github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Add no-pivot flag to ctr

Browse Source 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
This commit is contained in:
Kenfe-Mickael Laventure 2018-01-08 18:35:02 -08:00
parent 1df6287150
commit 0cc79a6ff6
No known key found for this signature in database
GPG Key ID: 40CF16616B361216
7 changed files with 63 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/ctr/commands/run/run.go
View File

@ -199,7 +199,8 @@ var Command = cli.Command{
if context.Bool("rm") && !detach { if context.Bool("rm") && !detach {
defer container.Delete(ctx, containerd.WithSnapshotCleanup) defer container.Delete(ctx, containerd.WithSnapshotCleanup)
} }
task, err := tasks.NewTask(ctx, client, container, context.String("checkpoint"), tty, context.Bool("null-io")) opts := getNewTaskOpts(context)
task, err := tasks.NewTask(ctx, client, container, context.String("checkpoint"), tty, context.Bool("null-io"), opts...)
if err != nil { if err != nil {
return err return err
} }

10
cmd/ctr/commands/run/run_unix.go
View File

@ -16,6 +16,9 @@ func init() {
Command.Flags = append(Command.Flags, cli.BoolFlag{ Command.Flags = append(Command.Flags, cli.BoolFlag{
Name: "rootfs", Name: "rootfs",
Usage: "use custom rootfs that is not managed by containerd snapshotter", Usage: "use custom rootfs that is not managed by containerd snapshotter",
}, cli.BoolFlag{
Name: "no-pivot",
Usage: "disable use of pivot-root (linux only)",
}) })
} }
@ -75,3 +78,10 @@ func newContainer(ctx gocontext.Context, client *containerd.Client, context *cli
cOpts = append([]containerd.NewContainerOpts{containerd.WithNewSpec(opts...)}, cOpts...) cOpts = append([]containerd.NewContainerOpts{containerd.WithNewSpec(opts...)}, cOpts...)
return client.NewContainer(ctx, id, cOpts...) return client.NewContainer(ctx, id, cOpts...)
} }
func getNewTaskOpts(context *cli.Context) []containerd.NewTaskOpts {
if context.Bool("no-pivot") {
return []containerd.NewTaskOpts{containerd.WithNoPivotRoot}
}
return nil
}

4
cmd/ctr/commands/run/run_windows.go
View File

@ -82,3 +82,7 @@ func newContainer(ctx gocontext.Context, client *containerd.Client, context *cli
// TODO(mlaventure): containerd.WithImage(image), // TODO(mlaventure): containerd.WithImage(image),
) )
} }
func getNewTaskOpts(_ *cli.Context) []containerd.NewTaskOpts {
return nil
}

8
cmd/ctr/commands/tasks/start.go
View File

@ -41,9 +41,11 @@ var startCommand = cli.Command{
return err return err
} }
tty := spec.Process.Terminal var (
tty = spec.Process.Terminal
task, err := NewTask(ctx, client, container, "", tty, context.Bool("null-io")) opts = getNewTaskOpts(context)
)
task, err := NewTask(ctx, client, container, "", tty, context.Bool("null-io"), opts...)
if err != nil { if err != nil {
return err return err
} }

