diff options
| author | Matthew Heon <matthew.heon@pm.me> | 2020-06-02 14:02:54 -0400 |
|---|---|---|
| committer | Matthew Heon <matthew.heon@pm.me> | 2020-06-02 15:30:42 -0400 |
| commit | e0d940463475b907d56aa548401f8ba916cec21b (patch) | |
| tree | 9f3f8ef1b4b795802885204283b74a9241bd7a3c /pkg/specgen | |
| parent | d10addca6c4eef4a3ab93336d1080eead3784caa (diff) | |
| download | podman-e0d940463475b907d56aa548401f8ba916cec21b.tar.gz podman-e0d940463475b907d56aa548401f8ba916cec21b.tar.bz2 podman-e0d940463475b907d56aa548401f8ba916cec21b.zip | |
Enable detached exec for remote
The biggest obstacle here was cleanup - we needed a way to remove
detached exec sessions after they exited, but there's no way to
tell if an exec session will be attached or detached when it's
created, and that's when we must add the exit command that would
do the removal. The solution was adding a delay to the exit
command (5 minutes), which gives sufficient time for attached
exec sessions to retrieve the exit code of the session after it
exits, but still guarantees that they will be removed, even for
detached sessions. This requires Conmon 2.0.17, which has the new
`--exit-delay` flag.
As part of the exit command rework, we can drop the hack we were
using to clean up exec sessions (remove them as part of inspect).
This is a lot cleaner, and I'm a lot happier about it.
Otherwise, this is just plumbing - we need a bindings call for
detached exec, and that needed to be added to the tunnel mode
backend for entities.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg/specgen')
| -rw-r--r-- | pkg/specgen/generate/container_create.go | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index ffd7fd4dd..7ddfed339 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -107,12 +107,12 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener } options = append(options, opts...) - podmanPath, err := os.Executable() + // TODO: Enable syslog support - we'll need to put this in SpecGen. + exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, false, s.Remove, false) if err != nil { return nil, err } - // TODO: Enable syslog support - we'll need to put this in SpecGen. - options = append(options, libpod.WithExitCommand(CreateExitCommandArgs(rt.StorageConfig(), rtc, podmanPath, false, s.Remove, false))) + options = append(options, libpod.WithExitCommand(exitCommandArgs)) runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts) if err != nil { @@ -229,13 +229,18 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. return options, nil } -func CreateExitCommandArgs(storageConfig storage.StoreOptions, config *config.Config, podmanPath string, syslog, rm bool, exec bool) []string { +func CreateExitCommandArgs(storageConfig storage.StoreOptions, config *config.Config, syslog, rm, exec bool) ([]string, error) { // We need a cleanup process for containers in the current model. // But we can't assume that the caller is Podman - it could be another // user of the API. // As such, provide a way to specify a path to Podman, so we can // still invoke a cleanup process. + podmanPath, err := os.Executable() + if err != nil { + return nil, err + } + command := []string{podmanPath, "--root", storageConfig.GraphRoot, "--runroot", storageConfig.RunRoot, @@ -265,9 +270,11 @@ func CreateExitCommandArgs(storageConfig storage.StoreOptions, config *config.Co command = append(command, "--rm") } + // This has to be absolutely last, to ensure that the exec session ID + // will be added after it by Libpod. if exec { command = append(command, "--exec") } - return command + return command, nil } |