Namespace tasks via runc --root
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
Michael Crosby
@@ -4,6 +4,7 @@ package shim
|
||||
|
||||
import (
|
||||
"path/filepath"
|
||||
"syscall"
|
||||
|
||||
shimapi "github.com/containerd/containerd/api/services/shim"
|
||||
"github.com/containerd/containerd/api/types/task"
|
||||
@@ -15,23 +16,28 @@ import (
|
||||
"google.golang.org/grpc/metadata"
|
||||
)
|
||||
|
||||
func Client(path string) (shimapi.ShimClient, error) {
|
||||
func Client(path, namespace string) (shimapi.ShimClient, error) {
|
||||
pid, err := runc.ReadPidFile(filepath.Join(path, "init.pid"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cl := &client{
|
||||
s: New(path),
|
||||
s, err := New(path, namespace)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// used when quering container status and info
|
||||
cl := &client{
|
||||
s: s,
|
||||
}
|
||||
// used when quering container status and info
|
||||
cl.s.initProcess = &initProcess{
|
||||
id: filepath.Base(path),
|
||||
pid: pid,
|
||||
runc: &runc.Runc{
|
||||
Log: filepath.Join(path, "log.json"),
|
||||
LogFormat: runc.JSON,
|
||||
Log: filepath.Join(path, "log.json"),
|
||||
LogFormat: runc.JSON,
|
||||
PdeathSignal: syscall.SIGKILL,
|
||||
Root: filepath.Join(RuncRoot, namespace),
|
||||
},
|
||||
}
|
||||
return cl, nil
|
||||
|
||||
@@ -49,7 +49,7 @@ type initProcess struct {
|
||||
terminal bool
|
||||
}
|
||||
|
||||
func newInitProcess(context context.Context, path string, r *shimapi.CreateRequest) (*initProcess, error) {
|
||||
func newInitProcess(context context.Context, path, namespace string, r *shimapi.CreateRequest) (*initProcess, error) {
|
||||
for _, rm := range r.Rootfs {
|
||||
m := &mount.Mount{
|
||||
Type: rm.Type,
|
||||
@@ -65,6 +65,7 @@ func newInitProcess(context context.Context, path string, r *shimapi.CreateReque
|
||||
Log: filepath.Join(path, "log.json"),
|
||||
LogFormat: runc.JSON,
|
||||
PdeathSignal: syscall.SIGKILL,
|
||||
Root: filepath.Join(RuncRoot, namespace),
|
||||
}
|
||||
p := &initProcess{
|
||||
id: r.ID,
|
||||
|
||||
@@ -20,13 +20,19 @@ import (
|
||||
|
||||
var empty = &google_protobuf.Empty{}
|
||||
|
||||
const RuncRoot = "/run/containerd/runc"
|
||||
|
||||
// New returns a new shim service that can be used via GRPC
|
||||
func New(path string) *Service {
|
||||
func New(path, namespace string) (*Service, error) {
|
||||
if namespace == "" {
|
||||
return nil, fmt.Errorf("shim namespace cannot be empty")
|
||||
}
|
||||
return &Service{
|
||||
path: path,
|
||||
processes: make(map[int]process),
|
||||
events: make(chan *task.Event, 4096),
|
||||
}
|
||||
namespace: namespace,
|
||||
}, nil
|
||||
}
|
||||
|
||||
type Service struct {
|
||||
@@ -40,10 +46,11 @@ type Service struct {
|
||||
eventsMu sync.Mutex
|
||||
deferredEvent *task.Event
|
||||
execID int
|
||||
namespace string
|
||||
}
|
||||
|
||||
func (s *Service) Create(ctx context.Context, r *shimapi.CreateRequest) (*shimapi.CreateResponse, error) {
|
||||
process, err := newInitProcess(ctx, s.path, r)
|
||||
process, err := newInitProcess(ctx, s.path, s.namespace, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user