summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
Diffstat (limited to 'libpod')
-rw-r--r--libpod/boltdb_state.go79
-rw-r--r--libpod/boltdb_state_internal.go53
-rw-r--r--libpod/container.go33
-rw-r--r--libpod/container_internal.go16
-rw-r--r--libpod/container_internal_linux.go18
-rw-r--r--libpod/image/image.go28
-rw-r--r--libpod/image/search.go20
-rw-r--r--libpod/in_memory_state.go32
-rw-r--r--libpod/options.go92
-rw-r--r--libpod/runtime.go30
-rw-r--r--libpod/runtime_ctr.go100
-rw-r--r--libpod/runtime_volume_linux.go24
-rw-r--r--libpod/state.go4
13 files changed, 236 insertions, 293 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go
index 92a7b1538..d8cfa2bda 100644
--- a/libpod/boltdb_state.go
+++ b/libpod/boltdb_state.go
@@ -1358,56 +1358,6 @@ func (s *BoltState) AddVolume(volume *Volume) error {
return err
}
-// RemoveVolCtrDep updates the container dependencies sub bucket of the given volume.
-// It deletes it from the bucket when found.
-// This is important when force removing a volume and we want to get rid of the dependencies.
-func (s *BoltState) RemoveVolCtrDep(volume *Volume, ctrID string) error {
- if ctrID == "" {
- return nil
- }
-
- if !s.valid {
- return ErrDBBadConfig
- }
-
- if !volume.valid {
- return ErrVolumeRemoved
- }
-
- volName := []byte(volume.Name())
-
- db, err := s.getDBCon()
- if err != nil {
- return err
- }
- defer s.closeDBCon(db)
-
- err = db.Update(func(tx *bolt.Tx) error {
- volBkt, err := getVolBucket(tx)
- if err != nil {
- return err
- }
-
- volDB := volBkt.Bucket(volName)
- if volDB == nil {
- volume.valid = false
- return errors.Wrapf(ErrNoSuchVolume, "no volume with name %s found in database", volume.Name())
- }
-
- // Make a subbucket for the containers using the volume
- ctrDepsBkt := volDB.Bucket(volDependenciesBkt)
- depCtrID := []byte(ctrID)
- if depExists := ctrDepsBkt.Get(depCtrID); depExists != nil {
- if err := ctrDepsBkt.Delete(depCtrID); err != nil {
- return errors.Wrapf(err, "error deleting container dependencies %q for volume %s in ctrDependencies bucket in DB", ctrID, volume.Name())
- }
- }
-
- return nil
- })
- return err
-}
-
// RemoveVolume removes the given volume from the state
func (s *BoltState) RemoveVolume(volume *Volume) error {
if !s.valid {
@@ -1433,6 +1383,11 @@ func (s *BoltState) RemoveVolume(volume *Volume) error {
return err
}
+ ctrBkt, err := getCtrBucket(tx)
+ if err != nil {
+ return err
+ }
+
// Check if the volume exists
volDB := volBkt.Bucket(volName)
if volDB == nil {
@@ -1448,6 +1403,18 @@ func (s *BoltState) RemoveVolume(volume *Volume) error {
if volCtrsBkt != nil {
var deps []string
err = volCtrsBkt.ForEach(func(id, value []byte) error {
+ // Alright, this is ugly.
+ // But we need it to work around the change in
+ // volume dependency handling, to make sure that
+ // older Podman versions don't cause DB
+ // corruption.
+ // Look up all dependencies and see that they
+ // still exist before appending.
+ ctrExists := ctrBkt.Bucket(id)
+ if ctrExists == nil {
+ return nil
+ }
+
deps = append(deps, string(id))
return nil
})
@@ -1629,6 +1596,11 @@ func (s *BoltState) VolumeInUse(volume *Volume) ([]string, error) {
return err
}
+ ctrBucket, err := getCtrBucket(tx)
+ if err != nil {
+ return err
+ }
+
volDB := volBucket.Bucket([]byte(volume.Name()))
if volDB == nil {
volume.valid = false
@@ -1642,6 +1614,13 @@ func (s *BoltState) VolumeInUse(volume *Volume) ([]string, error) {
// Iterate through and add dependencies
err = dependsBkt.ForEach(func(id, value []byte) error {
+ // Look up all dependencies and see that they
+ // still exist before appending.
