diff options
| author | haircommander <pehunt@redhat.com> | 2018-07-27 13:58:50 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-08-23 18:16:28 +0000 |
| commit | d5e690914dc78eca8664442e7677eb5004522bfd (patch) | |
| tree | 3f7ed30e4302c871c16126a0032b8a3d51c46f98 /libpod/runtime_ctr.go | |
| parent | 63dd200e7e47261454c7e55fed2ad972144e147f (diff) | |
| download | podman-d5e690914dc78eca8664442e7677eb5004522bfd.tar.gz podman-d5e690914dc78eca8664442e7677eb5004522bfd.tar.bz2 podman-d5e690914dc78eca8664442e7677eb5004522bfd.zip | |
Added option to share kernel namespaces in libpod and podman
A pause container is added to the pod if the user opts in. The default pause image and command can be overridden. Pause containers are ignored in ps unless the -a option is present. Pod inspect and pod ps show shared namespaces and pause container. A pause container can't be removed with podman rm, and a pod can be removed if it only has a pause container.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1187
Approved by: mheon
Diffstat (limited to 'libpod/runtime_ctr.go')
| -rw-r--r-- | libpod/runtime_ctr.go | 42 |
1 files changed, 40 insertions, 2 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 051b3e85e..1aca559de 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -8,9 +8,12 @@ import ( "strings" "time" + "github.com/containers/storage" + "github.com/containers/storage/pkg/stringid" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" + "github.com/ulule/deepcopier" ) // CtrRemoveTimeout is the default number of seconds to wait after stopping a container @@ -35,11 +38,37 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options .. if !r.valid { return nil, ErrRuntimeStopped } + return r.newContainer(ctx, rSpec, options...) +} + +func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ...CtrCreateOption) (c *Container, err error) { + if rSpec == nil { + return nil, errors.Wrapf(ErrInvalidArg, "must provide a valid runtime spec to create container") + } + + ctr := new(Container) + ctr.config = new(ContainerConfig) + ctr.state = new(containerState) + + ctr.config.ID = stringid.GenerateNonCryptoID() + + ctr.config.Spec = new(spec.Spec) + deepcopier.Copy(rSpec).To(ctr.config.Spec) + ctr.config.CreatedTime = time.Now() + + ctr.config.ShmSize = DefaultShmSize + + ctr.state.BindMounts = make(map[string]string) - ctr, err := newContainer(rSpec, r.lockDir) + // Path our lock file will reside at + lockPath := filepath.Join(r.lockDir, ctr.config.ID) + // Grab a lockfile at the given path + lock, err := storage.GetLockfile(lockPath) if err != nil { - return nil, err + return nil, errors.Wrapf(err, "error creating lockfile for new container") } + ctr.lock = lock + ctr.config.StopTimeout = CtrRemoveTimeout // Set namespace based on current runtime namespace @@ -59,6 +88,7 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options .. ctr.runtime = r var pod *Pod + if ctr.config.Pod != "" { // Get the pod from state pod, err = r.state.Pod(ctr.config.Pod) @@ -194,6 +224,14 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool) // Lock the pod while we're removing container pod.lock.Lock() defer pod.lock.Unlock() + if err := pod.updatePod(); err != nil { + return err + } + + pauseID := pod.state.PauseContainerID + if c.ID() == pauseID { + return errors.Errorf("a pause container cannot be removed without removing pod %s", pod.ID()) + } } c.lock.Lock() |