2017-11-01 15:24:59 +00:00
|
|
|
package libpod
|
|
|
|
|
|
|
|
|
|
import (
|
2018-06-01 11:25:19 +00:00
|
|
|
"fmt"
|
2018-02-28 20:06:05 +00:00
|
|
|
"io/ioutil"
|
2017-11-01 15:24:59 +00:00
|
|
|
"os"
|
2018-08-30 16:26:41 +00:00
|
|
|
"os/exec"
|
2017-11-09 18:51:20 +00:00
|
|
|
"path/filepath"
|
2017-11-01 15:24:59 +00:00
|
|
|
"sync"
|
2018-06-01 11:25:19 +00:00
|
|
|
"syscall"
|
2017-11-01 15:24:59 +00:00
|
|
|
|
2018-02-28 20:06:05 +00:00
|
|
|
"github.com/BurntSushi/toml"
|
2017-11-01 15:24:59 +00:00
|
|
|
is "github.com/containers/image/storage"
|
|
|
|
|
"github.com/containers/image/types"
|
2018-08-16 10:41:15 +00:00
|
|
|
"github.com/containers/libpod/libpod/image"
|
2018-09-09 17:16:34 +00:00
|
|
|
"github.com/containers/libpod/pkg/firewall"
|
2018-08-16 10:41:15 +00:00
|
|
|
"github.com/containers/libpod/pkg/hooks"
|
|
|
|
|
sysreg "github.com/containers/libpod/pkg/registries"
|
|
|
|
|
"github.com/containers/libpod/pkg/rootless"
|
2017-11-01 15:24:59 +00:00
|
|
|
"github.com/containers/storage"
|
2017-11-30 19:25:00 +00:00
|
|
|
"github.com/cri-o/ocicni/pkg/ocicni"
|
2018-03-18 00:08:27 +00:00
|
|
|
"github.com/docker/docker/pkg/namesgenerator"
|
2017-11-01 15:24:59 +00:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
"github.com/ulule/deepcopier"
|
|
|
|
|
)
|
|
|
|
|
|
2018-01-03 21:27:33 +00:00
|
|
|
// RuntimeStateStore is a constant indicating which state store implementation
|
|
|
|
|
// should be used by libpod
|
|
|
|
|
type RuntimeStateStore int
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
// InvalidStateStore is an invalid state store
|
|
|
|
|
InvalidStateStore RuntimeStateStore = iota
|
|
|
|
|
// InMemoryStateStore is an in-memory state that will not persist data
|
|
|
|
|
// on containers and pods between libpod instances or after system
|
|
|
|
|
// reboot
|
|
|
|
|
InMemoryStateStore RuntimeStateStore = iota
|
|
|
|
|
// SQLiteStateStore is a state backed by a SQLite database
|
2018-03-26 15:40:57 +00:00
|
|
|
// It is presently disabled
|
2018-01-03 21:27:33 +00:00
|
|
|
SQLiteStateStore RuntimeStateStore = iota
|
2017-12-14 03:02:15 +00:00
|
|
|
// BoltDBStateStore is a state backed by a BoltDB database
|
|
|
|
|
BoltDBStateStore RuntimeStateStore = iota
|
|
|
|
|
|
2018-01-17 16:03:07 +00:00
|
|
|
// SeccompDefaultPath defines the default seccomp path
|
|
|
|
|
SeccompDefaultPath = "/usr/share/containers/seccomp.json"
|
|
|
|
|
// SeccompOverridePath if this exists it overrides the default seccomp path
|
|
|
|
|
SeccompOverridePath = "/etc/crio/seccomp.json"
|
2018-03-01 16:56:22 +00:00
|
|
|
|
|
|
|
|
// ConfigPath is the path to the libpod configuration file
|
|
|
|
|
// This file is loaded to replace the builtin default config before
|
|
|
|
|
// runtime options (e.g. WithStorageConfig) are applied.
|
|
|
|
|
// If it is not present, the builtin default config is used instead
|
|
|
|
|
// This path can be overridden when the runtime is created by using
|
|
|
|
|
// NewRuntimeFromConfig() instead of NewRuntime()
|
2018-03-01 20:33:04 +00:00
|
|
|
ConfigPath = "/usr/share/containers/libpod.conf"
|
|
|
|
|
// OverrideConfigPath is the path to an override for the default libpod
|
|
|
|
|
// configuration file. If OverrideConfigPath exists, it will be used in
|
|
|
|
|
// place of the configuration file pointed to by ConfigPath.
|
|
|
|
|
OverrideConfigPath = "/etc/containers/libpod.conf"
|
2018-07-27 17:58:50 +00:00
|
|
|
|
2018-08-17 14:36:51 +00:00
|
|
|
// DefaultInfraImage to use for infra container
|
|
|
|
|
DefaultInfraImage = "k8s.gcr.io/pause:3.1"
|
|
|
|
|
// DefaultInfraCommand to be run in an infra container
|
|
|
|
|
DefaultInfraCommand = "/pause"
|
2018-01-03 21:27:33 +00:00
|
|
|
)
|
|
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// A RuntimeOption is a functional option which alters the Runtime created by
|
|
|
|
|
// NewRuntime
|
|
|
|
|
type RuntimeOption func(*Runtime) error
|
|
|
|
|
|
|
|
|
|
// Runtime is the core libpod runtime
|
|
|
|
|
type Runtime struct {
|
2018-09-09 17:16:34 +00:00
|
|
|
config *RuntimeConfig
|
|
|
|
|
state State
|
|
|
|
|
store storage.Store
|
|
|
|
|
storageService *storageService
|
|
|
|
|
imageContext *types.SystemContext
|
|
|
|
|
ociRuntime *OCIRuntime
|
|
|
|
|
lockDir string
|
|
|
|
|
netPlugin ocicni.CNIPlugin
|
|
|
|
|
ociRuntimePath string
|
|
|
|
|
conmonPath string
|
|
|
|
|
valid bool
|
|
|
|
|
lock sync.RWMutex
|
|
|
|
|
imageRuntime *image.Runtime
|
|
|
|
|
firewallBackend firewall.FirewallBackend
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RuntimeConfig contains configuration options used to set up the runtime
|
|
|
|
|
type RuntimeConfig struct {
|
2018-02-28 20:06:05 +00:00
|
|
|
// StorageConfig is the configuration used by containers/storage
|
|
|
|
|
// Not included in on-disk config, use the dedicated containers/storage
|
|
|
|
|
// configuration file instead
|
|
|
|
|
StorageConfig storage.StoreOptions `toml:"-"`
|
|
|
|
|
// ImageDefaultTransport is the default transport method used to fetch
|
|
|
|
|
// images
|
|
|
|
|
ImageDefaultTransport string `toml:"image_default_transport"`
|
|
|
|
|
// SignaturePolicyPath is the path to a signature policy to use for
|
2018-03-02 04:59:41 +00:00
|
|
|
// validating images
|
2018-02-28 20:06:05 +00:00
|
|
|
// If left empty, the containers/image default signature policy will
|
|
|
|
|
// be used
|
|
|
|
|
SignaturePolicyPath string `toml:"signature_policy_path,omitempty"`
|
|
|
|
|
// StateType is the type of the backing state store.
|
|
|
|
|
// Avoid using multiple values for this with the same containers/storage
|
|
|
|
|
// configuration on the same system. Different state types do not
|
|
|
|
|
// interact, and each will see a separate set of containers, which may
|
|
|
|
|
// cause conflicts in containers/storage
|
|
|
|
|
// As such this is not exposed via the config file
|
|
|
|
|
StateType RuntimeStateStore `toml:"-"`
|
|
|
|
|
// RuntimePath is the path to OCI runtime binary for launching
|
|
|
|
|
// containers
|
|
|
|
|
// The first path pointing to a valid file will be used
|
|
|
|
|
RuntimePath []string `toml:"runtime_path"`
|
|
|
|
|
// ConmonPath is the path to the Conmon binary used for managing
|
|
|
|
|
// containers
|
|
|
|
|
// The first path pointing to a valid file will be used
|
|
|
|
|
ConmonPath []string `toml:"conmon_path"`
|
|
|
|
|
// ConmonEnvVars are environment variables to pass to the Conmon binary
|
|
|
|
|
// when it is launched
|
|
|
|
|
ConmonEnvVars []string `toml:"conmon_env_vars"`
|
|
|
|
|
// CGroupManager is the CGroup Manager to use
|
|
|
|
|
// Valid values are "cgroupfs" and "systemd"
|
|
|
|
|
CgroupManager string `toml:"cgroup_manager"`
|
|
|
|
|
// StaticDir is the path to a persistent directory to store container
|
|
|
|
|
// files
|
|
|
|
|
StaticDir string `toml:"static_dir"`
|
|
|
|
|
// TmpDir is the path to a temporary directory to store per-boot
|
|
|
|
|
// container files
|
|
|
|
|
// Must be stored in a tmpfs
|
|
|
|
|
TmpDir string `toml:"tmp_dir"`
|
|
|
|
|
// MaxLogSize is the maximum size of container logfiles
|
|
|
|
|
MaxLogSize int64 `toml:"max_log_size,omitempty"`
|
|
|
|
|
// NoPivotRoot sets whether to set no-pivot-root in the OCI runtime
|
|
|
|
|
NoPivotRoot bool `toml:"no_pivot_root"`
|
|
|
|
|
// CNIConfigDir sets the directory where CNI configuration files are
|
|
|
|
|
// stored
|
|
|
|
|
CNIConfigDir string `toml:"cni_config_dir"`
|
|
|
|
|
// CNIPluginDir sets a number of directories where the CNI network
|
|
|
|
|
// plugins can be located
|
|
|
|
|
CNIPluginDir []string `toml:"cni_plugin_dir"`
|
2018-07-12 14:51:31 +00:00
|
|
|
// CNIDefaultNetwork is the network name of the default CNI network
|
|
|
|
|
// to attach pods to
|
|
|
|
|
CNIDefaultNetwork string `toml:"cni_default_network,omitempty"`
|
2018-09-11 14:52:38 +00:00
|
|
|
// HooksDir Path to the directory containing hooks configuration files
|
2018-09-17 13:33:11 +00:00
|
|
|
HooksDir []string `toml:"hooks_dir"`
|
2018-06-26 03:39:11 +00:00
|
|
|
// HooksDirNotExistFatal switches between fatal errors and non-fatal
|
|
|
|
|
// warnings if the configured HooksDir does not exist.
|
libpod: Add HooksDirNotExistFatal
And add an argument to WithHooksDir to set it.
If the hook dir doesn't exist, the new hooks package considers that a
fatal error. When a podman caller sets
--hooks-dir-path=/some/typoed/directory, a fatal error is more helpful
than silently not loading any hooks. However, callers who call podman
without setting --hooks-dir-path may not need hooks at all. We don't
want to pester those callers with not-exist errors. With this commit,
we:
* Assume the caller knows what they're doing if they set
--hooks-dir-path and set HooksDirNotExistFatal.
* If the caller does not explicitly set --hooks-dir-path, assume they
won't mind if the hook directory is missing and set
HooksDirNotExistFatal false.
We also considered checking for the directory's existence in the code
calling WithHooksDir or from within WithHooksDir, but checks there
would race with the underlying ioutil.ReadDir in the hooks package.
By pushing the warn/error decision down into libpod's implementation,
we avoid a racy "do we expect this to work once libpod gets to it?"
pre-check.
I've also added a check to error if WithHooksDir is called with an
empty-string argument, because we haven't defined the semantics of
that (is it clearing a previous value? Is it effectively the same as
the current directory?). I agree with Matthew that a separate
WithNoHooks, or a *string argument to WithHooks, or some such would be
a better API for clearing previous values [1]. But for now, I'm just
erroring out to fail early for callers who might otherwise be
surprised that libpod ignores empty-string HooksDir.
