Add volumes to container object at container create time
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
This commit is contained in:
Mrunal Patel
Mrunal Patel
parent
5ab6ec3046
commit
fa317b41fd
2 changed files with 37 additions and 7 deletions
|
|
@ -355,6 +355,18 @@ func (c *ContainerServer) LoadSandbox(id string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
if m.Annotations[annotations.Volumes] != "" {
|
||||
containerVolumes := []oci.ContainerVolume{}
|
||||
if err = json.Unmarshal([]byte(m.Annotations[annotations.Volumes]), &containerVolumes); err != nil {
|
||||
return fmt.Errorf("failed to unmarshal container volumes: %v", err)
|
||||
}
|
||||
if containerVolumes != nil {
|
||||
for _, cv := range containerVolumes {
|
||||
scontainer.AddVolume(cv)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
c.ContainerStateFromDisk(scontainer)
|
||||
|
||||
if err = label.ReserveLabel(processLabel); err != nil {
|
||||
|
|
|
|||
|
|
@ -40,22 +40,23 @@ const (
|
|||
seccompLocalhostPrefix = "localhost/"
|
||||
)
|
||||
|
||||
func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) error {
|
||||
func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) ([]oci.ContainerVolume, error) {
|
||||
volumes := []oci.ContainerVolume{}
|
||||
mounts := containerConfig.GetMounts()
|
||||
for _, mount := range mounts {
|
||||
dest := mount.ContainerPath
|
||||
if dest == "" {
|
||||
return fmt.Errorf("Mount.ContainerPath is empty")
|
||||
return nil, fmt.Errorf("Mount.ContainerPath is empty")
|
||||
}
|
||||
|
||||
src := mount.HostPath
|
||||
if src == "" {
|
||||
return fmt.Errorf("Mount.HostPath is empty")
|
||||
return nil, fmt.Errorf("Mount.HostPath is empty")
|
||||
}
|
||||
|
||||
if _, err := os.Stat(src); err != nil && os.IsNotExist(err) {
|
||||
if err1 := os.MkdirAll(src, 0644); err1 != nil {
|
||||
return fmt.Errorf("Failed to mkdir %s: %s", src, err)
|
||||
return nil, fmt.Errorf("Failed to mkdir %s: %s", src, err)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -68,14 +69,20 @@ func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig,
|
|||
if mount.SelinuxRelabel {
|
||||
// Need a way in kubernetes to determine if the volume is shared or private
|
||||
if err := label.Relabel(src, sb.MountLabel(), true); err != nil && err != unix.ENOTSUP {
|
||||
return fmt.Errorf("relabel failed %s: %v", src, err)
|
||||
return nil, fmt.Errorf("relabel failed %s: %v", src, err)
|
||||
}
|
||||
}
|
||||
|
||||
volumes = append(volumes, oci.ContainerVolume{
|
||||
ContainerPath: dest,
|
||||
HostPath: src,
|
||||
Readonly: mount.Readonly,
|
||||
})
|
||||
|
||||
specgen.AddBindMount(src, dest, options)
|
||||
}
|
||||
|
||||
return nil
|
||||
return volumes, nil
|
||||
}
|
||||
|
||||
func addImageVolumes(rootfs string, s *Server, containerInfo *storage.ContainerInfo, specgen *generate.Generator, mountLabel string) error {
|
||||
|
|
@ -361,10 +368,17 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
|
|||
specgen.HostSpecific = true
|
||||
specgen.ClearProcessRlimits()
|
||||
|
||||
if err := addOCIBindMounts(sb, containerConfig, &specgen); err != nil {
|
||||
containerVolumes, err := addOCIBindMounts(sb, containerConfig, &specgen)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
volumesJSON, err := json.Marshal(containerVolumes)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
specgen.AddAnnotation(annotations.Volumes, string(volumesJSON))
|
||||
|
||||
// Add cgroup mount so container process can introspect its own limits
|
||||
specgen.AddCgroupsMount("ro")
|
||||
|
||||
|
|
@ -768,6 +782,10 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
|
|||
return nil, err
|
||||
}
|
||||
|
||||
for _, cv := range containerVolumes {
|
||||
container.AddVolume(cv)
|
||||
}
|
||||
|
||||
return container, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue