summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-03-27 20:55:48 +0100
committerGitHub <noreply@github.com>2020-03-27 20:55:48 +0100
commit3336b100ef3c1273df8ad3ebc44ce4738f8cf2c2 (patch)
treed085118d9cf28ed6a8a7b40c1bd6bb5b772b10cc /libpod
parent1fe2fbb42114b9072a1caf359beff63042df90fd (diff)
parent4352d585490f6c1eb7234ef4f92e0157083d69b3 (diff)
downloadpodman-3336b100ef3c1273df8ad3ebc44ce4738f8cf2c2.tar.gz
podman-3336b100ef3c1273df8ad3ebc44ce4738f8cf2c2.tar.bz2
podman-3336b100ef3c1273df8ad3ebc44ce4738f8cf2c2.zip
Merge pull request #4698 from rhatdan/containers.conf
Add support for containers.conf
Diffstat (limited to 'libpod')
-rw-r--r--libpod/boltdb_state.go5
-rw-r--r--libpod/boltdb_state_internal.go12
-rw-r--r--libpod/common_test.go6
-rw-r--r--libpod/config/config.go618
-rw-r--r--libpod/config/config_test.go58
-rw-r--r--libpod/config/default.go153
-rw-r--r--libpod/config/testdata/empty.conf0
l---------libpod/config/testdata/libpod.conf1
-rw-r--r--libpod/container.go9
-rw-r--r--libpod/container_inspect.go7
-rw-r--r--libpod/container_internal.go16
-rw-r--r--libpod/container_internal_linux.go46
-rw-r--r--libpod/define/config.go8
-rw-r--r--libpod/define/runtime.go9
-rw-r--r--libpod/events.go4
-rw-r--r--libpod/in_memory_state.go5
-rw-r--r--libpod/info.go2
-rw-r--r--libpod/networking_linux.go12
-rw-r--r--libpod/oci_attach_linux.go3
-rw-r--r--libpod/oci_conmon_linux.go26
-rw-r--r--libpod/oci_conmon_unsupported.go3
-rw-r--r--libpod/oci_missing.go2
-rw-r--r--libpod/options.go116
-rw-r--r--libpod/pod_internal.go9
-rw-r--r--libpod/reset.go7
-rw-r--r--libpod/runtime.go240
-rw-r--r--libpod/runtime_ctr.go24
-rw-r--r--libpod/runtime_pod_infra_linux.go6
-rw-r--r--libpod/runtime_pod_linux.go25
-rw-r--r--libpod/runtime_volume_linux.go2
-rw-r--r--libpod/state.go4
-rw-r--r--libpod/state_test.go4
-rw-r--r--libpod/util.go3
-rw-r--r--libpod/volume_internal.go2
34 files changed, 353 insertions, 1094 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go
index 2ce8e0de4..34ca7f740 100644
--- a/libpod/boltdb_state.go
+++ b/libpod/boltdb_state.go
@@ -6,7 +6,6 @@ import (
"strings"
"sync"
- "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
bolt "github.com/etcd-io/bbolt"
jsoniter "github.com/json-iterator/go"
@@ -347,12 +346,12 @@ func (s *BoltState) Refresh() error {
// GetDBConfig retrieves runtime configuration fields that were created when
// the database was first initialized
-func (s *BoltState) GetDBConfig() (*config.DBConfig, error) {
+func (s *BoltState) GetDBConfig() (*DBConfig, error) {
if !s.valid {
return nil, define.ErrDBClosed
}
- cfg := new(config.DBConfig)
+ cfg := new(DBConfig)
db, err := s.getDBCon()
if err != nil {
diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go
index 1c4c9e12d..6e1f2a5f2 100644
--- a/libpod/boltdb_state_internal.go
+++ b/libpod/boltdb_state_internal.go
@@ -104,37 +104,37 @@ func checkRuntimeConfig(db *bolt.DB, rt *Runtime) error {
},
{
"libpod root directory (staticdir)",
- rt.config.StaticDir,
+ rt.config.Engine.StaticDir,
staticDirKey,
"",
},
{
"libpod temporary files directory (tmpdir)",
- rt.config.TmpDir,
+ rt.config.Engine.TmpDir,
tmpDirKey,
"",
},
{
"storage temporary directory (runroot)",
- rt.config.StorageConfig.RunRoot,
+ rt.StorageConfig().RunRoot,
runRootKey,
storeOpts.RunRoot,
},
{
"storage graph root directory (graphroot)",
- rt.config.StorageConfig.GraphRoot,
+ rt.StorageConfig().GraphRoot,
graphRootKey,
storeOpts.GraphRoot,
},
{
"storage graph driver",
- rt.config.StorageConfig.GraphDriverName,
+ rt.StorageConfig().GraphDriverName,
graphDriverKey,
storeOpts.GraphDriverName,
},
{
"volume path",
- rt.config.VolumePath,
+ rt.config.Engine.VolumePath,
volPathKey,
"",
},
diff --git a/libpod/common_test.go b/libpod/common_test.go
index 747252cf4..abf336f97 100644
--- a/libpod/common_test.go
+++ b/libpod/common_test.go
@@ -7,7 +7,7 @@ import (
"testing"
"time"
- "github.com/containers/libpod/libpod/config"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock"
"github.com/cri-o/ocicni/pkg/ocicni"
@@ -73,7 +73,9 @@ func getTestContainer(id, name string, manager lock.Manager) (*Container, error)
},
runtime: &Runtime{
config: &config.Config{
- VolumePath: "/does/not/exist/tmp/volumes",
+ Engine: config.EngineConfig{
+ VolumePath: "/does/not/exist/tmp/volumes",
+ },
},
},
valid: true,
diff --git a/libpod/config/config.go b/libpod/config/config.go
deleted file mode 100644
index b94c1b20b..000000000
--- a/libpod/config/config.go
+++ /dev/null
@@ -1,618 +0,0 @@
-package config
-
-import (
- "bytes"
- "fmt"
- "os"
- "os/exec"
- "path/filepath"
- "regexp"
- "strconv"
- "strings"
-
- "github.com/BurntSushi/toml"
- "github.com/containers/libpod/libpod/define"
- "github.com/containers/libpod/pkg/cgroups"
- "github.com/containers/libpod/pkg/rootless"
- "github.com/containers/libpod/pkg/util"
- "github.com/containers/storage"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
-)
-
-const (
- // _defaultTransport is a prefix that we apply to an image name to check
- // docker hub first for the image.
- _defaultTransport = "docker://"
-
- // _rootlessConfigPath is the path to the rootless libpod.conf in $HOME.
- _rootlessConfigPath = ".config/containers/libpod.conf"
-
- // _conmonMinMajorVersion is the major version required for conmon.
- _conmonMinMajorVersion = 2
-
- // _conmonMinMinorVersion is the minor version required for conmon.
- _conmonMinMinorVersion = 0
-
- // _conmonMinPatchVersion is the sub-minor version required for conmon.
- _conmonMinPatchVersion = 1
-
- // _conmonVersionFormatErr is used when the expected versio-format of conmon
- // has changed.
- _conmonVersionFormatErr = "conmon version changed format"
-
- // InstallPrefix is the prefix where podman will be installed.
- // It can be overridden at build time.
- _installPrefix = "/usr"
-
- // EtcDir is the sysconfdir where podman should look for system config files.
- // It can be overridden at build time.
- _etcDir = "/etc"
-
- // SeccompDefaultPath defines the default seccomp path.
- SeccompDefaultPath = _installPrefix + "/share/containers/seccomp.json"
-
- // SeccompOverridePath if this exists it overrides the default seccomp path.
- SeccompOverridePath = _etcDir + "/crio/seccomp.json"
-
- // _rootConfigPath is the path to the libpod configuration file
- // This file is loaded to replace the builtin default config before
- // runtime options (e.g. WithStorageConfig) are applied.
- // If it is not present, the builtin default config is used instead
- // This path can be overridden when the runtime is created by using
- // NewRuntimeFromConfig() instead of NewRuntime().
- _rootConfigPath = _installPrefix + "/share/containers/libpod.conf"
-
- // _rootOverrideConfigPath is the path to an override for the default libpod
- // configuration file. If OverrideConfigPath exists, it will be used in
- // place of the configuration file pointed to by ConfigPath.
- _rootOverrideConfigPath = _etcDir + "/containers/libpod.conf"
-)
-
-// SetOptions contains a subset of options in a Config. It's used to indicate if
-// a given option has either been set by the user or by a parsed libpod
-// configuration file. If not, the corresponding option might be overwritten by
-// values from the database. This behavior guarantees backwards compat with
-// older version of libpod and Podman.
-type SetOptions struct {
- // StorageConfigRunRootSet indicates if the RunRoot has been explicitly set
- // by the config or by the user. It's required to guarantee backwards
- // compatibility with older versions of libpod for which we must query the
- // database configuration. Not included in the on-disk config.
- StorageConfigRunRootSet bool `toml:"-"`
-
- // StorageConfigGraphRootSet indicates if the RunRoot has been explicitly
- // set by the config or by the user. It's required to guarantee backwards
- // compatibility with older versions of libpod for which we must query the
- // database configuration. Not included in the on-disk config.
- StorageConfigGraphRootSet bool `toml:"-"`
-
- // StorageConfigGraphDriverNameSet indicates if the GraphDriverName has been
- // explicitly set by the config or by the user. It's required to guarantee
- // backwards compatibility with older versions of libpod for which we must
- // query the database configuration. Not included in the on-disk config.
- StorageConfigGraphDriverNameSet bool `toml:"-"`
-
- // VolumePathSet indicates if the VolumePath has been explicitly set by the
- // config or by the user. It's required to guarantee backwards compatibility
- // with older versions of libpod for which we must query the database
- // configuration. Not included in the on-disk config.
- VolumePathSet bool `toml:"-"`
-
- // StaticDirSet indicates if the StaticDir has been explicitly set by the
- // config or by the user. It's required to guarantee backwards compatibility
- // with older versions of libpod for which we must query the database
- // configuration. Not included in the on-disk config.
- StaticDirSet bool `toml:"-"`
-
- // TmpDirSet indicates if the TmpDir has been explicitly set by the config
- // or by the user. It's required to guarantee backwards compatibility with
- // older versions of libpod for which we must query the database
- // configuration. Not included in the on-disk config.
- TmpDirSet bool `toml:"-"`
-}
-
-// Config contains configuration options used to set up a libpod runtime
-type Config struct {
- // NOTE: when changing this struct, make sure to update (*Config).Merge().
-
- // SetOptions contains a subset of config options. It's used to indicate if
- // a given option has either been set by the user or by a parsed libpod
- // configuration file. If not, the corresponding option might be
- // overwritten by values from the database. This behavior guarantees
- // backwards compat with older version of libpod and Podman.
- SetOptions
-
- // StateType is the type of the backing state store. Avoid using multiple
- // values for this with the same containers/storage configuration on the
- // same system. Different state types do not interact, and each will see a
- // separate set of containers, which may cause conflicts in
- // containers/storage. As such this is not exposed via the config file.
- StateType define.RuntimeStateStore `toml:"-"`
-
- // StorageConfig is the configuration used by containers/storage Not
- // included in the on-disk config, use the dedicated containers/storage
- // configuration file instead.
- StorageConfig storage.StoreOptions `toml:"-"`
-
- // VolumePath is the default location that named volumes will be created
- // under. This convention is followed by the default volume driver, but
- // may not be by other drivers.
- VolumePath string `toml:"volume_path,omitempty"`
-
- // ImageDefaultTransport is the default transport method used to fetch
- // images.
- ImageDefaultTransport string `toml:"image_default_transport,omitempty"`
-
- // SignaturePolicyPath is the path to a signature policy to use for
- // validating images. If left empty, the containers/image default signature
- // policy will be used.
- SignaturePolicyPath string `toml:"signature_policy_path,omitempty"`
-
- // OCIRuntime is the OCI runtime to use.
- OCIRuntime string `toml:"runtime,omitempty"`
-
- // OCIRuntimes are the set of configured OCI runtimes (default is runc).
- OCIRuntimes map[string][]string `toml:"runtimes,omitempty"`
-
- // RuntimeSupportsJSON is the list of the OCI runtimes that support
- // --format=json.
- RuntimeSupportsJSON []string `toml:"runtime_supports_json,omitempty"`
-
- // RuntimeSupportsNoCgroups is a list of OCI runtimes that support
- // running containers without CGroups.
- RuntimeSupportsNoCgroups []string `toml:"runtime_supports_nocgroups,omitempty"`
-
- // RuntimePath is the path to OCI runtime binary for launching containers.
- // The first path pointing to a valid file will be used This is used only
- // when there are no OCIRuntime/OCIRuntimes defined. It is used only to be
- // backward compatible with older versions of Podman.
- RuntimePath []string `toml:"runtime_path,omitempty"`
-
- // ConmonPath is the path to the Conmon binary used for managing containers.
- // The first path pointing to a valid file will be used.
- ConmonPath []string `toml:"conmon_path,omitempty"`
-
- // ConmonEnvVars are environment variables to pass to the Conmon binary
- // when it is launched.
