summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/adapter/client.go22
-rw-r--r--libpod/adapter/containers_remote.go50
-rw-r--r--libpod/adapter/images_remote.go19
-rw-r--r--libpod/adapter/runtime.go50
-rw-r--r--libpod/adapter/runtime_remote.go167
-rw-r--r--libpod/boltdb_state.go12
-rw-r--r--libpod/boltdb_state_linux.go2
-rw-r--r--libpod/boltdb_state_unsupported.go2
-rw-r--r--libpod/common_test.go8
-rw-r--r--libpod/container.go31
-rw-r--r--libpod/container_internal.go4
-rw-r--r--libpod/container_internal_test.go2
-rw-r--r--libpod/info.go6
-rw-r--r--libpod/oci.go6
-rw-r--r--libpod/options.go6
-rw-r--r--libpod/runtime.go77
-rw-r--r--libpod/runtime_ctr.go4
17 files changed, 390 insertions, 78 deletions
diff --git a/libpod/adapter/client.go b/libpod/adapter/client.go
index 383c242c9..b3bb9acae 100644
--- a/libpod/adapter/client.go
+++ b/libpod/adapter/client.go
@@ -3,12 +3,32 @@
package adapter
import (
+ "os"
+
+ "github.com/sirupsen/logrus"
"github.com/varlink/go/varlink"
)
+// DefaultAddress is the default address of the varlink socket
+const DefaultAddress = "unix:/run/podman/io.podman"
+
// Connect provides a varlink connection
func (r RemoteRuntime) Connect() (*varlink.Connection, error) {
- connection, err := varlink.NewConnection("unix:/run/podman/io.podman")
+ var err error
+ var connection *varlink.Connection
+ if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" {
+ logrus.Infof("Connecting with varlink bridge")
+ logrus.Debugf("%s", bridge)
+ connection, err = varlink.NewBridge(bridge)
+ } else {
+ address := os.Getenv("PODMAN_VARLINK_ADDRESS")
+ if address == "" {
+ address = DefaultAddress
+ }
+ logrus.Infof("Connecting with varlink address")
+ logrus.Debugf("%s", address)
+ connection, err = varlink.NewConnection(address)
+ }
if err != nil {
return nil, err
}
diff --git a/libpod/adapter/containers_remote.go b/libpod/adapter/containers_remote.go
new file mode 100644
index 000000000..9623304e5
--- /dev/null
+++ b/libpod/adapter/containers_remote.go
@@ -0,0 +1,50 @@
+// +build remoteclient
+
+package adapter
+
+import (
+ "encoding/json"
+
+ iopodman "github.com/containers/libpod/cmd/podman/varlink"
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/inspect"
+)
+
+// Inspect returns an inspect struct from varlink
+func (c *Container) Inspect(size bool) (*inspect.ContainerInspectData, error) {
+ reply, err := iopodman.ContainerInspectData().Call(c.Runtime.Conn, c.ID())
+ if err != nil {
+ return nil, err
+ }
+ data := inspect.ContainerInspectData{}
+ if err := json.Unmarshal([]byte(reply), &data); err != nil {
+ return nil, err
+ }
+ return &data, err
+}
+
+// ID returns the ID of the container
+func (c *Container) ID() string {
+ return c.config.ID
+}
+
+// GetArtifact returns a container's artifacts
+func (c *Container) GetArtifact(name string) ([]byte, error) {
+ var data []byte
+ reply, err := iopodman.ContainerArtifacts().Call(c.Runtime.Conn, c.ID(), name)
+ if err != nil {
+ return nil, err
+ }
+ if err := json.Unmarshal([]byte(reply), &data); err != nil {
+ return nil, err
+ }
+ return data, err
+}
+
+// Config returns a container's Config ... same as ctr.Config()
+func (c *Container) Config() *libpod.ContainerConfig {
+ if c.config != nil {
+ return c.config
+ }
+ return c.Runtime.Config(c.ID())
+}
diff --git a/libpod/adapter/images_remote.go b/libpod/adapter/images_remote.go
