github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Launch sandboxed containers from task service

Browse Source 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
This commit is contained in:
Maksym Pavlenko 2021-11-10 14:57:57 -08:00
parent 00f7a6bf2b
commit 982de8a5d5
5 changed files with 34 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
containers/containers.go
View File

@ -78,6 +78,8 @@ type Container struct {
Extensions map[string]typeurl.Any Extensions map[string]typeurl.Any
// SandboxID is an identifier of sandbox this container belongs to. // SandboxID is an identifier of sandbox this container belongs to.
//
// This property is optional, but can't be changed after creation.
SandboxID string SandboxID string
} }

2
runtime/runtime.go
View File

@ -49,6 +49,8 @@ type CreateOpts struct {
// Runtime name to use (e.g. `io.containerd.NAME.VERSION`). // Runtime name to use (e.g. `io.containerd.NAME.VERSION`).
// As an alternative full abs path to binary may be specified instead. // As an alternative full abs path to binary may be specified instead.
Runtime string Runtime string
// SandboxID is an optional ID of sandbox this container belongs to
SandboxID string
} }
// Exit information for a process // Exit information for a process

19
runtime/v2/manager.go
View File

@ -373,9 +373,22 @@ func (m *TaskManager) ID() string {
// Create launches new shim instance and creates new task // Create launches new shim instance and creates new task
func (m *TaskManager) Create(ctx context.Context, taskID string, opts runtime.CreateOpts) (runtime.Task, error) { func (m *TaskManager) Create(ctx context.Context, taskID string, opts runtime.CreateOpts) (runtime.Task, error) {
process, err := m.manager.Start(ctx, taskID, opts) var (
if err != nil { process ShimProcess
return nil, fmt.Errorf("failed to start shim: %w", err) err error
)
if opts.SandboxID != "" {
// This container belongs to sandbox which supposed to be already started via sandbox API.
process, err = m.manager.Get(ctx, opts.SandboxID)
if err != nil {
return nil, fmt.Errorf("can't find sandbox %s", opts.SandboxID)
}
} else {
process, err = m.manager.Start(ctx, taskID, opts)
if err != nil {
return nil, fmt.Errorf("failed to start shim: %w", err)
}
} }
// Cast to shim task and call task service to create a new container task instance. // Cast to shim task and call task service to create a new container task instance.

26
sandbox/controller.go
View File

@ -22,22 +22,22 @@ import (
"github.com/gogo/protobuf/types" "github.com/gogo/protobuf/types"
) )
// Controller is an interface to manage a runtime sandbox instance (runtimes's SandboxManager) // Controller is an interface to manage sandboxes at runtime.
// SandboxRuntime is responsible for the sandbox instances lifecycle management.
// When running the traditional containerd shim, the workflow looks as follows: // When running the traditional containerd shim, the workflow looks as follows:
// For each new task we're about to run: // For each new task we're about to run:
// 1. Invoke `shim_binary --start` to obtain `TaskService` address (printed in stdout) // 1. Invoke `shim_binary --start` to obtain `TaskService` address (printed in stdout)
// 2. Call TaskService.RunContainer(id=1) // 2. Call TaskService.RunContainer(id=1)
// 3. Exec `shim_binary --delete` to stop shim // 3. Exec `shim_binary --delete` to stop shim
// 4. Exec `shim_binary --start` again to obtain another `TaskService` address // 4. Exec `shim_binary --start` again to obtain another `TaskService` address
// 5. TaskService.RunContainer(id=2) // 5. TaskService.RunContainer(id=2)
// 6. Exec `shim_binary --delete` to stop shim // 6. Exec `shim_binary --delete` to stop shim
// //
// When running in sandbox mode, shim must implement `SandboxService`. In sandbox mode shim lifetimes are managed manually. // When running in sandbox mode, shim must implement `SandboxService`.
// 1. Client calls `client.Controller.Start()` to launch new shim and create sandbox process // In sandbox mode shim lifetimes are managed manually via sandbox API.
// 2. Run containers with `shim.TaskService.RunContainer(id=1)` and another one `shim.TaskService.RunContainer(id=2)` // 1. Client calls `client.SandboxController.Start()` to launch new shim and create sandbox process
// 3. ... usual container lifecycle calls to `shim.TaskService` // 2. Run containers with `shim.TaskService.RunContainer(id=1)` and another one `shim.TaskService.RunContainer(id=2)`
// 4. Client calls shim to stop the sandbox with `client.SandboxService.Shutdown()` // 3. ... usual container lifecycle calls to `shim.TaskService`
// 4. Client calls shim to stop the sandbox with `client.SandboxService.Shutdown()`
// 5. Shim implementation will perform cleanup similar to regular task service (e.g. shutdown, clean, and `shim_binary --delete`) // 5. Shim implementation will perform cleanup similar to regular task service (e.g. shutdown, clean, and `shim_binary --delete`)
type Controller interface { type Controller interface {
// Start will start new sandbox instance. // Start will start new sandbox instance.

1
services/tasks/local.go
View File

@ -200,6 +200,7 @@ func (l *local) Create(ctx context.Context, r *api.CreateTaskRequest, _ ...grpc.
Runtime: container.Runtime.Name, Runtime: container.Runtime.Name,
RuntimeOptions: container.Runtime.Options, RuntimeOptions: container.Runtime.Options,
TaskOptions: r.Options, TaskOptions: r.Options,
SandboxID: container.SandboxID,
} }
if r.RuntimePath != "" { if r.RuntimePath != "" {
opts.Runtime = r.RuntimePath opts.Runtime = r.RuntimePath