- ConmonEnvVars []string `toml:"conmon_env_vars,omitempty"`
-
- // CGroupManager is the CGroup Manager to use Valid values are "cgroupfs"
- // and "systemd".
- CgroupManager string `toml:"cgroup_manager,omitempty"`
-
- // InitPath is the path to the container-init binary.
- InitPath string `toml:"init_path,omitempty"`
-
- // StaticDir is the path to a persistent directory to store container
- // files.
- StaticDir string `toml:"static_dir,omitempty"`
-
- // TmpDir is the path to a temporary directory to store per-boot container
- // files. Must be stored in a tmpfs.
- TmpDir string `toml:"tmp_dir,omitempty"`
-
- // MaxLogSize is the maximum size of container logfiles.
- MaxLogSize int64 `toml:"max_log_size,omitempty"`
-
- // NoPivotRoot sets whether to set no-pivot-root in the OCI runtime.
- NoPivotRoot bool `toml:"no_pivot_root,omitempty"`
-
- // CNIConfigDir sets the directory where CNI configuration files are
- // stored.
- CNIConfigDir string `toml:"cni_config_dir,omitempty"`
-
- // CNIPluginDir sets a number of directories where the CNI network
- // plugins can be located.
- CNIPluginDir []string `toml:"cni_plugin_dir,omitempty"`
-
- // CNIDefaultNetwork is the network name of the default CNI network
- // to attach pods to.
- CNIDefaultNetwork string `toml:"cni_default_network,omitempty"`
-
- // HooksDir holds paths to the directories containing hooks
- // configuration files. When the same filename is present in in
- // multiple directories, the file in the directory listed last in
- // this slice takes precedence.
- HooksDir []string `toml:"hooks_dir,omitempty"`
-
- // DefaultMountsFile is the path to the default mounts file for testing
- // purposes only.
- DefaultMountsFile string `toml:"-"`
-
- // Namespace is the libpod namespace to use. Namespaces are used to create
- // scopes to separate containers and pods in the state. When namespace is
- // set, libpod will only view containers and pods in the same namespace. All
- // containers and pods created will default to the namespace set here. A
- // namespace of "", the empty string, is equivalent to no namespace, and all
- // containers and pods will be visible. The default namespace is "".
- Namespace string `toml:"namespace,omitempty"`
-
- // InfraImage is the image a pod infra container will use to manage
- // namespaces.
- InfraImage string `toml:"infra_image,omitempty"`
-
- // InfraCommand is the command run to start up a pod infra container.
- InfraCommand string `toml:"infra_command,omitempty"`
-
- // EnablePortReservation determines whether libpod will reserve ports on the
- // host when they are forwarded to containers. When enabled, when ports are
- // forwarded to containers, they are held open by conmon as long as the
- // container is running, ensuring that they cannot be reused by other
- // programs on the host. However, this can cause significant memory usage if
- // a container has many ports forwarded to it. Disabling this can save
- // memory.
- EnablePortReservation bool `toml:"enable_port_reservation,omitempty"`
-
- // EnableLabeling indicates whether libpod will support container labeling.
- EnableLabeling bool `toml:"label,omitempty"`
-
- // NetworkCmdPath is the path to the slirp4netns binary.
- NetworkCmdPath string `toml:"network_cmd_path,omitempty"`
-
- // NumLocks is the number of locks to make available for containers and
- // pods.
- NumLocks uint32 `toml:"num_locks,omitempty"`
-
- // LockType is the type of locking to use.
- LockType string `toml:"lock_type,omitempty"`
-
- // EventsLogger determines where events should be logged.
- EventsLogger string `toml:"events_logger,omitempty"`
-
- // EventsLogFilePath is where the events log is stored.
- EventsLogFilePath string `toml:"events_logfile_path,omitempty"`
-
- //DetachKeys is the sequence of keys used to detach a container.
- DetachKeys string `toml:"detach_keys,omitempty"`
-
- // SDNotify tells Libpod to allow containers to notify the host systemd of
- // readiness using the SD_NOTIFY mechanism.
- SDNotify bool `toml:",omitempty"`
-
- // CgroupCheck indicates the configuration has been rewritten after an
- // upgrade to Fedora 31 to change the default OCI runtime for cgroupsv2.
- CgroupCheck bool `toml:"cgroup_check,omitempty"`
-}
-
-// DBConfig is a set of Libpod runtime configuration settings that are saved in
-// a State when it is first created, and can subsequently be retrieved.
-type DBConfig struct {
- LibpodRoot string
- LibpodTmp string
- StorageRoot string
- StorageTmp string
- GraphDriver string
- VolumePath string
-}
-
-// readConfigFromFile reads the specified config file at `path` and attempts to
-// unmarshal its content into a Config. The config param specifies the previous
-// default config. If the path, only specifies a few fields in the Toml file
-// the defaults from the config parameter will be used for all other fields.
-func readConfigFromFile(path string, config *Config) (*Config, error) {
- logrus.Debugf("Reading configuration file %q", path)
- _, err := toml.DecodeFile(path, config)
- if err != nil {
- return nil, fmt.Errorf("unable to decode configuration %v: %v", path, err)
- }
-
- // For the sake of backwards compat we need to check if the config fields
- // with *Set suffix are set in the config. Note that the storage-related
- // fields are NOT set in the config here but in the storage.conf OR directly
- // by the user.
- if config.VolumePath != "" {
- config.VolumePathSet = true
- }
- if config.StaticDir != "" {
- config.StaticDirSet = true
- }
- if config.TmpDir != "" {
- config.TmpDirSet = true
- }
-
- return config, err
-}
-
-// Write decodes the config as TOML and writes it to the specified path.
-func (c *Config) Write(path string) error {
- f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0666)
- if err != nil {
- return errors.Wrapf(err, "error opening config file %q", path)
- }
-
- buffer := new(bytes.Buffer)
- if err := toml.NewEncoder(buffer).Encode(c); err != nil {
- return errors.Wrapf(err, "error encoding config")
- }
-
- if _, err := f.WriteString(buffer.String()); err != nil {
- return errors.Wrapf(err, "error writing config %q", path)
- }
- return err
-}
-
-// FindConmon iterates over (*Config).ConmonPath and returns the path to first
-// (version) matching conmon binary. If non is found, we try to do a path lookup
-// of "conmon".
-func (c *Config) FindConmon() (string, error) {
- foundOutdatedConmon := false
- for _, path := range c.ConmonPath {
- stat, err := os.Stat(path)
- if err != nil {
- continue
- }
- if stat.IsDir() {
- continue
- }
- if err := probeConmon(path); err != nil {
- logrus.Warnf("Conmon at %s invalid: %v", path, err)
- foundOutdatedConmon = true
- continue
- }
- logrus.Debugf("Using conmon: %q", path)
- return path, nil
- }
-
- // Search the $PATH as last fallback
- if path, err := exec.LookPath("conmon"); err == nil {
- if err := probeConmon(path); err != nil {
- logrus.Warnf("Conmon at %s is invalid: %v", path, err)
- foundOutdatedConmon = true
- } else {
- logrus.Debugf("Using conmon from $PATH: %q", path)
- return path, nil
- }
- }
-
- if foundOutdatedConmon {
- return "", errors.Wrapf(define.ErrConmonOutdated,
- "please update to v%d.%d.%d or later",
- _conmonMinMajorVersion, _conmonMinMinorVersion, _conmonMinPatchVersion)
- }
-
- return "", errors.Wrapf(define.ErrInvalidArg,
- "could not find a working conmon binary (configured options: %v)",
- c.ConmonPath)
-}
-
-// probeConmon calls conmon --version and verifies it is a new enough version for
-// the runtime expectations podman currently has.
-func probeConmon(conmonBinary string) error {
- cmd := exec.Command(conmonBinary, "--version")
- var out bytes.Buffer
- cmd.Stdout = &out
- err := cmd.Run()
- if err != nil {
- return err
- }
- r := regexp.MustCompile(`^conmon version (?P<Major>\d+).(?P<Minor>\d+).(?P<Patch>\d+)`)
-
- matches := r.FindStringSubmatch(out.String())
- if len(matches) != 4 {
- return errors.Wrap(err, _conmonVersionFormatErr)
- }
- major, err := strconv.Atoi(matches[1])
- if err != nil {
- return errors.Wrap(err, _conmonVersionFormatErr)
- }
- if major < _conmonMinMajorVersion {
- return define.ErrConmonOutdated
- }
- if major > _conmonMinMajorVersion {
- return nil
- }
-
- minor, err := strconv.Atoi(matches[2])
- if err != nil {
- return errors.Wrap(err, _conmonVersionFormatErr)
- }
- if minor < _conmonMinMinorVersion {
- return define.ErrConmonOutdated
- }
- if minor > _conmonMinMinorVersion {
- return nil
- }
-
- patch, err := strconv.Atoi(matches[3])
- if err != nil {
- return errors.Wrap(err, _conmonVersionFormatErr)
- }
- if patch < _conmonMinPatchVersion {
- return define.ErrConmonOutdated
- }
- if patch > _conmonMinPatchVersion {
- return nil
- }
-
- return nil
-}
-
-// NewConfig creates a new Config. It starts with an empty config and, if
-// specified, merges the config at `userConfigPath` path. Depending if we're
-// running as root or rootless, we then merge the system configuration followed
-// by merging the default config (hard-coded default in memory).
-//
-// Note that the OCI runtime is hard-set to `crun` if we're running on a system
-// with cgroupsv2. Other OCI runtimes are not yet supporting cgroupsv2. This
-// might change in the future.
-func NewConfig(userConfigPath string) (*Config, error) {
- // Start with the default config and iteratively merge fields in the system
- // configs.
- config, err := defaultConfigFromMemory()
- if err != nil {
- return nil, err
- }
-
- // Now, check if the user can access system configs and merge them if needed.
- configs, err := systemConfigs()
- if err != nil {
- return nil, errors.Wrapf(err, "error finding config on system")
- }
-
- for _, path := range configs {
- config, err = readConfigFromFile(path, config)
- if err != nil {
- return nil, errors.Wrapf(err, "error reading system config %q", path)
- }
- }
-
- // First, try to read the user-specified config
- if userConfigPath != "" {
- var err error
- config, err = readConfigFromFile(userConfigPath, config)
- if err != nil {
- return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath)
- }
- }
-
- // Since runc does not currently support cgroupV2
- // Change to default crun on first running of libpod.conf
- // TODO Once runc has support for cgroups, this function should be removed.
- if !config.CgroupCheck && rootless.IsRootless() {
- cgroupsV2, err := cgroups.IsCgroup2UnifiedMode()
- if err != nil {
- return nil, err
- }
- if cgroupsV2 {
- path, err := exec.LookPath("crun")
- if err != nil {
- // Can't find crun path so do nothing
- logrus.Warnf("Can not find crun package on the host, containers might fail to run on cgroup V2 systems without crun: %q", err)
- } else {
- config.CgroupCheck = true
- config.OCIRuntime = path
- }
- }
- }
-
- // If we need to, switch to cgroupfs and logger=file on rootless.
- config.checkCgroupsAndLogger()
-
- // Relative paths can cause nasty bugs, because core paths we use could
- // shift between runs (or even parts of the program - the OCI runtime
- // uses a different working directory than we do, for example.
- if !filepath.IsAbs(config.StaticDir) {
- return nil, errors.Wrapf(define.ErrInvalidArg, "static directory must be an absolute path - instead got %q", config.StaticDir)
- }
- if !filepath.IsAbs(config.TmpDir) {
- return nil, errors.Wrapf(define.ErrInvalidArg, "temporary directory must be an absolute path - instead got %q", config.TmpDir)
- }
- if !filepath.IsAbs(config.VolumePath) {
- return nil, errors.Wrapf(define.ErrInvalidArg, "volume path must be an absolute path - instead got %q", config.VolumePath)
- }
-
- return config, nil
-}
-
-func rootlessConfigPath() (string, error) {
- home, err := util.HomeDir()
- if err != nil {
- return "", err
- }
-
- return filepath.Join(home, _rootlessConfigPath), nil
-}
-
-func systemConfigs() ([]string, error) {
- if rootless.IsRootless() {
- path, err := rootlessConfigPath()
- if err != nil {
- return nil, err
- }
- if _, err := os.Stat(path); err == nil {
- return []string{path}, nil
- }
- return nil, err
- }
-
- configs := []string{}
- if _, err := os.Stat(_rootConfigPath); err == nil {
- configs = append(configs, _rootConfigPath)
- }
- if _, err := os.Stat(_rootOverrideConfigPath); err == nil {
- configs = append(configs, _rootOverrideConfigPath)
- }
- return configs, nil
-}
-
-// checkCgroupsAndLogger checks if we're running rootless with the systemd
-// cgroup manager. In case the user session isn't available, we're switching the
-// cgroup manager to cgroupfs and the events logger backend to 'file'.
-// Note, this only applies to rootless.
-func (c *Config) checkCgroupsAndLogger() {
- if !rootless.IsRootless() || (c.CgroupManager !=
- define.SystemdCgroupsManager && c.EventsLogger == "file") {
- return
- }
-
- session := os.Getenv("DBUS_SESSION_BUS_ADDRESS")
- hasSession := session != ""
- if hasSession && strings.HasPrefix(session, "unix:path=") {
- _, err := os.Stat(strings.TrimPrefix(session, "unix:path="))
- hasSession = err == nil
- }
-
- if !hasSession {
- logrus.Warningf("The cgroup manager or the events logger is set to use systemd but there is no systemd user session available")
- logrus.Warningf("For using systemd, you may need to login using an user session")
- logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibly as root)", rootless.GetRootlessUID())
- logrus.Warningf("Falling back to --cgroup-manager=cgroupfs and --events-backend=file")
- c.CgroupManager = define.CgroupfsCgroupsManager
- c.EventsLogger = "file"
- }
-}
-
-// MergeDBConfig merges the configuration from the database.
-func (c *Config) MergeDBConfig(dbConfig *DBConfig) error {
-
- if !c.StorageConfigRunRootSet && dbConfig.StorageTmp != "" {
- if c.StorageConfig.RunRoot != dbConfig.StorageTmp &&
- c.StorageConfig.RunRoot != "" {
- logrus.Debugf("Overriding run root %q with %q from database",
- c.StorageConfig.RunRoot, dbConfig.StorageTmp)
- }
- c.StorageConfig.RunRoot = dbConfig.StorageTmp
- }
-
- if !c.StorageConfigGraphRootSet && dbConfig.StorageRoot != "" {
- if c.StorageConfig.GraphRoot != dbConfig.StorageRoot &&
- c.StorageConfig.GraphRoot != "" {
- logrus.Debugf("Overriding graph root %q with %q from database",
- c.StorageConfig.GraphRoot, dbConfig.StorageRoot)
- }
- c.StorageConfig.GraphRoot = dbConfig.StorageRoot
- }
-
- if !c.StorageConfigGraphDriverNameSet && dbConfig.GraphDriver != "" {
- if c.StorageConfig.GraphDriverName != dbConfig.GraphDriver &&
- c.StorageConfig.GraphDriverName != "" {
- logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve",
- c.StorageConfig.GraphDriverName, dbConfig.GraphDriver)
- }
- c.StorageConfig.GraphDriverName = dbConfig.GraphDriver
- }
-
- if !c.StaticDirSet && dbConfig.LibpodRoot != "" {
- if c.StaticDir != dbConfig.LibpodRoot && c.StaticDir != "" {
- logrus.Debugf("Overriding static dir %q with %q from database", c.StaticDir, dbConfig.LibpodRoot)
- }
- c.StaticDir = dbConfig.LibpodRoot
- }
-
- if !c.TmpDirSet && dbConfig.LibpodTmp != "" {
- if c.TmpDir != dbConfig.LibpodTmp && c.TmpDir != "" {
- logrus.Debugf("Overriding tmp dir %q with %q from database", c.TmpDir, dbConfig.LibpodTmp)
- }
- c.TmpDir = dbConfig.LibpodTmp
- c.EventsLogFilePath = filepath.Join(dbConfig.LibpodTmp, "events", "events.log")
- }
-
- if !c.VolumePathSet && dbConfig.VolumePath != "" {
- if c.VolumePath != dbConfig.VolumePath && c.VolumePath != "" {
- logrus.Debugf("Overriding volume path %q with %q from database", c.VolumePath, dbConfig.VolumePath)
- }
- c.VolumePath = dbConfig.VolumePath
- }
- return nil
-}
diff --git a/libpod/config/config_test.go b/libpod/config/config_test.go
deleted file mode 100644
index 24620ce0e..000000000
--- a/libpod/config/config_test.go
+++ /dev/null
@@ -1,58 +0,0 @@
-package config
-
-import (
- "reflect"
- "testing"
-
- "github.com/containers/libpod/libpod/define"
- "github.com/containers/storage"
- "github.com/stretchr/testify/assert"
-)
-
-func TestEmptyConfig(t *testing.T) {
- // Make sure that we can read empty configs
- config, err := readConfigFromFile("testdata/empty.conf", &Config{})
- assert.NotNil(t, config)
- assert.Nil(t, err)
-}
-
-func TestDefaultLibpodConf(t *testing.T) {
- // Make sure that we can read the default libpod.conf
- config, err := readConfigFromFile("testdata/libpod.conf", &Config{})
- assert.NotNil(t, config)
- assert.Nil(t, err)
-}
-
-func TestMergeEmptyAndDefaultMemoryConfig(t *testing.T) {
- // Make sure that when we merge the default config into an empty one that we
- // effectively get the default config.
- defaultConfig, err := defaultConfigFromMemory()
- assert.NotNil(t, defaultConfig)
- assert.Nil(t, err)
- defaultConfig.StateType = define.InvalidStateStore
- defaultConfig.StorageConfig = storage.StoreOptions{}
-
- emptyConfig, err := readConfigFromFile("testdata/empty.conf", defaultConfig)
- assert.NotNil(t, emptyConfig)
- assert.Nil(t, err)
-
- equal := reflect.DeepEqual(emptyConfig, defaultConfig)
- assert.True(t, equal)
-}
-
-func TestMergeEmptyAndLibpodConfig(t *testing.T) {
- // Make sure that when we merge the default config into an empty one that we
- // effectively get the default config.
- libpodConfig, err := readConfigFromFile("testdata/libpod.conf", &Config{})
- assert.NotNil(t, libpodConfig)
- assert.Nil(t, err)
- libpodConfig.StateType = define.InvalidStateStore
- libpodConfig.StorageConfig = storage.StoreOptions{}
-
- emptyConfig, err := readConfigFromFile("testdata/empty.conf", libpodConfig)
- assert.NotNil(t, emptyConfig)
- assert.Nil(t, err)
-
- equal := reflect.DeepEqual(emptyConfig, libpodConfig)
- assert.True(t, equal)
-}
diff --git a/libpod/config/default.go b/libpod/config/default.go
deleted file mode 100644
index c4a4efdaf..000000000
--- a/libpod/config/default.go
+++ /dev/null
@@ -1,153 +0,0 @@
-package config
-
-import (
- "os"
- "path/filepath"
-
- "github.com/containers/libpod/libpod/define"
- "github.com/containers/libpod/libpod/events"
- "github.com/containers/libpod/pkg/cgroups"
- "github.com/containers/libpod/pkg/rootless"
- "github.com/containers/libpod/pkg/util"
- "github.com/containers/storage"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
-)
-
-const (
- // _defaultGraphRoot points to the default path of the graph root.
- _defaultGraphRoot = "/var/lib/containers/storage"
- // _defaultRootlessSignaturePolicyPath points to the default path of the
- // rootless policy.json file.
- _defaultRootlessSignaturePolicyPath = ".config/containers/policy.json"
-)
-
-// defaultConfigFromMemory returns a default libpod configuration. Note that the
-// config is different for root and rootless. It also parses the storage.conf.
-func defaultConfigFromMemory() (*Config, error) {
- c := new(Config)
- tmp, err := defaultTmpDir()
- if err != nil {
- return nil, err
- }
- c.TmpDir = tmp
-
- c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log")
-
- storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID())
- if err != nil {
- return nil, err
- }
- if storeOpts.GraphRoot == "" {
- logrus.Warnf("Storage configuration is unset - using hardcoded default graph root %q", _defaultGraphRoot)
- storeOpts.GraphRoot = _defaultGraphRoot
- }
- c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod")
- c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes")
- c.StorageConfig = storeOpts
-
- c.ImageDefaultTransport = _defaultTransport
- c.StateType = define.BoltDBStateStore
- c.OCIRuntime = "runc"
-
- // If we're running on cgroups v2, default to using crun.
- if onCgroupsv2, _ := cgroups.IsCgroup2UnifiedMode(); onCgroupsv2 {
- c.OCIRuntime = "crun"
- }
-
- c.OCIRuntimes = map[string][]string{
- "runc": {
- "/usr/bin/runc",
- "/usr/sbin/runc",
- "/usr/local/bin/runc",
- "/usr/local/sbin/runc",
- "/sbin/runc",
- "/bin/runc",
- "/usr/lib/cri-o-runc/sbin/runc",
- "/run/current-system/sw/bin/runc",
- },
- "crun": {
- "/usr/bin/crun",
- "/usr/sbin/crun",
- "/usr/local/bin/crun",
- "/usr/local/sbin/crun",
- "/sbin/crun",
- "/bin/crun",
- "/run/current-system/sw/bin/crun",
- },
- }
- c.ConmonPath = []string{
- "/usr/libexec/podman/conmon",
- "/usr/local/libexec/podman/conmon",
- "/usr/local/lib/podman/conmon",
- "/usr/bin/conmon",
- "/usr/sbin/conmon",
- "/usr/local/bin/conmon",
- "/usr/local/sbin/conmon",
- "/run/current-system/sw/bin/conmon",
- }
- c.ConmonEnvVars = []string{
- "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
- }
- c.RuntimeSupportsJSON = []string{
- "crun",
- "runc",
- }
- c.RuntimeSupportsNoCgroups = []string{"crun"}
- c.InitPath = define.DefaultInitPath
- c.CgroupManager = define.SystemdCgroupsManager
- c.MaxLogSize = -1
- c.NoPivotRoot = false
- c.CNIConfigDir = _etcDir + "/cni/net.d/"
- c.CNIPluginDir = []string{
- "/usr/libexec/cni",
- "/usr/lib/cni",
- "/usr/local/lib/cni",
- "/opt/cni/bin",
- }
- c.CNIDefaultNetwork = "podman"
- c.InfraCommand = define.DefaultInfraCommand
- c.InfraImage = define.DefaultInfraImage
- c.EnablePortReservation = true
- c.EnableLabeling = true
- c.NumLocks = 2048
- c.EventsLogger = events.DefaultEventerType.String()
- c.DetachKeys = define.DefaultDetachKeys
- // TODO - ideally we should expose a `type LockType string` along with
- // constants.
- c.LockType = "shm"
-
- if rootless.IsRootless() {
- home, err := util.HomeDir()
- if err != nil {
- return nil, err
- }
- sigPath := filepath.Join(home, _defaultRootlessSignaturePolicyPath)
- if _, err := os.Stat(sigPath); err == nil {
- c.SignaturePolicyPath = sigPath
- }
- }
- return c, nil
-}
-
-func defaultTmpDir() (string, error) {
- if !rootless.IsRootless() {
- return "/var/run/libpod", nil
- }
-
- runtimeDir, err := util.GetRuntimeDir()
- if err != nil {
- return "", err
- }
- libpodRuntimeDir := filepath.Join(runtimeDir, "libpod")
-
- if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
- if !os.IsExist(err) {
- return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir)
- } else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
- // The directory already exist, just set the sticky bit
- return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir)
- }
- }
- return filepath.Join(libpodRuntimeDir, "tmp"), nil
-}
diff --git a/libpod/config/testdata/empty.conf b/libpod/config/testdata/empty.conf
deleted file mode 100644
index e69de29bb..000000000
--- a/libpod/config/testdata/empty.conf
+++ /dev/null
diff --git a/libpod/config/testdata/libpod.conf b/libpod/config/testdata/libpod.conf
deleted file mode 120000
index 17d09fe4a..000000000
--- a/libpod/config/testdata/libpod.conf
+++ /dev/null
@@ -1 +0,0 @@
-../../../libpod.conf \ No newline at end of file
diff --git a/libpod/container.go b/libpod/container.go
index e59fb9fe8..c1deb95f9 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -11,6 +11,7 @@ import (
"github.com/containernetworking/cni/pkg/types"
cnitypes "github.com/containernetworking/cni/pkg/types/current"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/manifest"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock"
@@ -1083,10 +1084,10 @@ func (c *Container) NamespacePath(linuxNS LinuxNS) (string, error) { //nolint:in
// CGroupPath returns a cgroups "path" for a given container.
func (c *Container) CGroupPath() (string, error) {
- switch c.runtime.config.CgroupManager {
- case define.CgroupfsCgroupsManager:
+ switch c.runtime.config.Engine.CgroupManager {
+ case config.CgroupfsCgroupsManager:
return filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())), nil
- case define.SystemdCgroupsManager:
+ case config.SystemdCgroupsManager:
if rootless.IsRootless() {
uid := rootless.GetRootlessUID()
parts := strings.SplitN(c.config.CgroupParent, "/", 2)
@@ -1100,7 +1101,7 @@ func (c *Container) CGroupPath() (string, error) {
}
return filepath.Join(c.config.CgroupParent, createUnitName("libpod", c.ID())), nil
default:
- return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.CgroupManager)
+ return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.Engine.CgroupManager)
}
}
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 7552eb483..f81be8b22 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -4,6 +4,7 @@ import (
"fmt"
"strings"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/driver"
"github.com/containers/libpod/pkg/util"
@@ -769,10 +770,10 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
// CGroup parent
// Need to check if it's the default, and not print if so.
defaultCgroupParent := ""
- switch c.runtime.config.CgroupManager {
- case define.CgroupfsCgroupsManager:
+ switch c.runtime.config.Engine.CgroupManager {
+ case config.CgroupfsCgroupsManager:
defaultCgroupParent = CgroupfsDefaultCgroupParent
- case define.SystemdCgroupsManager:
+ case config.SystemdCgroupsManager:
defaultCgroupParent = SystemdDefaultCgroupParent
}
if c.config.CgroupParent != defaultCgroupParent {
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 7a85c1f04..4e18819b8 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -515,14 +515,14 @@ func (c *Container) refresh() error {
c.state.RunDir = dir
if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 {
- info, err := os.Stat(c.runtime.config.TmpDir)
+ info, err := os.Stat(c.runtime.config.Engine.TmpDir)
if err != nil {
- return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.TmpDir)
+ return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.Engine.TmpDir)
}
- if err := os.Chmod(c.runtime.config.TmpDir, info.Mode()|0111); err != nil {
- return errors.Wrapf(err, "cannot chmod `%s`", c.runtime.config.TmpDir)
+ if err := os.Chmod(c.runtime.config.Engine.TmpDir, info.Mode()|0111); err != nil {
+ return errors.Wrapf(err, "cannot chmod `%s`", c.runtime.config.Engine.TmpDir)
}
- root := filepath.Join(c.runtime.config.TmpDir, "containers-root", c.ID())
+ root := filepath.Join(c.runtime.config.Engine.TmpDir, "containers-root", c.ID())
if err := os.MkdirAll(root, 0755); err != nil {
return errors.Wrapf(err, "error creating userNS tmpdir for container %s", c.ID())
}
@@ -898,7 +898,7 @@ func (c *Container) completeNetworkSetup() error {
if err := c.syncContainer(); err != nil {
return err
}
- if c.config.NetMode == "slirp4netns" {
+ if c.config.NetMode.IsSlirp4netns() {
return c.runtime.setupRootlessNetNS(c)
}
if err := c.runtime.setupNetNS(c); err != nil {
@@ -1689,7 +1689,7 @@ func (c *Container) saveSpec(spec *spec.Spec) error {
// Warning: precreate hooks may alter 'config' in place.
func (c *Container) setupOCIHooks(ctx context.Context, config *spec.Spec) (extensionStageHooks map[string][]spec.Hook, err error) {
allHooks := make(map[string][]spec.Hook)
- if c.runtime.config.HooksDir == nil {
+ if c.runtime.config.Engine.HooksDir == nil {
if rootless.IsRootless() {
return nil, nil
}
@@ -1713,7 +1713,7 @@ func (c *Container) setupOCIHooks(ctx context.Context, config *spec.Spec) (exten
}
}
} else {
- manager, err := hooks.New(ctx, c.runtime.config.HooksDir, []string{"precreate", "poststop"})
+ manager, err := hooks.New(ctx, c.runtime.config.Engine.HooksDir, []string{"precreate", "poststop"})
if err != nil {
return nil, err
}
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 2f0f59c24..a3f97f2a6 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -20,6 +20,7 @@ import (
cnitypes "github.com/containernetworking/cni/pkg/types/current"
"github.com/containernetworking/plugins/pkg/ns"
"github.com/containers/buildah/pkg/secrets"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/pkg/annotations"
@@ -29,6 +30,7 @@ import (
"github.com/containers/libpod/pkg/lookup"
"github.com/containers/libpod/pkg/resolvconf"
"github.com/containers/libpod/pkg/rootless"
+ "github.com/containers/libpod/pkg/util"
"github.com/containers/storage/pkg/archive"
securejoin "github.com/cyphar/filepath-securejoin"
"github.com/opencontainers/runc/libcontainer/user"
@@ -92,7 +94,7 @@ func (c *Container) prepare() error {
}
// handle rootless network namespace setup
- if c.state.NetNS != nil && c.config.NetMode == "slirp4netns" && !c.config.PostConfigureNetNS {
+ if c.state.NetNS != nil && c.config.NetMode.IsSlirp4netns() && !c.config.PostConfigureNetNS {
createNetNSErr = c.runtime.setupRootlessNetNS(c)
}
}()
@@ -1213,7 +1215,7 @@ func (c *Container) makeBindMounts() error {
}
// Add Secret Mounts
- secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.DefaultMountsFile, c.state.RunDir, c.RootUID(), c.RootGID(), rootless.IsRootless(), false)
+ secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.Containers.DefaultMountsFile, c.state.RunDir, c.RootUID(), c.RootGID(), rootless.IsRootless(), false)
for _, mount := range secretMounts {
if _, ok := c.state.BindMounts[mount.Destination]; !ok {
c.state.BindMounts[mount.Destination] = mount.Source
@@ -1274,11 +1276,21 @@ func (c *Container) generateResolvConf() (string, error) {
}
}
+ var dns []net.IP
+ for _, i := range c.runtime.config.Containers.DNSServers {
+ result := net.ParseIP(i)
+ if result == nil {
+ return "", errors.Wrapf(define.ErrInvalidArg, "invalid IP address %s", i)
+ }
+ dns = append(dns, result)
+ }
+ dnsServers := append(dns, c.config.DNSServer...)
// If the user provided dns, it trumps all; then dns masq; then resolv.conf
switch {
- case len(c.config.DNSServer) > 0:
+ case len(dnsServers) > 0:
+
// We store DNS servers as net.IP, so need to convert to string
- for _, server := range c.config.DNSServer {
+ for _, server := range dnsServers {
nameservers = append(nameservers, server.String())
}
case len(cniNameServers) > 0:
@@ -1292,14 +1304,22 @@ func (c *Container) generateResolvConf() (string, error) {
}
}
- search := resolvconf.GetSearchDomains(resolv.Content)
- if len(c.config.DNSSearch) > 0 {
- search = c.config.DNSSearch
+ var search []string
+ if len(c.config.DNSSearch) > 0 || len(c.runtime.config.Containers.DNSSearches) > 0 {
+ if !util.StringInSlice(".", c.config.DNSSearch) {
+ search = c.runtime.config.Containers.DNSSearches
+ search = append(search, c.config.DNSSearch...)
+ }
+ } else {
+ search = resolvconf.GetSearchDomains(resolv.Content)
}
- options := resolvconf.GetOptions(resolv.Content)
- if len(c.config.DNSOption) > 0 {
- options = c.config.DNSOption
+ var options []string
+ if len(c.config.DNSOption) > 0 || len(c.runtime.config.Containers.DNSOptions) > 0 {
+ options = c.runtime.config.Containers.DNSOptions
+ options = append(options, c.config.DNSOption...)
+ } else {
+ options = resolvconf.GetOptions(resolv.Content)
}
destPath := filepath.Join(c.state.RunDir, "resolv.conf")
@@ -1445,14 +1465,14 @@ func (c *Container) getOCICgroupPath() (string, error) {
switch {
case (rootless.IsRootless() && !unified) || c.config.NoCgroups:
return "", nil
- case c.runtime.config.CgroupManager == define.SystemdCgroupsManager:
+ case c.runtime.config.Engine.CgroupManager == config.SystemdCgroupsManager:
// When runc is set to use Systemd as a cgroup manager, it
// expects cgroups to be passed as follows:
// slice:prefix:name
systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID())
logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups)
return systemdCgroups, nil
- case c.runtime.config.CgroupManager == define.CgroupfsCgroupsManager:
+ case c.runtime.config.Engine.CgroupManager == config.CgroupfsCgroupsManager:
cgroupPath, err := c.CGroupPath()
if err != nil {
return "", err
@@ -1460,6 +1480,6 @@ func (c *Container) getOCICgroupPath() (string, error) {
logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath)
return cgroupPath, nil
default:
- return "", errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager %s requested", c.runtime.config.CgroupManager)
+ return "", errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager %s requested", c.runtime.config.Engine.CgroupManager)
}
}
diff --git a/libpod/define/config.go b/libpod/define/config.go
index c06c32471..5598f97a3 100644
--- a/libpod/define/config.go
+++ b/libpod/define/config.go
@@ -1,8 +1,6 @@
package define
var (
- // DefaultInitPath is the default path to the container-init binary
- DefaultInitPath = "/usr/libexec/podman/catatonit"
// DefaultInfraImage to use for infra container
DefaultInfraImage = "k8s.gcr.io/pause:3.2"
// DefaultInfraCommand to be run in an infra container
@@ -11,15 +9,9 @@ var (
DefaultSHMLockPath = "/libpod_lock"
// DefaultRootlessSHMLockPath is the default path for rootless SHM locks
DefaultRootlessSHMLockPath = "/libpod_rootless_lock"
- // DefaultDetachKeys is the default keys sequence for detaching a
- // container
- DefaultDetachKeys = "ctrl-p,ctrl-q"
)
const (
- // CtrRemoveTimeout is the default number of seconds to wait after stopping a container
- // before sending the kill signal
- CtrRemoveTimeout = 10
// DefaultTransport is a prefix that we apply to an image name
// to check docker hub first for the image
DefaultTransport = "docker://"
diff --git a/libpod/define/runtime.go b/libpod/define/runtime.go
index 4d8c6cb4d..1539e19ee 100644
--- a/libpod/define/runtime.go
+++ b/libpod/define/runtime.go
@@ -18,10 +18,6 @@ const (
SQLiteStateStore RuntimeStateStore = iota
// BoltDBStateStore is a state backed by a BoltDB database
BoltDBStateStore RuntimeStateStore = iota
- // CgroupfsCgroupsManager represents cgroupfs native cgroup manager
- CgroupfsCgroupsManager = "cgroupfs"
- // SystemdCgroupsManager represents systemd native cgroup manager
- SystemdCgroupsManager = "systemd"
// ContainerCreateTimeout is the timeout before we decide we've failed
// to create a container.
// TODO: Make this generic - all OCI runtime operations should use the
@@ -29,9 +25,4 @@ const (
// TODO: Consider dropping from 240 to 60 seconds. I don't think waiting
// 4 minutes versus 1 minute makes a real difference.
ContainerCreateTimeout = 240 * time.Second
- // DefaultShmSize is the default shm size
- DefaultShmSize = 64 * 1024 * 1024
- // NsRunDir is the default directory in which running network namespaces
- // are stored
- NsRunDir = "/var/run/netns"
)
diff --git a/libpod/events.go b/libpod/events.go
index be21e510a..20ebecc66 100644
--- a/libpod/events.go
+++ b/libpod/events.go
@@ -11,8 +11,8 @@ import (
// newEventer returns an eventer that can be used to read/write events
func (r *Runtime) newEventer() (events.Eventer, error) {
options := events.EventerOptions{
- EventerType: r.config.EventsLogger,
- LogFilePath: r.config.EventsLogFilePath,
+ EventerType: r.config.Engine.EventsLogger,
+ LogFilePath: r.config.Engine.EventsLogFilePath,
}
return events.NewEventer(options)
}
diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go
index ca562ab7e..2f802f333 100644
--- a/libpod/in_memory_state.go
+++ b/libpod/in_memory_state.go
@@ -3,7 +3,6 @@ package libpod
import (
"strings"
- "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/registrar"
"github.com/containers/storage/pkg/truncindex"
@@ -90,8 +89,8 @@ func (s *InMemoryState) Refresh() error {
// GetDBConfig is not implemented for in-memory state.
// As we do not store a config, return an empty one.
-func (s *InMemoryState) GetDBConfig() (*config.DBConfig, error) {
- return &config.DBConfig{}, nil
+func (s *InMemoryState) GetDBConfig() (*DBConfig, error) {
+ return &DBConfig{}, nil
}
// ValidateDBConfig is not implemented for the in-memory state.
diff --git a/libpod/info.go b/libpod/info.go
index e5c075d97..8d411f0d4 100644
--- a/libpod/info.go
+++ b/libpod/info.go
@@ -165,7 +165,7 @@ func (r *Runtime) storeInfo() (map[string]interface{}, error) {
}
}
info["GraphOptions"] = graphOptions
- info["VolumePath"] = r.config.VolumePath
+ info["VolumePath"] = r.config.Engine.VolumePath
configFile, err := storage.DefaultConfigFile(rootless.IsRootless())
if err != nil {
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index ab6ec4439..c3a90f481 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -148,7 +148,7 @@ func (r *Runtime) createNetNS(ctr *Container) (n ns.NetNS, q []*cnitypes.Result,
logrus.Debugf("Made network namespace at %s for container %s", ctrNS.Path(), ctr.ID())
networkStatus := []*cnitypes.Result{}
- if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" {
+ if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() {
networkStatus, err = r.configureNetNS(ctr, ctrNS)
}
return ctrNS, networkStatus, err
@@ -177,7 +177,7 @@ func checkSlirpFlags(path string) (*slirpFeatures, error) {
// Configure the network namespace for a rootless container
func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) {
- path := r.config.NetworkCmdPath
+ path := r.config.Engine.NetworkCmdPath
if path == "" {
var err error
@@ -196,7 +196,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) {
defer errorhandling.CloseQuiet(syncW)
havePortMapping := len(ctr.Config().PortMappings) > 0
- logPath := filepath.Join(ctr.runtime.config.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID))
+ logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID))
cmdArgs := []string{}
slirpFeatures, err := checkSlirpFlags(path)
@@ -338,7 +338,7 @@ func (r *Runtime) setupRootlessPortMapping(ctr *Container, netnsPath string) (er
defer errorhandling.CloseQuiet(syncR)
defer errorhandling.CloseQuiet(syncW)
- logPath := filepath.Join(ctr.runtime.config.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID))
+ logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID))
logFile, err := os.Create(logPath)
if err != nil {
return errors.Wrapf(err, "failed to open rootlessport log file %s", logPath)
@@ -362,7 +362,7 @@ func (r *Runtime) setupRootlessPortMapping(ctr *Container, netnsPath string) (er
NetNSPath: netnsPath,
ExitFD: 3,
ReadyFD: 4,
- TmpDir: ctr.runtime.config.TmpDir,
+ TmpDir: ctr.runtime.config.Engine.TmpDir,
}
cfgJSON, err := json.Marshal(cfg)
if err != nil {
@@ -485,7 +485,7 @@ func (r *Runtime) teardownNetNS(ctr *Container) error {
logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID())
// rootless containers do not use the CNI plugin
- if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" {
+ if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() {
var requestedIP net.IP
if ctr.requestedIP != nil {
requestedIP = ctr.requestedIP
diff --git a/libpod/oci_attach_linux.go b/libpod/oci_attach_linux.go
index 5fc46c31c..433993edb 100644
--- a/libpod/oci_attach_linux.go
+++ b/libpod/oci_attach_linux.go
@@ -9,6 +9,7 @@ import (
"os"
"path/filepath"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/errorhandling"
"github.com/containers/libpod/pkg/kubeutils"
@@ -104,7 +105,7 @@ func (c *Container) attachToExec(streams *AttachStreams, keys *string, sessionID
defer errorhandling.CloseQuiet(startFd)
defer errorhandling.CloseQuiet(attachFd)
- detachString := define.DefaultDetachKeys
+ detachString := config.DefaultDetachKeys
if keys != nil {
detachString = *keys
}
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 6d9a976cb..ce888c690 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -20,8 +20,8 @@ import (
"text/template"
"time"
+ "github.com/containers/common/pkg/config"
conmonConfig "github.com/containers/conmon/runner/config"
- "github.com/containers/libpod/libpod/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/errorhandling"
@@ -80,13 +80,13 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
runtime.name = name
runtime.conmonPath = conmonPath
- runtime.conmonEnv = runtimeCfg.ConmonEnvVars
- runtime.cgroupManager = runtimeCfg.CgroupManager
- runtime.tmpDir = runtimeCfg.TmpDir
- runtime.logSizeMax = runtimeCfg.MaxLogSize
- runtime.noPivot = runtimeCfg.NoPivotRoot
- runtime.reservePorts = runtimeCfg.EnablePortReservation
- runtime.sdNotify = runtimeCfg.SDNotify
+ runtime.conmonEnv = runtimeCfg.Engine.ConmonEnvVars
+ runtime.cgroupManager = runtimeCfg.Engine.CgroupManager
+ runtime.tmpDir = runtimeCfg.Engine.TmpDir
+ runtime.logSizeMax = runtimeCfg.Containers.LogSizeMax
+ runtime.noPivot = runtimeCfg.Engine.NoPivotRoot
+ runtime.reservePorts = runtimeCfg.Engine.EnablePortReservation
+ runtime.sdNotify = runtimeCfg.Engine.SDNotify
// TODO: probe OCI runtime for feature and enable automatically if
// available.
@@ -127,7 +127,7 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime
runtime.exitsDir = filepath.Join(runtime.tmpDir, "exits")
runtime.socketsDir = filepath.Join(runtime.tmpDir, "socket")
- if runtime.cgroupManager != define.CgroupfsCgroupsManager && runtime.cgroupManager != define.SystemdCgroupsManager {
+ if runtime.cgroupManager != config.CgroupfsCgroupsManager && runtime.cgroupManager != config.SystemdCgroupsManager {
return nil, errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager specified: %s", runtime.cgroupManager)
}
@@ -177,7 +177,7 @@ func hasCurrentUserMapped(ctr *Container) bool {
// CreateContainer creates a container.
func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error) {
if !hasCurrentUserMapped(ctr) {
- for _, i := range []string{ctr.state.RunDir, ctr.runtime.config.TmpDir, ctr.config.StaticDir, ctr.state.Mountpoint, ctr.runtime.config.VolumePath} {
+ for _, i := range []string{ctr.state.RunDir, ctr.runtime.config.Engine.TmpDir, ctr.config.StaticDir, ctr.state.Mountpoint, ctr.runtime.config.Engine.VolumePath} {
if err := makeAccessible(i, ctr.RootUID(), ctr.RootGID()); err != nil {
return err
}
@@ -519,7 +519,7 @@ func (r *ConmonOCIRuntime) HTTPAttach(ctr *Container, httpConn net.Conn, httpBuf
logrus.Debugf("Successfully connected to container %s attach socket %s", ctr.ID(), socketPath)
- detachString := define.DefaultDetachKeys
+ detachString := ctr.runtime.config.Engine.DetachKeys
if detachKeys != nil {
detachString = *detachKeys
}
@@ -1365,7 +1365,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*o
func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath, logTag string) []string {
// set the conmon API version to be able to use the correct sync struct keys
args := []string{"--api-version", "1"}
- if r.cgroupManager == define.SystemdCgroupsManager && !ctr.config.NoCgroups {
+ if r.cgroupManager == config.SystemdCgroupsManager && !ctr.config.NoCgroups {
args = append(args, "-s")
}
args = append(args, "-c", ctr.ID())
@@ -1483,7 +1483,7 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec
if mustCreateCgroup {
cgroupParent := ctr.CgroupParent()
- if r.cgroupManager == define.SystemdCgroupsManager {
+ if r.cgroupManager == config.SystemdCgroupsManager {
unitName := createUnitName("libpod-conmon", ctr.ID())
realCgroupParent := cgroupParent
diff --git a/libpod/oci_conmon_unsupported.go b/libpod/oci_conmon_unsupported.go
index a2f52f527..395b6f6d9 100644
--- a/libpod/oci_conmon_unsupported.go
+++ b/libpod/oci_conmon_unsupported.go
@@ -3,7 +3,8 @@
package libpod
import (
- "github.com/containers/libpod/libpod/config"
+ "github.com/containers/common/pkg/config"
+
"github.com/containers/libpod/libpod/define"
)
diff --git a/libpod/oci_missing.go b/libpod/oci_missing.go
index 326591d89..a5d589255 100644
--- a/libpod/oci_missing.go
+++ b/libpod/oci_missing.go
@@ -50,7 +50,7 @@ func getMissingRuntime(name string, r *Runtime) (OCIRuntime, error) {
newRuntime := new(MissingRuntime)
newRuntime.name = name
- newRuntime.exitsDir = filepath.Join(r.config.TmpDir, "exits")
+ newRuntime.exitsDir = filepath.Join(r.config.Engine.TmpDir, "exits")
missingRuntimes[name] = newRuntime
diff --git a/libpod/options.go b/libpod/options.go
index 74f9c485e..dfbec364a 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -7,6 +7,7 @@ import (
"regexp"
"syscall"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/manifest"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
@@ -42,48 +43,48 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption {
setField := false
if config.RunRoot != "" {
- rt.config.StorageConfig.RunRoot = config.RunRoot
- rt.config.StorageConfigRunRootSet = true
+ rt.storageConfig.RunRoot = config.RunRoot
+ rt.storageSet.RunRootSet = true
setField = true
}
if config.GraphRoot != "" {
- rt.config.StorageConfig.GraphRoot = config.GraphRoot
- rt.config.StorageConfigGraphRootSet = true
+ rt.storageConfig.GraphRoot = config.GraphRoot
+ rt.storageSet.GraphRootSet = true
// Also set libpod static dir, so we are a subdirectory
// of the c/storage store by default
- rt.config.StaticDir = filepath.Join(config.GraphRoot, "libpod")
- rt.config.StaticDirSet = true
+ rt.config.Engine.StaticDir = filepath.Join(config.GraphRoot, "libpod")
+ rt.storageSet.StaticDirSet = true
// Also set libpod volume path, so we are a subdirectory
// of the c/storage store by default
- rt.config.VolumePath = filepath.Join(config.GraphRoot, "volumes")
- rt.config.VolumePathSet = true
+ rt.config.Engine.VolumePath = filepath.Join(config.GraphRoot, "volumes")
+ rt.storageSet.VolumePathSet = true
setField = true
}
if config.GraphDriverName != "" {
- rt.config.StorageConfig.GraphDriverName = config.GraphDriverName
- rt.config.StorageConfigGraphDriverNameSet = true
+ rt.storageConfig.GraphDriverName = config.GraphDriverName
+ rt.storageSet.GraphDriverNameSet = true
setField = true
}
if config.GraphDriverOptions != nil {
- rt.config.StorageConfig.GraphDriverOptions = make([]string, len(config.GraphDriverOptions))
- copy(rt.config.StorageConfig.GraphDriverOptions, config.GraphDriverOptions)
+ rt.storageConfig.GraphDriverOptions = make([]string, len(config.GraphDriverOptions))
+ copy(rt.storageConfig.GraphDriverOptions, config.GraphDriverOptions)
setField = true
}
if config.UIDMap != nil {
- rt.config.StorageConfig.UIDMap = make([]idtools.IDMap, len(config.UIDMap))
- copy(rt.config.StorageConfig.UIDMap, config.UIDMap)
+ rt.storageConfig.UIDMap = make([]idtools.IDMap, len(config.UIDMap))
+ copy(rt.storageConfig.UIDMap, config.UIDMap)
}
if config.GIDMap != nil {
- rt.config.StorageConfig.GIDMap = make([]idtools.IDMap, len(config.GIDMap))
- copy(rt.config.StorageConfig.GIDMap, config.GIDMap)
+ rt.storageConfig.GIDMap = make([]idtools.IDMap, len(config.GIDMap))
+ copy(rt.storageConfig.GIDMap, config.GIDMap)
}
// If any one of runroot, graphroot, graphdrivername,
@@ -94,11 +95,11 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption {
if err != nil {
return err
}
- if rt.config.StorageConfig.GraphRoot == "" {
- rt.config.StorageConfig.GraphRoot = storeOpts.GraphRoot
+ if rt.storageConfig.GraphRoot == "" {
+ rt.storageConfig.GraphRoot = storeOpts.GraphRoot
}
- if rt.config.StorageConfig.RunRoot == "" {
- rt.config.StorageConfig.RunRoot = storeOpts.RunRoot
+ if rt.storageConfig.RunRoot == "" {
+ rt.storageConfig.RunRoot = storeOpts.RunRoot
}
}
@@ -113,7 +114,7 @@ func WithDefaultTransport(defaultTransport string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.ImageDefaultTransport = defaultTransport
+ rt.config.Engine.ImageDefaultTransport = defaultTransport
return nil
}
@@ -129,7 +130,7 @@ func WithSignaturePolicy(path string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.SignaturePolicyPath = path
+ rt.config.Engine.SignaturePolicyPath = path
return nil
}
@@ -139,17 +140,17 @@ func WithSignaturePolicy(path string) RuntimeOption {
// Please note that information is not portable between backing states.
// As such, if this differs between two libpods running on the same system,
// they will not share containers, and unspecified behavior may occur.
