Merge pull request #660 from mrunalp/volumes_bind
Add ImagesVolumesBind option
This commit is contained in:
commit
f16113a627
4 changed files with 73 additions and 20 deletions
|
@ -26,6 +26,7 @@ func validateConfig(config *server.Config) error {
|
||||||
switch config.ImageVolumes {
|
switch config.ImageVolumes {
|
||||||
case server.ImageVolumesMkdir:
|
case server.ImageVolumesMkdir:
|
||||||
case server.ImageVolumesIgnore:
|
case server.ImageVolumesIgnore:
|
||||||
|
case server.ImageVolumesBind:
|
||||||
default:
|
default:
|
||||||
return fmt.Errorf("Unrecognized image volume type specified")
|
return fmt.Errorf("Unrecognized image volume type specified")
|
||||||
|
|
||||||
|
|
|
@ -41,6 +41,8 @@ const (
|
||||||
ImageVolumesMkdir ImageVolumesType = "mkdir"
|
ImageVolumesMkdir ImageVolumesType = "mkdir"
|
||||||
// ImageVolumesIgnore option is for ignoring image volumes altogether
|
// ImageVolumesIgnore option is for ignoring image volumes altogether
|
||||||
ImageVolumesIgnore ImageVolumesType = "ignore"
|
ImageVolumesIgnore ImageVolumesType = "ignore"
|
||||||
|
// ImageVolumesBind option is for using bind mounted volumes
|
||||||
|
ImageVolumesBind ImageVolumesType = "bind"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -12,9 +12,11 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/Sirupsen/logrus"
|
"github.com/Sirupsen/logrus"
|
||||||
|
"github.com/docker/docker/pkg/stringid"
|
||||||
"github.com/docker/docker/pkg/symlink"
|
"github.com/docker/docker/pkg/symlink"
|
||||||
"github.com/kubernetes-incubator/cri-o/oci"
|
"github.com/kubernetes-incubator/cri-o/oci"
|
||||||
"github.com/kubernetes-incubator/cri-o/pkg/annotations"
|
"github.com/kubernetes-incubator/cri-o/pkg/annotations"
|
||||||
|
"github.com/kubernetes-incubator/cri-o/pkg/storage"
|
||||||
"github.com/kubernetes-incubator/cri-o/server/apparmor"
|
"github.com/kubernetes-incubator/cri-o/server/apparmor"
|
||||||
"github.com/kubernetes-incubator/cri-o/server/seccomp"
|
"github.com/kubernetes-incubator/cri-o/server/seccomp"
|
||||||
"github.com/opencontainers/image-spec/specs-go/v1"
|
"github.com/opencontainers/image-spec/specs-go/v1"
|
||||||
|
@ -72,6 +74,41 @@ func addOCIBindMounts(sb *sandbox, containerConfig *pb.ContainerConfig, specgen
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func addImageVolumes(rootfs string, s *Server, containerInfo *storage.ContainerInfo, specgen *generate.Generator, mountLabel string) error {
|
||||||
|
for dest := range containerInfo.Config.Config.Volumes {
|
||||||
|
fp, err := symlink.FollowSymlinkInScope(filepath.Join(rootfs, dest), rootfs)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
switch s.config.ImageVolumes {
|
||||||
|
case ImageVolumesMkdir:
|
||||||
|
if err1 := os.MkdirAll(fp, 0644); err1 != nil {
|
||||||
|
return err1
|
||||||
|
}
|
||||||
|
case ImageVolumesBind:
|
||||||
|
volumeDirName := stringid.GenerateNonCryptoID()
|
||||||
|
src := filepath.Join(containerInfo.RunDir, "mounts", volumeDirName)
|
||||||
|
if err1 := os.MkdirAll(src, 0644); err1 != nil {
|
||||||
|
return err1
|
||||||
|
}
|
||||||
|
// Label the source with the sandbox selinux mount label
|
||||||
|
if mountLabel != "" {
|
||||||
|
if err1 := label.Relabel(src, mountLabel, true); err1 != nil && err1 != unix.ENOTSUP {
|
||||||
|
return fmt.Errorf("relabel failed %s: %v", src, err1)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
logrus.Debugf("Adding bind mounted volume: %s to %s", src, dest)
|
||||||
|
specgen.AddBindMount(src, dest, []string{"rw"})
|
||||||
|
case ImageVolumesIgnore:
|
||||||
|
logrus.Debugf("Ignoring volume %v", dest)
|
||||||
|
default:
|
||||||
|
logrus.Fatalf("Unrecognized image volumes setting")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func addDevices(sb *sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) error {
|
func addDevices(sb *sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) error {
|
||||||
sp := specgen.Spec()
|
sp := specgen.Spec()
|
||||||
for _, device := range containerConfig.GetDevices() {
|
for _, device := range containerConfig.GetDevices() {
|
||||||
|
@ -601,27 +638,10 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
|
||||||
specgen.AddAnnotation("org.opencontainers.image.stopSignal", containerImageConfig.Config.StopSignal)
|
specgen.AddAnnotation("org.opencontainers.image.stopSignal", containerImageConfig.Config.StopSignal)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: volume handling in CRI-O
|
// Add image volumes
|
||||||
// right now, we do just an mkdir in the container rootfs because we
|
if err := addImageVolumes(mountPoint, s, &containerInfo, &specgen, sb.mountLabel); err != nil {
|
||||||
// know kube manages volumes its own way and we don't need to behave
|
|
||||||
// like docker.
|
|
||||||
// For instance gcr.io/k8s-testimages/redis:e2e now work with CRI-O
|
|
||||||
for dest := range containerImageConfig.Config.Volumes {
|
|
||||||
fp, err := symlink.FollowSymlinkInScope(filepath.Join(mountPoint, dest), mountPoint)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
switch s.config.ImageVolumes {
|
|
||||||
case ImageVolumesMkdir:
|
|
||||||
if err1 := os.MkdirAll(fp, 0644); err1 != nil {
|
|
||||||
return nil, err1
|
|
||||||
}
|
|
||||||
case ImageVolumesIgnore:
|
|
||||||
logrus.Debugf("Ignoring volume %v", dest)
|
|
||||||
default:
|
|
||||||
logrus.Fatalf("Unrecognized image volumes setting")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
processArgs, err := buildOCIProcessArgs(containerConfig, containerImageConfig)
|
processArgs, err := buildOCIProcessArgs(containerConfig, containerImageConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -36,3 +36,33 @@ function teardown() {
|
||||||
cleanup_pods
|
cleanup_pods
|
||||||
stop_crio
|
stop_crio
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@test "image volume bind" {
|
||||||
|
IMAGE_VOLUMES=bind start_crio
|
||||||
|
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
pod_id="$output"
|
||||||
|
image_volume_config=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "mrunalp/image-volume-test"; obj["command"] = ["/bin/sleep", "600"]; json.dump(obj, sys.stdout)')
|
||||||
|
echo "$image_volume_config" > "$TESTDIR"/container_image_volume.json
|
||||||
|
run crioctl ctr create --config "$TESTDIR"/container_image_volume.json --pod "$pod_id"
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
ctr_id="$output"
|
||||||
|
run crioctl ctr start --id "$ctr_id"
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
run crioctl ctr execsync --id "$ctr_id" touch /imagevolume/test_file
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
[[ "$output" =~ "Exit code: 0" ]]
|
||||||
|
run crioctl pod stop --id "$pod_id"
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
run crioctl pod remove --id "$pod_id"
|
||||||
|
echo "$output"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
cleanup_ctrs
|
||||||
|
cleanup_pods
|
||||||
|
stop_crio
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue