diff options
Diffstat (limited to 'pkg/specgen')
| -rw-r--r-- | pkg/specgen/generate/container.go | 21 | ||||
| -rw-r--r-- | pkg/specgen/generate/container_create.go | 5 | ||||
| -rw-r--r-- | pkg/specgen/generate/oci.go | 3 | ||||
| -rw-r--r-- | pkg/specgen/specgen.go | 8 |
4 files changed, 35 insertions, 2 deletions
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 1f6d00eb7..ae26807a9 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -140,10 +140,29 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat // VM, which is the default behavior // - "container" denotes the container should join the VM of the SandboxID // (the infra container) - if len(s.Pod) > 0 { annotations[ann.SandboxID] = s.Pod annotations[ann.ContainerType] = ann.ContainerTypeContainer + // Check if this is an init-ctr and if so, check if + // the pod is running. we do not want to add init-ctrs to + // a running pod because it creates confusion for us. + if len(s.InitContainerType) > 0 { + p, err := r.LookupPod(s.Pod) + if err != nil { + return nil, err + } + containerStatuses, err := p.Status() + if err != nil { + return nil, err + } + // If any one of the containers is running, the pod is considered to be + // running + for _, con := range containerStatuses { + if con == define.ContainerStateRunning { + return nil, errors.New("cannot add init-ctr to a running pod") + } + } + } } for _, v := range rtc.Containers.Annotations { diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 4e3a86ae4..5101a6ccb 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -144,11 +144,14 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener options = append(options, libpod.WithNetworkAliases(s.Aliases)) } + if containerType := s.InitContainerType; len(containerType) > 0 { + options = append(options, libpod.WithInitCtrType(containerType)) + } + if len(s.Devices) > 0 { opts = extractCDIDevices(s) options = append(options, opts...) } - runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod, command) if err != nil { return nil, err diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 6e310d8a6..1f3f9e832 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -285,6 +285,9 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt } g.AddMount(cgroupMnt) } + + g.Config.Linux.Personality = s.Personality + g.SetProcessCwd(s.WorkDir) g.SetProcessArgs(finalCmd) diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 7eec48a55..fc647227e 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -183,6 +183,14 @@ type ContainerBasicConfig struct { // EnvSecrets are secrets that will be set as environment variables // Optional. EnvSecrets map[string]string `json:"secret_env,omitempty"` + // InitContainerType describes if this container is an init container + // and if so, what type: always or oneshot + InitContainerType string `json:"init_container_type"` + // Personality allows users to configure different execution domains. + // Execution domains tell Linux how to map signal numbers into signal actions. + // The execution domain system allows Linux to provide limited support + // for binaries compiled under other UNIX-like operating systems. + Personality *spec.LinuxPersonality `json:"personality,omitempty"` } // ContainerStorageConfig contains information on the storage configuration of a |