[1]: https://github.com/projectatomic/libpod/pull/686#issuecomment-385119370
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #686
Approved by: mheon
2018-04-27 21:41:42 +00:00
|
|
|
HooksDirNotExistFatal bool `toml:"hooks_dir_not_exist_fatal"`
|
2018-06-26 03:39:11 +00:00
|
|
|
// DefaultMountsFile is the path to the default mounts file for testing
|
|
|
|
|
// purposes only
|
2018-04-26 20:41:06 +00:00
|
|
|
DefaultMountsFile string `toml:"-"`
|
2018-06-26 03:39:11 +00:00
|
|
|
// Namespace is the libpod namespace to use.
|
|
|
|
|
// Namespaces are used to create scopes to separate containers and pods
|
|
|
|
|
// in the state.
|
|
|
|
|
// When namespace is set, libpod will only view containers and pods in
|
|
|
|
|
// the same namespace. All containers and pods created will default to
|
|
|
|
|
// the namespace set here.
|
|
|
|
|
// A namespace of "", the empty string, is equivalent to no namespace,
|
|
|
|
|
// and all containers and pods will be visible.
|
|
|
|
|
// The default namespace is "".
|
|
|
|
|
Namespace string `toml:"namespace,omitempty"`
|
2018-08-17 14:36:51 +00:00
|
|
|
// InfraImage is the image a pod infra container will use to manage namespaces
|
|
|
|
|
InfraImage string `toml:"infra_image"`
|
|
|
|
|
// InfraCommand is the command run to start up a pod infra container
|
|
|
|
|
InfraCommand string `toml:"infra_command"`
|
2018-09-13 18:42:47 +00:00
|
|
|
// EnablePortReservation determines whether libpod will reserve ports on
|
|
|
|
|
// the host when they are forwarded to containers.
|
|
|
|
|
// When enabled, when ports are forwarded to containers, they are
|
|
|
|
|
// held open by conmon as long as the container is running, ensuring
|
|
|
|
|
// that they cannot be reused by other programs on the host.
|
|
|
|
|
// However, this can cause significant memory usage if a container has
|
|
|
|
|
// many ports forwarded to it. Disabling this can save memory.
|
|
|
|
|
EnablePortReservation bool `toml:"enable_port_reservation"`
|
2018-09-18 13:06:40 +00:00
|
|
|
// EnableLabeling indicates wether libpod will support container labeling
|
|
|
|
|
EnableLabeling bool `toml:"label"`
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
defaultRuntimeConfig = RuntimeConfig{
|
|
|
|
|
// Leave this empty so containers/storage will use its defaults
|
|
|
|
|
StorageConfig: storage.StoreOptions{},
|
2017-11-14 14:55:00 +00:00
|
|
|
ImageDefaultTransport: DefaultTransport,
|
2017-12-14 03:02:15 +00:00
|
|
|
StateType: BoltDBStateStore,
|
2018-02-28 03:31:18 +00:00
|
|
|
RuntimePath: []string{
|
|
|
|
|
"/usr/bin/runc",
|
|
|
|
|
"/usr/sbin/runc",
|
|
|
|
|
"/sbin/runc",
|
|
|
|
|
"/bin/runc",
|
|
|
|
|
"/usr/lib/cri-o-runc/sbin/runc",
|
|
|
|
|
},
|
|
|
|
|
ConmonPath: []string{
|
2018-06-01 11:07:35 +00:00
|
|
|
"/usr/libexec/podman/conmon",
|
2018-02-28 03:31:18 +00:00
|
|
|
"/usr/libexec/crio/conmon",
|
|
|
|
|
"/usr/local/libexec/crio/conmon",
|
|
|
|
|
"/usr/bin/conmon",
|
|
|
|
|
"/usr/sbin/conmon",
|
|
|
|
|
"/usr/lib/crio/bin/conmon",
|
|
|
|
|
},
|
2017-11-01 15:24:59 +00:00
|
|
|
ConmonEnvVars: []string{
|
|
|
|
|
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
|
|
|
|
|
},
|
2018-09-13 18:42:47 +00:00
|
|
|
CgroupManager: SystemdCgroupsManager,
|
2018-09-17 13:33:11 +00:00
|
|
|
HooksDir: []string{hooks.DefaultDir, hooks.OverrideDir},
|
2018-09-13 18:42:47 +00:00
|
|
|
StaticDir: filepath.Join(storage.DefaultStoreOptions.GraphRoot, "libpod"),
|
|
|
|
|
TmpDir: "",
|
|
|
|
|
MaxLogSize: -1,
|
|
|
|
|
NoPivotRoot: false,
|
|
|
|
|
CNIConfigDir: "/etc/cni/net.d/",
|
|
|
|
|
CNIPluginDir: []string{"/usr/libexec/cni", "/usr/lib/cni", "/opt/cni/bin"},
|
|
|
|
|
InfraCommand: DefaultInfraCommand,
|
|
|
|
|
InfraImage: DefaultInfraImage,
|
|
|
|
|
EnablePortReservation: true,
|
2018-09-18 13:06:40 +00:00
|
|
|
EnableLabeling: true,
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
2018-06-01 11:25:19 +00:00
|
|
|
// GetRootlessRuntimeDir returns the runtime directory when running as non root
|
2018-07-11 07:38:04 +00:00
|
|
|
func GetRootlessRuntimeDir() (string, error) {
|
2018-06-01 11:25:19 +00:00
|
|
|
runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
|
2018-07-05 10:03:28 +00:00
|
|
|
uid := fmt.Sprintf("%d", rootless.GetRootlessUID())
|
2018-06-01 11:25:19 +00:00
|
|
|
if runtimeDir == "" {
|
2018-07-05 10:03:28 +00:00
|
|
|
tmpDir := filepath.Join("/run", "user", uid)
|
|
|
|
|
os.MkdirAll(tmpDir, 0700)
|
|
|
|
|
st, err := os.Stat(tmpDir)
|
|
|
|
|
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Getuid() && st.Mode().Perm() == 0700 {
|
|
|
|
|
runtimeDir = tmpDir
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if runtimeDir == "" {
|
|
|
|
|
tmpDir := filepath.Join(os.TempDir(), "user", uid)
|
2018-06-01 11:25:19 +00:00
|
|
|
os.MkdirAll(tmpDir, 0700)
|
|
|
|
|
st, err := os.Stat(tmpDir)
|
|
|
|
|
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Getuid() && st.Mode().Perm() == 0700 {
|
|
|
|
|
runtimeDir = tmpDir
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if runtimeDir == "" {
|
2018-07-11 07:38:04 +00:00
|
|
|
home := os.Getenv("HOME")
|
|
|
|
|
if home == "" {
|
|
|
|
|
return "", fmt.Errorf("neither XDG_RUNTIME_DIR nor HOME was set non-empty")
|
|
|
|
|
}
|
|
|
|
|
resolvedHome, err := filepath.EvalSymlinks(home)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", errors.Wrapf(err, "cannot resolve %s", home)
|
|
|
|
|
}
|
|
|
|
|
runtimeDir = filepath.Join(resolvedHome, "rundir")
|
2018-06-01 11:25:19 +00:00
|
|
|
}
|
2018-07-11 07:38:04 +00:00
|
|
|
return runtimeDir, nil
|
2018-06-01 11:25:19 +00:00
|
|
|
}
|
|
|
|
|
|
2018-07-11 07:38:04 +00:00
|
|
|
func getDefaultTmpDir() (string, error) {
|
2018-06-11 14:03:34 +00:00
|
|
|
if !rootless.IsRootless() {
|
2018-07-11 07:38:04 +00:00
|
|
|
return "/var/run/libpod", nil
|
2018-06-01 11:25:19 +00:00
|
|
|
}
|
|
|
|
|
|
2018-07-11 07:38:04 +00:00
|
|
|
rootlessRuntimeDir, err := GetRootlessRuntimeDir()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
return filepath.Join(rootlessRuntimeDir, "libpod", "tmp"), nil
|
2018-06-01 11:25:19 +00:00
|
|
|
}
|
|
|
|
|
|
2018-10-03 08:41:47 +00:00
|
|
|
// SetXdgRuntimeDir ensures the XDG_RUNTIME_DIR env variable is set
|
|
|
|
|
// containers/image uses XDG_RUNTIME_DIR to locate the auth file.
|
|
|
|
|
func SetXdgRuntimeDir(val string) error {
|
|
|
|
|
if !rootless.IsRootless() {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
if val == "" {
|
|
|
|
|
var err error
|
|
|
|
|
val, err = GetRootlessRuntimeDir()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if err := os.Setenv("XDG_RUNTIME_DIR", val); err != nil {
|
|
|
|
|
return errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR")
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// NewRuntime creates a new container runtime
|
|
|
|
|
// Options can be passed to override the default configuration for the runtime
|
|
|
|
|
func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
|
|
|
|
|
runtime = new(Runtime)
|
|
|
|
|
runtime.config = new(RuntimeConfig)
|
|
|
|
|
|
|
|
|
|
// Copy the default configuration
|
2018-07-11 07:38:04 +00:00
|
|
|
tmpDir, err := getDefaultTmpDir()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2017-11-01 15:24:59 +00:00
|
|
|
deepcopier.Copy(defaultRuntimeConfig).To(runtime.config)
|
2018-07-11 07:38:04 +00:00
|
|
|
runtime.config.TmpDir = tmpDir
|
2017-11-01 15:24:59 +00:00
|
|
|
|
2018-03-01 20:33:04 +00:00
|
|
|
configPath := ConfigPath
|
|
|
|
|
foundConfig := true
|
2018-06-11 14:03:34 +00:00
|
|
|
if rootless.IsRootless() {
|
2018-08-24 12:48:49 +00:00
|
|
|
home := os.Getenv("HOME")
|
|
|
|
|
if runtime.config.SignaturePolicyPath == "" {
|
|
|
|
|
newPath := filepath.Join(home, ".config/containers/policy.json")
|
|
|
|
|
if _, err := os.Stat(newPath); err == nil {
|
|
|
|
|
runtime.config.SignaturePolicyPath = newPath
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
configPath = filepath.Join(home, ".config/containers/libpod.conf")
|
2018-06-26 13:58:10 +00:00
|
|
|
if _, err := os.Stat(configPath); err != nil {
|
|
|
|
|
foundConfig = false
|
|
|
|
|
}
|
2018-07-05 09:37:15 +00:00
|
|
|
|
2018-07-11 07:38:04 +00:00
|
|
|
runtimeDir, err := GetRootlessRuntimeDir()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-05 09:37:15 +00:00
|
|
|
// containers/image uses XDG_RUNTIME_DIR to locate the auth file.
|
|
|
|
|
// So make sure the env variable is set.
|
2018-10-03 08:41:47 +00:00
|
|
|
err = SetXdgRuntimeDir(runtimeDir)
|
2018-07-05 09:37:15 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR")
|
|
|
|
|
}
|
|
|
|
|
|
2018-06-01 11:13:48 +00:00
|
|
|
} else if _, err := os.Stat(OverrideConfigPath); err == nil {
|
2018-03-01 20:33:04 +00:00
|
|
|
// Use the override configuration path
|
|
|
|
|
configPath = OverrideConfigPath
|
|
|
|
|
} else if _, err := os.Stat(ConfigPath); err != nil {
|
|
|
|
|
// Both stat checks failed, no config found
|
|
|
|
|
foundConfig = false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If we have a valid configuration file, load it in
|
|
|
|
|
if foundConfig {
|
|
|
|
|
contents, err := ioutil.ReadFile(configPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
|
|
|
|
|
}
|
|
|
|
|
if _, err := toml.Decode(string(contents), runtime.config); err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error decoding configuration file %s", configPath)
|
2018-03-01 16:56:22 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Overwrite config with user-given configuration options
|
|
|
|
|
for _, opt := range options {
|
|
|
|
|
if err := opt(runtime); err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error configuring runtime")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if err := makeRuntime(runtime); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return runtime, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewRuntimeFromConfig creates a new container runtime using the given
|
|
|
|
|
// configuration file for its default configuration. Passed RuntimeOption
|
|
|
|
|
// functions can be used to mutate this configuration further.
|
|
|
|
|
// An error will be returned if the configuration file at the given path does
|
|
|
|
|
// not exist or cannot be loaded
|
|
|
|
|
func NewRuntimeFromConfig(configPath string, options ...RuntimeOption) (runtime *Runtime, err error) {
|
|
|
|
|
runtime = new(Runtime)
|
|
|
|
|
runtime.config = new(RuntimeConfig)
|
|
|
|
|
|
|
|
|
|
// Set two fields not in the TOML config
|
|
|
|
|
runtime.config.StateType = defaultRuntimeConfig.StateType
|
|
|
|
|
runtime.config.StorageConfig = storage.StoreOptions{}
|
|
|
|
|
|
|
|
|
|
// Check to see if the given configuration file exists
|
|
|
|
|
if _, err := os.Stat(configPath); err != nil {
|
2018-03-02 04:59:41 +00:00
|
|
|
return nil, errors.Wrapf(err, "error checking existence of configuration file %s", configPath)
|
2018-03-01 16:56:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Read contents of the config file
|
|
|
|
|
contents, err := ioutil.ReadFile(configPath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error reading configuration file %s", configPath)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Decode configuration file
|
|
|
|
|
if _, err := toml.Decode(string(contents), runtime.config); err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error decoding configuration from file %s", configPath)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Overwrite the config with user-given configuration options
|
2017-11-01 15:24:59 +00:00
|
|
|
for _, opt := range options {
|
|
|
|
|
if err := opt(runtime); err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error configuring runtime")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-01 16:56:22 +00:00
|
|
|
if err := makeRuntime(runtime); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return runtime, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Make a new runtime based on the given configuration
|
|
|
|
|
// Sets up containers/storage, state store, OCI runtime
|
2018-06-22 09:29:56 +00:00
|
|
|
func makeRuntime(runtime *Runtime) (err error) {
|
2018-02-28 03:31:18 +00:00
|
|
|
// Find a working OCI runtime binary
|
|
|
|
|
foundRuntime := false
|
|
|
|
|
for _, path := range runtime.config.RuntimePath {
|
|
|
|
|
stat, err := os.Stat(path)
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if stat.IsDir() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
foundRuntime = true
|
|
|
|
|
runtime.ociRuntimePath = path
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
if !foundRuntime {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(ErrInvalidArg,
|
2018-10-01 09:15:25 +00:00
|
|
|
"could not find a working binary (configured options: %v)",
|
2018-02-28 03:31:18 +00:00
|
|
|
runtime.config.RuntimePath)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Find a working conmon binary
|
|
|
|
|
foundConmon := false
|
|
|
|
|
for _, path := range runtime.config.ConmonPath {
|
|
|
|
|
stat, err := os.Stat(path)
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if stat.IsDir() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
foundConmon = true
|
|
|
|
|
runtime.conmonPath = path
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
if !foundConmon {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(ErrInvalidArg,
|
2018-02-28 03:31:18 +00:00
|
|
|
"could not find a working conmon binary (configured options: %v)",
|
2018-03-01 17:00:55 +00:00
|
|
|
runtime.config.ConmonPath)
|
2018-01-30 15:31:16 +00:00
|
|
|
}
|
|
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// Set up containers/storage
|
2018-08-23 21:02:04 +00:00
|
|
|
var store storage.Store
|
|
|
|
|
if rootless.SkipStorageSetup() {
|
|
|
|
|
logrus.Debug("Not configuring container store")
|
|
|
|
|
} else {
|
|
|
|
|
store, err = storage.GetStore(runtime.config.StorageConfig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
2018-03-15 15:06:49 +00:00
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
runtime.store = store
|
|
|
|
|
is.Transport.SetStore(store)
|
2018-03-15 15:06:49 +00:00
|
|
|
|
|
|
|
|
// Set up image runtime and store in runtime
|
|
|
|
|
ir := image.NewImageRuntimeFromStore(runtime.store)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
runtime.imageRuntime = ir
|
|
|
|
|
|
|
|
|
|
// Setting signaturepolicypath
|
|
|
|
|
ir.SignaturePolicyPath = runtime.config.SignaturePolicyPath
|
2017-11-01 15:24:59 +00:00
|
|
|
defer func() {
|
2018-08-23 21:02:04 +00:00
|
|
|
if err != nil && store != nil {
|
2017-11-01 15:24:59 +00:00
|
|
|
// Don't forcibly shut down
|
|
|
|
|
// We could be opening a store in use by another libpod
|
2017-11-09 19:51:45 +00:00
|
|
|
_, err2 := store.Shutdown(false)
|
2017-11-01 15:24:59 +00:00
|
|
|
if err2 != nil {
|
|
|
|
|
logrus.Errorf("Error removing store for partially-created runtime: %s", err2)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
// Set up a storage service for creating container root filesystems from
|
|
|
|
|
// images
|
|
|
|
|
storageService, err := getStorageService(runtime.store)
|
|
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return err
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
runtime.storageService = storageService
|
|
|
|
|
|
|
|
|
|
// Set up containers/image
|
|
|
|
|
runtime.imageContext = &types.SystemContext{
|
|
|
|
|
SignaturePolicyPath: runtime.config.SignaturePolicyPath,
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-24 14:41:42 +00:00
|
|
|
// Create the tmpDir
|
|
|
|
|
if err := os.MkdirAll(runtime.config.TmpDir, 0751); err != nil {
|
|
|
|
|
// The directory is allowed to exist
|
|
|
|
|
if !os.IsExist(err) {
|
|
|
|
|
return errors.Wrapf(err, "error creating tmpdir %s", runtime.config.TmpDir)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// Make an OCI runtime to perform container operations
|
2018-02-28 03:31:18 +00:00
|
|
|
ociRuntime, err := newOCIRuntime("runc", runtime.ociRuntimePath,
|
|
|
|
|
runtime.conmonPath, runtime.config.ConmonEnvVars,
|
2017-11-01 15:24:59 +00:00
|
|
|
runtime.config.CgroupManager, runtime.config.TmpDir,
|
2018-09-13 18:42:47 +00:00
|
|
|
runtime.config.MaxLogSize, runtime.config.NoPivotRoot,
|
|
|
|
|
runtime.config.EnablePortReservation)
|
2017-11-01 15:24:59 +00:00
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return err
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
runtime.ociRuntime = ociRuntime
|
|
|
|
|
|
|
|
|
|
// Make the static files directory if it does not exist
|
|
|
|
|
if err := os.MkdirAll(runtime.config.StaticDir, 0755); err != nil {
|
|
|
|
|
// The directory is allowed to exist
|
|
|
|
|
if !os.IsExist(err) {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error creating runtime static files directory %s",
|
2017-11-01 15:24:59 +00:00
|
|
|
runtime.config.StaticDir)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-24 18:39:29 +00:00
|
|
|
// Make a directory to hold container lockfiles
|
2017-12-14 14:19:00 +00:00
|
|
|
lockDir := filepath.Join(runtime.config.TmpDir, "lock")
|
2017-11-27 18:42:45 +00:00
|
|
|
if err := os.MkdirAll(lockDir, 0755); err != nil {
|
2017-11-24 18:39:29 +00:00
|
|
|
// The directory is allowed to exist
|
|
|
|
|
if !os.IsExist(err) {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error creating runtime lockfiles directory %s",
|
2017-11-27 18:42:45 +00:00
|
|
|
lockDir)
|
2017-11-24 18:39:29 +00:00
|
|
|
}
|
|
|
|
|
}
|
2017-11-27 18:42:45 +00:00
|
|
|
runtime.lockDir = lockDir
|
2017-11-24 18:39:29 +00:00
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// Make the per-boot files directory if it does not exist
|
|
|
|
|
if err := os.MkdirAll(runtime.config.TmpDir, 0755); err != nil {
|
|
|
|
|
// The directory is allowed to exist
|
|
|
|
|
if !os.IsExist(err) {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error creating runtime temporary files directory %s",
|
2017-11-01 15:24:59 +00:00
|
|
|
runtime.config.TmpDir)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-30 19:25:00 +00:00
|
|
|
// Set up the CNI net plugin
|
2018-07-12 14:51:31 +00:00
|
|
|
netPlugin, err := ocicni.InitCNI(runtime.config.CNIDefaultNetwork, runtime.config.CNIConfigDir, runtime.config.CNIPluginDir...)
|
2017-11-30 19:25:00 +00:00
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error configuring CNI network plugin")
|
2017-11-30 19:25:00 +00:00
|
|
|
}
|
|
|
|
|
runtime.netPlugin = netPlugin
|
|
|
|
|
|
2018-09-09 17:16:34 +00:00
|
|
|
// Set up a firewall backend
|
|
|
|
|
backendType := ""
|
|
|
|
|
if os.Geteuid() != 0 {
|
|
|
|
|
backendType = "none"
|
|
|
|
|
}
|
|
|
|
|
fwBackend, err := firewall.GetBackend(backendType)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
runtime.firewallBackend = fwBackend
|
|
|
|
|
|
2017-11-09 18:51:20 +00:00
|
|
|
// Set up the state
|
2018-01-16 15:13:31 +00:00
|
|
|
switch runtime.config.StateType {
|
|
|
|
|
case InMemoryStateStore:
|
2017-11-09 18:51:20 +00:00
|
|
|
state, err := NewInMemoryState()
|
|
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return err
|
2017-11-09 18:51:20 +00:00
|
|
|
}
|
|
|
|
|
runtime.state = state
|
2018-01-16 15:13:31 +00:00
|
|
|
case SQLiteStateStore:
|
2018-03-26 15:40:57 +00:00
|
|
|
return errors.Wrapf(ErrInvalidArg, "SQLite state is currently disabled")
|
2017-12-14 03:02:15 +00:00
|
|
|
case BoltDBStateStore:
|
|
|
|
|
dbPath := filepath.Join(runtime.config.StaticDir, "bolt_state.db")
|
|
|
|
|
|
|
|
|
|
state, err := NewBoltState(dbPath, runtime.lockDir, runtime)
|
|
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return err
|
2017-12-14 03:02:15 +00:00
|
|
|
}
|
|
|
|
|
runtime.state = state
|
2018-01-16 15:13:31 +00:00
|
|
|
default:
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(ErrInvalidArg, "unrecognized state type passed")
|
2017-11-09 18:51:20 +00:00
|
|
|
}
|
|
|
|
|
|
2018-07-20 12:49:30 +00:00
|
|
|
if err := runtime.state.SetNamespace(runtime.config.Namespace); err != nil {
|
|
|
|
|
return errors.Wrapf(err, "error setting libpod namespace in state")
|
|
|
|
|
}
|
|
|
|
|
logrus.Debugf("Set libpod namespace to %q", runtime.config.Namespace)
|
|
|
|
