2015-12-01 19:56:08 +00:00
|
|
|
package runtime
|
2015-11-05 23:29:53 +00:00
|
|
|
|
2015-11-10 22:57:10 +00:00
|
|
|
import (
|
2016-02-01 19:02:41 +00:00
|
|
|
"encoding/json"
|
|
|
|
|
"io/ioutil"
|
2015-11-10 22:57:10 +00:00
|
|
|
"os"
|
2016-02-01 19:02:41 +00:00
|
|
|
"os/exec"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
"syscall"
|
2016-02-01 23:07:02 +00:00
|
|
|
"time"
|
2015-11-10 22:57:10 +00:00
|
|
|
|
2016-02-01 19:02:41 +00:00
|
|
|
"github.com/Sirupsen/logrus"
|
2015-11-10 22:57:10 +00:00
|
|
|
"github.com/opencontainers/specs"
|
|
|
|
|
)
|
2015-11-10 21:44:35 +00:00
|
|
|
|
2015-11-05 23:29:53 +00:00
|
|
|
type Container interface {
|
2015-11-12 21:40:23 +00:00
|
|
|
// ID returns the container ID
|
2015-11-06 00:40:57 +00:00
|
|
|
ID() string
|
2015-11-12 21:40:23 +00:00
|
|
|
// Path returns the path to the bundle
|
2015-11-10 19:38:26 +00:00
|
|
|
Path() string
|
2016-01-06 21:32:46 +00:00
|
|
|
// Start starts the init process of the container
|
2016-02-03 21:56:15 +00:00
|
|
|
Start(checkpoint string, s Stdio) (Process, error)
|
2016-02-01 19:02:41 +00:00
|
|
|
// Exec starts another process in an existing container
|
2016-02-03 21:56:15 +00:00
|
|
|
Exec(string, specs.Process, Stdio) (Process, error)
|
2016-01-06 21:32:46 +00:00
|
|
|
// Delete removes the container's state and any resources
|
2015-11-05 23:29:53 +00:00
|
|
|
Delete() error
|
2015-11-12 21:40:23 +00:00
|
|
|
// Processes returns all the containers processes that have been added
|
2015-11-10 21:44:35 +00:00
|
|
|
Processes() ([]Process, error)
|
2015-11-12 21:40:23 +00:00
|
|
|
// State returns the containers runtime state
|
|
|
|
|
State() State
|
|
|
|
|
// Resume resumes a paused container
|
|
|
|
|
Resume() error
|
|
|
|
|
// Pause pauses a running container
|
|
|
|
|
Pause() error
|
2016-02-01 23:07:02 +00:00
|
|
|
// RemoveProcess removes the specified process from the container
|
2016-02-01 19:02:41 +00:00
|
|
|
RemoveProcess(string) error
|
2015-12-07 22:47:03 +00:00
|
|
|
// Checkpoints returns all the checkpoints for a container
|
2016-02-01 23:07:02 +00:00
|
|
|
Checkpoints() ([]Checkpoint, error)
|
2015-12-07 22:47:03 +00:00
|
|
|
// Checkpoint creates a new checkpoint
|
2016-02-01 23:07:02 +00:00
|
|
|
Checkpoint(Checkpoint) error
|
2015-12-07 22:47:03 +00:00
|
|
|
// DeleteCheckpoint deletes the checkpoint for the provided name
|
2016-02-01 23:07:02 +00:00
|
|
|
DeleteCheckpoint(name string) error
|
2015-12-08 18:04:31 +00:00
|
|
|
// Stats returns realtime container stats and resource information
|
2016-02-01 23:07:02 +00:00
|
|
|
// Stats() (*Stat, error) // OOM signals the channel if the container received an OOM notification
|
2016-01-06 21:32:46 +00:00
|
|
|
// OOM() (<-chan struct{}, error)
|
2015-11-05 23:29:53 +00:00
|
|
|
}
|
2016-02-01 19:02:41 +00:00
|
|
|
|
2016-02-03 21:56:15 +00:00
|
|
|
type Stdio struct {
|
|
|
|
|
Stdin string
|
|
|
|
|
Stdout string
|
|
|
|
|
Stderr string
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-11 20:20:29 +00:00
|
|
|
func NewStdio(stdin, stdout, stderr string) Stdio {
|
|
|
|
|
for _, s := range []*string{
|
|
|
|
|
&stdin, &stdout, &stderr,
|
|
|
|
|
} {
|
|
|
|
|
if *s == "" {
|
|
|
|
|
*s = "/dev/null"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return Stdio{
|
|
|
|
|
Stdin: stdin,
|
|
|
|
|
Stdout: stdout,
|
|
