2017-07-17 12:25:32 +00:00
|
|
|
package libkpod
|
|
|
|
|
|
|
|
import (
|
2017-07-20 17:05:12 +00:00
|
|
|
"encoding/json"
|
2017-07-20 17:10:16 +00:00
|
|
|
"fmt"
|
2017-07-18 15:01:08 +00:00
|
|
|
"sync"
|
|
|
|
|
2017-07-20 17:10:16 +00:00
|
|
|
"github.com/Sirupsen/logrus"
|
2017-07-17 12:25:32 +00:00
|
|
|
"github.com/containers/image/types"
|
|
|
|
cstorage "github.com/containers/storage"
|
2017-07-20 18:53:40 +00:00
|
|
|
"github.com/docker/docker/pkg/ioutils"
|
2017-07-17 12:25:32 +00:00
|
|
|
"github.com/docker/docker/pkg/registrar"
|
|
|
|
"github.com/docker/docker/pkg/truncindex"
|
2017-07-25 15:12:53 +00:00
|
|
|
"github.com/kubernetes-incubator/cri-o/libkpod/sandbox"
|
2017-07-17 12:25:32 +00:00
|
|
|
"github.com/kubernetes-incubator/cri-o/oci"
|
|
|
|
"github.com/kubernetes-incubator/cri-o/pkg/storage"
|
|
|
|
)
|
|
|
|
|
|
|
|
// ContainerServer implements the ImageServer
|
|
|
|
type ContainerServer struct {
|
|
|
|
runtime *oci.Runtime
|
|
|
|
store cstorage.Store
|
|
|
|
storageImageServer storage.ImageServer
|
|
|
|
ctrNameIndex *registrar.Registrar
|
|
|
|
ctrIDIndex *truncindex.TruncIndex
|
2017-07-25 15:36:33 +00:00
|
|
|
podNameIndex *registrar.Registrar
|
|
|
|
podIDIndex *truncindex.TruncIndex
|
|
|
|
|
|
|
|
imageContext *types.SystemContext
|
|
|
|
stateLock sync.Locker
|
|
|
|
state *containerServerState
|
2017-07-25 19:16:43 +00:00
|
|
|
config *Config
|
2017-07-17 12:25:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Runtime returns the oci runtime for the ContainerServer
|
|
|
|
func (c *ContainerServer) Runtime() *oci.Runtime {
|
|
|
|
return c.runtime
|
|
|
|
}
|
|
|
|
|
|
|
|
// Store returns the Store for the ContainerServer
|
|
|
|
func (c *ContainerServer) Store() cstorage.Store {
|
|
|
|
return c.store
|
|
|
|
}
|
|
|
|
|
|
|
|
// StorageImageServer returns the ImageServer for the ContainerServer
|
|
|
|
func (c *ContainerServer) StorageImageServer() storage.ImageServer {
|
|
|
|
return c.storageImageServer
|
|
|
|
}
|
|
|
|
|
|
|
|
// CtrNameIndex returns the Registrar for the ContainerServer
|
|
|
|
func (c *ContainerServer) CtrNameIndex() *registrar.Registrar {
|
|
|
|
return c.ctrNameIndex
|
|
|
|
}
|
|
|
|
|
|
|
|
// CtrIDIndex returns the TruncIndex for the ContainerServer
|
|
|
|
func (c *ContainerServer) CtrIDIndex() *truncindex.TruncIndex {
|
|
|
|
return c.ctrIDIndex
|
|
|
|
}
|
|
|
|
|
2017-07-25 15:36:33 +00:00
|
|
|
// PodNameIndex returns the index of pod names
|
|
|
|
func (c *ContainerServer) PodNameIndex() *registrar.Registrar {
|
|
|
|
return c.podNameIndex
|
|
|
|
}
|
|
|
|
|
|
|
|
// PodIDIndex returns the index of pod IDs
|
|
|
|
func (c *ContainerServer) PodIDIndex() *truncindex.TruncIndex {
|
|
|
|
return c.podIDIndex
|
|
|
|
}
|
|
|
|
|
2017-07-17 12:25:32 +00:00
|
|
|
// ImageContext returns the SystemContext for the ContainerServer
|
|
|
|
func (c *ContainerServer) ImageContext() *types.SystemContext {
|
|
|
|
return c.imageContext
|
|
|
|
}
|
|
|
|
|
2017-07-25 19:16:43 +00:00
|
|
|
// Config gets the configuration for the ContainerServer
|
|
|
|
func (c *ContainerServer) Config() *Config {
|
|
|
|
return c.config
|
|
|
|
}
|
|
|
|
|
2017-07-20 19:43:01 +00:00
|
|
|
// New creates a new ContainerServer with options provided
|
2017-07-25 19:16:43 +00:00
|
|
|
func New(config *Config) (*ContainerServer, error) {
|
|
|
|
store, err := cstorage.GetStore(cstorage.StoreOptions{
|
|
|
|
RunRoot: config.RunRoot,
|
|
|
|
GraphRoot: config.Root,
|
|
|
|
GraphDriverName: config.Storage,
|
|
|
|
GraphDriverOptions: config.StorageOptions,
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
imageService, err := storage.GetImageService(store, config.DefaultTransport, config.InsecureRegistries)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
runtime, err := oci.New(config.Runtime, config.RuntimeUntrustedWorkload, config.DefaultWorkloadTrust, config.Conmon, config.ConmonEnv, config.CgroupManager)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2017-07-20 18:53:40 +00:00
