summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/api/handlers/libpod/images.go4
-rw-r--r--pkg/api/handlers/types.go6
-rw-r--r--pkg/api/server/server.go129
-rw-r--r--pkg/domain/entities/play.go2
-rw-r--r--pkg/domain/entities/system.go11
-rw-r--r--pkg/domain/infra/abi/images.go4
-rw-r--r--pkg/hooks/docs/oci-hooks.5.md2
-rw-r--r--pkg/specgen/generate/container.go6
-rw-r--r--pkg/specgen/generate/kube/kube.go2
-rw-r--r--pkg/specgen/generate/storage.go2
10 files changed, 90 insertions, 78 deletions
diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go
index 1c6cc917c..f2f93434a 100644
--- a/pkg/api/handlers/libpod/images.go
+++ b/pkg/api/handlers/libpod/images.go
@@ -11,6 +11,7 @@ import (
"strings"
"github.com/containers/buildah"
+ "github.com/containers/common/libimage"
"github.com/containers/common/pkg/filters"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/types"
@@ -93,7 +94,8 @@ func GetImage(w http.ResponseWriter, r *http.Request) {
utils.Error(w, "Something went wrong.", http.StatusNotFound, errors.Wrapf(err, "failed to find image %s", name))
return
}
- inspect, err := newImage.Inspect(r.Context(), true)
+ options := &libimage.InspectOptions{WithParent: true, WithSize: true}
+ inspect, err := newImage.Inspect(r.Context(), options)
if err != nil {
utils.Error(w, "Server error", http.StatusInternalServerError, errors.Wrapf(err, "failed in inspect image %s", inspect.ID))
return
diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go
index fedab3bb3..b90154e30 100644
--- a/pkg/api/handlers/types.go
+++ b/pkg/api/handlers/types.go
@@ -166,7 +166,8 @@ type ExecStartConfig struct {
}
func ImageToImageSummary(l *libimage.Image) (*entities.ImageSummary, error) {
- imageData, err := l.Inspect(context.TODO(), true)
+ options := &libimage.InspectOptions{WithParent: true, WithSize: true}
+ imageData, err := l.Inspect(context.TODO(), options)
if err != nil {
return nil, errors.Wrapf(err, "failed to obtain summary for image %s", l.ID())
}
@@ -205,7 +206,8 @@ func ImageToImageSummary(l *libimage.Image) (*entities.ImageSummary, error) {
}
func ImageDataToImageInspect(ctx context.Context, l *libimage.Image) (*ImageInspect, error) {
- info, err := l.Inspect(context.Background(), true)
+ options := &libimage.InspectOptions{WithParent: true, WithSize: true}
+ info, err := l.Inspect(context.Background(), options)
if err != nil {
return nil, err
}
diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go
index c7174775e..6e9578cd1 100644
--- a/pkg/api/server/server.go
+++ b/pkg/api/server/server.go
@@ -6,6 +6,7 @@ import (
"log"
"net"
"net/http"
+ "net/http/pprof"
"os"
"runtime"
"strings"
@@ -18,6 +19,7 @@ import (
"github.com/containers/podman/v3/pkg/api/handlers"
"github.com/containers/podman/v3/pkg/api/server/idle"
"github.com/containers/podman/v3/pkg/api/types"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/coreos/go-systemd/v22/activation"
"github.com/coreos/go-systemd/v22/daemon"
"github.com/gorilla/mux"
@@ -27,14 +29,14 @@ import (
type APIServer struct {
http.Server // The HTTP work happens here
- *schema.Decoder // Decoder for Query parameters to structs
- context.Context // Context to carry objects to handlers
- *libpod.Runtime // Where the real work happens
net.Listener // mux for routing HTTP API calls to libpod routines
+ *libpod.Runtime // Where the real work happens
+ *schema.Decoder // Decoder for Query parameters to structs
context.CancelFunc // Stop APIServer
+ context.Context // Context to carry objects to handlers
+ CorsHeaders string // Inject Cross-Origin Resource Sharing (CORS) headers
+ PProfAddr string // Binding network address for pprof profiles
