vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Applying k8s.io v3 API for ocic and ocid

Browse source 
Signed-off-by: Michał Żyłowski <michal.zylowski@intel.com>
This commit is contained in:
Michał Żyłowski 2017-02-03 15:41:28 +01:00
parent a48336f981
commit 5c81217e09
26 changed files with 247 additions and 289 deletions
Download patch file Download diff file Expand all files Collapse all files

13
server/container.go
View file

@ -13,19 +13,14 @@ const (
containerTypeContainer = "container"
)
type containerRequest interface {
GetContainerId() string
}
func (s *Server) getContainerFromRequest(req containerRequest) (*oci.Container, error) {
ctrID := req.GetContainerId()
if ctrID == "" {
func (s *Server) getContainerFromRequest(containerID string) (*oci.Container, error) {
if containerID == "" {
return nil, fmt.Errorf("container ID should not be empty")
}
containerID, err := s.ctrIDIndex.Get(ctrID)
containerID, err := s.ctrIDIndex.Get(containerID)
if err != nil {
return nil, fmt.Errorf("container with ID starting with %s not found: %v", ctrID, err)
return nil, fmt.Errorf("container with ID starting with %s not found: %v", containerID, err)
}
c := s.state.containers.Get(containerID)

89
server/container_create.go
View file

@ -29,7 +29,7 @@ const (
func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerRequest) (res *pb.CreateContainerResponse, err error) {
logrus.Debugf("CreateContainerRequest %+v", req)
s.Update()
sbID := req.GetPodSandboxId()
sbID := req.PodSandboxId
if sbID == "" {
return nil, fmt.Errorf("PodSandboxId should not be empty")
}
@ -50,12 +50,12 @@ func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerReq
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig is nil")
}
name := containerConfig.GetMetadata().GetName()
name := containerConfig.GetMetadata().Name
if name == "" {
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig.Name is empty")
}
attempt := containerConfig.GetMetadata().GetAttempt()
attempt := containerConfig.GetMetadata().Attempt
containerID, containerName, err := s.generateContainerIDandName(sb.name, name, attempt)
if err != nil {
return nil, err
@ -96,7 +96,7 @@ func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerReq
}
resp := &pb.CreateContainerResponse{
ContainerId: &containerID,
ContainerId: containerID,
}
logrus.Debugf("CreateContainerResponse: %+v", resp)
@ -108,14 +108,15 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
return nil, errors.New("createSandboxContainer needs a sandbox")
}
// TODO: simplify this function (cyclomatic complexity here is high)
// TODO: factor generating/updating the spec into something other projects can vendor
// creates a spec Generator with the default spec.
specgen := generate.New()
processArgs := []string{}
commands := containerConfig.GetCommand()
args := containerConfig.GetArgs()
commands := containerConfig.Command
args := containerConfig.Args
if commands == nil && args == nil {
processArgs = nil
}
@ -126,7 +127,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
processArgs = append(processArgs, args...)
}
cwd := containerConfig.GetWorkingDir()
cwd := containerConfig.WorkingDir
if cwd == "" {
cwd = "/"
}
@ -135,8 +136,8 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
envs := containerConfig.GetEnvs()
if envs != nil {
for _, item := range envs {
key := item.GetKey()
value := item.GetValue()
key := item.Key
value := item.Value
if key == "" {
continue
}
@ -146,22 +147,22 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
mounts := containerConfig.GetMounts()
for _, mount := range mounts {
dest := mount.GetContainerPath()
dest := mount.ContainerPath
if dest == "" {
return nil, fmt.Errorf("Mount.ContainerPath is empty")
}
src := mount.GetHostPath()
src := mount.HostPath
if src == "" {
return nil, fmt.Errorf("Mount.HostPath is empty")
}
options := []string{"rw"}
if mount.GetReadonly() {
if mount.Readonly {
options = []string{"ro"}
}
if mount.GetSelinuxRelabel() {
if mount.SelinuxRelabel {
// Need a way in kubernetes to determine if the volume is shared or private
if err := label.Relabel(src, sb.mountLabel, true); err != nil && err != syscall.ENOTSUP {
return nil, fmt.Errorf("relabel failed %s: %v", src, err)
@ -184,7 +185,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
// set this container's apparmor profile if it is set by sandbox
if s.appArmorEnabled {
appArmorProfileName := s.getAppArmorProfileName(sb.annotations, metadata.GetName())
appArmorProfileName := s.getAppArmorProfileName(sb.annotations, metadata.Name)
if appArmorProfileName != "" {
// reload default apparmor profile if it is unloaded.
if s.appArmorProfile == apparmor.DefaultApparmorProfile {
@ -196,46 +197,44 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
specgen.SetProcessApparmorProfile(appArmorProfileName)
}
}
if containerConfig.GetLinux().GetSecurityContext() != nil {
if containerConfig.GetLinux().GetSecurityContext().Privileged {
specgen.SetupPrivileged(true)
}
if containerConfig.GetLinux().GetSecurityContext().GetPrivileged() {
specgen.SetupPrivileged(true)
if containerConfig.GetLinux().GetSecurityContext().ReadonlyRootfs {
specgen.SetRootReadonly(true)
}
}
if containerConfig.GetLinux().GetSecurityContext().GetReadonlyRootfs() {
specgen.SetRootReadonly(true)
}
logPath := containerConfig.GetLogPath()
if containerConfig.GetTty() {
specgen.SetProcessTerminal(true)
}
logPath := containerConfig.LogPath
specgen.SetProcessTerminal(containerConfig.Tty)
linux := containerConfig.GetLinux()
if linux != nil {
resources := linux.GetResources()
if resources != nil {
cpuPeriod := resources.GetCpuPeriod()
cpuPeriod := resources.CpuPeriod
if cpuPeriod != 0 {
specgen.SetLinuxResourcesCPUPeriod(uint64(cpuPeriod))
}
cpuQuota := resources.GetCpuQuota()
cpuQuota := resources.CpuQuota
if cpuQuota != 0 {
specgen.SetLinuxResourcesCPUQuota(uint64(cpuQuota))
}
cpuShares := resources.GetCpuShares()
cpuShares := resources.CpuShares
if cpuShares != 0 {
specgen.SetLinuxResourcesCPUShares(uint64(cpuShares))
}
memoryLimit := resources.GetMemoryLimitInBytes()
memoryLimit := resources.MemoryLimitInBytes
if memoryLimit != 0 {
specgen.SetLinuxResourcesMemoryLimit(uint64(memoryLimit))
}
oomScoreAdj := resources.GetOomScoreAdj()
oomScoreAdj := resources.OomScoreAdj
specgen.SetLinuxResourcesOOMScoreAdj(int(oomScoreAdj))
}
@ -250,7 +249,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
capabilities := linux.GetSecurityContext().GetCapabilities()
if capabilities != nil {
addCaps := capabilities.GetAddCapabilities()
addCaps := capabilities.AddCapabilities
if addCaps != nil {
for _, cap := range addCaps {
if err := specgen.AddProcessCapability(cap); err != nil {
@ -259,7 +258,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
}
}
dropCaps := capabilities.GetDropCapabilities()
dropCaps := capabilities.DropCapabilities
if dropCaps != nil {
for _, cap := range dropCaps {
if err := specgen.DropProcessCapability(cap); err != nil {
@ -272,14 +271,14 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
specgen.SetProcessSelinuxLabel(sb.processLabel)
specgen.SetLinuxMountLabel(sb.mountLabel)
user := linux.GetSecurityContext().GetRunAsUser()
specgen.SetProcessUID(uint32(user))
specgen.SetProcessGID(uint32(user))
groups := linux.GetSecurityContext().GetSupplementalGroups()
for _, group := range groups {
specgen.AddProcessAdditionalGid(uint32(group))
if linux.GetSecurityContext() != nil {
user := linux.GetSecurityContext().GetRunAsUser()
specgen.SetProcessUID(uint32(user.Value))
specgen.SetProcessGID(uint32(user.Value))
groups := linux.GetSecurityContext().SupplementalGroups
for _, group := range groups {
specgen.AddProcessAdditionalGid(uint32(group))
}
}
}
// Join the namespace paths for the pod sandbox container.
@ -308,7 +307,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig.Image is nil")
}
image := imageSpec.GetImage()
image := imageSpec.Image
if image == "" {
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig.Image.Image is empty")
}
@ -321,7 +320,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
specgen.AddAnnotation("ocid/sandbox_name", sb.infraContainer.Name())
specgen.AddAnnotation("ocid/container_type", containerTypeContainer)
specgen.AddAnnotation("ocid/log_path", logPath)
specgen.AddAnnotation("ocid/tty", fmt.Sprintf("%v", containerConfig.GetTty()))
specgen.AddAnnotation("ocid/tty", fmt.Sprintf("%v", containerConfig.Tty))
specgen.AddAnnotation("ocid/image", image)
metadataJSON, err := json.Marshal(metadata)
@ -346,8 +345,8 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
return nil, err
}
metaname := metadata.GetName()
attempt := metadata.GetAttempt()
metaname := metadata.Name
attempt := metadata.Attempt
containerInfo, err := s.storage.CreateContainer(s.imageContext,
sb.name, sb.id,
image, image,
@ -385,7 +384,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
return nil, err
}
container, err := oci.NewContainer(containerID, containerName, containerInfo.RunDir, logPath, sb.netNs(), labels, annotations, imageSpec, metadata, sb.id, containerConfig.GetTty())
container, err := oci.NewContainer(containerID, containerName, containerInfo.RunDir, logPath, sb.netNs(), labels, annotations, imageSpec, metadata, sb.id, containerConfig.Tty)
if err != nil {
return nil, err
}