|
|
2017-12-01 18:26:58 +00:00
|
|
|
// We now need to see if the system has restarted
|
|
|
|
|
// We check for the presence of a file in our tmp directory to verify this
|
2017-12-04 19:44:03 +00:00
|
|
|
// This check must be locked to prevent races
|
|
|
|
|
runtimeAliveLock := filepath.Join(runtime.config.TmpDir, "alive.lck")
|
2017-12-01 18:26:58 +00:00
|
|
|
runtimeAliveFile := filepath.Join(runtime.config.TmpDir, "alive")
|
2017-12-04 19:44:03 +00:00
|
|
|
aliveLock, err := storage.GetLockfile(runtimeAliveLock)
|
|
|
|
|
if err != nil {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error acquiring runtime init lock")
|
2017-12-04 19:44:03 +00:00
|
|
|
}
|
|
|
|
|
// Acquire the lock and hold it until we return
|
|
|
|
|
// This ensures that no two processes will be in runtime.refresh at once
|
|
|
|
|
// TODO: we can't close the FD in this lock, so we should keep it around
|
|
|
|
|
// and use it to lock important operations
|
|
|
|
|
aliveLock.Lock()
|
2018-08-30 16:26:41 +00:00
|
|
|
locked := true
|
|
|
|
|
defer func() {
|
|
|
|
|
if locked {
|
|
|
|
|
aliveLock.Unlock()
|
|
|
|
|
}
|
|
|
|
|
}()
|
2017-12-01 18:26:58 +00:00
|
|
|
_, err = os.Stat(runtimeAliveFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// If the file doesn't exist, we need to refresh the state
|
|
|
|
|
// This will trigger on first use as well, but refreshing an
|
|
|
|
|
// empty state only creates a single file
|
|
|
|
|
// As such, it's not really a performance concern
|
|
|
|
|
if os.IsNotExist(err) {
|
2018-08-31 07:31:34 +00:00
|
|
|
if os.Geteuid() != 0 {
|
2018-08-30 16:26:41 +00:00
|
|
|
aliveLock.Unlock()
|
|
|
|
|
locked = false
|
|
|
|
|
if err2 := runtime.refreshRootless(); err2 != nil {
|
|
|
|
|
return err2
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if err2 := runtime.refresh(runtimeAliveFile); err2 != nil {
|
|
|
|
|
return err2
|
|
|
|
|
}
|
2017-12-01 18:26:58 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
2018-03-01 16:56:22 +00:00
|
|
|
return errors.Wrapf(err, "error reading runtime status file %s", runtimeAliveFile)
|
2017-12-01 18:26:58 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-01 15:24:59 +00:00
|
|
|
// Mark the runtime as valid - ready to be used, cannot be modified
|
|
|
|
|
// further
|
|
|
|
|
runtime.valid = true
|
|
|
|
|
|
2018-03-01 16:56:22 +00:00
|
|
|
return nil
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetConfig returns a copy of the configuration used by the runtime
|
|
|
|
|
func (r *Runtime) GetConfig() *RuntimeConfig {
|
|
|
|
|
r.lock.RLock()
|
|
|
|
|
defer r.lock.RUnlock()
|
|
|
|
|
|
|
|
|
|
if !r.valid {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
config := new(RuntimeConfig)
|
|
|
|
|
|
|
|
|
|
// Copy so the caller won't be able to modify the actual config
|
|
|
|
|
deepcopier.Copy(r.config).To(config)
|
|
|
|
|
|
|
|
|
|
return config
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Shutdown shuts down the runtime and associated containers and storage
|
|
|
|
|
// If force is true, containers and mounted storage will be shut down before
|
|
|
|
|
// cleaning up; if force is false, an error will be returned if there are
|
|
|
|
|
// still containers running or mounted
|
|
|
|
|
func (r *Runtime) Shutdown(force bool) error {
|
|
|
|
|
r.lock.Lock()
|
|
|
|
|
defer r.lock.Unlock()
|
|
|
|
|
|
|
|
|
|
if !r.valid {
|
|
|
|
|
return ErrRuntimeStopped
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
r.valid = false
|
|
|
|
|
|
2017-11-28 16:26:06 +00:00
|
|
|
// Shutdown all containers if --force is given
|
|
|
|
|
if force {
|
|
|
|
|
ctrs, err := r.state.AllContainers()
|
2017-11-28 16:30:15 +00:00
|
|
|
if err != nil {
|
2017-11-28 16:26:06 +00:00
|
|
|
logrus.Errorf("Error retrieving containers from database: %v", err)
|
|
|
|
|
} else {
|
|
|
|
|
for _, ctr := range ctrs {
|
2018-01-29 16:59:33 +00:00
|
|
|
if err := ctr.StopWithTimeout(CtrRemoveTimeout); err != nil {
|
2017-11-28 16:26:06 +00:00
|
|
|
logrus.Errorf("Error stopping container %s: %v", ctr.ID(), err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-03 13:25:16 +00:00
|
|
|
var lastError error
|
2018-08-23 21:02:04 +00:00
|
|
|
if r.store != nil {
|
|
|
|
|
if _, err := r.store.Shutdown(force); err != nil {
|
|
|
|
|
lastError = errors.Wrapf(err, "Error shutting down container storage")
|
|
|
|
|
}
|
2017-12-03 13:25:16 +00:00
|
|
|
}
|
|
|
|
|
if err := r.state.Close(); err != nil {
|
|
|
|
|
if lastError != nil {
|
|
|
|
|
logrus.Errorf("%v", lastError)
|
|
|
|
|
}
|
|
|
|
|
lastError = err
|
2017-11-09 18:51:20 +00:00
|
|
|
}
|
|
|
|
|
|
2017-12-03 13:25:16 +00:00
|
|
|
return lastError
|
2017-11-01 15:24:59 +00:00
|
|
|
}
|
2017-12-01 18:26:58 +00:00
|
|
|
|
2018-08-30 16:26:41 +00:00
|
|
|
// Reconfigures the runtime after a reboot for a rootless process
|
|
|
|
|
func (r *Runtime) refreshRootless() error {
|
|
|
|
|
// Take advantage of a command that requires a new userns
|
|
|
|
|
// so that we are running as the root user and able to use refresh()