+ ctrExists := ctrBucket.Bucket(id)
+ if ctrExists == nil {
+ return nil
+ }
+
depCtrs = append(depCtrs, string(id))
return nil
diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go
index b6a0759b1..a6900a6d3 100644
--- a/libpod/boltdb_state_internal.go
+++ b/libpod/boltdb_state_internal.go
@@ -564,23 +564,17 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
}
}
- // Add container to volume dependencies bucket if container is using a named volume
- if ctr.runtime.config.VolumePath == "" {
- return nil
- }
- for _, vol := range ctr.config.Spec.Mounts {
- if strings.Contains(vol.Source, ctr.runtime.config.VolumePath) {
- volName := strings.Split(vol.Source[len(ctr.runtime.config.VolumePath)+1:], "/")[0]
- volDB := volBkt.Bucket([]byte(volName))
- if volDB == nil {
- return errors.Wrapf(ErrNoSuchVolume, "no volume with name %s found in database", volName)
- }
+ // Add container to named volume dependencies buckets
+ for _, vol := range ctr.config.NamedVolumes {
+ volDB := volBkt.Bucket([]byte(vol.Name))
+ if volDB == nil {
+ return errors.Wrapf(ErrNoSuchVolume, "no volume with name %s found in database when adding container %s", vol.Name, ctr.ID())
+ }
- ctrDepsBkt := volDB.Bucket(volDependenciesBkt)
- if depExists := ctrDepsBkt.Get(ctrID); depExists == nil {
- if err := ctrDepsBkt.Put(ctrID, ctrID); err != nil {
- return errors.Wrapf(err, "error storing container dependencies %q for volume %s in ctrDependencies bucket in DB", ctr.ID(), volName)
- }
+ ctrDepsBkt := volDB.Bucket(volDependenciesBkt)
+ if depExists := ctrDepsBkt.Get(ctrID); depExists == nil {
+ if err := ctrDepsBkt.Put(ctrID, ctrID); err != nil {
+ return errors.Wrapf(err, "error adding container %s to volume %s dependencies", ctr.ID(), vol.Name)
}
}
}
@@ -745,22 +739,19 @@ func (s *BoltState) removeContainer(ctr *Container, pod *Pod, tx *bolt.Tx) error
}
}
- // Remove container from volume dependencies bucket if container is using a named volume
- for _, vol := range ctr.config.Spec.Mounts {
- if strings.Contains(vol.Source, ctr.runtime.config.VolumePath) {
- volName := strings.Split(vol.Source[len(ctr.runtime.config.VolumePath)+1:], "/")[0]
-
- volDB := volBkt.Bucket([]byte(volName))
- if volDB == nil {
- // Let's assume the volume was already deleted and continue to remove the container
- continue
- }
+ // Remove container from named volume dependencies buckets
+ for _, vol := range ctr.config.NamedVolumes {
+ volDB := volBkt.Bucket([]byte(vol.Name))
+ if volDB == nil {
+ // Let's assume the volume was already deleted and
+ // continue to remove the container
+ continue
+ }
- ctrDepsBkt := volDB.Bucket(volDependenciesBkt)
- if depExists := ctrDepsBkt.Get(ctrID); depExists != nil {
- if err := ctrDepsBkt.Delete(ctrID); err != nil {
- return errors.Wrapf(err, "error deleting container dependencies %q for volume %s in ctrDependencies bucket in DB", ctr.ID(), volName)
- }
+ ctrDepsBkt := volDB.Bucket(volDependenciesBkt)
+ if depExists := ctrDepsBkt.Get(ctrID); depExists == nil {
+ if err := ctrDepsBkt.Delete(ctrID); err != nil {
+ return errors.Wrapf(err, "error deleting container %s dependency on volume %s", ctr.ID(), vol.Name)
}
}
}
diff --git a/libpod/container.go b/libpod/container.go
index 739406e42..6d5e063ab 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -234,6 +234,8 @@ type ContainerConfig struct {
// These include the SHM mount.
