mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
85ad4b16c1
Signed-off-by: John Howard <jhoward@microsoft.com> This is the first step in refactoring moby (dockerd) to use containerd on Windows. Similar to the current model in Linux, this adds the option to enable it for runtime. It does not switch the graphdriver to containerd snapshotters. - Refactors libcontainerd to a series of subpackages so that either a "local" containerd (1) or a "remote" (2) containerd can be loaded as opposed to conditional compile as "local" for Windows and "remote" for Linux. - Updates libcontainerd such that Windows has an option to allow the use of a "remote" containerd. Here, it communicates over a named pipe using GRPC. This is currently guarded behind the experimental flag, an environment variable, and the providing of a pipename to connect to containerd. - Infrastructure pieces such as under pkg/system to have helper functions for determining whether containerd is being used. (1) "local" containerd is what the daemon on Windows has used since inception. It's not really containerd at all - it's simply local invocation of HCS APIs directly in-process from the daemon through the Microsoft/hcsshim library. (2) "remote" containerd is what docker on Linux uses for it's runtime. It means that there is a separate containerd service running, and docker communicates over GRPC to it. To try this out, you will need to start with something like the following: Window 1: containerd --log-level debug Window 2: $env:DOCKER_WINDOWS_CONTAINERD=1 dockerd --experimental -D --containerd \\.\pipe\containerd-containerd You will need the following binary from github.com/containerd/containerd in your path: - containerd.exe You will need the following binaries from github.com/Microsoft/hcsshim in your path: - runhcs.exe - containerd-shim-runhcs-v1.exe For LCOW, it will require and initrd.img and kernel in `C:\Program Files\Linux Containers`. This is no different to the current requirements. However, you may need updated binaries, particularly initrd.img built from Microsoft/opengcs as (at the time of writing), Linuxkit binaries are somewhat out of date. Note that containerd and hcsshim for HCS v2 APIs do not yet support all the required functionality needed for docker. This will come in time - this is a baby (although large) step to migrating Docker on Windows to containerd. Note that the HCS v2 APIs are only called on RS5+ builds. RS1..RS4 will still use HCS v1 APIs as the v2 APIs were not fully developed enough on these builds to be usable. This abstraction is done in HCSShim. (Referring specifically to runtime) Note the LCOW graphdriver still uses HCS v1 APIs regardless. Note also that this does not migrate docker to use containerd snapshotters rather than graphdrivers. This needs to be done in conjunction with Linux also doing the same switch.
178 lines
5.8 KiB
Go
178 lines
5.8 KiB
Go
package containerd // import "github.com/docker/docker/plugin/executor/containerd"
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"path/filepath"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/containerd/containerd"
|
|
"github.com/containerd/containerd/cio"
|
|
"github.com/containerd/containerd/runtime/linux/runctypes"
|
|
"github.com/docker/docker/errdefs"
|
|
"github.com/docker/docker/libcontainerd"
|
|
libcontainerdtypes "github.com/docker/docker/libcontainerd/types"
|
|
"github.com/opencontainers/runtime-spec/specs-go"
|
|
"github.com/pkg/errors"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
// PluginNamespace is the name used for the plugins namespace
|
|
const PluginNamespace = "plugins.moby"
|
|
|
|
// ExitHandler represents an object that is called when the exit event is received from containerd
|
|
type ExitHandler interface {
|
|
HandleExitEvent(id string) error
|
|
}
|
|
|
|
// Client is used by the exector to perform operations.
|
|
// TODO(@cpuguy83): This should really just be based off the containerd client interface.
|
|
// However right now this whole package is tied to github.com/docker/docker/libcontainerd
|
|
type Client interface {
|
|
Create(ctx context.Context, containerID string, spec *specs.Spec, runtimeOptions interface{}) error
|
|
Restore(ctx context.Context, containerID string, attachStdio libcontainerdtypes.StdioCallback) (alive bool, pid int, err error)
|
|
Status(ctx context.Context, containerID string) (libcontainerdtypes.Status, error)
|
|
Delete(ctx context.Context, containerID string) error
|
|
DeleteTask(ctx context.Context, containerID string) (uint32, time.Time, error)
|
|
Start(ctx context.Context, containerID, checkpointDir string, withStdin bool, attachStdio libcontainerdtypes.StdioCallback) (pid int, err error)
|
|
SignalProcess(ctx context.Context, containerID, processID string, signal int) error
|
|
}
|
|
|
|
// New creates a new containerd plugin executor
|
|
func New(ctx context.Context, rootDir string, cli *containerd.Client, exitHandler ExitHandler) (*Executor, error) {
|
|
e := &Executor{
|
|
rootDir: rootDir,
|
|
exitHandler: exitHandler,
|
|
}
|
|
|
|
client, err := libcontainerd.NewClient(ctx, cli, rootDir, PluginNamespace, e)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "error creating containerd exec client")
|
|
}
|
|
e.client = client
|
|
return e, nil
|
|
}
|
|
|
|
// Executor is the containerd client implementation of a plugin executor
|
|
type Executor struct {
|
|
rootDir string
|
|
client Client
|
|
exitHandler ExitHandler
|
|
}
|
|
|
|
// deleteTaskAndContainer deletes plugin task and then plugin container from containerd
|
|
func deleteTaskAndContainer(ctx context.Context, cli Client, id string) {
|
|
_, _, err := cli.DeleteTask(ctx, id)
|
|
if err != nil && !errdefs.IsNotFound(err) {
|
|
logrus.WithError(err).WithField("id", id).Error("failed to delete plugin task from containerd")
|
|
}
|
|
|
|
err = cli.Delete(ctx, id)
|
|
if err != nil && !errdefs.IsNotFound(err) {
|
|
logrus.WithError(err).WithField("id", id).Error("failed to delete plugin container from containerd")
|
|
}
|
|
}
|
|
|
|
// Create creates a new container
|
|
func (e *Executor) Create(id string, spec specs.Spec, stdout, stderr io.WriteCloser) error {
|
|
opts := runctypes.RuncOptions{
|
|
RuntimeRoot: filepath.Join(e.rootDir, "runtime-root"),
|
|
}
|
|
ctx := context.Background()
|
|
err := e.client.Create(ctx, id, &spec, &opts)
|
|
if err != nil {
|
|
status, err2 := e.client.Status(ctx, id)
|
|
if err2 != nil {
|
|
if !errdefs.IsNotFound(err2) {
|
|
logrus.WithError(err2).WithField("id", id).Warn("Received an error while attempting to read plugin status")
|
|
}
|
|
} else {
|
|
if status != libcontainerdtypes.StatusRunning && status != libcontainerdtypes.StatusUnknown {
|
|
if err2 := e.client.Delete(ctx, id); err2 != nil && !errdefs.IsNotFound(err2) {
|
|
logrus.WithError(err2).WithField("plugin", id).Error("Error cleaning up containerd container")
|
|
}
|
|
err = e.client.Create(ctx, id, &spec, &opts)
|
|
}
|
|
}
|
|
|
|
if err != nil {
|
|
return errors.Wrap(err, "error creating containerd container")
|
|
}
|
|
}
|
|
|
|
_, err = e.client.Start(ctx, id, "", false, attachStreamsFunc(stdout, stderr))
|
|
if err != nil {
|
|
deleteTaskAndContainer(ctx, e.client, id)
|
|
}
|
|
return err
|
|
}
|
|
|
|
// Restore restores a container
|
|
func (e *Executor) Restore(id string, stdout, stderr io.WriteCloser) (bool, error) {
|
|
alive, _, err := e.client.Restore(context.Background(), id, attachStreamsFunc(stdout, stderr))
|
|
if err != nil && !errdefs.IsNotFound(err) {
|
|
return false, err
|
|
}
|
|
if !alive {
|
|
deleteTaskAndContainer(context.Background(), e.client, id)
|
|
}
|
|
return alive, nil
|
|
}
|
|
|
|
// IsRunning returns if the container with the given id is running
|
|
func (e *Executor) IsRunning(id string) (bool, error) {
|
|
status, err := e.client.Status(context.Background(), id)
|
|
return status == libcontainerdtypes.StatusRunning, err
|
|
}
|
|
|
|
// Signal sends the specified signal to the container
|
|
func (e *Executor) Signal(id string, signal int) error {
|
|
return e.client.SignalProcess(context.Background(), id, libcontainerdtypes.InitProcessName, signal)
|
|
}
|
|
|
|
// ProcessEvent handles events from containerd
|
|
// All events are ignored except the exit event, which is sent of to the stored handler
|
|
func (e *Executor) ProcessEvent(id string, et libcontainerdtypes.EventType, ei libcontainerdtypes.EventInfo) error {
|
|
switch et {
|
|
case libcontainerdtypes.EventExit:
|
|
deleteTaskAndContainer(context.Background(), e.client, id)
|
|
return e.exitHandler.HandleExitEvent(ei.ContainerID)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type rio struct {
|
|
cio.IO
|
|
|
|
wg sync.WaitGroup
|
|
}
|
|
|
|
func (c *rio) Wait() {
|
|
c.wg.Wait()
|
|
c.IO.Wait()
|
|
}
|
|
|
|
func attachStreamsFunc(stdout, stderr io.WriteCloser) libcontainerdtypes.StdioCallback {
|
|
return func(iop *cio.DirectIO) (cio.IO, error) {
|
|
if iop.Stdin != nil {
|
|
iop.Stdin.Close()
|
|
// closing stdin shouldn't be needed here, it should never be open
|
|
panic("plugin stdin shouldn't have been created!")
|
|
}
|
|
|
|
rio := &rio{IO: iop}
|
|
rio.wg.Add(2)
|
|
go func() {
|
|
io.Copy(stdout, iop.Stdout)
|
|
stdout.Close()
|
|
rio.wg.Done()
|
|
}()
|
|
go func() {
|
|
io.Copy(stderr, iop.Stderr)
|
|
stderr.Close()
|
|
rio.wg.Done()
|
|
}()
|
|
return rio, nil
|
|
}
|
|
}
|