|
|
|
|
|
cmd := exec.Command(os.Args[0], "info")
|
|
|
|
|
return cmd.Run()
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-01 18:26:58 +00:00
|
|
|
// Reconfigures the runtime after a reboot
|
|
|
|
|
// Refreshes the state, recreating temporary files
|
|
|
|
|
// Does not check validity as the runtime is not valid until after this has run
|
|
|
|
|
func (r *Runtime) refresh(alivePath string) error {
|
2017-12-07 18:15:34 +00:00
|
|
|
// First clear the state in the database
|
|
|
|
|
if err := r.state.Refresh(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Next refresh the state of all containers to recreate dirs and
|
2018-05-16 18:58:46 +00:00
|
|
|
// namespaces, and all the pods to recreate cgroups
|
2017-12-01 18:26:58 +00:00
|
|
|
ctrs, err := r.state.AllContainers()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.Wrapf(err, "error retrieving all containers from state")
|
|
|
|
|
}
|
2018-05-16 18:58:46 +00:00
|
|
|
pods, err := r.state.AllPods()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.Wrapf(err, "error retrieving all pods from state")
|
|
|
|
|
}
|
2017-12-01 18:26:58 +00:00
|
|
|
for _, ctr := range ctrs {
|
2018-06-21 15:09:17 +00:00
|
|
|
ctr.lock.Lock()
|
2017-12-01 18:26:58 +00:00
|
|
|
if err := ctr.refresh(); err != nil {
|
2018-08-10 14:35:25 +00:00
|
|
|
logrus.Errorf("Error refreshing container %s: %v", ctr.ID(), err)
|
2017-12-01 18:26:58 +00:00
|
|
|
}
|
2018-06-21 15:09:17 +00:00
|
|
|
ctr.lock.Unlock()
|
2017-12-01 18:26:58 +00:00
|
|
|
}
|
2018-05-16 18:58:46 +00:00
|
|
|
for _, pod := range pods {
|
2018-06-21 15:09:17 +00:00
|
|
|
pod.lock.Lock()
|
2018-05-16 18:58:46 +00:00
|
|
|
if err := pod.refresh(); err != nil {
|
2018-08-10 14:35:25 +00:00
|
|
|
logrus.Errorf("Error refreshing pod %s: %v", pod.ID(), err)
|
2018-05-16 18:58:46 +00:00
|
|
|
}
|
2018-06-21 15:09:17 +00:00
|
|
|
pod.lock.Unlock()
|
2018-05-16 18:58:46 +00:00
|
|
|
}
|
2017-12-01 18:26:58 +00:00
|
|
|
|
2018-01-10 21:42:49 +00:00
|
|
|
// Create a file indicating the runtime is alive and ready
|
2017-12-01 18:26:58 +00:00
|
|
|
file, err := os.OpenFile(alivePath, os.O_RDONLY|os.O_CREATE, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.Wrapf(err, "error creating runtime status file %s", alivePath)
|
|
|
|
|
}
|
|
|
|
|
defer file.Close()
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2017-12-12 17:48:51 +00:00
|
|
|
|
|
|
|
|
// Info returns the store and host information
|
|
|
|
|
func (r *Runtime) Info() ([]InfoData, error) {
|
|
|
|
|
info := []InfoData{}
|
|
|
|
|
// get host information
|
|
|
|
|
hostInfo, err := r.hostInfo()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error getting host info")
|
|
|
|
|
}
|
|
|
|
|
info = append(info, InfoData{Type: "host", Data: hostInfo})
|
|
|
|
|
|
|
|
|
|
// get store information
|
|
|
|
|
storeInfo, err := r.storeInfo()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error getting store info")
|
|
|
|
|
}
|
|
|
|
|
info = append(info, InfoData{Type: "store", Data: storeInfo})
|
|
|
|
|
|
2018-04-16 18:39:00 +00:00
|
|
|
reg, err := sysreg.GetRegistries()
|
2018-02-28 20:13:28 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error getting registries")
|
|
|
|
|
}
|
|
|
|
|
registries := make(map[string]interface{})
|
|
|
|
|
registries["registries"] = reg
|
|
|
|
|
info = append(info, InfoData{Type: "registries", Data: registries})
|
|
|
|
|
|
2018-04-16 18:39:00 +00:00
|
|
|
i, err := sysreg.GetInsecureRegistries()
|
2018-02-28 20:13:28 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrapf(err, "error getting registries")
|
|
|
|
|
}
|
|
|
|
|
insecureRegistries := make(map[string]interface{})
|
|
|
|
|
insecureRegistries["registries"] = i
|
|
|
|
|
info = append(info, InfoData{Type: "insecure registries", Data: insecureRegistries})
|
2017-12-12 17:48:51 +00:00
|
|
|
return info, nil
|
|
|
|
|
}
|
2018-02-28 20:06:05 +00:00
|
|
|
|
2018-05-25 00:50:37 +00:00
|
|
|
// generateName generates a unique name for a container or pod.
|
2018-03-18 00:08:27 +00:00
|
|
|
func (r *Runtime) generateName() (string, error) {
|
|
|
|
|
for {
|
|
|
|
|
name := namesgenerator.GetRandomName(0)
|
|
|
|
|
// Make sure container with this name does not exist
|
|
|
|
|
if _, err := r.state.LookupContainer(name); err == nil {
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
if errors.Cause(err) != ErrNoSuchCtr {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Make sure pod with this name does not exist
|
|
|
|
|
if _, err := r.state.LookupPod(name); err == nil {
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
if errors.Cause(err) != ErrNoSuchPod {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return name, nil
|
|
|
|
|
}
|
|
|
|
|
// The code should never reach here.
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-15 15:06:49 +00:00
|
|
|
// ImageRuntime returns the imageruntime for image resolution
|
|
|
|
|
func (r *Runtime) ImageRuntime() *image.Runtime {
|
|
|
|
|
return r.imageRuntime
|
|
|
|
|
}
|