// These must be unmounted before the container's rootfs is unmounted.
Mounts []string `json:"mounts,omitempty"`
+ // NamedVolumes lists the named volumes to mount into the container.
+ NamedVolumes []*ContainerNamedVolume `json:"namedVolumes,omitempty"`
// Security Config
@@ -354,9 +356,6 @@ type ContainerConfig struct {
// ExitCommand is the container's exit command.
// This Command will be executed when the container exits
ExitCommand []string `json:"exitCommand,omitempty"`
- // LocalVolumes are the built-in volumes we get from the --volumes-from flag
- // It picks up the built-in volumes of the container used by --volumes-from
- LocalVolumes []spec.Mount
// IsInfra is a bool indicating whether this container is an infra container used for
// sharing kernel namespaces in a pod
IsInfra bool `json:"pause"`
@@ -368,6 +367,18 @@ type ContainerConfig struct {
HealthCheckConfig *manifest.Schema2HealthConfig `json:"healthcheck"`
}
+// ContainerNamedVolume is a named volume that will be mounted into the
+// container. Each named volume is a libpod Volume present in the state.
+type ContainerNamedVolume struct {
+ // Name is the name of the volume to mount in.
+ // Must resolve to a valid volume present in this Podman.
+ Name string `json:"volumeName"`
+ // Dest is the mount's destination
+ Dest string `json:"dest"`
+ // Options are fstab style mount options
+ Options []string `json:"options,omitempty"`
+}
+
// ContainerStatus returns a string representation for users
// of a container state
func (t ContainerStatus) String() string {
@@ -488,6 +499,22 @@ func (c *Container) StaticDir() string {
return c.config.StaticDir
}
+// NamedVolumes returns the container's named volumes.
+// The name of each is guaranteed to point to a valid libpod Volume present in
+// the state.
+func (c *Container) NamedVolumes() []*ContainerNamedVolume {
+ volumes := []*ContainerNamedVolume{}
+ for _, vol := range c.config.NamedVolumes {
+ newVol := new(ContainerNamedVolume)
+ newVol.Name = vol.Name
+ newVol.Dest = vol.Dest
+ newVol.Options = vol.Options
+ volumes = append(volumes, newVol)
+ }
+
+ return volumes
+}
+
// Privileged returns whether the container is privileged
func (c *Container) Privileged() bool {
return c.config.Privileged
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index daa32007a..22df36c11 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1403,22 +1403,6 @@ func getExcludedCGroups() (excludes []string) {
return
}
-// namedVolumes returns named volumes for the container
-func (c *Container) namedVolumes() ([]string, error) {
- var volumes []string
- for _, vol := range c.config.Spec.Mounts {
- if strings.HasPrefix(vol.Source, c.runtime.config.VolumePath) {
- volume := strings.TrimPrefix(vol.Source, c.runtime.config.VolumePath+"/")
- split := strings.Split(volume, "/")
- volume = split[0]
- if _, err := c.runtime.state.Volume(volume); err == nil {
- volumes = append(volumes, volume)
- }
- }
- }
- return volumes, nil
-}
-
// this should be from chrootarchive.
func (c *Container) copyWithTarFromImage(src, dest string) error {
mountpoint, err := c.mount()
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 504d6c135..4d6bf61a3 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -195,6 +195,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
if err := c.makeBindMounts(); err != nil {
return nil, err
}
+
// Check if the spec file mounts contain the label Relabel flags z or Z.