idleTracker *idle.Tracker // Track connections to support idle shutdown
- pprof *http.Server // Sidecar http server for providing performance data
- CorsHeaders string // Inject CORS headers to each request
}
// Number of seconds to wait for next request, if exceeded shutdown server
@@ -49,22 +51,20 @@ var (
shutdownOnce sync.Once
)
-type Options struct {
- Timeout time.Duration
- CorsHeaders string
-}
-
// NewServer will create and configure a new API server with all defaults
func NewServer(runtime *libpod.Runtime) (*APIServer, error) {
- return newServer(runtime, DefaultServiceDuration, nil, DefaultCorsHeaders)
+ return newServer(runtime, nil, entities.ServiceOptions{
+ CorsHeaders: DefaultCorsHeaders,
+ Timeout: DefaultServiceDuration,
+ })
}
// NewServerWithSettings will create and configure a new API server using provided settings
-func NewServerWithSettings(runtime *libpod.Runtime, listener *net.Listener, opts Options) (*APIServer, error) {
- return newServer(runtime, opts.Timeout, listener, opts.CorsHeaders)
+func NewServerWithSettings(runtime *libpod.Runtime, listener *net.Listener, opts entities.ServiceOptions) (*APIServer, error) {
+ return newServer(runtime, listener, opts)
}
-func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Listener, corsHeaders string) (*APIServer, error) {
+func newServer(runtime *libpod.Runtime, listener *net.Listener, opts entities.ServiceOptions) (*APIServer, error) {
// If listener not provided try socket activation protocol
if listener == nil {
if _, found := os.LookupEnv("LISTEN_PID"); !found {
@@ -80,15 +80,15 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
}
listener = &listeners[0]
}
- if corsHeaders == "" {
+ if opts.CorsHeaders == "" {
logrus.Debug("CORS Headers were not set")
} else {
- logrus.Debugf("CORS Headers were set to %s", corsHeaders)
+ logrus.Debugf("CORS Headers were set to %q", opts.CorsHeaders)
}
logrus.Infof("API service listening on %q", (*listener).Addr())
router := mux.NewRouter().UseEncodedPath()
- tracker := idle.NewTracker(duration)
+ tracker := idle.NewTracker(opts.Timeout)
server := APIServer{
Server: http.Server{
@@ -98,10 +98,11 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
ConnState: tracker.ConnState,
ErrorLog: log.New(logrus.StandardLogger().Out, "", 0),
Handler: router,
- IdleTimeout: duration * 2,
+ IdleTimeout: opts.Timeout * 2,
},
- CorsHeaders: corsHeaders,
+ CorsHeaders: opts.CorsHeaders,
Listener: *listener,
+ PProfAddr: opts.PProfAddr,
idleTracker: tracker,
}
@@ -181,18 +182,18 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
return &server, nil
}
-// If the NOTIFY_SOCKET is set, communicate the PID and readiness, and
-// further unset NOTIFY_SOCKET to prevent containers from sending
-// messages and unset INVOCATION_ID so conmon and containers are in
-// the correct cgroup.
-func setupSystemd() {
- if len(os.Getenv("NOTIFY_SOCKET")) == 0 {
+// setupSystemd notifies systemd API service is ready
+// If the NOTIFY_SOCKET is set, communicate the PID and readiness, and unset INVOCATION_ID
+// so conmon and containers are in the correct cgroup.
+func (s *APIServer) setupSystemd() {
+ if _, found := os.LookupEnv("NOTIFY_SOCKET"); !found {
return
}
+
payload := fmt.Sprintf("MAINPID=%d\n", os.Getpid())
payload += daemon.SdNotifyReady
if sent, err := daemon.SdNotify(true, payload); err != nil {
- logrus.Error("API service error notifying systemd of Conmon PID: " + err.Error())
+ logrus.Error("API service failed to notify systemd of Conmon PID: " + err.Error())
} else if !sent {
logrus.Warn("API service unable to successfully send SDNotify")
}
@@ -204,10 +205,10 @@ func setupSystemd() {
// Serve starts responding to HTTP requests.
func (s *APIServer) Serve() error {
- setupSystemd()
+ s.setupPprof()
if err := shutdown.Register("server", func(sig os.Signal) error {
- return s.Shutdown()
+ return s.Shutdown(true)
}); err != nil {
return err
}
@@ -216,32 +217,17 @@ func (s *APIServer) Serve() error {
return err
}
- errChan := make(chan error, 1)
-
go func() {
<-s.idleTracker.Done()
- logrus.Debug("API service shutting down, idle for " + s.idleTracker.Duration.Round(time.Second).String())
- _ = s.Shutdown()
+ logrus.Debugf("API service(s) shutting down, idle for %ds", int(s.idleTracker.Duration.Seconds()))
+ _ = s.Shutdown(false)
}()
- if logrus.IsLevelEnabled(logrus.DebugLevel) {
- go func() {
- pprofMux := mux.NewRouter()
- pprofMux.PathPrefix("/debug/pprof").Handler(http.DefaultServeMux)
- runtime.SetMutexProfileFraction(1)
- runtime.SetBlockProfileRate(1)
- s.pprof = &http.Server{Addr: "localhost:8888", Handler: pprofMux}
- err := s.pprof.ListenAndServe()
- if err != nil && err != http.ErrServerClosed {
- logrus.Warnf("API profiler service failed: %v", err)
- }
- }()
- }
-
- // Before we start serving, ensure umask is properly set for container
- // creation.
+ // Before we start serving, ensure umask is properly set for container creation.
_ = syscall.Umask(0022)
+ errChan := make(chan error, 1)
+ s.setupSystemd()
go func() {
err := s.Server.Serve(s.Listener)
if err != nil && err != http.ErrServerClosed {
@@ -254,10 +240,40 @@ func (s *APIServer) Serve() error {
return <-errChan
}
+// setupPprof enables pprof default endpoints
+// Note: These endpoints and the podman flag --cpu-profile are mutually exclusive
+//
+// Examples:
+// #1 go tool pprof -http localhost:8889 localhost:8888/debug/pprof/heap?seconds=120
+// Note: web page will only render after a sample has been recorded
+// #2 curl http://localhost:8888/debug/pprof/heap > heap.pprof && go tool pprof heap.pprof
+func (s *APIServer) setupPprof() {
+ if s.PProfAddr == "" {
+ return
+ }
+
+ logrus.Infof("pprof service listening on %q", s.PProfAddr)
+ go func() {
+ old := runtime.SetMutexProfileFraction(1)
+ defer runtime.SetMutexProfileFraction(old)
+
+ runtime.SetBlockProfileRate(1)
+ defer runtime.SetBlockProfileRate(0)
+
+ router := mux.NewRouter()
+ router.PathPrefix("/debug/pprof/").HandlerFunc(pprof.Index)
+
+ err := http.ListenAndServe(s.PProfAddr, router)
+ if err != nil && err != http.ErrServerClosed {
+ logrus.Warnf("pprof service failed: %v", err)
+ }
+ }()
+}
+
// Shutdown is a clean shutdown waiting on existing clients
-func (s *APIServer) Shutdown() error {
- if s.idleTracker.Duration == UnlimitedServiceDuration {
- logrus.Debug("API service shutdown ignored as Duration is UnlimitedService")
+func (s *APIServer) Shutdown(halt bool) error {
+ if s.idleTracker.Duration == UnlimitedServiceDuration && !halt {
+ logrus.Debug("API service shutdown request ignored as Duration is UnlimitedService")
return nil
}
@@ -266,17 +282,6 @@ func (s *APIServer) Shutdown() error {
_, file, line, _ := runtime.Caller(1)
logrus.Debugf("API service shutdown by %s:%d, %d/%d connection(s)",
file, line, s.idleTracker.ActiveConnections(), s.idleTracker.TotalConnections())
-
- go func() {
- ctx, cancel := context.WithTimeout(context.Background(), s.idleTracker.Duration)
- go func() {
- defer cancel()
- if err := s.pprof.Shutdown(ctx); err != nil {
- logrus.Warnf("Failed to cleanly shutdown API pprof service: %v", err)
- }
- }()
- <-ctx.Done()
- }()
}
// Gracefully shutdown server(s), duration of wait same as idle window
diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go
index af4b0fc35..715d8acaf 100644
--- a/pkg/domain/entities/play.go
+++ b/pkg/domain/entities/play.go
@@ -17,6 +17,8 @@ type PlayKubeOptions struct {
// Down indicates whether to bring contents of a yaml file "down"
// as in stop
Down bool
+ // Replace indicates whether to delete and recreate a yaml file
+ Replace bool
// Do not create /etc/hosts within the pod's containers,
// instead use the version from the image
NoHosts bool
diff --git a/pkg/domain/entities/system.go b/pkg/domain/entities/system.go
index cca4bf44e..fe041dec8 100644
--- a/pkg/domain/entities/system.go
+++ b/pkg/domain/entities/system.go
@@ -6,15 +6,14 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities/reports"
"github.com/containers/podman/v3/pkg/domain/entities/types"
- "github.com/spf13/cobra"
)
-// ServiceOptions provides the input for starting an API Service
+// ServiceOptions provides the input for starting an API and sidecar pprof services
type ServiceOptions struct {
- URI string // Path to unix domain socket service should listen on
- Timeout time.Duration // duration of inactivity the service should wait before shutting down
- Command *cobra.Command // CLI command provided. Used in V1 code
- CorsHeaders string // CORS headers
+ CorsHeaders string // Cross-Origin Resource Sharing (CORS) headers
+ PProfAddr string // Network address to bind pprof profiles service
+ Timeout time.Duration // Duration of inactivity the service should wait before shutting down
+ URI string // Path to unix domain socket service should listen on
}
// SystemPruneOptions provides options to prune system.
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go
index c06059205..8a0b87cab 100644
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@@ -252,6 +252,8 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, options entiti
func (ir *ImageEngine) Inspect(ctx context.Context, namesOrIDs []string, opts entities.InspectOptions) ([]*entities.ImageInspectReport, []error, error) {
reports := []*entities.ImageInspectReport{}
errs := []error{}
+
+ inspectOptions := &libimage.InspectOptions{WithParent: true, WithSize: true}
for _, i := range namesOrIDs {
img, _, err := ir.Libpod.LibimageRuntime().LookupImage(i, nil)
if err != nil {
@@ -259,7 +261,7 @@ func (ir *ImageEngine) Inspect(ctx context.Context, namesOrIDs []string, opts en
errs = append(errs, err)
continue
}
- result, err := img.Inspect(ctx, true)
+ result, err := img.Inspect(ctx, inspectOptions)
if err != nil {
// This is more likely to be fatal.
return nil, nil, err
diff --git a/pkg/hooks/docs/oci-hooks.5.md b/pkg/hooks/docs/oci-hooks.5.md
index d6b866231..9a1a35682 100644
--- a/pkg/hooks/docs/oci-hooks.5.md
+++ b/pkg/hooks/docs/oci-hooks.5.md
@@ -1,4 +1,4 @@
-% oci-hooks(5) OCI Hooks Configuration
+% oci-hooks 5 OCI Hooks Configuration
% W. Trevor King
% MAY 2018
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
index f126aa018..002b4ace3 100644
--- a/pkg/specgen/generate/container.go
+++ b/pkg/specgen/generate/container.go
@@ -26,7 +26,7 @@ func getImageFromSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGen
// Image may already have been set in the generator.
image, resolvedName := s.GetImage()
if image != nil {
- inspectData, err := image.Inspect(ctx, false)
+ inspectData, err := image.Inspect(ctx, nil)
if err != nil {
return nil, "", nil, err
}
@@ -39,7 +39,7 @@ func getImageFromSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGen
return nil, "", nil, err
}
s.SetImage(image, resolvedName)
- inspectData, err := image.Inspect(ctx, false)
+ inspectData, err := image.Inspect(ctx, nil)
if err != nil {
return nil, "", nil, err
}
@@ -55,7 +55,7 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat
return nil, err
}
if inspectData != nil {
- inspectData, err = newImage.Inspect(ctx, false)
+ inspectData, err = newImage.Inspect(ctx, nil)
if err != nil {
return nil, err
}
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index 194c8dce5..e93462008 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -194,7 +194,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
// TODO: We don't understand why specgen does not take of this, but
// integration tests clearly pointed out that it was required.
- imageData, err := opts.Image.Inspect(ctx, false)
+ imageData, err := opts.Image.Inspect(ctx, nil)
if err != nil {
return nil, err
}
diff --git a/pkg/specgen/generate/storage.go b/pkg/specgen/generate/storage.go
index de655ad7d..3fde1a1b4 100644
--- a/pkg/specgen/generate/storage.go
+++ b/pkg/specgen/generate/storage.go
@@ -208,7 +208,7 @@ func getImageVolumes(ctx context.Context, img *libimage.Image, s *specgen.SpecGe
return mounts, volumes, nil
}
- inspect, err := img.Inspect(ctx, false)
+ inspect, err := img.Inspect(ctx, nil)
if err != nil {
return nil, nil, errors.Wrapf(err, "error inspecting image to get image volumes")
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-04 06:17:38 +0000