server: standardize on naming
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
parent
774c47d00c
commit
6035cff9e4
5 changed files with 93 additions and 40 deletions
|
@ -13,7 +13,6 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/docker/docker/pkg/stringid"
|
||||
"github.com/docker/docker/pkg/symlink"
|
||||
"github.com/kubernetes-incubator/cri-o/oci"
|
||||
"github.com/kubernetes-incubator/cri-o/pkg/annotations"
|
||||
|
@ -258,8 +257,7 @@ func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerReq
|
|||
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig.Name is empty")
|
||||
}
|
||||
|
||||
attempt := containerConfig.GetMetadata().Attempt
|
||||
containerID, containerName, err := s.generateContainerIDandName(sb.name, name, attempt)
|
||||
containerID, containerName, err := s.generateContainerIDandName(sb.metadata, containerConfig)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -720,21 +718,6 @@ func (s *Server) setupSeccomp(specgen *generate.Generator, cname string, sbAnnot
|
|||
return nil
|
||||
}
|
||||
|
||||
func (s *Server) generateContainerIDandName(podName string, name string, attempt uint32) (string, string, error) {
|
||||
var (
|
||||
err error
|
||||
id = stringid.GenerateNonCryptoID()
|
||||
)
|
||||
nameStr := fmt.Sprintf("%s-%s-%v", podName, name, attempt)
|
||||
if name == "infra" {
|
||||
nameStr = fmt.Sprintf("%s-%s", podName, name)
|
||||
}
|
||||
if name, err = s.reserveContainerName(id, nameStr); err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return id, name, err
|
||||
}
|
||||
|
||||
// getAppArmorProfileName gets the profile name for the given container.
|
||||
func (s *Server) getAppArmorProfileName(annotations map[string]string, ctrName string) string {
|
||||
profile := apparmor.GetProfileNameFromPodAnnotations(annotations, ctrName)
|
||||
|
|
86
server/naming.go
Normal file
86
server/naming.go
Normal file
|
@ -0,0 +1,86 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/docker/pkg/stringid"
|
||||
pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
|
||||
)
|
||||
|
||||
const (
|
||||
kubePrefix = "k8s"
|
||||
infraName = "infra"
|
||||
nameDelimiter = "_"
|
||||
)
|
||||
|
||||
func makeSandboxName(sandboxConfig *pb.PodSandboxConfig) string {
|
||||
return strings.Join([]string{
|
||||
kubePrefix,
|
||||
sandboxConfig.Metadata.Name,
|
||||
sandboxConfig.Metadata.Namespace,
|
||||
sandboxConfig.Metadata.Uid,
|
||||
fmt.Sprintf("%d", sandboxConfig.Metadata.Attempt),
|
||||
}, nameDelimiter)
|
||||
}
|
||||
|
||||
func makeSandboxContainerName(sandboxConfig *pb.PodSandboxConfig) string {
|
||||
return strings.Join([]string{
|
||||
kubePrefix,
|
||||
infraName,
|
||||
sandboxConfig.Metadata.Name,
|
||||
sandboxConfig.Metadata.Namespace,
|
||||
sandboxConfig.Metadata.Uid,
|
||||
fmt.Sprintf("%d", sandboxConfig.Metadata.Attempt),
|
||||
}, nameDelimiter)
|
||||
}
|
||||
|
||||
func makeContainerName(sandboxMetadata *pb.PodSandboxMetadata, containerConfig *pb.ContainerConfig) string {
|
||||
return strings.Join([]string{
|
||||
kubePrefix,
|
||||
containerConfig.Metadata.Name,
|
||||
sandboxMetadata.Name,
|
||||
sandboxMetadata.Namespace,
|
||||
sandboxMetadata.Uid,
|
||||
fmt.Sprintf("%d", containerConfig.Metadata.Attempt),
|
||||
}, nameDelimiter)
|
||||
}
|
||||
|
||||
func (s *Server) generatePodIDandName(sandboxConfig *pb.PodSandboxConfig) (string, string, error) {
|
||||
var (
|
||||
err error
|
||||
id = stringid.GenerateNonCryptoID()
|
||||
)
|
||||
if sandboxConfig.Metadata.Namespace == "" {
|
||||
return "", "", fmt.Errorf("cannot generate pod ID without namespace")
|
||||
}
|
||||
name, err := s.reservePodName(id, makeSandboxName(sandboxConfig))
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return id, name, err
|
||||
}
|
||||
|
||||
func (s *Server) generateContainerIDandNameForSandbox(sandboxConfig *pb.PodSandboxConfig) (string, string, error) {
|
||||
var (
|
||||
err error
|
||||
id = stringid.GenerateNonCryptoID()
|
||||
)
|
||||
name, err := s.reserveContainerName(id, makeSandboxContainerName(sandboxConfig))
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return id, name, err
|
||||
}
|
||||
|
||||
