containerd-shim: Use abstract namespace for the unix socket

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2017-06-12 14:43:28 -07:00
parent 8644a08c96
commit 95afeb7831
4 changed files with 63 additions and 26 deletions
--- a/cmd/containerd-shim/main_unix.go
+++ b/cmd/containerd-shim/main_unix.go
@@ -22,12 +22,12 @@ import (
 )

 const usage = `
-                    __        _                     __           __    _         
-  _________  ____  / /_____ _(_)___  ___  _________/ /     _____/ /_  (_)___ ___ 
+                    __        _                     __           __    _
+  _________  ____  / /_____ _(_)___  ___  _________/ /     _____/ /_  (_)___ ___
 / ___/ __ \/ __ \/ __/ __ ` + "`" + `/ / __ \/ _ \/ ___/ __  /_____/ ___/ __ \/ / __ ` + "`" + `__ \
 / /__/ /_/ / / / / /_/ /_/ / / / / /  __/ /  / /_/ /_____(__  ) / / / / / / / / /
-\___/\____/_/ /_/\__/\__,_/_/_/ /_/\___/_/   \__,_/     /____/_/ /_/_/_/ /_/ /_/ 
-                                                                                 
+\___/\____/_/ /_/\__/\__,_/_/_/ /_/\___/_/   \__,_/     /____/_/ /_/_/_/ /_/ /_/
+
 shim for container lifecycle and reconnection
 `

@@ -45,6 +45,10 @@ func main() {
 			Name:  "namespace,n",
 			Usage: "namespace that owns the task",
 		},
+		cli.StringFlag{
+			Name:  "socket,s",
+			Usage: "abstract socket path to server on",
+		},
 	}
 	app.Before = func(context *cli.Context) error {
 		if context.GlobalBool("debug") {
@@ -73,7 +77,8 @@ func main() {
 		}
 		logrus.Debug("registering grpc server")
 		shimapi.RegisterShimServer(server, sv)
-		if err := serve(server, "shim.sock"); err != nil {
+		socket := context.GlobalString("socket")
+		if err := serve(server, socket); err != nil {
 			return err
 		}
 		return handleSignals(signals, server)
@@ -87,7 +92,16 @@ func main() {
 // serve serves the grpc API over a unix socket at the provided path
 // this function does not block
 func serve(server *grpc.Server, path string) error {
-	l, err := net.FileListener(os.NewFile(3, "socket"))
+	var (
+		l   net.Listener
+		err error
+	)
+	if path == "" {
+		l, err = net.FileListener(os.NewFile(3, "socket"))
+		path = "[inherited from parent]"
+	} else {
+		l, err = net.Listen("unix", "\x00"+path)
+	}
 	if err != nil {
 		return err
 	}
--- a/cmd/ctr/shim.go
+++ b/cmd/ctr/shim.go
@@ -51,6 +51,12 @@ var fifoFlags = []cli.Flag{
 var shimCommand = cli.Command{
 	Name:  "shim",
 	Usage: "interact with a shim directly",
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "socket",
+			Usage: "socket on which to connect to the shim",
+		},
+	},
 	Subcommands: []cli.Command{
 		shimCreateCommand,
 		shimStartCommand,
@@ -88,7 +94,7 @@ var shimCreateCommand = cli.Command{
 		if id == "" {
 			return errors.New("container id must be provided")
 		}
-		service, err := getShimService()
+		service, err := getShimService(context)
 		if err != nil {
 			return err
 		}
@@ -139,7 +145,7 @@ var shimStartCommand = cli.Command{
 	Name:  "start",
 	Usage: "start a container with a shim",
 	Action: func(context *cli.Context) error {
-		service, err := getShimService()
+		service, err := getShimService(context)
 		if err != nil {
 			return err
 		}
@@ -152,7 +158,7 @@ var shimDeleteCommand = cli.Command{
 	Name:  "delete",
 	Usage: "delete a container with a shim",
 	Action: func(context *cli.Context) error {
-		service, err := getShimService()
+		service, err := getShimService(context)
 		if err != nil {
 			return err
 		}
@@ -169,7 +175,7 @@ var shimStateCommand = cli.Command{
 	Name:  "state",
 	Usage: "get the state of all the processes of the shim",
 	Action: func(context *cli.Context) error {
-		service, err := getShimService()
+		service, err := getShimService(context)
 		if err != nil {
 			return err
 		}
@@ -213,7 +219,7 @@ var shimExecCommand = cli.Command{
 		},
 	),
 	Action: func(context *cli.Context) error {
-		service, err := getShimService()
+		service, err := getShimService(context)
 		ctx := gocontext.Background()
 		if err != nil {
 			return err
@@ -275,7 +281,7 @@ var shimEventsCommand = cli.Command{
 	Name:  "events",
 	Usage: "get events for a shim",
 	Action: func(context *cli.Context) error {
-		service, err := getShimService()
+		service, err := getShimService(context)
 		if err != nil {
 			return err
 		}
@@ -293,15 +299,18 @@ var shimEventsCommand = cli.Command{
 	},
 }

-func getShimService() (shim.ShimClient, error) {
-	bindSocket := "shim.sock"
+func getShimService(context *cli.Context) (shim.ShimClient, error) {
+	bindSocket := context.GlobalString("socket")
+	if bindSocket == "" {
+		return nil, errors.New("socket path must be specified")
+	}

 	// reset the logger for grpc to log to dev/null so that it does not mess with our stdio
 	grpclog.SetLogger(log.New(ioutil.Discard, "", log.LstdFlags))
 	dialOpts := []grpc.DialOption{grpc.WithInsecure(), grpc.WithTimeout(100 * time.Second)}
 	dialOpts = append(dialOpts,
 		grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) {
-			return net.DialTimeout("unix", bindSocket, timeout)
+			return net.DialTimeout("unix", "\x00"+bindSocket, timeout)
 		},
 		))
 	conn, err := grpc.Dial(fmt.Sprintf("unix://%s", bindSocket), dialOpts...)