Use nsinit for setting up namespace
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This commit is contained in:
parent
c2777d4611
commit
593219d191
4 changed files with 17 additions and 2 deletions
|
@ -32,6 +32,7 @@ func init() {
|
||||||
func nsinitFunc(container *libcontainer.Container) error {
|
func nsinitFunc(container *libcontainer.Container) error {
|
||||||
container.Master = uintptr(masterFd)
|
container.Master = uintptr(masterFd)
|
||||||
container.Console = console
|
container.Console = console
|
||||||
|
container.LogFile = "/root/logs"
|
||||||
|
|
||||||
return nsinit.InitNamespace(container)
|
return nsinit.InitNamespace(container)
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,6 +13,7 @@ type Container struct {
|
||||||
Capabilities Capabilities `json:"capabilities,omitempty"`
|
Capabilities Capabilities `json:"capabilities,omitempty"`
|
||||||
Master uintptr `json:"master"`
|
Master uintptr `json:"master"`
|
||||||
Console string `json:"console"`
|
Console string `json:"console"`
|
||||||
|
LogFile string `json:"log_file"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Command struct {
|
type Command struct {
|
||||||
|
|
|
@ -44,9 +44,10 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
|
||||||
// we need CLONE_VFORK so we can wait on the child
|
// we need CLONE_VFORK so we can wait on the child
|
||||||
flag := uintptr(getNamespaceFlags(container.Namespaces) | CLONE_VFORK)
|
flag := uintptr(getNamespaceFlags(container.Namespaces) | CLONE_VFORK)
|
||||||
|
|
||||||
command := exec.Command(nsinit, "init", "-master", strconv.Itoa(int(master.Fd())), "-console", console)
|
command := exec.Command(nsinit, "-master", strconv.Itoa(int(master.Fd())), "-console", console, "init")
|
||||||
command.SysProcAttr = &syscall.SysProcAttr{}
|
command.SysProcAttr = &syscall.SysProcAttr{}
|
||||||
command.SysProcAttr.Cloneflags = flag
|
command.SysProcAttr.Cloneflags = flag
|
||||||
|
command.ExtraFiles = []*os.File{master}
|
||||||
// command.SysProcAttr.Setctty = true
|
// command.SysProcAttr.Setctty = true
|
||||||
|
|
||||||
if err := command.Start(); err != nil {
|
if err := command.Start(); err != nil {
|
||||||
|
@ -64,7 +65,6 @@ func ExecContainer(container *libcontainer.Container) (pid int, err error) {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
command.Wait()
|
|
||||||
return pid, nil
|
return pid, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,10 @@ import (
|
||||||
// InitNamespace should be run inside an existing namespace to setup
|
// InitNamespace should be run inside an existing namespace to setup
|
||||||
// common mounts, drop capabilities, and setup network interfaces
|
// common mounts, drop capabilities, and setup network interfaces
|
||||||
func InitNamespace(container *libcontainer.Container) error {
|
func InitNamespace(container *libcontainer.Container) error {
|
||||||
|
if err := setLogFile(container); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
rootfs, err := resolveRootfs(container)
|
rootfs, err := resolveRootfs(container)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -138,3 +142,12 @@ func openTerminal(name string, flag int) (*os.File, error) {
|
||||||
}
|
}
|
||||||
return os.NewFile(uintptr(r), name), nil
|
return os.NewFile(uintptr(r), name), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func setLogFile(container *libcontainer.Container) error {
|
||||||
|
f, err := os.OpenFile(container.LogFile, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0655)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
log.SetOutput(f)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue