diff options
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/container_internal.go | 9 | ||||
| -rw-r--r-- | libpod/container_internal_linux.go | 13 | ||||
| -rw-r--r-- | libpod/define/info.go | 2 | ||||
| -rw-r--r-- | libpod/define/pod_inspect.go | 12 | ||||
| -rw-r--r-- | libpod/info.go | 6 | ||||
| -rw-r--r-- | libpod/networking_linux.go | 1 | ||||
| -rw-r--r-- | libpod/oci_conmon_linux.go | 1 | ||||
| -rw-r--r-- | libpod/oci_util.go | 13 | ||||
| -rw-r--r-- | libpod/pod.go | 89 | ||||
| -rw-r--r-- | libpod/pod_api.go | 6 |
10 files changed, 37 insertions, 115 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 4d1a25541..18b80475b 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -293,6 +293,15 @@ func (c *Container) handleRestartPolicy(ctx context.Context) (_ bool, retErr err } } + // setup rootlesskit port forwarder again since it dies when conmon exits + // we use rootlesskit port forwarder only as rootless and when bridge network is used + if rootless.IsRootless() && c.config.NetMode.IsBridge() && len(c.config.PortMappings) > 0 { + err := c.runtime.setupRootlessPortMappingViaRLK(c, c.state.NetNS.Path()) + if err != nil { + return false, err + } + } + if c.state.State == define.ContainerStateStopped { // Reinitialize the container if we need to if err := c.reinit(ctx, true); err != nil { diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index eabe8efd2..4194a0d93 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -2489,15 +2489,7 @@ func (c *Container) getOCICgroupPath() (string, error) { switch { case c.config.NoCgroups: return "", nil - case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)): - if !isRootlessCgroupSet(c.config.CgroupParent) { - return "", nil - } - return c.config.CgroupParent, nil case c.config.CgroupsMode == cgroupSplit: - if c.config.CgroupParent != "" { - return c.config.CgroupParent, nil - } selfCgroup, err := utils.GetOwnCgroup() if err != nil { return "", err @@ -2510,6 +2502,11 @@ func (c *Container) getOCICgroupPath() (string, error) { systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID()) logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups) return systemdCgroups, nil + case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)): + if c.config.CgroupParent == "" || !isRootlessCgroupSet(c.config.CgroupParent) { + return "", nil + } + fallthrough case cgroupManager == config.CgroupfsCgroupsManager: cgroupPath := filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())) logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath) diff --git a/libpod/define/info.go b/libpod/define/info.go index 73df80087..f4aa0031c 100644 --- a/libpod/define/info.go +++ b/libpod/define/info.go @@ -78,7 +78,9 @@ type IDMappings struct { // for libpod type DistributionInfo struct { Distribution string `json:"distribution"` + Variant string `json:"variant,omitempty"` Version string `json:"version"` + Codename string `json:"codename,omitempty"` } // ConmonInfo describes the conmon executable being used diff --git a/libpod/define/pod_inspect.go b/libpod/define/pod_inspect.go index f91fd198d..b88d4f279 100644 --- a/libpod/define/pod_inspect.go +++ b/libpod/define/pod_inspect.go @@ -51,12 +51,6 @@ type InspectPodData struct { // Containers gives a brief summary of all containers in the pod and // their current status. Containers []InspectPodContainerInfo `json:"Containers,omitempty"` - // CPUPeriod contains the CPU period of the pod - CPUPeriod uint64 `json:"cpu_period,omitempty"` - // CPUQuota contains the CPU quota of the pod - CPUQuota int64 `json:"cpu_quota,omitempty"` - // CPUSetCPUs contains linux specific CPU data for the pod - CPUSetCPUs string `json:"cpuset_cpus,omitempty"` } // InspectPodInfraConfig contains the configuration of the pod's infra @@ -97,12 +91,6 @@ type InspectPodInfraConfig struct { Networks []string // NetworkOptions are additional options for each network NetworkOptions map[string][]string - // CPUPeriod contains the CPU period of the pod - CPUPeriod uint64 `json:"cpu_period,omitempty"` - // CPUQuota contains the CPU quota of the pod - CPUQuota int64 `json:"cpu_quota,omitempty"` - // CPUSetCPUs contains linux specific CPU data for the container - CPUSetCPUs string `json:"cpuset_cpus,omitempty"` // Pid is the PID namespace mode of the pod's infra container PidNS string `json:"pid_ns,omitempty"` // UserNS is the usernamespace that all the containers in the pod will join. diff --git a/libpod/info.go b/libpod/info.go index 31ec9cdc1..2eba4bbff 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -370,9 +370,15 @@ func (r *Runtime) GetHostDistributionInfo() define.DistributionInfo { if strings.HasPrefix(l.Text(), "ID=") { dist.Distribution = strings.TrimPrefix(l.Text(), "ID=") } + if strings.HasPrefix(l.Text(), "VARIANT_ID=") { + dist.Variant = strings.Trim(strings.TrimPrefix(l.Text(), "VARIANT_ID="), "\"") + } if strings.HasPrefix(l.Text(), "VERSION_ID=") { dist.Version = strings.Trim(strings.TrimPrefix(l.Text(), "VERSION_ID="), "\"") } + if strings.HasPrefix(l.Text(), "VERSION_CODENAME=") { + dist.Codename = strings.Trim(strings.TrimPrefix(l.Text(), "VERSION_CODENAME="), "\"") + } } return dist } diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 9aa6cab15..b0d4e0b2d 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -718,6 +718,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error { // set up port forwarder for CNI-in-slirp4netns netnsPath := ctr.state.NetNS.Path() // TODO: support slirp4netns port forwarder as well + // make sure to fix this container.handleRestartPolicy() as well return r.setupRootlessPortMappingViaRLK(ctr, netnsPath) } return nil diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 924df2310..8a823e4fc 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1138,6 +1138,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co if err != nil { return err } + filesToClose = append(filesToClose, ports...) // Leak the port we bound in the conmon process. These fd's won't be used // by the container and conmon will keep the ports busy so that another diff --git a/libpod/oci_util.go b/libpod/oci_util.go index 1cafd5863..f2843b09b 100644 --- a/libpod/oci_util.go +++ b/libpod/oci_util.go @@ -68,6 +68,12 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) { return nil, errors.Wrapf(err, "cannot get file for UDP socket") } files = append(files, f) + // close the listener + // note that this does not affect the fd, see the godoc for server.File() + err = server.Close() + if err != nil { + logrus.Warnf("failed to close connection: %v", err) + } case "tcp": var ( @@ -96,6 +102,13 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) { return nil, errors.Wrapf(err, "cannot get file for TCP socket") } files = append(files, f) + // close the listener + // note that this does not affect the fd, see the godoc for server.File() + err = server.Close() + if err != nil { + logrus.Warnf("failed to close connection: %v", err) + } + case "sctp": if !notifySCTP { notifySCTP = true diff --git a/libpod/pod.go b/libpod/pod.go index e4516b354..0d5d629cd 100644 --- a/libpod/pod.go +++ b/libpod/pod.go @@ -1,7 +1,6 @@ package libpod import ( - "context" "fmt" "sort" "time" @@ -99,65 +98,6 @@ func (p *Pod) Namespace() string { return p.config.Namespace } -// ResourceLim returns the cpuset resource limits for the pod -func (p *Pod) ResourceLim() *specs.LinuxResources { - resCopy := &specs.LinuxResources{} - empty := &specs.LinuxResources{ - CPU: &specs.LinuxCPU{}, - } - infra, err := p.runtime.GetContainer(p.state.InfraContainerID) - if err != nil { - return empty - } - conf := infra.config.Spec - if err != nil { - return empty - } - if conf.Linux == nil || conf.Linux.Resources == nil { - return empty - } - if err = JSONDeepCopy(conf.Linux.Resources, resCopy); err != nil { - return nil - } - if resCopy.CPU != nil { - return resCopy - } - - return empty -} - -// CPUPeriod returns the pod CPU period -func (p *Pod) CPUPeriod() uint64 { - if p.state.InfraContainerID == "" { - return 0 - } - infra, err := p.runtime.GetContainer(p.state.InfraContainerID) - if err != nil { - return 0 - } - conf := infra.config.Spec - if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Period != nil { - return *conf.Linux.Resources.CPU.Period - } - return 0 -} - -// CPUQuota returns the pod CPU quota -func (p *Pod) CPUQuota() int64 { - if p.state.InfraContainerID == "" { - return 0 - } - infra, err := p.runtime.GetContainer(p.state.InfraContainerID) - if err != nil { - return 0 - } - conf := infra.config.Spec - if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Quota != nil { - return *conf.Linux.Resources.CPU.Quota - } - return 0 -} - // PidMode returns the PID mode given by the user ex: pod, private... func (p *Pod) PidMode() string { infra, err := p.runtime.GetContainer(p.state.InfraContainerID) @@ -282,35 +222,6 @@ func (p *Pod) CgroupPath() (string, error) { if err := p.updatePod(); err != nil { return "", err } - if p.state.CgroupPath != "" { - return p.state.CgroupPath, nil - } - if p.state.InfraContainerID == "" { - return "", errors.Wrap(define.ErrNoSuchCtr, "pod has no infra container") - } - - id, err := p.infraContainerID() - if err != nil { - return "", err - } - - if id != "" { - ctr, err := p.infraContainer() - if err != nil { - return "", errors.Wrapf(err, "could not get infra") - } - if ctr != nil { - ctr.Start(context.Background(), true) - cgroupPath, err := ctr.CGroupPath() - fmt.Println(cgroupPath) - if err != nil { - return "", errors.Wrapf(err, "could not get container cgroup") - } - p.state.CgroupPath = cgroupPath - p.save() - return cgroupPath, nil - } - } return p.state.CgroupPath, nil } diff --git a/libpod/pod_api.go b/libpod/pod_api.go index 5f4d983b9..4c3b1b0b7 100644 --- a/libpod/pod_api.go +++ b/libpod/pod_api.go @@ -592,9 +592,6 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) { infraConfig.StaticIP = infra.Config().ContainerNetworkConfig.StaticIP infraConfig.NoManageResolvConf = infra.Config().UseImageResolvConf infraConfig.NoManageHosts = infra.Config().UseImageHosts - infraConfig.CPUPeriod = p.CPUPeriod() - infraConfig.CPUQuota = p.CPUQuota() - infraConfig.CPUSetCPUs = p.ResourceLim().CPU.Cpus infraConfig.PidNS = p.PidMode() infraConfig.UserNS = p.UserNSMode() @@ -642,9 +639,6 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) { SharedNamespaces: sharesNS, NumContainers: uint(len(containers)), Containers: ctrs, - CPUSetCPUs: p.ResourceLim().CPU.Cpus, - CPUPeriod: p.CPUPeriod(), - CPUQuota: p.CPUQuota(), } return &inspectData, nil |