summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/boltdb_state_internal.go30
-rw-r--r--libpod/container_internal_linux.go72
-rw-r--r--libpod/diff.go20
-rw-r--r--libpod/network/create.go6
-rw-r--r--libpod/networking_linux.go14
-rw-r--r--libpod/runtime.go19
-rw-r--r--libpod/runtime_cstorage.go4
-rw-r--r--libpod/runtime_ctr.go5
-rw-r--r--libpod/shutdown/handler.go131
9 files changed, 267 insertions, 34 deletions
diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go
index 9be753d26..e195ca314 100644
--- a/libpod/boltdb_state_internal.go
+++ b/libpod/boltdb_state_internal.go
@@ -2,7 +2,7 @@ package libpod
import (
"bytes"
- "path/filepath"
+ "os"
"runtime"
"strings"
@@ -400,14 +400,30 @@ func (s *BoltState) getContainerFromDB(id []byte, ctr *Container, ctrsBkt *bolt.
// Handle legacy containers which might use a literal path for
// their OCI runtime name.
runtimeName := ctr.config.OCIRuntime
- if strings.HasPrefix(runtimeName, "/") {
- runtimeName = filepath.Base(runtimeName)
- }
-
ociRuntime, ok := s.runtime.ociRuntimes[runtimeName]
if !ok {
- // Use a MissingRuntime implementation
- ociRuntime = getMissingRuntime(runtimeName, s.runtime)
+ runtimeSet := false
+
+ // If the path starts with a / and exists, make a new
+ // OCI runtime for it using the full path.
+ if strings.HasPrefix(runtimeName, "/") {
+ if stat, err := os.Stat(runtimeName); err == nil && !stat.IsDir() {
+ newOCIRuntime, err := newConmonOCIRuntime(runtimeName, []string{runtimeName}, s.runtime.conmonPath, s.runtime.runtimeFlags, s.runtime.config)
+ if err == nil {
+ // The runtime lock should
+ // protect against concurrent
+ // modification of the map.
+ ociRuntime = newOCIRuntime
+ s.runtime.ociRuntimes[runtimeName] = ociRuntime
+ runtimeSet = true
+ }
+ }
+ }
+
+ if !runtimeSet {
+ // Use a MissingRuntime implementation
+ ociRuntime = getMissingRuntime(runtimeName, s.runtime)
+ }
}
ctr.ociRuntime = ociRuntime
}
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 3a71c6601..ffb2f5b73 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1024,13 +1024,15 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
if !options.IgnoreStaticMAC {
// Take the first device with a defined sandbox.
var MAC net.HardwareAddr
- for _, n := range networkStatus[0].Interfaces {
- if n.Sandbox != "" {
- MAC, err = net.ParseMAC(n.Mac)
- if err != nil {
- return errors.Wrapf(err, "failed to parse MAC %v", n.Mac)
+ if len(networkStatus) > 0 {
+ for _, n := range networkStatus[0].Interfaces {
+ if n.Sandbox != "" {
+ MAC, err = net.ParseMAC(n.Mac)
+ if err != nil {
+ return errors.Wrapf(err, "failed to parse MAC %v", n.Mac)
+ }
+ break
}
- break
}
}
if MAC != nil {
@@ -1539,11 +1541,31 @@ func (c *Container) getHosts() string {
}
}
- if c.config.NetMode.IsSlirp4netns() {
- // When using slirp4netns, the interface gets a static IP
- hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", "10.0.2.100", c.Hostname(), c.Config().Name)
- }
hosts += c.cniHosts()
+
+ // If not making a network namespace, add our own hostname.
