github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

feat: replace github.com/pkg/errors to errors

Browse Source 
Signed-off-by: haoyun <yun.hao@daocloud.io>
Co-authored-by: zounengren <zouyee1989@gmail.com>
This commit is contained in:
haoyun
2022-01-07 10:19:31 +08:00
parent 3ccd43c8f6
commit bbe46b8c43
299 changed files with 1896 additions and 1874 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/cap/cap_linux.go
View File

@@ -19,12 +19,11 @@ package cap
import (
"bufio"
"fmt"
"io"
"os"
"strconv"
"strings"
"github.com/pkg/errors"
)
// FromNumber returns a cap string like "CAP_SYS_ADMIN"
@@ -91,7 +90,7 @@ func ParseProcPIDStatus(r io.Reader) (map[Type]uint64, error) {
case "CapInh", "CapPrm", "CapEff", "CapBnd", "CapAmb":
ui64, err := strconv.ParseUint(v, 16, 64)
if err != nil {
return nil, errors.Errorf("failed to parse line %q", line)
return nil, fmt.Errorf("failed to parse line %q", line)
}
switch k {
case "CapInh":

19
pkg/cri/config/config.go
View File

@@ -18,12 +18,13 @@ package config
import (
"context"
"errors"
"fmt"
"net/url"
"time"
"github.com/containerd/containerd/log"
"github.com/containerd/containerd/plugin"
"github.com/pkg/errors"
)
// Runtime struct to contain the type(ID), engine, and root variables for a default runtime
@@ -346,7 +347,7 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
if c.ContainerdConfig.UntrustedWorkloadRuntime.Type != "" {
log.G(ctx).Warning("`untrusted_workload_runtime` is deprecated, please use `untrusted` runtime in `runtimes` instead")
if _, ok := c.ContainerdConfig.Runtimes[RuntimeUntrusted]; ok {
return errors.Errorf("conflicting definitions: configuration includes both `untrusted_workload_runtime` and `runtimes[%q]`", RuntimeUntrusted)
return fmt.Errorf("conflicting definitions: configuration includes both `untrusted_workload_runtime` and `runtimes[%q]`", RuntimeUntrusted)
}
c.ContainerdConfig.Runtimes[RuntimeUntrusted] = c.ContainerdConfig.UntrustedWorkloadRuntime
}
@@ -363,19 +364,19 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
return errors.New("`default_runtime_name` is empty")
}
if _, ok := c.ContainerdConfig.Runtimes[c.ContainerdConfig.DefaultRuntimeName]; !ok {
return errors.Errorf("no corresponding runtime configured in `containerd.runtimes` for `containerd` `default_runtime_name = \"%s\"", c.ContainerdConfig.DefaultRuntimeName)
return fmt.Errorf("no corresponding runtime configured in `containerd.runtimes` for `containerd` `default_runtime_name = \"%s\"", c.ContainerdConfig.DefaultRuntimeName)
}
// Validation for deprecated runtime options.
if c.SystemdCgroup {
if c.ContainerdConfig.Runtimes[c.ContainerdConfig.DefaultRuntimeName].Type != plugin.RuntimeLinuxV1 {
return errors.Errorf("`systemd_cgroup` only works for runtime %s", plugin.RuntimeLinuxV1)
return fmt.Errorf("`systemd_cgroup` only works for runtime %s", plugin.RuntimeLinuxV1)
}
log.G(ctx).Warning("`systemd_cgroup` is deprecated, please use runtime `options` instead")
}
if c.NoPivot {
if c.ContainerdConfig.Runtimes[c.ContainerdConfig.DefaultRuntimeName].Type != plugin.RuntimeLinuxV1 {
return errors.Errorf("`no_pivot` only works for runtime %s", plugin.RuntimeLinuxV1)
return fmt.Errorf("`no_pivot` only works for runtime %s", plugin.RuntimeLinuxV1)
}
// NoPivot can't be deprecated yet, because there is no alternative config option
// for `io.containerd.runtime.v1.linux`.
@@ -383,13 +384,13 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
for _, r := range c.ContainerdConfig.Runtimes {
if r.Engine != "" {
if r.Type != plugin.RuntimeLinuxV1 {
return errors.Errorf("`runtime_engine` only works for runtime %s", plugin.RuntimeLinuxV1)
return fmt.Errorf("`runtime_engine` only works for runtime %s", plugin.RuntimeLinuxV1)
}
log.G(ctx).Warning("`runtime_engine` is deprecated, please use runtime `options` instead")
}
if r.Root != "" {
if r.Type != plugin.RuntimeLinuxV1 {
return errors.Errorf("`runtime_root` only works for runtime %s", plugin.RuntimeLinuxV1)
return fmt.Errorf("`runtime_root` only works for runtime %s", plugin.RuntimeLinuxV1)
}
log.G(ctx).Warning("`runtime_root` is deprecated, please use runtime `options` instead")
}
@@ -425,7 +426,7 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
auth := auth
u, err := url.Parse(endpoint)
if err != nil {
return errors.Wrapf(err, "failed to parse registry url %q from `registry.auths`", endpoint)
return fmt.Errorf("failed to parse registry url %q from `registry.auths`: %w", endpoint, err)
}
if u.Scheme != "" {
// Do not include the scheme in the new registry config.
@@ -441,7 +442,7 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
// Validation for stream_idle_timeout
if c.StreamIdleTimeout != "" {
if _, err := time.ParseDuration(c.StreamIdleTimeout); err != nil {
return errors.Wrap(err, "invalid stream idle timeout")
return fmt.Errorf("invalid stream idle timeout: %w", err)
}
}
return nil

23
pkg/cri/cri.go
View File

@@ -18,6 +18,7 @@ package cri
import (
"flag"
"fmt"
"path/filepath"
"github.com/containerd/containerd"
@@ -35,7 +36,6 @@ import (
"github.com/containerd/containerd/services"
"github.com/containerd/containerd/snapshots"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"k8s.io/klog/v2"
@@ -44,7 +44,6 @@ import (
"github.com/containerd/containerd/pkg/cri/server"
)
// TODO(random-liu): Use github.com/pkg/errors for our errors.
// Register CRI service plugin
func init() {
config := criconfig.DefaultConfig()
@@ -66,7 +65,7 @@ func initCRIService(ic *plugin.InitContext) (interface{}, error) {
ctx := ic.Context
pluginConfig := ic.Config.(*criconfig.PluginConfig)
if err := criconfig.ValidatePluginConfig(ctx, pluginConfig); err != nil {
return nil, errors.Wrap(err, "invalid plugin config")
return nil, fmt.Errorf("invalid plugin config: %w", err)
}
c := criconfig.Config{
@@ -79,12 +78,12 @@ func initCRIService(ic *plugin.InitContext) (interface{}, error) {
log.G(ctx).Infof("Start cri plugin with config %+v", c)
if err := setGLogLevel(); err != nil {
return nil, errors.Wrap(err, "failed to set glog level")
return nil, fmt.Errorf("failed to set glog level: %w", err)
}
servicesOpts, err := getServicesOpts(ic)
if err != nil {
return nil, errors.Wrap(err, "failed to get services")
return nil, fmt.Errorf("failed to get services: %w", err)
}
log.G(ctx).Info("Connect containerd service")
@@ -95,12 +94,12 @@ func initCRIService(ic *plugin.InitContext) (interface{}, error) {
containerd.WithServices(servicesOpts...),
)
if err != nil {
return nil, errors.Wrap(err, "failed to create containerd client")
return nil, fmt.Errorf("failed to create containerd client: %w", err)
}
s, err := server.NewCRIService(c, client)
if err != nil {
return nil, errors.Wrap(err, "failed to create CRI service")
return nil, fmt.Errorf("failed to create CRI service: %w", err)
}
go func() {
@@ -116,12 +115,12 @@ func initCRIService(ic *plugin.InitContext) (interface{}, error) {
func getServicesOpts(ic *plugin.InitContext) ([]containerd.ServicesOpt, error) {
plugins, err := ic.GetByType(plugin.ServicePlugin)
if err != nil {
return nil, errors.Wrap(err, "failed to get service plugin")
return nil, fmt.Errorf("failed to get service plugin: %w", err)
}
ep, err := ic.Get(plugin.EventPlugin)
if err != nil {
return nil, errors.Wrap(err, "failed to get event plugin")
return nil, fmt.Errorf("failed to get event plugin: %w", err)
}
opts := []containerd.ServicesOpt{
@@ -158,14 +157,14 @@ func getServicesOpts(ic *plugin.InitContext) ([]containerd.ServicesOpt, error) {
} {
p := plugins[s]
if p == nil {
return nil, errors.Errorf("service %q not found", s)
return nil, fmt.Errorf("service %q not found", s)
}
i, err := p.Instance()
if err != nil {
return nil, errors.Wrapf(err, "failed to get instance of service %q", s)
return nil, fmt.Errorf("failed to get instance of service %q: %w", s, err)
}
if i == nil {
return nil, errors.Errorf("instance of service %q not found", s)
return nil, fmt.Errorf("instance of service %q not found", s)
}
opts = append(opts, fn(i))
}

6
pkg/cri/io/helpers_windows.go
View File

@@ -17,13 +17,13 @@
package io
import (
"fmt"
"io"
"net"
"os"
"sync"
winio "github.com/Microsoft/go-winio"
"github.com/pkg/errors"
"golang.org/x/net/context"
)
@@ -60,7 +60,7 @@ func openPipe(ctx context.Context, fn string, flag int, perm os.FileMode) (io.Re
func (p *pipe) Write(b []byte) (int, error) {
p.conWg.Wait()
if p.conErr != nil {
return 0, errors.Wrap(p.conErr, "connection error")
return 0, fmt.Errorf("connection error: %w", p.conErr)
}
return p.con.Write(b)
}
@@ -68,7 +68,7 @@ func (p *pipe) Write(b []byte) (int, error) {
func (p *pipe) Read(b []byte) (int, error) {
p.conWg.Wait()
if p.conErr != nil {
return 0, errors.Wrap(p.conErr, "connection error")
return 0, fmt.Errorf("connection error: %w", p.conErr)
}
return p.con.Read(b)
}

13
pkg/cri/opts/container.go
View File

@@ -18,6 +18,8 @@ package opts
import (
"context"
"errors"
"fmt"
"os"
"path/filepath"
goruntime "runtime"
@@ -30,7 +32,6 @@ import (
"github.com/containerd/containerd/mount"
"github.com/containerd/containerd/snapshots"
"github.com/containerd/continuity/fs"
"github.com/pkg/errors"
)
// WithNewSnapshot wraps `containerd.WithNewSnapshot` so that if creating the
@@ -44,7 +45,7 @@ func WithNewSnapshot(id string, i containerd.Image, opts ...snapshots.Opt) conta
}
if err := i.Unpack(ctx, c.Snapshotter); err != nil {
return errors.Wrap(err, "error unpacking image")
return fmt.Errorf("error unpacking image: %w", err)
}
return f(ctx, client, c)
}
@@ -102,7 +103,7 @@ func WithVolumes(volumeMounts map[string]string) containerd.NewContainerOpts {
} else {
mountPaths = append(mountPaths, root)
if err := mount.All(mounts, root); err != nil {
return errors.Wrap(err, "failed to mount")
return fmt.Errorf("failed to mount: %w", err)
}
defer unmounter(root)
}
@@ -117,10 +118,10 @@ func WithVolumes(volumeMounts map[string]string) containerd.NewContainerOpts {
// Skip copying directory if it does not exist.
continue
}
return errors.Wrap(err, "stat volume in rootfs")
return fmt.Errorf("stat volume in rootfs: %w", err)
}
if err := copyExistingContents(src, host); err != nil {
return errors.Wrap(err, "taking runtime copy of volume")
return fmt.Errorf("taking runtime copy of volume: %w", err)
}
}
}
@@ -136,7 +137,7 @@ func copyExistingContents(source, destination string) error {
return err
}
if len(dstList) != 0 {
return errors.Errorf("volume at %q is not initially empty", destination)
return fmt.Errorf("volume at %q is not initially empty", destination)
}
return fs.CopyDir(destination, source, fs.WithXAttrExclude("security.selinux"))
}

3
pkg/cri/opts/spec.go
View File

@@ -18,16 +18,15 @@ package opts
import (
"context"
"errors"
"os"
"path/filepath"
"strings"
"github.com/containerd/containerd/containers"
"github.com/containerd/containerd/oci"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)

22
pkg/cri/opts/spec_linux.go
View File

@@ -18,6 +18,7 @@ package opts
import (
"context"
"errors"
"fmt"
"os"
"path/filepath"
@@ -33,7 +34,6 @@ import (
"github.com/containerd/containerd/oci"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -159,17 +159,17 @@ func WithMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*ru
// TODO(random-liu): Add CRI validation test for this case.
if _, err := osi.Stat(src); err != nil {
if !os.IsNotExist(err) {
return errors.Wrapf(err, "failed to stat %q", src)
return fmt.Errorf("failed to stat %q: %w", src, err)
}
if err := osi.MkdirAll(src, 0755); err != nil {
return errors.Wrapf(err, "failed to mkdir %q", src)
return fmt.Errorf("failed to mkdir %q: %w", src, err)
}
}
// TODO(random-liu): Add cri-containerd integration test or cri validation test
// for this.
src, err := osi.ResolveSymbolicLink(src)
if err != nil {
return errors.Wrapf(err, "failed to resolve symlink %q", src)
return fmt.Errorf("failed to resolve symlink %q: %w", src, err)
}
if s.Linux == nil {
s.Linux = &runtimespec.Linux{}
@@ -210,7 +210,7 @@ func WithMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*ru
if mount.GetSelinuxRelabel() {
if err := label.Relabel(src, mountLabel, false); err != nil && err != unix.ENOTSUP {
return errors.Wrapf(err, "relabel %q with %q failed", src, mountLabel)
return fmt.Errorf("relabel %q with %q failed: %w", src, mountLabel, err)
}
}
s.Mounts = append(s.Mounts, runtimespec.Mount{
@@ -239,7 +239,7 @@ func ensureShared(path string, lookupMount func(string) (mount.Info, error)) err
}
}
return errors.Errorf("path %q is mounted on %q but it is not a shared mount", path, mountInfo.Mountpoint)
return fmt.Errorf("path %q is mounted on %q but it is not a shared mount", path, mountInfo.Mountpoint)
}
// ensure mount point on which path is mounted, is either shared or slave.
@@ -257,7 +257,7 @@ func ensureSharedOrSlave(path string, lookupMount func(string) (mount.Info, erro
return nil
}
}
return errors.Errorf("path %q is mounted on %q but it is not a shared or slave mount", path, mountInfo.Mountpoint)
return fmt.Errorf("path %q is mounted on %q but it is not a shared or slave mount", path, mountInfo.Mountpoint)
}
// getDeviceUserGroupID() is used to find the right uid/gid
@@ -514,7 +514,7 @@ var (
func cgroupv1HasHugetlb() (bool, error) {
_cgroupv1HasHugetlbOnce.Do(func() {
if _, err := os.ReadDir("/sys/fs/cgroup/hugetlb"); err != nil {
_cgroupv1HasHugetlbErr = errors.Wrap(err, "readdir /sys/fs/cgroup/hugetlb")
_cgroupv1HasHugetlbErr = fmt.Errorf("readdir /sys/fs/cgroup/hugetlb: %w", err)
_cgroupv1HasHugetlb = false
} else {
_cgroupv1HasHugetlbErr = nil
@@ -530,7 +530,7 @@ func cgroupv2HasHugetlb() (bool, error) {
_cgroupv2HasHugetlbOnce.Do(func() {
controllers, err := os.ReadFile("/sys/fs/cgroup/cgroup.controllers")
if err != nil {
_cgroupv2HasHugetlbErr = errors.Wrap(err, "read /sys/fs/cgroup/cgroup.controllers")
_cgroupv2HasHugetlbErr = fmt.Errorf("read /sys/fs/cgroup/cgroup.controllers: %w", err)
return
}
_cgroupv2HasHugetlb = strings.Contains(string(controllers), "hugetlb")
@@ -678,12 +678,12 @@ func nullOpt(_ context.Context, _ oci.Client, _ *containers.Container, _ *runtim
func getCurrentOOMScoreAdj() (int, error) {
b, err := os.ReadFile("/proc/self/oom_score_adj")
if err != nil {
return 0, errors.Wrap(err, "could not get the daemon oom_score_adj")
return 0, fmt.Errorf("could not get the daemon oom_score_adj: %w", err)
}
s := strings.TrimSpace(string(b))
i, err := strconv.Atoi(s)
if err != nil {
return 0, errors.Wrap(err, "could not get the daemon oom_score_adj")
return 0, fmt.Errorf("could not get the daemon oom_score_adj: %w", err)
}
return i, nil
}

8
pkg/cri/opts/spec_windows.go
View File

@@ -18,6 +18,7 @@ package opts
import (
"context"
"fmt"
"os"
"path/filepath"
"sort"
@@ -26,7 +27,6 @@ import (
"github.com/containerd/containerd/containers"
"github.com/containerd/containerd/oci"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
osinterface "github.com/containerd/containerd/pkg/os"
@@ -124,16 +124,16 @@ func WithWindowsMounts(osi osinterface.OS, config *runtime.ContainerConfig, extr
// the behavior with the Linux implementation, but it doesn't
// align with Docker's behavior on Windows.
if !os.IsNotExist(err) {
return errors.Wrapf(err, "failed to stat %q", src)
return fmt.Errorf("failed to stat %q: %w", src, err)
}
if err := osi.MkdirAll(src, 0755); err != nil {
return errors.Wrapf(err, "failed to mkdir %q", src)
return fmt.Errorf("failed to mkdir %q: %w", src, err)
}
}
var err error
src, err = osi.ResolveSymbolicLink(src)
if err != nil {
return errors.Wrapf(err, "failed to resolve symlink %q", src)
return fmt.Errorf("failed to resolve symlink %q: %w", src, err)
}
// hcsshim requires clean path, especially '/' -> '\'. Additionally,
// for the destination, absolute paths should have the C: prefix.

8
pkg/cri/server/cni_conf_syncer.go
View File

@@ -17,12 +17,12 @@
package server
import (
"fmt"
"os"
"sync"
cni "github.com/containerd/go-cni"
"github.com/fsnotify/fsnotify"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -43,15 +43,15 @@ type cniNetConfSyncer struct {
func newCNINetConfSyncer(confDir string, netPlugin cni.CNI, loadOpts []cni.Opt) (*cniNetConfSyncer, error) {
watcher, err := fsnotify.NewWatcher()
if err != nil {
return nil, errors.Wrap(err, "failed to create fsnotify watcher")
return nil, fmt.Errorf("failed to create fsnotify watcher: %w", err)
}
if err := os.MkdirAll(confDir, 0700); err != nil {
return nil, errors.Wrapf(err, "failed to create cni conf dir=%s for watch", confDir)
return nil, fmt.Errorf("failed to create cni conf dir=%s for watch: %w", confDir, err)
}
if err := watcher.Add(confDir); err != nil {
return nil, errors.Wrapf(err, "failed to watch cni conf dir %s", confDir)
return nil, fmt.Errorf("failed to watch cni conf dir %s: %w", confDir, err)
}
syncer := &cniNetConfSyncer{

12
pkg/cri/server/container_attach.go
View File

@@ -17,11 +17,11 @@
package server
import (
"fmt"
"io"
"github.com/containerd/containerd"
"github.com/containerd/containerd/log"
"github.com/pkg/errors"
"golang.org/x/net/context"
"k8s.io/client-go/tools/remotecommand"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -33,11 +33,11 @@ import (
func (c *criService) Attach(ctx context.Context, r *runtime.AttachRequest) (*runtime.AttachResponse, error) {
cntr, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrap(err, "failed to find container in store")
return nil, fmt.Errorf("failed to find container in store: %w", err)
}
state := cntr.Status.Get().State()
if state != runtime.ContainerState_CONTAINER_RUNNING {
return nil, errors.Errorf("container is in %s state", criContainerStateToString(state))
return nil, fmt.Errorf("container is in %s state", criContainerStateToString(state))
}
return c.streamServer.GetAttach(r)
}
@@ -49,18 +49,18 @@ func (c *criService) attachContainer(ctx context.Context, id string, stdin io.Re
// Get container from our container store.
cntr, err := c.containerStore.Get(id)
if err != nil {
return errors.Wrapf(err, "failed to find container %q in store", id)
return fmt.Errorf("failed to find container %q in store: %w", id, err)
}
id = cntr.ID
state := cntr.Status.Get().State()
if state != runtime.ContainerState_CONTAINER_RUNNING {
return errors.Errorf("container is in %s state", criContainerStateToString(state))
return fmt.Errorf("container is in %s state", criContainerStateToString(state))
}
task, err := cntr.Container.Task(ctx, nil)
if err != nil {
return errors.Wrap(err, "failed to load task")
return fmt.Errorf("failed to load task: %w", err)
}
handleResizing(ctx, resize, func(size remotecommand.TerminalSize) {
if err := task.Resize(ctx, uint32(size.Width), uint32(size.Height)); err != nil {

47
pkg/cri/server/container_create.go
View File

@@ -17,6 +17,8 @@
package server
import (
"errors"
"fmt"
"path/filepath"
"time"
@@ -30,7 +32,6 @@ import (
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
selinux "github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -53,12 +54,12 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
sandboxConfig := r.GetSandboxConfig()
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
return nil, errors.Wrapf(err, "failed to find sandbox id %q", r.GetPodSandboxId())
return nil, fmt.Errorf("failed to find sandbox id %q: %w", r.GetPodSandboxId(), err)
}
sandboxID := sandbox.ID
s, err := sandbox.Container.Task(ctx, nil)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox container task")
return nil, fmt.Errorf("failed to get sandbox container task: %w", err)
}
sandboxPid := s.Pid()
@@ -74,7 +75,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
name := makeContainerName(metadata, sandboxConfig.GetMetadata())
log.G(ctx).Debugf("Generated id %q for container %q", id, name)
if err = c.containerNameIndex.Reserve(name, id); err != nil {
return nil, errors.Wrapf(err, "failed to reserve container name %q", name)
return nil, fmt.Errorf("failed to reserve container name %q: %w", name, err)
}
defer func() {
// Release the name if the function returns with an error.
@@ -95,25 +96,25 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
// been pulled before creating the container, so do not ensure the image.
image, err := c.localResolve(config.GetImage().GetImage())
if err != nil {
return nil, errors.Wrapf(err, "failed to resolve image %q", config.GetImage().GetImage())
return nil, fmt.Errorf("failed to resolve image %q: %w", config.GetImage().GetImage(), err)
}
containerdImage, err := c.toContainerdImage(ctx, image)
if err != nil {
return nil, errors.Wrapf(err, "failed to get image from containerd %q", image.ID)
return nil, fmt.Errorf("failed to get image from containerd %q: %w", image.ID, err)
}
start := time.Now()
// Run container using the same runtime with sandbox.
sandboxInfo, err := sandbox.Container.Info(ctx)
if err != nil {
return nil, errors.Wrapf(err, "failed to get sandbox %q info", sandboxID)
return nil, fmt.Errorf("failed to get sandbox %q info: %w", sandboxID, err)
}
// Create container root directory.
containerRootDir := c.getContainerRootDir(id)
if err = c.os.MkdirAll(containerRootDir, 0755); err != nil {
return nil, errors.Wrapf(err, "failed to create container root directory %q",
containerRootDir)
return nil, fmt.Errorf("failed to create container root directory %q: %w",
containerRootDir, err)
}
defer func() {
if retErr != nil {
@@ -126,8 +127,8 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
}()
volatileContainerRootDir := c.getVolatileContainerRootDir(id)
if err = c.os.MkdirAll(volatileContainerRootDir, 0755); err != nil {
return nil, errors.Wrapf(err, "failed to create volatile container root directory %q",
volatileContainerRootDir)
return nil, fmt.Errorf("failed to create volatile container root directory %q: %w",
volatileContainerRootDir, err)
}
defer func() {
if retErr != nil {
@@ -152,14 +153,14 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
ociRuntime, err := c.getSandboxRuntime(sandboxConfig, sandbox.Metadata.RuntimeHandler)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox runtime")
return nil, fmt.Errorf("failed to get sandbox runtime: %w", err)
}
log.G(ctx).Debugf("Use OCI runtime %+v for sandbox %q and container %q", ociRuntime, sandboxID, id)
spec, err := c.containerSpec(id, sandboxID, sandboxPid, sandbox.NetNSPath, containerName, containerdImage.Name(), config, sandboxConfig,
&image.ImageSpec.Config, append(mounts, volumeMounts...), ociRuntime)
if err != nil {
return nil, errors.Wrapf(err, "failed to generate container %q spec", id)
return nil, fmt.Errorf("failed to generate container %q spec: %w", id, err)
}
meta.ProcessLabel = spec.Process.SelinuxLabel
@@ -216,7 +217,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
containerIO, err := cio.NewContainerIO(id,
cio.WithNewFIFOs(volatileContainerRootDir, config.GetTty(), config.GetStdin()))
if err != nil {
return nil, errors.Wrap(err, "failed to create container io")
return nil, fmt.Errorf("failed to create container io: %w", err)
}
defer func() {
if retErr != nil {
@@ -228,14 +229,14 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
specOpts, err := c.containerSpecOpts(config, &image.ImageSpec.Config)
if err != nil {
return nil, errors.Wrap(err, "failed to get container spec opts")
return nil, fmt.Errorf("failed to get container spec opts: %w", err)
}
containerLabels := buildLabels(config.Labels, image.ImageSpec.Config.Labels, containerKindContainer)
runtimeOptions, err := getRuntimeOptions(sandboxInfo)
if err != nil {
return nil, errors.Wrap(err, "failed to get runtime options")
return nil, fmt.Errorf("failed to get runtime options: %w", err)
}
opts = append(opts,
containerd.WithSpec(spec, specOpts...),
@@ -244,7 +245,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
containerd.WithContainerExtension(containerMetadataExtension, &meta))
var cntr containerd.Container
if cntr, err = c.client.NewContainer(ctx, id, opts...); err != nil {
return nil, errors.Wrap(err, "failed to create containerd container")
return nil, fmt.Errorf("failed to create containerd container: %w", err)
}
defer func() {
if retErr != nil {
@@ -263,7 +264,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
containerstore.WithContainerIO(containerIO),
)
if err != nil {
return nil, errors.Wrapf(err, "failed to create internal container object for %q", id)
return nil, fmt.Errorf("failed to create internal container object for %q: %w", id, err)
}
defer func() {
if retErr != nil {
@@ -276,7 +277,7 @@ func (c *criService) CreateContainer(ctx context.Context, r *runtime.CreateConta
// Add container into container store.
if err := c.containerStore.Add(container); err != nil {
return nil, errors.Wrapf(err, "failed to add container %q into store", id)
return nil, fmt.Errorf("failed to add container %q into store: %w", id, err)
}
containerCreateTimer.WithValues(ociRuntime.Type).UpdateSince(start)
@@ -321,19 +322,19 @@ func (c *criService) runtimeSpec(id string, baseSpecFile string, opts ...oci.Spe
if baseSpecFile != "" {
baseSpec, ok := c.baseOCISpecs[baseSpecFile]
if !ok {
return nil, errors.Errorf("can't find base OCI spec %q", baseSpecFile)
return nil, fmt.Errorf("can't find base OCI spec %q", baseSpecFile)
}
spec := oci.Spec{}
if err := util.DeepCopy(&spec, &baseSpec); err != nil {
return nil, errors.Wrap(err, "failed to clone OCI spec")
return nil, fmt.Errorf("failed to clone OCI spec: %w", err)
}
// Fix up cgroups path
applyOpts := append([]oci.SpecOpts{oci.WithNamespacedCgroup()}, opts...)
if err := oci.ApplyOpts(ctx, nil, container, &spec, applyOpts...); err != nil {
return nil, errors.Wrap(err, "failed to apply OCI options")
return nil, fmt.Errorf("failed to apply OCI options: %w", err)
}
return &spec, nil
@@ -341,7 +342,7 @@ func (c *criService) runtimeSpec(id string, baseSpecFile string, opts ...oci.Spe
spec, err := oci.GenerateSpec(ctx, nil, container, opts...)
if err != nil {
return nil, errors.Wrap(err, "failed to generate spec")
return nil, fmt.Errorf("failed to generate spec: %w", err)
}
return spec, nil

27
pkg/cri/server/container_create_linux.go
View File

@@ -18,6 +18,8 @@ package server
import (
"bufio"
"errors"
"fmt"
"io"
"os"
"strconv"
@@ -31,7 +33,6 @@ import (
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
selinux "github.com/opencontainers/selinux/go-selinux"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
"github.com/containerd/containerd/pkg/cri/annotations"
@@ -187,7 +188,7 @@ func (c *criService) containerSpec(
processLabel, mountLabel, err := label.InitLabels(labelOptions)
if err != nil {
return nil, errors.Wrapf(err, "failed to init selinux options %+v", securityContext.GetSelinuxOptions())
return nil, fmt.Errorf("failed to init selinux options %+v: %w", securityContext.GetSelinuxOptions(), err)
}
defer func() {
if retErr != nil {
@@ -262,7 +263,7 @@ func (c *criService) containerSpec(
// Get RDT class
rdtClass, err := c.rdtClassFromAnnotations(config.GetMetadata().GetName(), config.Annotations, sandboxConfig.Annotations)
if err != nil {
return nil, errors.Wrap(err, "failed to set RDT class")
return nil, fmt.Errorf("failed to set RDT class: %w", err)
}
if rdtClass != "" {
specOpts = append(specOpts, oci.WithRdt(rdtClass, "", ""))
@@ -286,7 +287,7 @@ func (c *criService) containerSpec(
if nsOpts.GetPid() == runtime.NamespaceMode_TARGET {
targetContainer, err := c.validateTargetContainer(sandboxID, nsOpts.TargetId)
if err != nil {
return nil, errors.Wrapf(err, "invalid target container")
return nil, fmt.Errorf("invalid target container: %w", err)
}
status := targetContainer.Status.Get()
@@ -328,7 +329,7 @@ func (c *criService) containerSpecOpts(config *runtime.ContainerConfig, imageCon
securityContext.GetRunAsUser(),
securityContext.GetRunAsGroup())
if err != nil {
return nil, errors.Wrap(err, "failed to generate user string")
return nil, fmt.Errorf("failed to generate user string: %w", err)
}
if userstr == "" {
// Lastly, since no user override was passed via CRI try to set via OCI
@@ -352,7 +353,7 @@ func (c *criService) containerSpecOpts(config *runtime.ContainerConfig, imageCon
if asp == nil {
asp, err = generateApparmorSecurityProfile(securityContext.GetApparmorProfile()) //nolint:staticcheck // Deprecated but we don't want to remove yet
if err != nil {
return nil, errors.Wrap(err, "failed to generate apparmor spec opts")
return nil, fmt.Errorf("failed to generate apparmor spec opts: %w", err)
}
}
apparmorSpecOpts, err := generateApparmorSpecOpts(
@@ -360,7 +361,7 @@ func (c *criService) containerSpecOpts(config *runtime.ContainerConfig, imageCon
securityContext.GetPrivileged(),
c.apparmorEnabled())
if err != nil {
return nil, errors.Wrap(err, "failed to generate apparmor spec opts")
return nil, fmt.Errorf("failed to generate apparmor spec opts: %w", err)
}
if apparmorSpecOpts != nil {
specOpts = append(specOpts, apparmorSpecOpts)
@@ -372,7 +373,7 @@ func (c *criService) containerSpecOpts(config *runtime.ContainerConfig, imageCon
securityContext.GetSeccompProfilePath(), //nolint:staticcheck // Deprecated but we don't want to remove yet
c.config.UnsetSeccompProfile)
if err != nil {
return nil, errors.Wrap(err, "failed to generate seccomp spec opts")
return nil, fmt.Errorf("failed to generate seccomp spec opts: %w", err)
}
}
seccompSpecOpts, err := c.generateSeccompSpecOpts(
@@ -380,7 +381,7 @@ func (c *criService) containerSpecOpts(config *runtime.ContainerConfig, imageCon
securityContext.GetPrivileged(),
c.seccompEnabled())
if err != nil {
return nil, errors.Wrap(err, "failed to generate seccomp spec opts")
return nil, fmt.Errorf("failed to generate seccomp spec opts: %w", err)
}
if seccompSpecOpts != nil {
specOpts = append(specOpts, seccompSpecOpts)
@@ -417,7 +418,7 @@ func generateSecurityProfile(profilePath string) (*runtime.SecurityProfile, erro
default:
// Require and Trim default profile name prefix
if !strings.HasPrefix(profilePath, profileNamePrefix) {
return nil, errors.Errorf("invalid profile %q", profilePath)
return nil, fmt.Errorf("invalid profile %q", profilePath)
}
return &runtime.SecurityProfile{
ProfileType: runtime.SecurityProfile_Localhost,
@@ -503,9 +504,9 @@ func generateApparmorSpecOpts(sp *runtime.SecurityProfile, privileged, apparmorE
appArmorProfile := strings.TrimPrefix(sp.LocalhostRef, profileNamePrefix)
if profileExists, err := appArmorProfileExists(appArmorProfile); !profileExists {
if err != nil {
return nil, errors.Wrap(err, "failed to generate apparmor spec opts")
return nil, fmt.Errorf("failed to generate apparmor spec opts: %w", err)
}
return nil, errors.Errorf("apparmor profile not found %s", appArmorProfile)
return nil, fmt.Errorf("apparmor profile not found %s", appArmorProfile)
}
return apparmor.WithProfile(appArmorProfile), nil
default:
@@ -568,7 +569,7 @@ func generateUserString(username string, uid, gid *runtime.Int64Value) (string,
}
if userstr == "" {
if groupstr != "" {
return "", errors.Errorf("user group %q is specified without user", groupstr)
return "", fmt.Errorf("user group %q is specified without user", groupstr)
}
return "", nil
}

2
pkg/cri/server/container_create_linux_test.go
View File

@@ -18,6 +18,7 @@ package server
import (
"context"
"errors"
"fmt"
"os"
"path/filepath"
@@ -33,7 +34,6 @@ import (
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"

7
pkg/cri/server/container_exec.go
View File

@@ -17,7 +17,8 @@
package server
import (
"github.com/pkg/errors"
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -26,11 +27,11 @@ import (
func (c *criService) Exec(ctx context.Context, r *runtime.ExecRequest) (*runtime.ExecResponse, error) {
cntr, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrapf(err, "failed to find container %q in store", r.GetContainerId())
return nil, fmt.Errorf("failed to find container %q in store: %w", r.GetContainerId(), err)
}
state := cntr.Status.Get().State()
if state != runtime.ContainerState_CONTAINER_RUNNING {
return nil, errors.Errorf("container is in %s state", criContainerStateToString(state))
return nil, fmt.Errorf("container is in %s state", criContainerStateToString(state))
}
return c.streamServer.GetExec(r)
}

26
pkg/cri/server/container_execsync.go
View File

@@ -18,6 +18,7 @@ package server
import (
"bytes"
"fmt"
"io"
"syscall"
"time"
@@ -27,7 +28,6 @@ import (
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/log"
"github.com/containerd/containerd/oci"
"github.com/pkg/errors"
"golang.org/x/net/context"
"k8s.io/client-go/tools/remotecommand"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -49,7 +49,7 @@ func (c *criService) ExecSync(ctx context.Context, r *runtime.ExecSyncRequest) (
timeout: time.Duration(r.GetTimeout()) * time.Second,
})
if err != nil {
return nil, errors.Wrap(err, "failed to exec in container")
return nil, fmt.Errorf("failed to exec in container: %w", err)
}
return &runtime.ExecSyncResponse{
@@ -79,18 +79,18 @@ func (c *criService) execInternal(ctx context.Context, container containerd.Cont
spec, err := container.Spec(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get container spec")
return nil, fmt.Errorf("failed to get container spec: %w", err)
}
task, err := container.Task(ctx, nil)
if err != nil {
return nil, errors.Wrap(err, "failed to load task")
return nil, fmt.Errorf("failed to load task: %w", err)
}
pspec := spec.Process
pspec.Terminal = opts.tty
if opts.tty {
if err := oci.WithEnv([]string{"TERM=xterm"})(ctx, nil, nil, spec); err != nil {
return nil, errors.Wrap(err, "add TERM env var to spec")
return nil, fmt.Errorf("add TERM env var to spec: %w", err)
}
}
@@ -114,7 +114,7 @@ func (c *criService) execInternal(ctx context.Context, container containerd.Cont
},
)
if err != nil {
return nil, errors.Wrapf(err, "failed to create exec %q", execID)
return nil, fmt.Errorf("failed to create exec %q: %w", execID, err)
}
defer func() {
deferCtx, deferCancel := ctrdutil.DeferContext()
@@ -126,10 +126,10 @@ func (c *criService) execInternal(ctx context.Context, container containerd.Cont
exitCh, err := process.Wait(ctx)
if err != nil {
return nil, errors.Wrapf(err, "failed to wait for process %q", execID)
return nil, fmt.Errorf("failed to wait for process %q: %w", execID, err)
}
if err := process.Start(ctx); err != nil {
return nil, errors.Wrapf(err, "failed to start exec %q", execID)
return nil, fmt.Errorf("failed to start exec %q: %w", execID, err)
}
handleResizing(ctx, opts.resize, func(size remotecommand.TerminalSize) {
@@ -160,7 +160,7 @@ func (c *criService) execInternal(ctx context.Context, container containerd.Cont
case <-execCtx.Done():
// Ignore the not found error because the process may exit itself before killing.
if err := process.Kill(ctx, syscall.SIGKILL); err != nil && !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "failed to kill exec %q", execID)
return nil, fmt.Errorf("failed to kill exec %q: %w", execID, err)
}
// Wait for the process to be killed.
exitRes := <-exitCh
@@ -168,12 +168,12 @@ func (c *criService) execInternal(ctx context.Context, container containerd.Cont
execID, exitRes.ExitCode(), exitRes.Error())
<-attachDone
log.G(ctx).Debugf("Stream pipe for exec process %q done", execID)
return nil, errors.Wrapf(execCtx.Err(), "timeout %v exceeded", opts.timeout)
return nil, fmt.Errorf("timeout %v exceeded: %w", opts.timeout, execCtx.Err())
case exitRes := <-exitCh:
code, _, err := exitRes.Result()
log.G(ctx).Debugf("Exec process %q exits with exit code %d and error %v", execID, code, err)
if err != nil {
return nil, errors.Wrapf(err, "failed while waiting for exec %q", execID)
return nil, fmt.Errorf("failed while waiting for exec %q: %w", execID, err)
}
<-attachDone
log.G(ctx).Debugf("Stream pipe for exec process %q done", execID)
@@ -198,13 +198,13 @@ func (c *criService) execInContainer(ctx context.Context, id string, opts execOp
cntr, err := c.containerStore.Get(id)
if err != nil {
return nil, errors.Wrapf(err, "failed to find container %q in store", id)
return nil, fmt.Errorf("failed to find container %q in store: %w", id, err)
}
id = cntr.ID
state := cntr.Status.Get().State()
if state != runtime.ContainerState_CONTAINER_RUNNING {
return nil, errors.Errorf("container is in %s state", criContainerStateToString(state))
return nil, fmt.Errorf("container is in %s state", criContainerStateToString(state))
}
return c.execInternal(ctx, cntr.Container, id, opts)

6
pkg/cri/server/container_log_reopen.go
View File

@@ -17,7 +17,9 @@
package server
import (
"github.com/pkg/errors"
"errors"
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -28,7 +30,7 @@ import (
func (c *criService) ReopenContainerLog(ctx context.Context, r *runtime.ReopenContainerLogRequest) (*runtime.ReopenContainerLogResponse, error) {
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when try to find container %q", r.GetContainerId())
return nil, fmt.Errorf("an error occurred when try to find container %q: %w", r.GetContainerId(), err)
}
if container.Status.Get().State() != runtime.ContainerState_CONTAINER_RUNNING {

24
pkg/cri/server/container_remove.go
View File

@@ -17,14 +17,14 @@
package server
import (
"errors"
"fmt"
"time"
"github.com/containerd/containerd"
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/log"
containerstore "github.com/containerd/containerd/pkg/cri/store/container"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -36,7 +36,7 @@ func (c *criService) RemoveContainer(ctx context.Context, r *runtime.RemoveConta
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
if !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "an error occurred when try to find container %q", r.GetContainerId())
return nil, fmt.Errorf("an error occurred when try to find container %q: %w", r.GetContainerId(), err)
}
// Do not return error if container metadata doesn't exist.
log.G(ctx).Tracef("RemoveContainer called for container %q that does not exist", r.GetContainerId())
@@ -45,7 +45,7 @@ func (c *criService) RemoveContainer(ctx context.Context, r *runtime.RemoveConta
id := container.ID
i, err := container.Container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "get container info")
return nil, fmt.Errorf("get container info: %w", err)
}
// Forcibly stop the containers if they are in running or unknown state
@@ -54,7 +54,7 @@ func (c *criService) RemoveContainer(ctx context.Context, r *runtime.RemoveConta
state == runtime.ContainerState_CONTAINER_UNKNOWN {
logrus.Infof("Forcibly stopping container %q", id)
if err := c.stopContainer(ctx, container, 0); err != nil {
return nil, errors.Wrapf(err, "failed to forcibly stop container %q", id)
return nil, fmt.Errorf("failed to forcibly stop container %q: %w", id, err)
}
}
@@ -62,7 +62,7 @@ func (c *criService) RemoveContainer(ctx context.Context, r *runtime.RemoveConta
// Set removing state to prevent other start/remove operations against this container
// while it's being removed.
if err := setContainerRemoving(container); err != nil {
return nil, errors.Wrapf(err, "failed to set removing state for container %q", id)
return nil, fmt.Errorf("failed to set removing state for container %q: %w", id, err)
}
defer func() {
if retErr != nil {
@@ -81,25 +81,25 @@ func (c *criService) RemoveContainer(ctx context.Context, r *runtime.RemoveConta
// Delete containerd container.
if err := container.Container.Delete(ctx, containerd.WithSnapshotCleanup); err != nil {
if !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "failed to delete containerd container %q", id)
return nil, fmt.Errorf("failed to delete containerd container %q: %w", id, err)
}
log.G(ctx).Tracef("Remove called for containerd container %q that does not exist", id)
}
// Delete container checkpoint.
if err := container.Delete(); err != nil {
return nil, errors.Wrapf(err, "failed to delete container checkpoint for %q", id)
return nil, fmt.Errorf("failed to delete container checkpoint for %q: %w", id, err)
}
containerRootDir := c.getContainerRootDir(id)
if err := ensureRemoveAll(ctx, containerRootDir); err != nil {
return nil, errors.Wrapf(err, "failed to remove container root directory %q",
containerRootDir)
return nil, fmt.Errorf("failed to remove container root directory %q: %w",
containerRootDir, err)
}
volatileContainerRootDir := c.getVolatileContainerRootDir(id)
if err := ensureRemoveAll(ctx, volatileContainerRootDir); err != nil {
return nil, errors.Wrapf(err, "failed to remove volatile container root directory %q",
volatileContainerRootDir)
return nil, fmt.Errorf("failed to remove volatile container root directory %q: %w",
volatileContainerRootDir, err)
}
c.containerStore.Delete(id)

35
pkg/cri/server/container_start.go
View File

@@ -17,6 +17,8 @@
package server
import (
"errors"
"fmt"
"io"
"time"
@@ -26,7 +28,6 @@ import (
"github.com/containerd/containerd/log"
"github.com/containerd/nri"
v1 "github.com/containerd/nri/types/v1"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -43,12 +44,12 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
start := time.Now()
cntr, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when try to find container %q", r.GetContainerId())
return nil, fmt.Errorf("an error occurred when try to find container %q: %w", r.GetContainerId(), err)
}
info, err := cntr.Container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "get container info")
return nil, fmt.Errorf("get container info: %w", err)
}
id := cntr.ID
@@ -59,7 +60,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
// Set starting state to prevent other start/remove operations against this container
// while it's being started.
if err := setContainerStarting(cntr); err != nil {
return nil, errors.Wrapf(err, "failed to set starting state for container %q", id)
return nil, fmt.Errorf("failed to set starting state for container %q: %w", id, err)
}
defer func() {
if retErr != nil {
@@ -83,11 +84,11 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
// Get sandbox config from sandbox store.
sandbox, err := c.sandboxStore.Get(meta.SandboxID)
if err != nil {
return nil, errors.Wrapf(err, "sandbox %q not found", meta.SandboxID)
return nil, fmt.Errorf("sandbox %q not found: %w", meta.SandboxID, err)
}
sandboxID := meta.SandboxID
if sandbox.Status.Get().State != sandboxstore.StateReady {
return nil, errors.Errorf("sandbox container %q is not running", sandboxID)
return nil, fmt.Errorf("sandbox container %q is not running", sandboxID)
}
// Recheck target container validity in Linux namespace options.
@@ -96,7 +97,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
if nsOpts.GetPid() == runtime.NamespaceMode_TARGET {
_, err := c.validateTargetContainer(sandboxID, nsOpts.TargetId)
if err != nil {
return nil, errors.Wrap(err, "invalid target container")
return nil, fmt.Errorf("invalid target container: %w", err)
}
}
}
@@ -104,7 +105,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
ioCreation := func(id string) (_ containerdio.IO, err error) {
stdoutWC, stderrWC, err := c.createContainerLoggers(meta.LogPath, config.GetTty())
if err != nil {
return nil, errors.Wrap(err, "failed to create container loggers")
return nil, fmt.Errorf("failed to create container loggers: %w", err)
}
cntr.IO.AddOutput("log", stdoutWC, stderrWC)
cntr.IO.Pipe()
@@ -113,12 +114,12 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
ctrInfo, err := container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get container info")
return nil, fmt.Errorf("failed to get container info: %w", err)
}
ociRuntime, err := c.getSandboxRuntime(sandbox.Config, sandbox.Metadata.RuntimeHandler)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox runtime")
return nil, fmt.Errorf("failed to get sandbox runtime: %w", err)
}
taskOpts := c.taskOpts(ctrInfo.Runtime.Name)
@@ -127,7 +128,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
}
task, err := container.NewTask(ctx, ioCreation, taskOpts...)
if err != nil {
return nil, errors.Wrap(err, "failed to create containerd task")
return nil, fmt.Errorf("failed to create containerd task: %w", err)
}
defer func() {
if retErr != nil {
@@ -143,7 +144,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
// wait is a long running background request, no timeout needed.
exitCh, err := task.Wait(ctrdutil.NamespacedContext())
if err != nil {
return nil, errors.Wrap(err, "failed to wait for containerd task")
return nil, fmt.Errorf("failed to wait for containerd task: %w", err)
}
nric, err := nri.New()
if err != nil {
@@ -155,13 +156,13 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
Labels: sandbox.Config.Labels,
}
if _, err := nric.InvokeWithSandbox(ctx, task, v1.Create, nriSB); err != nil {
return nil, errors.Wrap(err, "nri invoke")
return nil, fmt.Errorf("nri invoke: %w", err)
}
}
// Start containerd task.
if err := task.Start(ctx); err != nil {
return nil, errors.Wrapf(err, "failed to start containerd task %q", id)
return nil, fmt.Errorf("failed to start containerd task %q: %w", id, err)
}
// Update container start timestamp.
@@ -170,7 +171,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
status.StartedAt = time.Now().UnixNano()
return status, nil
}); err != nil {
return nil, errors.Wrapf(err, "failed to update container %q state", id)
return nil, fmt.Errorf("failed to update container %q state: %w", id, err)
}
// It handles the TaskExit event and update container state after this.
@@ -187,7 +188,7 @@ func setContainerStarting(container containerstore.Container) error {
return container.Status.Update(func(status containerstore.Status) (containerstore.Status, error) {
// Return error if container is not in created state.
if status.State() != runtime.ContainerState_CONTAINER_CREATED {
return status, errors.Errorf("container is in %s state", criContainerStateToString(status.State()))
return status, fmt.Errorf("container is in %s state", criContainerStateToString(status.State()))
}
// Do not start the container when there is a removal in progress.
if status.Removing {
@@ -216,7 +217,7 @@ func (c *criService) createContainerLoggers(logPath string, tty bool) (stdout io
// Only generate container log when log path is specified.
f, err := openLogFile(logPath)
if err != nil {
return nil, nil, errors.Wrap(err, "failed to create and open log file")
return nil, nil, fmt.Errorf("failed to create and open log file: %w", err)
}
defer func() {
if err != nil {

11
pkg/cri/server/container_stats.go
View File

@@ -17,8 +17,9 @@
package server
import (
"fmt"
tasks "github.com/containerd/containerd/api/services/tasks/v1"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -28,20 +29,20 @@ import (
func (c *criService) ContainerStats(ctx context.Context, in *runtime.ContainerStatsRequest) (*runtime.ContainerStatsResponse, error) {
cntr, err := c.containerStore.Get(in.GetContainerId())
if err != nil {
return nil, errors.Wrap(err, "failed to find container")
return nil, fmt.Errorf("failed to find container: %w", err)
}
request := &tasks.MetricsRequest{Filters: []string{"id==" + cntr.ID}}
resp, err := c.client.TaskService().Metrics(ctx, request)
if err != nil {
return nil, errors.Wrap(err, "failed to fetch metrics for task")
return nil, fmt.Errorf("failed to fetch metrics for task: %w", err)
}
if len(resp.Metrics) != 1 {
return nil, errors.Errorf("unexpected metrics response: %+v", resp.Metrics)
return nil, fmt.Errorf("unexpected metrics response: %+v", resp.Metrics)
}
cs, err := c.containerMetrics(cntr.Metadata, resp.Metrics[0])
if err != nil {
return nil, errors.Wrap(err, "failed to decode container metrics")
return nil, fmt.Errorf("failed to decode container metrics: %w", err)
}
return &runtime.ContainerStatsResponse{Stats: cs}, nil
}

11
pkg/cri/server/container_stats_list.go
View File

@@ -17,9 +17,10 @@
package server
import (
"fmt"
tasks "github.com/containerd/containerd/api/services/tasks/v1"
"github.com/containerd/containerd/api/types"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -33,15 +34,15 @@ func (c *criService) ListContainerStats(
) (*runtime.ListContainerStatsResponse, error) {
request, containers, err := c.buildTaskMetricsRequest(in)
if err != nil {
return nil, errors.Wrap(err, "failed to build metrics request")
return nil, fmt.Errorf("failed to build metrics request: %w", err)
}
resp, err := c.client.TaskService().Metrics(ctx, &request)
if err != nil {
return nil, errors.Wrap(err, "failed to fetch metrics for tasks")
return nil, fmt.Errorf("failed to fetch metrics for tasks: %w", err)
}
criStats, err := c.toCRIContainerStats(resp.Metrics, containers)
if err != nil {
return nil, errors.Wrap(err, "failed to convert to cri containerd stats format")
return nil, fmt.Errorf("failed to convert to cri containerd stats format: %w", err)
}
return criStats, nil
}
@@ -58,7 +59,7 @@ func (c *criService) toCRIContainerStats(
for _, cntr := range containers {
cs, err := c.containerMetrics(cntr.Metadata, statsMap[cntr.ID])
if err != nil {
return nil, errors.Wrapf(err, "failed to decode container metrics for %q", cntr.ID)
return nil, fmt.Errorf("failed to decode container metrics for %q: %w", cntr.ID, err)
}
containerStats.Stats = append(containerStats.Stats, cs)
}

28
pkg/cri/server/container_stats_list_linux.go
View File

@@ -17,13 +17,13 @@
package server
import (
"fmt"
"time"
"github.com/containerd/containerd/api/types"
v1 "github.com/containerd/containerd/metrics/types/v1"
v2 "github.com/containerd/containerd/metrics/types/v2"
"github.com/containerd/typeurl"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
containerstore "github.com/containerd/containerd/pkg/cri/store/container"
@@ -61,18 +61,18 @@ func (c *criService) containerMetrics(
if stats != nil {
s, err := typeurl.UnmarshalAny(stats.Data)
if err != nil {
return nil, errors.Wrap(err, "failed to extract container metrics")
return nil, fmt.Errorf("failed to extract container metrics: %w", err)
}
cpuStats, err := c.cpuContainerStats(meta.ID, false /* isSandbox */, s, stats.Timestamp)
if err != nil {
return nil, errors.Wrap(err, "failed to obtain cpu stats")
return nil, fmt.Errorf("failed to obtain cpu stats: %w", err)
}
cs.Cpu = cpuStats
memoryStats, err := c.memoryContainerStats(meta.ID, s, stats.Timestamp)
if err != nil {
return nil, errors.Wrap(err, "failed to obtain memory stats")
return nil, fmt.Errorf("failed to obtain memory stats: %w", err)
}
cs.Memory = memoryStats
}
@@ -86,13 +86,13 @@ func (c *criService) getUsageNanoCores(containerID string, isSandbox bool, curre
if isSandbox {
sandbox, err := c.sandboxStore.Get(containerID)
if err != nil {
return 0, errors.Wrapf(err, "failed to get sandbox container: %s", containerID)
return 0, fmt.Errorf("failed to get sandbox container: %s: %w", containerID, err)
}
oldStats = sandbox.Stats
} else {
container, err := c.containerStore.Get(containerID)
if err != nil {
return 0, errors.Wrapf(err, "failed to get container ID: %s", containerID)
return 0, fmt.Errorf("failed to get container ID: %s: %w", containerID, err)
}
oldStats = container.Stats
}
@@ -105,12 +105,12 @@ func (c *criService) getUsageNanoCores(containerID string, isSandbox bool, curre
if isSandbox {
err := c.sandboxStore.UpdateContainerStats(containerID, newStats)
if err != nil {
return 0, errors.Wrapf(err, "failed to update sandbox stats container ID: %s", containerID)
return 0, fmt.Errorf("failed to update sandbox stats container ID: %s: %w", containerID, err)
}
} else {
err := c.containerStore.UpdateContainerStats(containerID, newStats)
if err != nil {
return 0, errors.Wrapf(err, "failed to update container stats ID: %s", containerID)
return 0, fmt.Errorf("failed to update container stats ID: %s: %w", containerID, err)
}
}
return 0, nil
@@ -133,13 +133,13 @@ func (c *criService) getUsageNanoCores(containerID string, isSandbox bool, curre
if isSandbox {
err := c.sandboxStore.UpdateContainerStats(containerID, newStats)
if err != nil {
return 0, errors.Wrapf(err, "failed to update sandbox container stats: %s", containerID)
return 0, fmt.Errorf("failed to update sandbox container stats: %s: %w", containerID, err)
}
} else {
err := c.containerStore.UpdateContainerStats(containerID, newStats)
if err != nil {
return 0, errors.Wrapf(err, "failed to update container stats ID: %s", containerID)
return 0, fmt.Errorf("failed to update container stats ID: %s: %w", containerID, err)
}
}
@@ -204,7 +204,7 @@ func (c *criService) cpuContainerStats(ID string, isSandbox bool, stats interfac
usageNanoCores, err := c.getUsageNanoCores(ID, isSandbox, metrics.CPU.Usage.Total, timestamp)
if err != nil {
return nil, errors.Wrapf(err, "failed to get usage nano cores, containerID: %s", ID)
return nil, fmt.Errorf("failed to get usage nano cores, containerID: %s: %w", ID, err)
}
return &runtime.CpuUsage{
@@ -220,7 +220,7 @@ func (c *criService) cpuContainerStats(ID string, isSandbox bool, stats interfac
usageNanoCores, err := c.getUsageNanoCores(ID, isSandbox, usageCoreNanoSeconds, timestamp)
if err != nil {
return nil, errors.Wrapf(err, "failed to get usage nano cores, containerID: %s", ID)
return nil, fmt.Errorf("failed to get usage nano cores, containerID: %s: %w", ID, err)
}
return &runtime.CpuUsage{
@@ -230,7 +230,7 @@ func (c *criService) cpuContainerStats(ID string, isSandbox bool, stats interfac
}, nil
}
default:
return nil, errors.Errorf("unexpected metrics type: %v", metrics)
return nil, fmt.Errorf("unexpected metrics type: %v", metrics)
}
return nil, nil
}
@@ -272,7 +272,7 @@ func (c *criService) memoryContainerStats(ID string, stats interface{}, timestam
}, nil
}
default:
return nil, errors.Errorf("unexpected metrics type: %v", metrics)
return nil, fmt.Errorf("unexpected metrics type: %v", metrics)
}
return nil, nil
}

5
pkg/cri/server/container_stats_list_other.go
View File

@@ -20,9 +20,10 @@
package server
import (
"fmt"
"github.com/containerd/containerd/api/types"
"github.com/containerd/containerd/errdefs"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
containerstore "github.com/containerd/containerd/pkg/cri/store/container"
@@ -33,5 +34,5 @@ func (c *criService) containerMetrics(
stats *types.Metric,
) (*runtime.ContainerStats, error) {
var cs runtime.ContainerStats
return &cs, errors.Wrap(errdefs.ErrNotImplemented, "container metrics")
return &cs, fmt.Errorf("container metrics: %w", errdefs.ErrNotImplemented)
}

6
pkg/cri/server/container_stats_list_windows.go
View File

@@ -17,10 +17,12 @@
package server
import (
"errors"
"fmt"
wstats "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/stats"
"github.com/containerd/containerd/api/types"
"github.com/containerd/typeurl"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
containerstore "github.com/containerd/containerd/pkg/cri/store/container"
@@ -57,7 +59,7 @@ func (c *criService) containerMetrics(
if stats != nil {
s, err := typeurl.UnmarshalAny(stats.Data)
if err != nil {
return nil, errors.Wrap(err, "failed to extract container metrics")
return nil, fmt.Errorf("failed to extract container metrics: %w", err)
}
wstats := s.(*wstats.Statistics).GetWindows()
if wstats == nil {

18
pkg/cri/server/container_status.go
View File

@@ -18,12 +18,12 @@ package server
import (
"encoding/json"
"fmt"
"github.com/containerd/containerd/errdefs"
containerstore "github.com/containerd/containerd/pkg/cri/store/container"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -32,7 +32,7 @@ import (
func (c *criService) ContainerStatus(ctx context.Context, r *runtime.ContainerStatusRequest) (*runtime.ContainerStatusResponse, error) {
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when try to find container %q", r.GetContainerId())
return nil, fmt.Errorf("an error occurred when try to find container %q: %w", r.GetContainerId(), err)
}
// TODO(random-liu): Clean up the following logic in CRI.
@@ -45,7 +45,7 @@ func (c *criService) ContainerStatus(ctx context.Context, r *runtime.ContainerSt
image, err := c.imageStore.Get(imageRef)
if err != nil {
if !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "failed to get image %q", imageRef)
return nil, fmt.Errorf("failed to get image %q: %w", imageRef, err)
}
} else {
repoTags, repoDigests := parseImageReferences(image.References)
@@ -64,14 +64,14 @@ func (c *criService) ContainerStatus(ctx context.Context, r *runtime.ContainerSt
// CRI doesn't allow CreatedAt == 0.
info, err := container.Container.Info(ctx)
if err != nil {
return nil, errors.Wrapf(err, "failed to get CreatedAt in %q state", status.State)
return nil, fmt.Errorf("failed to get CreatedAt in %q state: %w", status.State, err)
}
status.CreatedAt = info.CreatedAt.UnixNano()
}
info, err := toCRIContainerInfo(ctx, container, r.GetVerbose())
if err != nil {
return nil, errors.Wrap(err, "failed to get verbose container info")
return nil, fmt.Errorf("failed to get verbose container info: %w", err)
}
return &runtime.ContainerStatusResponse{
@@ -156,26 +156,26 @@ func toCRIContainerInfo(ctx context.Context, container containerstore.Container,
var err error
ci.RuntimeSpec, err = container.Container.Spec(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get container runtime spec")
return nil, fmt.Errorf("failed to get container runtime spec: %w", err)
}
ctrInfo, err := container.Container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get container info")
return nil, fmt.Errorf("failed to get container info: %w", err)
}
ci.SnapshotKey = ctrInfo.SnapshotKey
ci.Snapshotter = ctrInfo.Snapshotter
runtimeOptions, err := getRuntimeOptions(ctrInfo)
if err != nil {
return nil, errors.Wrap(err, "failed to get runtime options")
return nil, fmt.Errorf("failed to get runtime options: %w", err)
}
ci.RuntimeType = ctrInfo.Runtime.Name
ci.RuntimeOptions = runtimeOptions
infoBytes, err := json.Marshal(ci)
if err != nil {
return nil, errors.Wrapf(err, "failed to marshal info %v", ci)
return nil, fmt.Errorf("failed to marshal info %v: %w", ci, err)
}
return map[string]string{
"info": string(infoBytes),

