Move systemd code into pkg

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)

cgroups/apply_nosystemd.go

@@ -1,15 +0,0 @@
-// +build !linux
-
-package cgroups
-
-import (
-	"fmt"
-)
-
-func useSystemd() bool {
-	return false
-}
-
-func systemdApply(c *Cgroup, pid int) (ActiveCgroup, error) {
-	return nil, fmt.Errorf("Systemd not supported")
-}

cgroups/cgroups.go

@@ -24,16 +24,3 @@ type Cgroup struct {
 type ActiveCgroup interface {
 	Cleanup() error
 }
-
-func Apply(c *Cgroup, pid int) (ActiveCgroup, error) {
-	// We have two implementation of cgroups support, one is based on
-	// systemd and the dbus api, and one is based on raw cgroup fs operations
-	// following the pre-single-writer model docs at:
-	// http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups/
-
-	if useSystemd() {
-		return systemdApply(c, pid)
-	} else {
-		return rawApply(c, pid)
-	}
-}

cgroups/systemd/apply_nosystemd.go

@@ -0,0 +1,16 @@
+// +build !linux
+
+package systemd
+
+import (
+	"fmt"
+	"github.com/dotcloud/docker/pkg/cgroups"
+)
+
+func UseSystemd() bool {
+	return false
+}
+
+func systemdApply(c *Cgroup, pid int) (cgroups.ActiveCgroup, error) {
+	return nil, fmt.Errorf("Systemd not supported")
+}

cgroups/systemd/apply_systemd.go

@@ -1,27 +1,35 @@
 // +build linux
 
-package cgroups
+package systemd
 
 import (
 	"fmt"
-	systemd1 "github.com/coreos/go-systemd/dbus"
+	"io/ioutil"
-	"github.com/dotcloud/docker/pkg/systemd"
-	"github.com/godbus/dbus"
 	"path/filepath"
 	"strings"
 	"sync"
+
+	systemd1 "github.com/coreos/go-systemd/dbus"
+	"github.com/dotcloud/docker/pkg/cgroups"
+	"github.com/dotcloud/docker/pkg/systemd"
+	"github.com/godbus/dbus"
 )
 
 type systemdCgroup struct {
 }
 
+type DeviceAllow struct {
+	Node        string
+	Permissions string
+}
+
 var (
 	connLock              sync.Mutex
 	theConn               *systemd1.Conn
 	hasStartTransientUnit bool
 )
 
-func useSystemd() bool {
+func UseSystemd() bool {
 	if !systemd.SdBooted() {
 		return false
 	}
@@ -48,15 +56,9 @@ func useSystemd() bool {
 			}
 		}
 	}
-
 	return hasStartTransientUnit
 }
 
-type DeviceAllow struct {
-	Node        string
-	Permissions string
-}
-
 func getIfaceForUnit(unitName string) string {
 	if strings.HasSuffix(unitName, ".scope") {
 		return "Scope"
@@ -67,11 +69,12 @@ func getIfaceForUnit(unitName string) string {
 	return "Unit"
 }
 
-func systemdApply(c *Cgroup, pid int) (ActiveCgroup, error) {
+func Apply(c *cgroups.Cgroup, pid int) (cgroups.ActiveCgroup, error) {
-	unitName := c.Parent + "-" + c.Name + ".scope"
+	var (
-	slice := "system.slice"
+		unitName   = c.Parent + "-" + c.Name + ".scope"
-
+		slice      = "system.slice"
-	var properties []systemd1.Property
+		properties []systemd1.Property
+	)
 
 	for _, v := range c.UnitProperties {
 		switch v[0] {
@@ -85,7 +88,8 @@ func systemdApply(c *Cgroup, pid int) (ActiveCgroup, error) {
 	properties = append(properties,
 		systemd1.Property{"Slice", dbus.MakeVariant(slice)},
 		systemd1.Property{"Description", dbus.MakeVariant("docker container " + c.Name)},
-		systemd1.Property{"PIDs", dbus.MakeVariant([]uint32{uint32(pid)})})
+		systemd1.Property{"PIDs", dbus.MakeVariant([]uint32{uint32(pid)})},
+	)
 
 	if !c.DeviceAccess {
 		properties = append(properties,
@@ -138,7 +142,7 @@ func systemdApply(c *Cgroup, pid int) (ActiveCgroup, error) {
 	cgroup := props["ControlGroup"].(string)
 
 	if !c.DeviceAccess {
-		mountpoint, err := FindCgroupMountpoint("devices")
+		mountpoint, err := cgroups.FindCgroupMountpoint("devices")
 		if err != nil {
 			return nil, err
 		}
@@ -146,15 +150,14 @@ func systemdApply(c *Cgroup, pid int) (ActiveCgroup, error) {
 		path := filepath.Join(mountpoint, cgroup)
 
 		// /dev/pts/*
-		if err := writeFile(path, "devices.allow", "c 136:* rwm"); err != nil {
+		if err := ioutil.WriteFile(filepath.Join(path, "devices.allow"), []byte("c 136:* rwm"), 0700); err != nil {
 			return nil, err
 		}
 		// tuntap
-		if err := writeFile(path, "devices.allow", "c 10:200 rwm"); err != nil {
+		if err := ioutil.WriteFile(filepath.Join(path, "devices.allow"), []byte("c 10:200 rwm"), 0700); err != nil {
 			return nil, err
 		}
 	}
-
 	return &systemdCgroup{}, nil
 }
 

libcontainer/nsinit/exec.go

@@ -8,6 +8,7 @@ import (
 	"syscall"
 
 	"github.com/dotcloud/docker/pkg/cgroups"
+	"github.com/dotcloud/docker/pkg/cgroups/systemd"
 	"github.com/dotcloud/docker/pkg/libcontainer"
 	"github.com/dotcloud/docker/pkg/libcontainer/network"
 	"github.com/dotcloud/docker/pkg/system"
@@ -99,7 +100,11 @@ func (ns *linuxNs) Exec(container *libcontainer.Container, term Terminal, args [
 
 func (ns *linuxNs) SetupCgroups(container *libcontainer.Container, nspid int) (cgroups.ActiveCgroup, error) {
 	if container.Cgroups != nil {
-		return cgroups.Apply(container.Cgroups, nspid)
+		c := container.Cgroups
+		if systemd.UseSystemd() {
+			return systemd.Apply(c, nspid)
+		}
+		return rawApply(c, nspid)
 	}
 	return nil, nil
 }