github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Completely remove Windows v2 in-tree shim

Browse Source 
Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
This commit is contained in:
Justin Terry (VM) 2019-08-05 16:11:44 -07:00
parent 29e56c5625
commit 4b5dfaee13
17 changed files with 1063 additions and 2632 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -194,10 +194,6 @@ bin/containerd-shim-runc-v2: cmd/containerd-shim-runc-v2 FORCE # set !cgo and om
@echo "$(WHALE) bin/containerd-shim-runc-v2"
@CGO_ENABLED=0 go build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runc-v2 ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim-runc-v2
bin/containerd-shim-runhcs-v1: cmd/containerd-shim-runhcs-v1 FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220
@echo "$(WHALE) bin/containerd-shim-runhcs-v1${BINARY_SUFFIX}"
@CGO_ENABLED=0 go build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runhcs-v1${BINARY_SUFFIX} ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim-runhcs-v1
binaries: $(BINARIES) ## build binaries
@echo "$(WHALE) $@"

1
Makefile.windows
View File

@ -16,7 +16,6 @@
#Windows specific settings.
WHALE = "+"
ONI = "-"
COMMANDS += containerd-shim-runhcs-v1
BINARY_SUFFIX=".exe"

8
Protobuild.toml
View File

@ -69,11 +69,3 @@ ignore_files = [
"google/protobuf/descriptor.proto",
"gogoproto/gogo.proto"
]
[[descriptors]]
prefix = "github.com/containerd/containerd/runtime/v2/runhcs/options"
target = "runtime/v2/runhcs/options/next.pb.txt"
ignore_files = [
"google/protobuf/descriptor.proto",
"gogoproto/gogo.proto"
]

28
cmd/containerd-shim-runhcs-v1/main.go
View File

@ -1,28 +0,0 @@
// +build windows
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"github.com/containerd/containerd/runtime/v2/runhcs"
"github.com/containerd/containerd/runtime/v2/shim"
)
func main() {
shim.Run("io.containerd.runhcs.v1", runhcs.New)
}

2
cmd/ctr/commands/run/run_windows.go
View File

@ -19,11 +19,11 @@ package run
import (
gocontext "context"
"github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
"github.com/containerd/console"
"github.com/containerd/containerd"
"github.com/containerd/containerd/cmd/ctr/commands"
"github.com/containerd/containerd/oci"
"github.com/containerd/containerd/runtime/v2/runhcs/options"
specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/sirupsen/logrus"
"github.com/urfave/cli"

159
runtime/v2/runhcs/io.go
View File

@ -1,159 +0,0 @@
// +build windows
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package runhcs
import (
"context"
"io"
"net"
"sync"
"time"
"github.com/Microsoft/go-winio"
"github.com/containerd/containerd/log"
runc "github.com/containerd/go-runc"
"github.com/pkg/errors"
"golang.org/x/sync/errgroup"
)
type pipeSet struct {
stdin net.Conn
stdout net.Conn
stderr net.Conn
}
// newPipeSet connects to the provided pipe addresses
func newPipeSet(ctx context.Context, stdin, stdout, stderr string, terminal bool) (*pipeSet, error) {
var (
err error
set = &pipeSet{}
)
defer func() {
if err != nil {
set.Close()
}
}()
g, _ := errgroup.WithContext(ctx)
dialfn := func(name string, conn *net.Conn) error {
if name == "" {
return nil
}
dialTimeout := 3 * time.Second
c, err := winio.DialPipe(name, &dialTimeout)
if err != nil {
return errors.Wrapf(err, "failed to connect to %s", name)
}
*conn = c
return nil
}
g.Go(func() error {
return dialfn(stdin, &set.stdin)
})
g.Go(func() error {
return dialfn(stdout, &set.stdout)
})
g.Go(func() error {
return dialfn(stderr, &set.stderr)
})
err = g.Wait()
if err != nil {
return nil, err
}
return set, nil
}
// Close terminates all successfully dialed IO connections
func (p *pipeSet) Close() {
for _, cn := range []net.Conn{p.stdin, p.stdout, p.stderr} {
if cn != nil {
cn.Close()
}
}
}
type pipeRelay struct {
ctx context.Context
ps *pipeSet
io runc.IO
wg sync.WaitGroup
once sync.Once
}
func newPipeRelay(ctx context.Context, ps *pipeSet, downstream runc.IO) *pipeRelay {
pr := &pipeRelay{
ctx: ctx,
ps: ps,
io: downstream,
}
if ps.stdin != nil {
go func() {
if _, err := io.Copy(downstream.Stdin(), ps.stdin); err != nil {
if err != winio.ErrFileClosed {
log.G(ctx).WithError(err).Error("error copying stdin to pipe")
}
}
}()
}
if ps.stdout != nil {
pr.wg.Add(1)
go func() {
if _, err := io.Copy(ps.stdout, downstream.Stdout()); err != nil {
log.G(ctx).WithError(err).Error("error copying stdout from pipe")
}
pr.wg.Done()
}()
}
if ps.stderr != nil {
pr.wg.Add(1)
go func() {
if _, err := io.Copy(ps.stderr, downstream.Stderr()); err != nil {
log.G(pr.ctx).WithError(err).Error("error copying stderr from pipe")
}
pr.wg.Done()
}()
}
return pr
}
func (pr *pipeRelay) wait() {
pr.wg.Wait()
}
// closeIO closes stdin to unblock an waiters
func (pr *pipeRelay) closeIO() {
if pr.ps.stdin != nil {
pr.ps.stdin.Close()
pr.io.Stdin().Close()
}
}
// close closes all open pipes
func (pr *pipeRelay) close() {
pr.once.Do(func() {
pr.io.Close()
pr.ps.Close()
})
}

17
runtime/v2/runhcs/options/doc.go
View File

@ -1,17 +0,0 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package options

83
runtime/v2/runhcs/options/next.pb.txt
View File

@ -1,83 +0,0 @@
file {
name: "github.com/containerd/containerd/runtime/v2/runhcs/options/runhcs.proto"
package: "containerd.runhcs.v1"
dependency: "gogoproto/gogo.proto"
message_type {
name: "Options"
field {
name: "debug"
number: 1
label: LABEL_OPTIONAL
type: TYPE_BOOL
json_name: "debug"
}
field {
name: "debug_type"
number: 2
label: LABEL_OPTIONAL
type: TYPE_ENUM
type_name: ".containerd.runhcs.v1.Options.DebugType"
json_name: "debugType"
}
field {
name: "registry_root"
number: 3
label: LABEL_OPTIONAL
type: TYPE_STRING
json_name: "registryRoot"
}
field {
name: "sandbox_image"
number: 4
label: LABEL_OPTIONAL
type: TYPE_STRING
json_name: "sandboxImage"
}
field {
name: "sandbox_platform"
number: 5
label: LABEL_OPTIONAL
type: TYPE_STRING
json_name: "sandboxPlatform"
}
field {
name: "sandbox_isolation"
number: 6
label: LABEL_OPTIONAL
type: TYPE_ENUM
type_name: ".containerd.runhcs.v1.Options.SandboxIsolation"
json_name: "sandboxIsolation"
}
enum_type {
name: "DebugType"
value {
name: "NPIPE"
number: 0
}
value {
name: "FILE"
number: 1
}
value {
name: "ETW"
number: 2
}
}
enum_type {
name: "SandboxIsolation"
value {
name: "PROCESS"
number: 0
}
value {
name: "HYPERVISOR"
number: 1
}
}
}
options {
go_package: "github.com/containerd/containerd/runtime/v2/runhcs/options;options"
}
weak_dependency: 0
syntax: "proto3"
}