8
server/container_execsync.go
View file

@ -12,7 +12,7 @@ import (
// ExecSync runs a command in a container synchronously.
func (s *Server) ExecSync(ctx context.Context, req *pb.ExecSyncRequest) (*pb.ExecSyncResponse, error) {
logrus.Debugf("ExecSyncRequest %+v", req)
c, err := s.getContainerFromRequest(req)
c, err := s.getContainerFromRequest(req.ContainerId)
if err != nil {
return nil, err
}
@ -26,19 +26,19 @@ func (s *Server) ExecSync(ctx context.Context, req *pb.ExecSyncRequest) (*pb.Exe
return nil, fmt.Errorf("container is not created or running")
}
cmd := req.GetCmd()
cmd := req.Cmd
if cmd == nil {
return nil, fmt.Errorf("exec command cannot be empty")
}
execResp, err := s.runtime.ExecSync(c, cmd, req.GetTimeout())
execResp, err := s.runtime.ExecSync(c, cmd, req.Timeout)
if err != nil {
return nil, err
}
resp := &pb.ExecSyncResponse{
Stdout: execResp.Stdout,
Stderr: execResp.Stderr,
ExitCode: &execResp.ExitCode,
ExitCode: execResp.ExitCode,
}
logrus.Debugf("ExecSyncResponse: %+v", resp)

24
server/container_list.go
View file

@ -4,15 +4,15 @@ import (
"github.com/Sirupsen/logrus"
"github.com/kubernetes-incubator/cri-o/oci"
"golang.org/x/net/context"
"k8s.io/kubernetes/staging/src/k8s.io/apimachinery/pkg/fields"
pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
"k8s.io/kubernetes/staging/src/k8s.io/apimachinery/pkg/fields"
)
// filterContainer returns whether passed container matches filtering criteria
func filterContainer(c *pb.Container, filter *pb.ContainerFilter) bool {
if filter != nil {
if filter.State != nil {
if *c.State != *filter.State {
if c.State != filter.State.State {
return false
}
}
@ -36,15 +36,15 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque
// Filter using container id and pod id first.
if filter != nil {
if filter.Id != nil {
id, err := s.ctrIDIndex.Get(*filter.Id)
if filter.Id != "" {
id, err := s.ctrIDIndex.Get(filter.Id)
if err != nil {
return nil, err
}
c := s.state.containers.Get(id)
if c != nil {
if filter.PodSandboxId != nil {
if c.Sandbox() == *filter.PodSandboxId {
if filter.PodSandboxId != "" {
if c.Sandbox() == filter.PodSandboxId {
ctrList = []*oci.Container{c}
} else {
ctrList = []*oci.Container{}
@ -55,8 +55,8 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque
}
}
} else {
if filter.PodSandboxId != nil {
pod := s.state.sandboxes[*filter.PodSandboxId]
if filter.PodSandboxId != "" {
pod := s.state.sandboxes[filter.PodSandboxId]
if pod == nil {
ctrList = []*oci.Container{}
} else {
@ -78,9 +78,9 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque
cID := ctr.ID()
c := &pb.Container{
Id: &cID,
PodSandboxId: &podSandboxID,
CreatedAt: int64Ptr(created),
Id: cID,
PodSandboxId: podSandboxID,
CreatedAt: int64(created),
Labels: ctr.Labels(),
Metadata: ctr.Metadata(),
Annotations: ctr.Annotations(),
@ -95,7 +95,7 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque
case oci.ContainerStateStopped:
rState = pb.ContainerState_CONTAINER_EXITED
}
c.State = &rState
c.State = rState
// Filter by other criteria such as state and labels.
if filterContainer(c, req.Filter) {