+ if c.Hostname() != "" {
+ if c.config.NetMode.IsSlirp4netns() {
+ // When using slirp4netns, the interface gets a static IP
+ hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", "10.0.2.100", c.Hostname(), c.config.Name)
+ } else {
+ hasNetNS := false
+ for _, ns := range c.config.Spec.Linux.Namespaces {
+ if ns.Type == spec.NetworkNamespace {
+ hasNetNS = true
+ break
+ }
+ }
+ if !hasNetNS {
+ // 127.0.1.1 and host's hostname to match Docker
+ osHostname, err := os.Hostname()
+ if err != nil {
+ osHostname = c.Hostname()
+ }
+ hosts += fmt.Sprintf("127.0.1.1 %s\n", osHostname)
+ }
+ }
+ }
return hosts
}
@@ -1717,11 +1739,35 @@ func (c *Container) generateCurrentUserPasswdEntry() (string, int, int, error) {
// If the user's actual home directory exists, or was mounted in - use
// that.
homeDir := c.WorkingDir()
- if MountExists(c.config.Spec.Mounts, u.HomeDir) {
- homeDir = u.HomeDir
+ hDir := u.HomeDir
+ for hDir != "/" {
+ if MountExists(c.config.Spec.Mounts, hDir) {
+ homeDir = u.HomeDir
+ break
+ }
+ hDir = filepath.Dir(hDir)
+ }
+ if homeDir != u.HomeDir {
+ for _, hDir := range c.UserVolumes() {
+ if hDir == u.HomeDir {
+ homeDir = u.HomeDir
+ break
+ }
+ }
+ }
+ // Set HOME environment if not already set
+ hasHomeSet := false
+ for _, s := range c.config.Spec.Process.Env {
+ if strings.HasPrefix(s, "HOME=") {
+ hasHomeSet = true
+ break
+ }
+ }
+ if !hasHomeSet {
+ c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir))
}
- return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Username, homeDir), uid, rootless.GetRootlessGID(), nil
+ return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Name, homeDir), uid, rootless.GetRootlessGID(), nil
}
// generateUserPasswdEntry generates an /etc/passwd entry for the container user
diff --git a/libpod/diff.go b/libpod/diff.go
index 5335d701c..43f4d2e96 100644
--- a/libpod/diff.go
+++ b/libpod/diff.go
@@ -62,18 +62,22 @@ func (r *Runtime) ApplyDiffTarStream(to string, diff io.Reader) error {
func (r *Runtime) getLayerID(id string) (string, error) {
var toLayer string
toImage, err := r.imageRuntime.NewFromLocal(id)
+ if err == nil {
+ return toImage.TopLayer(), nil
+ }
+
+ targetID, err := r.store.Lookup(id)
if err != nil {
- toCtr, err := r.store.Container(id)
+ targetID = id
+ }
+ toCtr, err := r.store.Container(targetID)
+ if err != nil {
+ toLayer, err = layers.FullID(r.store, targetID)
if err != nil {
- toLayer, err = layers.FullID(r.store, id)
- if err != nil {
- return "", errors.Errorf("layer, image, or container %s does not exist", id)
- }
- } else {
- toLayer = toCtr.LayerID
+ return "", errors.Errorf("layer, image, or container %s does not exist", id)
}
} else {
- toLayer = toImage.TopLayer()
+ toLayer = toCtr.LayerID
}
return toLayer, nil
}
diff --git a/libpod/network/create.go b/libpod/network/create.go
index a9ed4c4ef..bf11631bf 100644
--- a/libpod/network/create.go
+++ b/libpod/network/create.go
@@ -10,6 +10,7 @@ import (
"github.com/containernetworking/cni/pkg/version"
"github.com/containers/podman/v2/libpod"
"github.com/containers/podman/v2/pkg/domain/entities"
+ "github.com/containers/podman/v2/pkg/rootless"
"github.com/containers/podman/v2/pkg/util"
"github.com/pkg/errors"
)
@@ -131,8 +132,9 @@ func createBridge(r *libpod.Runtime, name string, options entities.NetworkCreate
plugins = append(plugins, bridge)
plugins = append(plugins, NewPortMapPlugin())
plugins = append(plugins, NewFirewallPlugin())
- // if we find the dnsname plugin, we add configuration for it
- if HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) && !options.DisableDNS {
+ // if we find the dnsname plugin or are rootless, we add configuration for it
+ // the rootless-cni-infra container has the dnsname plugin always installed
+ if (HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) || rootless.IsRootless()) && !options.DisableDNS {
// Note: in the future we might like to allow for dynamic domain names
plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName))
}
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 639358900..9ff6e40b7 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -825,6 +825,20 @@ func getContainerNetIO(ctr *Container) (*netlink.LinkStatistics, error) {
// Produce an InspectNetworkSettings containing information on the container
// network.