|
|
|
Stderr: stderr,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-01 19:02:41 +00:00
|
|
|
// New returns a new container
|
|
|
|
|
func New(root, id, bundle string) (Container, error) {
|
|
|
|
|
c := &container{
|
|
|
|
|
root: root,
|
|
|
|
|
id: id,
|
|
|
|
|
bundle: bundle,
|
|
|
|
|
processes: make(map[string]*process),
|
|
|
|
|
}
|
|
|
|
|
if err := os.Mkdir(filepath.Join(root, id), 0755); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
f, err := os.Create(filepath.Join(root, id, StateFile))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
|
|
|
|
if err := json.NewEncoder(f).Encode(state{
|
|
|
|
|
Bundle: bundle,
|
|
|
|
|
}); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return c, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Load(root, id string) (Container, error) {
|
|
|
|
|
var s state
|
|
|
|
|
f, err := os.Open(filepath.Join(root, id, StateFile))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
|
|
|
|
if err := json.NewDecoder(f).Decode(&s); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
c := &container{
|
|
|
|
|
root: root,
|
|
|
|
|
id: id,
|
|
|
|
|
bundle: s.Bundle,
|
|
|
|
|
processes: make(map[string]*process),
|
|
|
|
|
}
|
|
|
|
|
dirs, err := ioutil.ReadDir(filepath.Join(root, id))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
for _, d := range dirs {
|
|
|
|
|
if !d.IsDir() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
pid := d.Name()
|
2016-02-03 21:56:15 +00:00
|
|
|
s, err := readProcessState(filepath.Join(root, id, pid))
|
2016-02-01 19:02:41 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-03 21:56:15 +00:00
|
|
|
p, err := loadProcess(filepath.Join(root, id, pid), pid, c, s)
|
2016-02-01 19:02:41 +00:00
|
|
|
if err != nil {
|
|
|
|
|
logrus.WithField("id", id).WithField("pid", pid).Debug("containerd: error loading process %s", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
c.processes[pid] = p
|
|
|
|
|
}
|
|
|
|
|
return c, nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-03 21:56:15 +00:00
|
|
|
func readProcessState(dir string) (*ProcessState, error) {
|
2016-02-01 19:02:41 +00:00
|
|
|
f, err := os.Open(filepath.Join(dir, "process.json"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
2016-02-03 21:56:15 +00:00
|
|
|
var s ProcessState
|
2016-02-01 19:02:41 +00:00
|
|
|
if err := json.NewDecoder(f).Decode(&s); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return &s, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type container struct {
|
|
|
|
|
// path to store runtime state information
|
|
|
|
|
root string
|
|
|
|
|
id string
|
|
|
|
|
bundle string
|
|
|
|
|
processes map[string]*process
|
2016-02-03 21:56:15 +00:00
|
|
|
stdio Stdio
|
2016-02-01 19:02:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) ID() string {
|
|
|
|
|
return c.id
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Path() string {
|
|
|
|
|
return c.bundle
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-03 21:56:15 +00:00
|
|
|
func (c *container) Start(checkpoint string, s Stdio) (Process, error) {
|
2016-02-01 19:02:41 +00:00
|
|
|
processRoot := filepath.Join(c.root, c.id, InitProcessID)
|
2016-02-03 21:56:15 +00:00
|
|
|
if err := os.Mkdir(processRoot, 0755); err != nil {
|
2016-02-01 19:02:41 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-03 21:56:15 +00:00
|
|
|
