diff options
Diffstat (limited to 'libpod')
35 files changed, 367 insertions, 1097 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go index 2ce8e0de4..4b6ff2c1d 100644 --- a/libpod/boltdb_state.go +++ b/libpod/boltdb_state.go @@ -6,12 +6,11 @@ import ( "strings" "sync" - "github.com/containers/libpod/libpod/config" "github.com/containers/libpod/libpod/define" - bolt "github.com/etcd-io/bbolt" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" + bolt "go.etcd.io/bbolt" ) var json = jsoniter.ConfigCompatibleWithStandardLibrary @@ -347,12 +346,12 @@ func (s *BoltState) Refresh() error { // GetDBConfig retrieves runtime configuration fields that were created when // the database was first initialized -func (s *BoltState) GetDBConfig() (*config.DBConfig, error) { +func (s *BoltState) GetDBConfig() (*DBConfig, error) { if !s.valid { return nil, define.ErrDBClosed } - cfg := new(config.DBConfig) + cfg := new(DBConfig) db, err := s.getDBCon() if err != nil { diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 1c4c9e12d..33ff0720f 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -9,9 +9,9 @@ import ( "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/rootless" "github.com/containers/storage" - bolt "github.com/etcd-io/bbolt" "github.com/pkg/errors" "github.com/sirupsen/logrus" + bolt "go.etcd.io/bbolt" ) const ( @@ -104,37 +104,37 @@ func checkRuntimeConfig(db *bolt.DB, rt *Runtime) error { }, { "libpod root directory (staticdir)", - rt.config.StaticDir, + rt.config.Engine.StaticDir, staticDirKey, "", }, { "libpod temporary files directory (tmpdir)", - rt.config.TmpDir, + rt.config.Engine.TmpDir, tmpDirKey, "", }, { "storage temporary directory (runroot)", - rt.config.StorageConfig.RunRoot, + rt.StorageConfig().RunRoot, runRootKey, storeOpts.RunRoot, }, { "storage graph root directory (graphroot)", - rt.config.StorageConfig.GraphRoot, + rt.StorageConfig().GraphRoot, graphRootKey, storeOpts.GraphRoot, }, { "storage graph driver", - rt.config.StorageConfig.GraphDriverName, + rt.StorageConfig().GraphDriverName, graphDriverKey, storeOpts.GraphDriverName, }, { "volume path", - rt.config.VolumePath, + rt.config.Engine.VolumePath, volPathKey, "", }, diff --git a/libpod/common_test.go b/libpod/common_test.go index 747252cf4..abf336f97 100644 --- a/libpod/common_test.go +++ b/libpod/common_test.go @@ -7,7 +7,7 @@ import ( "testing" "time" - "github.com/containers/libpod/libpod/config" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/lock" "github.com/cri-o/ocicni/pkg/ocicni" @@ -73,7 +73,9 @@ func getTestContainer(id, name string, manager lock.Manager) (*Container, error) }, runtime: &Runtime{ config: &config.Config{ - VolumePath: "/does/not/exist/tmp/volumes", + Engine: config.EngineConfig{ + VolumePath: "/does/not/exist/tmp/volumes", + }, }, }, valid: true, diff --git a/libpod/config/config.go b/libpod/config/config.go deleted file mode 100644 index b94c1b20b..000000000 --- a/libpod/config/config.go +++ /dev/null @@ -1,618 +0,0 @@ -package config - -import ( - "bytes" - "fmt" - "os" - "os/exec" - "path/filepath" - "regexp" - "strconv" - "strings" - - "github.com/BurntSushi/toml" - "github.com/containers/libpod/libpod/define" - "github.com/containers/libpod/pkg/cgroups" - "github.com/containers/libpod/pkg/rootless" - "github.com/containers/libpod/pkg/util" - "github.com/containers/storage" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" -) - -const ( - // _defaultTransport is a prefix that we apply to an image name to check - // docker hub first for the image. - _defaultTransport = "docker://" - - // _rootlessConfigPath is the path to the rootless libpod.conf in $HOME. - _rootlessConfigPath = ".config/containers/libpod.conf" - - // _conmonMinMajorVersion is the major version required for conmon. - _conmonMinMajorVersion = 2 - - // _conmonMinMinorVersion is the minor version required for conmon. - _conmonMinMinorVersion = 0 - - // _conmonMinPatchVersion is the sub-minor version required for conmon. - _conmonMinPatchVersion = 1 - - // _conmonVersionFormatErr is used when the expected versio-format of conmon - // has changed. - _conmonVersionFormatErr = "conmon version changed format" - - // InstallPrefix is the prefix where podman will be installed. - // It can be overridden at build time. - _installPrefix = "/usr" - - // EtcDir is the sysconfdir where podman should look for system config files. - // It can be overridden at build time. - _etcDir = "/etc" - - // SeccompDefaultPath defines the default seccomp path. - SeccompDefaultPath = _installPrefix + "/share/containers/seccomp.json" - - // SeccompOverridePath if this exists it overrides the default seccomp path. - SeccompOverridePath = _etcDir + "/crio/seccomp.json" - - // _rootConfigPath is the path to the libpod configuration file - // This file is loaded to replace the builtin default config before - // runtime options (e.g. WithStorageConfig) are applied. - // If it is not present, the builtin default config is used instead - // This path can be overridden when the runtime is created by using - // NewRuntimeFromConfig() instead of NewRuntime(). - _rootConfigPath = _installPrefix + "/share/containers/libpod.conf" - - // _rootOverrideConfigPath is the path to an override for the default libpod - // configuration file. If OverrideConfigPath exists, it will be used in - // place of the configuration file pointed to by ConfigPath. - _rootOverrideConfigPath = _etcDir + "/containers/libpod.conf" -) - -// SetOptions contains a subset of options in a Config. It's used to indicate if -// a given option has either been set by the user or by a parsed libpod -// configuration file. If not, the corresponding option might be overwritten by -// values from the database. This behavior guarantees backwards compat with -// older version of libpod and Podman. -type SetOptions struct { - // StorageConfigRunRootSet indicates if the RunRoot has been explicitly set - // by the config or by the user. It's required to guarantee backwards - // compatibility with older versions of libpod for which we must query the - // database configuration. Not included in the on-disk config. - StorageConfigRunRootSet bool `toml:"-"` - - // StorageConfigGraphRootSet indicates if the RunRoot has been explicitly - // set by the config or by the user. It's required to guarantee backwards - // compatibility with older versions of libpod for which we must query the - // database configuration. Not included in the on-disk config. - StorageConfigGraphRootSet bool `toml:"-"` - - // StorageConfigGraphDriverNameSet indicates if the GraphDriverName has been - // explicitly set by the config or by the user. It's required to guarantee - // backwards compatibility with older versions of libpod for which we must - // query the database configuration. Not included in the on-disk config. - StorageConfigGraphDriverNameSet bool `toml:"-"` - - // VolumePathSet indicates if the VolumePath has been explicitly set by the - // config or by the user. It's required to guarantee backwards compatibility - // with older versions of libpod for which we must query the database - // configuration. Not included in the on-disk config. - VolumePathSet bool `toml:"-"` - - // StaticDirSet indicates if the StaticDir has been explicitly set by the - // config or by the user. It's required to guarantee backwards compatibility - // with older versions of libpod for which we must query the database - // configuration. Not included in the on-disk config. - StaticDirSet bool `toml:"-"` - - // TmpDirSet indicates if the TmpDir has been explicitly set by the config - // or by the user. It's required to guarantee backwards compatibility with - // older versions of libpod for which we must query the database - // configuration. Not included in the on-disk config. - TmpDirSet bool `toml:"-"` -} - -// Config contains configuration options used to set up a libpod runtime -type Config struct { - // NOTE: when changing this struct, make sure to update (*Config).Merge(). - - // SetOptions contains a subset of config options. It's used to indicate if - // a given option has either been set by the user or by a parsed libpod - // configuration file. If not, the corresponding option might be - // overwritten by values from the database. This behavior guarantees - // backwards compat with older version of libpod and Podman. - SetOptions - - // StateType is the type of the backing state store. Avoid using multiple - // values for this with the same containers/storage configuration on the - // same system. Different state types do not interact, and each will see a - // separate set of containers, which may cause conflicts in - // containers/storage. As such this is not exposed via the config file. - StateType define.RuntimeStateStore `toml:"-"` - - // StorageConfig is the configuration used by containers/storage Not - // included in the on-disk config, use the dedicated containers/storage - // configuration file instead. - StorageConfig storage.StoreOptions `toml:"-"` - - // VolumePath is the default location that named volumes will be created - // under. This convention is followed by the default volume driver, but - // may not be by other drivers. - VolumePath string `toml:"volume_path,omitempty"` - - // ImageDefaultTransport is the default transport method used to fetch - // images. - ImageDefaultTransport string `toml:"image_default_transport,omitempty"` - - // SignaturePolicyPath is the path to a signature policy to use for - // validating images. If left empty, the containers/image default signature - // policy will be used. - SignaturePolicyPath string `toml:"signature_policy_path,omitempty"` - - // OCIRuntime is the OCI runtime to use. - OCIRuntime string `toml:"runtime,omitempty"` - - // OCIRuntimes are the set of configured OCI runtimes (default is runc). - OCIRuntimes map[string][]string `toml:"runtimes,omitempty"` - - // RuntimeSupportsJSON is the list of the OCI runtimes that support - // --format=json. - RuntimeSupportsJSON []string `toml:"runtime_supports_json,omitempty"` - - // RuntimeSupportsNoCgroups is a list of OCI runtimes that support - // running containers without CGroups. - RuntimeSupportsNoCgroups []string `toml:"runtime_supports_nocgroups,omitempty"` - - // RuntimePath is the path to OCI runtime binary for launching containers. - // The first path pointing to a valid file will be used This is used only - // when there are no OCIRuntime/OCIRuntimes defined. It is used only to be - // backward compatible with older versions of Podman. - RuntimePath []string `toml:"runtime_path,omitempty"` - - // ConmonPath is the path to the Conmon binary used for managing containers. - // The first path pointing to a valid file will be used. - ConmonPath []string `toml:"conmon_path,omitempty"` - - // ConmonEnvVars are environment variables to pass to the Conmon binary - // when it is launched. - ConmonEnvVars []string `toml:"conmon_env_vars,omitempty"` - - // CGroupManager is the CGroup Manager to use Valid values are "cgroupfs" - // and "systemd". - CgroupManager string `toml:"cgroup_manager,omitempty"` - - // InitPath is the path to the container-init binary. - InitPath string `toml:"init_path,omitempty"` - - // StaticDir is the path to a persistent directory to store container - // files. - StaticDir string `toml:"static_dir,omitempty"` - - // TmpDir is the path to a temporary directory to store per-boot container - // files. Must be stored in a tmpfs. - TmpDir string `toml:"tmp_dir,omitempty"` - - // MaxLogSize is the maximum size of container logfiles. - MaxLogSize int64 `toml:"max_log_size,omitempty"` - - // NoPivotRoot sets whether to set no-pivot-root in the OCI runtime. - NoPivotRoot bool `toml:"no_pivot_root,omitempty"` - - // CNIConfigDir sets the directory where CNI configuration files are - // stored. - CNIConfigDir string `toml:"cni_config_dir,omitempty"` - - // CNIPluginDir sets a number of directories where the CNI network - // plugins can be located. - CNIPluginDir []string `toml:"cni_plugin_dir,omitempty"` - - // CNIDefaultNetwork is the network name of the default CNI network - // to attach pods to. - CNIDefaultNetwork string `toml:"cni_default_network,omitempty"` - - // HooksDir holds paths to the directories containing hooks - // configuration files. When the same filename is present in in - // multiple directories, the file in the directory listed last in - // this slice takes precedence. - HooksDir []string `toml:"hooks_dir,omitempty"` - - // DefaultMountsFile is the path to the default mounts file for testing - // purposes only. - DefaultMountsFile string `toml:"-"` - - // Namespace is the libpod namespace to use. Namespaces are used to create - // scopes to separate containers and pods in the state. When namespace is - // set, libpod will only view containers and pods in the same namespace. All - // containers and pods created will default to the namespace set here. A - // namespace of "", the empty string, is equivalent to no namespace, and all - // containers and pods will be visible. The default namespace is "". - Namespace string `toml:"namespace,omitempty"` - - // InfraImage is the image a pod infra container will use to manage - // namespaces. - InfraImage string `toml:"infra_image,omitempty"` - - // InfraCommand is the command run to start up a pod infra container. - InfraCommand string `toml:"infra_command,omitempty"` - - // EnablePortReservation determines whether libpod will reserve ports on the - // host when they are forwarded to containers. When enabled, when ports are - // forwarded to containers, they are held open by conmon as long as the - // container is running, ensuring that they cannot be reused by other - // programs on the host. However, this can cause significant memory usage if - // a container has many ports forwarded to it. Disabling this can save - // memory. - EnablePortReservation bool `toml:"enable_port_reservation,omitempty"` - - // EnableLabeling indicates whether libpod will support container labeling. - EnableLabeling bool `toml:"label,omitempty"` - - // NetworkCmdPath is the path to the slirp4netns binary. - NetworkCmdPath string `toml:"network_cmd_path,omitempty"` - - // NumLocks is the number of locks to make available for containers and - // pods. - NumLocks uint32 `toml:"num_locks,omitempty"` - - // LockType is the type of locking to use. - LockType string `toml:"lock_type,omitempty"` - - // EventsLogger determines where events should be logged. - EventsLogger string `toml:"events_logger,omitempty"` - - // EventsLogFilePath is where the events log is stored. - EventsLogFilePath string `toml:"events_logfile_path,omitempty"` - - //DetachKeys is the sequence of keys used to detach a container. - DetachKeys string `toml:"detach_keys,omitempty"` - - // SDNotify tells Libpod to allow containers to notify the host systemd of - // readiness using the SD_NOTIFY mechanism. - SDNotify bool `toml:",omitempty"` - - // CgroupCheck indicates the configuration has been rewritten after an - // upgrade to Fedora 31 to change the default OCI runtime for cgroupsv2. - CgroupCheck bool `toml:"cgroup_check,omitempty"` -} - -// DBConfig is a set of Libpod runtime configuration settings that are saved in -// a State when it is first created, and can subsequently be retrieved. -type DBConfig struct { - LibpodRoot string - LibpodTmp string - StorageRoot string - StorageTmp string - GraphDriver string - VolumePath string -} - -// readConfigFromFile reads the specified config file at `path` and attempts to -// unmarshal its content into a Config. The config param specifies the previous -// default config. If the path, only specifies a few fields in the Toml file -// the defaults from the config parameter will be used for all other fields. -func readConfigFromFile(path string, config *Config) (*Config, error) { - logrus.Debugf("Reading configuration file %q", path) - _, err := toml.DecodeFile(path, config) - if err != nil { - return nil, fmt.Errorf("unable to decode configuration %v: %v", path, err) - } - - // For the sake of backwards compat we need to check if the config fields - // with *Set suffix are set in the config. Note that the storage-related - // fields are NOT set in the config here but in the storage.conf OR directly - // by the user. - if config.VolumePath != "" { - config.VolumePathSet = true - } - if config.StaticDir != "" { - config.StaticDirSet = true - } - if config.TmpDir != "" { - config.TmpDirSet = true - } - - return config, err -} - -// Write decodes the config as TOML and writes it to the specified path. -func (c *Config) Write(path string) error { - f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0666) - if err != nil { - return errors.Wrapf(err, "error opening config file %q", path) - } - - buffer := new(bytes.Buffer) - if err := toml.NewEncoder(buffer).Encode(c); err != nil { - return errors.Wrapf(err, "error encoding config") - } - - if _, err := f.WriteString(buffer.String()); err != nil { - return errors.Wrapf(err, "error writing config %q", path) - } - return err -} - -// FindConmon iterates over (*Config).ConmonPath and returns the path to first -// (version) matching conmon binary. If non is found, we try to do a path lookup -// of "conmon". -func (c *Config) FindConmon() (string, error) { - foundOutdatedConmon := false - for _, path := range c.ConmonPath { - stat, err := os.Stat(path) - if err != nil { - continue - } - if stat.IsDir() { - continue - } - if err := probeConmon(path); err != nil { - logrus.Warnf("Conmon at %s invalid: %v", path, err) - foundOutdatedConmon = true - continue - } - logrus.Debugf("Using conmon: %q", path) - return path, nil - } - - // Search the $PATH as last fallback - if path, err := exec.LookPath("conmon"); err == nil { - if err := probeConmon(path); err != nil { - logrus.Warnf("Conmon at %s is invalid: %v", path, err) - foundOutdatedConmon = true - } else { - logrus.Debugf("Using conmon from $PATH: %q", path) - return path, nil - } - } - - if foundOutdatedConmon { - return "", errors.Wrapf(define.ErrConmonOutdated, - "please update to v%d.%d.%d or later", - _conmonMinMajorVersion, _conmonMinMinorVersion, _conmonMinPatchVersion) - } - - return "", errors.Wrapf(define.ErrInvalidArg, - "could not find a working conmon binary (configured options: %v)", - c.ConmonPath) -} - -// probeConmon calls conmon --version and verifies it is a new enough version for -// the runtime expectations podman currently has. -func probeConmon(conmonBinary string) error { - cmd := exec.Command(conmonBinary, "--version") - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - if err != nil { - return err - } - r := regexp.MustCompile(`^conmon version (?P<Major>\d+).(?P<Minor>\d+).(?P<Patch>\d+)`) - - matches := r.FindStringSubmatch(out.String()) - if len(matches) != 4 { - return errors.Wrap(err, _conmonVersionFormatErr) - } - major, err := strconv.Atoi(matches[1]) - if err != nil { - return errors.Wrap(err, _conmonVersionFormatErr) - } - if major < _conmonMinMajorVersion { - return define.ErrConmonOutdated - } - if major > _conmonMinMajorVersion { - return nil - } - - minor, err := strconv.Atoi(matches[2]) - if err != nil { - return errors.Wrap(err, _conmonVersionFormatErr) - } - if minor < _conmonMinMinorVersion { - return define.ErrConmonOutdated - } - if minor > _conmonMinMinorVersion { - return nil - } - - patch, err := strconv.Atoi(matches[3]) - if err != nil { - return errors.Wrap(err, _conmonVersionFormatErr) - } - if patch < _conmonMinPatchVersion { - return define.ErrConmonOutdated - } - if patch > _conmonMinPatchVersion { - return nil - } - - return nil -} - -// NewConfig creates a new Config. It starts with an empty config and, if -// specified, merges the config at `userConfigPath` path. Depending if we're -// running as root or rootless, we then merge the system configuration followed -// by merging the default config (hard-coded default in memory). -// -// Note that the OCI runtime is hard-set to `crun` if we're running on a system -// with cgroupsv2. Other OCI runtimes are not yet supporting cgroupsv2. This -// might change in the future. -func NewConfig(userConfigPath string) (*Config, error) { - // Start with the default config and iteratively merge fields in the system - // configs. - config, err := defaultConfigFromMemory() - if err != nil { - return nil, err - } - - // Now, check if the user can access system configs and merge them if needed. - configs, err := systemConfigs() - if err != nil { - return nil, errors.Wrapf(err, "error finding config on system") - } - - for _, path := range configs { - config, err = readConfigFromFile(path, config) - if err != nil { - return nil, errors.Wrapf(err, "error reading system config %q", path) - } - } - - // First, try to read the user-specified config - if userConfigPath != "" { - var err error - config, err = readConfigFromFile(userConfigPath, config) - if err != nil { - return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath) - } - } - - // Since runc does not currently support cgroupV2 - // Change to default crun on first running of libpod.conf - // TODO Once runc has support for cgroups, this function should be removed. - if !config.CgroupCheck && rootless.IsRootless() { - cgroupsV2, err := cgroups.IsCgroup2UnifiedMode() - if err != nil { - return nil, err - } - if cgroupsV2 { - path, err := exec.LookPath("crun") - if err != nil { - // Can't find crun path so do nothing - logrus.Warnf("Can not find crun package on the host, containers might fail to run on cgroup V2 systems without crun: %q", err) - } else { - config.CgroupCheck = true - config.OCIRuntime = path - } - } - } - - // If we need to, switch to cgroupfs and logger=file on rootless. - config.checkCgroupsAndLogger() - - // Relative paths can cause nasty bugs, because core paths we use could - // shift between runs (or even parts of the program - the OCI runtime - // uses a different working directory than we do, for example. - if !filepath.IsAbs(config.StaticDir) { - return nil, errors.Wrapf(define.ErrInvalidArg, "static directory must be an absolute path - instead got %q", config.StaticDir) - } - if !filepath.IsAbs(config.TmpDir) { - return nil, errors.Wrapf(define.ErrInvalidArg, "temporary directory must be an absolute path - instead got %q", config.TmpDir) - } - if !filepath.IsAbs(config.VolumePath) { - return nil, errors.Wrapf(define.ErrInvalidArg, "volume path must be an absolute path - instead got %q", config.VolumePath) - } - - return config, nil -} - -func rootlessConfigPath() (string, error) { - home, err := util.HomeDir() - if err != nil { - return "", err - } - - return filepath.Join(home, _rootlessConfigPath), nil -} - -func systemConfigs() ([]string, error) { - if rootless.IsRootless() { - path, err := rootlessConfigPath() - if err != nil { - return nil, err - } - if _, err := os.Stat(path); err == nil { - return []string{path}, nil - } - return nil, err - } - - configs := []string{} - if _, err := os.Stat(_rootConfigPath); err == nil { - configs = append(configs, _rootConfigPath) - } - if _, err := os.Stat(_rootOverrideConfigPath); err == nil { - configs = append(configs, _rootOverrideConfigPath) - } - return configs, nil -} - -// checkCgroupsAndLogger checks if we're running rootless with the systemd -// cgroup manager. In case the user session isn't available, we're switching the -// cgroup manager to cgroupfs and the events logger backend to 'file'. -// Note, this only applies to rootless. -func (c *Config) checkCgroupsAndLogger() { - if !rootless.IsRootless() || (c.CgroupManager != - define.SystemdCgroupsManager && c.EventsLogger == "file") { - return - } - - session := os.Getenv("DBUS_SESSION_BUS_ADDRESS") - hasSession := session != "" - if hasSession && strings.HasPrefix(session, "unix:path=") { - _, err := os.Stat(strings.TrimPrefix(session, "unix:path=")) - hasSession = err == nil - } - - if !hasSession { - logrus.Warningf("The cgroup manager or the events logger is set to use systemd but there is no systemd user session available") - logrus.Warningf("For using systemd, you may need to login using an user session") - logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibly as root)", rootless.GetRootlessUID()) - logrus.Warningf("Falling back to --cgroup-manager=cgroupfs and --events-backend=file") - c.CgroupManager = define.CgroupfsCgroupsManager - c.EventsLogger = "file" - } -} - -// MergeDBConfig merges the configuration from the database. -func (c *Config) MergeDBConfig(dbConfig *DBConfig) error { - - if !c.StorageConfigRunRootSet && dbConfig.StorageTmp != "" { - if c.StorageConfig.RunRoot != dbConfig.StorageTmp && - c.StorageConfig.RunRoot != "" { - logrus.Debugf("Overriding run root %q with %q from database", - c.StorageConfig.RunRoot, dbConfig.StorageTmp) - } - c.StorageConfig.RunRoot = dbConfig.StorageTmp - } - - if !c.StorageConfigGraphRootSet && dbConfig.StorageRoot != "" { - if c.StorageConfig.GraphRoot != dbConfig.StorageRoot && - c.StorageConfig.GraphRoot != "" { - logrus.Debugf("Overriding graph root %q with %q from database", - c.StorageConfig.GraphRoot, dbConfig.StorageRoot) - } - c.StorageConfig.GraphRoot = dbConfig.StorageRoot - } - - if !c.StorageConfigGraphDriverNameSet && dbConfig.GraphDriver != "" { - if c.StorageConfig.GraphDriverName != dbConfig.GraphDriver && - c.StorageConfig.GraphDriverName != "" { - logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve", - c.StorageConfig.GraphDriverName, dbConfig.GraphDriver) - } - c.StorageConfig.GraphDriverName = dbConfig.GraphDriver - } - - if !c.StaticDirSet && dbConfig.LibpodRoot != "" { - if c.StaticDir != dbConfig.LibpodRoot && c.StaticDir != "" { - logrus.Debugf("Overriding static dir %q with %q from database", c.StaticDir, dbConfig.LibpodRoot) - } - c.StaticDir = dbConfig.LibpodRoot - } - - if !c.TmpDirSet && dbConfig.LibpodTmp != "" { - if c.TmpDir != dbConfig.LibpodTmp && c.TmpDir != "" { - logrus.Debugf("Overriding tmp dir %q with %q from database", c.TmpDir, dbConfig.LibpodTmp) - } - c.TmpDir = dbConfig.LibpodTmp - c.EventsLogFilePath = filepath.Join(dbConfig.LibpodTmp, "events", "events.log") - } - - if !c.VolumePathSet && dbConfig.VolumePath != "" { - if c.VolumePath != dbConfig.VolumePath && c.VolumePath != "" { - logrus.Debugf("Overriding volume path %q with %q from database", c.VolumePath, dbConfig.VolumePath) - } - c.VolumePath = dbConfig.VolumePath - } - return nil -} diff --git a/libpod/config/config_test.go b/libpod/config/config_test.go deleted file mode 100644 index 24620ce0e..000000000 --- a/libpod/config/config_test.go +++ /dev/null @@ -1,58 +0,0 @@ -package config - -import ( - "reflect" - "testing" - - "github.com/containers/libpod/libpod/define" - "github.com/containers/storage" - "github.com/stretchr/testify/assert" -) - -func TestEmptyConfig(t *testing.T) { - // Make sure that we can read empty configs - config, err := readConfigFromFile("testdata/empty.conf", &Config{}) - assert.NotNil(t, config) - assert.Nil(t, err) -} - -func TestDefaultLibpodConf(t *testing.T) { - // Make sure that we can read the default libpod.conf - config, err := readConfigFromFile("testdata/libpod.conf", &Config{}) - assert.NotNil(t, config) - assert.Nil(t, err) -} - -func TestMergeEmptyAndDefaultMemoryConfig(t *testing.T) { - // Make sure that when we merge the default config into an empty one that we - // effectively get the default config. - defaultConfig, err := defaultConfigFromMemory() - assert.NotNil(t, defaultConfig) - assert.Nil(t, err) - defaultConfig.StateType = define.InvalidStateStore - defaultConfig.StorageConfig = storage.StoreOptions{} - - emptyConfig, err := readConfigFromFile("testdata/empty.conf", defaultConfig) - assert.NotNil(t, emptyConfig) - assert.Nil(t, err) - - equal := reflect.DeepEqual(emptyConfig, defaultConfig) - assert.True(t, equal) -} - -func TestMergeEmptyAndLibpodConfig(t *testing.T) { - // Make sure that when we merge the default config into an empty one that we - // effectively get the default config. - libpodConfig, err := readConfigFromFile("testdata/libpod.conf", &Config{}) - assert.NotNil(t, libpodConfig) - assert.Nil(t, err) - libpodConfig.StateType = define.InvalidStateStore - libpodConfig.StorageConfig = storage.StoreOptions{} - - emptyConfig, err := readConfigFromFile("testdata/empty.conf", libpodConfig) - assert.NotNil(t, emptyConfig) - assert.Nil(t, err) - - equal := reflect.DeepEqual(emptyConfig, libpodConfig) - assert.True(t, equal) -} diff --git a/libpod/config/default.go b/libpod/config/default.go deleted file mode 100644 index c4a4efdaf..000000000 --- a/libpod/config/default.go +++ /dev/null @@ -1,153 +0,0 @@ -package config - -import ( - "os" - "path/filepath" - - "github.com/containers/libpod/libpod/define" - "github.com/containers/libpod/libpod/events" - "github.com/containers/libpod/pkg/cgroups" - "github.com/containers/libpod/pkg/rootless" - "github.com/containers/libpod/pkg/util" - "github.com/containers/storage" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" -) - -const ( - // _defaultGraphRoot points to the default path of the graph root. - _defaultGraphRoot = "/var/lib/containers/storage" - // _defaultRootlessSignaturePolicyPath points to the default path of the - // rootless policy.json file. - _defaultRootlessSignaturePolicyPath = ".config/containers/policy.json" -) - -// defaultConfigFromMemory returns a default libpod configuration. Note that the -// config is different for root and rootless. It also parses the storage.conf. -func defaultConfigFromMemory() (*Config, error) { - c := new(Config) - tmp, err := defaultTmpDir() - if err != nil { - return nil, err - } - c.TmpDir = tmp - - c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log") - - storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) - if err != nil { - return nil, err - } - if storeOpts.GraphRoot == "" { - logrus.Warnf("Storage configuration is unset - using hardcoded default graph root %q", _defaultGraphRoot) - storeOpts.GraphRoot = _defaultGraphRoot - } - c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod") - c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes") - c.StorageConfig = storeOpts - - c.ImageDefaultTransport = _defaultTransport - c.StateType = define.BoltDBStateStore - c.OCIRuntime = "runc" - - // If we're running on cgroups v2, default to using crun. - if onCgroupsv2, _ := cgroups.IsCgroup2UnifiedMode(); onCgroupsv2 { - c.OCIRuntime = "crun" - } - - c.OCIRuntimes = map[string][]string{ - "runc": { - "/usr/bin/runc", - "/usr/sbin/runc", - "/usr/local/bin/runc", - "/usr/local/sbin/runc", - "/sbin/runc", - "/bin/runc", - "/usr/lib/cri-o-runc/sbin/runc", - "/run/current-system/sw/bin/runc", - }, - "crun": { - "/usr/bin/crun", - "/usr/sbin/crun", - "/usr/local/bin/crun", - "/usr/local/sbin/crun", - "/sbin/crun", - "/bin/crun", - "/run/current-system/sw/bin/crun", - }, - } - c.ConmonPath = []string{ - "/usr/libexec/podman/conmon", - "/usr/local/libexec/podman/conmon", - "/usr/local/lib/podman/conmon", - "/usr/bin/conmon", - "/usr/sbin/conmon", - "/usr/local/bin/conmon", - "/usr/local/sbin/conmon", - "/run/current-system/sw/bin/conmon", - } - c.ConmonEnvVars = []string{ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - } - c.RuntimeSupportsJSON = []string{ - "crun", - "runc", - } - c.RuntimeSupportsNoCgroups = []string{"crun"} - c.InitPath = define.DefaultInitPath - c.CgroupManager = define.SystemdCgroupsManager - c.MaxLogSize = -1 - c.NoPivotRoot = false - c.CNIConfigDir = _etcDir + "/cni/net.d/" - c.CNIPluginDir = []string{ - "/usr/libexec/cni", - "/usr/lib/cni", - "/usr/local/lib/cni", - "/opt/cni/bin", - } - c.CNIDefaultNetwork = "podman" - c.InfraCommand = define.DefaultInfraCommand - c.InfraImage = define.DefaultInfraImage - c.EnablePortReservation = true - c.EnableLabeling = true - c.NumLocks = 2048 - c.EventsLogger = events.DefaultEventerType.String() - c.DetachKeys = define.DefaultDetachKeys - // TODO - ideally we should expose a `type LockType string` along with - // constants. - c.LockType = "shm" - - if rootless.IsRootless() { - home, err := util.HomeDir() - if err != nil { - return nil, err - } - sigPath := filepath.Join(home, _defaultRootlessSignaturePolicyPath) - if _, err := os.Stat(sigPath); err == nil { - c.SignaturePolicyPath = sigPath - } - } - return c, nil -} - -func defaultTmpDir() (string, error) { - if !rootless.IsRootless() { - return "/var/run/libpod", nil - } - - runtimeDir, err := util.GetRuntimeDir() - if err != nil { - return "", err - } - libpodRuntimeDir := filepath.Join(runtimeDir, "libpod") - - if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil { - if !os.IsExist(err) { - return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir) - } else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil { - // The directory already exist, just set the sticky bit - return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir) - } - } - return filepath.Join(libpodRuntimeDir, "tmp"), nil -} diff --git a/libpod/config/testdata/empty.conf b/libpod/config/testdata/empty.conf deleted file mode 100644 index e69de29bb..000000000 --- a/libpod/config/testdata/empty.conf +++ /dev/null diff --git a/libpod/config/testdata/libpod.conf b/libpod/config/testdata/libpod.conf deleted file mode 120000 index 17d09fe4a..000000000 --- a/libpod/config/testdata/libpod.conf +++ /dev/null @@ -1 +0,0 @@ -../../../libpod.conf
\ No newline at end of file diff --git a/libpod/container.go b/libpod/container.go index e59fb9fe8..c1deb95f9 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -11,6 +11,7 @@ import ( "github.com/containernetworking/cni/pkg/types" cnitypes "github.com/containernetworking/cni/pkg/types/current" + "github.com/containers/common/pkg/config" "github.com/containers/image/v5/manifest" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/lock" @@ -1083,10 +1084,10 @@ func (c *Container) NamespacePath(linuxNS LinuxNS) (string, error) { //nolint:in // CGroupPath returns a cgroups "path" for a given container. func (c *Container) CGroupPath() (string, error) { - switch c.runtime.config.CgroupManager { - case define.CgroupfsCgroupsManager: + switch c.runtime.config.Engine.CgroupManager { + case config.CgroupfsCgroupsManager: return filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())), nil - case define.SystemdCgroupsManager: + case config.SystemdCgroupsManager: if rootless.IsRootless() { uid := rootless.GetRootlessUID() parts := strings.SplitN(c.config.CgroupParent, "/", 2) @@ -1100,7 +1101,7 @@ func (c *Container) CGroupPath() (string, error) { } return filepath.Join(c.config.CgroupParent, createUnitName("libpod", c.ID())), nil default: - return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.CgroupManager) + return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.Engine.CgroupManager) } } diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index 7552eb483..f81be8b22 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -4,6 +4,7 @@ import ( "fmt" "strings" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/driver" "github.com/containers/libpod/pkg/util" @@ -769,10 +770,10 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named // CGroup parent // Need to check if it's the default, and not print if so. defaultCgroupParent := "" - switch c.runtime.config.CgroupManager { - case define.CgroupfsCgroupsManager: + switch c.runtime.config.Engine.CgroupManager { + case config.CgroupfsCgroupsManager: defaultCgroupParent = CgroupfsDefaultCgroupParent - case define.SystemdCgroupsManager: + case config.SystemdCgroupsManager: defaultCgroupParent = SystemdDefaultCgroupParent } if c.config.CgroupParent != defaultCgroupParent { diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 7a85c1f04..4e18819b8 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -515,14 +515,14 @@ func (c *Container) refresh() error { c.state.RunDir = dir if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 { - info, err := os.Stat(c.runtime.config.TmpDir) + info, err := os.Stat(c.runtime.config.Engine.TmpDir) if err != nil { - return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.TmpDir) + return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.Engine.TmpDir) } - if err := os.Chmod(c.runtime.config.TmpDir, info.Mode()|0111); err != nil { - return errors.Wrapf(err, "cannot chmod `%s`", c.runtime.config.TmpDir) + if err := os.Chmod(c.runtime.config.Engine.TmpDir, info.Mode()|0111); err != nil { + return errors.Wrapf(err, "cannot chmod `%s`", c.runtime.config.Engine.TmpDir) } - root := filepath.Join(c.runtime.config.TmpDir, "containers-root", c.ID()) + root := filepath.Join(c.runtime.config.Engine.TmpDir, "containers-root", c.ID()) if err := os.MkdirAll(root, 0755); err != nil { return errors.Wrapf(err, "error creating userNS tmpdir for container %s", c.ID()) } @@ -898,7 +898,7 @@ func (c *Container) completeNetworkSetup() error { if err := c.syncContainer(); err != nil { return err } - if c.config.NetMode == "slirp4netns" { + if c.config.NetMode.IsSlirp4netns() { return c.runtime.setupRootlessNetNS(c) } if err := c.runtime.setupNetNS(c); err != nil { @@ -1689,7 +1689,7 @@ func (c *Container) saveSpec(spec *spec.Spec) error { // Warning: precreate hooks may alter 'config' in place. func (c *Container) setupOCIHooks(ctx context.Context, config *spec.Spec) (extensionStageHooks map[string][]spec.Hook, err error) { allHooks := make(map[string][]spec.Hook) - if c.runtime.config.HooksDir == nil { + if c.runtime.config.Engine.HooksDir == nil { if rootless.IsRootless() { return nil, nil } @@ -1713,7 +1713,7 @@ func (c *Container) setupOCIHooks(ctx context.Context, config *spec.Spec) (exten } } } else { - manager, err := hooks.New(ctx, c.runtime.config.HooksDir, []string{"precreate", "poststop"}) + manager, err := hooks.New(ctx, c.runtime.config.Engine.HooksDir, []string{"precreate", "poststop"}) if err != nil { return nil, err } diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 2f0f59c24..a3f97f2a6 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -20,6 +20,7 @@ import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containernetworking/plugins/pkg/ns" "github.com/containers/buildah/pkg/secrets" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" "github.com/containers/libpod/pkg/annotations" @@ -29,6 +30,7 @@ import ( "github.com/containers/libpod/pkg/lookup" "github.com/containers/libpod/pkg/resolvconf" "github.com/containers/libpod/pkg/rootless" + "github.com/containers/libpod/pkg/util" "github.com/containers/storage/pkg/archive" securejoin "github.com/cyphar/filepath-securejoin" "github.com/opencontainers/runc/libcontainer/user" @@ -92,7 +94,7 @@ func (c *Container) prepare() error { } // handle rootless network namespace setup - if c.state.NetNS != nil && c.config.NetMode == "slirp4netns" && !c.config.PostConfigureNetNS { + if c.state.NetNS != nil && c.config.NetMode.IsSlirp4netns() && !c.config.PostConfigureNetNS { createNetNSErr = c.runtime.setupRootlessNetNS(c) } }() @@ -1213,7 +1215,7 @@ func (c *Container) makeBindMounts() error { } // Add Secret Mounts - secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.DefaultMountsFile, c.state.RunDir, c.RootUID(), c.RootGID(), rootless.IsRootless(), false) + secretMounts := secrets.SecretMountsWithUIDGID(c.config.MountLabel, c.state.RunDir, c.runtime.config.Containers.DefaultMountsFile, c.state.RunDir, c.RootUID(), c.RootGID(), rootless.IsRootless(), false) for _, mount := range secretMounts { if _, ok := c.state.BindMounts[mount.Destination]; !ok { c.state.BindMounts[mount.Destination] = mount.Source @@ -1274,11 +1276,21 @@ func (c *Container) generateResolvConf() (string, error) { } } + var dns []net.IP + for _, i := range c.runtime.config.Containers.DNSServers { + result := net.ParseIP(i) + if result == nil { + return "", errors.Wrapf(define.ErrInvalidArg, "invalid IP address %s", i) + } + dns = append(dns, result) + } + dnsServers := append(dns, c.config.DNSServer...) // If the user provided dns, it trumps all; then dns masq; then resolv.conf switch { - case len(c.config.DNSServer) > 0: + case len(dnsServers) > 0: + // We store DNS servers as net.IP, so need to convert to string - for _, server := range c.config.DNSServer { + for _, server := range dnsServers { nameservers = append(nameservers, server.String()) } case len(cniNameServers) > 0: @@ -1292,14 +1304,22 @@ func (c *Container) generateResolvConf() (string, error) { } } - search := resolvconf.GetSearchDomains(resolv.Content) - if len(c.config.DNSSearch) > 0 { - search = c.config.DNSSearch + var search []string + if len(c.config.DNSSearch) > 0 || len(c.runtime.config.Containers.DNSSearches) > 0 { + if !util.StringInSlice(".", c.config.DNSSearch) { + search = c.runtime.config.Containers.DNSSearches + search = append(search, c.config.DNSSearch...) + } + } else { + search = resolvconf.GetSearchDomains(resolv.Content) } - options := resolvconf.GetOptions(resolv.Content) - if len(c.config.DNSOption) > 0 { - options = c.config.DNSOption + var options []string + if len(c.config.DNSOption) > 0 || len(c.runtime.config.Containers.DNSOptions) > 0 { + options = c.runtime.config.Containers.DNSOptions + options = append(options, c.config.DNSOption...) + } else { + options = resolvconf.GetOptions(resolv.Content) } destPath := filepath.Join(c.state.RunDir, "resolv.conf") @@ -1445,14 +1465,14 @@ func (c *Container) getOCICgroupPath() (string, error) { switch { case (rootless.IsRootless() && !unified) || c.config.NoCgroups: return "", nil - case c.runtime.config.CgroupManager == define.SystemdCgroupsManager: + case c.runtime.config.Engine.CgroupManager == config.SystemdCgroupsManager: // When runc is set to use Systemd as a cgroup manager, it // expects cgroups to be passed as follows: // slice:prefix:name systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID()) logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups) return systemdCgroups, nil - case c.runtime.config.CgroupManager == define.CgroupfsCgroupsManager: + case c.runtime.config.Engine.CgroupManager == config.CgroupfsCgroupsManager: cgroupPath, err := c.CGroupPath() if err != nil { return "", err @@ -1460,6 +1480,6 @@ func (c *Container) getOCICgroupPath() (string, error) { logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath) return cgroupPath, nil default: - return "", errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager %s requested", c.runtime.config.CgroupManager) + return "", errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager %s requested", c.runtime.config.Engine.CgroupManager) } } diff --git a/libpod/define/config.go b/libpod/define/config.go index c06c32471..5598f97a3 100644 --- a/libpod/define/config.go +++ b/libpod/define/config.go @@ -1,8 +1,6 @@ package define var ( - // DefaultInitPath is the default path to the container-init binary - DefaultInitPath = "/usr/libexec/podman/catatonit" // DefaultInfraImage to use for infra container DefaultInfraImage = "k8s.gcr.io/pause:3.2" // DefaultInfraCommand to be run in an infra container @@ -11,15 +9,9 @@ var ( DefaultSHMLockPath = "/libpod_lock" // DefaultRootlessSHMLockPath is the default path for rootless SHM locks DefaultRootlessSHMLockPath = "/libpod_rootless_lock" - // DefaultDetachKeys is the default keys sequence for detaching a - // container - DefaultDetachKeys = "ctrl-p,ctrl-q" ) const ( - // CtrRemoveTimeout is the default number of seconds to wait after stopping a container - // before sending the kill signal - CtrRemoveTimeout = 10 // DefaultTransport is a prefix that we apply to an image name // to check docker hub first for the image DefaultTransport = "docker://" diff --git a/libpod/define/runtime.go b/libpod/define/runtime.go index 4d8c6cb4d..1539e19ee 100644 --- a/libpod/define/runtime.go +++ b/libpod/define/runtime.go @@ -18,10 +18,6 @@ const ( SQLiteStateStore RuntimeStateStore = iota // BoltDBStateStore is a state backed by a BoltDB database BoltDBStateStore RuntimeStateStore = iota - // CgroupfsCgroupsManager represents cgroupfs native cgroup manager - CgroupfsCgroupsManager = "cgroupfs" - // SystemdCgroupsManager represents systemd native cgroup manager - SystemdCgroupsManager = "systemd" // ContainerCreateTimeout is the timeout before we decide we've failed // to create a container. // TODO: Make this generic - all OCI runtime operations should use the @@ -29,9 +25,4 @@ const ( // TODO: Consider dropping from 240 to 60 seconds. I don't think waiting // 4 minutes versus 1 minute makes a real difference. ContainerCreateTimeout = 240 * time.Second - // DefaultShmSize is the default shm size - DefaultShmSize = 64 * 1024 * 1024 - // NsRunDir is the default directory in which running network namespaces - // are stored - NsRunDir = "/var/run/netns" ) diff --git a/libpod/events.go b/libpod/events.go index be21e510a..20ebecc66 100644 --- a/libpod/events.go +++ b/libpod/events.go @@ -11,8 +11,8 @@ import ( // newEventer returns an eventer that can be used to read/write events func (r *Runtime) newEventer() (events.Eventer, error) { options := events.EventerOptions{ - EventerType: r.config.EventsLogger, - LogFilePath: r.config.EventsLogFilePath, + EventerType: r.config.Engine.EventsLogger, + LogFilePath: r.config.Engine.EventsLogFilePath, } return events.NewEventer(options) } diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go index ca562ab7e..2f802f333 100644 --- a/libpod/in_memory_state.go +++ b/libpod/in_memory_state.go @@ -3,7 +3,6 @@ package libpod import ( "strings" - "github.com/containers/libpod/libpod/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/registrar" "github.com/containers/storage/pkg/truncindex" @@ -90,8 +89,8 @@ func (s *InMemoryState) Refresh() error { // GetDBConfig is not implemented for in-memory state. // As we do not store a config, return an empty one. -func (s *InMemoryState) GetDBConfig() (*config.DBConfig, error) { - return &config.DBConfig{}, nil +func (s *InMemoryState) GetDBConfig() (*DBConfig, error) { + return &DBConfig{}, nil } // ValidateDBConfig is not implemented for the in-memory state. diff --git a/libpod/info.go b/libpod/info.go index e5c075d97..8d411f0d4 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -165,7 +165,7 @@ func (r *Runtime) storeInfo() (map[string]interface{}, error) { } } info["GraphOptions"] = graphOptions - info["VolumePath"] = r.config.VolumePath + info["VolumePath"] = r.config.Engine.VolumePath configFile, err := storage.DefaultConfigFile(rootless.IsRootless()) if err != nil { diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index ab6ec4439..c3a90f481 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -148,7 +148,7 @@ func (r *Runtime) createNetNS(ctr *Container) (n ns.NetNS, q []*cnitypes.Result, logrus.Debugf("Made network namespace at %s for container %s", ctrNS.Path(), ctr.ID()) networkStatus := []*cnitypes.Result{} - if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" { + if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() { networkStatus, err = r.configureNetNS(ctr, ctrNS) } return ctrNS, networkStatus, err @@ -177,7 +177,7 @@ func checkSlirpFlags(path string) (*slirpFeatures, error) { // Configure the network namespace for a rootless container func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) { - path := r.config.NetworkCmdPath + path := r.config.Engine.NetworkCmdPath if path == "" { var err error @@ -196,7 +196,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) { defer errorhandling.CloseQuiet(syncW) havePortMapping := len(ctr.Config().PortMappings) > 0 - logPath := filepath.Join(ctr.runtime.config.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID)) + logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID)) cmdArgs := []string{} slirpFeatures, err := checkSlirpFlags(path) @@ -338,7 +338,7 @@ func (r *Runtime) setupRootlessPortMapping(ctr *Container, netnsPath string) (er defer errorhandling.CloseQuiet(syncR) defer errorhandling.CloseQuiet(syncW) - logPath := filepath.Join(ctr.runtime.config.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID)) + logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID)) logFile, err := os.Create(logPath) if err != nil { return errors.Wrapf(err, "failed to open rootlessport log file %s", logPath) @@ -362,7 +362,7 @@ func (r *Runtime) setupRootlessPortMapping(ctr *Container, netnsPath string) (er NetNSPath: netnsPath, ExitFD: 3, ReadyFD: 4, - TmpDir: ctr.runtime.config.TmpDir, + TmpDir: ctr.runtime.config.Engine.TmpDir, } cfgJSON, err := json.Marshal(cfg) if err != nil { @@ -485,7 +485,7 @@ func (r *Runtime) teardownNetNS(ctr *Container) error { logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID()) // rootless containers do not use the CNI plugin - if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" { + if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() { var requestedIP net.IP if ctr.requestedIP != nil { requestedIP = ctr.requestedIP diff --git a/libpod/oci_attach_linux.go b/libpod/oci_attach_linux.go index 5fc46c31c..433993edb 100644 --- a/libpod/oci_attach_linux.go +++ b/libpod/oci_attach_linux.go @@ -9,6 +9,7 @@ import ( "os" "path/filepath" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/errorhandling" "github.com/containers/libpod/pkg/kubeutils" @@ -104,7 +105,7 @@ func (c *Container) attachToExec(streams *AttachStreams, keys *string, sessionID defer errorhandling.CloseQuiet(startFd) defer errorhandling.CloseQuiet(attachFd) - detachString := define.DefaultDetachKeys + detachString := config.DefaultDetachKeys if keys != nil { detachString = *keys } diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 6d9a976cb..ce888c690 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -20,8 +20,8 @@ import ( "text/template" "time" + "github.com/containers/common/pkg/config" conmonConfig "github.com/containers/conmon/runner/config" - "github.com/containers/libpod/libpod/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/errorhandling" @@ -80,13 +80,13 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime runtime.name = name runtime.conmonPath = conmonPath - runtime.conmonEnv = runtimeCfg.ConmonEnvVars - runtime.cgroupManager = runtimeCfg.CgroupManager - runtime.tmpDir = runtimeCfg.TmpDir - runtime.logSizeMax = runtimeCfg.MaxLogSize - runtime.noPivot = runtimeCfg.NoPivotRoot - runtime.reservePorts = runtimeCfg.EnablePortReservation - runtime.sdNotify = runtimeCfg.SDNotify + runtime.conmonEnv = runtimeCfg.Engine.ConmonEnvVars + runtime.cgroupManager = runtimeCfg.Engine.CgroupManager + runtime.tmpDir = runtimeCfg.Engine.TmpDir + runtime.logSizeMax = runtimeCfg.Containers.LogSizeMax + runtime.noPivot = runtimeCfg.Engine.NoPivotRoot + runtime.reservePorts = runtimeCfg.Engine.EnablePortReservation + runtime.sdNotify = runtimeCfg.Engine.SDNotify // TODO: probe OCI runtime for feature and enable automatically if // available. @@ -127,7 +127,7 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime runtime.exitsDir = filepath.Join(runtime.tmpDir, "exits") runtime.socketsDir = filepath.Join(runtime.tmpDir, "socket") - if runtime.cgroupManager != define.CgroupfsCgroupsManager && runtime.cgroupManager != define.SystemdCgroupsManager { + if runtime.cgroupManager != config.CgroupfsCgroupsManager && runtime.cgroupManager != config.SystemdCgroupsManager { return nil, errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager specified: %s", runtime.cgroupManager) } @@ -177,7 +177,7 @@ func hasCurrentUserMapped(ctr *Container) bool { // CreateContainer creates a container. func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error) { if !hasCurrentUserMapped(ctr) { - for _, i := range []string{ctr.state.RunDir, ctr.runtime.config.TmpDir, ctr.config.StaticDir, ctr.state.Mountpoint, ctr.runtime.config.VolumePath} { + for _, i := range []string{ctr.state.RunDir, ctr.runtime.config.Engine.TmpDir, ctr.config.StaticDir, ctr.state.Mountpoint, ctr.runtime.config.Engine.VolumePath} { if err := makeAccessible(i, ctr.RootUID(), ctr.RootGID()); err != nil { return err } @@ -519,7 +519,7 @@ func (r *ConmonOCIRuntime) HTTPAttach(ctr *Container, httpConn net.Conn, httpBuf logrus.Debugf("Successfully connected to container %s attach socket %s", ctr.ID(), socketPath) - detachString := define.DefaultDetachKeys + detachString := ctr.runtime.config.Engine.DetachKeys if detachKeys != nil { detachString = *detachKeys } @@ -1365,7 +1365,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*o func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath, logTag string) []string { // set the conmon API version to be able to use the correct sync struct keys args := []string{"--api-version", "1"} - if r.cgroupManager == define.SystemdCgroupsManager && !ctr.config.NoCgroups { + if r.cgroupManager == config.SystemdCgroupsManager && !ctr.config.NoCgroups { args = append(args, "-s") } args = append(args, "-c", ctr.ID()) @@ -1483,7 +1483,7 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec if mustCreateCgroup { cgroupParent := ctr.CgroupParent() - if r.cgroupManager == define.SystemdCgroupsManager { + if r.cgroupManager == config.SystemdCgroupsManager { unitName := createUnitName("libpod-conmon", ctr.ID()) realCgroupParent := cgroupParent diff --git a/libpod/oci_conmon_unsupported.go b/libpod/oci_conmon_unsupported.go index a2f52f527..395b6f6d9 100644 --- a/libpod/oci_conmon_unsupported.go +++ b/libpod/oci_conmon_unsupported.go @@ -3,7 +3,8 @@ package libpod import ( - "github.com/containers/libpod/libpod/config" + "github.com/containers/common/pkg/config" + "github.com/containers/libpod/libpod/define" ) diff --git a/libpod/oci_missing.go b/libpod/oci_missing.go index 326591d89..a5d589255 100644 --- a/libpod/oci_missing.go +++ b/libpod/oci_missing.go @@ -50,7 +50,7 @@ func getMissingRuntime(name string, r *Runtime) (OCIRuntime, error) { newRuntime := new(MissingRuntime) newRuntime.name = name - newRuntime.exitsDir = filepath.Join(r.config.TmpDir, "exits") + newRuntime.exitsDir = filepath.Join(r.config.Engine.TmpDir, "exits") missingRuntimes[name] = newRuntime diff --git a/libpod/options.go b/libpod/options.go index 74f9c485e..dfbec364a 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -7,6 +7,7 @@ import ( "regexp" "syscall" + "github.com/containers/common/pkg/config" "github.com/containers/image/v5/manifest" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" @@ -42,48 +43,48 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption { setField := false if config.RunRoot != "" { - rt.config.StorageConfig.RunRoot = config.RunRoot - rt.config.StorageConfigRunRootSet = true + rt.storageConfig.RunRoot = config.RunRoot + rt.storageSet.RunRootSet = true setField = true } if config.GraphRoot != "" { - rt.config.StorageConfig.GraphRoot = config.GraphRoot - rt.config.StorageConfigGraphRootSet = true + rt.storageConfig.GraphRoot = config.GraphRoot + rt.storageSet.GraphRootSet = true // Also set libpod static dir, so we are a subdirectory // of the c/storage store by default - rt.config.StaticDir = filepath.Join(config.GraphRoot, "libpod") - rt.config.StaticDirSet = true + rt.config.Engine.StaticDir = filepath.Join(config.GraphRoot, "libpod") + rt.storageSet.StaticDirSet = true // Also set libpod volume path, so we are a subdirectory // of the c/storage store by default - rt.config.VolumePath = filepath.Join(config.GraphRoot, "volumes") - rt.config.VolumePathSet = true + rt.config.Engine.VolumePath = filepath.Join(config.GraphRoot, "volumes") + rt.storageSet.VolumePathSet = true setField = true } if config.GraphDriverName != "" { - rt.config.StorageConfig.GraphDriverName = config.GraphDriverName - rt.config.StorageConfigGraphDriverNameSet = true + rt.storageConfig.GraphDriverName = config.GraphDriverName + rt.storageSet.GraphDriverNameSet = true setField = true } if config.GraphDriverOptions != nil { - rt.config.StorageConfig.GraphDriverOptions = make([]string, len(config.GraphDriverOptions)) - copy(rt.config.StorageConfig.GraphDriverOptions, config.GraphDriverOptions) + rt.storageConfig.GraphDriverOptions = make([]string, len(config.GraphDriverOptions)) + copy(rt.storageConfig.GraphDriverOptions, config.GraphDriverOptions) setField = true } if config.UIDMap != nil { - rt.config.StorageConfig.UIDMap = make([]idtools.IDMap, len(config.UIDMap)) - copy(rt.config.StorageConfig.UIDMap, config.UIDMap) + rt.storageConfig.UIDMap = make([]idtools.IDMap, len(config.UIDMap)) + copy(rt.storageConfig.UIDMap, config.UIDMap) } if config.GIDMap != nil { - rt.config.StorageConfig.GIDMap = make([]idtools.IDMap, len(config.GIDMap)) - copy(rt.config.StorageConfig.GIDMap, config.GIDMap) + rt.storageConfig.GIDMap = make([]idtools.IDMap, len(config.GIDMap)) + copy(rt.storageConfig.GIDMap, config.GIDMap) } // If any one of runroot, graphroot, graphdrivername, @@ -94,11 +95,11 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption { if err != nil { return err } - if rt.config.StorageConfig.GraphRoot == "" { - rt.config.StorageConfig.GraphRoot = storeOpts.GraphRoot + if rt.storageConfig.GraphRoot == "" { + rt.storageConfig.GraphRoot = storeOpts.GraphRoot } - if rt.config.StorageConfig.RunRoot == "" { - rt.config.StorageConfig.RunRoot = storeOpts.RunRoot + if rt.storageConfig.RunRoot == "" { + rt.storageConfig.RunRoot = storeOpts.RunRoot } } @@ -113,7 +114,7 @@ func WithDefaultTransport(defaultTransport string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.ImageDefaultTransport = defaultTransport + rt.config.Engine.ImageDefaultTransport = defaultTransport return nil } @@ -129,7 +130,7 @@ func WithSignaturePolicy(path string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.SignaturePolicyPath = path + rt.config.Engine.SignaturePolicyPath = path return nil } @@ -139,17 +140,17 @@ func WithSignaturePolicy(path string) RuntimeOption { // Please note that information is not portable between backing states. // As such, if this differs between two libpods running on the same system, // they will not share containers, and unspecified behavior may occur. -func WithStateType(storeType define.RuntimeStateStore) RuntimeOption { +func WithStateType(storeType config.RuntimeStateStore) RuntimeOption { return func(rt *Runtime) error { if rt.valid { return define.ErrRuntimeFinalized } - if storeType == define.InvalidStateStore { + if storeType == config.InvalidStateStore { return errors.Wrapf(define.ErrInvalidArg, "must provide a valid state store type") } - rt.config.StateType = storeType + rt.config.Engine.StateType = storeType return nil } @@ -166,8 +167,7 @@ func WithOCIRuntime(runtime string) RuntimeOption { return errors.Wrapf(define.ErrInvalidArg, "must provide a valid path") } - rt.config.OCIRuntime = runtime - rt.config.RuntimePath = nil + rt.config.Engine.OCIRuntime = runtime return nil } @@ -185,7 +185,7 @@ func WithConmonPath(path string) RuntimeOption { return errors.Wrapf(define.ErrInvalidArg, "must provide a valid path") } - rt.config.ConmonPath = []string{path} + rt.config.Engine.ConmonPath = []string{path} return nil } @@ -198,8 +198,8 @@ func WithConmonEnv(environment []string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.ConmonEnvVars = make([]string, len(environment)) - copy(rt.config.ConmonEnvVars, environment) + rt.config.Engine.ConmonEnvVars = make([]string, len(environment)) + copy(rt.config.Engine.ConmonEnvVars, environment) return nil } @@ -213,7 +213,7 @@ func WithNetworkCmdPath(path string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.NetworkCmdPath = path + rt.config.Engine.NetworkCmdPath = path return nil } @@ -228,12 +228,12 @@ func WithCgroupManager(manager string) RuntimeOption { return define.ErrRuntimeFinalized } - if manager != define.CgroupfsCgroupsManager && manager != define.SystemdCgroupsManager { + if manager != config.CgroupfsCgroupsManager && manager != config.SystemdCgroupsManager { return errors.Wrapf(define.ErrInvalidArg, "CGroup manager must be one of %s and %s", - define.CgroupfsCgroupsManager, define.SystemdCgroupsManager) + config.CgroupfsCgroupsManager, config.SystemdCgroupsManager) } - rt.config.CgroupManager = manager + rt.config.Engine.CgroupManager = manager return nil } @@ -247,8 +247,8 @@ func WithStaticDir(dir string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.StaticDir = dir - rt.config.StaticDirSet = true + rt.config.Engine.StaticDir = dir + rt.config.Engine.StaticDirSet = true return nil } @@ -267,7 +267,7 @@ func WithHooksDir(hooksDirs ...string) RuntimeOption { } } - rt.config.HooksDir = hooksDirs + rt.config.Engine.HooksDir = hooksDirs return nil } } @@ -285,7 +285,7 @@ func WithDefaultMountsFile(mountsFile string) RuntimeOption { if mountsFile == "" { return define.ErrInvalidArg } - rt.config.DefaultMountsFile = mountsFile + rt.config.Containers.DefaultMountsFile = mountsFile return nil } } @@ -298,8 +298,8 @@ func WithTmpDir(dir string) RuntimeOption { if rt.valid { return define.ErrRuntimeFinalized } - rt.config.TmpDir = dir - rt.config.TmpDirSet = true + rt.config.Engine.TmpDir = dir + rt.config.Engine.TmpDirSet = true return nil } @@ -322,7 +322,7 @@ func WithMaxLogSize(limit int64) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.MaxLogSize = limit + rt.config.Containers.LogSizeMax = limit return nil } @@ -336,7 +336,7 @@ func WithNoPivotRoot() RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.NoPivotRoot = true + rt.config.Engine.NoPivotRoot = true return nil } @@ -349,7 +349,7 @@ func WithCNIConfigDir(dir string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.CNIConfigDir = dir + rt.config.Network.NetworkConfigDir = dir return nil } @@ -362,7 +362,7 @@ func WithCNIPluginDir(dir string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.CNIPluginDir = []string{dir} + rt.config.Network.CNIPluginDirs = []string{dir} return nil } @@ -382,7 +382,7 @@ func WithNamespace(ns string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.Namespace = ns + rt.config.Engine.Namespace = ns return nil } @@ -397,8 +397,8 @@ func WithVolumePath(volPath string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.VolumePath = volPath - rt.config.VolumePathSet = true + rt.config.Engine.VolumePath = volPath + rt.config.Engine.VolumePathSet = true return nil } @@ -415,7 +415,7 @@ func WithDefaultInfraImage(img string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.InfraImage = img + rt.config.Engine.InfraImage = img return nil } @@ -429,7 +429,7 @@ func WithDefaultInfraCommand(cmd string) RuntimeOption { return define.ErrRuntimeFinalized } - rt.config.InfraCommand = cmd + rt.config.Engine.InfraCommand = cmd return nil } @@ -452,7 +452,7 @@ func WithRenumber() RuntimeOption { } // WithMigrate instructs libpod to migrate container configurations to account -// for changes between Libpod versions. All running containers will be stopped +// for changes between Engine versions. All running containers will be stopped // during a migration, then restarted after the migration is complete. func WithMigrate() RuntimeOption { return func(rt *Runtime) error { @@ -466,10 +466,10 @@ func WithMigrate() RuntimeOption { } } -// WithMigrateRuntime instructs Libpod to change the default OCI runtime on all +// WithMigrateRuntime instructs Engine to change the default OCI runtime on all // containers during a migration. This is not used if `MigrateRuntime()` is not // also passed. -// Libpod makes no promises that your containers continue to work with the new +// Engine makes no promises that your containers continue to work with the new // runtime - migrations between dissimilar runtimes may well break things. // Use with caution. func WithMigrateRuntime(requestedRuntime string) RuntimeOption { @@ -501,7 +501,7 @@ func WithEventsLogger(logger string) RuntimeOption { return errors.Wrapf(define.ErrInvalidArg, "%q is not a valid events backend", logger) } - rt.config.EventsLogger = logger + rt.config.Engine.EventsLogger = logger return nil } @@ -511,7 +511,7 @@ func WithEventsLogger(logger string) RuntimeOption { // listening func WithEnableSDNotify() RuntimeOption { return func(rt *Runtime) error { - rt.config.SDNotify = true + rt.config.Engine.SDNotify = true return nil } } @@ -1094,7 +1094,8 @@ func WithDNS(dnsServers []string) CtrCreateOption { } dns = append(dns, result) } - ctr.config.DNSServer = dns + ctr.config.DNSServer = append(ctr.config.DNSServer, dns...) + return nil } } @@ -1105,7 +1106,10 @@ func WithDNSOption(dnsOptions []string) CtrCreateOption { if ctr.valid { return define.ErrCtrFinalized } - ctr.config.DNSOption = dnsOptions + if ctr.config.UseImageResolvConf { + return errors.Wrapf(define.ErrInvalidArg, "cannot add DNS options if container will not create /etc/resolv.conf") + } + ctr.config.DNSOption = append(ctr.config.DNSOption, dnsOptions...) return nil } } diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go index b5895d133..851f52a4e 100644 --- a/libpod/pod_internal.go +++ b/libpod/pod_internal.go @@ -5,6 +5,7 @@ import ( "path/filepath" "time" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/storage/pkg/stringid" "github.com/pkg/errors" @@ -65,19 +66,19 @@ func (p *Pod) refresh() error { // We need to recreate the pod's cgroup if p.config.UsePodCgroup { - switch p.runtime.config.CgroupManager { - case define.SystemdCgroupsManager: + switch p.runtime.config.Engine.CgroupManager { + case config.SystemdCgroupsManager: cgroupPath, err := systemdSliceFromPath(p.config.CgroupParent, fmt.Sprintf("libpod_pod_%s", p.ID())) if err != nil { logrus.Errorf("Error creating CGroup for pod %s: %v", p.ID(), err) } p.state.CgroupPath = cgroupPath - case define.CgroupfsCgroupsManager: + case config.CgroupfsCgroupsManager: p.state.CgroupPath = filepath.Join(p.config.CgroupParent, p.ID()) logrus.Debugf("setting pod cgroup to %s", p.state.CgroupPath) default: - return errors.Wrapf(define.ErrInvalidArg, "unknown cgroups manager %s specified", p.runtime.config.CgroupManager) + return errors.Wrapf(define.ErrInvalidArg, "unknown cgroups manager %s specified", p.runtime.config.Engine.CgroupManager) } } diff --git a/libpod/pod_top_linux.go b/libpod/pod_top_linux.go index 80221c3a9..1f84c8667 100644 --- a/libpod/pod_top_linux.go +++ b/libpod/pod_top_linux.go @@ -41,12 +41,23 @@ func (p *Pod) GetPodPidInformation(descriptors []string) ([]string, error) { } c.lock.Unlock() } + + // Also support comma-separated input. + psgoDescriptors := []string{} + for _, d := range descriptors { + for _, s := range strings.Split(d, ",") { + if s != "" { + psgoDescriptors = append(psgoDescriptors, s) + } + } + } + // TODO: psgo returns a [][]string to give users the ability to apply // filters on the data. We need to change the API here and the // varlink API to return a [][]string if we want to make use of // filtering. opts := psgo.JoinNamespaceOpts{FillMappings: rootless.IsRootless()} - output, err := psgo.JoinNamespaceAndProcessInfoByPidsWithOptions(pids, descriptors, &opts) + output, err := psgo.JoinNamespaceAndProcessInfoByPidsWithOptions(pids, psgoDescriptors, &opts) if err != nil { return nil, err } diff --git a/libpod/reset.go b/libpod/reset.go index ae0a0cde9..c6754b7f6 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -88,14 +88,13 @@ func (r *Runtime) Reset(ctx context.Context) error { } prevError = err } - runtimeDir, err := util.GetRuntimeDir() if err != nil { return err } - tempDir := r.config.TmpDir - if r.config.TmpDir == runtimeDir { - tempDir = filepath.Join(r.config.TmpDir, "containers") + tempDir := r.config.Engine.TmpDir + if tempDir == runtimeDir { + tempDir = filepath.Join(tempDir, "containers") } if err := os.RemoveAll(tempDir); err != nil { if prevError != nil { diff --git a/libpod/runtime.go b/libpod/runtime.go index 8dcec82db..422b79359 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -11,11 +11,13 @@ import ( is "github.com/containers/image/v5/storage" "github.com/containers/image/v5/types" - "github.com/containers/libpod/libpod/config" + + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" "github.com/containers/libpod/libpod/image" "github.com/containers/libpod/libpod/lock" + "github.com/containers/libpod/pkg/cgroups" sysreg "github.com/containers/libpod/pkg/registries" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/util" @@ -30,9 +32,20 @@ import ( // NewRuntime type RuntimeOption func(*Runtime) error +type storageSet struct { + RunRootSet bool + GraphRootSet bool + StaticDirSet bool + VolumePathSet bool + GraphDriverNameSet bool + TmpDirSet bool +} + // Runtime is the core libpod runtime type Runtime struct { - config *config.Config + config *config.Config + storageConfig storage.StoreOptions + storageSet storageSet state State store storage.Store @@ -116,7 +129,12 @@ func SetXdgDirs() error { // NewRuntime creates a new container runtime // Options can be passed to override the default configuration for the runtime func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime, err error) { - return newRuntimeFromConfig(ctx, "", options...) + conf, err := config.NewConfig("") + if err != nil { + return nil, err + } + conf.CheckCgroupsAndAdjustConfig() + return newRuntimeFromConfig(ctx, conf, options...) } // NewRuntimeFromConfig creates a new container runtime using the given @@ -124,21 +142,29 @@ func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime // functions can be used to mutate this configuration further. // An error will be returned if the configuration file at the given path does // not exist or cannot be loaded -func NewRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) { - if userConfigPath == "" { - return nil, errors.New("invalid configuration file specified") - } - return newRuntimeFromConfig(ctx, userConfigPath, options...) +func NewRuntimeFromConfig(ctx context.Context, userConfig *config.Config, options ...RuntimeOption) (runtime *Runtime, err error) { + + return newRuntimeFromConfig(ctx, userConfig, options...) } -func newRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error) { +func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...RuntimeOption) (runtime *Runtime, err error) { runtime = new(Runtime) - conf, err := config.NewConfig(userConfigPath) + if conf.Engine.OCIRuntime == "" { + conf.Engine.OCIRuntime = "runc" + // If we're running on cgroups v2, default to using crun. + if onCgroupsv2, _ := cgroups.IsCgroup2UnifiedMode(); onCgroupsv2 { + conf.Engine.OCIRuntime = "crun" + } + } + + runtime.config = conf + + storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) if err != nil { return nil, err } - runtime.config = conf + runtime.storageConfig = storeOpts // Overwrite config with user-given configuration options for _, opt := range options { @@ -157,9 +183,9 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { var err error var manager lock.Manager - switch runtime.config.LockType { + switch runtime.config.Engine.LockType { case "file": - lockPath := filepath.Join(runtime.config.TmpDir, "locks") + lockPath := filepath.Join(runtime.config.Engine.TmpDir, "locks") manager, err = lock.OpenFileLockManager(lockPath) if err != nil { if os.IsNotExist(errors.Cause(err)) { @@ -178,11 +204,11 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { lockPath = fmt.Sprintf("%s_%d", define.DefaultRootlessSHMLockPath, rootless.GetRootlessUID()) } // Set up the lock manager - manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.NumLocks) + manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.Engine.NumLocks) if err != nil { switch { case os.IsNotExist(errors.Cause(err)): - manager, err = lock.NewSHMLockManager(lockPath, runtime.config.NumLocks) + manager, err = lock.NewSHMLockManager(lockPath, runtime.config.Engine.NumLocks) if err != nil { return nil, errors.Wrapf(err, "failed to get new shm lock manager") } @@ -196,7 +222,7 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { return nil, errors.Wrapf(err, "error removing libpod locks file %s", lockPath) } - manager, err = lock.NewSHMLockManager(lockPath, runtime.config.NumLocks) + manager, err = lock.NewSHMLockManager(lockPath, runtime.config.Engine.NumLocks) if err != nil { return nil, err } @@ -205,7 +231,7 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { } } default: - return nil, errors.Wrapf(define.ErrInvalidArg, "unknown lock type %s", runtime.config.LockType) + return nil, errors.Wrapf(define.ErrInvalidArg, "unknown lock type %s", runtime.config.Engine.LockType) } return manager, nil } @@ -221,11 +247,11 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { runtime.conmonPath = cPath // Make the static files directory if it does not exist - if err := os.MkdirAll(runtime.config.StaticDir, 0700); err != nil { + if err := os.MkdirAll(runtime.config.Engine.StaticDir, 0700); err != nil { // The directory is allowed to exist if !os.IsExist(err) { return errors.Wrapf(err, "error creating runtime static files directory %s", - runtime.config.StaticDir) + runtime.config.Engine.StaticDir) } } @@ -235,17 +261,17 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { // libpod/state, the config could take care of the code below. It // would further allow to move the types and consts into a coherent // package. - switch runtime.config.StateType { - case define.InMemoryStateStore: + switch runtime.config.Engine.StateType { + case config.InMemoryStateStore: state, err := NewInMemoryState() if err != nil { return err } runtime.state = state - case define.SQLiteStateStore: + case config.SQLiteStateStore: return errors.Wrapf(define.ErrInvalidArg, "SQLite state is currently disabled") - case define.BoltDBStateStore: - dbPath := filepath.Join(runtime.config.StaticDir, "bolt_state.db") + case config.BoltDBStateStore: + dbPath := filepath.Join(runtime.config.Engine.StaticDir, "bolt_state.db") state, err := NewBoltState(dbPath, runtime) if err != nil { @@ -253,7 +279,7 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { } runtime.state = state default: - return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed (%v)", runtime.config.StateType) + return errors.Wrapf(define.ErrInvalidArg, "unrecognized state type passed (%v)", runtime.config.Engine.StateType) } // Grab config from the database so we can reset some defaults @@ -262,16 +288,16 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { return errors.Wrapf(err, "error retrieving runtime configuration from database") } - if err := runtime.config.MergeDBConfig(dbConfig); err != nil { + if err := runtime.mergeDBConfig(dbConfig); err != nil { return errors.Wrapf(err, "error merging database config into runtime config") } - logrus.Debugf("Using graph driver %s", runtime.config.StorageConfig.GraphDriverName) - logrus.Debugf("Using graph root %s", runtime.config.StorageConfig.GraphRoot) - logrus.Debugf("Using run root %s", runtime.config.StorageConfig.RunRoot) - logrus.Debugf("Using static dir %s", runtime.config.StaticDir) - logrus.Debugf("Using tmp dir %s", runtime.config.TmpDir) - logrus.Debugf("Using volume path %s", runtime.config.VolumePath) + logrus.Debugf("Using graph driver %s", runtime.storageConfig.GraphDriverName) + logrus.Debugf("Using graph root %s", runtime.storageConfig.GraphRoot) + logrus.Debugf("Using run root %s", runtime.storageConfig.RunRoot) + logrus.Debugf("Using static dir %s", runtime.config.Engine.StaticDir) + logrus.Debugf("Using tmp dir %s", runtime.config.Engine.TmpDir) + logrus.Debugf("Using volume path %s", runtime.config.Engine.VolumePath) // Validate our config against the database, now that we've set our // final storage configuration @@ -279,10 +305,10 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { return err } - if err := runtime.state.SetNamespace(runtime.config.Namespace); err != nil { + if err := runtime.state.SetNamespace(runtime.config.Engine.Namespace); err != nil { return errors.Wrapf(err, "error setting libpod namespace in state") } - logrus.Debugf("Set libpod namespace to %q", runtime.config.Namespace) + logrus.Debugf("Set libpod namespace to %q", runtime.config.Engine.Namespace) // Set up containers/storage var store storage.Store @@ -316,66 +342,40 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { // Set up containers/image runtime.imageContext = &types.SystemContext{ - SignaturePolicyPath: runtime.config.SignaturePolicyPath, + SignaturePolicyPath: runtime.config.Engine.SignaturePolicyPath, } // Create the tmpDir - if err := os.MkdirAll(runtime.config.TmpDir, 0751); err != nil { + if err := os.MkdirAll(runtime.config.Engine.TmpDir, 0751); err != nil { // The directory is allowed to exist if !os.IsExist(err) { - return errors.Wrapf(err, "error creating tmpdir %s", runtime.config.TmpDir) + return errors.Wrapf(err, "error creating tmpdir %s", runtime.config.Engine.TmpDir) } } // Create events log dir - if err := os.MkdirAll(filepath.Dir(runtime.config.EventsLogFilePath), 0700); err != nil { + if err := os.MkdirAll(filepath.Dir(runtime.config.Engine.EventsLogFilePath), 0700); err != nil { // The directory is allowed to exist if !os.IsExist(err) { - return errors.Wrapf(err, "error creating events dirs %s", filepath.Dir(runtime.config.EventsLogFilePath)) + return errors.Wrapf(err, "error creating events dirs %s", filepath.Dir(runtime.config.Engine.EventsLogFilePath)) } } // Make lookup tables for runtime support supportsJSON := make(map[string]bool) supportsNoCgroups := make(map[string]bool) - for _, r := range runtime.config.RuntimeSupportsJSON { + for _, r := range runtime.config.Engine.RuntimeSupportsJSON { supportsJSON[r] = true } - for _, r := range runtime.config.RuntimeSupportsNoCgroups { + for _, r := range runtime.config.Engine.RuntimeSupportsNoCgroups { supportsNoCgroups[r] = true } // Get us at least one working OCI runtime. runtime.ociRuntimes = make(map[string]OCIRuntime) - // Is the old runtime_path defined? - if runtime.config.RuntimePath != nil { - // Don't print twice in rootless mode. - if os.Geteuid() == 0 { - logrus.Warningf("The configuration is using `runtime_path`, which is deprecated and will be removed in future. Please use `runtimes` and `runtime`") - logrus.Warningf("If you are using both `runtime_path` and `runtime`, the configuration from `runtime_path` is used") - } - - if len(runtime.config.RuntimePath) == 0 { - return errors.Wrapf(define.ErrInvalidArg, "empty runtime path array passed") - } - - name := filepath.Base(runtime.config.RuntimePath[0]) - - json := supportsJSON[name] - nocgroups := supportsNoCgroups[name] - - ociRuntime, err := newConmonOCIRuntime(name, runtime.config.RuntimePath, runtime.conmonPath, runtime.config, json, nocgroups) - if err != nil { - return err - } - - runtime.ociRuntimes[name] = ociRuntime - runtime.defaultOCIRuntime = ociRuntime - } - // Initialize remaining OCI runtimes - for name, paths := range runtime.config.OCIRuntimes { + for name, paths := range runtime.config.Engine.OCIRuntimes { json := supportsJSON[name] nocgroups := supportsNoCgroups[name] @@ -393,16 +393,16 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { } // Do we have a default OCI runtime? - if runtime.config.OCIRuntime != "" { + if runtime.config.Engine.OCIRuntime != "" { // If the string starts with / it's a path to a runtime // executable. - if strings.HasPrefix(runtime.config.OCIRuntime, "/") { - name := filepath.Base(runtime.config.OCIRuntime) + if strings.HasPrefix(runtime.config.Engine.OCIRuntime, "/") { + name := filepath.Base(runtime.config.Engine.OCIRuntime) json := supportsJSON[name] nocgroups := supportsNoCgroups[name] - ociRuntime, err := newConmonOCIRuntime(name, []string{runtime.config.OCIRuntime}, runtime.conmonPath, runtime.config, json, nocgroups) + ociRuntime, err := newConmonOCIRuntime(name, []string{runtime.config.Engine.OCIRuntime}, runtime.conmonPath, runtime.config, json, nocgroups) if err != nil { return err } @@ -410,9 +410,9 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { runtime.ociRuntimes[name] = ociRuntime runtime.defaultOCIRuntime = ociRuntime } else { - ociRuntime, ok := runtime.ociRuntimes[runtime.config.OCIRuntime] + ociRuntime, ok := runtime.ociRuntimes[runtime.config.Engine.OCIRuntime] if !ok { - return errors.Wrapf(define.ErrInvalidArg, "default OCI runtime %q not found", runtime.config.OCIRuntime) + return errors.Wrapf(define.ErrInvalidArg, "default OCI runtime %q not found", runtime.config.Engine.OCIRuntime) } runtime.defaultOCIRuntime = ociRuntime } @@ -429,17 +429,18 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { } // Make the per-boot files directory if it does not exist - if err := os.MkdirAll(runtime.config.TmpDir, 0755); err != nil { + if err := os.MkdirAll(runtime.config.Engine.TmpDir, 0755); err != nil { // The directory is allowed to exist if !os.IsExist(err) { return errors.Wrapf(err, "error creating runtime temporary files directory %s", - runtime.config.TmpDir) + runtime.config.Engine.TmpDir) } } // Set up the CNI net plugin if !rootless.IsRootless() { - netPlugin, err := ocicni.InitCNI(runtime.config.CNIDefaultNetwork, runtime.config.CNIConfigDir, runtime.config.CNIPluginDir...) + + netPlugin, err := ocicni.InitCNI(runtime.config.Network.DefaultNetwork, runtime.config.Network.NetworkConfigDir, runtime.config.Network.CNIPluginDirs...) if err != nil { return errors.Wrapf(err, "error configuring CNI network plugin") } @@ -449,8 +450,8 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { // We now need to see if the system has restarted // We check for the presence of a file in our tmp directory to verify this // This check must be locked to prevent races - runtimeAliveLock := filepath.Join(runtime.config.TmpDir, "alive.lck") - runtimeAliveFile := filepath.Join(runtime.config.TmpDir, "alive") + runtimeAliveLock := filepath.Join(runtime.config.Engine.TmpDir, "alive.lck") + runtimeAliveFile := filepath.Join(runtime.config.Engine.TmpDir, "alive") aliveLock, err := storage.GetLockfile(runtimeAliveLock) if err != nil { return errors.Wrapf(err, "error acquiring runtime init lock") @@ -587,7 +588,7 @@ func (r *Runtime) Shutdown(force bool) error { logrus.Errorf("Error retrieving containers from database: %v", err) } else { for _, ctr := range ctrs { - if err := ctr.StopWithTimeout(define.CtrRemoveTimeout); err != nil { + if err := ctr.StopWithTimeout(r.config.Engine.StopTimeout); err != nil { logrus.Errorf("Error stopping container %s: %v", ctr.ID(), err) } } @@ -733,7 +734,7 @@ func (r *Runtime) generateName() (string, error) { // Configure store and image runtime func (r *Runtime) configureStore() error { - store, err := storage.GetStore(r.config.StorageConfig) + store, err := storage.GetStore(r.storageConfig) if err != nil { return err } @@ -750,9 +751,9 @@ func (r *Runtime) configureStore() error { r.storageService = storageService ir := image.NewImageRuntimeFromStore(r.store) - ir.SignaturePolicyPath = r.config.SignaturePolicyPath - ir.EventsLogFilePath = r.config.EventsLogFilePath - ir.EventsLogger = r.config.EventsLogger + ir.SignaturePolicyPath = r.config.Engine.SignaturePolicyPath + ir.EventsLogFilePath = r.config.Engine.EventsLogFilePath + ir.EventsLogger = r.config.Engine.EventsLogger r.imageRuntime = ir @@ -775,3 +776,74 @@ func (r *Runtime) SystemContext() *types.SystemContext { func (r *Runtime) GetOCIRuntimePath() string { return r.defaultOCIRuntime.Path() } + +// StorageConfig retrieves the storage options for the container runtime +func (r *Runtime) StorageConfig() storage.StoreOptions { + return r.storageConfig +} + +// DBConfig is a set of Libpod runtime configuration settings that are saved in +// a State when it is first created, and can subsequently be retrieved. +type DBConfig struct { + LibpodRoot string + LibpodTmp string + StorageRoot string + StorageTmp string + GraphDriver string + VolumePath string +} + +// mergeDBConfig merges the configuration from the database. +func (r *Runtime) mergeDBConfig(dbConfig *DBConfig) error { + + c := r.config.Engine + if !r.storageSet.RunRootSet && dbConfig.StorageTmp != "" { + if r.storageConfig.RunRoot != dbConfig.StorageTmp && + r.storageConfig.RunRoot != "" { + logrus.Debugf("Overriding run root %q with %q from database", + r.storageConfig.RunRoot, dbConfig.StorageTmp) + } + r.storageConfig.RunRoot = dbConfig.StorageTmp + } + + if !r.storageSet.GraphRootSet && dbConfig.StorageRoot != "" { + if r.storageConfig.GraphRoot != dbConfig.StorageRoot && + r.storageConfig.GraphRoot != "" { + logrus.Debugf("Overriding graph root %q with %q from database", + r.storageConfig.GraphRoot, dbConfig.StorageRoot) + } + r.storageConfig.GraphRoot = dbConfig.StorageRoot + } + + if !r.storageSet.GraphDriverNameSet && dbConfig.GraphDriver != "" { + if r.storageConfig.GraphDriverName != dbConfig.GraphDriver && + r.storageConfig.GraphDriverName != "" { + logrus.Errorf("User-selected graph driver %q overwritten by graph driver %q from database - delete libpod local files to resolve", + r.storageConfig.GraphDriverName, dbConfig.GraphDriver) + } + r.storageConfig.GraphDriverName = dbConfig.GraphDriver + } + + if !r.storageSet.StaticDirSet && dbConfig.LibpodRoot != "" { + if c.StaticDir != dbConfig.LibpodRoot && c.StaticDir != "" { + logrus.Debugf("Overriding static dir %q with %q from database", c.StaticDir, dbConfig.LibpodRoot) + } + c.StaticDir = dbConfig.LibpodRoot + } + + if !r.storageSet.TmpDirSet && dbConfig.LibpodTmp != "" { + if c.TmpDir != dbConfig.LibpodTmp && c.TmpDir != "" { + logrus.Debugf("Overriding tmp dir %q with %q from database", c.TmpDir, dbConfig.LibpodTmp) + } + c.TmpDir = dbConfig.LibpodTmp + c.EventsLogFilePath = filepath.Join(dbConfig.LibpodTmp, "events", "events.log") + } + + if !r.storageSet.VolumePathSet && dbConfig.VolumePath != "" { + if c.VolumePath != dbConfig.VolumePath && c.VolumePath != "" { + logrus.Debugf("Overriding volume path %q with %q from database", c.VolumePath, dbConfig.VolumePath) + } + c.VolumePath = dbConfig.VolumePath + } + return nil +} diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index b99e6df84..207ac6477 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -8,11 +8,13 @@ import ( "strings" "time" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" "github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/rootless" "github.com/containers/storage/pkg/stringid" + "github.com/docker/go-units" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" "github.com/opentracing/opentracing-go" @@ -59,7 +61,7 @@ func (r *Runtime) RestoreContainer(ctx context.Context, rSpec *spec.Spec, config // If the path to ConmonPidFile starts with the default value (RunRoot), then // the user has not specified '--conmon-pidfile' during run or create (probably). // In that case reset ConmonPidFile to be set to the default value later. - if strings.HasPrefix(ctr.config.ConmonPidFile, r.config.StorageConfig.RunRoot) { + if strings.HasPrefix(ctr.config.ConmonPidFile, r.storageConfig.RunRoot) { ctr.config.ConmonPidFile = "" } @@ -76,7 +78,11 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf if config == nil { ctr.config.ID = stringid.GenerateNonCryptoID() - ctr.config.ShmSize = define.DefaultShmSize + size, err := units.FromHumanSize(r.config.Containers.ShmSize) + if err != nil { + return nil, errors.Wrapf(err, "converting containers.conf ShmSize %s to an int", r.config.Containers.ShmSize) + } + ctr.config.ShmSize = size } else { // This is a restore from an imported checkpoint ctr.restoreFromCheckpoint = true @@ -101,14 +107,14 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf ctr.state.BindMounts = make(map[string]string) - ctr.config.StopTimeout = define.CtrRemoveTimeout + ctr.config.StopTimeout = r.config.Engine.StopTimeout ctr.config.OCIRuntime = r.defaultOCIRuntime.Name() // Set namespace based on current runtime namespace // Do so before options run so they can override it - if r.config.Namespace != "" { - ctr.config.Namespace = r.config.Namespace + if r.config.Engine.Namespace != "" { + ctr.config.Namespace = r.config.Engine.Namespace } ctr.runtime = r @@ -200,8 +206,8 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai // Check CGroup parent sanity, and set it if it was not set. // Only if we're actually configuring CGroups. if !ctr.config.NoCgroups { - switch r.config.CgroupManager { - case define.CgroupfsCgroupsManager: + switch r.config.Engine.CgroupManager { + case config.CgroupfsCgroupsManager: if ctr.config.CgroupParent == "" { if pod != nil && pod.config.UsePodCgroup { podCgroup, err := pod.CgroupPath() @@ -218,7 +224,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai } else if strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") { return nil, errors.Wrapf(define.ErrInvalidArg, "systemd slice received as cgroup parent when using cgroupfs") } - case define.SystemdCgroupsManager: + case config.SystemdCgroupsManager: if ctr.config.CgroupParent == "" { switch { case pod != nil && pod.config.UsePodCgroup: @@ -236,7 +242,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai return nil, errors.Wrapf(define.ErrInvalidArg, "did not receive systemd slice as cgroup parent when using systemd to manage cgroups") } default: - return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.CgroupManager) + return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.Engine.CgroupManager) } } diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go index 155ac83d9..06a7b3936 100644 --- a/libpod/runtime_pod_infra_linux.go +++ b/libpod/runtime_pod_infra_linux.go @@ -36,7 +36,7 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawIm isRootless := rootless.IsRootless() - entryCmd := []string{r.config.InfraCommand} + entryCmd := []string{r.config.Engine.InfraCommand} var options []CtrCreateOption // I've seen circumstances where config is being passed as nil. // Let's err on the side of safety and make sure it's safe to use. @@ -142,7 +142,7 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, return nil, define.ErrRuntimeStopped } - newImage, err := r.ImageRuntime().New(ctx, r.config.InfraImage, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing) + newImage, err := r.ImageRuntime().New(ctx, r.config.Engine.InfraImage, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing) if err != nil { return nil, err } @@ -154,5 +154,5 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, imageName := newImage.Names()[0] imageID := data.ID - return r.makeInfraContainer(ctx, p, imageName, r.config.InfraImage, imageID, data.Config) + return r.makeInfraContainer(ctx, p, imageName, r.config.Engine.InfraImage, imageID, data.Config) } diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 4afd5760a..872e8ea8a 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -9,6 +9,7 @@ import ( "path/filepath" "strings" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/events" "github.com/containers/libpod/pkg/cgroups" @@ -34,8 +35,8 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po // Set default namespace to runtime's namespace // Do so before options run so they can override it - if r.config.Namespace != "" { - pod.config.Namespace = r.config.Namespace + if r.config.Engine.Namespace != "" { + pod.config.Namespace = r.config.Engine.Namespace } for _, option := range options { @@ -75,8 +76,8 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po pod.valid = true // Check CGroup parent sanity, and set it if it was not set - switch r.config.CgroupManager { - case define.CgroupfsCgroupsManager: + switch r.config.Engine.CgroupManager { + case config.CgroupfsCgroupsManager: if pod.config.CgroupParent == "" { pod.config.CgroupParent = CgroupfsDefaultCgroupParent } else if strings.HasSuffix(path.Base(pod.config.CgroupParent), ".slice") { @@ -89,7 +90,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po if pod.config.UsePodCgroup { pod.state.CgroupPath = filepath.Join(pod.config.CgroupParent, pod.ID()) } - case define.SystemdCgroupsManager: + case config.SystemdCgroupsManager: if pod.config.CgroupParent == "" { if rootless.IsRootless() { pod.config.CgroupParent = SystemdDefaultRootlessCgroupParent @@ -109,7 +110,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po pod.state.CgroupPath = cgroupPath } default: - return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.CgroupManager) + return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.Engine.CgroupManager) } if pod.config.UsePodCgroup { @@ -198,7 +199,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) // the pod and conmon CGroups with a PID limit to prevent them from // spawning any further processes (particularly cleanup processes) which // would prevent removing the CGroups. - if p.runtime.config.CgroupManager == define.CgroupfsCgroupsManager { + if p.runtime.config.Engine.CgroupManager == config.CgroupfsCgroupsManager { // Get the conmon CGroup conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon") conmonCgroup, err := cgroups.Load(conmonCgroupPath) @@ -272,8 +273,8 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) if p.state.CgroupPath != "" { logrus.Debugf("Removing pod cgroup %s", p.state.CgroupPath) - switch p.runtime.config.CgroupManager { - case define.SystemdCgroupsManager: + switch p.runtime.config.Engine.CgroupManager { + case config.SystemdCgroupsManager: if err := deleteSystemdCgroup(p.state.CgroupPath); err != nil { if removalErr == nil { removalErr = errors.Wrapf(err, "error removing pod %s cgroup", p.ID()) @@ -281,7 +282,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) logrus.Errorf("Error deleting pod %s cgroup %s: %v", p.ID(), p.state.CgroupPath, err) } } - case define.CgroupfsCgroupsManager: + case config.CgroupfsCgroupsManager: // Delete the cgroupfs cgroup // Make sure the conmon cgroup is deleted first // Since the pod is almost gone, don't bother failing @@ -326,9 +327,9 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) // keep going so we make sure to evict the pod before // ending up with an inconsistent state. if removalErr == nil { - removalErr = errors.Wrapf(define.ErrInternal, "unrecognized cgroup manager %s when removing pod %s cgroups", p.runtime.config.CgroupManager, p.ID()) + removalErr = errors.Wrapf(define.ErrInternal, "unrecognized cgroup manager %s when removing pod %s cgroups", p.runtime.config.Engine.CgroupManager, p.ID()) } else { - logrus.Errorf("Unknown cgroups manager %s specified - cannot remove pod %s cgroup", p.runtime.config.CgroupManager, p.ID()) + logrus.Errorf("Unknown cgroups manager %s specified - cannot remove pod %s cgroup", p.runtime.config.Engine.CgroupManager, p.ID()) } } } diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go index e9cfda9d4..d4b46cc94 100644 --- a/libpod/runtime_volume_linux.go +++ b/libpod/runtime_volume_linux.go @@ -71,7 +71,7 @@ func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption) } // Create the mountpoint of this volume - volPathRoot := filepath.Join(r.config.VolumePath, volume.config.Name) + volPathRoot := filepath.Join(r.config.Engine.VolumePath, volume.config.Name) if err := os.MkdirAll(volPathRoot, 0700); err != nil { return nil, errors.Wrapf(err, "error creating volume directory %q", volPathRoot) } diff --git a/libpod/state.go b/libpod/state.go index 9690e5819..6206a2994 100644 --- a/libpod/state.go +++ b/libpod/state.go @@ -1,7 +1,5 @@ package libpod -import "github.com/containers/libpod/libpod/config" - // State is a storage backend for libpod's current state. // A State is only initialized once per instance of libpod. // As such, initialization methods for State implementations may safely assume @@ -28,7 +26,7 @@ type State interface { // root and tmp dirs, and c/storage graph driver. // This is not implemented by the in-memory state, as it has no need to // validate runtime configuration. - GetDBConfig() (*config.DBConfig, error) + GetDBConfig() (*DBConfig, error) // ValidateDBConfig validates the config in the given Runtime struct // against paths stored in the configured database. diff --git a/libpod/state_test.go b/libpod/state_test.go index 39937d8e4..db1c8dd99 100644 --- a/libpod/state_test.go +++ b/libpod/state_test.go @@ -8,7 +8,7 @@ import ( "testing" "time" - "github.com/containers/libpod/libpod/config" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/lock" "github.com/containers/storage" @@ -54,7 +54,7 @@ func getEmptyBoltState() (s State, p string, m lock.Manager, err error) { runtime := new(Runtime) runtime.config = new(config.Config) - runtime.config.StorageConfig = storage.StoreOptions{} + runtime.storageConfig = storage.StoreOptions{} runtime.lockManager = lockManager state, err := NewBoltState(dbPath, runtime) diff --git a/libpod/util.go b/libpod/util.go index f79d6c09b..e9d234bbe 100644 --- a/libpod/util.go +++ b/libpod/util.go @@ -12,7 +12,8 @@ import ( "strings" "time" - "github.com/containers/libpod/libpod/config" + "github.com/containers/common/pkg/config" + "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/utils" "github.com/fsnotify/fsnotify" diff --git a/libpod/volume_internal.go b/libpod/volume_internal.go index e89b3484d..781ff77ca 100644 --- a/libpod/volume_internal.go +++ b/libpod/volume_internal.go @@ -23,7 +23,7 @@ func newVolume(runtime *Runtime) (*Volume, error) { // teardownStorage deletes the volume from volumePath func (v *Volume) teardownStorage() error { - return os.RemoveAll(filepath.Join(v.runtime.config.VolumePath, v.Name())) + return os.RemoveAll(filepath.Join(v.runtime.config.Engine.VolumePath, v.Name())) } // Volumes with options set, or a filesystem type, or a device to mount need to |