index 77b0629a7..e7b38dccc 100644
--- a/libpod/adapter/images_remote.go
+++ b/libpod/adapter/images_remote.go
@@ -3,15 +3,22 @@
package adapter
import (
- "github.com/containers/libpod/libpod"
+ "context"
+ "encoding/json"
+
+ iopodman "github.com/containers/libpod/cmd/podman/varlink"
+ "github.com/containers/libpod/pkg/inspect"
)
-// Images returns information for the host system and its components
-func (r RemoteRuntime) Images() ([]libpod.InfoData, error) {
- conn, err := r.Connect()
+// Inspect returns returns an ImageData struct from over a varlink connection
+func (i *ContainerImage) Inspect(ctx context.Context) (*inspect.ImageData, error) {
+ reply, err := iopodman.InspectImage().Call(i.Runtime.Conn, i.ID())
if err != nil {
return nil, err
}
- _ = conn
- return nil, nil
+ data := inspect.ImageData{}
+ if err := json.Unmarshal([]byte(reply), &data); err != nil {
+ return nil, err
+ }
+ return &data, nil
}
diff --git a/libpod/adapter/runtime.go b/libpod/adapter/runtime.go
index 13141f886..1f3599082 100644
--- a/libpod/adapter/runtime.go
+++ b/libpod/adapter/runtime.go
@@ -3,6 +3,10 @@
package adapter
import (
+ "context"
+ "io"
+
+ "github.com/containers/image/types"
"github.com/containers/libpod/cmd/podman/libpodruntime"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/image"
@@ -11,8 +15,8 @@ import (
// LocalRuntime describes a typical libpod runtime
type LocalRuntime struct {
- Runtime *libpod.Runtime
- Remote bool
+ *libpod.Runtime
+ Remote bool
}
// ContainerImage ...
@@ -20,6 +24,11 @@ type ContainerImage struct {
*image.Image
}
+// Container ...
+type Container struct {
+ *libpod.Container
+}
+
// GetRuntime returns a LocalRuntime struct with the actual runtime embedded in it
func GetRuntime(c *cli.Context) (*LocalRuntime, error) {
runtime, err := libpodruntime.GetRuntime(c)
@@ -53,3 +62,40 @@ func (r *LocalRuntime) NewImageFromLocal(name string) (*ContainerImage, error) {
}
return &ContainerImage{img}, nil
}
+
+// LoadFromArchiveReference calls into local storage to load an image from an archive
+func (r *LocalRuntime) LoadFromArchiveReference(ctx context.Context, srcRef types.ImageReference, signaturePolicyPath string, writer io.Writer) ([]*ContainerImage, error) {
+ var containerImages []*ContainerImage
+ imgs, err := r.Runtime.ImageRuntime().LoadFromArchiveReference(ctx, srcRef, signaturePolicyPath, writer)
+ if err != nil {
+ return nil, err
+ }
+ for _, i := range imgs {
+ ci := ContainerImage{i}
+ containerImages = append(containerImages, &ci)
+ }
+ return containerImages, nil
+}
+
+// New calls into local storage to look for an image in local storage or to pull it
+func (r *LocalRuntime) New(ctx context.Context, name, signaturePolicyPath, authfile string, writer io.Writer, dockeroptions *image.DockerRegistryOptions, signingoptions image.SigningOptions, forcePull bool) (*ContainerImage, error) {
+ img, err := r.Runtime.ImageRuntime().New(ctx, name, signaturePolicyPath, authfile, writer, dockeroptions, signingoptions, forcePull)
+ if err != nil {
+ return nil, err
+ }
+ return &ContainerImage{img}, nil
+}
+
+// RemoveImage calls into local storage and removes an image
+func (r *LocalRuntime) RemoveImage(ctx context.Context, img *ContainerImage, force bool) (string, error) {
+ return r.Runtime.RemoveImage(ctx, img.Image, force)
+}
+
+// LookupContainer ...
+func (r *LocalRuntime) LookupContainer(idOrName string) (*Container, error) {
+ ctr, err := r.Runtime.LookupContainer(idOrName)
+ if err != nil {
+ return nil, err
+ }
+ return &Container{ctr}, nil
+}
diff --git a/libpod/adapter/runtime_remote.go b/libpod/adapter/runtime_remote.go
index 27301d90b..7189348bc 100644
--- a/libpod/adapter/runtime_remote.go
+++ b/libpod/adapter/runtime_remote.go
@@ -4,12 +4,18 @@ package adapter
import (
"context"
+ "encoding/json"
"fmt"
+ "io"
"strings"
"time"
- iopodman "github.com/containers/libpod/cmd/podman/varlink"
- digest "github.com/opencontainers/go-digest"
+ "github.com/containers/image/types"
+ "github.com/containers/libpod/cmd/podman/varlink"
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/image"
+ "github.com/opencontainers/go-digest"
+ "github.com/sirupsen/logrus"
"github.com/urfave/cli"
"github.com/varlink/go/varlink"
)
@@ -19,13 +25,13 @@ type RemoteImageRuntime struct{}
// RemoteRuntime describes a wrapper runtime struct
type RemoteRuntime struct {
+ Conn *varlink.Connection
+ Remote bool
}
// LocalRuntime describes a typical libpod runtime
type LocalRuntime struct {
- Runtime *RemoteRuntime
- Remote bool
- Conn *varlink.Connection
+ *RemoteRuntime
}
// GetRuntime returns a LocalRuntime struct with the actual runtime embedded in it
@@ -35,11 +41,14 @@ func GetRuntime(c *cli.Context) (*LocalRuntime, error) {
if err != nil {
return nil, err
}
- return &LocalRuntime{
- Runtime: &runtime,
- Remote: true,
- Conn: conn,
- }, nil
+ rr := RemoteRuntime{
+ Conn: conn,
+ Remote: true,
+ }
+ foo := LocalRuntime{
+ &rr,
+ }
+ return &foo, nil
}
// Shutdown is a bogus wrapper for compat with the libpod runtime
@@ -67,6 +76,18 @@ type remoteImage struct {
Runtime *LocalRuntime
}
+// Container ...
+type Container struct {
+ remoteContainer
+}
+
+// remoteContainer ....
+type remoteContainer struct {
+ Runtime *LocalRuntime
+ config *libpod.ContainerConfig
+ state *libpod.ContainerState
+}
+
// GetImages returns a slice of containerimages over a varlink connection
func (r *LocalRuntime) GetImages() ([]*ContainerImage, error) {
var newImages []*ContainerImage
@@ -119,6 +140,42 @@ func (r *LocalRuntime) NewImageFromLocal(name string) (*ContainerImage, error) {
}
+// LoadFromArchiveReference creates an image from a local archive
+func (r *LocalRuntime) LoadFromArchiveReference(ctx context.Context, srcRef types.ImageReference, signaturePolicyPath string, writer io.Writer) ([]*ContainerImage, error) {
+ // TODO We need to find a way to leak certDir, creds, and the tlsverify into this function, normally this would
+ // come from cli options but we don't want want those in here either.
+ imageID, err := iopodman.PullImage().Call(r.Conn, srcRef.DockerReference().String(), "", "", signaturePolicyPath, true)
+ if err != nil {
+ return nil, err
+ }
+ newImage, err := r.NewImageFromLocal(imageID)
+ if err != nil {
+ return nil, err
+ }
+ return []*ContainerImage{newImage}, nil
+}
+
+// New calls into local storage to look for an image in local storage or to pull it
+func (r *LocalRuntime) New(ctx context.Context, name, signaturePolicyPath, authfile string, writer io.Writer, dockeroptions *image.DockerRegistryOptions, signingoptions image.SigningOptions, forcePull bool) (*ContainerImage, error) {