cmd := exec.Command("containerd-shim",
|
|
|
|
|
c.id, c.bundle,
|
|
|
|
|
)
|
2016-02-01 19:02:41 +00:00
|
|
|
cmd.Dir = processRoot
|
|
|
|
|
cmd.SysProcAttr = &syscall.SysProcAttr{
|
|
|
|
|
Setpgid: true,
|
|
|
|
|
}
|
|
|
|
|
spec, err := c.readSpec()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-11 19:23:35 +00:00
|
|
|
config := &processConfig{
|
2016-02-11 19:30:25 +00:00
|
|
|
checkpoint: checkpoint,
|
2016-02-11 19:23:35 +00:00
|
|
|
root: processRoot,
|
|
|
|
|
id: InitProcessID,
|
|
|
|
|
c: c,
|
|
|
|
|
stdio: s,
|
|
|
|
|
spec: spec,
|
|
|
|
|
processSpec: spec.Process,
|
|
|
|
|
}
|
|
|
|
|
p, err := newProcess(config)
|
2016-02-01 19:02:41 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if err := cmd.Start(); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-02 22:21:25 +00:00
|
|
|
if _, err := p.getPid(); err != nil {
|
|
|
|
|
return p, nil
|
|
|
|
|
}
|
2016-02-01 19:02:41 +00:00
|
|
|
c.processes[InitProcessID] = p
|
|
|
|
|
return p, nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-03 21:56:15 +00:00
|
|
|
func (c *container) Exec(pid string, spec specs.Process, s Stdio) (Process, error) {
|
2016-02-01 19:02:41 +00:00
|
|
|
processRoot := filepath.Join(c.root, c.id, pid)
|
2016-02-03 21:56:15 +00:00
|
|
|
if err := os.Mkdir(processRoot, 0755); err != nil {
|
2016-02-01 19:02:41 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-03 21:56:15 +00:00
|
|
|
cmd := exec.Command("containerd-shim",
|
|
|
|
|
c.id, c.bundle,
|
|
|
|
|
)
|
2016-02-01 19:02:41 +00:00
|
|
|
cmd.Dir = processRoot
|
|
|
|
|
cmd.SysProcAttr = &syscall.SysProcAttr{
|
|
|
|
|
Setpgid: true,
|
|
|
|
|
}
|
2016-02-11 19:23:35 +00:00
|
|
|
config := &processConfig{
|
2016-02-11 19:30:25 +00:00
|
|
|
exec: true,
|
2016-02-11 19:23:35 +00:00
|
|
|
id: pid,
|
|
|
|
|
root: processRoot,
|
|
|
|
|
c: c,
|
|
|
|
|
processSpec: spec,
|
|
|
|
|
stdio: s,
|
|
|
|
|
}
|
|
|
|
|
p, err := newProcess(config)
|
2016-02-01 19:02:41 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if err := cmd.Start(); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2016-02-02 22:21:25 +00:00
|
|
|
if _, err := p.getPid(); err != nil {
|
|
|
|
|
return p, nil
|
|
|
|
|
}
|
2016-02-01 19:02:41 +00:00
|
|
|
c.processes[pid] = p
|
|
|
|
|
return p, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) readSpec() (*specs.LinuxSpec, error) {
|
|
|
|
|
var spec specs.LinuxSpec
|
|
|
|
|
f, err := os.Open(filepath.Join(c.bundle, "config.json"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
|
|
|
|
if err := json.NewDecoder(f).Decode(&spec); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return &spec, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Pause() error {
|
2016-02-11 00:48:04 +00:00
|
|
|
return exec.Command("runc", "pause", c.id).Run()
|
2016-02-01 19:02:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Resume() error {
|
2016-02-11 00:48:04 +00:00
|
|
|
return exec.Command("runc", "resume", c.id).Run()
|
2016-02-01 19:02:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) State() State {
|
|
|
|
|
return Running
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Delete() error {
|
|
|
|
|
return os.RemoveAll(filepath.Join(c.root, c.id))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Processes() ([]Process, error) {
|
|
|
|
|
out := []Process{}
|
|
|
|
|
for _, p := range c.processes {
|
|
|
|
|
out = append(out, p)
|
|
|
|
|
}
|
|
|
|
|
return out, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) RemoveProcess(pid string) error {
|
|
|
|
|
delete(c.processes, pid)
|
2016-02-03 21:56:15 +00:00
|
|
|
return os.RemoveAll(filepath.Join(c.root, c.id, pid))
|
2016-02-01 19:02:41 +00:00
|
|
|
}
|
2016-02-01 23:07:02 +00:00
|
|
|
|
|
|
|
|
func (c *container) Checkpoints() ([]Checkpoint, error) {
|
|
|
|
|
dirs, err := ioutil.ReadDir(filepath.Join(c.bundle, "checkpoints"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
var out []Checkpoint
|
|
|
|
|
for _, d := range dirs {
|
|
|
|
|
if !d.IsDir() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
path := filepath.Join(c.bundle, "checkpoints", d.Name(), "config.json")
|
|
|
|
|
data, err := ioutil.ReadFile(path)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
var cpt Checkpoint
|
|
|
|
|
if err := json.Unmarshal(data, &cpt); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
out = append(out, cpt)
|
|
|
|
|
}
|
|
|
|
|
return out, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) Checkpoint(cpt Checkpoint) error {
|
|
|
|
|
if err := os.MkdirAll(filepath.Join(c.bundle, "checkpoints"), 0755); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
path := filepath.Join(c.bundle, "checkpoints", cpt.Name)
|
|
|
|
|
if err := os.Mkdir(path, 0755); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
f, err := os.Create(filepath.Join(path, "config.json"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
cpt.Created = time.Now()
|
|
|
|
|
err = json.NewEncoder(f).Encode(cpt)
|
|
|
|
|
f.Close()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
args := []string{
|
|
|
|
|
"checkpoint",
|
|
|
|
|
"--image-path", path,
|
|
|
|
|
}
|
|
|
|
|
add := func(flags ...string) {
|
|
|
|
|
args = append(args, flags...)
|
|
|
|
|
}
|
|
|
|
|
if !cpt.Exit {
|
|
|
|
|
add("--leave-running")
|
|
|
|
|
}
|
|
|
|
|
if cpt.Shell {
|
|
|
|
|
add("--shell-job")
|
|
|
|
|
}
|
|
|
|
|
if cpt.Tcp {
|
|
|
|
|
add("--tcp-established")
|
|
|
|
|
}
|
|
|
|
|
if cpt.UnixSockets {
|
|
|
|
|
add("--ext-unix-sk")
|
|
|
|
|
}
|
2016-02-11 00:48:04 +00:00
|
|
|
add(c.id)
|
2016-02-01 23:07:02 +00:00
|
|
|
return exec.Command("runc", args...).Run()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *container) DeleteCheckpoint(name string) error {
|
|
|
|
|
return os.RemoveAll(filepath.Join(c.bundle, "checkpoints", name))
|
|
|
|
|
}
|
2016-02-11 19:23:35 +00:00
|
|
|
|
|
|
|
|
func getRootIDs(s *specs.LinuxSpec) (int, int, error) {
|
|
|
|
|
if s == nil {
|
|
|
|
|
return 0, 0, nil
|
|
|
|
|
}
|
|
|
|
|
var hasUserns bool
|
|
|
|
|
for _, ns := range s.Linux.Namespaces {
|
|
|
|
|
if ns.Type == specs.UserNamespace {
|
|
|
|
|
hasUserns = true
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if !hasUserns {
|
|
|
|
|
return 0, 0, nil
|
|
|
|
|
}
|
|
|
|
|
uid := hostIDFromMap(0, s.Linux.UIDMappings)
|
|
|
|
|
gid := hostIDFromMap(0, s.Linux.GIDMappings)
|
|
|
|
|
return uid, gid, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func hostIDFromMap(id uint32, mp []specs.IDMapping) int {
|
|
|
|
|
for _, m := range mp {
|
|
|
|
|
if (id >= m.ContainerID) && (id <= (m.ContainerID + m.Size - 1)) {
|
|
|
|
|
return int(m.HostID + (id - m.ContainerID))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return 0
|
|
|
|
|
}
|
