1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
package libpod
import (
"context"
"path/filepath"
"strings"
"time"
"github.com/containers/storage"
"github.com/docker/docker/pkg/stringid"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
// Creates a new, empty pod
func newPod(lockDir string, runtime *Runtime) (*Pod, error) {
pod := new(Pod)
pod.config = new(PodConfig)
pod.config.ID = stringid.GenerateNonCryptoID()
pod.config.Labels = make(map[string]string)
pod.config.CreatedTime = time.Now()
pod.state = new(podState)
pod.runtime = runtime
// Path our lock file will reside at
lockPath := filepath.Join(lockDir, pod.config.ID)
// Grab a lockfile at the given path
lock, err := storage.GetLockfile(lockPath)
if err != nil {
return nil, errors.Wrapf(err, "error creating lockfile for new pod")
}
pod.lock = lock
return pod, nil
}
// Update pod state from database
func (p *Pod) updatePod() error {
if err := p.runtime.state.UpdatePod(p); err != nil {
return err
}
return nil
}
// Save pod state to database
func (p *Pod) save() error {
if err := p.runtime.state.SavePod(p); err != nil {
return errors.Wrapf(err, "error saving pod %s state")
}
return nil
}
// Refresh a pod's state after restart
func (p *Pod) refresh() error {
// Need to to an update from the DB to pull potentially-missing state
if err := p.runtime.state.UpdatePod(p); err != nil {
return err
}
if !p.valid {
return ErrPodRemoved
}
// We need to recreate the pod's cgroup
if p.config.UsePodCgroup {
switch p.runtime.config.CgroupManager {
case SystemdCgroupsManager:
// NOOP for now, until proper systemd cgroup management
// is implemented
case CgroupfsCgroupsManager:
p.state.CgroupPath = filepath.Join(p.config.CgroupParent, p.ID())
logrus.Debugf("setting pod cgroup to %s", p.state.CgroupPath)
default:
return errors.Wrapf(ErrInvalidArg, "unknown cgroups manager %s specified", p.runtime.config.CgroupManager)
}
}
// Save changes
return p.save()
}
// Visit a node on a container graph and start the container, or set an error if
// a dependency failed to start. if restart is true, startNode will restart the node instead of starting it.
func startNode(ctx context.Context, node *containerNode, setError bool, ctrErrors map[string]error, ctrsVisited map[string]bool, restart bool) {
// First, check if we have already visited the node
if ctrsVisited[node.id] {
return
}
// If setError is true, a dependency of us failed
// Mark us as failed and recurse
if setError {
// Mark us as visited, and set an error
ctrsVisited[node.id] = true
ctrErrors[node.id] = errors.Wrapf(ErrCtrStateInvalid, "a dependency of container %s failed to start", node.id)
// Hit anyone who depends on us, and set errors on them too
for _, successor := range node.dependedOn {
startNode(ctx, successor, true, ctrErrors, ctrsVisited, restart)
}
return
}
// Have all our dependencies started?
// If not, don't visit the node yet
depsVisited := true
for _, dep := range node.dependsOn {
depsVisited = depsVisited && ctrsVisited[dep.id]
}
if !depsVisited {
// Don't visit us yet, all dependencies are not up
// We'll hit the dependencies eventually, and when we do it will
// recurse here
return
}
// Going to try to start the container, mark us as visited
ctrsVisited[node.id] = true
ctrErrored := false
// Check if dependencies are running
// Graph traversal means we should have started them
// But they could have died before we got here
// Does not require that the container be locked, we only need to lock
// the dependencies
depsStopped, err := node.container.checkDependenciesRunning()
if err != nil {
ctrErrors[node.id] = err
ctrErrored = true
} else if len(depsStopped) > 0 {
// Our dependencies are not running
depsList := strings.Join(depsStopped, ",")
ctrErrors[node.id] = errors.Wrapf(ErrCtrStateInvalid, "the following dependencies of container %s are not running: %s", node.id, depsList)
ctrErrored = true
}
// Lock before we start
node.container.lock.Lock()
// Sync the container to pick up current state
if !ctrErrored {
if err := node.container.syncContainer(); err != nil {
ctrErrored = true
ctrErrors[node.id] = err
}
}
// Start the container (only if it is not running)
if !ctrErrored {
if !restart && node.container.state.State != ContainerStateRunning {
if err := node.container.initAndStart(ctx); err != nil {
ctrErrored = true
ctrErrors[node.id] = err
}
}
if restart && node.container.state.State != ContainerStatePaused && node.container.state.State != ContainerStateUnknown {
if err := node.container.restartWithTimeout(ctx, node.container.config.StopTimeout); err != nil {
ctrErrored = true
ctrErrors[node.id] = err
}
}
}
node.container.lock.Unlock()
// Recurse to anyone who depends on us and start them
for _, successor := range node.dependedOn {
startNode(ctx, successor, ctrErrored, ctrErrors, ctrsVisited, restart)
}
return
}
|