diff options
| author | Matthew Heon <mheon@redhat.com> | 2020-08-10 15:00:42 -0400 |
|---|---|---|
| committer | Matthew Heon <mheon@redhat.com> | 2020-08-13 14:03:57 -0400 |
| commit | a0719398931d59a422835b7e4cc7b6e28c18d031 (patch) | |
| tree | 4a8e1f58e21946d71b0b48864f28d605aa2a5d9d /libpod/pod.go | |
| parent | 6d3075a6c79a6e761c183e0d5e6aa239fad21b63 (diff) | |
| download | podman-a0719398931d59a422835b7e4cc7b6e28c18d031.tar.gz podman-a0719398931d59a422835b7e4cc7b6e28c18d031.tar.bz2 podman-a0719398931d59a422835b7e4cc7b6e28c18d031.zip | |
Ensure pod infra containers have an exit command
Most Libpod containers are made via `pkg/specgen/generate` which
includes code to generate an appropriate exit command which will
handle unmounting the container's storage, cleaning up the
container's network, etc. There is one notable exception: pod
infra containers, which are made entirely within Libpod and do
not touch pkg/specgen. As such, no cleanup process, network never
cleaned up, bad things can happen.
There is good news, though - it's not that difficult to add this,
and it's done in this PR. Generally speaking, we don't allow
passing options directly to the infra container at create time,
but we do (optionally) proxy a pre-approved set of options into
it when we create it. Add ExitCommand to these options, and set
it at time of pod creation using the same code we use to generate
exit commands for normal containers.
Fixes #7103
Signed-off-by: Matthew Heon <mheon@redhat.com>
Diffstat (limited to 'libpod/pod.go')
| -rw-r--r-- | libpod/pod.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/libpod/pod.go b/libpod/pod.go index 76d50db4e..422966b94 100644 --- a/libpod/pod.go +++ b/libpod/pod.go @@ -81,7 +81,15 @@ type podState struct { InfraContainerID string } -// InfraContainerConfig is the configuration for the pod's infra container +// InfraContainerConfig is the configuration for the pod's infra container. +// Generally speaking, these are equivalent to container configuration options +// you will find in container_config.go (and even named identically), save for +// HasInfraContainer (which determines if an infra container is even created - +// if it is false, no other options in this struct will be used) and HostNetwork +// (this involves the created OCI spec, and as such is not represented directly +// in container_config.go). +// Generally speaking, aside from those two exceptions, these options will set +// the equivalent field in the container's configuration. type InfraContainerConfig struct { ConmonPidFile string `json:"conmonPidFile"` HasInfraContainer bool `json:"makeInfraContainer"` @@ -96,6 +104,7 @@ type InfraContainerConfig struct { UseImageHosts bool `json:"useImageHosts,omitempty"` HostAdd []string `json:"hostsAdd,omitempty"` Networks []string `json:"networks,omitempty"` + ExitCommand []string `json:"exitCommand,omitempty"` } // ID retrieves the pod's ID |