Add exec functionality to shim

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-01-24 14:45:18 -08:00 · 2017-01-24 14:45:18 -08:00 · e09b0b0c35
commit e09b0b0c35
parent d5d2e586cd
7 changed files with 1351 additions and 93 deletions
--- a/cmd/containerd-shim/exec.go
+++ b/cmd/containerd-shim/exec.go
@ -1,5 +1,127 @@
 package main

-func newExecProcess(id, bundle, runtimeName string) (process, error) {
-	return nil, nil
+import (
+	"context"
+	"fmt"
+	"os"
+	"path/filepath"
+	"sync"
+
+	runc "github.com/crosbymichael/go-runc"
+	"github.com/docker/containerd/api/shim"
+	specs "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+type execProcess struct {
+	sync.WaitGroup
+
+	id      string
+	console *runc.Console
+	io      runc.IO
+	status  int
+	pid     int
+
+	parent *initProcess
+}
+
+func newExecProcess(context context.Context, r *shim.ExecRequest, parent *initProcess) (process, error) {
+	cwd, err := os.Getwd()
+	if err != nil {
+		return nil, err
+	}
+	e := &execProcess{
+		id:     r.ID,
+		parent: parent,
+	}
+	var (
+		socket  *runc.ConsoleSocket
+		io      runc.IO
+		pidfile = filepath.Join(cwd, fmt.Sprintf("%s.pid", r.ID))
+	)
+	if r.Terminal {
+		if socket, err = runc.NewConsoleSocket(filepath.Join(cwd, "pty.sock")); err != nil {
+			return nil, err
+		}
+	} else {
+		// TODO: get uid/gid
+		if io, err = runc.NewPipeIO(0, 0); err != nil {
+			return nil, err
+		}
+		e.io = io
+	}
+	opts := &runc.ExecOpts{
+		PidFile:       pidfile,
+		ConsoleSocket: socket,
+		IO:            io,
+		Detach:        true,
+		Tty:           socket != nil,
+	}
+	if err := parent.runc.Exec(context, r.ID, processFromRequest(r), opts); err != nil {
+		return nil, err
+	}
+	pid, err := runc.ReadPidFile(opts.PidFile)
+	if err != nil {
+		return nil, err
+	}
+	e.pid = pid
+	return e, nil
+}
+
+func processFromRequest(r *shim.ExecRequest) specs.Process {
+	return specs.Process{
+		Terminal: r.Terminal,
+		User: specs.User{
+			UID:            r.User.Uid,
+			GID:            r.User.Gid,
+			AdditionalGids: r.User.AdditionalGids,
+		},
+		Rlimits:         rlimits(r.Rlimits),
+		Args:            r.Args,
+		Env:             r.Env,
+		Cwd:             r.Cwd,
+		Capabilities:    r.Capabilities,
+		NoNewPrivileges: r.NoNewPrivileges,
+		ApparmorProfile: r.ApparmorProfile,
+		SelinuxLabel:    r.SelinuxLabel,
+	}
+}
+
+func rlimits(rr []*shim.Rlimit) (o []specs.LinuxRlimit) {
+	for _, r := range rr {
+		o = append(o, specs.LinuxRlimit{
+			Type: r.Type,
+			Hard: r.Hard,
+			Soft: r.Soft,
+		})
+	}
+	return o
+}
+
+func (e *execProcess) Pid() int {
+	return e.pid
+}
+
+func (e *execProcess) Status() int {
+	return e.status
+}
+
+func (e *execProcess) Exited(status int) {
+	e.status = status
+}
+
+func (e *execProcess) Start(_ context.Context) error {
+	return nil
+}
+
+func (e *execProcess) Delete(context context.Context) error {
+	e.Wait()
+	e.io.Close()
+	return nil
+}
+
+func (e *execProcess) Resize(ws runc.WinSize) error {
+	if e.console == nil {
+		return nil
+	}
+	return e.console.Resize(ws)
 }
--- a/cmd/containerd-shim/init.go
+++ b/cmd/containerd-shim/init.go
@ -52,9 +52,10 @@ func newInitProcess(context context.Context, r *shim.CreateRequest) (process, er
 		if io, err = runc.NewPipeIO(0, 0); err != nil {
 			return nil, err
 		}
+		p.io = io
 	}
 	opts := &runc.CreateOpts{
-		PidFile:       filepath.Join(cwd, "pid"),
+		PidFile:       filepath.Join(cwd, "init.pid"),
 		ConsoleSocket: socket,
 		IO:            io,
 		NoPivot:       r.NoPivot,
--- a/cmd/containerd-shim/main.go
+++ b/cmd/containerd-shim/main.go
@ -56,7 +56,7 @@ func main() {
 				processes: make(map[int]process),
 			}
 		)
-		shim.RegisterShimServiceServer(server, sv)
+		shim.RegisterShimServer(server, sv)
 		l, err := utils.CreateUnixSocket("shim.sock")
 		if err != nil {
 			return err
--- a/cmd/containerd-shim/service.go
+++ b/cmd/containerd-shim/service.go
@ -62,7 +62,17 @@ func (s *service) Delete(ctx context.Context, r *shim.DeleteRequest) (*shim.Dele
 }

 func (s *service) Exec(ctx context.Context, r *shim.ExecRequest) (*shim.ExecResponse, error) {
-	return nil, nil
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	process, err := newExecProcess(ctx, r, s.processes[s.initPid].(*initProcess))
+	if err != nil {
+		return nil, err
+	}
+	pid := process.Pid()
+	s.processes[pid] = process
+	return &shim.ExecResponse{
+		Pid: uint32(pid),
+	}, nil
 }

 func (s *service) Pty(ctx context.Context, r *shim.PtyRequest) (*google_protobuf.Empty, error) {
--- a/cmd/ctr/shim.go
+++ b/cmd/ctr/shim.go
@ -104,7 +104,7 @@ var shimDeleteCommand = cli.Command{
 	},
 }

-func getShimService() (shim.ShimServiceClient, error) {
+func getShimService() (shim.ShimClient, error) {
 	bindSocket := "shim.sock"

 	// reset the logger for grpc to log to dev/null so that it does not mess with our stdio
@ -119,6 +119,6 @@ func getShimService() (shim.ShimServiceClient, error) {
 	if err != nil {
 		return nil, err
 	}
-	return shim.NewShimServiceClient(conn), nil
+	return shim.NewShimClient(conn), nil

 }