func (c *Container) getContainerNetworkInfo() (*define.InspectNetworkSettings, error) {
+ if c.config.NetNsCtr != "" {
+ netNsCtr, err := c.runtime.GetContainer(c.config.NetNsCtr)
+ if err != nil {
+ return nil, err
+ }
+ // Have to sync to ensure that state is populated
+ if err := netNsCtr.syncContainer(); err != nil {
+ return nil, err
+ }
+ logrus.Debugf("Container %s shares network namespace, retrieving network info of container %s", c.ID(), c.config.NetNsCtr)
+
+ return netNsCtr.getContainerNetworkInfo()
+ }
+
settings := new(define.InspectNetworkSettings)
settings.Ports = makeInspectPortBindings(c.config.PortMappings)
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 7da8b181f..792492db6 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -17,6 +17,7 @@ import (
"github.com/containers/podman/v2/libpod/events"
"github.com/containers/podman/v2/libpod/image"
"github.com/containers/podman/v2/libpod/lock"
+ "github.com/containers/podman/v2/libpod/shutdown"
"github.com/containers/podman/v2/pkg/cgroups"
"github.com/containers/podman/v2/pkg/registries"
"github.com/containers/podman/v2/pkg/rootless"
@@ -174,9 +175,21 @@ func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...R
}
}
+ if err := shutdown.Start(); err != nil {
+ return nil, errors.Wrapf(err, "error starting shutdown signal handler")
+ }
+
if err := makeRuntime(ctx, runtime); err != nil {
return nil, err
}
+
+ if err := shutdown.Register("libpod", func(sig os.Signal) error {
+ os.Exit(1)
+ return nil
+ }); err != nil {
+ logrus.Errorf("Error registering shutdown handler for libpod: %v", err)
+ }
+
return runtime, nil
}
@@ -383,14 +396,12 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) {
// If the string starts with / it's a path to a runtime
// executable.
if strings.HasPrefix(runtime.config.Engine.OCIRuntime, "/") {
- name := filepath.Base(runtime.config.Engine.OCIRuntime)
-
- ociRuntime, err := newConmonOCIRuntime(name, []string{runtime.config.Engine.OCIRuntime}, runtime.conmonPath, runtime.runtimeFlags, runtime.config)
+ ociRuntime, err := newConmonOCIRuntime(runtime.config.Engine.OCIRuntime, []string{runtime.config.Engine.OCIRuntime}, runtime.conmonPath, runtime.runtimeFlags, runtime.config)
if err != nil {
return err
}
- runtime.ociRuntimes[name] = ociRuntime
+ runtime.ociRuntimes[runtime.config.Engine.OCIRuntime] = ociRuntime
runtime.defaultOCIRuntime = ociRuntime
} else {
ociRuntime, ok := runtime.ociRuntimes[runtime.config.Engine.OCIRuntime]
diff --git a/libpod/runtime_cstorage.go b/libpod/runtime_cstorage.go
index 03eebeefc..61fdd42d3 100644
--- a/libpod/runtime_cstorage.go
+++ b/libpod/runtime_cstorage.go
@@ -52,6 +52,10 @@ func (r *Runtime) ListStorageContainers() ([]*StorageContainer, error) {
return finalCtrs, nil
}
+func (r *Runtime) StorageContainer(idOrName string) (*storage.Container, error) {
+ return r.store.Container(idOrName)
+}
+
// RemoveStorageContainer removes a container from c/storage.
// The container WILL NOT be removed if it exists in libpod.
// Accepts ID or full name of container.