// If they do, relabel the source directory and then remove the option.
for i := range g.Config.Mounts {
@@ -218,6 +219,23 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
g.SetProcessSelinuxLabel(c.ProcessLabel())
g.SetLinuxMountLabel(c.MountLabel())
+
+ // Add named volumes
+ for _, namedVol := range c.config.NamedVolumes {
+ volume, err := c.runtime.GetVolume(namedVol.Name)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error retrieving volume %s to add to container %s", namedVol.Name, c.ID())
+ }
+ mountPoint := volume.MountPoint()
+ volMount := spec.Mount{
+ Type: "bind",
+ Source: mountPoint,
+ Destination: namedVol.Dest,
+ Options: namedVol.Options,
+ }
+ g.AddMount(volMount)
+ }
+
// Add bind mounts to container
for dstPath, srcPath := range c.state.BindMounts {
newMount := spec.Mount{
diff --git a/libpod/image/image.go b/libpod/image/image.go
index 4862bf1d6..cc056b816 100644
--- a/libpod/image/image.go
+++ b/libpod/image/image.go
@@ -68,6 +68,16 @@ type Runtime struct {
EventsLogFilePath string
}
+// InfoImage keep information of Image along with all associated layers
+type InfoImage struct {
+ // ID of image
+ ID string
+ // Tags of image
+ Tags []string
+ // Layers stores all layers of image.
+ Layers []LayerInfo
+}
+
// ErrRepoTagNotFound is the error returned when the image id given doesn't match a rep tag in store
var ErrRepoTagNotFound = errors.New("unable to match user input to any specific repotag")
@@ -1277,3 +1287,21 @@ func GetLayersMapWithImageInfo(imageruntime *Runtime) (map[string]*LayerInfo, er
}
return layerInfoMap, nil
}
+
+// BuildImageHierarchyMap stores hierarchy of images such that all parent layers using which image is built are stored in imageInfo
+// Layers are added such that (Start)RootLayer->...intermediate Parent Layer(s)-> TopLayer(End)
+func BuildImageHierarchyMap(imageInfo *InfoImage, layerMap map[string]*LayerInfo, layerID string) error {
+ if layerID == "" {
+ return nil
+ }
+ ll, ok := layerMap[layerID]
+ if !ok {
+ return fmt.Errorf("lookup error: layerid %s not found", layerID)
+ }
+ if err := BuildImageHierarchyMap(imageInfo, layerMap, ll.ParentID); err != nil {
+ return err
+ }
+
+ imageInfo.Layers = append(imageInfo.Layers, *ll)
+ return nil
+}
diff --git a/libpod/image/search.go b/libpod/image/search.go
index 2c66ce284..03a67636b 100644
--- a/libpod/image/search.go
+++ b/libpod/image/search.go
@@ -2,7 +2,6 @@ package image
import (
"context"
- "reflect"
"strconv"
"strings"
"sync"
@@ -10,7 +9,6 @@ import (
"github.com/containers/image/docker"
"github.com/containers/image/types"
sysreg "github.com/containers/libpod/pkg/registries"
- "github.com/fatih/camelcase"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sync/semaphore"
@@ -63,24 +61,6 @@ type SearchFilter struct {
IsOfficial types.OptionalBool
}
-func splitCamelCase(src string) string {
- entries := camelcase.Split(src)
- return strings.Join(entries, " ")
-}
-
-// HeaderMap returns the headers of a SearchResult.
-func (s *SearchResult) HeaderMap() map[string]string {
- v := reflect.Indirect(reflect.ValueOf(s))
- values := make(map[string]string, v.NumField())
-
- for i := 0; i < v.NumField(); i++ {
- key := v.Type().Field(i).Name
- value := key
- values[key] = strings.ToUpper(splitCamelCase(value))
- }
- return values
-}
-
// SearchImages searches images based on term and the specified SearchOptions
// in all registries.
