mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
516010e92d
This subtle bug keeps lurking in because error checking for `Mkdir()`
and `MkdirAll()` is slightly different wrt to `EEXIST`/`IsExist`:
- for `Mkdir()`, `IsExist` error should (usually) be ignored
(unless you want to make sure directory was not there before)
as it means "the destination directory was already there"
- for `MkdirAll()`, `IsExist` error should NEVER be ignored.
Mostly, this commit just removes ignoring the IsExist error, as it
should not be ignored.
Also, there are a couple of cases then IsExist is handled as
"directory already exist" which is wrong. As a result, some code
that never worked as intended is now removed.
NOTE that `idtools.MkdirAndChown()` behaves like `os.MkdirAll()`
rather than `os.Mkdir()` -- so its description is amended accordingly,
and its usage is handled as such (i.e. IsExist error is not ignored).
For more details, a quote from my runc commit 6f82d4b (July 2015):
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.
Quoting MkdirAll documentation:
> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.
This means two things:
1. If a directory to be created already exists, no error is
returned.
2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.
The above is a theory, based on quoted documentation and my UNIX
knowledge.
3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in #2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.
Because of #1, IsExist check after MkdirAll is not needed.
Because of #2 and #3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.
Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.
[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
402 lines
10 KiB
Go
402 lines
10 KiB
Go
// Package local provides the default implementation for volumes. It
|
|
// is used to mount data volume containers and directories local to
|
|
// the host server.
|
|
package local
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"os"
|
|
"path/filepath"
|
|
"reflect"
|
|
"strings"
|
|
"sync"
|
|
|
|
"github.com/docker/docker/daemon/names"
|
|
"github.com/docker/docker/pkg/idtools"
|
|
"github.com/docker/docker/pkg/mount"
|
|
"github.com/docker/docker/volume"
|
|
"github.com/pkg/errors"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
// VolumeDataPathName is the name of the directory where the volume data is stored.
|
|
// It uses a very distinctive name to avoid collisions migrating data between
|
|
// Docker versions.
|
|
const (
|
|
VolumeDataPathName = "_data"
|
|
volumesPathName = "volumes"
|
|
)
|
|
|
|
var (
|
|
// ErrNotFound is the typed error returned when the requested volume name can't be found
|
|
ErrNotFound = fmt.Errorf("volume not found")
|
|
// volumeNameRegex ensures the name assigned for the volume is valid.
|
|
// This name is used to create the bind directory, so we need to avoid characters that
|
|
// would make the path to escape the root directory.
|
|
volumeNameRegex = names.RestrictedNamePattern
|
|
)
|
|
|
|
type activeMount struct {
|
|
count uint64
|
|
mounted bool
|
|
}
|
|
|
|
// New instantiates a new Root instance with the provided scope. Scope
|
|
// is the base path that the Root instance uses to store its
|
|
// volumes. The base path is created here if it does not exist.
|
|
func New(scope string, rootIDs idtools.IDPair) (*Root, error) {
|
|
rootDirectory := filepath.Join(scope, volumesPathName)
|
|
|
|
if err := idtools.MkdirAllAndChown(rootDirectory, 0700, rootIDs); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
r := &Root{
|
|
scope: scope,
|
|
path: rootDirectory,
|
|
volumes: make(map[string]*localVolume),
|
|
rootIDs: rootIDs,
|
|
}
|
|
|
|
dirs, err := ioutil.ReadDir(rootDirectory)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
mountInfos, err := mount.GetMounts()
|
|
if err != nil {
|
|
logrus.Debugf("error looking up mounts for local volume cleanup: %v", err)
|
|
}
|
|
|
|
for _, d := range dirs {
|
|
if !d.IsDir() {
|
|
continue
|
|
}
|
|
|
|
name := filepath.Base(d.Name())
|
|
v := &localVolume{
|
|
driverName: r.Name(),
|
|
name: name,
|
|
path: r.DataPath(name),
|
|
}
|
|
r.volumes[name] = v
|
|
optsFilePath := filepath.Join(rootDirectory, name, "opts.json")
|
|
if b, err := ioutil.ReadFile(optsFilePath); err == nil {
|
|
opts := optsConfig{}
|
|
if err := json.Unmarshal(b, &opts); err != nil {
|
|
return nil, errors.Wrapf(err, "error while unmarshaling volume options for volume: %s", name)
|
|
}
|
|
// Make sure this isn't an empty optsConfig.
|
|
// This could be empty due to buggy behavior in older versions of Docker.
|
|
if !reflect.DeepEqual(opts, optsConfig{}) {
|
|
v.opts = &opts
|
|
}
|
|
|
|
// unmount anything that may still be mounted (for example, from an unclean shutdown)
|
|
for _, info := range mountInfos {
|
|
if info.Mountpoint == v.path {
|
|
mount.Unmount(v.path)
|
|
break
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return r, nil
|
|
}
|
|
|
|
// Root implements the Driver interface for the volume package and
|
|
// manages the creation/removal of volumes. It uses only standard vfs
|
|
// commands to create/remove dirs within its provided scope.
|
|
type Root struct {
|
|
m sync.Mutex
|
|
scope string
|
|
path string
|
|
volumes map[string]*localVolume
|
|
rootIDs idtools.IDPair
|
|
}
|
|
|
|
// List lists all the volumes
|
|
func (r *Root) List() ([]volume.Volume, error) {
|
|
var ls []volume.Volume
|
|
r.m.Lock()
|
|
for _, v := range r.volumes {
|
|
ls = append(ls, v)
|
|
}
|
|
r.m.Unlock()
|
|
return ls, nil
|
|
}
|
|
|
|
// DataPath returns the constructed path of this volume.
|
|
func (r *Root) DataPath(volumeName string) string {
|
|
return filepath.Join(r.path, volumeName, VolumeDataPathName)
|
|
}
|
|
|
|
// Name returns the name of Root, defined in the volume package in the DefaultDriverName constant.
|
|
func (r *Root) Name() string {
|
|
return volume.DefaultDriverName
|
|
}
|
|
|
|
type systemError struct {
|
|
err error
|
|
}
|
|
|
|
func (e systemError) Error() string {
|
|
return e.err.Error()
|
|
}
|
|
|
|
func (e systemError) SystemError() {}
|
|
|
|
func (e systemError) Cause() error {
|
|
return e.err
|
|
}
|
|
|
|
// Create creates a new volume.Volume with the provided name, creating
|
|
// the underlying directory tree required for this volume in the
|
|
// process.
|
|
func (r *Root) Create(name string, opts map[string]string) (volume.Volume, error) {
|
|
if err := r.validateName(name); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
r.m.Lock()
|
|
defer r.m.Unlock()
|
|
|
|
v, exists := r.volumes[name]
|
|
if exists {
|
|
return v, nil
|
|
}
|
|
|
|
path := r.DataPath(name)
|
|
if err := idtools.MkdirAllAndChown(path, 0755, r.rootIDs); err != nil {
|
|
return nil, errors.Wrapf(systemError{err}, "error while creating volume path '%s'", path)
|
|
}
|
|
|
|
var err error
|
|
defer func() {
|
|
if err != nil {
|
|
os.RemoveAll(filepath.Dir(path))
|
|
}
|
|
}()
|
|
|
|
v = &localVolume{
|
|
driverName: r.Name(),
|
|
name: name,
|
|
path: path,
|
|
}
|
|
|
|
if len(opts) != 0 {
|
|
if err = setOpts(v, opts); err != nil {
|
|
return nil, err
|
|
}
|
|
var b []byte
|
|
b, err = json.Marshal(v.opts)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if err = ioutil.WriteFile(filepath.Join(filepath.Dir(path), "opts.json"), b, 600); err != nil {
|
|
return nil, errors.Wrap(systemError{err}, "error while persisting volume options")
|
|
}
|
|
}
|
|
|
|
r.volumes[name] = v
|
|
return v, nil
|
|
}
|
|
|
|
// Remove removes the specified volume and all underlying data. If the
|
|
// given volume does not belong to this driver and an error is
|
|
// returned. The volume is reference counted, if all references are
|
|
// not released then the volume is not removed.
|
|
func (r *Root) Remove(v volume.Volume) error {
|
|
r.m.Lock()
|
|
defer r.m.Unlock()
|
|
|
|
lv, ok := v.(*localVolume)
|
|
if !ok {
|
|
return systemError{errors.Errorf("unknown volume type %T", v)}
|
|
}
|
|
|
|
if lv.active.count > 0 {
|
|
return systemError{errors.Errorf("volume has active mounts")}
|
|
}
|
|
|
|
if err := lv.unmount(); err != nil {
|
|
return err
|
|
}
|
|
|
|
realPath, err := filepath.EvalSymlinks(lv.path)
|
|
if err != nil {
|
|
if !os.IsNotExist(err) {
|
|
return err
|
|
}
|
|
realPath = filepath.Dir(lv.path)
|
|
}
|
|
|
|
if !r.scopedPath(realPath) {
|
|
return systemError{errors.Errorf("Unable to remove a directory of out the Docker root %s: %s", r.scope, realPath)}
|
|
}
|
|
|
|
if err := removePath(realPath); err != nil {
|
|
return err
|
|
}
|
|
|
|
delete(r.volumes, lv.name)
|
|
return removePath(filepath.Dir(lv.path))
|
|
}
|
|
|
|
func removePath(path string) error {
|
|
if err := os.RemoveAll(path); err != nil {
|
|
if os.IsNotExist(err) {
|
|
return nil
|
|
}
|
|
return errors.Wrapf(systemError{err}, "error removing volume path '%s'", path)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Get looks up the volume for the given name and returns it if found
|
|
func (r *Root) Get(name string) (volume.Volume, error) {
|
|
r.m.Lock()
|
|
v, exists := r.volumes[name]
|
|
r.m.Unlock()
|
|
if !exists {
|
|
return nil, ErrNotFound
|
|
}
|
|
return v, nil
|
|
}
|
|
|
|
// Scope returns the local volume scope
|
|
func (r *Root) Scope() string {
|
|
return volume.LocalScope
|
|
}
|
|
|
|
type validationError string
|
|
|
|
func (e validationError) Error() string {
|
|
return string(e)
|
|
}
|
|
|
|
func (e validationError) InvalidParameter() {}
|
|
|
|
func (r *Root) validateName(name string) error {
|
|
if len(name) == 1 {
|
|
return validationError("volume name is too short, names should be at least two alphanumeric characters")
|
|
}
|
|
if !volumeNameRegex.MatchString(name) {
|
|
return validationError(fmt.Sprintf("%q includes invalid characters for a local volume name, only %q are allowed. If you intended to pass a host directory, use absolute path", name, names.RestrictedNameChars))
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// localVolume implements the Volume interface from the volume package and
|
|
// represents the volumes created by Root.