2
server/container_remove.go
View file

@ -14,7 +14,7 @@ import (
func (s *Server) RemoveContainer(ctx context.Context, req *pb.RemoveContainerRequest) (*pb.RemoveContainerResponse, error) {
logrus.Debugf("RemoveContainerRequest %+v", req)
s.Update()
c, err := s.getContainerFromRequest(req)
c, err := s.getContainerFromRequest(req.ContainerId)
if err != nil {
return nil, err
}

2
server/container_start.go
View file

@ -12,7 +12,7 @@ import (
func (s *Server) StartContainer(ctx context.Context, req *pb.StartContainerRequest) (*pb.StartContainerResponse, error) {
logrus.Debugf("StartContainerRequest %+v", req)
s.Update()
c, err := s.getContainerFromRequest(req)
c, err := s.getContainerFromRequest(req.ContainerId)
if err != nil {
return nil, err
}

20
server/container_status.go
View file

@ -11,7 +11,7 @@ import (
func (s *Server) ContainerStatus(ctx context.Context, req *pb.ContainerStatusRequest) (*pb.ContainerStatusResponse, error) {
logrus.Debugf("ContainerStatusRequest %+v", req)
s.Update()
c, err := s.getContainerFromRequest(req)
c, err := s.getContainerFromRequest(req.ContainerId)
if err != nil {
return nil, err
}
@ -23,7 +23,7 @@ func (s *Server) ContainerStatus(ctx context.Context, req *pb.ContainerStatusReq
containerID := c.ID()
resp := &pb.ContainerStatusResponse{
Status: &pb.ContainerStatus{
Id: &containerID,
Id: containerID,
Metadata: c.Metadata(),
},
}
@ -35,25 +35,25 @@ func (s *Server) ContainerStatus(ctx context.Context, req *pb.ContainerStatusReq
case oci.ContainerStateCreated:
rStatus = pb.ContainerState_CONTAINER_CREATED
created := cState.Created.UnixNano()
resp.Status.CreatedAt = int64Ptr(created)
resp.Status.CreatedAt = int64(created)
case oci.ContainerStateRunning:
rStatus = pb.ContainerState_CONTAINER_RUNNING
created := cState.Created.UnixNano()
resp.Status.CreatedAt = int64Ptr(created)
resp.Status.CreatedAt = int64(created)
started := cState.Started.UnixNano()
resp.Status.StartedAt = int64Ptr(started)
resp.Status.StartedAt = int64(started)
case oci.ContainerStateStopped:
rStatus = pb.ContainerState_CONTAINER_EXITED
created := cState.Created.UnixNano()
resp.Status.CreatedAt = int64Ptr(created)
resp.Status.CreatedAt = int64(created)
started := cState.Started.UnixNano()
resp.Status.StartedAt = int64Ptr(started)
resp.Status.StartedAt = int64(started)
finished := cState.Finished.UnixNano()
resp.Status.FinishedAt = int64Ptr(finished)
resp.Status.ExitCode = int32Ptr(cState.ExitCode)
resp.Status.FinishedAt = int64(finished)
resp.Status.ExitCode = int32(cState.ExitCode)
}
resp.Status.State = &rStatus
resp.Status.State = rStatus
logrus.Debugf("ContainerStatusResponse: %+v", resp)
return resp, nil