+ // TODO Creds needs to be figured out here too, like above
+ tlsBool := dockeroptions.DockerInsecureSkipTLSVerify
+ // Remember SkipTlsVerify is the opposite of tlsverify
+ // If tlsBook is true or undefined, we do not skip
+ SkipTlsVerify := false
+ if tlsBool == types.OptionalBoolFalse {
+ SkipTlsVerify = true
+ }
+ imageID, err := iopodman.PullImage().Call(r.Conn, name, dockeroptions.DockerCertPath, "", signaturePolicyPath, SkipTlsVerify)
+ if err != nil {
+ return nil, err
+ }
+ newImage, err := r.NewImageFromLocal(imageID)
+ if err != nil {
+ return nil, err
+ }
+ return newImage, nil
+}
+
func splitStringDate(d string) (time.Time, error) {
fields := strings.Fields(d)
t := fmt.Sprintf("%sT%sZ", fields[0], fields[1])
@@ -174,6 +231,92 @@ func (ci *ContainerImage) TagImage(tag string) error {
return err
}
-func (r RemoteRuntime) RemoveImage(force bool) error {
- return nil
+// RemoveImage calls varlink to remove an image
+func (r *LocalRuntime) RemoveImage(ctx context.Context, img *ContainerImage, force bool) (string, error) {
+ return iopodman.RemoveImage().Call(r.Conn, img.InputName, force)
+}
+
+// History returns the history of an image and its layers
+func (ci *ContainerImage) History(ctx context.Context) ([]*image.History, error) {
+ var imageHistories []*image.History
+
+ reply, err := iopodman.HistoryImage().Call(ci.Runtime.Conn, ci.InputName)
+ if err != nil {
+ return nil, err
+ }
+ for _, h := range reply {
+ created, err := splitStringDate(h.Created)
+ if err != nil {
+ return nil, err
+ }
+ ih := image.History{
+ ID: h.Id,
+ Created: &created,
+ CreatedBy: h.CreatedBy,
+ Size: h.Size,
+ Comment: h.Comment,
+ }
+ imageHistories = append(imageHistories, &ih)
+ }
+ return imageHistories, nil
+}
+
+// LookupContainer gets basic information about container over a varlink
+// connection and then translates it to a *Container
+func (r *LocalRuntime) LookupContainer(idOrName string) (*Container, error) {
+ state, err := r.ContainerState(idOrName)
+ if err != nil {
+ return nil, err
+ }
+ config := r.Config(idOrName)
+ if err != nil {
+ return nil, err
+ }
+
+ rc := remoteContainer{
+ r,
+ config,
+ state,
+ }
+
+ c := Container{
+ rc,
+ }
+ return &c, nil
+}
+
+func (r *LocalRuntime) GetLatestContainer() (*Container, error) {
+ return nil, libpod.ErrNotImplemented
+}
+
+// ContainerState returns the "state" of the container.
+func (r *LocalRuntime) ContainerState(name string) (*libpod.ContainerState, error) { //no-lint
+ reply, err := iopodman.ContainerStateData().Call(r.Conn, name)
+ if err != nil {
+ return nil, err
+ }
+ data := libpod.ContainerState{}
+ if err := json.Unmarshal([]byte(reply), &data); err != nil {
+ return nil, err
+ }
+ return &data, err
+
+}
+
+// Config returns a container config
+func (r *LocalRuntime) Config(name string) *libpod.ContainerConfig {
+ // TODO the Spec being returned is not populated. Matt and I could not figure out why. Will defer
+ // further looking into it for after devconf.
+ // The libpod function for this has no errors so we are kind of in a tough
+ // spot here. Logging the errors for now.
