github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #3148 from masters-of-cats/wip-rootless-containerd

Browse Source 
Skip rootfs unmount when no mounts are provided
This commit is contained in:
Michael Crosby 2019-05-07 10:39:02 -04:00 committed by GitHub
commit 19af235051
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
mount/mount_linux.go
View File

@ -111,7 +111,18 @@ func unmount(target string, flags int) error {
// UnmountAll repeatedly unmounts the given mount point until there // UnmountAll repeatedly unmounts the given mount point until there
// are no mounts remaining (EINVAL is returned by mount), which is // are no mounts remaining (EINVAL is returned by mount), which is
// useful for undoing a stack of mounts on the same mount point. // useful for undoing a stack of mounts on the same mount point.
// UnmountAll all is noop when the first argument is an empty string.
// This is done when the containerd client did not specify any rootfs
// mounts (e.g. because the rootfs is managed outside containerd)
// UnmountAll is noop when the mount path does not exist.
func UnmountAll(mount string, flags int) error { func UnmountAll(mount string, flags int) error {
if mount == "" {
return nil
}
if _, err := os.Stat(mount); os.IsNotExist(err) {
return nil
}
for { for {
if err := unmount(mount, flags); err != nil { if err := unmount(mount, flags); err != nil {
// EINVAL is returned if the target is not a // EINVAL is returned if the target is not a

3
runtime/v1/linux/bundle.go
View File

@ -65,9 +65,6 @@ func newBundle(id, path, workDir string, spec []byte) (b *bundle, err error) {
os.RemoveAll(workDir) os.RemoveAll(workDir)
} }
}() }()
if err := os.Mkdir(filepath.Join(path, "rootfs"), 0711); err != nil {
return nil, err
}
err = ioutil.WriteFile(filepath.Join(path, configFilename), spec, 0666) err = ioutil.WriteFile(filepath.Join(path, configFilename), spec, 0666)
return &bundle{ return &bundle{
id: id, id: id,

13
runtime/v1/shim/service.go
View File

@ -124,6 +124,14 @@ func (s *Service) Create(ctx context.Context, r *shimapi.CreateTaskRequest) (_ *
}) })
} }
rootfs := ""
if len(mounts) > 0 {
rootfs = filepath.Join(r.Bundle, "rootfs")
if err := os.Mkdir(rootfs, 0711); err != nil {
return nil, err
}
}
config := &proc.CreateConfig{ config := &proc.CreateConfig{
ID: r.ID, ID: r.ID,
Bundle: r.Bundle, Bundle: r.Bundle,
@ -137,7 +145,6 @@ func (s *Service) Create(ctx context.Context, r *shimapi.CreateTaskRequest) (_ *
ParentCheckpoint: r.ParentCheckpoint, ParentCheckpoint: r.ParentCheckpoint,
Options: r.Options, Options: r.Options,
} }
rootfs := filepath.Join(r.Bundle, "rootfs")
defer func() { defer func() {
if err != nil { if err != nil {
if err2 := mount.UnmountAll(rootfs, 0); err2 != nil { if err2 := mount.UnmountAll(rootfs, 0); err2 != nil {
@ -169,6 +176,7 @@ func (s *Service) Create(ctx context.Context, r *shimapi.CreateTaskRequest) (_ *
s.config.SystemdCgroup, s.config.SystemdCgroup,
s.platform, s.platform,
config, config,
rootfs,
) )
if err != nil { if err != nil {
return nil, errdefs.ToGRPC(err) return nil, errdefs.ToGRPC(err)
@ -632,7 +640,7 @@ func getTopic(ctx context.Context, e interface{}) string {
return runtime.TaskUnknownTopic return runtime.TaskUnknownTopic
} }
func newInit(ctx context.Context, path, workDir, runtimeRoot, namespace, criu string, systemdCgroup bool, platform rproc.Platform, r *proc.CreateConfig) (*proc.Init, error) { func newInit(ctx context.Context, path, workDir, runtimeRoot, namespace, criu string, systemdCgroup bool, platform rproc.Platform, r *proc.CreateConfig, rootfs string) (*proc.Init, error) {
var options runctypes.CreateOptions var options runctypes.CreateOptions
if r.Options != nil { if r.Options != nil {
v, err := typeurl.UnmarshalAny(r.Options) v, err := typeurl.UnmarshalAny(r.Options)
@ -642,7 +650,6 @@ func newInit(ctx context.Context, path, workDir, runtimeRoot, namespace, criu st
options = *v.(*runctypes.CreateOptions) options = *v.(*runctypes.CreateOptions)
} }
rootfs := filepath.Join(path, "rootfs")
runtime := proc.NewRunc(runtimeRoot, path, namespace, r.Runtime, criu, systemdCgroup) runtime := proc.NewRunc(runtimeRoot, path, namespace, r.Runtime, criu, systemdCgroup)
p := proc.New(r.ID, runtime, rproc.Stdio{ p := proc.New(r.ID, runtime, rproc.Stdio{
Stdin: r.Stdin, Stdin: r.Stdin,