|
|
type localVolume struct {
|
|
m sync.Mutex
|
|
// unique name of the volume
|
|
name string
|
|
// path is the path on the host where the data lives
|
|
path string
|
|
// driverName is the name of the driver that created the volume.
|
|
driverName string
|
|
// opts is the parsed list of options used to create the volume
|
|
opts *optsConfig
|
|
// active refcounts the active mounts
|
|
active activeMount
|
|
}
|
|
|
|
// Name returns the name of the given Volume.
|
|
func (v *localVolume) Name() string {
|
|
return v.name
|
|
}
|
|
|
|
// DriverName returns the driver that created the given Volume.
|
|
func (v *localVolume) DriverName() string {
|
|
return v.driverName
|
|
}
|
|
|
|
// Path returns the data location.
|
|
func (v *localVolume) Path() string {
|
|
return v.path
|
|
}
|
|
|
|
// CachedPath returns the data location
|
|
func (v *localVolume) CachedPath() string {
|
|
return v.path
|
|
}
|
|
|
|
// Mount implements the localVolume interface, returning the data location.
|
|
// If there are any provided mount options, the resources will be mounted at this point
|
|
func (v *localVolume) Mount(id string) (string, error) {
|
|
v.m.Lock()
|
|
defer v.m.Unlock()
|
|
if v.opts != nil {
|
|
if !v.active.mounted {
|
|
if err := v.mount(); err != nil {
|
|
return "", systemError{err}
|
|
}
|
|
v.active.mounted = true
|
|
}
|
|
v.active.count++
|
|
}
|
|
return v.path, nil
|
|
}
|
|
|
|
// Unmount dereferences the id, and if it is the last reference will unmount any resources
|
|
// that were previously mounted.
|
|
func (v *localVolume) Unmount(id string) error {
|
|
v.m.Lock()
|
|
defer v.m.Unlock()
|
|
|
|
// Always decrement the count, even if the unmount fails
|
|
// Essentially docker doesn't care if this fails, it will send an error, but
|
|
// ultimately there's nothing that can be done. If we don't decrement the count
|
|
// this volume can never be removed until a daemon restart occurs.
|
|
if v.opts != nil {
|
|
v.active.count--
|
|
}
|
|
|
|
if v.active.count > 0 {
|
|
return nil
|
|
}
|
|
|
|
return v.unmount()
|
|
}
|
|
|
|
func (v *localVolume) unmount() error {
|
|
if v.opts != nil {
|
|
if err := mount.Unmount(v.path); err != nil {
|
|
if mounted, mErr := mount.Mounted(v.path); mounted || mErr != nil {
|
|
return errors.Wrapf(systemError{err}, "error while unmounting volume path '%s'", v.path)
|
|
}
|
|
}
|
|
v.active.mounted = false
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func validateOpts(opts map[string]string) error {
|
|
for opt := range opts {
|
|
if !validOpts[opt] {
|
|
return validationError(fmt.Sprintf("invalid option key: %q", opt))
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (v *localVolume) Status() map[string]interface{} {
|
|
return nil
|
|
}
|
|
|
|
// getAddress finds out address/hostname from options
|
|
func getAddress(opts string) string {
|
|
optsList := strings.Split(opts, ",")
|
|
for i := 0; i < len(optsList); i++ {
|
|
if strings.HasPrefix(optsList[i], "addr=") {
|
|
addr := (strings.SplitN(optsList[i], "=", 2)[1])
|
|
return addr
|
|
}
|
|
}
|
|
return ""
|
|
}
|