+ reply, err := iopodman.ContainerConfig().Call(r.Conn, name)
+ if err != nil {
+ logrus.Error("call to container.config failed")
+ }
+ data := libpod.ContainerConfig{}
+ if err := json.Unmarshal([]byte(reply), &data); err != nil {
+ logrus.Error("failed to unmarshal container inspect data")
+ }
+ return &data
+
}
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go
index e7a07a9a8..5bc15dd7f 100644
--- a/libpod/boltdb_state.go
+++ b/libpod/boltdb_state.go
@@ -205,7 +205,7 @@ func (s *BoltState) Refresh() error {
return errors.Wrapf(ErrInternal, "container %s missing state in DB", string(id))
}
- state := new(containerState)
+ state := new(ContainerState)
if err := json.Unmarshal(stateBytes, state); err != nil {
return errors.Wrapf(err, "error unmarshalling state for container %s", string(id))
@@ -325,7 +325,7 @@ func (s *BoltState) Container(id string) (*Container, error) {
ctr := new(Container)
ctr.config = new(ContainerConfig)
- ctr.state = new(containerState)
+ ctr.state = new(ContainerState)
db, err := s.getDBCon()
if err != nil {
@@ -361,7 +361,7 @@ func (s *BoltState) LookupContainer(idOrName string) (*Container, error) {
ctr := new(Container)
ctr.config = new(ContainerConfig)
- ctr.state = new(containerState)
+ ctr.state = new(ContainerState)
db, err := s.getDBCon()
if err != nil {
@@ -542,7 +542,7 @@ func (s *BoltState) UpdateContainer(ctr *Container) error {
return errors.Wrapf(ErrNSMismatch, "container %s is in namespace %q, does not match our namespace %q", ctr.ID(), ctr.config.Namespace, s.namespace)
}
- newState := new(containerState)
+ newState := new(ContainerState)
netNSPath := ""
ctrID := []byte(ctr.ID())
@@ -754,7 +754,7 @@ func (s *BoltState) AllContainers() ([]*Container, error) {
ctr := new(Container)
ctr.config = new(ContainerConfig)
- ctr.state = new(containerState)
+ ctr.state = new(ContainerState)
if err := s.getContainerFromDB(id, ctr, ctrBucket); err != nil {
// If the error is a namespace mismatch, we can
@@ -1140,7 +1140,7 @@ func (s *BoltState) PodContainers(pod *Pod) ([]*Container, error) {
err = podCtrs.ForEach(func(id, val []byte) error {
newCtr := new(Container)
newCtr.config = new(ContainerConfig)
- newCtr.state = new(containerState)
+ newCtr.state = new(ContainerState)
ctrs = append(ctrs, newCtr)
return s.getContainerFromDB(id, newCtr, ctrBkt)
diff --git a/libpod/boltdb_state_linux.go b/libpod/boltdb_state_linux.go
index d91f311e5..09a9be606 100644
--- a/libpod/boltdb_state_linux.go
+++ b/libpod/boltdb_state_linux.go
@@ -8,7 +8,7 @@ import (
// replaceNetNS handle network namespace transitions after updating a
// container's state.
-func replaceNetNS(netNSPath string, ctr *Container, newState *containerState) error {
+func replaceNetNS(netNSPath string, ctr *Container, newState *ContainerState) error {
if netNSPath != "" {
// Check if the container's old state has a good netns
if ctr.state.NetNS != nil && netNSPath == ctr.state.NetNS.Path() {
diff --git a/libpod/boltdb_state_unsupported.go b/libpod/boltdb_state_unsupported.go
index 64610d304..244dc51a0 100644
--- a/libpod/boltdb_state_unsupported.go
+++ b/libpod/boltdb_state_unsupported.go
@@ -3,7 +3,7 @@
package libpod
// replaceNetNS is exclusive to the Linux platform and is a no-op elsewhere
-func replaceNetNS(netNSPath string, ctr *Container, newState *containerState) error {
+func replaceNetNS(netNSPath string, ctr *Container, newState *ContainerState) error {
return nil
}
diff --git a/libpod/common_test.go b/libpod/common_test.go
index 4af68a040..df730098e 100644
--- a/libpod/common_test.go
+++ b/libpod/common_test.go
@@ -48,7 +48,7 @@ func getTestContainer(id, name string, manager lock.Manager) (*Container, error)
},
},
},
- state: &containerState{
+ state: &ContainerState{
State: ContainerStateRunning,
ConfigPath: "/does/not/exist/specs/" + id,
RunDir: "/does/not/exist/tmp/",
@@ -166,10 +166,10 @@ func testContainersEqual(t *testing.T, a, b *Container, allowedEmpty bool) {
aConfig := new(ContainerConfig)
bConfig := new(ContainerConfig)
- aState := new(containerState)
- bState := new(containerState)
+ aState := new(ContainerState)
+ bState := new(ContainerState)
- blankState := new(containerState)
+ blankState := new(ContainerState)
assert.Equal(t, a.valid, b.valid)
diff --git a/libpod/container.go b/libpod/container.go
index ca83bbffe..b0589be3b 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -116,7 +116,7 @@ func (ns LinuxNS) String() string {
type Container struct {
config *ContainerConfig
- state *containerState
+ state *ContainerState
// Batched indicates that a container has been locked as part of a
// Batch() operation
@@ -136,10 +136,10 @@ type Container struct {
requestedIP net.IP
}
-// containerState contains the current state of the container
+// ContainerState contains the current state of the container
// It is stored on disk in a tmpfs and recreated on reboot
// easyjson:json
-type containerState struct {
+type ContainerState struct {
// The current state of the running container
State ContainerStatus `json:"state"`
// The path to the JSON OCI runtime spec for this container
@@ -350,6 +350,9 @@ type ContainerConfig struct {
PostConfigureNetNS bool `json:"postConfigureNetNS"`
+ // OCIRuntime used to create the container
+ OCIRuntime string `json:"runtime,omitempty"`
+
// ExitCommand is the container's exit command.
