2016-07-08 19:04:00 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2016-09-17 15:26:56 +00:00
|
|
|
"fmt"
|
2016-07-08 19:04:00 +00:00
|
|
|
"net"
|
2016-07-22 20:44:27 +00:00
|
|
|
"os"
|
2016-10-13 14:57:48 +00:00
|
|
|
"sort"
|
2016-07-08 19:04:00 +00:00
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
"github.com/Sirupsen/logrus"
|
2016-11-22 19:25:48 +00:00
|
|
|
"github.com/containers/storage/pkg/reexec"
|
2016-09-26 23:55:12 +00:00
|
|
|
"github.com/kubernetes-incubator/cri-o/server"
|
2016-10-05 13:29:30 +00:00
|
|
|
"github.com/opencontainers/runc/libcontainer/selinux"
|
2016-07-20 01:30:05 +00:00
|
|
|
"github.com/urfave/cli"
|
2016-07-08 19:04:00 +00:00
|
|
|
"google.golang.org/grpc"
|
2016-09-23 07:31:31 +00:00
|
|
|
"k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
|
2016-07-08 19:04:00 +00:00
|
|
|
)
|
|
|
|
|
2016-11-23 09:41:48 +00:00
|
|
|
const ociConfigPath = "/etc/ocid/ocid.conf"
|
2016-10-10 09:57:40 +00:00
|
|
|
|
|
|
|
func mergeConfig(config *server.Config, ctx *cli.Context) error {
|
2016-10-10 08:20:35 +00:00
|
|
|
// Don't parse the config if the user explicitly set it to "".
|
|
|
|
if path := ctx.GlobalString("config"); path != "" {
|
|
|
|
if err := config.FromFile(path); err != nil {
|
|
|
|
if ctx.GlobalIsSet("config") || !os.IsNotExist(err) {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// We don't error out if --config wasn't explicitly set and the
|
|
|
|
// default doesn't exist. But we will log a warning about it, so
|
|
|
|
// the user doesn't miss it.
|
|
|
|
logrus.Warnf("default configuration file does not exist: %s", ociConfigPath)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-10-10 09:57:40 +00:00
|
|
|
// Override options set with the CLI.
|
|
|
|
if ctx.GlobalIsSet("conmon") {
|
|
|
|
config.Conmon = ctx.GlobalString("conmon")
|
|
|
|
}
|
2016-10-13 13:25:31 +00:00
|
|
|
if ctx.GlobalIsSet("containerdir") {
|
|
|
|
config.ContainerDir = ctx.GlobalString("containerdir")
|
|
|
|
}
|
2016-10-10 09:57:40 +00:00
|
|
|
if ctx.GlobalIsSet("pause") {
|
|
|
|
config.Pause = ctx.GlobalString("pause")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("root") {
|
|
|
|
config.Root = ctx.GlobalString("root")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("sandboxdir") {
|
|
|
|
config.SandboxDir = ctx.GlobalString("sandboxdir")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("listen") {
|
|
|
|
config.Listen = ctx.GlobalString("listen")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("runtime") {
|
|
|
|
config.Runtime = ctx.GlobalString("runtime")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("selinux") {
|
|
|
|
config.SELinux = ctx.GlobalBool("selinux")
|
|
|
|
}
|
2016-11-23 09:41:48 +00:00
|
|
|
if ctx.GlobalIsSet("seccomp-profile") {
|
|
|
|
config.SeccompProfile = ctx.GlobalString("seccomp-profile")
|
|
|
|
}
|
2016-11-30 08:19:36 +00:00
|
|
|
if ctx.GlobalIsSet("apparmor-profile") {
|
|
|
|
config.ApparmorProfile = ctx.GlobalString("apparmor-profile")
|
|
|
|
}
|
2016-12-19 23:01:27 +00:00
|
|
|
if ctx.GlobalIsSet("cgroup-manager") {
|
|
|
|
config.CgroupManager = ctx.GlobalString("cgroup-manager")
|
|
|
|
}
|
2016-12-17 11:23:07 +00:00
|
|
|
if ctx.GlobalIsSet("cni-config-dir") {
|
|
|
|
config.NetworkDir = ctx.GlobalString("cni-config-dir")
|
|
|
|
}
|
|
|
|
if ctx.GlobalIsSet("cni-plugin-dir") {
|
|
|
|
config.PluginDir = ctx.GlobalString("cni-plugin-dir")
|
|
|
|
}
|
2016-10-10 09:57:40 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-07-08 19:04:00 +00:00
|
|
|
func main() {
|
2016-11-22 19:25:48 +00:00
|
|
|
if reexec.Init() {
|
|
|
|
return
|
|
|
|
}
|
2016-07-20 01:30:05 +00:00
|
|
|
app := cli.NewApp()
|
2016-09-23 07:31:31 +00:00
|
|
|
app.Name = "ocid"
|
|
|
|
app.Usage = "ocid server"
|
|
|
|
app.Version = "0.0.1"
|
2016-10-10 09:57:40 +00:00
|
|
|
app.Metadata = map[string]interface{}{
|
2017-01-17 00:20:35 +00:00
|
|
|
"config": server.DefaultConfig(),
|
2016-10-10 09:57:40 +00:00
|
|
|
}
|
2016-07-20 01:30:05 +00:00
|
|
|
|
|
|
|
app.Flags = []cli.Flag{
|
2016-10-10 08:20:35 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "config",
|
|
|
|
Value: ociConfigPath,
|
|
|
|
Usage: "path to configuration file",
|
|
|
|
},
|
2016-09-28 19:49:46 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "conmon",
|
|
|
|
Usage: "path to the conmon executable",
|
|
|
|
},
|
2016-08-01 22:08:21 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "containerdir",
|
|
|
|
Usage: "ocid container dir",
|
|
|
|
},
|
2016-09-17 15:26:56 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
Name: "debug",
|
|
|
|
Usage: "enable debug output for logging",
|
|
|
|
},
|
2016-10-13 13:25:31 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "listen",
|
|
|
|
Usage: "path to ocid socket",
|
2016-10-05 13:29:30 +00:00
|
|
|
},
|
2016-09-17 15:26:56 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "log",
|
|
|
|
Value: "",
|
|
|
|
Usage: "set the log file path where internal debug information is written",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "log-format",
|
|
|
|
Value: "text",
|
|
|
|
Usage: "set the format used by logs ('text' (default), or 'json')",
|
|
|
|
},
|
2016-10-13 13:25:31 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "pause",
|
|
|
|
Usage: "path to the pause executable",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "root",
|
|
|
|
Usage: "ocid root dir",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "runtime",
|
|
|
|
Usage: "OCI runtime path",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "sandboxdir",
|
|
|
|
Usage: "ocid pod sandbox dir",
|
|
|
|
},
|
2016-11-23 09:41:48 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "seccomp-profile",
|
|
|
|
Usage: "default seccomp profile path",
|
|
|
|
},
|
2016-11-30 08:19:36 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "apparmor-profile",
|
2016-11-30 08:36:07 +00:00
|
|
|
Usage: "default apparmor profile name (default: \"ocid-default\")",
|
2016-11-30 08:19:36 +00:00
|
|
|
},
|
2016-10-13 13:25:31 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
Name: "selinux",
|
|
|
|
Usage: "enable selinux support",
|
|
|
|
},
|
2016-12-19 23:01:27 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "cgroup-manager",
|
|
|
|
Usage: "cgroup manager (cgroupfs or systemd)",
|
|
|
|
},
|
2016-12-17 11:23:07 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "cni-config-dir",
|
|
|
|
Usage: "CNI configuration files directory",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "cni-plugin-dir",
|
|
|
|
Usage: "CNI plugin binaries directory",
|
|
|
|
},
|
2016-09-17 15:26:56 +00:00
|
|
|
}
|
|
|
|
|
2017-01-05 06:59:10 +00:00
|
|
|
sort.Sort(cli.FlagsByName(app.Flags))
|
|
|
|
sort.Sort(cli.FlagsByName(configCommand.Flags))
|
2016-10-13 14:57:48 +00:00
|
|
|
|
2016-10-10 08:22:15 +00:00
|
|
|
app.Commands = []cli.Command{
|
|
|
|
configCommand,
|
|
|
|
}
|
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
app.Before = func(c *cli.Context) error {
|
2016-10-10 09:57:40 +00:00
|
|
|
// Load the configuration file.
|
|
|
|
config := c.App.Metadata["config"].(*server.Config)
|
|
|
|
if err := mergeConfig(config, c); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2016-10-26 19:45:29 +00:00
|
|
|
cf := &logrus.TextFormatter{
|
|
|
|
TimestampFormat: "2006-01-02 15:04:05.000000000Z07:00",
|
|
|
|
FullTimestamp: true,
|
|
|
|
}
|
|
|
|
|
|
|
|
logrus.SetFormatter(cf)
|
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
if c.GlobalBool("debug") {
|
|
|
|
logrus.SetLevel(logrus.DebugLevel)
|
|
|
|
}
|
2016-10-10 09:57:40 +00:00
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
if path := c.GlobalString("log"); path != "" {
|
|
|
|
f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND|os.O_SYNC, 0666)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
logrus.SetOutput(f)
|
|
|
|
}
|
2016-10-10 09:57:40 +00:00
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
switch c.GlobalString("log-format") {
|
|
|
|
case "text":
|
|
|
|
// retain logrus's default.
|
|
|
|
case "json":
|
|
|
|
logrus.SetFormatter(new(logrus.JSONFormatter))
|
|
|
|
default:
|
|
|
|
return fmt.Errorf("unknown log-format %q", c.GlobalString("log-format"))
|
|
|
|
}
|
2016-10-10 09:57:17 +00:00
|
|
|
|
2016-09-17 15:26:56 +00:00
|
|
|
return nil
|
2016-07-20 01:30:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
app.Action = func(c *cli.Context) error {
|
2016-10-10 09:57:40 +00:00
|
|
|
config := c.App.Metadata["config"].(*server.Config)
|
|
|
|
|
|
|
|
if !config.SELinux {
|
|
|
|
selinux.SetDisabled()
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := os.Stat(config.Runtime); os.IsNotExist(err) {
|
|
|
|
// path to runtime does not exist
|
|
|
|
return fmt.Errorf("invalid --runtime value %q", err)
|
|
|
|
}
|
|
|
|
|
2016-07-20 01:30:05 +00:00
|
|
|
// Remove the socket if it already exists
|
2016-10-10 09:57:40 +00:00
|
|
|
if _, err := os.Stat(config.Listen); err == nil {
|
|
|
|
if err := os.Remove(config.Listen); err != nil {
|
2016-09-19 07:21:14 +00:00
|
|
|
logrus.Fatal(err)
|
2016-07-20 01:30:05 +00:00
|
|
|
}
|
|
|
|
}
|
2016-10-10 09:57:40 +00:00
|
|
|
lis, err := net.Listen("unix", config.Listen)
|
2016-07-20 01:30:05 +00:00
|
|
|
if err != nil {
|
2016-09-19 07:21:14 +00:00
|
|
|
logrus.Fatalf("failed to listen: %v", err)
|
2016-07-20 01:30:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
s := grpc.NewServer()
|
|
|
|
|
2016-10-10 09:57:40 +00:00
|
|
|
service, err := server.New(config)
|
2016-07-20 01:30:05 +00:00
|
|
|
if err != nil {
|
2016-09-19 07:21:14 +00:00
|
|
|
logrus.Fatal(err)
|
2016-07-22 20:44:27 +00:00
|
|
|
}
|
2016-07-20 01:30:05 +00:00
|
|
|
|
|
|
|
runtime.RegisterRuntimeServiceServer(s, service)
|
|
|
|
runtime.RegisterImageServiceServer(s, service)
|
2016-10-12 20:27:28 +00:00
|
|
|
|
|
|
|
// after the daemon is done setting up we can notify systemd api
|
|
|
|
notifySystem()
|
|
|
|
|
2016-09-19 07:21:14 +00:00
|
|
|
if err := s.Serve(lis); err != nil {
|
|
|
|
logrus.Fatal(err)
|
|
|
|
}
|
2016-07-20 01:30:05 +00:00
|
|
|
return nil
|
2016-07-22 20:44:27 +00:00
|
|
|
}
|
2016-07-20 01:30:05 +00:00
|
|
|
|
|
|
|
if err := app.Run(os.Args); err != nil {
|
2016-09-19 07:21:14 +00:00
|
|
|
logrus.Fatal(err)
|
2016-07-19 18:53:57 +00:00
|
|
|
}
|
2016-07-08 19:04:00 +00:00
|
|
|
}
|