ b/execdriver/native/info.go @@ -11,7 +11,7 @@ type info struct { } // IsRunning is determined by looking for the -// .nspid file for a container. If the file exists then the +// pid file for a container. If the file exists then the // container is currently running func (i *info) IsRunning() bool { if _, err := os.Stat(filepath.Join(i.driver.root, i.ID, "pid")); err == nil { diff --git a/pkg/libcontainer/README.md b/pkg/libcontainer/README.md index 4c8da8e925..b81401cd09 100644 --- a/pkg/libcontainer/README.md +++ b/pkg/libcontainer/README.md @@ -9,9 +9,9 @@ for using linux namespaces with no external dependencies. libcontainer provides #### container A container is a self contained directory that is able to run one or more processes inside without affecting the host system. The directory is usually a full system tree. Inside the directory -a `container.json` file just be placed with the runtime configuration for how the process -should be contained and run. Environment, networking, and different capabilities for the -process are specified in this file. +a `container.json` file is placed with the runtime configuration for how the processes +should be contained and ran. Environment, networking, and different capabilities for the +process are specified in this file. The configuration is used for each process executed inside the container. Sample `container.json` file: ```json @@ -67,10 +67,12 @@ Sample `container.json` file: } ``` -Using this configuration and the current directory holding the rootfs for a process to live, one can se libcontainer to exec the container. Running the life of the namespace a `.nspid` file -is written to the current directory with the pid of the namespace'd process to the external word. A client can use this pid to wait, kill, or perform other operation with the container. If a user tries to run an new process inside an existing container with a live namespace with namespace will be joined by the new process. +Using this configuration and the current directory holding the rootfs for a process to live, one can use libcontainer to exec the container. Running the life of the namespace a `pid` file +is written to the current directory with the pid of the namespace'd process to the external world. A client can use this pid to wait, kill, or perform other operation with the container. If a user tries to run an new process inside an existing container with a live namespace with namespace will be joined by the new process. +You may also specify an alternate root to to place the `container.json` file is read and where the `pid` file will be saved. + #### nsinit `nsinit` is a cli application used as the reference implementation of libcontainer. It is able to diff --git a/pkg/libcontainer/network/strategy.go b/pkg/libcontainer/network/strategy.go index a2f4f8f073..234fcc0aa2 100644 --- a/pkg/libcontainer/network/strategy.go +++ b/pkg/libcontainer/network/strategy.go @@ -13,8 +13,8 @@ var strategies = map[string]NetworkStrategy{ "veth": &Veth{}, } -// NetworkStrategy represends a specific network configuration for -// a containers networking stack +// NetworkStrategy represents a specific network configuration for +// a container's networking stack type NetworkStrategy interface { Create(*libcontainer.Network, int, libcontainer.Context) error Initialize(*libcontainer.Network, libcontainer.Context) error diff --git a/pkg/libcontainer/nsinit/exec.go b/pkg/libcontainer/nsinit/exec.go index f7a9c17d7f..f1a4e2477a 100644 --- a/pkg/libcontainer/nsinit/exec.go +++ b/pkg/libcontainer/nsinit/exec.go @@ -48,9 +48,7 @@ func (ns *linuxNs) Exec(container *libcontainer.Container, term Terminal, args [ command.Process.Kill() return -1, err } - defer func() { - ns.stateWriter.DeletePid() - }() + defer ns.stateWriter.DeletePid() // Do this before syncing with child so that no children // can escape the cgroup