func (s *Server) generateContainerIDandName(sandboxMetadata *pb.PodSandboxMetadata, containerConfig *pb.ContainerConfig) (string, string, error) {
|
||||
var (
|
||||
err error
|
||||
id = stringid.GenerateNonCryptoID()
|
||||
)
|
||||
name, err := s.reserveContainerName(id, makeContainerName(sandboxMetadata, containerConfig))
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return id, name, err
|
||||
}
|
|
@ -11,7 +11,6 @@ import (
|
|||
"github.com/Sirupsen/logrus"
|
||||
"github.com/containernetworking/cni/pkg/ns"
|
||||
"github.com/docker/docker/pkg/mount"
|
||||
"github.com/docker/docker/pkg/stringid"
|
||||
"github.com/docker/docker/pkg/symlink"
|
||||
"github.com/kubernetes-incubator/cri-o/oci"
|
||||
"golang.org/x/sys/unix"
|
||||
|
@ -264,21 +263,6 @@ func (s *sandbox) netNsRemove() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (s *Server) generatePodIDandName(name string, namespace string, attempt uint32) (string, string, error) {
|
||||
var (
|
||||
err error
|
||||
id = stringid.GenerateNonCryptoID()
|
||||
)
|
||||
if namespace == "" {
|
||||
return "", "", fmt.Errorf("cannot generate pod ID without namespace")
|
||||
}
|
||||
|
||||
if name, err = s.reservePodName(id, fmt.Sprintf("%s-%s-%v", namespace, name, attempt)); err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return id, name, err
|
||||
}
|
||||
|
||||
func (s *Server) getPodSandboxFromRequest(podSandboxID string) (*sandbox, error) {
|
||||
if podSandboxID == "" {
|
||||
return nil, errSandboxIDEmpty
|
||||
|
|
|
@ -101,7 +101,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
|
|||
namespace := req.GetConfig().GetMetadata().Namespace
|
||||
attempt := req.GetConfig().GetMetadata().Attempt
|
||||
|
||||
id, name, err := s.generatePodIDandName(kubeName, namespace, attempt)
|
||||
id, name, err := s.generatePodIDandName(req.GetConfig())
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "already reserved for pod") {
|
||||
matches := conflictRE.FindStringSubmatch(err.Error())
|
||||
|
@ -115,7 +115,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
|
|||
if _, err := s.RemovePodSandbox(ctx, &pb.RemovePodSandboxRequest{PodSandboxId: dupID}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
id, name, err = s.generatePodIDandName(kubeName, namespace, attempt)
|
||||
id, name, err = s.generatePodIDandName(req.GetConfig())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -130,7 +130,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
|
|||
}
|
||||
}()
|
||||
|
||||
_, containerName, err := s.generateContainerIDandName(name, "infra", attempt)
|
||||
_, containerName, err := s.generateContainerIDandNameForSandbox(req.GetConfig())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@ function teardown() {
|
|||
|
||||
start_crio "$TESTDIR"/seccomp_profile1.json
|
||||
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp1-1-testname-0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/k8s_testname_seccomp_1_redhat\.test\.crio_redhat-test-crio_0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
|
||||
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
|
||||
echo "$output"
|
||||
[ "$status" -eq 0 ]
|
||||
|
@ -57,7 +57,7 @@ function teardown() {
|
|||
|
||||
start_crio "$TESTDIR"/seccomp_profile1.json
|
||||
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp2-1-testname2-0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/k8s_testname2_seccomp2_redhat\.test\.crio_redhat-test-crio_0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
|
||||
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
|
||||
echo "$output"
|
||||
[ "$status" -eq 0 ]
|
||||
|
@ -94,7 +94,7 @@ function teardown() {
|
|||
|
||||
start_crio "$TESTDIR"/seccomp_profile1.json
|
||||
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp3-1-testname3-1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
|
||||
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/k8s_testname3_seccomp3_redhat\.test\.crio_redhat-test-crio_1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
|
||||
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
|
||||
echo "$output"
|
||||
[ "$status" -eq 0 ]
|
||||
|
|
Loading…
Reference in a new issue