// This Command will be executed when the container exits
ExitCommand []string `json:"exitCommand,omitempty"`
@@ -412,14 +415,15 @@ func (c *Container) Spec() *spec.Spec {
// config does not exist (e.g., because the container was never started) return
// the spec from the config.
func (c *Container) specFromState() (*spec.Spec, error) {
- spec := c.config.Spec
+ returnSpec := c.config.Spec
if f, err := os.Open(c.state.ConfigPath); err == nil {
+ returnSpec = new(spec.Spec)
content, err := ioutil.ReadAll(f)
if err != nil {
return nil, errors.Wrapf(err, "error reading container config")
}
- if err := json.Unmarshal([]byte(content), &spec); err != nil {
+ if err := json.Unmarshal([]byte(content), &returnSpec); err != nil {
return nil, errors.Wrapf(err, "error unmarshalling container config")
}
} else {
@@ -429,7 +433,7 @@ func (c *Container) specFromState() (*spec.Spec, error) {
}
}
- return spec, nil
+ return returnSpec, nil
}
// ID returns the container's ID
@@ -1059,3 +1063,18 @@ func networkDisabled(c *Container) (bool, error) {
}
return false, nil
}
+
+// ContainerState returns containerstate struct
+func (c *Container) ContainerState() (*ContainerState, error) {
+ if !c.batched {
+ c.lock.Lock()
+ defer c.lock.Unlock()
+
+ if err := c.syncContainer(); err != nil {
+ return nil, err
+ }
+ }
+ returnConfig := new(ContainerState)
+ deepcopier.Copy(c.state).To(returnConfig)
+ return c.state, nil
+}
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 90f4659da..39c1501da 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -388,7 +388,7 @@ func (c *Container) teardownStorage() error {
// Reset resets state fields to default values
// It is performed before a refresh and clears the state after a reboot
// It does not save the results - assumes the database will do that for us
-func resetState(state *containerState) error {
+func resetState(state *ContainerState) error {
state.PID = 0
state.Mountpoint = ""
state.Mounted = false
@@ -540,7 +540,7 @@ func (c *Container) isStopped() (bool, error) {
if err != nil {
return true, err
}
- return (c.state.State == ContainerStateStopped || c.state.State == ContainerStateExited), nil
+ return (c.state.State != ContainerStateRunning && c.state.State != ContainerStatePaused), nil
}
// save container state to the database
diff --git a/libpod/container_internal_test.go b/libpod/container_internal_test.go
index 124f1d20e..f1e2b70a7 100644
--- a/libpod/container_internal_test.go
+++ b/libpod/container_internal_test.go
@@ -37,7 +37,7 @@ func TestPostDeleteHooks(t *testing.T) {
},
StaticDir: dir, // not the bundle, but good enough for this test
},
- state: &containerState{
+ state: &ContainerState{
ExtensionStageHooks: map[string][]rspec.Hook{
"poststop": {
rspec.Hook{
diff --git a/libpod/info.go b/libpod/info.go
index a98f93897..191ce6810 100644
--- a/libpod/info.go
+++ b/libpod/info.go
@@ -4,7 +4,6 @@ import (
"bufio"
"bytes"
"fmt"
- "github.com/containers/buildah"
"io/ioutil"
"os"
"runtime"
@@ -12,6 +11,7 @@ import (
"strings"
"time"
+ "github.com/containers/buildah"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/util"
"github.com/containers/libpod/utils"
@@ -184,12 +184,12 @@ func (r *Runtime) GetConmonVersion() (string, error) {