func SearchImages(term string, options SearchOptions) ([]SearchResult, error) {
diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go
index ab4fc8ba7..2669206df 100644
--- a/libpod/in_memory_state.go
+++ b/libpod/in_memory_state.go
@@ -249,11 +249,8 @@ func (s *InMemoryState) AddContainer(ctr *Container) error {
}
// Add container to volume dependencies
- for _, vol := range ctr.config.Spec.Mounts {
- if strings.Contains(vol.Source, ctr.runtime.config.VolumePath) {
- volName := strings.Split(vol.Source[len(ctr.runtime.config.VolumePath)+1:], "/")[0]
- s.addCtrToVolDependsMap(ctr.ID(), volName)
- }
+ for _, vol := range ctr.config.NamedVolumes {
+ s.addCtrToVolDependsMap(ctr.ID(), vol.Name)
}
return nil
@@ -306,12 +303,9 @@ func (s *InMemoryState) RemoveContainer(ctr *Container) error {
s.removeCtrFromDependsMap(ctr.ID(), depCtr)
}
- // Remove container from volume dependencies
- for _, vol := range ctr.config.Spec.Mounts {
- if strings.Contains(vol.Source, ctr.runtime.config.VolumePath) {
- volName := strings.Split(vol.Source[len(ctr.runtime.config.VolumePath)+1:], "/")[0]
- s.removeCtrFromVolDependsMap(ctr.ID(), volName)
- }
+ // Remove this container from volume dependencies
+ for _, vol := range ctr.config.NamedVolumes {
+ s.removeCtrFromVolDependsMap(ctr.ID(), vol.Name)
}
return nil
@@ -492,22 +486,6 @@ func (s *InMemoryState) RemoveVolume(volume *Volume) error {
return nil
}
-// RemoveVolCtrDep updates the container dependencies of the volume
-func (s *InMemoryState) RemoveVolCtrDep(volume *Volume, ctrID string) error {
- if !volume.valid {
- return errors.Wrapf(ErrVolumeRemoved, "volume with name %s is not valid", volume.Name())
- }
-
- if _, ok := s.volumes[volume.Name()]; !ok {
- return errors.Wrapf(ErrNoSuchVolume, "volume with name %s doesn't exists in state", volume.Name())
- }
-
- // Remove container that is using this volume
- s.removeCtrFromVolDependsMap(ctrID, volume.Name())
-
- return nil
-}
-
// VolumeInUse checks if the given volume is being used by at least one container
func (s *InMemoryState) VolumeInUse(volume *Volume) ([]string, error) {
if !volume.valid {
diff --git a/libpod/options.go b/libpod/options.go
index 24f126e66..9326e54e4 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -13,7 +13,6 @@ import (
"github.com/containers/storage"
"github.com/containers/storage/pkg/idtools"
"github.com/cri-o/ocicni/pkg/ocicni"
- spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
)
@@ -1111,24 +1110,6 @@ func WithUserVolumes(volumes []string) CtrCreateOption {
}
}
-// WithLocalVolumes sets the built-in volumes of the container retrieved
-// from a container passed in to the --volumes-from flag.
-// This stores the built-in volume information in the Config so we can
-// add them when creating the container.
-func WithLocalVolumes(volumes []spec.Mount) CtrCreateOption {
- return func(ctr *Container) error {
- if ctr.valid {
- return ErrCtrFinalized
- }
-
- if volumes != nil {
- ctr.config.LocalVolumes = append(ctr.config.LocalVolumes, volumes...)
- }
-
- return nil
- }
-}
-
// WithEntrypoint sets the entrypoint of the container.
// This is not used to change the container's spec, but will instead be used
// during commit to populate the entrypoint of the new image.
@@ -1255,6 +1236,35 @@ func withIsInfra() CtrCreateOption {
}
}
+// WithNamedVolumes adds the given named volumes to the container.
+func WithNamedVolumes(volumes []*ContainerNamedVolume) CtrCreateOption {
+ return func(ctr *Container) error {
+ if ctr.valid {
+ return ErrCtrFinalized
+ }
+
+ destinations := make(map[string]bool)
+
+ for _, vol := range volumes {
+ // Don't check if they already exist.
+ // If they don't we will automatically create them.
+
+ if _, ok := destinations[vol.Dest]; ok {
+ return errors.Wrapf(ErrInvalidArg, "two volumes found with destination %s", vol.Dest)
+ }
+ destinations[vol.Dest] = true
+
+ ctr.config.NamedVolumes = append(ctr.config.NamedVolumes, &ContainerNamedVolume{
+ Name: vol.Name,
+ Dest: vol.Dest,
+ Options: vol.Options,
+ })
+ }
+
+ return nil
+ }
+}
+
// Volume Creation Options
// WithVolumeName sets the name of the volume.
@@ -1274,68 +1284,72 @@ func WithVolumeName(name string) VolumeCreateOption {
}
}
-// WithVolumeUID sets the uid of the owner.
-func WithVolumeUID(uid int) VolumeCreateOption {
+// WithVolumeLabels sets the labels of the volume.
+func WithVolumeLabels(labels map[string]string) VolumeCreateOption {
return func(volume *Volume) error {
if volume.valid {
return ErrVolumeFinalized
}
- volume.config.UID = uid
+
+ volume.config.Labels = make(map[string]string)
+ for key, value := range labels {
+ volume.config.Labels[key] = value
+ }
+
return nil
}
}
-// WithVolumeGID sets the gid of the owner.
-func WithVolumeGID(gid int) VolumeCreateOption {
+// WithVolumeDriver sets the driver of the volume.
+func WithVolumeDriver(driver string) VolumeCreateOption {
return func(volume *Volume) error {
if volume.valid {
return ErrVolumeFinalized
}
- volume.config.GID = gid
+
+ volume.config.Driver = driver
+
return nil
}
}
-// WithVolumeLabels sets the labels of the volume.
-func WithVolumeLabels(labels map[string]string) VolumeCreateOption {
+// WithVolumeOptions sets the options of the volume.
+func WithVolumeOptions(options map[string]string) VolumeCreateOption {
return func(volume *Volume) error {
if volume.valid {
return ErrVolumeFinalized
}
- volume.config.Labels = make(map[string]string)
- for key, value := range labels {
- volume.config.Labels[key] = value
+ volume.config.Options = make(map[string]string)
+ for key, value := range options {
+ volume.config.Options[key] = value
}
return nil
}
}
-// WithVolumeDriver sets the driver of the volume.
-func WithVolumeDriver(driver string) VolumeCreateOption {
+// WithVolumeUID sets the UID that the volume will be created as.
+func WithVolumeUID(uid int) VolumeCreateOption {
return func(volume *Volume) error {
if volume.valid {
return ErrVolumeFinalized
}
- volume.config.Driver = driver
+ volume.config.UID = uid
return nil
}
}
-// WithVolumeOptions sets the options of the volume.
-func WithVolumeOptions(options map[string]string) VolumeCreateOption {
+// WithVolumeGID sets the GID that the volume will be created as.
+func WithVolumeGID(gid int) VolumeCreateOption {
return func(volume *Volume) error {
if volume.valid {
return ErrVolumeFinalized
}
- volume.config.Options = make(map[string]string)
- for key, value := range options {
- volume.config.Options[key] = value
- }
+ volume.config.GID = gid
return nil
}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 6e54de558..4dd2707e8 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -4,7 +4,6 @@ import (
"fmt"
"io/ioutil"
"os"
- "os/exec"
"path/filepath"
"sync"
"syscall"
@@ -742,7 +741,7 @@ func makeRuntime(runtime *Runtime) (err error) {
// Set up containers/storage
var store storage.Store
- if rootless.SkipStorageSetup() {
+ if os.Geteuid() != 0 {
logrus.Debug("Not configuring container store")
} else {
store, err = storage.GetStore(runtime.config.StorageConfig)
@@ -926,16 +925,8 @@ func makeRuntime(runtime *Runtime) (err error) {
// If we need to refresh the state, do it now - things are guaranteed to
// be set up by now.
if doRefresh {
- if os.Geteuid() != 0 {
- aliveLock.Unlock()
- locked = false
- if err2 := runtime.refreshRootless(); err2 != nil {
- return err2
- }
- } else {
- if err2 := runtime.refresh(runtimeAliveFile); err2 != nil {
- return err2
- }
+ if err2 := runtime.refresh(runtimeAliveFile); err2 != nil {
+ return err2
}
}
@@ -1009,21 +1000,6 @@ func (r *Runtime) Shutdown(force bool) error {
return lastError
}
-// Reconfigures the runtime after a reboot for a rootless process
-func (r *Runtime) refreshRootless() error {
- // Take advantage of a command that requires a new userns
- // so that we are running as the root user and able to use refresh()
- cmd := exec.Command(os.Args[0], "info")
-
- if output, err := cmd.CombinedOutput(); err != nil {
- if _, ok := err.(*exec.ExitError); !ok {
- return errors.Wrapf(err, "Error waiting for info while refreshing state: %s", os.Args[0])
- }
- return errors.Wrapf(err, "Error running %s info while refreshing state: %s", os.Args[0], output)
- }
- return nil
-}
-
// Reconfigures the runtime after a reboot
// Refreshes the state, recreating temporary files
// Does not check validity as the runtime is not valid until after this has run
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 506aee477..800b42851 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -2,11 +2,9 @@ package libpod
import (
"context"
- "io/ioutil"
"os"
"path"
"path/filepath"
- "strconv"
"strings"
"time"
@@ -101,9 +99,6 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
ctr.state.State = ContainerStateConfigured
ctr.runtime = r
- ctr.valid = true
- ctr.state.State = ContainerStateConfigured
-
var pod *Pod
if ctr.config.Pod != "" {
// Get the pod from state
@@ -175,24 +170,29 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
ctr.config.ConmonPidFile = filepath.Join(ctr.config.StaticDir, "conmon.pid")
}
- // Go through the volume mounts and check for named volumes
- // If the named volme already exists continue, otherwise create
- // the storage for the named volume.
- for i, vol := range ctr.config.Spec.Mounts {
- if vol.Source[0] != '/' && isNamedVolume(vol.Source) {
- volInfo, err := r.state.Volume(vol.Source)
- if err != nil {
- newVol, err := r.newVolume(ctx, WithVolumeName(vol.Source), withSetCtrSpecific(), WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID()))
- if err != nil {
- return nil, errors.Wrapf(err, "error creating named volume %q", vol.Source)
- }
- ctr.config.Spec.Mounts[i].Source = newVol.MountPoint()
- if err := ctr.copyWithTarFromImage(ctr.config.Spec.Mounts[i].Destination, ctr.config.Spec.Mounts[i].Source); err != nil && !os.IsNotExist(err) {
- return nil, errors.Wrapf(err, "failed to copy content into new volume mount %q", vol.Source)
- }
- continue
- }
- ctr.config.Spec.Mounts[i].Source = volInfo.MountPoint()
+ // Go through named volumes and add them.
+ // If they don't exist they will be created using basic options.
+ for _, vol := range ctr.config.NamedVolumes {
+ // Check if it exists already
+ _, err := r.state.Volume(vol.Name)
+ if err == nil {
+ // The volume exists, we're good
+ continue
+ } else if errors.Cause(err) != ErrNoSuchVolume {
+ return nil, errors.Wrapf(err, "error retrieving named volume %s for new container", vol.Name)
+ }
+
+ logrus.Debugf("Creating new volume %s for container", vol.Name)
+
+ // The volume does not exist, so we need to create it.