2
server/container_stop.go
View file

@ -13,7 +13,7 @@ import (
func (s *Server) StopContainer(ctx context.Context, req *pb.StopContainerRequest) (*pb.StopContainerResponse, error) {
logrus.Debugf("StopContainerRequest %+v", req)
s.Update()
c, err := s.getContainerFromRequest(req)
c, err := s.getContainerFromRequest(req.ContainerId)
if err != nil {
return nil, err
}

19
server/image_list.go
View file

@ -14,7 +14,7 @@ func (s *Server) ListImages(ctx context.Context, req *pb.ListImagesRequest) (*pb
if reqFilter != nil {
filterImage := reqFilter.GetImage()
if filterImage != nil {
filter = filterImage.GetImage()
filter = filterImage.Image
}
}
results, err := s.images.ListImages(filter)
@ -23,11 +23,18 @@ func (s *Server) ListImages(ctx context.Context, req *pb.ListImagesRequest) (*pb
}
response := pb.ListImagesResponse{}
for _, result := range results {
response.Images = append(response.Images, &pb.Image{
Id: sPtr(result.ID),
RepoTags: result.Names,
Size_: result.Size,
})
if result.Size != nil {
response.Images = append(response.Images, &pb.Image{
Id: result.ID,
RepoTags: result.Names,
Size_: *result.Size,
})
} else {
response.Images = append(response.Images, &pb.Image{
Id: result.ID,
RepoTags: result.Names,
})
}
}
logrus.Debugf("ListImagesResponse: %+v", response)
return &response, nil

4
server/image_pull.go
View file

@ -15,7 +15,7 @@ func (s *Server) PullImage(ctx context.Context, req *pb.PullImageRequest) (*pb.P
image := ""
img := req.GetImage()
if img != nil {
image = img.GetImage()
image = img.Image
}
options := &copy.Options{}
_, err := s.images.PullImage(s.imageContext, image, options)
@ -23,7 +23,7 @@ func (s *Server) PullImage(ctx context.Context, req *pb.PullImageRequest) (*pb.P
return nil, err
}
resp := &pb.PullImageResponse{
ImageRef: &image,
ImageRef: image,
}
logrus.Debugf("PullImageResponse: %+v", resp)
return resp, nil

2
server/image_remove.go
View file

@ -14,7 +14,7 @@ func (s *Server) RemoveImage(ctx context.Context, req *pb.RemoveImageRequest) (*
image := ""
img := req.GetImage()
if img != nil {
image = img.GetImage()
image = img.Image
}
if image == "" {
return nil, fmt.Errorf("no image specified")

6
server/image_status.go
View file

@ -15,7 +15,7 @@ func (s *Server) ImageStatus(ctx context.Context, req *pb.ImageStatusRequest) (*
image := ""
img := req.GetImage()
if img != nil {
image = img.GetImage()
image = img.Image
}
if image == "" {
return nil, fmt.Errorf("no image specified")
@ -29,9 +29,9 @@ func (s *Server) ImageStatus(ctx context.Context, req *pb.ImageStatusRequest) (*
}
resp := &pb.ImageStatusResponse{
Image: &pb.Image{
Id: &status.ID,
Id: status.ID,
RepoTags: status.Names,
Size_: status.Size,
Size_: *status.Size,
},
}
logrus.Debugf("ImageStatusResponse: %+v", resp)

8
server/runtime_status.go
View file

@ -26,12 +26,12 @@ func (s *Server) Status(ctx context.Context, req *pb.StatusRequest) (*pb.StatusR
Status: &pb.RuntimeStatus{
Conditions: []*pb.RuntimeCondition{
{
Type: &runtimeReadyConditionString,
Status: &runtimeReady,
Type: runtimeReadyConditionString,
Status: runtimeReady,
},
{
Type: &networkReadyConditionString,
Status: &networkReady,
Type: networkReadyConditionString,
Status: networkReady,
},
},
},