|
|
|
return &ContainerServer{
|
|
|
|
runtime: runtime,
|
2017-07-17 12:25:32 +00:00
|
|
|
store: store,
|
2017-07-20 19:43:01 +00:00
|
|
|
storageImageServer: imageService,
|
|
|
|
ctrNameIndex: registrar.NewRegistrar(),
|
|
|
|
ctrIDIndex: truncindex.NewTruncIndex([]string{}),
|
2017-07-25 15:36:33 +00:00
|
|
|
podNameIndex: registrar.NewRegistrar(),
|
|
|
|
podIDIndex: truncindex.NewTruncIndex([]string{}),
|
2017-07-25 19:16:43 +00:00
|
|
|
imageContext: &types.SystemContext{SignaturePolicyPath: config.SignaturePolicyPath},
|
2017-07-18 15:01:08 +00:00
|
|
|
stateLock: new(sync.Mutex),
|
|
|
|
state: &containerServerState{
|
2017-07-20 18:53:40 +00:00
|
|
|
containers: oci.NewMemoryStore(),
|
2017-07-25 15:12:53 +00:00
|
|
|
sandboxes: make(map[string]*sandbox.Sandbox),
|
2017-07-18 15:01:08 +00:00
|
|
|
},
|
2017-07-25 19:16:43 +00:00
|
|
|
config: config,
|
|
|
|
}, nil
|
2017-07-17 12:25:32 +00:00
|
|
|
}
|
2017-07-18 15:01:08 +00:00
|
|
|
|
2017-07-20 17:05:12 +00:00
|
|
|
// ContainerStateFromDisk retrieves information on the state of a running container
|
|
|
|
// from the disk
|
|
|
|
func (c *ContainerServer) ContainerStateFromDisk(ctr *oci.Container) error {
|
|
|
|
if err := ctr.FromDisk(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
// ignore errors, this is a best effort to have up-to-date info about
|
|
|
|
// a given container before its state gets stored
|
|
|
|
c.runtime.UpdateStatus(ctr)
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// ContainerStateToDisk writes the container's state information to a JSON file
|
|
|
|
// on disk
|
|
|
|
func (c *ContainerServer) ContainerStateToDisk(ctr *oci.Container) error {
|
|
|
|
// ignore errors, this is a best effort to have up-to-date info about
|
|
|
|
// a given container before its state gets stored
|
|
|
|
c.Runtime().UpdateStatus(ctr)
|
|
|
|
|
|
|
|
jsonSource, err := ioutils.NewAtomicFileWriter(ctr.StatePath(), 0644)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer jsonSource.Close()
|
|
|
|
enc := json.NewEncoder(jsonSource)
|
|
|
|
return enc.Encode(c.runtime.ContainerStatus(ctr))
|
|
|
|
}
|
|
|
|
|
2017-07-20 17:10:16 +00:00
|
|
|
// ReserveContainerName holds a name for a container that is being created
|
|
|
|
func (c *ContainerServer) ReserveContainerName(id, name string) (string, error) {
|
|
|
|
if err := c.ctrNameIndex.Reserve(name, id); err != nil {
|
|
|
|
if err == registrar.ErrNameReserved {
|
|
|
|
id, err := c.ctrNameIndex.Get(name)
|
|
|
|
if err != nil {
|
|
|
|
logrus.Warnf("conflict, ctr name %q already reserved", name)
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return "", fmt.Errorf("conflict, name %q already reserved for ctr %q", name, id)
|
|
|
|
}
|
|
|
|
return "", fmt.Errorf("error reserving ctr name %s", name)
|
|
|
|
}
|
|
|
|
return name, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReleaseContainerName releases a container name from the index so that it can
|
|
|
|
// be used by other containers
|
|
|
|
func (c *ContainerServer) ReleaseContainerName(name string) {
|
|
|
|
c.ctrNameIndex.Release(name)
|
|
|
|
}
|
|
|
|
|
2017-07-25 15:36:33 +00:00
|
|
|
// ReservePodName holds a name for a pod that is being created
|
|
|
|
func (c *ContainerServer) ReservePodName(id, name string) (string, error) {
|
|
|
|
if err := c.podNameIndex.Reserve(name, id); err != nil {
|
|
|
|
if err == registrar.ErrNameReserved {
|
|
|
|
id, err := c.podNameIndex.Get(name)
|
|
|
|
if err != nil {
|
|
|
|
logrus.Warnf("conflict, pod name %q already reserved", name)
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return "", fmt.Errorf("conflict, name %q already reserved for pod %q", name, id)
|
|
|
|
}
|
|
|
|
return "", fmt.Errorf("error reserving pod name %q", name)
|
|
|
|
}
|
|
|
|
return name, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReleasePodName releases a pod name from the index so it can be used by other
|
|
|
|
// pods
|
|
|
|