-func WithStateType(storeType define.RuntimeStateStore) RuntimeOption {
+func WithStateType(storeType config.RuntimeStateStore) RuntimeOption {
return func(rt *Runtime) error {
if rt.valid {
return define.ErrRuntimeFinalized
}
- if storeType == define.InvalidStateStore {
+ if storeType == config.InvalidStateStore {
return errors.Wrapf(define.ErrInvalidArg, "must provide a valid state store type")
}
- rt.config.StateType = storeType
+ rt.config.Engine.StateType = storeType
return nil
}
@@ -166,8 +167,7 @@ func WithOCIRuntime(runtime string) RuntimeOption {
return errors.Wrapf(define.ErrInvalidArg, "must provide a valid path")
}
- rt.config.OCIRuntime = runtime
- rt.config.RuntimePath = nil
+ rt.config.Engine.OCIRuntime = runtime
return nil
}
@@ -185,7 +185,7 @@ func WithConmonPath(path string) RuntimeOption {
return errors.Wrapf(define.ErrInvalidArg, "must provide a valid path")
}
- rt.config.ConmonPath = []string{path}
+ rt.config.Engine.ConmonPath = []string{path}
return nil
}
@@ -198,8 +198,8 @@ func WithConmonEnv(environment []string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.ConmonEnvVars = make([]string, len(environment))
- copy(rt.config.ConmonEnvVars, environment)
+ rt.config.Engine.ConmonEnvVars = make([]string, len(environment))
+ copy(rt.config.Engine.ConmonEnvVars, environment)
return nil
}
@@ -213,7 +213,7 @@ func WithNetworkCmdPath(path string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.NetworkCmdPath = path
+ rt.config.Engine.NetworkCmdPath = path
return nil
}
@@ -228,12 +228,12 @@ func WithCgroupManager(manager string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- if manager != define.CgroupfsCgroupsManager && manager != define.SystemdCgroupsManager {
+ if manager != config.CgroupfsCgroupsManager && manager != config.SystemdCgroupsManager {
return errors.Wrapf(define.ErrInvalidArg, "CGroup manager must be one of %s and %s",
- define.CgroupfsCgroupsManager, define.SystemdCgroupsManager)
+ config.CgroupfsCgroupsManager, config.SystemdCgroupsManager)
}
- rt.config.CgroupManager = manager
+ rt.config.Engine.CgroupManager = manager
return nil
}
@@ -247,8 +247,8 @@ func WithStaticDir(dir string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.StaticDir = dir
- rt.config.StaticDirSet = true
+ rt.config.Engine.StaticDir = dir
+ rt.config.Engine.StaticDirSet = true
return nil
}
@@ -267,7 +267,7 @@ func WithHooksDir(hooksDirs ...string) RuntimeOption {
}
}
- rt.config.HooksDir = hooksDirs
+ rt.config.Engine.HooksDir = hooksDirs
return nil
}
}
@@ -285,7 +285,7 @@ func WithDefaultMountsFile(mountsFile string) RuntimeOption {
if mountsFile == "" {
return define.ErrInvalidArg
}
- rt.config.DefaultMountsFile = mountsFile
+ rt.config.Containers.DefaultMountsFile = mountsFile
return nil
}
}
@@ -298,8 +298,8 @@ func WithTmpDir(dir string) RuntimeOption {
if rt.valid {
return define.ErrRuntimeFinalized
}
- rt.config.TmpDir = dir
- rt.config.TmpDirSet = true
+ rt.config.Engine.TmpDir = dir
+ rt.config.Engine.TmpDirSet = true
return nil
}
@@ -322,7 +322,7 @@ func WithMaxLogSize(limit int64) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.MaxLogSize = limit
+ rt.config.Containers.LogSizeMax = limit
return nil
}
@@ -336,7 +336,7 @@ func WithNoPivotRoot() RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.NoPivotRoot = true
+ rt.config.Engine.NoPivotRoot = true
return nil
}
@@ -349,7 +349,7 @@ func WithCNIConfigDir(dir string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.CNIConfigDir = dir
+ rt.config.Network.NetworkConfigDir = dir
return nil
}
@@ -362,7 +362,7 @@ func WithCNIPluginDir(dir string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.CNIPluginDir = []string{dir}
+ rt.config.Network.CNIPluginDirs = []string{dir}
return nil
}
@@ -382,7 +382,7 @@ func WithNamespace(ns string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.Namespace = ns
+ rt.config.Engine.Namespace = ns
return nil
}
@@ -397,8 +397,8 @@ func WithVolumePath(volPath string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.VolumePath = volPath
- rt.config.VolumePathSet = true
+ rt.config.Engine.VolumePath = volPath
+ rt.config.Engine.VolumePathSet = true
return nil
}
@@ -415,7 +415,7 @@ func WithDefaultInfraImage(img string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.InfraImage = img
+ rt.config.Engine.InfraImage = img
return nil
}
@@ -429,7 +429,7 @@ func WithDefaultInfraCommand(cmd string) RuntimeOption {
return define.ErrRuntimeFinalized
}
- rt.config.InfraCommand = cmd
+ rt.config.Engine.InfraCommand = cmd
return nil
}
@@ -452,7 +452,7 @@ func WithRenumber() RuntimeOption {
}
// WithMigrate instructs libpod to migrate container configurations to account
-// for changes between Libpod versions. All running containers will be stopped
+// for changes between Engine versions. All running containers will be stopped
// during a migration, then restarted after the migration is complete.
func WithMigrate() RuntimeOption {
return func(rt *Runtime) error {
@@ -466,10 +466,10 @@ func WithMigrate() RuntimeOption {
}
}
-// WithMigrateRuntime instructs Libpod to change the default OCI runtime on all
+// WithMigrateRuntime instructs Engine to change the default OCI runtime on all
// containers during a migration. This is not used if `MigrateRuntime()` is not
// also passed.
-// Libpod makes no promises that your containers continue to work with the new
+// Engine makes no promises that your containers continue to work with the new
// runtime - migrations between dissimilar runtimes may well break things.
// Use with caution.
func WithMigrateRuntime(requestedRuntime string) RuntimeOption {
@@ -501,7 +501,7 @@ func WithEventsLogger(logger string) RuntimeOption {
return errors.Wrapf(define.ErrInvalidArg, "%q is not a valid events backend", logger)
}
- rt.config.EventsLogger = logger
+ rt.config.Engine.EventsLogger = logger
return nil
}
@@ -511,7 +511,7 @@ func WithEventsLogger(logger string) RuntimeOption {
// listening
func WithEnableSDNotify() RuntimeOption {
return func(rt *Runtime) error {
- rt.config.SDNotify = true
+ rt.config.Engine.SDNotify = true
return nil
}
}
@@ -1094,7 +1094,8 @@ func WithDNS(dnsServers []string) CtrCreateOption {
}
dns = append(dns, result)
}
- ctr.config.DNSServer = dns
+ ctr.config.DNSServer = append(ctr.config.DNSServer, dns...)
+
return nil
}
}
@@ -1105,7 +1106,10 @@ func WithDNSOption(dnsOptions []string) CtrCreateOption {
if ctr.valid {
return define.ErrCtrFinalized
}
- ctr.config.DNSOption = dnsOptions
+ if ctr.config.UseImageResolvConf {
+ return errors.Wrapf(define.ErrInvalidArg, "cannot add DNS options if container will not create /etc/resolv.conf")
+ }
+ ctr.config.DNSOption = append(ctr.config.DNSOption, dnsOptions...)
return nil
}
}
diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go
index b5895d133..851f52a4e 100644
--- a/libpod/pod_internal.go
+++ b/libpod/pod_internal.go
@@ -5,6 +5,7 @@ import (
"path/filepath"
"time"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/storage/pkg/stringid"
"github.com/pkg/errors"
@@ -65,19 +66,19 @@ func (p *Pod) refresh() error {
// We need to recreate the pod's cgroup
if p.config.UsePodCgroup {
- switch p.runtime.config.CgroupManager {
- case define.SystemdCgroupsManager:
+ switch p.runtime.config.Engine.CgroupManager {
+ case config.SystemdCgroupsManager:
cgroupPath, err := systemdSliceFromPath(p.config.CgroupParent, fmt.Sprintf("libpod_pod_%s", p.ID()))
if err != nil {
logrus.Errorf("Error creating CGroup for pod %s: %v", p.ID(), err)
}
p.state.CgroupPath = cgroupPath
- case define.CgroupfsCgroupsManager:
+ case config.CgroupfsCgroupsManager:
p.state.CgroupPath = filepath.Join(p.config.CgroupParent, p.ID())
logrus.Debugf("setting pod cgroup to %s", p.state.CgroupPath)
default:
- return errors.Wrapf(define.ErrInvalidArg, "unknown cgroups manager %s specified", p.runtime.config.CgroupManager)
+ return errors.Wrapf(define.ErrInvalidArg, "unknown cgroups manager %s specified", p.runtime.config.Engine.CgroupManager)
}
}
diff --git a/libpod/reset.go b/libpod/reset.go
index ae0a0cde9..c6754b7f6 100644
--- a/libpod/reset.go
+++ b/libpod/reset.go
@@ -88,14 +88,13 @@ func (r *Runtime) Reset(ctx context.Context) error {
}
prevError = err
}
-
runtimeDir, err := util.GetRuntimeDir()
if err != nil {
return err
}
- tempDir := r.config.TmpDir
- if r.config.TmpDir == runtimeDir {
- tempDir = filepath.Join(r.config.TmpDir, "containers")
+ tempDir := r.config.Engine.TmpDir
+ if tempDir == runtimeDir {
+ tempDir = filepath.Join(tempDir, "containers")
}
if err := os.RemoveAll(tempDir); err != nil {
if prevError != nil {
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 8dcec82db..422b79359 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -11,11 +11,13 @@ import (
is "github.com/containers/image/v5/storage"
"github.com/containers/image/v5/types"
- "github.com/containers/libpod/libpod/config"
+
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/libpod/lock"
+ "github.com/containers/libpod/pkg/cgroups"
sysreg "github.com/containers/libpod/pkg/registries"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/util"
@@ -30,9 +32,20 @@ import (
// NewRuntime
type RuntimeOption func(*Runtime) error
+type storageSet struct {
+ RunRootSet bool
+ GraphRootSet bool
+ StaticDirSet bool
+ VolumePathSet bool
+ GraphDriverNameSet bool
+ TmpDirSet bool
+}
+
// Runtime is the core libpod runtime
type Runtime struct {
- config *config.Config
+ config *config.Config
+ storageConfig storage.StoreOptions
+ storageSet storageSet
state State
store storage.Store
@@ -116,7 +129,12 @@ func SetXdgDirs() error {
// NewRuntime creates a new container runtime
// Options can be passed to override the default configuration for the runtime
func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime, err error) {
- return newRuntimeFromConfig(ctx, "", options...)
+ conf, err := config.NewConfig("")
+ if err != nil {
+ return nil, err
+ }
+ conf.CheckCgroupsAndAdjustConfig()
+ return newRuntimeFromConfig(ctx, conf, options...)
}
// NewRuntimeFromConfig creates a new container runtime using the given
@@ -124,21 +142,29 @@ func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime
// functions can be used to mutate this configuration further.
// An error will be returned if the configuration file at the given path does
// not exist or cannot be loaded
-func NewRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) {
- if userConfigPath == "" {
- return nil, errors.New("invalid configuration file specified")
- }
- return newRuntimeFromConfig(ctx, userConfigPath, options...)
+func NewRuntimeFromConfig(ctx context.Context, userConfig *config.Config, options ...RuntimeOption) (runtime *Runtime, err error) {
+
+ return newRuntimeFromConfig(ctx, userConfig, options...)
}
-func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) {
+func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...RuntimeOption) (runtime *Runtime, err error) {
runtime = new(Runtime)
- conf, err := config.NewConfig(userConfigPath)
+ if conf.Engine.OCIRuntime == "" {
+ conf.Engine.OCIRuntime = "runc"
+ // If we're running on cgroups v2, default to using crun.
+ if onCgroupsv2, _ := cgroups.IsCgroup2UnifiedMode(); onCgroupsv2 {
+ conf.Engine.OCIRuntime = "crun"
+ }
+ }
+
+ runtime.config = conf
+
+ storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID())
if err != nil {
return nil, err
}
- runtime.config = conf
+ runtime.storageConfig = storeOpts
// Overwrite config with user-given configuration options
for _, opt := range options {
@@ -157,9 +183,9 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
var err error
var manager lock.Manager
- switch runtime.config.LockType {
+ switch runtime.config.Engine.LockType {
case "file":
- lockPath := filepath.Join(runtime.config.TmpDir, "locks")
+ lockPath := filepath.Join(runtime.config.Engine.TmpDir, "locks")
manager, err = lock.OpenFileLockManager(lockPath)
if err != nil {
if os.IsNotExist(errors.Cause(err)) {
@@ -178,11 +204,11 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
lockPath = fmt.Sprintf("%s_%d", define.DefaultRootlessSHMLockPath, rootless.GetRootlessUID())
}
// Set up the lock manager
- manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.NumLocks)
+ manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.Engine.NumLocks)
if err != nil {
switch {
case os.IsNotExist(errors.Cause(err)):
- manager, err = lock.NewSHMLockManager(lockPath, runtime.config.NumLocks)
+ manager, err = lock.NewSHMLockManager(lockPath, runtime.config.Engine.NumLocks)
if err != nil {
return nil, errors.Wrapf(err, "failed to get new shm lock manager")
}
@@ -196,7 +222,7 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
return nil, errors.Wrapf(err, "error removing libpod locks file %s", lockPath)
}
- manager, err = lock.NewSHMLockManager(lockPath, runtime.config.NumLocks)
+ manager, err = lock.NewSHMLockManager(lockPath, runtime.config.Engine.NumLocks)
if err != nil {
return nil, err
}
@@ -205,7 +231,7 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) {
}
}
default:
- return nil, errors.Wrapf(define.ErrInvalidArg, "unknown lock type %s", runtime.config.LockType)
+ return nil, errors.Wrapf(define.ErrInvalidArg, "unknown lock type %s", runtime.config.Engine.LockType)
}
return manager, nil
}
@@ -221,11 +247,11 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
runtime.conmonPath = cPath
// Make the static files directory if it does not exist
- if err := os.MkdirAll(runtime.config.StaticDir, 0700); err != nil {
+ if err := os.MkdirAll(runtime.config.Engine.StaticDir, 0700); err != nil {
// The directory is allowed to exist
if !os.IsExist(err) {
return errors.Wrapf(err, "error creating runtime static files directory %s",
- runtime.config.StaticDir)
+ runtime.config.Engine.StaticDir)
}
}
@@ -235,17 +261,17 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
// libpod/state, the config could take care of the code below. It
// would further allow to move the types and consts into a coherent
// package.
