Merge pull request #2141 from estesp/with-linuxns
Add --with-ns flag to ctr run/create
This commit is contained in:
Akihiro Suda
GitHub
commit
6a50dca196
@ -65,6 +65,10 @@ var ContainerFlags = []cli.Flag{
|
|||||||
Name: "tty,t",
|
Name: "tty,t",
|
||||||
Usage: "allocate a TTY for the container",
|
Usage: "allocate a TTY for the container",
|
||||||
},
|
},
|
||||||
|
cli.StringSliceFlag{
|
||||||
|
Name: "with-ns",
|
||||||
|
Usage: "specify existing Linux namespaces to join at container runtime (format '<nstype>:<path>')",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
func loadSpec(path string, s *specs.Spec) error {
|
func loadSpec(path string, s *specs.Spec) error {
|
||||||
|
|||||||
@ -4,11 +4,13 @@ package run
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
gocontext "context"
|
gocontext "context"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/containerd/containerd"
|
"github.com/containerd/containerd"
|
||||||
"github.com/containerd/containerd/cmd/ctr/commands"
|
"github.com/containerd/containerd/cmd/ctr/commands"
|
||||||
"github.com/containerd/containerd/oci"
|
"github.com/containerd/containerd/oci"
|
||||||
specs "github.com/opencontainers/runtime-spec/specs-go"
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
|
"github.com/pkg/errors"
|
||||||
"github.com/urfave/cli"
|
"github.com/urfave/cli"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -78,6 +80,20 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
|
|||||||
if context.Bool("net-host") {
|
if context.Bool("net-host") {
|
||||||
opts = append(opts, oci.WithHostNamespace(specs.NetworkNamespace), oci.WithHostHostsFile, oci.WithHostResolvconf)
|
opts = append(opts, oci.WithHostNamespace(specs.NetworkNamespace), oci.WithHostHostsFile, oci.WithHostResolvconf)
|
||||||
}
|
}
|
||||||
|
joinNs := context.StringSlice("with-ns")
|
||||||
|
for _, ns := range joinNs {
|
||||||
|
parts := strings.Split(ns, ":")
|
||||||
|
if len(parts) != 2 {
|
||||||
|
return nil, errors.New("joining a Linux namespace using --with-ns requires the format 'nstype:path'")
|
||||||
|
}
|
||||||
|
if !validNamespace(parts[0]) {
|
||||||
|
return nil, errors.New("the Linux namespace type specified in --with-ns is not valid: " + parts[0])
|
||||||
|
}
|
||||||
|
opts = append(opts, oci.WithLinuxNamespace(specs.LinuxNamespace{
|
||||||
|
Type: specs.LinuxNamespaceType(parts[0]),
|
||||||
|
Path: parts[1],
|
||||||
|
}))
|
||||||
|
}
|
||||||
if context.IsSet("config") {
|
if context.IsSet("config") {
|
||||||
var s specs.Spec
|
var s specs.Spec
|
||||||
if err := loadSpec(context.String("config"), &s); err != nil {
|
if err := loadSpec(context.String("config"), &s); err != nil {
|
||||||
@ -101,3 +117,19 @@ func getNewTaskOpts(context *cli.Context) []containerd.NewTaskOpts {
|
|||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func validNamespace(ns string) bool {
|
||||||
|
linuxNs := specs.LinuxNamespaceType(ns)
|
||||||
|
switch linuxNs {
|
||||||
|
case specs.PIDNamespace,
|
||||||
|
specs.NetworkNamespace,
|
||||||
|
specs.UTSNamespace,
|
||||||
|
specs.MountNamespace,
|
||||||
|
specs.UserNamespace,
|
||||||
|
specs.IPCNamespace,
|
||||||
|
specs.CgroupNamespace:
|
||||||
|
return true
|
||||||
|
default:
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user