// GetOCIRuntimePath returns the path to the OCI Runtime Path the runtime is using
func (r *Runtime) GetOCIRuntimePath() string {
- return r.ociRuntimePath
+ return r.ociRuntimePath.Paths[0]
}
// GetOCIRuntimeVersion returns a string representation of the oci runtimes version
func (r *Runtime) GetOCIRuntimeVersion() (string, error) {
- output, err := utils.ExecCmd(r.ociRuntimePath, "--version")
+ output, err := utils.ExecCmd(r.ociRuntimePath.Paths[0], "--version")
if err != nil {
return "", err
}
diff --git a/libpod/oci.go b/libpod/oci.go
index 702f82491..3451ddaa8 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -75,10 +75,10 @@ type syncInfo struct {
}
// Make a new OCI runtime with provided options
-func newOCIRuntime(name string, path string, conmonPath string, conmonEnv []string, cgroupManager string, tmpDir string, logSizeMax int64, noPivotRoot bool, reservePorts bool) (*OCIRuntime, error) {
+func newOCIRuntime(oruntime OCIRuntimePath, conmonPath string, conmonEnv []string, cgroupManager string, tmpDir string, logSizeMax int64, noPivotRoot bool, reservePorts bool) (*OCIRuntime, error) {
runtime := new(OCIRuntime)
- runtime.name = name
- runtime.path = path
+ runtime.name = oruntime.Name
+ runtime.path = oruntime.Paths[0]
runtime.conmonPath = conmonPath
runtime.conmonEnv = conmonEnv
runtime.cgroupManager = cgroupManager
diff --git a/libpod/options.go b/libpod/options.go
index 319e1f6c6..d965c058e 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -137,17 +137,17 @@ func WithStateType(storeType RuntimeStateStore) RuntimeOption {
}
// WithOCIRuntime specifies an OCI runtime to use for running containers.
-func WithOCIRuntime(runtimePath string) RuntimeOption {
+func WithOCIRuntime(runtime string) RuntimeOption {
return func(rt *Runtime) error {
if rt.valid {
return ErrRuntimeFinalized
}
- if runtimePath == "" {
+ if runtime == "" {
return errors.Wrapf(ErrInvalidArg, "must provide a valid path")
}
- rt.config.RuntimePath = []string{runtimePath}
+ rt.config.OCIRuntime = runtime
return nil
}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index c9471247c..5ff8b30f6 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -86,7 +86,7 @@ type Runtime struct {
imageContext *types.SystemContext
ociRuntime *OCIRuntime
netPlugin ocicni.CNIPlugin
- ociRuntimePath string
+ ociRuntimePath OCIRuntimePath
conmonPath string
valid bool
lock sync.RWMutex
@@ -96,6 +96,14 @@ type Runtime struct {
configuredFrom *runtimeConfiguredFrom
}
+// OCIRuntimePath contains information about an OCI runtime.
+type OCIRuntimePath struct {
+ // Name of the runtime to refer to by the --runtime flag
+ Name string `toml:"name"`
+ // Paths to check for this executable
+ Paths []string `toml:"paths"`
+}
+
// RuntimeConfig contains configuration options used to set up the runtime
type RuntimeConfig struct {
// StorageConfig is the configuration used by containers/storage
@@ -118,10 +126,10 @@ type RuntimeConfig struct {
// cause conflicts in containers/storage
// As such this is not exposed via the config file
StateType RuntimeStateStore `toml:"-"`
- // RuntimePath is the path to OCI runtime binary for launching
- // containers
- // The first path pointing to a valid file will be used
- RuntimePath []string `toml:"runtime_path"`
+ // OCIRuntime is the OCI runtime to use.