func (c *ContainerServer) ReleasePodName(name string) {
|
|
|
|
c.podNameIndex.Release(name)
|
|
|
|
}
|
|
|
|
|
2017-07-20 18:53:40 +00:00
|
|
|
// Shutdown attempts to shut down the server's storage cleanly
|
|
|
|
func (c *ContainerServer) Shutdown() error {
|
|
|
|
_, err := c.store.Shutdown(false)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-07-18 15:01:08 +00:00
|
|
|
type containerServerState struct {
|
|
|
|
containers oci.ContainerStorer
|
2017-07-25 15:12:53 +00:00
|
|
|
sandboxes map[string]*sandbox.Sandbox
|
2017-07-18 15:01:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// AddContainer adds a container to the container state store
|
|
|
|
func (c *ContainerServer) AddContainer(ctr *oci.Container) {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
2017-07-25 15:12:53 +00:00
|
|
|
sandbox := c.state.sandboxes[ctr.Sandbox()]
|
|
|
|
sandbox.AddContainer(ctr)
|
2017-07-18 15:01:08 +00:00
|
|
|
c.state.containers.Add(ctr.ID(), ctr)
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetContainer returns a container by its ID
|
|
|
|
func (c *ContainerServer) GetContainer(id string) *oci.Container {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
return c.state.containers.Get(id)
|
|
|
|
}
|
|
|
|
|
2017-07-25 15:12:53 +00:00
|
|
|
// HasContainer checks if a container exists in the state
|
|
|
|
func (c *ContainerServer) HasContainer(id string) bool {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
ctr := c.state.containers.Get(id)
|
|
|
|
return ctr != nil
|
|
|
|
}
|
|
|
|
|
2017-07-18 15:01:08 +00:00
|
|
|
// RemoveContainer removes a container from the container state store
|
|
|
|
func (c *ContainerServer) RemoveContainer(ctr *oci.Container) {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
2017-07-25 15:12:53 +00:00
|
|
|
sbID := ctr.Sandbox()
|
|
|
|
sb := c.state.sandboxes[sbID]
|
|
|
|
sb.RemoveContainer(ctr)
|
2017-07-18 15:01:08 +00:00
|
|
|
c.state.containers.Delete(ctr.ID())
|
|
|
|
}
|
|
|
|
|
|
|
|
// ListContainers returns a list of all containers stored by the server state
|
|
|
|
func (c *ContainerServer) ListContainers() []*oci.Container {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
return c.state.containers.List()
|
|
|
|
}
|
2017-07-25 15:12:53 +00:00
|
|
|
|
|
|
|
// AddSandbox adds a sandbox to the sandbox state store
|
|
|
|
func (c *ContainerServer) AddSandbox(sb *sandbox.Sandbox) {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
c.state.sandboxes[sb.ID()] = sb
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetSandbox returns a sandbox by its ID
|
|
|
|
func (c *ContainerServer) GetSandbox(id string) *sandbox.Sandbox {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
return c.state.sandboxes[id]
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetSandboxContainer returns a sandbox's infra container
|
|
|
|
func (c *ContainerServer) GetSandboxContainer(id string) *oci.Container {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
sb, ok := c.state.sandboxes[id]
|
|
|
|
if !ok {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return sb.InfraContainer()
|
|
|
|
}
|
|
|
|
|
|
|
|
// HasSandbox checks if a sandbox exists in the state
|
|
|
|
func (c *ContainerServer) HasSandbox(id string) bool {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
_, ok := c.state.sandboxes[id]
|
|
|
|
return ok
|
|
|
|
}
|
|
|
|
|
|
|
|
// RemoveSandbox removes a sandbox from the state store
|
|
|
|
func (c *ContainerServer) RemoveSandbox(id string) {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
delete(c.state.sandboxes, id)
|
|
|
|
}
|
|
|
|
|
|
|
|
// ListSandboxes lists all sandboxes in the state store
|
|
|
|
func (c *ContainerServer) ListSandboxes() []*sandbox.Sandbox {
|
|
|
|
c.stateLock.Lock()
|
|
|
|
defer c.stateLock.Unlock()
|
|
|
|
sbArray := make([]*sandbox.Sandbox, 0, len(c.state.sandboxes))
|
|
|
|
for _, sb := range c.state.sandboxes {
|
|
|
|
sbArray = append(sbArray, sb)
|
|
|
|
}
|
|
|
|
|
|
|
|
return sbArray
|
|
|
|
}
|