- switch runtime.config.StateType {
- case define.InMemoryStateStore:
+ switch runtime.config.Engine.StateType {
+ case config.InMemoryStateStore:
state, err := NewInMemoryState()
if err != nil {
return err
}
runtime.state = state
- case define.SQLiteStateStore:
+ case config.SQLiteStateStore:
return errors.Wrapf(define.ErrInvalidArg, "SQLite state is currently disabled")
- case define.BoltDBStateStore:
- dbPath := filepath.Join(runtime.config.StaticDir, "bolt_state.db")
+ case config.BoltDBStateStore:
+ dbPath := filepath.Join(runtime.config.Engine.StaticDir, "bolt_state.db")
state, err := NewBoltState(dbPath, runtime)
if err != nil {
@@ -253,7 +279,7 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
runtime.state = state
default:
- return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed (%v)", runtime.config.StateType)
+ return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed (%v)", runtime.config.Engine.StateType)
}
// Grab config from the database so we can reset some defaults
@@ -262,16 +288,16 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
return errors.Wrapf(err, "error retrieving runtime configuration from database")
}
- if err := runtime.config.MergeDBConfig(dbConfig); err != nil {
+ if err := runtime.mergeDBConfig(dbConfig); err != nil {
return errors.Wrapf(err, "error merging database config into runtime config")
}
- logrus.Debugf("Using graph driver %s", runtime.config.StorageConfig.GraphDriverName)
- logrus.Debugf("Using graph root %s", runtime.config.StorageConfig.GraphRoot)
- logrus.Debugf("Using run root %s", runtime.config.StorageConfig.RunRoot)
- logrus.Debugf("Using static dir %s", runtime.config.StaticDir)
- logrus.Debugf("Using tmp dir %s", runtime.config.TmpDir)
- logrus.Debugf("Using volume path %s", runtime.config.VolumePath)
+ logrus.Debugf("Using graph driver %s", runtime.storageConfig.GraphDriverName)
+ logrus.Debugf("Using graph root %s", runtime.storageConfig.GraphRoot)
+ logrus.Debugf("Using run root %s", runtime.storageConfig.RunRoot)
+ logrus.Debugf("Using static dir %s", runtime.config.Engine.StaticDir)
+ logrus.Debugf("Using tmp dir %s", runtime.config.Engine.TmpDir)
+ logrus.Debugf("Using volume path %s", runtime.config.Engine.VolumePath)
// Validate our config against the database, now that we've set our
// final storage configuration
@@ -279,10 +305,10 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
return err
}
- if err := runtime.state.SetNamespace(runtime.config.Namespace); err != nil {
+ if err := runtime.state.SetNamespace(runtime.config.Engine.Namespace); err != nil {
return errors.Wrapf(err, "error setting libpod namespace in state")
}
- logrus.Debugf("Set libpod namespace to %q", runtime.config.Namespace)
+ logrus.Debugf("Set libpod namespace to %q", runtime.config.Engine.Namespace)
// Set up containers/storage
var store storage.Store
@@ -316,66 +342,40 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
// Set up containers/image
runtime.imageContext = &types.SystemContext{
- SignaturePolicyPath: runtime.config.SignaturePolicyPath,
+ SignaturePolicyPath: runtime.config.Engine.SignaturePolicyPath,
}
// Create the tmpDir
- if err := os.MkdirAll(runtime.config.TmpDir, 0751); err != nil {
+ if err := os.MkdirAll(runtime.config.Engine.TmpDir, 0751); err != nil {
// The directory is allowed to exist
if !os.IsExist(err) {
- return errors.Wrapf(err, "error creating tmpdir %s", runtime.config.TmpDir)
+ return errors.Wrapf(err, "error creating tmpdir %s", runtime.config.Engine.TmpDir)
}
}
// Create events log dir
- if err := os.MkdirAll(filepath.Dir(runtime.config.EventsLogFilePath), 0700); err != nil {
+ if err := os.MkdirAll(filepath.Dir(runtime.config.Engine.EventsLogFilePath), 0700); err != nil {
// The directory is allowed to exist
if !os.IsExist(err) {
- return errors.Wrapf(err, "error creating events dirs %s", filepath.Dir(runtime.config.EventsLogFilePath))
+ return errors.Wrapf(err, "error creating events dirs %s", filepath.Dir(runtime.config.Engine.EventsLogFilePath))
}
}
// Make lookup tables for runtime support
supportsJSON := make(map[string]bool)
supportsNoCgroups := make(map[string]bool)
- for _, r := range runtime.config.RuntimeSupportsJSON {
+ for _, r := range runtime.config.Engine.RuntimeSupportsJSON {
supportsJSON[r] = true
}
- for _, r := range runtime.config.RuntimeSupportsNoCgroups {
+ for _, r := range runtime.config.Engine.RuntimeSupportsNoCgroups {
supportsNoCgroups[r] = true
}
// Get us at least one working OCI runtime.
runtime.ociRuntimes = make(map[string]OCIRuntime)
- // Is the old runtime_path defined?
- if runtime.config.RuntimePath != nil {
- // Don't print twice in rootless mode.
- if os.Geteuid() == 0 {
- logrus.Warningf("The configuration is using `runtime_path`, which is deprecated and will be removed in future. Please use `runtimes` and `runtime`")
- logrus.Warningf("If you are using both `runtime_path` and `runtime`, the configuration from `runtime_path` is used")
- }
-
- if len(runtime.config.RuntimePath) == 0 {
- return errors.Wrapf(define.ErrInvalidArg, "empty runtime path array passed")
- }
-
- name := filepath.Base(runtime.config.RuntimePath[0])
-
- json := supportsJSON[name]
- nocgroups := supportsNoCgroups[name]
-
- ociRuntime, err := newConmonOCIRuntime(name, runtime.config.RuntimePath, runtime.conmonPath, runtime.config, json, nocgroups)
- if err != nil {
- return err
- }
-
- runtime.ociRuntimes[name] = ociRuntime
- runtime.defaultOCIRuntime = ociRuntime
- }
-
// Initialize remaining OCI runtimes
- for name, paths := range runtime.config.OCIRuntimes {
+ for name, paths := range runtime.config.Engine.OCIRuntimes {
json := supportsJSON[name]
nocgroups := supportsNoCgroups[name]
@@ -393,16 +393,16 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
// Do we have a default OCI runtime?
- if runtime.config.OCIRuntime != "" {
+ if runtime.config.Engine.OCIRuntime != "" {
// If the string starts with / it's a path to a runtime
// executable.
- if strings.HasPrefix(runtime.config.OCIRuntime, "/") {
- name := filepath.Base(runtime.config.OCIRuntime)
+ if strings.HasPrefix(runtime.config.Engine.OCIRuntime, "/") {
+ name := filepath.Base(runtime.config.Engine.OCIRuntime)
json := supportsJSON[name]
nocgroups := supportsNoCgroups[name]
- ociRuntime, err := newConmonOCIRuntime(name, []string{runtime.config.OCIRuntime}, runtime.conmonPath, runtime.config, json, nocgroups)
+ ociRuntime, err := newConmonOCIRuntime(name, []string{runtime.config.Engine.OCIRuntime}, runtime.conmonPath, runtime.config, json, nocgroups)
if err != nil {
return err
}
@@ -410,9 +410,9 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
runtime.ociRuntimes[name] = ociRuntime
runtime.defaultOCIRuntime = ociRuntime
} else {
- ociRuntime, ok := runtime.ociRuntimes[runtime.config.OCIRuntime]
+ ociRuntime, ok := runtime.ociRuntimes[runtime.config.Engine.OCIRuntime]
if !ok {
- return errors.Wrapf(define.ErrInvalidArg, "default OCI runtime %q not found", runtime.config.OCIRuntime)
+ return errors.Wrapf(define.ErrInvalidArg, "default OCI runtime %q not found", runtime.config.Engine.OCIRuntime)
}
runtime.defaultOCIRuntime = ociRuntime
}
@@ -429,17 +429,18 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
}
// Make the per-boot files directory if it does not exist
- if err := os.MkdirAll(runtime.config.TmpDir, 0755); err != nil {
+ if err := os.MkdirAll(runtime.config.Engine.TmpDir, 0755); err != nil {
// The directory is allowed to exist
if !os.IsExist(err) {
return errors.Wrapf(err, "error creating runtime temporary files directory %s",
- runtime.config.TmpDir)
+ runtime.config.Engine.TmpDir)
}
}
// Set up the CNI net plugin
if !rootless.IsRootless() {
- netPlugin, err := ocicni.InitCNI(runtime.config.CNIDefaultNetwork, runtime.config.CNIConfigDir, runtime.config.CNIPluginDir...)
+
+ netPlugin, err := ocicni.InitCNI(runtime.config.Network.DefaultNetwork, runtime.config.Network.NetworkConfigDir, runtime.config.Network.CNIPluginDirs...)
if err != nil {
return errors.Wrapf(err, "error configuring CNI network plugin")
}
@@ -449,8 +450,8 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) {
// We now need to see if the system has restarted
// We check for the presence of a file in our tmp directory to verify this
// This check must be locked to prevent races
- runtimeAliveLock := filepath.Join(runtime.config.TmpDir, "alive.lck")
- runtimeAliveFile := filepath.Join(runtime.config.TmpDir, "alive")
+ runtimeAliveLock := filepath.Join(runtime.config.Engine.TmpDir, "alive.lck")
+ runtimeAliveFile := filepath.Join(runtime.config.Engine.TmpDir, "alive")
aliveLock, err := storage.GetLockfile(runtimeAliveLock)
if err != nil {
return errors.Wrapf(err, "error acquiring runtime init lock")
@@ -587,7 +588,7 @@ func (r *Runtime) Shutdown(force bool) error {
logrus.Errorf("Error retrieving containers from database: %v", err)
} else {
for _, ctr := range ctrs {
- if err := ctr.StopWithTimeout(define.CtrRemoveTimeout); err != nil {
+ if err := ctr.StopWithTimeout(r.config.Engine.StopTimeout); err != nil {
logrus.Errorf("Error stopping container %s: %v", ctr.ID(), err)
}
}
@@ -733,7 +734,7 @@ func (r *Runtime) generateName() (string, error) {
// Configure store and image runtime
func (r *Runtime) configureStore() error {
- store, err := storage.GetStore(r.config.StorageConfig)
+ store, err := storage.GetStore(r.storageConfig)
if err != nil {
return err
}
@@ -750,9 +751,9 @@ func (r *Runtime) configureStore() error {
r.storageService = storageService
ir := image.NewImageRuntimeFromStore(r.store)
- ir.SignaturePolicyPath = r.config.SignaturePolicyPath
- ir.EventsLogFilePath = r.config.EventsLogFilePath
- ir.EventsLogger = r.config.EventsLogger
+ ir.SignaturePolicyPath = r.config.Engine.SignaturePolicyPath
+ ir.EventsLogFilePath = r.config.Engine.EventsLogFilePath
+ ir.EventsLogger = r.config.Engine.EventsLogger
r.imageRuntime = ir
@@ -775,3 +776,74 @@ func (r *Runtime) SystemContext() *types.SystemContext {
func (r *Runtime) GetOCIRuntimePath() string {
return r.defaultOCIRuntime.Path()
}
+
+// StorageConfig retrieves the storage options for the container runtime
+func (r *Runtime) StorageConfig() storage.StoreOptions {
+ return r.storageConfig
+}
+
+// DBConfig is a set of Libpod runtime configuration settings that are saved in
+// a State when it is first created, and can subsequently be retrieved.
+type DBConfig struct {
+ LibpodRoot string
+ LibpodTmp string
+ StorageRoot string
+ StorageTmp string
+ GraphDriver string
+ VolumePath string
+}
+
+// mergeDBConfig merges the configuration from the database.