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 51b4c5f03..de73a9ff3 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v2/libpod/define"
"github.com/containers/podman/v2/libpod/events"
+ "github.com/containers/podman/v2/libpod/shutdown"
"github.com/containers/podman/v2/pkg/cgroups"
"github.com/containers/podman/v2/pkg/rootless"
"github.com/containers/storage"
@@ -149,6 +150,10 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
return nil, err
}
+ // Inhibit shutdown until creation succeeds
+ shutdown.Inhibit()
+ defer shutdown.Uninhibit()
+
// Allocate a lock for the container
lock, err := r.lockManager.AllocateLock()
if err != nil {
diff --git a/libpod/shutdown/handler.go b/libpod/shutdown/handler.go
new file mode 100644
index 000000000..87538dec9
--- /dev/null
+++ b/libpod/shutdown/handler.go
@@ -0,0 +1,131 @@
+package shutdown
+
+import (
+ "os"
+ "os/signal"
+ "sync"
+ "syscall"
+
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+)
+
+var (
+ stopped bool
+ sigChan chan os.Signal
+ cancelChan chan bool
+ // Definitions of all on-shutdown handlers
+ handlers map[string]func(os.Signal) error
+ // Ordering that on-shutdown handlers will be invoked.
+ handlerOrder []string
+ shutdownInhibit sync.RWMutex
+)
+
+// Start begins handling SIGTERM and SIGINT and will run the given on-signal
+// handlers when one is called. This can be cancelled by calling Stop().
+func Start() error {
+ if sigChan != nil {
+ // Already running, do nothing.
+ return nil
+ }
+
+ sigChan = make(chan os.Signal, 1)
+ cancelChan = make(chan bool, 1)
+ stopped = false
+
+ signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
+
+ go func() {
+ select {
+ case <-cancelChan:
+ signal.Stop(sigChan)
+ close(sigChan)
+ close(cancelChan)
+ stopped = true
+ return
+ case sig := <-sigChan:
+ logrus.Infof("Received shutdown signal %v, terminating!", sig)
+ shutdownInhibit.Lock()
+ for _, name := range handlerOrder {
+ handler, ok := handlers[name]
+ if !ok {
+ logrus.Errorf("Shutdown handler %s definition not found!", name)
+ continue
+ }
+ logrus.Infof("Invoking shutdown handler %s", name)
+ if err := handler(sig); err != nil {
+ logrus.Errorf("Error running shutdown handler %s: %v", name, err)
+ }
+ }
+ shutdownInhibit.Unlock()
+ return
+ }
+ }()
+
+ return nil
+}
+
+// Stop the shutdown signal handler.
+func Stop() error {
+ if cancelChan == nil {
+ return errors.New("shutdown signal handler has not yet been started")
+ }
+ if stopped {
+ return nil
+ }
+
+ cancelChan <- true
+
+ return nil
+}
+
+// Temporarily inhibit signals from shutting down Libpod.
+func Inhibit() {
+ shutdownInhibit.RLock()
+}
+
+// Stop inhibiting signals from shutting down Libpod.
+func Uninhibit() {
+ shutdownInhibit.RUnlock()
+}
+
+// Register registers a function that will be executed when Podman is terminated
+// by a signal. Handlers are invoked LIFO - the last handler registered is the
+// first run.
+func Register(name string, handler func(os.Signal) error) error {
+ if handlers == nil {
+ handlers = make(map[string]func(os.Signal) error)
+ }
+
+ if _, ok := handlers[name]; ok {
+ return errors.Errorf("handler with name %s already exists", name)
+ }
+
+ handlers[name] = handler
+ handlerOrder = append([]string{name}, handlerOrder...)
+
+ return nil
+}
+
+// Unregister un-registers a given shutdown handler.
+func Unregister(name string) error {
+ if handlers == nil {
+ return nil
+ }
+
+ if _, ok := handlers[name]; !ok {
+ return nil
+ }
+
+ delete(handlers, name)
+
+ newOrder := []string{}
+ for _, checkName := range handlerOrder {
+ if checkName != name {
+ newOrder = append(newOrder, checkName)
+ }
+ }
+ handlerOrder = newOrder
+
+ return nil
+}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-26 22:36:09 +0000