+ OCIRuntime string `toml:"runtime"`
+ // OCIRuntimes are the set of configured OCI runtimes (default is runc)
+ OCIRuntimes map[string][]string `toml:"runtimes"`
// ConmonPath is the path to the Conmon binary used for managing
// containers
// The first path pointing to a valid file will be used
@@ -213,14 +221,17 @@ var (
StorageConfig: storage.StoreOptions{},
ImageDefaultTransport: DefaultTransport,
StateType: BoltDBStateStore,
- RuntimePath: []string{
- "/usr/bin/runc",
- "/usr/sbin/runc",
- "/usr/local/bin/runc",
- "/usr/local/sbin/runc",
- "/sbin/runc",
- "/bin/runc",
- "/usr/lib/cri-o-runc/sbin/runc",
+ OCIRuntime: "runc",
+ OCIRuntimes: map[string][]string{
+ "runc": {
+ "/usr/bin/runc",
+ "/usr/sbin/runc",
+ "/usr/local/bin/runc",
+ "/usr/local/sbin/runc",
+ "/sbin/runc",
+ "/bin/runc",
+ "/usr/lib/cri-o-runc/sbin/runc",
+ },
},
ConmonPath: []string{
"/usr/libexec/podman/conmon",
@@ -414,8 +425,9 @@ func NewRuntimeFromConfig(configPath string, options ...RuntimeOption) (runtime
runtime.config = new(RuntimeConfig)
runtime.configuredFrom = new(runtimeConfiguredFrom)
- // Set two fields not in the TOML config
+ // Set three fields not in the TOML config
runtime.config.StateType = defaultRuntimeConfig.StateType
+ runtime.config.OCIRuntime = defaultRuntimeConfig.OCIRuntime
runtime.config.StorageConfig = storage.StoreOptions{}
// Check to see if the given configuration file exists
@@ -453,22 +465,35 @@ func NewRuntimeFromConfig(configPath string, options ...RuntimeOption) (runtime
func makeRuntime(runtime *Runtime) (err error) {
// Find a working OCI runtime binary
foundRuntime := false
- for _, path := range runtime.config.RuntimePath {
- stat, err := os.Stat(path)
- if err != nil {
- continue
- }
- if stat.IsDir() {
- continue
- }
+ // If runtime is an absolute path, then use it as it is.
+ if runtime.config.OCIRuntime[0] == '/' {
foundRuntime = true
- runtime.ociRuntimePath = path
- break
+ runtime.ociRuntimePath = OCIRuntimePath{Name: filepath.Base(runtime.config.OCIRuntime), Paths: []string{runtime.config.OCIRuntime}}
+ } else {
+ // If not, look it up in the configuration.
+ paths := runtime.config.OCIRuntimes[runtime.config.OCIRuntime]
+ if paths != nil {
+ for _, path := range paths {
+ stat, err := os.Stat(path)
+ if err != nil {
+ if os.IsNotExist(err) {
+ continue
+ }
+ return errors.Wrapf(err, "cannot stat %s", path)
+ }
+ if !stat.Mode().IsRegular() {
+ continue
+ }
+ foundRuntime = true
+ runtime.ociRuntimePath = OCIRuntimePath{Name: runtime.config.OCIRuntime, Paths: []string{path}}
+ break
+ }
+ }
}
if !foundRuntime {
return errors.Wrapf(ErrInvalidArg,
"could not find a working binary (configured options: %v)",
- runtime.config.RuntimePath)
+ runtime.config.OCIRuntimes)
}
// Find a working conmon binary
@@ -619,7 +644,7 @@ func makeRuntime(runtime *Runtime) (err error) {
}
// Make an OCI runtime to perform container operations
- ociRuntime, err := newOCIRuntime("runc", runtime.ociRuntimePath,
+ ociRuntime, err := newOCIRuntime(runtime.ociRuntimePath,
runtime.conmonPath, runtime.config.ConmonEnvVars,
runtime.config.CgroupManager, runtime.config.TmpDir,
runtime.config.MaxLogSize, runtime.config.NoPivotRoot,
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index ab79fe5fb..6d5ce5a7e 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -48,7 +48,7 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
ctr := new(Container)
ctr.config = new(ContainerConfig)
- ctr.state = new(containerState)
+ ctr.state = new(ContainerState)
ctr.config.ID = stringid.GenerateNonCryptoID()
@@ -62,6 +62,8 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
ctr.config.StopTimeout = CtrRemoveTimeout
+ ctr.config.OCIRuntime = r.config.OCIRuntime
+
// Set namespace based on current runtime namespace
// Do so before options run so they can override it
if r.config.Namespace != "" {