13
server/sandbox.go
View file

@ -261,19 +261,14 @@ func (s *Server) generatePodIDandName(name string, namespace string, attempt uin
return id, name, err
}
type podSandboxRequest interface {
GetPodSandboxId() string
}
func (s *Server) getPodSandboxFromRequest(req podSandboxRequest) (*sandbox, error) {
sbID := req.GetPodSandboxId()
if sbID == "" {
func (s *Server) getPodSandboxFromRequest(podSandboxID string) (*sandbox, error) {
if podSandboxID == "" {
return nil, errSandboxIDEmpty
}
sandboxID, err := s.podIDIndex.Get(sbID)
sandboxID, err := s.podIDIndex.Get(podSandboxID)
if err != nil {
return nil, fmt.Errorf("PodSandbox with ID starting with %s not found: %v", sbID, err)
return nil, fmt.Errorf("PodSandbox with ID starting with %s not found: %v", podSandboxID, err)
}
sb := s.getSandbox(sandboxID)

14
server/sandbox_list.go
View file

@ -4,15 +4,15 @@ import (
"github.com/Sirupsen/logrus"
"github.com/kubernetes-incubator/cri-o/oci"
"golang.org/x/net/context"
"k8s.io/kubernetes/staging/src/k8s.io/apimachinery/pkg/fields"
pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
"k8s.io/kubernetes/staging/src/k8s.io/apimachinery/pkg/fields"
)
// filterSandbox returns whether passed container matches filtering criteria
func filterSandbox(p *pb.PodSandbox, filter *pb.PodSandboxFilter) bool {
if filter != nil {
if filter.State != nil {
if *p.State != *filter.State {
if p.State != filter.State.State {
return false
}
}
@ -39,8 +39,8 @@ func (s *Server) ListPodSandbox(ctx context.Context, req *pb.ListPodSandboxReque
filter := req.Filter
// Filter by pod id first.
if filter != nil {
if filter.Id != nil {
id, err := s.podIDIndex.Get(*filter.Id)
if filter.Id != "" {
id, err := s.podIDIndex.Get(filter.Id)
if err != nil {
return nil, err
}
@ -71,9 +71,9 @@ func (s *Server) ListPodSandbox(ctx context.Context, req *pb.ListPodSandboxReque
}
pod := &pb.PodSandbox{
Id: &sb.id,
CreatedAt: int64Ptr(created),
State: &rStatus,
Id: sb.id,
CreatedAt: int64(created),
State: rStatus,
Labels: sb.labels,
Annotations: sb.annotations,
Metadata: sb.metadata,

4
server/sandbox_remove.go
View file

@ -16,14 +16,14 @@ import (
func (s *Server) RemovePodSandbox(ctx context.Context, req *pb.RemovePodSandboxRequest) (*pb.RemovePodSandboxResponse, error) {
logrus.Debugf("RemovePodSandboxRequest %+v", req)
s.Update()
sb, err := s.getPodSandboxFromRequest(req)
sb, err := s.getPodSandboxFromRequest(req.PodSandboxId)
if err != nil {
if err == errSandboxIDEmpty {
return nil, err
}
resp := &pb.RemovePodSandboxResponse{}
logrus.Warnf("could not get sandbox %s, it's probably been removed already: %v", req.GetPodSandboxId(), err)
logrus.Warnf("could not get sandbox %s, it's probably been removed already: %v", req.PodSandboxId, err)
return resp, nil
}

63
server/sandbox_run.go
View file

@ -42,13 +42,13 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
logrus.Debugf("RunPodSandboxRequest %+v", req)
var processLabel, mountLabel, netNsPath string
// process req.Name
name := req.GetConfig().GetMetadata().GetName()
name := req.GetConfig().GetMetadata().Name
if name == "" {
return nil, fmt.Errorf("PodSandboxConfig.Name should not be empty")
}
namespace := req.GetConfig().GetMetadata().GetNamespace()
attempt := req.GetConfig().GetMetadata().GetAttempt()
namespace := req.GetConfig().GetMetadata().Namespace
attempt := req.GetConfig().GetMetadata().Attempt
id, name, err := s.generatePodIDandName(name, namespace, attempt)
if err != nil {
@ -81,8 +81,8 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
name, id,
s.config.PauseImage, "",
containerName,
req.GetConfig().GetMetadata().GetName(),
req.GetConfig().GetMetadata().GetUid(),
req.GetConfig().GetMetadata().Name,
req.GetConfig().GetMetadata().Uid,
namespace,
attempt,
nil)
@ -118,34 +118,35 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
}
// set hostname
hostname := req.GetConfig().GetHostname()
hostname := req.GetConfig().Hostname
if hostname != "" {
g.SetHostname(hostname)
}
// set log directory
logDir := req.GetConfig().GetLogDirectory()
logDir := req.GetConfig().LogDirectory
if logDir == "" {
logDir = filepath.Join(s.config.LogDir, id)
}
// set DNS options
dnsServers := req.GetConfig().GetDnsConfig().GetServers()
dnsSearches := req.GetConfig().GetDnsConfig().GetSearches()
dnsOptions := req.GetConfig().GetDnsConfig().GetOptions()
resolvPath := fmt.Sprintf("%s/resolv.conf", podContainer.RunDir)
err = parseDNSOptions(dnsServers, dnsSearches, dnsOptions, resolvPath)
if err != nil {
err1 := removeFile(resolvPath)
if err1 != nil {
err = err1
return nil, fmt.Errorf("%v; failed to remove %s: %v", err, resolvPath, err1)
if req.GetConfig().GetDnsConfig() != nil {
dnsServers := req.GetConfig().GetDnsConfig().Servers
dnsSearches := req.GetConfig().GetDnsConfig().Searches
dnsOptions := req.GetConfig().GetDnsConfig().Options
resolvPath := fmt.Sprintf("%s/resolv.conf", podContainer.RunDir)
err = parseDNSOptions(dnsServers, dnsSearches, dnsOptions, resolvPath)
if err != nil {
err1 := removeFile(resolvPath)
if err1 != nil {
err = err1
return nil, fmt.Errorf("%v; failed to remove %s: %v", err, resolvPath, err1)
}
return nil, err
}
return nil, err
g.AddBindMount(resolvPath, "/etc/resolv.conf", []string{"ro"})
}
g.AddBindMount(resolvPath, "/etc/resolv.conf", []string{"ro"})
// add metadata
metadata := req.GetConfig().GetMetadata()
metadataJSON, err := json.Marshal(metadata)
@ -168,7 +169,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
}
// Don't use SELinux separation with Host Pid or IPC Namespace,
if !req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostPid() && !req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostIpc() {
if !req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostPid && !req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostIpc {
processLabel, mountLabel, err = getSELinuxLabels(nil)
if err != nil {
return nil, err
@ -178,7 +179,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
// create shm mount for the pod containers.
var shmPath string
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostIpc() {
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostIpc {
shmPath = "/dev/shm"
} else {
shmPath, err = setupShm(podContainer.RunDir, mountLabel)
@ -260,7 +261,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
}
// setup cgroup settings
cgroupParent := req.GetConfig().GetLinux().GetCgroupParent()
cgroupParent := req.GetConfig().GetLinux().CgroupParent
if cgroupParent != "" {
if s.config.CgroupManager == "systemd" {
cgPath := sb.cgroupParent + ":" + "ocid" + ":" + id
@ -273,7 +274,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
sb.cgroupParent = cgroupParent
}
hostNetwork := req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostNetwork()
hostNetwork := req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostNetwork
// set up namespaces
if hostNetwork {
@ -311,14 +312,14 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
netNsPath = sb.netNsPath()
}
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostPid() {
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostPid {
err = g.RemoveLinuxNamespace("pid")
if err != nil {
return nil, err
}
}
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostIpc() {
if req.GetConfig().GetLinux().GetSecurityContext().GetNamespaceOptions().HostIpc {
err = g.RemoveLinuxNamespace("ipc")
if err != nil {
return nil, err
@ -358,7 +359,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
return nil, err
}
resp = &pb.RunPodSandboxResponse{PodSandboxId: &id}
resp = &pb.RunPodSandboxResponse{PodSandboxId: id}
logrus.Debugf("RunPodSandboxResponse: %+v", resp)
return resp, nil
}
@ -379,22 +380,22 @@ func (s *Server) setPodSandboxMountLabel(id, mountLabel string) error {
func getSELinuxLabels(selinuxOptions *pb.SELinuxOption) (processLabel string, mountLabel string, err error) {
processLabel = ""
if selinuxOptions != nil {
user := selinuxOptions.GetUser()
user := selinuxOptions.User
if user == "" {
return "", "", fmt.Errorf("SELinuxOption.User is empty")
}
role := selinuxOptions.GetRole()
role := selinuxOptions.Role
if role == "" {
return "", "", fmt.Errorf("SELinuxOption.Role is empty")
}
t := selinuxOptions.GetType()
t := selinuxOptions.Type
if t == "" {
return "", "", fmt.Errorf("SELinuxOption.Type is empty")
}
level := selinuxOptions.GetLevel()
level := selinuxOptions.Level
if level == "" {
return "", "", fmt.Errorf("SELinuxOption.Level is empty")
}