22
cmd/ctr/commands/tasks/tasks_unix.go
View File

@ -12,9 +12,17 @@ import (
"github.com/containerd/containerd/cio" "github.com/containerd/containerd/cio"
"github.com/containerd/containerd/log" "github.com/containerd/containerd/log"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/urfave/cli"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
func init() {
startCommand.Flags = append(startCommand.Flags, cli.BoolFlag{
Name: "no-pivot",
Usage: "disable use of pivot-root (linux only)",
})
}
// HandleConsoleResize resizes the console // HandleConsoleResize resizes the console
func HandleConsoleResize(ctx gocontext.Context, task resizer, con console.Console) error { func HandleConsoleResize(ctx gocontext.Context, task resizer, con console.Console) error {
// do an initial resize of the console // do an initial resize of the console
@ -43,7 +51,7 @@ func HandleConsoleResize(ctx gocontext.Context, task resizer, con console.Consol
} }
// NewTask creates a new task // NewTask creates a new task
func NewTask(ctx gocontext.Context, client *containerd.Client, container containerd.Container, checkpoint string, tty, nullIO bool) (containerd.Task, error) { func NewTask(ctx gocontext.Context, client *containerd.Client, container containerd.Container, checkpoint string, tty, nullIO bool, opts ...containerd.NewTaskOpts) (containerd.Task, error) {
stdio := cio.NewCreator(cio.WithStdio) stdio := cio.NewCreator(cio.WithStdio)
if checkpoint == "" { if checkpoint == "" {
ioCreator := stdio ioCreator := stdio
@ -56,11 +64,19 @@ func NewTask(ctx gocontext.Context, client *containerd.Client, container contain
} }
ioCreator = cio.NullIO ioCreator = cio.NullIO
} }
return container.NewTask(ctx, ioCreator) return container.NewTask(ctx, ioCreator, opts...)
} }
im, err := client.GetImage(ctx, checkpoint) im, err := client.GetImage(ctx, checkpoint)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return container.NewTask(ctx, stdio, containerd.WithTaskCheckpoint(im)) opts = append(opts, containerd.WithTaskCheckpoint(im))
return container.NewTask(ctx, stdio, opts...)
}
func getNewTaskOpts(context *cli.Context) []containerd.NewTaskOpts {
if context.Bool("no-pivot") {
return []containerd.NewTaskOpts{containerd.WithNoPivotRoot}
}
return nil
} }

7
cmd/ctr/commands/tasks/tasks_windows.go
View File

@ -9,6 +9,7 @@ import (
"github.com/containerd/containerd/cio" "github.com/containerd/containerd/cio"
"github.com/containerd/containerd/log" "github.com/containerd/containerd/log"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/urfave/cli"
) )
// HandleConsoleResize resizes the console // HandleConsoleResize resizes the console
@ -41,7 +42,7 @@ func HandleConsoleResize(ctx gocontext.Context, task resizer, con console.Consol
} }
// NewTask creates a new task // NewTask creates a new task
func NewTask(ctx gocontext.Context, client *containerd.Client, container containerd.Container, _ string, tty, nullIO bool) (containerd.Task, error) { func NewTask(ctx gocontext.Context, client *containerd.Client, container containerd.Container, _ string, tty, nullIO bool, opts ...containerd.NewTaskOpts) (containerd.Task, error) {
ioCreator := cio.NewCreator(cio.WithStdio) ioCreator := cio.NewCreator(cio.WithStdio)
if tty { if tty {
ioCreator = cio.NewCreator(cio.WithStdio, cio.WithTerminal) ioCreator = cio.NewCreator(cio.WithStdio, cio.WithTerminal)
@ -54,3 +55,7 @@ func NewTask(ctx gocontext.Context, client *containerd.Client, container contain
} }
return container.NewTask(ctx, ioCreator) return container.NewTask(ctx, ioCreator)
} }
func getNewTaskOpts(_ *cli.Context) []containerd.NewTaskOpts {
return nil
}

17
container_opts_unix.go
View File

@ -15,6 +15,7 @@ import (
"github.com/containerd/containerd/content" "github.com/containerd/containerd/content"
"github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/images" "github.com/containerd/containerd/images"
"github.com/containerd/containerd/linux/runctypes"
"github.com/containerd/containerd/mount" "github.com/containerd/containerd/mount"
"github.com/containerd/containerd/platforms" "github.com/containerd/containerd/platforms"
"github.com/gogo/protobuf/proto" "github.com/gogo/protobuf/proto"
@ -205,3 +206,19 @@ func incrementFS(root string, uidInc, gidInc uint32) filepath.WalkFunc {
return os.Lchown(path, u, g) return os.Lchown(path, u, g)
} }
} }
// WithNoPivotRoot instructs the runtime not to you pivot_root
func WithNoPivotRoot(_ context.Context, _ *Client, info *TaskInfo) error {
if info.Options == nil {
info.Options = &runctypes.CreateOptions{
NoPivotRoot: true,
}
return nil
}
copts, ok := info.Options.(*runctypes.CreateOptions)
if !ok {
return errors.New("invalid options type, expected runctypes.CreateOptions")
}
copts.NoPivotRoot = true
return nil
}