Pod Device Support

added support for pod devices. The device gets added to the infra container and
recreated in all containers that join the pod.

This required a new container config item to keep track of the original device passed in by the user before
the path was parsed into the container device.

Signed-off-by: cdoern <cdoern@redhat.com>

6 files changed, 59 insertions, 21 deletions

diff --git a/libpod/container.go b/libpod/container.go
index cf727926c..7d602326e 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -278,6 +278,11 @@ func (c *Container) Config() *ContainerConfig {
 	return returnConfig
 }
 
+// DeviceHostSrc returns the user supplied device to be passed down in the pod
+func (c *Container) DeviceHostSrc() []spec.LinuxDevice {
+	return c.config.DeviceHostSrc
+}
+
 // Runtime returns the container's Runtime.
 func (c *Container) Runtime() *Runtime {
 	return c.runtime
diff --git a/libpod/container_config.go b/libpod/container_config.go
index 0374c25fe..54d102a71 100644
--- a/libpod/container_config.go
+++ b/libpod/container_config.go
@@ -381,6 +381,8 @@ type ContainerMiscConfig struct {
 	PidFile string `json:"pid_file,omitempty"`
 	// CDIDevices contains devices that use the CDI
 	CDIDevices []string `json:"cdiDevices,omitempty"`
+	// DeviceHostSrc contains the original source on the host
+	DeviceHostSrc []spec.LinuxDevice `json:"device_host_src,omitempty"`
 	// EnvSecrets are secrets that are set as environment variables
 	EnvSecrets map[string]*secrets.Secret `json:"secret_env,omitempty"`
 	// InitContainerType specifies if the container is an initcontainer
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 530160b2d..e65c86cef 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -819,27 +819,10 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
 	// Devices
 	// Do not include if privileged - assumed that all devices will be
 	// included.
-	hostConfig.Devices = []define.InspectDevice{}
-	if ctrSpec.Linux != nil && !hostConfig.Privileged {
-		for _, dev := range ctrSpec.Linux.Devices {
-			key := fmt.Sprintf("%d:%d", dev.Major, dev.Minor)
-			if deviceNodes == nil {
-				nodes, err := util.FindDeviceNodes()
-				if err != nil {
-					return nil, err
-				}
-				deviceNodes = nodes
-			}
-			path, ok := deviceNodes[key]
-			if !ok {
-				logrus.Warnf("Could not locate device %s on host", key)
-				continue
-			}
-			newDev := define.InspectDevice{}
-			newDev.PathOnHost = path
-			newDev.PathInContainer = dev.Path
-			hostConfig.Devices = append(hostConfig.Devices, newDev)
-		}
+	var err error
+	hostConfig.Devices, err = c.GetDevices(*&hostConfig.Privileged, *ctrSpec, deviceNodes)
+	if err != nil {
+		return nil, err
 	}
 
 	// Ulimits
@@ -885,3 +868,29 @@ func (c *Container) inHostPidNS() (bool, error) {
 	}
 	return true, nil
 }
+
+func (c *Container) GetDevices(priv bool, ctrSpec spec.Spec, deviceNodes map[string]string) ([]define.InspectDevice, error) {
+	devices := []define.InspectDevice{}
+	if ctrSpec.Linux != nil && !priv {
+		for _, dev := range ctrSpec.Linux.Devices {
+			key := fmt.Sprintf("%d:%d", dev.Major, dev.Minor)
+			if deviceNodes == nil {
+				nodes, err := util.FindDeviceNodes()
+				if err != nil {
+					return nil, err
+				}
+				deviceNodes = nodes
+			}
+			path, ok := deviceNodes[key]
+			if !ok {
+				logrus.Warnf("Could not locate device %s on host", key)
+				continue
+			}
+			newDev := define.InspectDevice{}
+			newDev.PathOnHost = path
+			newDev.PathInContainer = dev.Path
+			devices = append(devices, newDev)
+		}
+	}
+	return devices, nil
+}
diff --git a/libpod/define/pod_inspect.go b/libpod/define/pod_inspect.go
index b7a6e76b5..e78d97850 100644
--- a/libpod/define/pod_inspect.go
+++ b/libpod/define/pod_inspect.go
@@ -59,6 +59,8 @@ type InspectPodData struct {
 	CPUSetCPUs string `json:"cpuset_cpus,omitempty"`
 	// Mounts contains volume related information for the pod
 	Mounts []InspectMount `json:"mounts,omitempty"`
+	// Devices contains the specified host devices
+	Devices []InspectDevice `json:"devices,omitempty"`
 }
 
 // InspectPodInfraConfig contains the configuration of the pod's infra
diff --git a/libpod/options.go b/libpod/options.go
index 3f6ccf1cb..a80f51c6a 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -21,6 +21,7 @@ import (
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/containers/storage"
 	"github.com/containers/storage/pkg/idtools"
+	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -1809,6 +1810,17 @@ func WithInitCtrType(containerType string) CtrCreateOption {
 	}
 }
 
+// WithHostDevice adds the original host src to the config
+func WithHostDevice(dev []specs.LinuxDevice) CtrCreateOption {
+	return func(ctr *Container) error {
+		if ctr.valid {
+			return define.ErrCtrFinalized
+		}
+		ctr.config.DeviceHostSrc = dev
+		return nil
+	}
+}
+
 // Pod Creation Options
 
 // WithPodCreateCommand adds the full command plus arguments of the current
diff --git a/libpod/pod_api.go b/libpod/pod_api.go
index 4e0acf950..ff818edc2 100644
--- a/libpod/pod_api.go
+++ b/libpod/pod_api.go
@@ -583,6 +583,7 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
 	// container.
 	var infraConfig *define.InspectPodInfraConfig
 	var inspectMounts []define.InspectMount
+	var devices []define.InspectDevice
 	if p.state.InfraContainerID != "" {
 		infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
 		if err != nil {
@@ -604,6 +605,12 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
 			return nil, err
 		}
 
+		var nodes map[string]string
+		devices, err = infra.GetDevices(false, *infra.config.Spec, nodes)
+		if err != nil {
+			return nil, err
+		}
+
 		if len(infra.Config().ContainerNetworkConfig.DNSServer) > 0 {
 			infraConfig.DNSServer = make([]string, 0, len(infra.Config().ContainerNetworkConfig.DNSServer))
 			for _, entry := range infra.Config().ContainerNetworkConfig.DNSServer {
@@ -652,6 +659,7 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
 		CPUPeriod:        p.CPUPeriod(),
 		CPUQuota:         p.CPUQuota(),
 		Mounts:           inspectMounts,
+		Devices:          devices,
 	}
 
 	return &inspectData, nil