+ newVol, err := r.newVolume(ctx, WithVolumeName(vol.Name), withSetCtrSpecific(),
+ WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID()))
+ if err != nil {
+ return nil, errors.Wrapf(err, "error creating named volume %q", vol.Name)
+ }
+
+ if err := ctr.copyWithTarFromImage(vol.Dest, newVol.MountPoint()); err != nil && !os.IsNotExist(err) {
+ return nil, errors.Wrapf(err, "Failed to copy content into new volume mount %q", vol.Name)
}
}
@@ -346,13 +346,6 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool,
return errors.Wrapf(ErrCtrExists, "container %s has dependent containers which must be removed before it: %s", c.ID(), depsStr)
}
- var volumes []string
- if removeVolume {
- volumes, err = c.namedVolumes()
- if err != nil {
- logrus.Errorf("unable to retrieve builtin volumes for container %v: %v", c.ID(), err)
- }
- }
var cleanupErr error
// Remove the container from the state
if c.config.Pod != "" {
@@ -417,8 +410,12 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool,
}
}
- for _, v := range volumes {
- if volume, err := runtime.state.Volume(v); err == nil {
+ if !removeVolume {
+ return cleanupErr
+ }
+
+ for _, v := range c.config.NamedVolumes {
+ if volume, err := runtime.state.Volume(v.Name); err == nil {
if !volume.IsCtrSpecific() {
continue
}
@@ -550,51 +547,12 @@ func (r *Runtime) GetLatestContainer() (*Container, error) {
return ctrs[lastCreatedIndex], nil
}
-// Check if volName is a named volume and not one of the default mounts we add to containers
-func isNamedVolume(volName string) bool {
- if volName != "proc" && volName != "tmpfs" && volName != "devpts" && volName != "shm" && volName != "mqueue" && volName != "sysfs" && volName != "cgroup" {
- return true
- }
- return false
-}
-
// Export is the libpod portion of exporting a container to a tar file
func (r *Runtime) Export(name string, path string) error {
ctr, err := r.LookupContainer(name)
if err != nil {
return err
}
- if os.Geteuid() != 0 {
- state, err := ctr.State()
- if err != nil {
- return errors.Wrapf(err, "cannot read container state %q", ctr.ID())
- }
- if state == ContainerStateRunning || state == ContainerStatePaused {
- data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
- if err != nil {
- return errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
- }
- conmonPid, err := strconv.Atoi(string(data))
- if err != nil {
- return errors.Wrapf(err, "cannot parse PID %q", data)
- }
- became, ret, err := rootless.JoinDirectUserAndMountNS(uint(conmonPid))
- if err != nil {
- return err
- }
- if became {
- os.Exit(ret)
- }
- } else {
- became, ret, err := rootless.BecomeRootInUserNS()
- if err != nil {
- return err
- }
- if became {
- os.Exit(ret)
- }
- }
- }
return ctr.Export(path)
}
diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go
index db5c29242..40040fc52 100644
--- a/libpod/runtime_volume_linux.go
+++ b/libpod/runtime_volume_linux.go
@@ -98,12 +98,26 @@ func (r *Runtime) removeVolume(ctx context.Context, v *Volume, force bool) error
if !force {
return errors.Wrapf(ErrVolumeBeingUsed, "volume %s is being used by the following container(s): %s", v.Name(), depsStr)
}
- // If using force, log the warning that the volume is being used by at least one container
- logrus.Warnf("volume %s is being used by the following container(s): %s", v.Name(), depsStr)
- // Remove the container dependencies so we can go ahead and delete the volume
+
+ // We need to remove all containers using the volume
for _, dep := range deps {
- if err := r.state.RemoveVolCtrDep(v, dep); err != nil {
- return errors.Wrapf(err, "unable to remove container dependency %q from volume %q while trying to delete volume by force", dep, v.Name())
+ ctr, err := r.state.Container(dep)
+ if err != nil {
+ // If the container's removed, no point in
+ // erroring.
+ if errors.Cause(err) == ErrNoSuchCtr || errors.Cause(err) == ErrCtrRemoved {
+ continue
+ }
+
+ return errors.Wrapf(err, "error removing container %s that depends on volume %s", dep, v.Name())
+ }
+
+ // TODO: do we want to set force here when removing
+ // containers?
+ // I'm inclined to say no, in case someone accidentally
+ // wipes a container they're using...
+ if err := r.removeContainer(ctx, ctr, false, false); err != nil {
+ return errors.Wrapf(err, "error removing container %s that depends on volume %s", ctr.ID(), v.Name())
}
}
}
diff --git a/libpod/state.go b/libpod/state.go
index 4296fc3cd..d0ad1a1f8 100644
--- a/libpod/state.go
+++ b/libpod/state.go
@@ -192,10 +192,6 @@ type State interface {
// AddVolume adds the specified volume to state. The volume's name
// must be unique within the list of existing volumes
AddVolume(volume *Volume) error
- // RemoveVolCtrDep updates the list of container dependencies that the
- // volume has. It either deletes the dependent container ID from
- // the sub-bucket
- RemoveVolCtrDep(volume *Volume, ctrID string) error
// RemoveVolume removes the specified volume.
// Only volumes that have no container dependencies can be removed
RemoveVolume(volume *Volume) error