12
server/sandbox_status.go
View file

@ -11,7 +11,7 @@ import (
func (s *Server) PodSandboxStatus(ctx context.Context, req *pb.PodSandboxStatusRequest) (*pb.PodSandboxStatusResponse, error) {
logrus.Debugf("PodSandboxStatusRequest %+v", req)
s.Update()
sb, err := s.getPodSandboxFromRequest(req)
sb, err := s.getPodSandboxFromRequest(req.PodSandboxId)
if err != nil {
return nil, err
}
@ -43,15 +43,15 @@ func (s *Server) PodSandboxStatus(ctx context.Context, req *pb.PodSandboxStatusR
sandboxID := sb.id
resp := &pb.PodSandboxStatusResponse{
Status: &pb.PodSandboxStatus{
Id: &sandboxID,
CreatedAt: int64Ptr(created),
Id: sandboxID,
CreatedAt: int64(created),
Linux: &pb.LinuxPodSandboxStatus{
Namespaces: &pb.Namespace{
Network: sPtr(netNsPath),
Network: netNsPath,
},
},
Network: &pb.PodSandboxNetworkStatus{Ip: &ip},
State: &rStatus,
Network: &pb.PodSandboxNetworkStatus{Ip: ip},
State: rStatus,
Labels: sb.labels,
Annotations: sb.annotations,
Metadata: sb.metadata,

2
server/sandbox_stop.go
View file

@ -15,7 +15,7 @@ import (
func (s *Server) StopPodSandbox(ctx context.Context, req *pb.StopPodSandboxRequest) (*pb.StopPodSandboxResponse, error) {
logrus.Debugf("StopPodSandboxRequest %+v", req)
s.Update()
sb, err := s.getPodSandboxFromRequest(req)
sb, err := s.getPodSandboxFromRequest(req.PodSandboxId)
if err != nil {
return nil, err
}

2
server/server.go
View file

@ -97,7 +97,7 @@ func (s *Server) loadContainer(id string) error {
image, ok := m.Annotations["ocid/image"]
if ok {
img = &pb.ImageSpec{
Image: &image,
Image: image,
}
}

12
server/utils.go
View file

@ -13,18 +13,6 @@ const (
maxDNSSearches = 6
)
func int64Ptr(i int64) *int64 {
return &i
}
func int32Ptr(i int32) *int32 {
return &i
}
func sPtr(s string) *string {
return &s
}
func copyFile(src, dest string) error {
in, err := os.Open(src)
if err != nil {

8
server/version.go
View file

@ -21,9 +21,9 @@ func (s *Server) Version(ctx context.Context, req *pb.VersionRequest) (*pb.Versi
runtimeName := s.runtime.Name()
return &pb.VersionResponse{
Version: &version,
RuntimeName: &runtimeName,
RuntimeVersion: &runtimeVersion,
RuntimeApiVersion: &rav,
Version: version,
RuntimeName: runtimeName,
RuntimeVersion: runtimeVersion,
RuntimeApiVersion: rav,
}, nil
}