4
runtime/v2/bundle.go
View File

@ -89,10 +89,6 @@ func NewBundle(ctx context.Context, root, state, id string, spec []byte) (b *Bun
} }
} }
paths = append(paths, work) paths = append(paths, work)
// create rootfs dir
if err := os.Mkdir(filepath.Join(b.Path, "rootfs"), 0711); err != nil {
return nil, err
}
// symlink workdir // symlink workdir
if err := os.Symlink(work, filepath.Join(b.Path, "work")); err != nil { if err := os.Symlink(work, filepath.Join(b.Path, "work")); err != nil {
return nil, err return nil, err

15
runtime/v2/runc/container.go
View File

@ -21,6 +21,7 @@ package runc
import ( import (
"context" "context"
"io/ioutil" "io/ioutil"
"os"
"path/filepath" "path/filepath"
"sync" "sync"
@ -63,6 +64,15 @@ func NewContainer(ctx context.Context, platform rproc.Platform, r *task.CreateTa
Options: m.Options, Options: m.Options,
}) })
} }
rootfs := ""
if len(mounts) > 0 {
rootfs = filepath.Join(r.Bundle, "rootfs")
if err := os.Mkdir(rootfs, 0711); err != nil {
return nil, err
}
}
config := &proc.CreateConfig{ config := &proc.CreateConfig{
ID: r.ID, ID: r.ID,
Bundle: r.Bundle, Bundle: r.Bundle,
@ -80,7 +90,6 @@ func NewContainer(ctx context.Context, platform rproc.Platform, r *task.CreateTa
if err := WriteRuntime(r.Bundle, opts.BinaryName); err != nil { if err := WriteRuntime(r.Bundle, opts.BinaryName); err != nil {
return nil, err return nil, err
} }
rootfs := filepath.Join(r.Bundle, "rootfs")
defer func() { defer func() {
if err != nil { if err != nil {
if err2 := mount.UnmountAll(rootfs, 0); err2 != nil { if err2 := mount.UnmountAll(rootfs, 0); err2 != nil {
@ -107,6 +116,7 @@ func NewContainer(ctx context.Context, platform rproc.Platform, r *task.CreateTa
platform, platform,
config, config,
&opts, &opts,
rootfs,
) )
if err != nil { if err != nil {
return nil, errdefs.ToGRPC(err) return nil, errdefs.ToGRPC(err)
@ -146,8 +156,7 @@ func WriteRuntime(path, runtime string) error {
} }
func newInit(ctx context.Context, path, workDir, namespace string, platform rproc.Platform, func newInit(ctx context.Context, path, workDir, namespace string, platform rproc.Platform,
r *proc.CreateConfig, options *options.Options) (*proc.Init, error) { r *proc.CreateConfig, options *options.Options, rootfs string) (*proc.Init, error) {
rootfs := filepath.Join(path, "rootfs")
runtime := proc.NewRunc(options.Root, path, namespace, options.BinaryName, options.CriuPath, options.SystemdCgroup) runtime := proc.NewRunc(options.Root, path, namespace, options.BinaryName, options.CriuPath, options.SystemdCgroup)
p := proc.New(r.ID, runtime, rproc.Stdio{ p := proc.New(r.ID, runtime, rproc.Stdio{
Stdin: r.Stdin, Stdin: r.Stdin,