627
runtime/v2/runhcs/options/runhcs.pb.go
View File

@ -1,627 +0,0 @@
// Code generated by protoc-gen-gogo. DO NOT EDIT.
// source: github.com/containerd/containerd/runtime/v2/runhcs/options/runhcs.proto
package options
import (
fmt "fmt"
proto "github.com/gogo/protobuf/proto"
io "io"
math "math"
reflect "reflect"
strings "strings"
)
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
var _ = fmt.Errorf
var _ = math.Inf
// This is a compile-time assertion to ensure that this generated file
// is compatible with the proto package it is being compiled against.
// A compilation error at this line likely means your copy of the
// proto package needs to be updated.
const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
type Options_DebugType int32
const (
Options_NPIPE Options_DebugType = 0
Options_FILE Options_DebugType = 1
Options_ETW Options_DebugType = 2
)
var Options_DebugType_name = map[int32]string{
0: "NPIPE",
1: "FILE",
2: "ETW",
}
var Options_DebugType_value = map[string]int32{
"NPIPE": 0,
"FILE": 1,
"ETW": 2,
}
func (x Options_DebugType) String() string {
return proto.EnumName(Options_DebugType_name, int32(x))
}
func (Options_DebugType) EnumDescriptor() ([]byte, []int) {
return fileDescriptor_f30b88a94da34796, []int{0, 0}
}
type Options_SandboxIsolation int32
const (
Options_PROCESS Options_SandboxIsolation = 0
Options_HYPERVISOR Options_SandboxIsolation = 1
)
var Options_SandboxIsolation_name = map[int32]string{
0: "PROCESS",
1: "HYPERVISOR",
}
var Options_SandboxIsolation_value = map[string]int32{
"PROCESS": 0,
"HYPERVISOR": 1,
}
func (x Options_SandboxIsolation) String() string {
return proto.EnumName(Options_SandboxIsolation_name, int32(x))
}
func (Options_SandboxIsolation) EnumDescriptor() ([]byte, []int) {
return fileDescriptor_f30b88a94da34796, []int{0, 1}
}
type Options struct {
// enable debug tracing
Debug bool `protobuf:"varint,1,opt,name=debug,proto3" json:"debug,omitempty"`
// debug tracing output type
DebugType Options_DebugType `protobuf:"varint,2,opt,name=debug_type,json=debugType,proto3,enum=containerd.runhcs.v1.Options_DebugType" json:"debug_type,omitempty"`
// registry key root for storage of the runhcs container state
RegistryRoot string `protobuf:"bytes,3,opt,name=registry_root,json=registryRoot,proto3" json:"registry_root,omitempty"`
// sandbox_image is the image to use for the sandbox that matches the
// sandbox_platform.
SandboxImage string `protobuf:"bytes,4,opt,name=sandbox_image,json=sandboxImage,proto3" json:"sandbox_image,omitempty"`
// sandbox_platform is a CRI setting that specifies the platform
// architecture for all sandbox's in this runtime. Values are
// 'windows/amd64' and 'linux/amd64'.
SandboxPlatform string `protobuf:"bytes,5,opt,name=sandbox_platform,json=sandboxPlatform,proto3" json:"sandbox_platform,omitempty"`
// sandbox_isolation is a CRI setting that specifies the isolation level of
// the sandbox. For Windows runtime PROCESS and HYPERVISOR are valid. For
// LCOW only HYPERVISOR is valid and default if omitted.
SandboxIsolation Options_SandboxIsolation `protobuf:"varint,6,opt,name=sandbox_isolation,json=sandboxIsolation,proto3,enum=containerd.runhcs.v1.Options_SandboxIsolation" json:"sandbox_isolation,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *Options) Reset() { *m = Options{} }
func (*Options) ProtoMessage() {}
func (*Options) Descriptor() ([]byte, []int) {
return fileDescriptor_f30b88a94da34796, []int{0}
}
func (m *Options) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
}
func (m *Options) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
if deterministic {
return xxx_messageInfo_Options.Marshal(b, m, deterministic)
} else {
b = b[:cap(b)]
n, err := m.MarshalTo(b)
if err != nil {
return nil, err
}
return b[:n], nil
}
}
func (m *Options) XXX_Merge(src proto.Message) {
xxx_messageInfo_Options.Merge(m, src)
}
func (m *Options) XXX_Size() int {
return m.Size()
}
func (m *Options) XXX_DiscardUnknown() {
xxx_messageInfo_Options.DiscardUnknown(m)
}
var xxx_messageInfo_Options proto.InternalMessageInfo
func init() {
proto.RegisterEnum("containerd.runhcs.v1.Options_DebugType", Options_DebugType_name, Options_DebugType_value)
proto.RegisterEnum("containerd.runhcs.v1.Options_SandboxIsolation", Options_SandboxIsolation_name, Options_SandboxIsolation_value)
proto.RegisterType((*Options)(nil), "containerd.runhcs.v1.Options")
}
func init() {
proto.RegisterFile("github.com/containerd/containerd/runtime/v2/runhcs/options/runhcs.proto", fileDescriptor_f30b88a94da34796)
}
var fileDescriptor_f30b88a94da34796 = []byte{
// 383 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x92, 0xcd, 0x6e, 0x9b, 0x40,
0x14, 0x85, 0x19, 0xff, 0x73, 0xdb, 0xba, 0x74, 0xe4, 0x05, 0xea, 0x02, 0x59, 0xee, 0xa2, 0xf6,
0x06, 0x54, 0x77, 0xd9, 0x9d, 0x5b, 0xdc, 0x22, 0x55, 0x35, 0x1a, 0xac, 0xb6, 0xf9, 0x91, 0x2c,
0x30, 0x04, 0x23, 0x19, 0x06, 0xc1, 0xd8, 0x8a, 0x77, 0x79, 0x89, 0xbc, 0x93, 0x97, 0x59, 0x66,
0x19, 0xf3, 0x24, 0x11, 0x30, 0x38, 0x51, 0x14, 0x65, 0x91, 0x15, 0xe7, 0x1e, 0xbe, 0x7b, 0xee,
0x5c, 0xcd, 0xc0, 0x4f, 0x3f, 0x60, 0xab, 0x8d, 0xa3, 0x2e, 0x69, 0xa8, 0x2d, 0x69, 0xc4, 0xec,
0x20, 0xf2, 0x12, 0xf7, 0xb1, 0x4c, 0x36, 0x11, 0x0b, 0x42, 0x4f, 0xdb, 0x8e, 0x73, 0xb9, 0x5a,
0xa6, 0x1a, 0x8d, 0x59, 0x40, 0xa3, 0x94, 0x97, 0x6a, 0x9c, 0x50, 0x46, 0x71, 0xef, 0xa1, 0x45,
0xe5, 0x3f, 0xb6, 0x5f, 0x3e, 0xf6, 0x7c, 0xea, 0xd3, 0x02, 0xd0, 0x72, 0x55, 0xb2, 0x83, 0xeb,
0x3a, 0xb4, 0x67, 0x65, 0x08, 0xee, 0x41, 0xd3, 0xf5, 0x9c, 0x8d, 0x2f, 0xa3, 0x3e, 0x1a, 0x76,
0x48, 0x59, 0xe0, 0x29, 0x40, 0x21, 0x16, 0x6c, 0x17, 0x7b, 0x72, 0xad, 0x8f, 0x86, 0xdd, 0xf1,
0x67, 0xf5, 0xb9, 0x11, 0x2a, 0x0f, 0x52, 0x7f, 0xe4, 0xfc, 0x7c, 0x17, 0x7b, 0x44, 0x74, 0x2b,
0x89, 0x3f, 0xc1, 0xbb, 0xc4, 0xf3, 0x83, 0x94, 0x25, 0xbb, 0x45, 0x42, 0x29, 0x93, 0xeb, 0x7d,
0x34, 0x14, 0xc9, 0xdb, 0xca, 0x24, 0x94, 0xb2, 0x1c, 0x4a, 0xed, 0xc8, 0x75, 0xe8, 0xe5, 0x22,
0x08, 0x6d, 0xdf, 0x93, 0x1b, 0x25, 0xc4, 0x4d, 0x23, 0xf7, 0xf0, 0x08, 0xa4, 0x0a, 0x8a, 0xd7,
0x36, 0xbb, 0xa0, 0x49, 0x28, 0x37, 0x0b, 0xee, 0x3d, 0xf7, 0x4d, 0x6e, 0xe3, 0x33, 0xf8, 0x70,
0xcc, 0x4b, 0xe9, 0xda, 0xce, 0xcf, 0x27, 0xb7, 0x8a, 0x1d, 0xd4, 0x97, 0x77, 0xb0, 0xf8, 0xc4,
0xaa, 0x8b, 0x54, 0x33, 0x8f, 0xce, 0x60, 0x04, 0xe2, 0x71, 0x53, 0x2c, 0x42, 0xf3, 0x8f, 0x69,
0x98, 0xba, 0x24, 0xe0, 0x0e, 0x34, 0xa6, 0xc6, 0x6f, 0x5d, 0x42, 0xb8, 0x0d, 0x75, 0x7d, 0xfe,
0x4f, 0xaa, 0x0d, 0x34, 0x90, 0x9e, 0x06, 0xe2, 0x37, 0xd0, 0x36, 0xc9, 0xec, 0xbb, 0x6e, 0x59,
0x92, 0x80, 0xbb, 0x00, 0xbf, 0x4e, 0x4c, 0x9d, 0xfc, 0x35, 0xac, 0x19, 0x91, 0xd0, 0xe4, 0x7c,
0x7f, 0x50, 0x84, 0xdb, 0x83, 0x22, 0x5c, 0x65, 0x0a, 0xda, 0x67, 0x0a, 0xba, 0xc9, 0x14, 0x74,
0x97, 0x29, 0xe8, 0x74, 0xf2, 0xfa, 0x67, 0xf2, 0x8d, 0x7f, 0xff, 0x0b, 0x4e, 0xab, 0xb8, 0xfe,
0xaf, 0xf7, 0x01, 0x00, 0x00, 0xff, 0xff, 0xe8, 0xe0, 0x0a, 0x7a, 0x75, 0x02, 0x00, 0x00,
}
func (m *Options) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
n, err := m.MarshalTo(dAtA)
if err != nil {
return nil, err
}
return dAtA[:n], nil
}
func (m *Options) MarshalTo(dAtA []byte) (int, error) {
var i int
_ = i
var l int
_ = l
if m.Debug {
dAtA[i] = 0x8
i++
if m.Debug {
dAtA[i] = 1
} else {
dAtA[i] = 0
}
i++
}
if m.DebugType != 0 {
dAtA[i] = 0x10
i++
i = encodeVarintRunhcs(dAtA, i, uint64(m.DebugType))
}
if len(m.RegistryRoot) > 0 {
dAtA[i] = 0x1a
i++
i = encodeVarintRunhcs(dAtA, i, uint64(len(m.RegistryRoot)))
i += copy(dAtA[i:], m.RegistryRoot)
}
if len(m.SandboxImage) > 0 {
dAtA[i] = 0x22
i++
i = encodeVarintRunhcs(dAtA, i, uint64(len(m.SandboxImage)))
i += copy(dAtA[i:], m.SandboxImage)
}
if len(m.SandboxPlatform) > 0 {
dAtA[i] = 0x2a
i++
i = encodeVarintRunhcs(dAtA, i, uint64(len(m.SandboxPlatform)))
i += copy(dAtA[i:], m.SandboxPlatform)
}
if m.SandboxIsolation != 0 {
dAtA[i] = 0x30
i++
i = encodeVarintRunhcs(dAtA, i, uint64(m.SandboxIsolation))
}
if m.XXX_unrecognized != nil {
i += copy(dAtA[i:], m.XXX_unrecognized)
}
return i, nil
}
func encodeVarintRunhcs(dAtA []byte, offset int, v uint64) int {
for v >= 1<<7 {
dAtA[offset] = uint8(v&0x7f | 0x80)
v >>= 7
offset++
}
dAtA[offset] = uint8(v)
return offset + 1
}
func (m *Options) Size() (n int) {
if m == nil {
return 0
}
var l int
_ = l
if m.Debug {
n += 2
}
if m.DebugType != 0 {
n += 1 + sovRunhcs(uint64(m.DebugType))
}
l = len(m.RegistryRoot)
if l > 0 {
n += 1 + l + sovRunhcs(uint64(l))
}
l = len(m.SandboxImage)
if l > 0 {
n += 1 + l + sovRunhcs(uint64(l))
}
l = len(m.SandboxPlatform)
if l > 0 {
n += 1 + l + sovRunhcs(uint64(l))
}
if m.SandboxIsolation != 0 {
n += 1 + sovRunhcs(uint64(m.SandboxIsolation))
}
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
return n
}
func sovRunhcs(x uint64) (n int) {
for {
n++
x >>= 7
if x == 0 {
break
}
}
return n
}
func sozRunhcs(x uint64) (n int) {
return sovRunhcs(uint64((x << 1) ^ uint64((int64(x) >> 63))))
}
func (this *Options) String() string {
if this == nil {
return "nil"
}
s := strings.Join([]string{`&Options{`,
`Debug:` + fmt.Sprintf("%v", this.Debug) + `,`,
`DebugType:` + fmt.Sprintf("%v", this.DebugType) + `,`,
`RegistryRoot:` + fmt.Sprintf("%v", this.RegistryRoot) + `,`,
`SandboxImage:` + fmt.Sprintf("%v", this.SandboxImage) + `,`,
`SandboxPlatform:` + fmt.Sprintf("%v", this.SandboxPlatform) + `,`,
`SandboxIsolation:` + fmt.Sprintf("%v", this.SandboxIsolation) + `,`,
`XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`,
`}`,
}, "")
return s
}
func valueToStringRunhcs(v interface{}) string {
rv := reflect.ValueOf(v)
if rv.IsNil() {
return "nil"
}
pv := reflect.Indirect(rv).Interface()
return fmt.Sprintf("*%v", pv)
}
func (m *Options) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
preIndex := iNdEx
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
fieldNum := int32(wire >> 3)
wireType := int(wire & 0x7)
if wireType == 4 {
return fmt.Errorf("proto: Options: wiretype end group for non-group")
}
if fieldNum <= 0 {
return fmt.Errorf("proto: Options: illegal tag %d (wire type %d)", fieldNum, wire)
}
switch fieldNum {
case 1:
if wireType != 0 {
return fmt.Errorf("proto: wrong wireType = %d for field Debug", wireType)
}
var v int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
v |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
m.Debug = bool(v != 0)
case 2:
if wireType != 0 {
return fmt.Errorf("proto: wrong wireType = %d for field DebugType", wireType)
}
m.DebugType = 0
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
m.DebugType |= Options_DebugType(b&0x7F) << shift
if b < 0x80 {
break
}
}
case 3:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field RegistryRoot", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthRunhcs
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthRunhcs
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.RegistryRoot = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 4:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SandboxImage", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthRunhcs
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthRunhcs
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.SandboxImage = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 5:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SandboxPlatform", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthRunhcs
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthRunhcs
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.SandboxPlatform = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 6:
if wireType != 0 {
return fmt.Errorf("proto: wrong wireType = %d for field SandboxIsolation", wireType)
}
m.SandboxIsolation = 0
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRunhcs
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
m.SandboxIsolation |= Options_SandboxIsolation(b&0x7F) << shift
if b < 0x80 {
break
}
}
default:
iNdEx = preIndex
skippy, err := skipRunhcs(dAtA[iNdEx:])
if err != nil {
return err
}
if skippy < 0 {
return ErrInvalidLengthRunhcs
}
if (iNdEx + skippy) < 0 {
return ErrInvalidLengthRunhcs
}
if (iNdEx + skippy) > l {
return io.ErrUnexpectedEOF
}
m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
iNdEx += skippy
}
}
if iNdEx > l {
return io.ErrUnexpectedEOF
}
return nil
}
func skipRunhcs(dAtA []byte) (n int, err error) {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return 0, ErrIntOverflowRunhcs
}
if iNdEx >= l {
return 0, io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
wireType := int(wire & 0x7)
switch wireType {
case 0:
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return 0, ErrIntOverflowRunhcs
}
if iNdEx >= l {
return 0, io.ErrUnexpectedEOF
}
iNdEx++
if dAtA[iNdEx-1] < 0x80 {
break
}
}
return iNdEx, nil
case 1:
iNdEx += 8
return iNdEx, nil
case 2:
var length int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return 0, ErrIntOverflowRunhcs
}
if iNdEx >= l {
return 0, io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
length |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if length < 0 {
return 0, ErrInvalidLengthRunhcs
}
iNdEx += length
if iNdEx < 0 {
return 0, ErrInvalidLengthRunhcs
}
return iNdEx, nil
case 3:
for {
var innerWire uint64
var start int = iNdEx
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return 0, ErrIntOverflowRunhcs
}
if iNdEx >= l {
return 0, io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
innerWire |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
innerWireType := int(innerWire & 0x7)
if innerWireType == 4 {
break
}
next, err := skipRunhcs(dAtA[start:])
if err != nil {
return 0, err
}
iNdEx = start + next
if iNdEx < 0 {
return 0, ErrInvalidLengthRunhcs
}
}
return iNdEx, nil
case 4:
return iNdEx, nil
case 5:
iNdEx += 4
return iNdEx, nil
default:
return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
}
}
panic("unreachable")
}
var (
ErrInvalidLengthRunhcs = fmt.Errorf("proto: negative length found during unmarshaling")
ErrIntOverflowRunhcs = fmt.Errorf("proto: integer overflow")
)

197
runtime/v2/runhcs/process.go
View File

@ -1,197 +0,0 @@
// +build windows
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package runhcs
import (
"context"
"os"
"sync"
"sync/atomic"
"syscall"
"time"
eventstypes "github.com/containerd/containerd/api/events"
"github.com/containerd/containerd/runtime"
)
type processExit struct {
pid uint32
exitStatus uint32
exitedAt time.Time
exitErr error
}
func newProcess(ctx context.Context, s *service, id string, pid uint32, pr *pipeRelay, bundle, stdin, stdout, stderr string, terminal bool) (*process, error) {
p, err := os.FindProcess(int(pid))
if err != nil {
return nil, err
}
process := &process{
cid: id,
id: id,
bundle: bundle,
stdin: stdin,
stdout: stdout,
stderr: stderr,
terminal: terminal,
relay: pr,
waitBlock: make(chan struct{}),
}
process.startedWg.Add(1)
go waitForProcess(ctx, process, p, s)
return process, nil
}
// waitForProcess waits for `p` to exit.
//
// The caller of `waitForProcess` MUST have incremented `process.startedWg` to
// synchronize event start/exit publishing.
func waitForProcess(ctx context.Context, process *process, p *os.Process, s *service) {
pid := uint32(p.Pid)
// Store the default non-exited value for calls to stat
process.exit.Store(&processExit{
pid: pid,
exitStatus: 255,
exitedAt: time.Time{},
exitErr: nil,
})
var status int
processState, eerr := p.Wait()
if eerr != nil {
status = 255
p.Kill()
} else {
status = processState.Sys().(syscall.WaitStatus).ExitStatus()
}
now := time.Now()
process.exit.Store(&processExit{
pid: pid,
exitStatus: uint32(status),
exitedAt: now,
exitErr: eerr,
})
// Wait for the relay
process.relay.wait()
// Wait for the started event to fire if it hasn't already
process.startedWg.Wait()
// We publish the exit before freeing upstream so that the exit event always
// happens before any delete event.
s.publisher.Publish(
ctx,
runtime.TaskExitEventTopic,
&eventstypes.TaskExit{
ContainerID: process.cid,
ID: process.id,
Pid: pid,
ExitStatus: uint32(status),
ExitedAt: now,
})
// close the client io, and free upstream waiters
process.close()
}
func newExecProcess(ctx context.Context, s *service, cid, id string, pr *pipeRelay, bundle, stdin, stdout, stderr string, terminal bool) (*process, error) {
process := &process{
cid: cid,
id: id,
bundle: bundle,
stdin: stdin,
stdout: stdout,
stderr: stderr,
terminal: terminal,
relay: pr,
waitBlock: make(chan struct{}),
}
// Store the default non-exited value for calls to stat
process.exit.Store(&processExit{
pid: 0, // This is updated when the call to Start happens and the state is overwritten in waitForProcess.
exitStatus: 255,
exitedAt: time.Time{},
exitErr: nil,
})
return process, nil
}
type process struct {
sync.Mutex
cid string
id string
bundle string
stdin string
stdout string
stderr string
terminal bool
relay *pipeRelay
// started track if the process has ever been started and will not be reset
// for the lifetime of the process object.
started bool
startedWg sync.WaitGroup
waitBlock chan struct{}
// exit holds the exit value for all calls to `stat`. By default a
// non-exited value is stored of status: 255, at: time 0.
exit atomic.Value
// closeOnce is responsible for closing waitBlock and any io.
closeOnce sync.Once
}
// closeIO closes the stdin of the executing process to unblock any waiters
func (p *process) closeIO() {
p.Lock()
defer p.Unlock()
p.relay.closeIO()
}
// close closes all stdio and frees any waiters. This is safe to call multiple
// times.
func (p *process) close() {
p.closeOnce.Do(func() {
p.relay.close()
// Free any waiters
close(p.waitBlock)
})
}
// stat is a non-blocking query of the current process state.
func (p *process) stat() *processExit {
er := p.exit.Load()
return er.(*processExit)
}
// wait waits for the container process to exit and returns the exit status. If
// the process failed post start the processExit will contain the exitErr. This
// is safe to call previous to calling start().
func (p *process) wait() *processExit {
<-p.waitBlock
return p.stat()
}

1076
runtime/v2/runhcs/service.go
View File

File diff suppressed because it is too large Load Diff

244
runtime/v2/shim/shim_windows.go
View File

@ -19,269 +19,39 @@
package shim
import (
"bytes"
"context"
"fmt"
"io"
"net"
"os"
"sync"
"unsafe"
winio "github.com/Microsoft/go-winio"
"github.com/containerd/containerd/namespaces"
"github.com/containerd/ttrpc"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/windows"
)
// setupSignals creates a new signal handler for all signals
func setupSignals(config Config) (chan os.Signal, error) {
signals := make(chan os.Signal, 32)
return signals, nil
return nil, errors.New("not supported")
}
func newServer() (*ttrpc.Server, error) {
return ttrpc.NewServer()
return nil, errors.New("not supported")
}
func subreaper() error {
return nil
}
type fakeSignal struct {
}
func (fs *fakeSignal) String() string {
return ""
}
func (fs *fakeSignal) Signal() {
return errors.New("not supported")
}
func setupDumpStacks(dump chan<- os.Signal) {
// Windows does not support signals like *nix systems. So instead of
// trapping on SIGUSR1 to dump stacks, we wait on a Win32 event to be
// signaled. ACL'd to builtin administrators and local system
event := "Global\\containerd-shim-runhcs-v1-" + fmt.Sprint(os.Getpid())
ev, _ := windows.UTF16PtrFromString(event)
sd, err := winio.SddlToSecurityDescriptor("D:P(A;;GA;;;BA)(A;;GA;;;SY)")
if err != nil {
logrus.Errorf("failed to get security descriptor for debug stackdump event %s: %s", event, err.Error())
return
}
var sa windows.SecurityAttributes
sa.Length = uint32(unsafe.Sizeof(sa))
sa.InheritHandle = 1
sa.SecurityDescriptor = uintptr(unsafe.Pointer(&sd[0]))
h, err := windows.CreateEvent(&sa, 0, 0, ev)
if h == 0 || err != nil {
logrus.Errorf("failed to create debug stackdump event %s: %s", event, err.Error())
return
}
go func() {
logrus.Debugf("Stackdump - waiting signal at %s", event)
for {
windows.WaitForSingleObject(h, windows.INFINITE)
dump <- new(fakeSignal)
}
}()
}
// serve serves the ttrpc API over a unix socket at the provided path
// this function does not block
func serveListener(path string) (net.Listener, error) {
if path == "" {
return nil, errors.New("'socket' must be npipe path")
}
l, err := winio.ListenPipe(path, nil)
if err != nil {
return nil, err
}
logrus.WithField("socket", path).Debug("serving api on npipe socket")
return l, nil
return nil, errors.New("not supported")
}
func handleSignals(ctx context.Context, logger *logrus.Entry, signals chan os.Signal) error {
logger.Info("starting signal loop")
for {
select {
case <-ctx.Done():
return ctx.Err()
case s := <-signals:
switch s {
case os.Interrupt:
return nil
}
}
}
return errors.New("not supported")
}
var _ = (io.WriterTo)(&blockingBuffer{})
var _ = (io.Writer)(&blockingBuffer{})
// blockingBuffer implements the `io.Writer` and `io.WriterTo` interfaces. Once
// `capacity` is reached the calls to `Write` will block until a successful call
// to `WriterTo` frees up the buffer space.
//
// Note: This has the same threadding semantics as bytes.Buffer with no
// additional locking so multithreading is not supported.
type blockingBuffer struct {
c *sync.Cond
capacity int
buffer bytes.Buffer
}
func newBlockingBuffer(capacity int) *blockingBuffer {
return &blockingBuffer{
c: sync.NewCond(&sync.Mutex{}),
capacity: capacity,
}
}
func (bb *blockingBuffer) Len() int {
bb.c.L.Lock()
defer bb.c.L.Unlock()
return bb.buffer.Len()
}
func (bb *blockingBuffer) Write(p []byte) (int, error) {
if len(p) > bb.capacity {
return 0, errors.Errorf("len(p) (%d) too large for capacity (%d)", len(p), bb.capacity)
}
bb.c.L.Lock()
for bb.buffer.Len()+len(p) > bb.capacity {
bb.c.Wait()
}
defer bb.c.L.Unlock()
return bb.buffer.Write(p)
}
func (bb *blockingBuffer) WriteTo(w io.Writer) (int64, error) {
bb.c.L.Lock()
defer bb.c.L.Unlock()
defer bb.c.Signal()
return bb.buffer.WriteTo(w)
}
// deferredShimWriteLogger exists to solve the upstream loggin issue presented
// by using Windows Named Pipes for logging. When containerd restarts it tries
// to reconnect to any shims. This means that the connection to the logger will
// be severed but when containerd starts up it should reconnect and start
// logging again. We abstract all of this logic behind what looks like a simple
// `io.Writer` that can reconnect in the lifetime and buffers logs while
// disconnected.
type deferredShimWriteLogger struct {
mu sync.Mutex
ctx context.Context
connected bool
aborted bool
buffer *blockingBuffer
l net.Listener
c net.Conn
conerr error
}
// beginAccept issues an accept to wait for a connection. Once a connection
// occurs drains any outstanding buffer. While draining the buffer any writes
// are blocked. If the buffer fails to fully drain due to a connection drop a
// call to `beginAccept` is re-issued waiting for another connection from
// containerd.
func (dswl *deferredShimWriteLogger) beginAccept() {
dswl.mu.Lock()
if dswl.connected {
return
}
dswl.mu.Unlock()
c, err := dswl.l.Accept()
if err == winio.ErrPipeListenerClosed {
dswl.mu.Lock()
dswl.aborted = true
dswl.l.Close()
dswl.conerr = errors.New("connection closed")
dswl.mu.Unlock()
return
}
dswl.mu.Lock()
dswl.connected = true
dswl.c = c
// Drain the buffer
if dswl.buffer.Len() > 0 {
_, err := dswl.buffer.WriteTo(dswl.c)
if err != nil {
// We lost our connection draining the buffer.
dswl.connected = false
dswl.c.Close()
go dswl.beginAccept()
}
}
dswl.mu.Unlock()
}
func (dswl *deferredShimWriteLogger) Write(p []byte) (int, error) {
dswl.mu.Lock()
defer dswl.mu.Unlock()
if dswl.aborted {
return 0, dswl.conerr
}
if dswl.connected {
// We have a connection. beginAccept would have drained the buffer so we just write our data to
// the connection directly.
written, err := dswl.c.Write(p)
if err != nil {
// We lost the connection.
dswl.connected = false
dswl.c.Close()
go dswl.beginAccept()
// We weren't able to write the full `p` bytes. Buffer the rest
if written != len(p) {
w, err := dswl.buffer.Write(p[written:])
if err != nil {
// We failed to buffer. Return this error
return written + w, err
}
written += w
}
}
return written, nil
}
// We are disconnected. Buffer the contents.
return dswl.buffer.Write(p)
}
// openLog on Windows acts as the server of the log pipe. This allows the
// containerd daemon to independently restart and reconnect to the logs.
func openLog(ctx context.Context, id string) (io.Writer, error) {
ns, err := namespaces.NamespaceRequired(ctx)
if err != nil {
return nil, err
}
dswl := &deferredShimWriteLogger{
ctx: ctx,
buffer: newBlockingBuffer(64 * 1024), // 64KB,
}
l, err := winio.ListenPipe(fmt.Sprintf("\\\\.\\pipe\\containerd-shim-%s-%s-log", ns, id), nil)
if err != nil {
return nil, err
}
dswl.l = l
go dswl.beginAccept()
return dswl, nil
func openLog(ctx context.Context, _ string) (io.Writer, error) {
return nil, errors.New("not supported")
}

162
runtime/v2/shim/shim_windows_test.go
View File

@ -1,162 +0,0 @@
// +build windows
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package shim
import (
"bytes"
"context"
"fmt"
"io"
"testing"
"time"
winio "github.com/Microsoft/go-winio"
"github.com/containerd/containerd/namespaces"
)
func readValueFrom(rdr io.Reader, expectedStr string, t *testing.T) {
expected := []byte(expectedStr)
actual := make([]byte, len(expected))
read, err := rdr.Read(actual)
if err != nil {
t.Fatalf("failed to read with: %v", err)
}
if read != len(expected) {
t.Fatalf("failed to read len %v bytes read: %v", len(expected), read)
}
if !bytes.Equal(expected, actual) {
t.Fatalf("expected '%v' != actual '%v'", expected, actual)
}
}
func writeValueTo(wr io.Writer, value string) {
expected := []byte(value)
written, err := wr.Write(expected)
if err != nil {
panic(fmt.Sprintf("failed to write with: %v", err))
}
if len(expected) != written {
panic(fmt.Sprintf("failed to write len %v bytes wrote: %v", len(expected), written))
}
}
func runOneTest(ns, id string, writer io.Writer, t *testing.T) {
// Write on closed
go writeValueTo(writer, "Hello World!")
// Connect
c, err := winio.DialPipe(fmt.Sprintf("\\\\.\\pipe\\containerd-shim-%s-%s-log", ns, id), nil)
if err != nil {
t.Fatal("should have successfully connected to log")
}
defer c.Close()
// Read the deferred buffer.
readValueFrom(c, "Hello World!", t)
go writeValueTo(writer, "Hello Next!")
readValueFrom(c, "Hello Next!", t)
}
func TestOpenLog(t *testing.T) {
ns := "openlognamespace"
id := "openlogid"
ctx := namespaces.WithNamespace(context.TODO(), ns)
writer, err := openLog(ctx, id)
if err != nil {
t.Fatalf("failed openLog with %v", err)
}
// Do three iterations of write/open/read/write/read/close
for i := 0; i < 3; i++ {
runOneTest(ns, id, writer, t)
}
}
func TestBlockingBufferWriteNotEnoughCapacity(t *testing.T) {
bb := newBlockingBuffer(5)
val := make([]byte, 10)
w, err := bb.Write(val)
if err == nil {
t.Fatal("write should of failed capacity check")
}
if w != 0 {
t.Fatal("write should of not written any bytes on failed capacity check")
}
}
func TestBlockingBufferLoop(t *testing.T) {
nameBytes := []byte(t.Name())
nameBytesLen := len(nameBytes)
bb := newBlockingBuffer(nameBytesLen)
for i := 0; i < 3; i++ {
writeValueTo(bb, t.Name())
if bb.Len() != nameBytesLen {
t.Fatalf("invalid buffer bytes len after write: (%d)", bb.buffer.Len())
}
buf := &bytes.Buffer{}
w, err := bb.WriteTo(buf)
if err != nil {
t.Fatalf("should not have failed WriteTo: (%v)", err)
}
if w != int64(nameBytesLen) {
t.Fatalf("should have written all bytes, wrote (%d)", w)
}
readValueFrom(buf, t.Name(), t)
if bb.Len() != 0 {
t.Fatalf("invalid buffer bytes len after read: (%d)", bb.buffer.Len())
}
}
}
func TestBlockingBuffer(t *testing.T) {
nameBytes := []byte(t.Name())
nameBytesLen := len(nameBytes)
bb := newBlockingBuffer(nameBytesLen)
// Write the first value
writeValueTo(bb, t.Name())
if bb.Len() != nameBytesLen {
t.Fatalf("buffer len != %d", nameBytesLen)
}
// We should now have filled capacity the next write should block
done := make(chan struct{})
go func() {
writeValueTo(bb, t.Name())
close(done)
}()
select {
case <-done:
t.Fatal("third write should of blocked")
case <-time.After(10 * time.Millisecond):
buff := &bytes.Buffer{}
_, err := bb.WriteTo(buff)
if err != nil {
t.Fatalf("failed to drain buffer with: %v", err)
}
if bb.Len() != 0 {
t.Fatalf("buffer len != %d", 0)
}
readValueFrom(buff, t.Name(), t)
}
<-done
if bb.Len() != nameBytesLen {
t.Fatalf("buffer len != %d", nameBytesLen)
}
}

31
runtime/v2/shim/util_windows.go
View File

@ -18,14 +18,12 @@ package shim
import (
"context"
"fmt"
"net"
"os"
"syscall"
"time"
winio "github.com/Microsoft/go-winio"
"github.com/containerd/containerd/namespaces"
"github.com/pkg/errors"
)
@ -35,26 +33,6 @@ func getSysProcAttr() *syscall.SysProcAttr {
return nil
}
// SetScore sets the oom score for a process
func SetScore(pid int) error {
return nil
}
// AdjustOOMScore sets the OOM score for the process to the parents OOM score +1
// to ensure that they parent has a lower* score than the shim
func AdjustOOMScore(pid int) error {
return nil
}
// SocketAddress returns a npipe address
func SocketAddress(ctx context.Context, id string) (string, error) {
ns, err := namespaces.NamespaceRequired(ctx)
if err != nil {
return "", err
}
return fmt.Sprintf("\\\\.\\pipe\\containerd-shim-%s-%s-pipe", ns, id), nil
}
// AnonDialer returns a dialer for a npipe
func AnonDialer(address string, timeout time.Duration) (net.Conn, error) {
ctx, cancel := context.WithTimeout(context.Background(), timeout)
@ -85,12 +63,3 @@ func AnonDialer(address string, timeout time.Duration) (net.Conn, error) {
return c, nil
}
}
// NewSocket returns a new npipe listener
func NewSocket(address string) (net.Listener, error) {
l, err := winio.ListenPipe(address, nil)
if err != nil {
return nil, errors.Wrapf(err, "failed to listen to npipe %s", address)
}
return l, nil
}

1
vendor/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/doc.go generated vendored Normal file
View File

@ -0,0 +1 @@
package options

1033
vendor/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/runhcs.pb.go generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

22
runtime/v2/runhcs/options/runhcs.proto → vendor/github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options/runhcs.proto generated vendored
View File

@ -3,9 +3,11 @@ syntax = "proto3";
package containerd.runhcs.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/runtime/v2/runhcs/options;options";
option go_package = "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options;options";
// Options are the set of customizations that can be passed at Create time.
message Options {
// enable debug tracing
bool debug = 1;
@ -40,4 +42,22 @@ message Options {
// the sandbox. For Windows runtime PROCESS and HYPERVISOR are valid. For
// LCOW only HYPERVISOR is valid and default if omitted.
SandboxIsolation sandbox_isolation = 6;
// boot_files_root_path is the path to the directory containing the LCOW
// kernel and root FS files.
string boot_files_root_path = 7;
}
// ProcessDetails contains additional information about a process. This is the additional
// info returned in the Pids query.
message ProcessDetails {
string image_name = 1;
google.protobuf.Timestamp created_at = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
uint64 kernel_time_100_ns = 3;
uint64 memory_commit_bytes = 4;
uint64 memory_working_set_private_bytes = 5;
uint64 memory_working_set_shared_bytes = 6;
uint32 process_id = 7;
uint64 user_time_100_ns = 8;
string exec_id = 9;
}