+func (r *Runtime) mergeDBConfig(dbConfig *DBConfig) error {
+
+ c := r.config.Engine
+ if !r.storageSet.RunRootSet && dbConfig.StorageTmp != "" {
+ if r.storageConfig.RunRoot != dbConfig.StorageTmp &&
+ r.storageConfig.RunRoot != "" {
+ logrus.Debugf("Overriding run root %q with %q from database",
+ r.storageConfig.RunRoot, dbConfig.StorageTmp)
+ }
+ r.storageConfig.RunRoot = dbConfig.StorageTmp
+ }
+
+ if !r.storageSet.GraphRootSet && dbConfig.StorageRoot != "" {
+ if r.storageConfig.GraphRoot != dbConfig.StorageRoot &&
+ r.storageConfig.GraphRoot != "" {
+ logrus.Debugf("Overriding graph root %q with %q from database",
+ r.storageConfig.GraphRoot, dbConfig.StorageRoot)
+ }
+ r.storageConfig.GraphRoot = dbConfig.StorageRoot
+ }
+
+ if !r.storageSet.GraphDriverNameSet && dbConfig.GraphDriver != "" {
+ if r.storageConfig.GraphDriverName != dbConfig.GraphDriver &&
+ r.storageConfig.GraphDriverName != "" {
+ logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve",
+ r.storageConfig.GraphDriverName, dbConfig.GraphDriver)
+ }
+ r.storageConfig.GraphDriverName = dbConfig.GraphDriver
+ }
+
+ if !r.storageSet.StaticDirSet && dbConfig.LibpodRoot != "" {
+ if c.StaticDir != dbConfig.LibpodRoot && c.StaticDir != "" {
+ logrus.Debugf("Overriding static dir %q with %q from database", c.StaticDir, dbConfig.LibpodRoot)
+ }
+ c.StaticDir = dbConfig.LibpodRoot
+ }
+
+ if !r.storageSet.TmpDirSet && dbConfig.LibpodTmp != "" {
+ if c.TmpDir != dbConfig.LibpodTmp && c.TmpDir != "" {
+ logrus.Debugf("Overriding tmp dir %q with %q from database", c.TmpDir, dbConfig.LibpodTmp)
+ }
+ c.TmpDir = dbConfig.LibpodTmp
+ c.EventsLogFilePath = filepath.Join(dbConfig.LibpodTmp, "events", "events.log")
+ }
+
+ if !r.storageSet.VolumePathSet && dbConfig.VolumePath != "" {
+ if c.VolumePath != dbConfig.VolumePath && c.VolumePath != "" {
+ logrus.Debugf("Overriding volume path %q with %q from database", c.VolumePath, dbConfig.VolumePath)
+ }
+ c.VolumePath = dbConfig.VolumePath
+ }
+ return nil
+}
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index b99e6df84..207ac6477 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -8,11 +8,13 @@ import (
"strings"
"time"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage/pkg/stringid"
+ "github.com/docker/go-units"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
"github.com/opentracing/opentracing-go"
@@ -59,7 +61,7 @@ func (r *Runtime) RestoreContainer(ctx context.Context, rSpec *spec.Spec, config
// If the path to ConmonPidFile starts with the default value (RunRoot), then
// the user has not specified '--conmon-pidfile' during run or create (probably).
// In that case reset ConmonPidFile to be set to the default value later.
- if strings.HasPrefix(ctr.config.ConmonPidFile, r.config.StorageConfig.RunRoot) {
+ if strings.HasPrefix(ctr.config.ConmonPidFile, r.storageConfig.RunRoot) {
ctr.config.ConmonPidFile = ""
}
@@ -76,7 +78,11 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
if config == nil {
ctr.config.ID = stringid.GenerateNonCryptoID()
- ctr.config.ShmSize = define.DefaultShmSize
+ size, err := units.FromHumanSize(r.config.Containers.ShmSize)
+ if err != nil {
+ return nil, errors.Wrapf(err, "converting containers.conf ShmSize %s to an int", r.config.Containers.ShmSize)
+ }
+ ctr.config.ShmSize = size
} else {
// This is a restore from an imported checkpoint
ctr.restoreFromCheckpoint = true
@@ -101,14 +107,14 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
ctr.state.BindMounts = make(map[string]string)
- ctr.config.StopTimeout = define.CtrRemoveTimeout
+ ctr.config.StopTimeout = r.config.Engine.StopTimeout
ctr.config.OCIRuntime = r.defaultOCIRuntime.Name()
// Set namespace based on current runtime namespace
// Do so before options run so they can override it
- if r.config.Namespace != "" {
- ctr.config.Namespace = r.config.Namespace
+ if r.config.Engine.Namespace != "" {
+ ctr.config.Namespace = r.config.Engine.Namespace
}
ctr.runtime = r
@@ -200,8 +206,8 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
// Check CGroup parent sanity, and set it if it was not set.
// Only if we're actually configuring CGroups.
if !ctr.config.NoCgroups {
- switch r.config.CgroupManager {
- case define.CgroupfsCgroupsManager:
+ switch r.config.Engine.CgroupManager {
+ case config.CgroupfsCgroupsManager:
if ctr.config.CgroupParent == "" {
if pod != nil && pod.config.UsePodCgroup {
podCgroup, err := pod.CgroupPath()
@@ -218,7 +224,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
} else if strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") {
return nil, errors.Wrapf(define.ErrInvalidArg, "systemd slice received as cgroup parent when using cgroupfs")
}
- case define.SystemdCgroupsManager:
+ case config.SystemdCgroupsManager:
if ctr.config.CgroupParent == "" {
switch {
case pod != nil && pod.config.UsePodCgroup:
@@ -236,7 +242,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
return nil, errors.Wrapf(define.ErrInvalidArg, "did not receive systemd slice as cgroup parent when using systemd to manage cgroups")
}
default:
- return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.CgroupManager)
+ return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.Engine.CgroupManager)
}
}
diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go
index 155ac83d9..06a7b3936 100644
--- a/libpod/runtime_pod_infra_linux.go
+++ b/libpod/runtime_pod_infra_linux.go
@@ -36,7 +36,7 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawIm
isRootless := rootless.IsRootless()
- entryCmd := []string{r.config.InfraCommand}
+ entryCmd := []string{r.config.Engine.InfraCommand}
var options []CtrCreateOption
// I've seen circumstances where config is being passed as nil.
// Let's err on the side of safety and make sure it's safe to use.
@@ -142,7 +142,7 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container,
return nil, define.ErrRuntimeStopped
}
- newImage, err := r.ImageRuntime().New(ctx, r.config.InfraImage, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing)
+ newImage, err := r.ImageRuntime().New(ctx, r.config.Engine.InfraImage, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing)
if err != nil {
return nil, err
}
@@ -154,5 +154,5 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container,
imageName := newImage.Names()[0]
imageID := data.ID
- return r.makeInfraContainer(ctx, p, imageName, r.config.InfraImage, imageID, data.Config)
+ return r.makeInfraContainer(ctx, p, imageName, r.config.Engine.InfraImage, imageID, data.Config)
}
diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go
index 4afd5760a..872e8ea8a 100644
--- a/libpod/runtime_pod_linux.go
+++ b/libpod/runtime_pod_linux.go
@@ -9,6 +9,7 @@ import (
"path/filepath"
"strings"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/pkg/cgroups"
@@ -34,8 +35,8 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
// Set default namespace to runtime's namespace
// Do so before options run so they can override it
- if r.config.Namespace != "" {
- pod.config.Namespace = r.config.Namespace
+ if r.config.Engine.Namespace != "" {
+ pod.config.Namespace = r.config.Engine.Namespace
}
for _, option := range options {
@@ -75,8 +76,8 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
pod.valid = true
// Check CGroup parent sanity, and set it if it was not set
- switch r.config.CgroupManager {
- case define.CgroupfsCgroupsManager:
+ switch r.config.Engine.CgroupManager {
+ case config.CgroupfsCgroupsManager:
if pod.config.CgroupParent == "" {
pod.config.CgroupParent = CgroupfsDefaultCgroupParent
} else if strings.HasSuffix(path.Base(pod.config.CgroupParent), ".slice") {
@@ -89,7 +90,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
if pod.config.UsePodCgroup {
pod.state.CgroupPath = filepath.Join(pod.config.CgroupParent, pod.ID())
}
- case define.SystemdCgroupsManager:
+ case config.SystemdCgroupsManager:
if pod.config.CgroupParent == "" {
if rootless.IsRootless() {
pod.config.CgroupParent = SystemdDefaultRootlessCgroupParent
@@ -109,7 +110,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
pod.state.CgroupPath = cgroupPath
}
default:
- return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.CgroupManager)
+ return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.Engine.CgroupManager)
}
if pod.config.UsePodCgroup {
@@ -198,7 +199,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
// the pod and conmon CGroups with a PID limit to prevent them from
// spawning any further processes (particularly cleanup processes) which
// would prevent removing the CGroups.
- if p.runtime.config.CgroupManager == define.CgroupfsCgroupsManager {
+ if p.runtime.config.Engine.CgroupManager == config.CgroupfsCgroupsManager {
// Get the conmon CGroup
conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon")
conmonCgroup, err := cgroups.Load(conmonCgroupPath)
@@ -272,8 +273,8 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
if p.state.CgroupPath != "" {
logrus.Debugf("Removing pod cgroup %s", p.state.CgroupPath)
- switch p.runtime.config.CgroupManager {
- case define.SystemdCgroupsManager:
+ switch p.runtime.config.Engine.CgroupManager {
+ case config.SystemdCgroupsManager:
if err := deleteSystemdCgroup(p.state.CgroupPath); err != nil {
if removalErr == nil {
removalErr = errors.Wrapf(err, "error removing pod %s cgroup", p.ID())
@@ -281,7 +282,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
logrus.Errorf("Error deleting pod %s cgroup %s: %v", p.ID(), p.state.CgroupPath, err)
}
}
- case define.CgroupfsCgroupsManager:
+ case config.CgroupfsCgroupsManager:
// Delete the cgroupfs cgroup
// Make sure the conmon cgroup is deleted first
// Since the pod is almost gone, don't bother failing
@@ -326,9 +327,9 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool)
// keep going so we make sure to evict the pod before
// ending up with an inconsistent state.
if removalErr == nil {
- removalErr = errors.Wrapf(define.ErrInternal, "unrecognized cgroup manager %s when removing pod %s cgroups", p.runtime.config.CgroupManager, p.ID())
+ removalErr = errors.Wrapf(define.ErrInternal, "unrecognized cgroup manager %s when removing pod %s cgroups", p.runtime.config.Engine.CgroupManager, p.ID())
} else {
- logrus.Errorf("Unknown cgroups manager %s specified - cannot remove pod %s cgroup", p.runtime.config.CgroupManager, p.ID())
+ logrus.Errorf("Unknown cgroups manager %s specified - cannot remove pod %s cgroup", p.runtime.config.Engine.CgroupManager, p.ID())
}
}
}
diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go
index e9cfda9d4..d4b46cc94 100644
--- a/libpod/runtime_volume_linux.go
+++ b/libpod/runtime_volume_linux.go
@@ -71,7 +71,7 @@ func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption)
}
// Create the mountpoint of this volume
- volPathRoot := filepath.Join(r.config.VolumePath, volume.config.Name)
+ volPathRoot := filepath.Join(r.config.Engine.VolumePath, volume.config.Name)
if err := os.MkdirAll(volPathRoot, 0700); err != nil {
return nil, errors.Wrapf(err, "error creating volume directory %q", volPathRoot)
}
diff --git a/libpod/state.go b/libpod/state.go
index 9690e5819..6206a2994 100644
--- a/libpod/state.go
+++ b/libpod/state.go
@@ -1,7 +1,5 @@
package libpod
-import "github.com/containers/libpod/libpod/config"
-
// State is a storage backend for libpod's current state.
// A State is only initialized once per instance of libpod.
// As such, initialization methods for State implementations may safely assume
@@ -28,7 +26,7 @@ type State interface {
// root and tmp dirs, and c/storage graph driver.
// This is not implemented by the in-memory state, as it has no need to
// validate runtime configuration.
- GetDBConfig() (*config.DBConfig, error)
+ GetDBConfig() (*DBConfig, error)
// ValidateDBConfig validates the config in the given Runtime struct
// against paths stored in the configured database.
diff --git a/libpod/state_test.go b/libpod/state_test.go
index 39937d8e4..db1c8dd99 100644
--- a/libpod/state_test.go
+++ b/libpod/state_test.go
@@ -8,7 +8,7 @@ import (
"testing"
"time"
- "github.com/containers/libpod/libpod/config"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock"
"github.com/containers/storage"
@@ -54,7 +54,7 @@ func getEmptyBoltState() (s State, p string, m lock.Manager, err error) {
runtime := new(Runtime)
runtime.config = new(config.Config)
- runtime.config.StorageConfig = storage.StoreOptions{}
+ runtime.storageConfig = storage.StoreOptions{}
runtime.lockManager = lockManager
state, err := NewBoltState(dbPath, runtime)
diff --git a/libpod/util.go b/libpod/util.go
index f79d6c09b..e9d234bbe 100644
--- a/libpod/util.go
+++ b/libpod/util.go
@@ -12,7 +12,8 @@ import (
"strings"
"time"
- "github.com/containers/libpod/libpod/config"
+ "github.com/containers/common/pkg/config"
+
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/utils"
"github.com/fsnotify/fsnotify"
diff --git a/libpod/volume_internal.go b/libpod/volume_internal.go
index e89b3484d..781ff77ca 100644
--- a/libpod/volume_internal.go
+++ b/libpod/volume_internal.go
@@ -23,7 +23,7 @@ func newVolume(runtime *Runtime) (*Volume, error) {
// teardownStorage deletes the volume from volumePath
func (v *Volume) teardownStorage() error {
- return os.RemoveAll(filepath.Join(v.runtime.config.VolumePath, v.Name()))
+ return os.RemoveAll(filepath.Join(v.runtime.config.Engine.VolumePath, v.Name()))
}
// Volumes with options set, or a filesystem type, or a device to mount need to