22
pkg/cri/server/container_stop.go
View File

@@ -17,6 +17,7 @@
package server
import (
"fmt"
"sync/atomic"
"syscall"
"time"
@@ -28,7 +29,6 @@ import (
ctrdutil "github.com/containerd/containerd/pkg/cri/util"
"github.com/moby/sys/signal"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -39,7 +39,7 @@ func (c *criService) StopContainer(ctx context.Context, r *runtime.StopContainer
// Get container config from container store.
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when try to find container %q", r.GetContainerId())
return nil, fmt.Errorf("an error occurred when try to find container %q: %w", r.GetContainerId(), err)
}
if err := c.stopContainer(ctx, container, time.Duration(r.GetTimeout())*time.Second); err != nil {
@@ -48,7 +48,7 @@ func (c *criService) StopContainer(ctx context.Context, r *runtime.StopContainer
i, err := container.Container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "get container info")
return nil, fmt.Errorf("get container info: %w", err)
}
containerStopTimer.WithValues(i.Runtime.Name).UpdateSince(start)
@@ -73,7 +73,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
task, err := container.Container.Task(ctx, nil)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to get task for container %q", id)
return fmt.Errorf("failed to get task for container %q: %w", id, err)
}
// Don't return for unknown state, some cleanup needs to be done.
if state == runtime.ContainerState_CONTAINER_UNKNOWN {
@@ -90,7 +90,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
exitCh, err := task.Wait(waitCtx)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to wait for task for %q", id)
return fmt.Errorf("failed to wait for task for %q: %w", id, err)
}
return cleanupUnknownContainer(ctx, id, container)
}
@@ -124,7 +124,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
image, err := c.imageStore.Get(container.ImageRef)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to get image %q", container.ImageRef)
return fmt.Errorf("failed to get image %q: %w", container.ImageRef, err)
}
log.G(ctx).Warningf("Image %q not found, stop container with signal %q", container.ImageRef, stopSignal)
} else {
@@ -135,7 +135,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
}
sig, err := signal.ParseSignal(stopSignal)
if err != nil {
return errors.Wrapf(err, "failed to parse stop signal %q", stopSignal)
return fmt.Errorf("failed to parse stop signal %q: %w", stopSignal, err)
}
var sswt bool
@@ -149,7 +149,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
if sswt {
log.G(ctx).Infof("Stop container %q with signal %v", id, sig)
if err = task.Kill(ctx, sig); err != nil && !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to stop container %q", id)
return fmt.Errorf("failed to stop container %q: %w", id, err)
}
} else {
log.G(ctx).Infof("Skipping the sending of signal %v to container %q because a prior stop with timeout>0 request already sent the signal", sig, id)
@@ -172,13 +172,13 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
log.G(ctx).Infof("Kill container %q", id)
if err = task.Kill(ctx, syscall.SIGKILL); err != nil && !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to kill container %q", id)
return fmt.Errorf("failed to kill container %q: %w", id, err)
}
// Wait for a fixed timeout until container stop is observed by event monitor.
err = c.waitContainerStop(ctx, container)
if err != nil {
return errors.Wrapf(err, "an error occurs during waiting for container %q to be killed", id)
return fmt.Errorf("an error occurs during waiting for container %q to be killed: %w", id, err)
}
return nil
}
@@ -188,7 +188,7 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
func (c *criService) waitContainerStop(ctx context.Context, container containerstore.Container) error {
select {
case <-ctx.Done():
return errors.Wrapf(ctx.Err(), "wait container %q", container.ID)
return fmt.Errorf("wait container %q: %w", container.ID, ctx.Err())
case <-container.Stopped():
return nil
}

20
pkg/cri/server/container_update_resources.go
View File

@@ -21,6 +21,7 @@ package server
import (
gocontext "context"
"fmt"
"github.com/containerd/containerd"
"github.com/containerd/containerd/containers"
@@ -28,7 +29,6 @@ import (
"github.com/containerd/containerd/log"
"github.com/containerd/typeurl"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -40,7 +40,7 @@ import (
func (c *criService) UpdateContainerResources(ctx context.Context, r *runtime.UpdateContainerResourcesRequest) (retRes *runtime.UpdateContainerResourcesResponse, retErr error) {
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrap(err, "failed to find container")
return nil, fmt.Errorf("failed to find container: %w", err)
}
// Update resources in status update transaction, so that:
// 1) There won't be race condition with container start.
@@ -48,7 +48,7 @@ func (c *criService) UpdateContainerResources(ctx context.Context, r *runtime.Up
if err := container.Status.Update(func(status containerstore.Status) (containerstore.Status, error) {
return status, c.updateContainerResources(ctx, container, r, status)
}); err != nil {
return nil, errors.Wrap(err, "failed to update resources")
return nil, fmt.Errorf("failed to update resources: %w", err)
}
return &runtime.UpdateContainerResourcesResponse{}, nil
}
@@ -60,7 +60,7 @@ func (c *criService) updateContainerResources(ctx context.Context,
id := cntr.ID
// Do not update the container when there is a removal in progress.
if status.Removing {
return errors.Errorf("container %q is in removing state", id)
return fmt.Errorf("container %q is in removing state", id)
}
// Update container spec. If the container is not started yet, updating
@@ -69,11 +69,11 @@ func (c *criService) updateContainerResources(ctx context.Context,
// the spec will become our source of truth for resource limits.
oldSpec, err := cntr.Container.Spec(ctx)
if err != nil {
return errors.Wrap(err, "failed to get container spec")
return fmt.Errorf("failed to get container spec: %w", err)
}
newSpec, err := updateOCIResource(ctx, oldSpec, r, c.config)
if err != nil {
return errors.Wrap(err, "failed to update resource in spec")
return fmt.Errorf("failed to update resource in spec: %w", err)
}
if err := updateContainerSpec(ctx, cntr.Container, newSpec); err != nil {
@@ -102,7 +102,7 @@ func (c *criService) updateContainerResources(ctx context.Context,
// Task exited already.
return nil
}
return errors.Wrap(err, "failed to get task")
return fmt.Errorf("failed to get task: %w", err)
}
// newSpec.Linux / newSpec.Windows won't be nil
if err := task.Update(ctx, containerd.WithResources(getResources(newSpec))); err != nil {
@@ -110,7 +110,7 @@ func (c *criService) updateContainerResources(ctx context.Context,
// Task exited already.
return nil
}
return errors.Wrap(err, "failed to update resources")
return fmt.Errorf("failed to update resources: %w", err)
}
return nil
}
@@ -119,13 +119,13 @@ func (c *criService) updateContainerResources(ctx context.Context,
func updateContainerSpec(ctx context.Context, cntr containerd.Container, spec *runtimespec.Spec) error {
any, err := typeurl.MarshalAny(spec)
if err != nil {
return errors.Wrapf(err, "failed to marshal spec %+v", spec)
return fmt.Errorf("failed to marshal spec %+v: %w", spec, err)
}
if err := cntr.Update(ctx, func(ctx gocontext.Context, client *containerd.Client, c *containers.Container) error {
c.Spec = any
return nil
}); err != nil {
return errors.Wrap(err, "failed to update container spec")
return fmt.Errorf("failed to update container spec: %w", err)
}
return nil
}

7
pkg/cri/server/container_update_resources_linux.go
View File

@@ -17,8 +17,9 @@
package server
import (
"fmt"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -34,13 +35,13 @@ func updateOCIResource(ctx context.Context, spec *runtimespec.Spec, r *runtime.U
// Copy to make sure old spec is not changed.
var cloned runtimespec.Spec
if err := util.DeepCopy(&cloned, spec); err != nil {
return nil, errors.Wrap(err, "failed to deep copy")
return nil, fmt.Errorf("failed to deep copy: %w", err)
}
if cloned.Linux == nil {
cloned.Linux = &runtimespec.Linux{}
}
if err := opts.WithResources(r.GetLinux(), config.TolerateMissingHugetlbController, config.DisableHugetlbController)(ctx, nil, nil, &cloned); err != nil {
return nil, errors.Wrap(err, "unable to set linux container resources")
return nil, fmt.Errorf("unable to set linux container resources: %w", err)
}
return &cloned, nil
}

7
pkg/cri/server/container_update_resources_other.go
View File

@@ -20,7 +20,8 @@
package server
import (
"github.com/pkg/errors"
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -31,7 +32,7 @@ import (
func (c *criService) UpdateContainerResources(ctx context.Context, r *runtime.UpdateContainerResourcesRequest) (retRes *runtime.UpdateContainerResourcesResponse, retErr error) {
container, err := c.containerStore.Get(r.GetContainerId())
if err != nil {
return nil, errors.Wrap(err, "failed to find container")
return nil, fmt.Errorf("failed to find container: %w", err)
}
// Update resources in status update transaction, so that:
// 1) There won't be race condition with container start.
@@ -39,7 +40,7 @@ func (c *criService) UpdateContainerResources(ctx context.Context, r *runtime.Up
if err := container.Status.Update(func(status containerstore.Status) (containerstore.Status, error) {
return status, nil
}); err != nil {
return nil, errors.Wrap(err, "failed to update resources")
return nil, fmt.Errorf("failed to update resources: %w", err)
}
return &runtime.UpdateContainerResourcesResponse{}, nil
}

7
pkg/cri/server/container_update_resources_windows.go
View File

@@ -17,8 +17,9 @@
package server
import (
"fmt"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -34,13 +35,13 @@ func updateOCIResource(ctx context.Context, spec *runtimespec.Spec, r *runtime.U
// Copy to make sure old spec is not changed.
var cloned runtimespec.Spec
if err := util.DeepCopy(&cloned, spec); err != nil {
return nil, errors.Wrap(err, "failed to deep copy")
return nil, fmt.Errorf("failed to deep copy: %w", err)
}
if cloned.Windows == nil {
cloned.Windows = &runtimespec.Windows{}
}
if err := opts.WithWindowsResources(r.GetWindows())(ctx, nil, nil, &cloned); err != nil {
return nil, errors.Wrap(err, "unable to set windows container resources")
return nil, fmt.Errorf("unable to set windows container resources: %w", err)
}
return &cloned, nil
}

34
pkg/cri/server/events.go
View File

@@ -17,6 +17,8 @@
package server
import (
"errors"
"fmt"
"sync"
"time"
@@ -30,9 +32,7 @@ import (
sandboxstore "github.com/containerd/containerd/pkg/cri/store/sandbox"
ctrdutil "github.com/containerd/containerd/pkg/cri/util"
"github.com/containerd/typeurl"
gogotypes "github.com/gogo/protobuf/types"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/net/context"
"k8s.io/utils/clock"
@@ -141,7 +141,7 @@ func (em *eventMonitor) startSandboxExitMonitor(ctx context.Context, id string,
}
return nil
} else if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to get sandbox %s", e.ID)
return fmt.Errorf("failed to get sandbox %s: %w", e.ID, err)
}
return nil
}()
@@ -192,7 +192,7 @@ func (em *eventMonitor) startContainerExitMonitor(ctx context.Context, id string
}
return nil
} else if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to get container %s", e.ID)
return fmt.Errorf("failed to get container %s: %w", e.ID, err)
}
return nil
}()
@@ -211,7 +211,7 @@ func convertEvent(e *gogotypes.Any) (string, interface{}, error) {
id := ""
evt, err := typeurl.UnmarshalAny(e)
if err != nil {
return "", nil, errors.Wrap(err, "failed to unmarshalany")
return "", nil, fmt.Errorf("failed to unmarshalany: %w", err)
}
switch e := evt.(type) {
@@ -314,20 +314,20 @@ func (em *eventMonitor) handleEvent(any interface{}) error {
cntr, err := em.c.containerStore.Get(e.ID)
if err == nil {
if err := handleContainerExit(ctx, e, cntr); err != nil {
return errors.Wrap(err, "failed to handle container TaskExit event")
return fmt.Errorf("failed to handle container TaskExit event: %w", err)
}
return nil
} else if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "can't find container for TaskExit event")
return fmt.Errorf("can't find container for TaskExit event: %w", err)
}
sb, err := em.c.sandboxStore.Get(e.ID)
if err == nil {
if err := handleSandboxExit(ctx, e, sb); err != nil {
return errors.Wrap(err, "failed to handle sandbox TaskExit event")
return fmt.Errorf("failed to handle sandbox TaskExit event: %w", err)
}
return nil
} else if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "can't find sandbox for TaskExit event")
return fmt.Errorf("can't find sandbox for TaskExit event: %w", err)
}
return nil
case *eventtypes.TaskOOM:
@@ -336,7 +336,7 @@ func (em *eventMonitor) handleEvent(any interface{}) error {
cntr, err := em.c.containerStore.Get(e.ContainerID)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "can't find container for TaskOOM event")
return fmt.Errorf("can't find container for TaskOOM event: %w", err)
}
return nil
}
@@ -345,7 +345,7 @@ func (em *eventMonitor) handleEvent(any interface{}) error {
return status, nil
})
if err != nil {
return errors.Wrap(err, "failed to update container status for TaskOOM event")
return fmt.Errorf("failed to update container status for TaskOOM event: %w", err)
}
case *eventtypes.ImageCreate:
logrus.Infof("ImageCreate event %+v", e)
@@ -380,13 +380,13 @@ func handleContainerExit(ctx context.Context, e *eventtypes.TaskExit, cntr conta
)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrapf(err, "failed to load task for container")
return fmt.Errorf("failed to load task for container: %w", err)
}
} else {
// TODO(random-liu): [P1] This may block the loop, we may want to spawn a worker
if _, err = task.Delete(ctx, WithNRISandboxDelete(cntr.SandboxID), containerd.WithProcessKill); err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to stop container")
return fmt.Errorf("failed to stop container: %w", err)
}
// Move on to make sure container status is updated.
}
@@ -407,7 +407,7 @@ func handleContainerExit(ctx context.Context, e *eventtypes.TaskExit, cntr conta
return status, nil
})
if err != nil {
return errors.Wrap(err, "failed to update container state")
return fmt.Errorf("failed to update container state: %w", err)
}
// Using channel to propagate the information of container stop
cntr.Stop()
@@ -420,13 +420,13 @@ func handleSandboxExit(ctx context.Context, e *eventtypes.TaskExit, sb sandboxst
task, err := sb.Container.Task(ctx, nil)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to load task for sandbox")
return fmt.Errorf("failed to load task for sandbox: %w", err)
}
} else {
// TODO(random-liu): [P1] This may block the loop, we may want to spawn a worker
if _, err = task.Delete(ctx, WithNRISandboxDelete(sb.ID), containerd.WithProcessKill); err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to stop sandbox")
return fmt.Errorf("failed to stop sandbox: %w", err)
}
// Move on to make sure container status is updated.
}
@@ -437,7 +437,7 @@ func handleSandboxExit(ctx context.Context, e *eventtypes.TaskExit, sb sandboxst
return status, nil
})
if err != nil {
return errors.Wrap(err, "failed to update sandbox state")
return fmt.Errorf("failed to update sandbox state: %w", err)
}
// Using channel to propagate the information of sandbox stop
sb.Stop()

15
pkg/cri/server/helpers.go
View File

@@ -42,7 +42,6 @@ import (
runhcsoptions "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
imagedigest "github.com/opencontainers/go-digest"
"github.com/pelletier/go-toml"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -196,7 +195,7 @@ func (c *criService) localResolve(refOrID string) (imagestore.Image, error) {
func (c *criService) toContainerdImage(ctx context.Context, image imagestore.Image) (containerd.Image, error) {
// image should always have at least one reference.
if len(image.References) == 0 {
return nil, errors.Errorf("invalid image with no reference %q", image.ID)
return nil, fmt.Errorf("invalid image with no reference %q", image.ID)
}
return c.client.GetImage(ctx, image.References[0])
}
@@ -225,7 +224,7 @@ func getUserFromImage(user string) (*int64, string) {
func (c *criService) ensureImageExists(ctx context.Context, ref string, config *runtime.PodSandboxConfig) (*imagestore.Image, error) {
image, err := c.localResolve(ref)
if err != nil && !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "failed to get image %q", ref)
return nil, fmt.Errorf("failed to get image %q: %w", ref, err)
}
if err == nil {
return &image, nil
@@ -233,13 +232,13 @@ func (c *criService) ensureImageExists(ctx context.Context, ref string, config *
// Pull image to ensure the image exists
resp, err := c.PullImage(ctx, &runtime.PullImageRequest{Image: &runtime.ImageSpec{Image: ref}, SandboxConfig: config})
if err != nil {
return nil, errors.Wrapf(err, "failed to pull image %q", ref)
return nil, fmt.Errorf("failed to pull image %q: %w", ref, err)
}
imageID := resp.GetImageRef()
newImage, err := c.imageStore.Get(imageID)
if err != nil {
// It's still possible that someone removed the image right after it is pulled.
return nil, errors.Wrapf(err, "failed to get image %q after pulling", imageID)
return nil, fmt.Errorf("failed to get image %q after pulling: %w", imageID, err)
}
return &newImage, nil
}
@@ -251,18 +250,18 @@ func (c *criService) ensureImageExists(ctx context.Context, ref string, config *
func (c *criService) validateTargetContainer(sandboxID, targetContainerID string) (containerstore.Container, error) {
targetContainer, err := c.containerStore.Get(targetContainerID)
if err != nil {
return containerstore.Container{}, errors.Wrapf(err, "container %q does not exist", targetContainerID)
return containerstore.Container{}, fmt.Errorf("container %q does not exist: %w", targetContainerID, err)
}
targetSandboxID := targetContainer.Metadata.SandboxID
if targetSandboxID != sandboxID {
return containerstore.Container{},
errors.Errorf("container %q (sandbox %s) does not belong to sandbox %s", targetContainerID, targetSandboxID, sandboxID)
fmt.Errorf("container %q (sandbox %s) does not belong to sandbox %s", targetContainerID, targetSandboxID, sandboxID)
}
status := targetContainer.Status.Get()
if state := status.State(); state != runtime.ContainerState_CONTAINER_RUNNING {
return containerstore.Container{}, errors.Errorf("container %q is not running - in state %s", targetContainerID, state)
return containerstore.Container{}, fmt.Errorf("container %q is not running - in state %s", targetContainerID, state)
}
return targetContainer, nil

7
pkg/cri/server/helpers_linux.go
View File

@@ -36,7 +36,6 @@ import (
"github.com/moby/sys/mountinfo"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -131,7 +130,7 @@ func checkSelinuxLevel(level string) error {
matched, err := regexp.MatchString(`^s\d(-s\d)??(:c\d{1,4}(\.c\d{1,4})?(,c\d{1,4}(\.c\d{1,4})?)*)?$`, level)
if err != nil {
return errors.Wrapf(err, "the format of 'level' %q is not correct", level)
return fmt.Errorf("the format of 'level' %q is not correct: %w", level, err)
}
if !matched {
return fmt.Errorf("the format of 'level' %q is not correct", level)
@@ -241,7 +240,7 @@ func ensureRemoveAll(ctx context.Context, dir string) error {
return err
}
if e := mount.Unmount(pe.Path, unix.MNT_DETACH); e != nil {
return errors.Wrapf(e, "error while removing %s", dir)
return fmt.Errorf("error while removing %s: %w", dir, e)
}
if exitOnErr[pe.Path] == maxRetry {
@@ -271,7 +270,7 @@ func modifyProcessLabel(runtimeType string, spec *specs.Spec) error {
}
l, err := seutil.ChangeToKVM(spec.Process.SelinuxLabel)
if err != nil {
return errors.Wrap(err, "failed to get selinux kvm label")
return fmt.Errorf("failed to get selinux kvm label: %w", err)
}
spec.Process.SelinuxLabel = l
return nil

49
pkg/cri/server/image_pull.go
View File

@@ -40,7 +40,6 @@ import (
"github.com/containerd/imgcrypt"
"github.com/containerd/imgcrypt/images/encryption"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -93,7 +92,7 @@ func (c *criService) PullImage(ctx context.Context, r *runtime.PullImageRequest)
imageRef := r.GetImage().GetImage()
namedRef, err := distribution.ParseDockerRef(imageRef)
if err != nil {
return nil, errors.Wrapf(err, "failed to parse image reference %q", imageRef)
return nil, fmt.Errorf("failed to parse image reference %q: %w", imageRef, err)
}
ref := namedRef.String()
if ref != imageRef {
@@ -138,12 +137,12 @@ func (c *criService) PullImage(ctx context.Context, r *runtime.PullImageRequest)
image, err := c.client.Pull(ctx, ref, pullOpts...)
if err != nil {
return nil, errors.Wrapf(err, "failed to pull and unpack image %q", ref)
return nil, fmt.Errorf("failed to pull and unpack image %q: %w", ref, err)
}
configDesc, err := image.Config(ctx)
if err != nil {
return nil, errors.Wrap(err, "get image config descriptor")
return nil, fmt.Errorf("get image config descriptor: %w", err)
}
imageID := configDesc.Digest.String()
@@ -153,13 +152,13 @@ func (c *criService) PullImage(ctx context.Context, r *runtime.PullImageRequest)
continue
}
if err := c.createImageReference(ctx, r, image.Target()); err != nil {
return nil, errors.Wrapf(err, "failed to create image reference %q", r)
return nil, fmt.Errorf("failed to create image reference %q: %w", r, err)
}
// Update image store to reflect the newest state in containerd.
// No need to use `updateImage`, because the image reference must
// have been managed by the cri plugin.
if err := c.imageStore.Update(ctx, r); err != nil {
return nil, errors.Wrapf(err, "failed to update image store %q", r)
return nil, fmt.Errorf("failed to update image store %q: %w", r, err)
}
}
@@ -182,7 +181,7 @@ func ParseAuth(auth *runtime.AuthConfig, host string) (string, string, error) {
// Do not return the auth info when server address doesn't match.
u, err := url.Parse(auth.ServerAddress)
if err != nil {
return "", "", errors.Wrap(err, "parse server address")
return "", "", fmt.Errorf("parse server address: %w", err)
}
if host != u.Host {
return "", "", nil
@@ -203,7 +202,7 @@ func ParseAuth(auth *runtime.AuthConfig, host string) (string, string, error) {
}
fields := strings.SplitN(string(decoded), ":", 2)
if len(fields) != 2 {
return "", "", errors.Errorf("invalid decoded auth: %q", decoded)
return "", "", fmt.Errorf("invalid decoded auth: %q", decoded)
}
user, passwd := fields[0], fields[1]
return user, strings.Trim(passwd, "\x00"), nil
@@ -243,31 +242,31 @@ func (c *criService) createImageReference(ctx context.Context, name string, desc
func (c *criService) updateImage(ctx context.Context, r string) error {
img, err := c.client.GetImage(ctx, r)
if err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "get image by reference")
return fmt.Errorf("get image by reference: %w", err)
}
if err == nil && img.Labels()[imageLabelKey] != imageLabelValue {
// Make sure the image has the image id as its unique
// identifier that references the image in its lifetime.
configDesc, err := img.Config(ctx)
if err != nil {
return errors.Wrap(err, "get image id")
return fmt.Errorf("get image id: %w", err)
}
id := configDesc.Digest.String()
if err := c.createImageReference(ctx, id, img.Target()); err != nil {
return errors.Wrapf(err, "create image id reference %q", id)
return fmt.Errorf("create image id reference %q: %w", id, err)
}
if err := c.imageStore.Update(ctx, id); err != nil {
return errors.Wrapf(err, "update image store for %q", id)
return fmt.Errorf("update image store for %q: %w", id, err)
}
// The image id is ready, add the label to mark the image as managed.
if err := c.createImageReference(ctx, r, img.Target()); err != nil {
return errors.Wrap(err, "create managed label")
return fmt.Errorf("create managed label: %w", err)
}
}
// If the image is not found, we should continue updating the cache,
// so that the image can be removed from the cache.
if err := c.imageStore.Update(ctx, r); err != nil {
return errors.Wrapf(err, "update image store for %q", r)
return fmt.Errorf("update image store for %q: %w", r, err)
}
return nil
}
@@ -280,15 +279,15 @@ func (c *criService) getTLSConfig(registryTLSConfig criconfig.TLSConfig) (*tls.C
err error
)
if registryTLSConfig.CertFile != "" && registryTLSConfig.KeyFile == "" {
return nil, errors.Errorf("cert file %q was specified, but no corresponding key file was specified", registryTLSConfig.CertFile)
return nil, fmt.Errorf("cert file %q was specified, but no corresponding key file was specified", registryTLSConfig.CertFile)
}
if registryTLSConfig.CertFile == "" && registryTLSConfig.KeyFile != "" {
return nil, errors.Errorf("key file %q was specified, but no corresponding cert file was specified", registryTLSConfig.KeyFile)
return nil, fmt.Errorf("key file %q was specified, but no corresponding cert file was specified", registryTLSConfig.KeyFile)
}
if registryTLSConfig.CertFile != "" && registryTLSConfig.KeyFile != "" {
cert, err = tls.LoadX509KeyPair(registryTLSConfig.CertFile, registryTLSConfig.KeyFile)
if err != nil {
return nil, errors.Wrap(err, "failed to load cert file")
return nil, fmt.Errorf("failed to load cert file: %w", err)
}
if len(cert.Certificate) != 0 {
tlsConfig.Certificates = []tls.Certificate{cert}
@@ -299,11 +298,11 @@ func (c *criService) getTLSConfig(registryTLSConfig criconfig.TLSConfig) (*tls.C
if registryTLSConfig.CAFile != "" {
caCertPool, err := x509.SystemCertPool()
if err != nil {
return nil, errors.Wrap(err, "failed to get system cert pool")
return nil, fmt.Errorf("failed to get system cert pool: %w", err)
}
caCert, err := os.ReadFile(registryTLSConfig.CAFile)
if err != nil {
return nil, errors.Wrap(err, "failed to load CA file")
return nil, fmt.Errorf("failed to load CA file: %w", err)
}
caCertPool.AppendCertsFromPEM(caCert)
tlsConfig.RootCAs = caCertPool
@@ -354,12 +353,12 @@ func (c *criService) registryHosts(ctx context.Context, auth *runtime.AuthConfig
endpoints, err := c.registryEndpoints(host)
if err != nil {
return nil, errors.Wrap(err, "get registry endpoints")
return nil, fmt.Errorf("get registry endpoints: %w", err)
}
for _, e := range endpoints {
u, err := url.Parse(e)
if err != nil {
return nil, errors.Wrapf(err, "parse registry endpoint %q from mirrors", e)
return nil, fmt.Errorf("parse registry endpoint %q from mirrors: %w", e, err)
}
var (
@@ -371,7 +370,7 @@ func (c *criService) registryHosts(ctx context.Context, auth *runtime.AuthConfig
if config.TLS != nil {
transport.TLSClientConfig, err = c.getTLSConfig(*config.TLS)
if err != nil {
return nil, errors.Wrapf(err, "get TLSConfig for registry %q", e)
return nil, fmt.Errorf("get TLSConfig for registry %q: %w", e, err)
}
} else if isLocalHost(host) && u.Scheme == "http" {
// Skipping TLS verification for localhost
@@ -457,19 +456,19 @@ func (c *criService) registryEndpoints(host string) ([]string, error) {
}
defaultHost, err := docker.DefaultHost(host)
if err != nil {
return nil, errors.Wrap(err, "get default host")
return nil, fmt.Errorf("get default host: %w", err)
}
for i := range endpoints {
en, err := addDefaultScheme(endpoints[i])
if err != nil {
return nil, errors.Wrap(err, "parse endpoint url")
return nil, fmt.Errorf("parse endpoint url: %w", err)
}
endpoints[i] = en
}
for _, e := range endpoints {
u, err := url.Parse(e)
if err != nil {
return nil, errors.Wrap(err, "parse endpoint url")
return nil, fmt.Errorf("parse endpoint url: %w", err)
}
if u.Host == host {
// Do not add default if the endpoint already exists.

9
pkg/cri/server/image_remove.go
View File

@@ -17,10 +17,11 @@
package server
import (
"fmt"
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/images"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -38,7 +39,7 @@ func (c *criService) RemoveImage(ctx context.Context, r *runtime.RemoveImageRequ
// return empty without error when image not found.
return &runtime.RemoveImageResponse{}, nil
}
return nil, errors.Wrapf(err, "can not resolve %q locally", r.GetImage().GetImage())
return nil, fmt.Errorf("can not resolve %q locally: %w", r.GetImage().GetImage(), err)
}
// Remove all image references.
@@ -54,11 +55,11 @@ func (c *criService) RemoveImage(ctx context.Context, r *runtime.RemoveImageRequ
if err == nil || errdefs.IsNotFound(err) {
// Update image store to reflect the newest state in containerd.
if err := c.imageStore.Update(ctx, ref); err != nil {
return nil, errors.Wrapf(err, "failed to update image reference %q for %q", ref, image.ID)
return nil, fmt.Errorf("failed to update image reference %q for %q: %w", ref, image.ID, err)
}
continue
}
return nil, errors.Wrapf(err, "failed to delete image reference %q for %q", ref, image.ID)
return nil, fmt.Errorf("failed to delete image reference %q for %q: %w", ref, image.ID, err)
}
return &runtime.RemoveImageResponse{}, nil
}

6
pkg/cri/server/image_status.go
View File

@@ -18,13 +18,13 @@ package server
import (
"encoding/json"
"fmt"
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/log"
imagestore "github.com/containerd/containerd/pkg/cri/store/image"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -39,7 +39,7 @@ func (c *criService) ImageStatus(ctx context.Context, r *runtime.ImageStatusRequ
// return empty without error when image not found.
return &runtime.ImageStatusResponse{}, nil
}
return nil, errors.Wrapf(err, "can not resolve %q locally", r.GetImage().GetImage())
return nil, fmt.Errorf("can not resolve %q locally: %w", r.GetImage().GetImage(), err)
}
// TODO(random-liu): [P0] Make sure corresponding snapshot exists. What if snapshot
// doesn't exist?
@@ -47,7 +47,7 @@ func (c *criService) ImageStatus(ctx context.Context, r *runtime.ImageStatusRequ
runtimeImage := toCRIImage(image)
info, err := c.toCRIImageInfo(ctx, &image, r.GetVerbose())
if err != nil {
return nil, errors.Wrap(err, "failed to generate image info")
return nil, fmt.Errorf("failed to generate image info: %w", err)
}
return &runtime.ImageStatusResponse{

60
pkg/cri/server/restart.go
View File

@@ -17,6 +17,7 @@
package server
import (
"fmt"
"os"
"path/filepath"
goruntime "runtime"
@@ -29,7 +30,6 @@ import (
"github.com/containerd/containerd/log"
"github.com/containerd/containerd/platforms"
"github.com/containerd/typeurl"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -54,7 +54,7 @@ func (c *criService) recover(ctx context.Context) error {
// Recover all sandboxes.
sandboxes, err := c.client.Containers(ctx, filterLabel(containerKindLabel, containerKindSandbox))
if err != nil {
return errors.Wrap(err, "failed to list sandbox containers")
return fmt.Errorf("failed to list sandbox containers: %w", err)
}
for _, sandbox := range sandboxes {
sb, err := c.loadSandbox(ctx, sandbox)
@@ -64,17 +64,17 @@ func (c *criService) recover(ctx context.Context) error {
}
log.G(ctx).Debugf("Loaded sandbox %+v", sb)
if err := c.sandboxStore.Add(sb); err != nil {
return errors.Wrapf(err, "failed to add sandbox %q to store", sandbox.ID())
return fmt.Errorf("failed to add sandbox %q to store: %w", sandbox.ID(), err)
}
if err := c.sandboxNameIndex.Reserve(sb.Name, sb.ID); err != nil {
return errors.Wrapf(err, "failed to reserve sandbox name %q", sb.Name)
return fmt.Errorf("failed to reserve sandbox name %q: %w", sb.Name, err)
}
}
// Recover all containers.
containers, err := c.client.Containers(ctx, filterLabel(containerKindLabel, containerKindContainer))
if err != nil {
return errors.Wrap(err, "failed to list containers")
return fmt.Errorf("failed to list containers: %w", err)
}
for _, container := range containers {
cntr, err := c.loadContainer(ctx, container)
@@ -84,17 +84,17 @@ func (c *criService) recover(ctx context.Context) error {
}
log.G(ctx).Debugf("Loaded container %+v", cntr)
if err := c.containerStore.Add(cntr); err != nil {
return errors.Wrapf(err, "failed to add container %q to store", container.ID())
return fmt.Errorf("failed to add container %q to store: %w", container.ID(), err)
}
if err := c.containerNameIndex.Reserve(cntr.Name, cntr.ID); err != nil {
return errors.Wrapf(err, "failed to reserve container name %q", cntr.Name)
return fmt.Errorf("failed to reserve container name %q: %w", cntr.Name, err)
}
}
// Recover all images.
cImages, err := c.client.ListImages(ctx)
if err != nil {
return errors.Wrap(err, "failed to list images")
return fmt.Errorf("failed to list images: %w", err)
}
c.loadImages(ctx, cImages)
@@ -130,7 +130,7 @@ func (c *criService) recover(ctx context.Context) error {
},
} {
if err := cleanupOrphanedIDDirs(ctx, cleanup.cntrs, cleanup.base); err != nil {
return errors.Wrap(err, cleanup.errMsg)
return fmt.Errorf("%s: %w", cleanup.errMsg, err)
}
}
return nil
@@ -160,15 +160,15 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
// Load container metadata.
exts, err := cntr.Extensions(ctx)
if err != nil {
return container, errors.Wrap(err, "failed to get container extensions")
return container, fmt.Errorf("failed to get container extensions: %w", err)
}
ext, ok := exts[containerMetadataExtension]
if !ok {
return container, errors.Errorf("metadata extension %q not found", containerMetadataExtension)
return container, fmt.Errorf("metadata extension %q not found", containerMetadataExtension)
}
data, err := typeurl.UnmarshalAny(&ext)
if err != nil {
return container, errors.Wrapf(err, "failed to unmarshal metadata extension %q", ext)
return container, fmt.Errorf("failed to unmarshal metadata extension %q: %w", ext, err)
}
meta := data.(*containerstore.Metadata)
@@ -208,7 +208,7 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
return containerIO, nil
})
if err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to load task")
return fmt.Errorf("failed to load task: %w", err)
}
var s containerd.Status
var notFound bool
@@ -221,7 +221,7 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
if err != nil {
// It's still possible that task is deleted during this window.
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to get task status")
return fmt.Errorf("failed to get task status: %w", err)
}
notFound = true
}
@@ -238,7 +238,7 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
cio.WithNewFIFOs(volatileContainerDir, meta.Config.GetTty(), meta.Config.GetStdin()),
)
if err != nil {
return errors.Wrap(err, "failed to create container io")
return fmt.Errorf("failed to create container io: %w", err)
}
case runtime.ContainerState_CONTAINER_RUNNING:
// Container was in running state, but its task has been deleted,
@@ -257,17 +257,17 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
// gets restarted during container start.
// Container must be in `CREATED` state.
if _, err := t.Delete(ctx, containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to delete task")
return fmt.Errorf("failed to delete task: %w", err)
}
if status.State() != runtime.ContainerState_CONTAINER_CREATED {
return errors.Errorf("unexpected container state for created task: %q", status.State())
return fmt.Errorf("unexpected container state for created task: %q", status.State())
}
case containerd.Running:
// Task is running. Container must be in `RUNNING` state, based on our assumption that
// "task should not be started when containerd is down".
switch status.State() {
case runtime.ContainerState_CONTAINER_EXITED:
return errors.Errorf("unexpected container state for running task: %q", status.State())
return fmt.Errorf("unexpected container state for running task: %q", status.State())
case runtime.ContainerState_CONTAINER_RUNNING:
default:
// This may happen if containerd gets restarted after task is started, but
@@ -280,7 +280,7 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
exitCh, err := t.Wait(ctrdutil.NamespacedContext())
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to wait for task")
return fmt.Errorf("failed to wait for task: %w", err)
}
// Container was in running state, but its task has been deleted,
// set unknown exited state.
@@ -294,12 +294,12 @@ func (c *criService) loadContainer(ctx context.Context, cntr containerd.Containe
case containerd.Stopped:
// Task is stopped. Updata status and delete the task.
if _, err := t.Delete(ctx, containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to delete task")
return fmt.Errorf("failed to delete task: %w", err)
}
status.FinishedAt = s.ExitTime.UnixNano()
status.ExitCode = int32(s.ExitStatus)
default:
return errors.Errorf("unexpected task status %q", s.Status)
return fmt.Errorf("unexpected task status %q", s.Status)
}
}
return nil
@@ -329,15 +329,15 @@ func (c *criService) loadSandbox(ctx context.Context, cntr containerd.Container)
// Load sandbox metadata.
exts, err := cntr.Extensions(ctx)
if err != nil {
return sandbox, errors.Wrap(err, "failed to get sandbox container extensions")
return sandbox, fmt.Errorf("failed to get sandbox container extensions: %w", err)
}
ext, ok := exts[sandboxMetadataExtension]
if !ok {
return sandbox, errors.Errorf("metadata extension %q not found", sandboxMetadataExtension)
return sandbox, fmt.Errorf("metadata extension %q not found", sandboxMetadataExtension)
}
data, err := typeurl.UnmarshalAny(&ext)
if err != nil {
return sandbox, errors.Wrapf(err, "failed to unmarshal metadata extension %q", ext)
return sandbox, fmt.Errorf("failed to unmarshal metadata extension %q: %w", ext, err)
}
meta := data.(*sandboxstore.Metadata)
@@ -346,14 +346,14 @@ func (c *criService) loadSandbox(ctx context.Context, cntr containerd.Container)
// Load sandbox created timestamp.
info, err := cntr.Info(ctx)
if err != nil {
return status, errors.Wrap(err, "failed to get sandbox container info")
return status, fmt.Errorf("failed to get sandbox container info: %w", err)
}
status.CreatedAt = info.CreatedAt
// Load sandbox state.
t, err := cntr.Task(ctx, nil)
if err != nil && !errdefs.IsNotFound(err) {
return status, errors.Wrap(err, "failed to load task")
return status, fmt.Errorf("failed to load task: %w", err)
}
var taskStatus containerd.Status
var notFound bool
@@ -366,7 +366,7 @@ func (c *criService) loadSandbox(ctx context.Context, cntr containerd.Container)
if err != nil {
// It's still possible that task is deleted during this window.
if !errdefs.IsNotFound(err) {
return status, errors.Wrap(err, "failed to get task status")
return status, fmt.Errorf("failed to get task status: %w", err)
}
notFound = true
}
@@ -381,7 +381,7 @@ func (c *criService) loadSandbox(ctx context.Context, cntr containerd.Container)
exitCh, err := t.Wait(ctrdutil.NamespacedContext())
if err != nil {
if !errdefs.IsNotFound(err) {
return status, errors.Wrap(err, "failed to wait for task")
return status, fmt.Errorf("failed to wait for task: %w", err)
}
status.State = sandboxstore.StateNotReady
} else {
@@ -393,7 +393,7 @@ func (c *criService) loadSandbox(ctx context.Context, cntr containerd.Container)
} else {
// Task is not running. Delete the task and set sandbox state as NOTREADY.
if _, err := t.Delete(ctx, containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
return status, errors.Wrap(err, "failed to delete task")
return status, fmt.Errorf("failed to delete task: %w", err)
}
status.State = sandboxstore.StateNotReady
}
@@ -459,7 +459,7 @@ func cleanupOrphanedIDDirs(ctx context.Context, cntrs []containerd.Container, ba
// Cleanup orphaned id directories.
dirs, err := os.ReadDir(base)
if err != nil && !os.IsNotExist(err) {
return errors.Wrap(err, "failed to read base directory")
return fmt.Errorf("failed to read base directory: %w", err)
}
idsMap := make(map[string]containerd.Container)
for _, cntr := range cntrs {

6
pkg/cri/server/sandbox_portforward.go
View File

@@ -17,7 +17,9 @@
package server
import (
"github.com/pkg/errors"
"errors"
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -28,7 +30,7 @@ import (
func (c *criService) PortForward(ctx context.Context, r *runtime.PortForwardRequest) (retRes *runtime.PortForwardResponse, retErr error) {
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
return nil, errors.Wrapf(err, "failed to find sandbox %q", r.GetPodSandboxId())
return nil, fmt.Errorf("failed to find sandbox %q: %w", r.GetPodSandboxId(), err)
}
if sandbox.Status.Get().State != sandboxstore.StateReady {
return nil, errors.New("sandbox container is not running")

9
pkg/cri/server/sandbox_portforward_linux.go
View File

@@ -24,7 +24,6 @@ import (
"github.com/containerd/containerd/log"
"github.com/containernetworking/plugins/pkg/ns"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -35,7 +34,7 @@ import (
func (c *criService) portForward(ctx context.Context, id string, port int32, stream io.ReadWriteCloser) error {
s, err := c.sandboxStore.Get(id)
if err != nil {
return errors.Wrapf(err, "failed to find sandbox %q in store", id)
return fmt.Errorf("failed to find sandbox %q in store: %w", id, err)
}
var netNSDo func(func(ns.NetNS) error) error
@@ -45,9 +44,9 @@ func (c *criService) portForward(ctx context.Context, id string, port int32, str
hostNet := securityContext.GetNamespaceOptions().GetNetwork() == runtime.NamespaceMode_NODE
if !hostNet {
if closed, err := s.NetNS.Closed(); err != nil {
return errors.Wrapf(err, "failed to check netwok namespace closed for sandbox %q", id)
return fmt.Errorf("failed to check netwok namespace closed for sandbox %q: %w", id, err)
} else if closed {
return errors.Errorf("network namespace for sandbox %q is closed", id)
return fmt.Errorf("network namespace for sandbox %q is closed", id)
}
netNSDo = s.NetNS.Do
netNSPath = s.NetNS.GetPath()
@@ -130,7 +129,7 @@ func (c *criService) portForward(ctx context.Context, id string, port int32, str
})
if err != nil {
return errors.Wrapf(err, "failed to execute portforward in network namespace %q", netNSPath)
return fmt.Errorf("failed to execute portforward in network namespace %q: %w", netNSPath, err)
}
log.G(ctx).Infof("Finish port forwarding for %q port %d", id, port)

4
pkg/cri/server/sandbox_portforward_other.go
View File

@@ -20,15 +20,15 @@
package server
import (
"fmt"
"io"
"github.com/containerd/containerd/errdefs"
"github.com/pkg/errors"
"golang.org/x/net/context"
)
// portForward uses netns to enter the sandbox namespace, and forwards a stream inside the
// the namespace to a specific port. It keeps forwarding until it exits or client disconnect.
func (c *criService) portForward(ctx context.Context, id string, port int32, stream io.ReadWriteCloser) error {
return errors.Wrap(errdefs.ErrNotImplemented, "port forward")
return fmt.Errorf("port forward: %w", errdefs.ErrNotImplemented)
}

11
pkg/cri/server/sandbox_portforward_windows.go
View File

@@ -21,7 +21,6 @@ import (
"fmt"
"io"
"github.com/pkg/errors"
"golang.org/x/net/context"
"k8s.io/utils/exec"
@@ -38,7 +37,7 @@ func (c *criService) portForward(ctx context.Context, id string, port int32, str
cmd := []string{"wincat.exe", "127.0.0.1", fmt.Sprint(port)}
err := c.execInSandbox(ctx, id, cmd, stream, stdout, stderr)
if err != nil {
return errors.Wrapf(err, "failed to execute port forward in sandbox: %s", stderrBuffer.String())
return fmt.Errorf("failed to execute port forward in sandbox: %s: %w", stderrBuffer.String(), err)
}
return nil
}
@@ -47,13 +46,13 @@ func (c *criService) execInSandbox(ctx context.Context, sandboxID string, cmd []
// Get sandbox from our sandbox store.
sb, err := c.sandboxStore.Get(sandboxID)
if err != nil {
return errors.Wrapf(err, "failed to find sandbox %q in store", sandboxID)
return fmt.Errorf("failed to find sandbox %q in store: %w", sandboxID, err)
}
// Check the sandbox state
state := sb.Status.Get().State
if state != sandboxstore.StateReady {
return errors.Errorf("sandbox is in %s state", fmt.Sprint(state))
return fmt.Errorf("sandbox is in %s state", fmt.Sprint(state))
}
opts := execOptions{
@@ -66,13 +65,13 @@ func (c *criService) execInSandbox(ctx context.Context, sandboxID string, cmd []
}
exitCode, err := c.execInternal(ctx, sb.Container, sandboxID, opts)
if err != nil {
return errors.Wrap(err, "failed to exec in sandbox")
return fmt.Errorf("failed to exec in sandbox: %w", err)
}
if *exitCode == 0 {
return nil
}
return &exec.CodeExitError{
Err: errors.Errorf("error executing command %v, exit code %d", cmd, *exitCode),
Err: fmt.Errorf("error executing command %v, exit code %d", cmd, *exitCode),
Code: int(*exitCode),
}
}

24
pkg/cri/server/sandbox_remove.go
View File

@@ -17,13 +17,13 @@
package server
import (
"fmt"
"time"
"github.com/containerd/containerd"
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/log"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -36,8 +36,8 @@ func (c *criService) RemovePodSandbox(ctx context.Context, r *runtime.RemovePodS
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
if !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "an error occurred when try to find sandbox %q",
r.GetPodSandboxId())
return nil, fmt.Errorf("an error occurred when try to find sandbox %q: %w",
r.GetPodSandboxId(), err)
}
// Do not return error if the id doesn't exist.
log.G(ctx).Tracef("RemovePodSandbox called for sandbox %q that does not exist",
@@ -52,16 +52,16 @@ func (c *criService) RemovePodSandbox(ctx context.Context, r *runtime.RemovePodS
// This can happen if the task process associated with the Pod died or it was killed.
logrus.Infof("Forcibly stopping sandbox %q", id)
if err := c.stopPodSandbox(ctx, sandbox); err != nil {
return nil, errors.Wrapf(err, "failed to forcibly stop sandbox %q", id)
return nil, fmt.Errorf("failed to forcibly stop sandbox %q: %w", id, err)
}
// Return error if sandbox network namespace is not closed yet.
if sandbox.NetNS != nil {
nsPath := sandbox.NetNS.GetPath()
if closed, err := sandbox.NetNS.Closed(); err != nil {
return nil, errors.Wrapf(err, "failed to check sandbox network namespace %q closed", nsPath)
return nil, fmt.Errorf("failed to check sandbox network namespace %q closed: %w", nsPath, err)
} else if !closed {
return nil, errors.Errorf("sandbox network namespace %q is not fully closed", nsPath)
return nil, fmt.Errorf("sandbox network namespace %q is not fully closed", nsPath)
}
}
@@ -77,26 +77,26 @@ func (c *criService) RemovePodSandbox(ctx context.Context, r *runtime.RemovePodS
}
_, err = c.RemoveContainer(ctx, &runtime.RemoveContainerRequest{ContainerId: cntr.ID})
if err != nil {
return nil, errors.Wrapf(err, "failed to remove container %q", cntr.ID)
return nil, fmt.Errorf("failed to remove container %q: %w", cntr.ID, err)
}
}
// Cleanup the sandbox root directories.
sandboxRootDir := c.getSandboxRootDir(id)
if err := ensureRemoveAll(ctx, sandboxRootDir); err != nil {
return nil, errors.Wrapf(err, "failed to remove sandbox root directory %q",
sandboxRootDir)
return nil, fmt.Errorf("failed to remove sandbox root directory %q: %w",
sandboxRootDir, err)
}
volatileSandboxRootDir := c.getVolatileSandboxRootDir(id)
if err := ensureRemoveAll(ctx, volatileSandboxRootDir); err != nil {
return nil, errors.Wrapf(err, "failed to remove volatile sandbox root directory %q",
volatileSandboxRootDir)
return nil, fmt.Errorf("failed to remove volatile sandbox root directory %q: %w",
volatileSandboxRootDir, err)
}
// Delete sandbox container.
if err := sandbox.Container.Delete(ctx, containerd.WithSnapshotCleanup); err != nil {
if !errdefs.IsNotFound(err) {
return nil, errors.Wrapf(err, "failed to delete sandbox container %q", id)
return nil, fmt.Errorf("failed to delete sandbox container %q: %w", id, err)
}
log.G(ctx).Tracef("Remove called for sandbox container %q that does not exist", id)
}

57
pkg/cri/server/sandbox_run.go
View File

@@ -18,6 +18,8 @@ package server
import (
"encoding/json"
"errors"
"fmt"
"math"
"path/filepath"
goruntime "runtime"
@@ -34,7 +36,6 @@ import (
v1 "github.com/containerd/nri/types/v1"
"github.com/containerd/typeurl"
"github.com/davecgh/go-spew/spew"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -72,7 +73,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Reserve the sandbox name to avoid concurrent `RunPodSandbox` request starting the
// same sandbox.
if err := c.sandboxNameIndex.Reserve(name, id); err != nil {
return nil, errors.Wrapf(err, "failed to reserve sandbox name %q", name)
return nil, fmt.Errorf("failed to reserve sandbox name %q: %w", name, err)
}
defer func() {
// Release the name if the function returns with an error.
@@ -97,16 +98,16 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Ensure sandbox container image snapshot.
image, err := c.ensureImageExists(ctx, c.config.SandboxImage, config)
if err != nil {
return nil, errors.Wrapf(err, "failed to get sandbox image %q", c.config.SandboxImage)
return nil, fmt.Errorf("failed to get sandbox image %q: %w", c.config.SandboxImage, err)
}
containerdImage, err := c.toContainerdImage(ctx, *image)
if err != nil {
return nil, errors.Wrapf(err, "failed to get image from containerd %q", image.ID)
return nil, fmt.Errorf("failed to get image from containerd %q: %w", image.ID, err)
}
ociRuntime, err := c.getSandboxRuntime(config, r.GetRuntimeHandler())
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox runtime")
return nil, fmt.Errorf("failed to get sandbox runtime: %w", err)
}
log.G(ctx).WithField("podsandboxid", id).Debugf("use OCI runtime %+v", ociRuntime)
@@ -135,7 +136,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
}
sandbox.NetNS, err = netns.NewNetNS(netnsMountDir)
if err != nil {
return nil, errors.Wrapf(err, "failed to create network namespace for sandbox %q", id)
return nil, fmt.Errorf("failed to create network namespace for sandbox %q: %w", id, err)
}
sandbox.NetNSPath = sandbox.NetNS.GetPath()
defer func() {
@@ -163,7 +164,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// calls to network namespace of the pod to query the IP of the veth interface on every
// SandboxStatus request.
if err := c.setupPodNetwork(ctx, &sandbox); err != nil {
return nil, errors.Wrapf(err, "failed to setup network for sandbox %q", id)
return nil, fmt.Errorf("failed to setup network for sandbox %q: %w", id, err)
}
sandboxCreateNetworkTimer.UpdateSince(netStart)
}
@@ -175,7 +176,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// it safely.
spec, err := c.sandboxContainerSpec(id, config, &image.ImageSpec.Config, sandbox.NetNSPath, ociRuntime.PodAnnotations)
if err != nil {
return nil, errors.Wrap(err, "failed to generate sandbox container spec")
return nil, fmt.Errorf("failed to generate sandbox container spec: %w", err)
}
log.G(ctx).WithField("podsandboxid", id).Debugf("sandbox container spec: %#+v", spew.NewFormatter(spec))
sandbox.ProcessLabel = spec.Process.SelinuxLabel
@@ -199,14 +200,14 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Generate spec options that will be applied to the spec later.
specOpts, err := c.sandboxContainerSpecOpts(config, &image.ImageSpec.Config)
if err != nil {
return nil, errors.Wrap(err, "failed to generate sanbdox container spec options")
return nil, fmt.Errorf("failed to generate sanbdox container spec options: %w", err)
}
sandboxLabels := buildLabels(config.Labels, image.ImageSpec.Config.Labels, containerKindSandbox)
runtimeOpts, err := generateRuntimeOptions(ociRuntime, c.config)
if err != nil {
return nil, errors.Wrap(err, "failed to generate runtime options")
return nil, fmt.Errorf("failed to generate runtime options: %w", err)
}
snapshotterOpt := snapshots.WithLabels(snapshots.FilterInheritedLabels(config.Annotations))
opts := []containerd.NewContainerOpts{
@@ -219,7 +220,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
container, err := c.client.NewContainer(ctx, id, opts...)
if err != nil {
return nil, errors.Wrap(err, "failed to create containerd container")
return nil, fmt.Errorf("failed to create containerd container: %w", err)
}
defer func() {
if retErr != nil {
@@ -234,8 +235,8 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Create sandbox container root directories.
sandboxRootDir := c.getSandboxRootDir(id)
if err := c.os.MkdirAll(sandboxRootDir, 0755); err != nil {
return nil, errors.Wrapf(err, "failed to create sandbox root directory %q",
sandboxRootDir)
return nil, fmt.Errorf("failed to create sandbox root directory %q: %w",
sandboxRootDir, err)
}
defer func() {
if retErr != nil {
@@ -248,8 +249,8 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
}()
volatileSandboxRootDir := c.getVolatileSandboxRootDir(id)
if err := c.os.MkdirAll(volatileSandboxRootDir, 0755); err != nil {
return nil, errors.Wrapf(err, "failed to create volatile sandbox root directory %q",
volatileSandboxRootDir)
return nil, fmt.Errorf("failed to create volatile sandbox root directory %q: %w",
volatileSandboxRootDir, err)
}
defer func() {
if retErr != nil {
@@ -263,7 +264,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Setup files required for the sandbox.
if err = c.setupSandboxFiles(id, config); err != nil {
return nil, errors.Wrapf(err, "failed to setup sandbox files")
return nil, fmt.Errorf("failed to setup sandbox files: %w", err)
}
defer func() {
if retErr != nil {
@@ -277,7 +278,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// Update sandbox created timestamp.
info, err := container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox container info")
return nil, fmt.Errorf("failed to get sandbox container info: %w", err)
}
// Create sandbox task in containerd.
@@ -291,7 +292,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// We don't need stdio for sandbox container.
task, err := container.NewTask(ctx, containerdio.NullIO, taskOpts...)
if err != nil {
return nil, errors.Wrap(err, "failed to create containerd task")
return nil, fmt.Errorf("failed to create containerd task: %w", err)
}
defer func() {
if retErr != nil {
@@ -307,12 +308,12 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
// wait is a long running background request, no timeout needed.
exitCh, err := task.Wait(ctrdutil.NamespacedContext())
if err != nil {
return nil, errors.Wrap(err, "failed to wait for sandbox container task")
return nil, fmt.Errorf("failed to wait for sandbox container task: %w", err)
}
nric, err := nri.New()
if err != nil {
return nil, errors.Wrap(err, "unable to create nri client")
return nil, fmt.Errorf("unable to create nri client: %w", err)
}
if nric != nil {
nriSB := &nri.Sandbox{
@@ -320,12 +321,12 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
Labels: config.Labels,
}
if _, err := nric.InvokeWithSandbox(ctx, task, v1.Create, nriSB); err != nil {
return nil, errors.Wrap(err, "nri invoke")
return nil, fmt.Errorf("nri invoke: %w", err)
}
}
if err := task.Start(ctx); err != nil {
return nil, errors.Wrapf(err, "failed to start sandbox container task %q", id)
return nil, fmt.Errorf("failed to start sandbox container task %q: %w", id, err)
}
if err := sandbox.Status.Update(func(status sandboxstore.Status) (sandboxstore.Status, error) {
@@ -335,14 +336,14 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
status.CreatedAt = info.CreatedAt
return status, nil
}); err != nil {
return nil, errors.Wrap(err, "failed to update sandbox status")
return nil, fmt.Errorf("failed to update sandbox status: %w", err)
}
// Add sandbox into sandbox store in INIT state.
sandbox.Container = container
if err := c.sandboxStore.Add(sandbox); err != nil {
return nil, errors.Wrapf(err, "failed to add sandbox %+v into store", sandbox)
return nil, fmt.Errorf("failed to add sandbox %+v into store: %w", sandbox, err)
}
// start the monitor after adding sandbox into the store, this ensures
@@ -386,7 +387,7 @@ func (c *criService) setupPodNetwork(ctx context.Context, sandbox *sandboxstore.
opts, err := cniNamespaceOpts(id, config)
if err != nil {
return errors.Wrap(err, "get cni namespace options")
return fmt.Errorf("get cni namespace options: %w", err)
}
log.G(ctx).WithField("podsandboxid", id).Debugf("begin cni setup")
result, err := netPlugin.Setup(ctx, id, path, opts...)
@@ -400,7 +401,7 @@ func (c *criService) setupPodNetwork(ctx context.Context, sandbox *sandboxstore.
sandbox.CNIResult = result
return nil
}
return errors.Errorf("failed to find network info for sandbox %q", id)
return fmt.Errorf("failed to find network info for sandbox %q", id)
}
// cniNamespaceOpts get CNI namespace options from sandbox config.
@@ -448,7 +449,7 @@ func toCNILabels(id string, config *runtime.PodSandboxConfig) map[string]string
func toCNIBandWidth(annotations map[string]string) (*cni.BandWidth, error) {
ingress, egress, err := bandwidth.ExtractPodBandwidthResources(annotations)
if err != nil {
return nil, errors.Wrap(err, "reading pod bandwidth annotations")
return nil, fmt.Errorf("reading pod bandwidth annotations: %w", err)
}
if ingress == nil && egress == nil {
@@ -590,7 +591,7 @@ func (c *criService) getSandboxRuntime(config *runtime.PodSandboxConfig, runtime
handler, ok := c.config.ContainerdConfig.Runtimes[runtimeHandler]
if !ok {
return criconfig.Runtime{}, errors.Errorf("no runtime for %q is configured", runtimeHandler)
return criconfig.Runtime{}, fmt.Errorf("no runtime for %q is configured", runtimeHandler)
}
return handler, nil
}

33
pkg/cri/server/sandbox_run_linux.go
View File

@@ -28,7 +28,6 @@ import (
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
selinux "github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -56,7 +55,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC
if len(imageConfig.Entrypoint) == 0 && len(imageConfig.Cmd) == 0 {
// Pause image must have entrypoint or cmd.
return nil, errors.Errorf("invalid empty entrypoint and cmd in image config %+v", imageConfig)
return nil, fmt.Errorf("invalid empty entrypoint and cmd in image config %+v", imageConfig)
}
specOpts = append(specOpts, oci.WithProcessArgs(append(imageConfig.Entrypoint, imageConfig.Cmd...)...))
@@ -120,7 +119,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC
processLabel, mountLabel, err := initLabelsFromOpt(securityContext.GetSelinuxOptions())
if err != nil {
return nil, errors.Wrapf(err, "failed to init selinux options %+v", securityContext.GetSelinuxOptions())
return nil, fmt.Errorf("failed to init selinux options %+v: %w", securityContext.GetSelinuxOptions(), err)
}
defer func() {
if retErr != nil {
@@ -197,7 +196,7 @@ func (c *criService) sandboxContainerSpecOpts(config *runtime.PodSandboxConfig,
securityContext.GetSeccompProfilePath(), //nolint:staticcheck // Deprecated but we don't want to remove yet
c.config.UnsetSeccompProfile)
if err != nil {
return nil, errors.Wrap(err, "failed to generate seccomp spec opts")
return nil, fmt.Errorf("failed to generate seccomp spec opts: %w", err)
}
}
seccompSpecOpts, err := c.generateSeccompSpecOpts(
@@ -205,7 +204,7 @@ func (c *criService) sandboxContainerSpecOpts(config *runtime.PodSandboxConfig,
securityContext.GetPrivileged(),
c.seccompEnabled())
if err != nil {
return nil, errors.Wrap(err, "failed to generate seccomp spec opts")
return nil, fmt.Errorf("failed to generate seccomp spec opts: %w", err)
}
if seccompSpecOpts != nil {
specOpts = append(specOpts, seccompSpecOpts)
@@ -217,7 +216,7 @@ func (c *criService) sandboxContainerSpecOpts(config *runtime.PodSandboxConfig,
securityContext.GetRunAsGroup(),
)
if err != nil {
return nil, errors.Wrap(err, "failed to generate user string")
return nil, fmt.Errorf("failed to generate user string: %w", err)
}
if userstr == "" {
// Lastly, since no user override was passed via CRI try to set via OCI
@@ -239,17 +238,17 @@ func (c *criService) setupSandboxFiles(id string, config *runtime.PodSandboxConf
var err error
hostname, err = c.os.Hostname()
if err != nil {
return errors.Wrap(err, "failed to get hostname")
return fmt.Errorf("failed to get hostname: %w", err)
}
}
if err := c.os.WriteFile(sandboxEtcHostname, []byte(hostname+"\n"), 0644); err != nil {
return errors.Wrapf(err, "failed to write hostname to %q", sandboxEtcHostname)
return fmt.Errorf("failed to write hostname to %q: %w", sandboxEtcHostname, err)
}
// TODO(random-liu): Consider whether we should maintain /etc/hosts and /etc/resolv.conf in kubelet.
sandboxEtcHosts := c.getSandboxHosts(id)
if err := c.os.CopyFile(etcHosts, sandboxEtcHosts, 0644); err != nil {
return errors.Wrapf(err, "failed to generate sandbox hosts file %q", sandboxEtcHosts)
return fmt.Errorf("failed to generate sandbox hosts file %q: %w", sandboxEtcHosts, err)
}
// Set DNS options. Maintain a resolv.conf for the sandbox.
@@ -258,7 +257,7 @@ func (c *criService) setupSandboxFiles(id string, config *runtime.PodSandboxConf
if dnsConfig := config.GetDnsConfig(); dnsConfig != nil {
resolvContent, err = parseDNSOptions(dnsConfig.Servers, dnsConfig.Searches, dnsConfig.Options)
if err != nil {
return errors.Wrapf(err, "failed to parse sandbox DNSConfig %+v", dnsConfig)
return fmt.Errorf("failed to parse sandbox DNSConfig %+v: %w", dnsConfig, err)
}
}
resolvPath := c.getResolvPath(id)
@@ -266,28 +265,28 @@ func (c *criService) setupSandboxFiles(id string, config *runtime.PodSandboxConf
// copy host's resolv.conf to resolvPath
err = c.os.CopyFile(resolvConfPath, resolvPath, 0644)
if err != nil {
return errors.Wrapf(err, "failed to copy host's resolv.conf to %q", resolvPath)
return fmt.Errorf("failed to copy host's resolv.conf to %q: %w", resolvPath, err)
}
} else {
err = c.os.WriteFile(resolvPath, []byte(resolvContent), 0644)
if err != nil {
return errors.Wrapf(err, "failed to write resolv content to %q", resolvPath)
return fmt.Errorf("failed to write resolv content to %q: %w", resolvPath, err)
}
}
// Setup sandbox /dev/shm.
if config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetIpc() == runtime.NamespaceMode_NODE {
if _, err := c.os.Stat(devShm); err != nil {
return errors.Wrapf(err, "host %q is not available for host ipc", devShm)
return fmt.Errorf("host %q is not available for host ipc: %w", devShm, err)
}
} else {
sandboxDevShm := c.getSandboxDevShm(id)
if err := c.os.MkdirAll(sandboxDevShm, 0700); err != nil {
return errors.Wrap(err, "failed to create sandbox shm")
return fmt.Errorf("failed to create sandbox shm: %w", err)
}
shmproperty := fmt.Sprintf("mode=1777,size=%d", defaultShmSize)
if err := c.os.(osinterface.UNIX).Mount("shm", sandboxDevShm, "tmpfs", uintptr(unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV), shmproperty); err != nil {
return errors.Wrap(err, "failed to mount sandbox shm")
return fmt.Errorf("failed to mount sandbox shm: %w", err)
}
}
@@ -320,10 +319,10 @@ func (c *criService) cleanupSandboxFiles(id string, config *runtime.PodSandboxCo
if config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetIpc() != runtime.NamespaceMode_NODE {
path, err := c.os.FollowSymlinkInScope(c.getSandboxDevShm(id), "/")
if err != nil {
return errors.Wrap(err, "failed to follow symlink")
return fmt.Errorf("failed to follow symlink: %w", err)
}
if err := c.os.(osinterface.UNIX).Unmount(path); err != nil && !os.IsNotExist(err) {
return errors.Wrapf(err, "failed to unmount %q", path)
return fmt.Errorf("failed to unmount %q: %w", path, err)
}
}
return nil

4
pkg/cri/server/sandbox_run_windows.go
View File

@@ -17,13 +17,13 @@
package server
import (
"fmt"
"strconv"
"github.com/containerd/containerd"
"github.com/containerd/containerd/oci"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
"github.com/containerd/containerd/pkg/cri/annotations"
@@ -43,7 +43,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC
if len(imageConfig.Entrypoint) == 0 && len(imageConfig.Cmd) == 0 {
// Pause image must have entrypoint or cmd.
return nil, errors.Errorf("invalid empty entrypoint and cmd in image config %+v", imageConfig)
return nil, fmt.Errorf("invalid empty entrypoint and cmd in image config %+v", imageConfig)
}
specOpts = append(specOpts, oci.WithProcessArgs(append(imageConfig.Entrypoint, imageConfig.Cmd...)...))

9
pkg/cri/server/sandbox_stats.go
View File

@@ -17,7 +17,8 @@
package server
import (
"github.com/pkg/errors"
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -29,18 +30,18 @@ func (c *criService) PodSandboxStats(
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when trying to find sandbox %s", r.GetPodSandboxId())
return nil, fmt.Errorf("an error occurred when trying to find sandbox %s: %w", r.GetPodSandboxId(), err)
}
metrics, err := metricsForSandbox(sandbox)
if err != nil {
return nil, errors.Wrapf(err, "failed getting metrics for sandbox %s", r.GetPodSandboxId())
return nil, fmt.Errorf("failed getting metrics for sandbox %s: %w", r.GetPodSandboxId(), err)
}
podSandboxStats, err := c.podSandboxStats(ctx, sandbox, metrics)
if err != nil {
return nil, errors.Wrapf(err, "failed to decode pod sandbox metrics %s", r.GetPodSandboxId())
return nil, fmt.Errorf("failed to decode pod sandbox metrics %s: %w", r.GetPodSandboxId(), err)
}
return &runtime.PodSandboxStatsResponse{Stats: podSandboxStats}, nil

20
pkg/cri/server/sandbox_stats_linux.go
View File

@@ -17,10 +17,10 @@
package server
import (
"fmt"
"time"
"github.com/containernetworking/plugins/pkg/ns"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -41,7 +41,7 @@ func (c *criService) podSandboxStats(
meta := sandbox.Metadata
if sandbox.Status.Get().State != sandboxstore.StateReady {
return nil, errors.Errorf("failed to get pod sandbox stats since sandbox container %q is not in ready state", meta.ID)
return nil, fmt.Errorf("failed to get pod sandbox stats since sandbox container %q is not in ready state", meta.ID)
}
var podSandboxStats runtime.PodSandboxStats
@@ -59,13 +59,13 @@ func (c *criService) podSandboxStats(
cpuStats, err := c.cpuContainerStats(meta.ID, true /* isSandbox */, stats, timestamp)
if err != nil {
return nil, errors.Wrap(err, "failed to obtain cpu stats")
return nil, fmt.Errorf("failed to obtain cpu stats: %w", err)
}
podSandboxStats.Linux.Cpu = cpuStats
memoryStats, err := c.memoryContainerStats(meta.ID, stats, timestamp)
if err != nil {
return nil, errors.Wrap(err, "failed to obtain memory stats")
return nil, fmt.Errorf("failed to obtain memory stats: %w", err)
}
podSandboxStats.Linux.Memory = memoryStats
@@ -113,7 +113,7 @@ func (c *criService) podSandboxStats(
listContainerStatsRequest := &runtime.ListContainerStatsRequest{Filter: &runtime.ContainerStatsFilter{PodSandboxId: meta.ID}}
resp, err := c.ListContainerStats(ctx, listContainerStatsRequest)
if err != nil {
return nil, errors.Wrap(err, "failed to obtain container stats during podSandboxStats call")
return nil, fmt.Errorf("failed to obtain container stats during podSandboxStats call: %w", err)
}
podSandboxStats.Linux.Containers = resp.GetStats()
}
@@ -146,29 +146,29 @@ func metricsForSandbox(sandbox sandboxstore.Sandbox) (interface{}, error) {
cgroupPath := sandbox.Config.GetLinux().GetCgroupParent()
if cgroupPath == "" {
return nil, errors.Errorf("failed to get cgroup metrics for sandbox %v because cgroupPath is empty", sandbox.ID)
return nil, fmt.Errorf("failed to get cgroup metrics for sandbox %v because cgroupPath is empty", sandbox.ID)
}
var statsx interface{}
if cgroups.Mode() == cgroups.Unified {
cg, err := cgroupsv2.LoadManager("/sys/fs/cgroup", cgroupPath)
if err != nil {
return nil, errors.Wrapf(err, "failed to load sandbox cgroup: %v", cgroupPath)
return nil, fmt.Errorf("failed to load sandbox cgroup: %v: %w", cgroupPath, err)
}
stats, err := cg.Stat()
if err != nil {
return nil, errors.Wrapf(err, "failed to get stats for cgroup: %v", cgroupPath)
return nil, fmt.Errorf("failed to get stats for cgroup: %v: %w", cgroupPath, err)
}
statsx = stats
} else {
control, err := cgroups.Load(cgroups.V1, cgroups.StaticPath(cgroupPath))
if err != nil {
return nil, errors.Wrapf(err, "failed to load sandbox cgroup: %v", cgroupPath)
return nil, fmt.Errorf("failed to load sandbox cgroup %v: %w", cgroupPath, err)
}
stats, err := control.Stat(cgroups.IgnoreNotExist)
if err != nil {
return nil, errors.Wrapf(err, "failed to get stats for cgroup %v", cgroupPath)
return nil, fmt.Errorf("failed to get stats for cgroup %v: %w", cgroupPath, err)
}
statsx = stats
}

7
pkg/cri/server/sandbox_stats_list.go
View File

@@ -17,8 +17,9 @@
package server
import (
"fmt"
sandboxstore "github.com/containerd/containerd/pkg/cri/store/sandbox"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -35,12 +36,12 @@ func (c *criService) ListPodSandboxStats(
metrics, err := metricsForSandbox(sandbox)
if err != nil {
return nil, errors.Wrapf(err, "failed to obtain metrics for sandbox %q", sandbox.ID)
return nil, fmt.Errorf("failed to obtain metrics for sandbox %q: %w", sandbox.ID, err)
}
sandboxStats, err := c.podSandboxStats(ctx, sandbox, metrics)
if err != nil {
return nil, errors.Wrapf(err, "failed to decode sandbox container metrics for sandbox %q", sandbox.ID)
return nil, fmt.Errorf("failed to decode sandbox container metrics for sandbox %q: %w", sandbox.ID, err)
}
podSandboxStats.Stats = append(podSandboxStats.Stats, sandboxStats)
}

7
pkg/cri/server/sandbox_stats_other.go
View File

@@ -20,18 +20,19 @@
package server
import (
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
"github.com/containerd/containerd/errdefs"
sandboxstore "github.com/containerd/containerd/pkg/cri/store/sandbox"
"github.com/pkg/errors"
)
func (c *criService) podSandboxStats(ctx context.Context, sandbox sandboxstore.Sandbox, stats interface{}) (*runtime.PodSandboxStats, error) {
return nil, errors.Wrap(errdefs.ErrNotImplemented, "pod sandbox stats not implemented")
return nil, fmt.Errorf("pod sandbox stats not implemented: %w", errdefs.ErrNotImplemented)
}
func metricsForSandbox(sandbox sandboxstore.Sandbox) (interface{}, error) {
return nil, errors.Wrap(errdefs.ErrNotImplemented, "metrics for sandbox not implemented")
return nil, fmt.Errorf("metrics for sandbox not implemented: %w", errdefs.ErrNotImplemented)
}

7
pkg/cri/server/sandbox_stats_windows.go
View File

@@ -17,18 +17,19 @@
package server
import (
"fmt"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
"github.com/containerd/containerd/errdefs"
sandboxstore "github.com/containerd/containerd/pkg/cri/store/sandbox"
"github.com/pkg/errors"
)
func (c *criService) podSandboxStats(ctx context.Context, sandbox sandboxstore.Sandbox, stats interface{}) (*runtime.PodSandboxStats, error) {
return nil, errors.Wrap(errdefs.ErrNotImplemented, "pod sandbox stats not implemented on windows")
return nil, fmt.Errorf("pod sandbox stats not implemented on windows: %w", errdefs.ErrNotImplemented)
}
func metricsForSandbox(sandbox sandboxstore.Sandbox) (interface{}, error) {
return nil, errors.Wrap(errdefs.ErrNotImplemented, "metrics for sandbox not implemented on windows")
return nil, fmt.Errorf("metrics for sandbox not implemented on windows: %w", errdefs.ErrNotImplemented)
}

26
pkg/cri/server/sandbox_status.go
View File

@@ -18,13 +18,13 @@ package server
import (
"encoding/json"
"fmt"
goruntime "runtime"
"github.com/containerd/containerd"
"github.com/containerd/containerd/errdefs"
cni "github.com/containerd/go-cni"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -35,19 +35,19 @@ import (
func (c *criService) PodSandboxStatus(ctx context.Context, r *runtime.PodSandboxStatusRequest) (*runtime.PodSandboxStatusResponse, error) {
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
return nil, errors.Wrap(err, "an error occurred when try to find sandbox")
return nil, fmt.Errorf("an error occurred when try to find sandbox: %w", err)
}
ip, additionalIPs, err := c.getIPs(sandbox)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox ip")
return nil, fmt.Errorf("failed to get sandbox ip: %w", err)
}
status := toCRISandboxStatus(sandbox.Metadata, sandbox.Status.Get(), ip, additionalIPs)
if status.GetCreatedAt() == 0 {
// CRI doesn't allow CreatedAt == 0.
info, err := sandbox.Container.Info(ctx)
if err != nil {
return nil, errors.Wrapf(err, "failed to get CreatedAt for sandbox container in %q state", status.State)
return nil, fmt.Errorf("failed to get CreatedAt for sandbox container in %q state: %w", status.State, err)
}
status.CreatedAt = info.CreatedAt.UnixNano()
}
@@ -58,7 +58,7 @@ func (c *criService) PodSandboxStatus(ctx context.Context, r *runtime.PodSandbox
// Generate verbose information.
info, err := toCRISandboxInfo(ctx, sandbox)
if err != nil {
return nil, errors.Wrap(err, "failed to get verbose sandbox container info")
return nil, fmt.Errorf("failed to get verbose sandbox container info: %w", err)
}
return &runtime.PodSandboxStatusResponse{
@@ -81,7 +81,7 @@ func (c *criService) getIPs(sandbox sandboxstore.Sandbox) (string, []string, err
}
if closed, err := sandbox.NetNS.Closed(); err != nil {
return "", nil, errors.Wrap(err, "check network namespace closed")
return "", nil, fmt.Errorf("check network namespace closed: %w", err)
} else if closed {
return "", nil, nil
}
@@ -150,14 +150,14 @@ func toCRISandboxInfo(ctx context.Context, sandbox sandboxstore.Sandbox) (map[st
container := sandbox.Container
task, err := container.Task(ctx, nil)
if err != nil && !errdefs.IsNotFound(err) {
return nil, errors.Wrap(err, "failed to get sandbox container task")
return nil, fmt.Errorf("failed to get sandbox container task: %w", err)
}
var processStatus containerd.ProcessStatus
if task != nil {
taskStatus, err := task.Status(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get task status")
return nil, fmt.Errorf("failed to get task status: %w", err)
}
processStatus = taskStatus.Status
@@ -181,20 +181,20 @@ func toCRISandboxInfo(ctx context.Context, sandbox sandboxstore.Sandbox) (map[st
// Add network closed information if sandbox is not using host network.
closed, err := sandbox.NetNS.Closed()
if err != nil {
return nil, errors.Wrap(err, "failed to check network namespace closed")
return nil, fmt.Errorf("failed to check network namespace closed: %w", err)
}
si.NetNSClosed = closed
}
spec, err := container.Spec(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox container runtime spec")
return nil, fmt.Errorf("failed to get sandbox container runtime spec: %w", err)
}
si.RuntimeSpec = spec
ctrInfo, err := container.Info(ctx)
if err != nil {
return nil, errors.Wrap(err, "failed to get sandbox container info")
return nil, fmt.Errorf("failed to get sandbox container info: %w", err)
}
// Do not use config.SandboxImage because the configuration might
// be changed during restart. It may not reflect the actual image
@@ -205,14 +205,14 @@ func toCRISandboxInfo(ctx context.Context, sandbox sandboxstore.Sandbox) (map[st
runtimeOptions, err := getRuntimeOptions(ctrInfo)
if err != nil {
return nil, errors.Wrap(err, "failed to get runtime options")
return nil, fmt.Errorf("failed to get runtime options: %w", err)
}
si.RuntimeType = ctrInfo.Runtime.Name
si.RuntimeOptions = runtimeOptions
infoBytes, err := json.Marshal(si)
if err != nil {
return nil, errors.Wrapf(err, "failed to marshal info %v", si)
return nil, fmt.Errorf("failed to marshal info %v: %w", si, err)
}
return map[string]string{
"info": string(infoBytes),

29
pkg/cri/server/sandbox_stop.go
View File

@@ -17,13 +17,14 @@
package server
import (
"errors"
"fmt"
"syscall"
"time"
eventtypes "github.com/containerd/containerd/api/events"
"github.com/containerd/containerd/errdefs"
"github.com/containerd/containerd/log"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -36,8 +37,8 @@ import (
func (c *criService) StopPodSandbox(ctx context.Context, r *runtime.StopPodSandboxRequest) (*runtime.StopPodSandboxResponse, error) {
sandbox, err := c.sandboxStore.Get(r.GetPodSandboxId())
if err != nil {
return nil, errors.Wrapf(err, "an error occurred when try to find sandbox %q",
r.GetPodSandboxId())
return nil, fmt.Errorf("an error occurred when try to find sandbox %q: %w",
r.GetPodSandboxId(), err)
}
if err := c.stopPodSandbox(ctx, sandbox); err != nil {
@@ -63,19 +64,19 @@ func (c *criService) stopPodSandbox(ctx context.Context, sandbox sandboxstore.Sa
// Forcibly stop the container. Do not use `StopContainer`, because it introduces a race
// if a container is removed after list.
if err := c.stopContainer(ctx, container, 0); err != nil {
return errors.Wrapf(err, "failed to stop container %q", container.ID)
return fmt.Errorf("failed to stop container %q: %w", container.ID, err)
}
}
if err := c.cleanupSandboxFiles(id, sandbox.Config); err != nil {
return errors.Wrap(err, "failed to cleanup sandbox files")
return fmt.Errorf("failed to cleanup sandbox files: %w", err)
}
// Only stop sandbox container when it's running or unknown.
state := sandbox.Status.Get().State
if state == sandboxstore.StateReady || state == sandboxstore.StateUnknown {
if err := c.stopSandboxContainer(ctx, sandbox); err != nil {
return errors.Wrapf(err, "failed to stop sandbox container %q in %q state", id, state)
return fmt.Errorf("failed to stop sandbox container %q in %q state: %w", id, state, err)
}
}
sandboxRuntimeStopTimer.WithValues(sandbox.RuntimeHandler).UpdateSince(stop)
@@ -86,15 +87,15 @@ func (c *criService) stopPodSandbox(ctx context.Context, sandbox sandboxstore.Sa
// Use empty netns path if netns is not available. This is defined in:
// https://github.com/containernetworking/cni/blob/v0.7.0-alpha1/SPEC.md
if closed, err := sandbox.NetNS.Closed(); err != nil {
return errors.Wrap(err, "failed to check network namespace closed")
return fmt.Errorf("failed to check network namespace closed: %w", err)
} else if closed {
sandbox.NetNSPath = ""
}
if err := c.teardownPodNetwork(ctx, sandbox); err != nil {
return errors.Wrapf(err, "failed to destroy network for sandbox %q", id)
return fmt.Errorf("failed to destroy network for sandbox %q: %w", id, err)
}
if err := sandbox.NetNS.Remove(); err != nil {
return errors.Wrapf(err, "failed to remove network namespace for sandbox %q", id)
return fmt.Errorf("failed to remove network namespace for sandbox %q: %w", id, err)
}
sandboxDeleteNetwork.UpdateSince(netStop)
}
@@ -114,7 +115,7 @@ func (c *criService) stopSandboxContainer(ctx context.Context, sandbox sandboxst
task, err := container.Task(ctx, nil)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to get sandbox container")
return fmt.Errorf("failed to get sandbox container: %w", err)
}
// Don't return for unknown state, some cleanup needs to be done.
if state == sandboxstore.StateUnknown {
@@ -132,7 +133,7 @@ func (c *criService) stopSandboxContainer(ctx context.Context, sandbox sandboxst
exitCh, err := task.Wait(waitCtx)
if err != nil {
if !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to wait for task")
return fmt.Errorf("failed to wait for task: %w", err)
}
return cleanupUnknownSandbox(ctx, id, sandbox)
}
@@ -150,7 +151,7 @@ func (c *criService) stopSandboxContainer(ctx context.Context, sandbox sandboxst
// Kill the sandbox container.
if err = task.Kill(ctx, syscall.SIGKILL); err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "failed to kill sandbox container")
return fmt.Errorf("failed to kill sandbox container: %w", err)
}
return c.waitSandboxStop(ctx, sandbox)
@@ -161,7 +162,7 @@ func (c *criService) stopSandboxContainer(ctx context.Context, sandbox sandboxst
func (c *criService) waitSandboxStop(ctx context.Context, sandbox sandboxstore.Sandbox) error {
select {
case <-ctx.Done():
return errors.Wrapf(ctx.Err(), "wait sandbox container %q", sandbox.ID)
return fmt.Errorf("wait sandbox container %q: %w", sandbox.ID, ctx.Err())
case <-sandbox.Stopped():
return nil
}
@@ -181,7 +182,7 @@ func (c *criService) teardownPodNetwork(ctx context.Context, sandbox sandboxstor
)
opts, err := cniNamespaceOpts(id, config)
if err != nil {
return errors.Wrap(err, "get cni namespace options")
return fmt.Errorf("get cni namespace options: %w", err)
}
return netPlugin.Remove(ctx, id, path, opts...)

27
pkg/cri/server/service.go
View File

@@ -31,7 +31,6 @@ import (
"github.com/containerd/containerd/pkg/cri/streaming"
"github.com/containerd/containerd/plugin"
cni "github.com/containerd/go-cni"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"google.golang.org/grpc"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
@@ -135,20 +134,20 @@ func NewCRIService(config criconfig.Config, client *containerd.Client) (CRIServi
}
if client.SnapshotService(c.config.ContainerdConfig.Snapshotter) == nil {
return nil, errors.Errorf("failed to find snapshotter %q", c.config.ContainerdConfig.Snapshotter)
return nil, fmt.Errorf("failed to find snapshotter %q", c.config.ContainerdConfig.Snapshotter)
}
c.imageFSPath = imageFSPath(config.ContainerdRootDir, config.ContainerdConfig.Snapshotter)
logrus.Infof("Get image filesystem path %q", c.imageFSPath)
if err := c.initPlatform(); err != nil {
return nil, errors.Wrap(err, "initialize platform")
return nil, fmt.Errorf("initialize platform: %w", err)
}
// prepare streaming server
c.streamServer, err = newStreamServer(c, config.StreamServerAddress, config.StreamServerPort, config.StreamIdleTimeout)
if err != nil {
return nil, errors.Wrap(err, "failed to create stream server")
return nil, fmt.Errorf("failed to create stream server: %w", err)
}
c.eventMonitor = newEventMonitor(c)
@@ -164,7 +163,7 @@ func NewCRIService(config criconfig.Config, client *containerd.Client) (CRIServi
if path != "" {
m, err := newCNINetConfSyncer(path, i, c.cniLoadOptions())
if err != nil {
return nil, errors.Wrapf(err, "failed to create cni conf monitor for %s", name)
return nil, fmt.Errorf("failed to create cni conf monitor for %s: %w", name, err)
}
c.cniNetConfMonitor[name] = m
}
@@ -201,7 +200,7 @@ func (c *criService) Run() error {
logrus.Infof("Start recovering state")
if err := c.recover(ctrdutil.NamespacedContext()); err != nil {
return errors.Wrap(err, "failed to recover state")
return fmt.Errorf("failed to recover state: %w", err)
}
// Start event handler.
@@ -255,7 +254,7 @@ func (c *criService) Run() error {
case cniNetConfMonitorErr = <-cniNetConfMonitorErrCh:
}
if err := c.Close(); err != nil {
return errors.Wrap(err, "failed to stop cri service")
return fmt.Errorf("failed to stop cri service: %w", err)
}
// If the error is set above, err from channel must be nil here, because
// the channel is supposed to be closed. Or else, we wait and set it.
@@ -282,13 +281,13 @@ func (c *criService) Run() error {
logrus.Errorf("Stream server is not stopped in %q", streamServerStopTimeout)
}
if eventMonitorErr != nil {
return errors.Wrap(eventMonitorErr, "event monitor error")
return fmt.Errorf("event monitor error: %w", eventMonitorErr)
}
if streamServerErr != nil {
return errors.Wrap(streamServerErr, "stream server error")
return fmt.Errorf("stream server error: %w", streamServerErr)
}
if cniNetConfMonitorErr != nil {
return errors.Wrap(cniNetConfMonitorErr, "cni network conf monitor error")
return fmt.Errorf("cni network conf monitor error: %w", cniNetConfMonitorErr)
}
return nil
}
@@ -304,7 +303,7 @@ func (c *criService) Close() error {
}
c.eventMonitor.stop()
if err := c.streamServer.Stop(); err != nil {
return errors.Wrap(err, "failed to stop stream server")
return fmt.Errorf("failed to stop stream server: %w", err)
}
return nil
}
@@ -328,13 +327,13 @@ func imageFSPath(rootDir, snapshotter string) string {
func loadOCISpec(filename string) (*oci.Spec, error) {
file, err := os.Open(filename)
if err != nil {
return nil, errors.Wrapf(err, "failed to open base OCI spec: %s", filename)
return nil, fmt.Errorf("failed to open base OCI spec: %s: %w", filename, err)
}
defer file.Close()
spec := oci.Spec{}
if err := json.NewDecoder(file).Decode(&spec); err != nil {
return nil, errors.Wrap(err, "failed to parse base OCI spec file")
return nil, fmt.Errorf("failed to parse base OCI spec file: %w", err)
}
return &spec, nil
@@ -354,7 +353,7 @@ func loadBaseOCISpecs(config *criconfig.Config) (map[string]*oci.Spec, error) {
spec, err := loadOCISpec(cfg.BaseRuntimeSpec)
if err != nil {
return nil, errors.Wrapf(err, "failed to load base OCI spec from file: %s", cfg.BaseRuntimeSpec)
return nil, fmt.Errorf("failed to load base OCI spec from file: %s: %w", cfg.BaseRuntimeSpec, err)
}
specs[cfg.BaseRuntimeSpec] = spec

7
pkg/cri/server/service_linux.go
View File

@@ -17,11 +17,12 @@
package server
import (
"fmt"
"github.com/containerd/containerd/pkg/cap"
"github.com/containerd/containerd/pkg/userns"
cni "github.com/containerd/go-cni"
"github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -74,7 +75,7 @@ func (c *criService) initPlatform() (err error) {
cni.WithPluginMaxConfNum(max),
cni.WithPluginDir([]string{c.config.NetworkPluginBinDir}))
if err != nil {
return errors.Wrap(err, "failed to initialize cni")
return fmt.Errorf("failed to initialize cni: %w", err)
}
c.netPlugin[name] = i
}
@@ -82,7 +83,7 @@ func (c *criService) initPlatform() (err error) {
if c.allCaps == nil {
c.allCaps, err = cap.Current()
if err != nil {
return errors.Wrap(err, "failed to get caps")
return fmt.Errorf("failed to get caps: %w", err)
}
}

5
pkg/cri/server/service_windows.go
View File

@@ -17,8 +17,9 @@
package server
import (
"fmt"
cni "github.com/containerd/go-cni"
"github.com/pkg/errors"
)
// windowsNetworkAttachCount is the minimum number of networks the PodSandbox
@@ -54,7 +55,7 @@ func (c *criService) initPlatform() error {
cni.WithPluginMaxConfNum(max),
cni.WithPluginDir([]string{c.config.NetworkPluginBinDir}))
if err != nil {
return errors.Wrap(err, "failed to initialize cni")
return fmt.Errorf("failed to initialize cni: %w", err)
}
c.netPlugin[name] = i
}

4
pkg/cri/server/snapshots.go
View File

@@ -18,11 +18,11 @@ package server
import (
"context"
"fmt"
"time"
"github.com/containerd/containerd/errdefs"
snapshot "github.com/containerd/containerd/snapshots"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
snapshotstore "github.com/containerd/containerd/pkg/cri/store/snapshot"
@@ -80,7 +80,7 @@ func (s *snapshotsSyncer) sync() error {
snapshots = append(snapshots, info)
return nil
}); err != nil {
return errors.Wrap(err, "walk all snapshots failed")
return fmt.Errorf("walk all snapshots failed: %w", err)
}
for _, info := range snapshots {
sn, err := s.store.Get(info.Name)

27
pkg/cri/server/streaming.go
View File

@@ -19,13 +19,14 @@ package server
import (
"context"
"crypto/tls"
"errors"
"fmt"
"io"
"math"
"net"
"os"
"time"
"github.com/pkg/errors"
k8snet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/client-go/tools/remotecommand"
@@ -70,7 +71,7 @@ func newStreamServer(c *criService, addr, port, streamIdleTimeout string) (strea
if addr == "" {
a, err := k8snet.ResolveBindAddress(nil)
if err != nil {
return nil, errors.Wrap(err, "failed to get stream server address")
return nil, fmt.Errorf("failed to get stream server address: %w", err)
}
addr = a.String()
}
@@ -79,20 +80,20 @@ func newStreamServer(c *criService, addr, port, streamIdleTimeout string) (strea
var err error
config.StreamIdleTimeout, err = time.ParseDuration(streamIdleTimeout)
if err != nil {
return nil, errors.Wrap(err, "invalid stream idle timeout")
return nil, fmt.Errorf("invalid stream idle timeout: %w", err)
}
}
config.Addr = net.JoinHostPort(addr, port)
run := newStreamRuntime(c)
tlsMode, err := getStreamListenerMode(c)
if err != nil {
return nil, errors.Wrapf(err, "invalid stream server configuration")
return nil, fmt.Errorf("invalid stream server configuration: %w", err)
}
switch tlsMode {
case x509KeyPairTLS:
tlsCert, err := tls.LoadX509KeyPair(c.config.X509KeyPairStreaming.TLSCertFile, c.config.X509KeyPairStreaming.TLSKeyFile)
if err != nil {
return nil, errors.Wrap(err, "failed to load x509 key pair for stream server")
return nil, fmt.Errorf("failed to load x509 key pair for stream server: %w", err)
}
config.TLSConfig = &tls.Config{
Certificates: []tls.Certificate{tlsCert},
@@ -101,7 +102,7 @@ func newStreamServer(c *criService, addr, port, streamIdleTimeout string) (strea
case selfSignTLS:
tlsCert, err := newTLSCert()
if err != nil {
return nil, errors.Wrap(err, "failed to generate tls certificate for stream server")
return nil, fmt.Errorf("failed to generate tls certificate for stream server: %w", err)
}
config.TLSConfig = &tls.Config{
Certificates: []tls.Certificate{tlsCert},
@@ -136,13 +137,13 @@ func (s *streamRuntime) Exec(containerID string, cmd []string, stdin io.Reader,
resize: resize,
})
if err != nil {
return errors.Wrap(err, "failed to exec in container")
return fmt.Errorf("failed to exec in container: %w", err)
}
if *exitCode == 0 {
return nil
}
return &exec.CodeExitError{
Err: errors.Errorf("error executing command %v, exit code %d", cmd, *exitCode),
Err: fmt.Errorf("error executing command %v, exit code %d", cmd, *exitCode),
Code: int(*exitCode),
}
}
@@ -154,7 +155,7 @@ func (s *streamRuntime) Attach(containerID string, in io.Reader, out, err io.Wri
func (s *streamRuntime) PortForward(podSandboxID string, port int32, stream io.ReadWriteCloser) error {
if port <= 0 || port > math.MaxUint16 {
return errors.Errorf("invalid port %d", port)
return fmt.Errorf("invalid port %d", port)
}
ctx := ctrdutil.NamespacedContext()
return s.c.portForward(ctx, podSandboxID, port, stream)
@@ -197,12 +198,12 @@ func newTLSCert() (tls.Certificate, error) {
hostName, err := os.Hostname()
if err != nil {
return fail(errors.Wrap(err, "failed to get hostname"))
return fail(fmt.Errorf("failed to get hostname: %w", err))
}
addrs, err := net.InterfaceAddrs()
if err != nil {
return fail(errors.Wrap(err, "failed to get host IP addresses"))
return fail(fmt.Errorf("failed to get host IP addresses: %w", err))
}
var alternateIPs []net.IP
@@ -226,13 +227,13 @@ func newTLSCert() (tls.Certificate, error) {
// Generate a self signed certificate key (CA is self)
certPem, keyPem, err := k8scert.GenerateSelfSignedCertKey(hostName, alternateIPs, alternateDNS)
if err != nil {
return fail(errors.Wrap(err, "certificate key could not be created"))
return fail(fmt.Errorf("certificate key could not be created: %w", err))
}
// Load the tls certificate
tlsCert, err := tls.X509KeyPair(certPem, keyPem)
if err != nil {
return fail(errors.Wrap(err, "certificate could not be loaded"))
return fail(fmt.Errorf("certificate could not be loaded: %w", err))
}
return tlsCert, nil

12
pkg/cri/server/update_runtime_config.go
View File

@@ -17,6 +17,7 @@
package server
import (
"fmt"
"net"
"os"
"path/filepath"
@@ -24,7 +25,6 @@ import (
"text/template"
"github.com/containerd/containerd/log"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -61,7 +61,7 @@ func (c *criService) UpdateRuntimeConfig(ctx context.Context, r *runtime.UpdateR
}
routes, err := getRoutes(cidrs)
if err != nil {
return nil, errors.Wrap(err, "get routes")
return nil, fmt.Errorf("get routes: %w", err)
}
confTemplate := c.config.NetworkPluginConfTemplate
@@ -85,15 +85,15 @@ func (c *criService) UpdateRuntimeConfig(ctx context.Context, r *runtime.UpdateR
// generate cni config file from the template with updated pod cidr.
t, err := template.ParseFiles(confTemplate)
if err != nil {
return nil, errors.Wrapf(err, "failed to parse cni config template %q", confTemplate)
return nil, fmt.Errorf("failed to parse cni config template %q: %w", confTemplate, err)
}
if err := os.MkdirAll(c.config.NetworkPluginConfDir, 0755); err != nil {
return nil, errors.Wrapf(err, "failed to create cni config directory: %q", c.config.NetworkPluginConfDir)
return nil, fmt.Errorf("failed to create cni config directory: %q: %w", c.config.NetworkPluginConfDir, err)
}
confFile := filepath.Join(c.config.NetworkPluginConfDir, cniConfigFileName)
f, err := os.OpenFile(confFile, os.O_WRONLY|os.O_CREATE, 0644)
if err != nil {
return nil, errors.Wrapf(err, "failed to open cni config file %q", confFile)
return nil, fmt.Errorf("failed to open cni config file %q: %w", confFile, err)
}
defer f.Close()
if err := t.Execute(f, cniConfigTemplate{
@@ -101,7 +101,7 @@ func (c *criService) UpdateRuntimeConfig(ctx context.Context, r *runtime.UpdateR
PodCIDRRanges: cidrs,
Routes: routes,
}); err != nil {
return nil, errors.Wrapf(err, "failed to generate cni config file %q", confFile)
return nil, fmt.Errorf("failed to generate cni config file %q: %w", confFile, err)
}
return &runtime.UpdateRuntimeConfigResponse{}, nil
}

2
pkg/cri/server/update_runtime_config_test.go
View File

@@ -17,11 +17,11 @@
package server
import (
"errors"
"os"
"path/filepath"
"testing"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"golang.org/x/net/context"

4
pkg/cri/store/container/metadata.go
View File

@@ -18,8 +18,8 @@ package container
import (
"encoding/json"
"fmt"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -85,5 +85,5 @@ func (c *Metadata) UnmarshalJSON(data []byte) error {
*c = Metadata(versioned.Metadata)
return nil
}
return errors.Errorf("unsupported version: %q", versioned.Version)
return fmt.Errorf("unsupported version: %q", versioned.Version)
}

15
pkg/cri/store/container/status.go
View File

@@ -18,12 +18,13 @@ package container
import (
"encoding/json"
"errors"
"fmt"
"os"
"path/filepath"
"sync"
"github.com/containerd/continuity"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -165,11 +166,11 @@ type StatusStorage interface {
func StoreStatus(root, id string, status Status) (StatusStorage, error) {
data, err := status.encode()
if err != nil {
return nil, errors.Wrap(err, "failed to encode status")
return nil, fmt.Errorf("failed to encode status: %w", err)
}
path := filepath.Join(root, "status")
if err := continuity.AtomicWriteFile(path, data, 0600); err != nil {
return nil, errors.Wrapf(err, "failed to checkpoint status to %q", path)
return nil, fmt.Errorf("failed to checkpoint status to %q: %w", path, err)
}
return &statusStorage{
path: path,
@@ -183,11 +184,11 @@ func LoadStatus(root, id string) (Status, error) {
path := filepath.Join(root, "status")
data, err := os.ReadFile(path)
if err != nil {
return Status{}, errors.Wrapf(err, "failed to read status from %q", path)
return Status{}, fmt.Errorf("failed to read status from %q: %w", path, err)
}
var status Status
if err := status.decode(data); err != nil {
return Status{}, errors.Wrapf(err, "failed to decode status %q", data)
return Status{}, fmt.Errorf("failed to decode status %q: %w", data, err)
}
return status, nil
}
@@ -215,10 +216,10 @@ func (s *statusStorage) UpdateSync(u UpdateFunc) error {
}
data, err := newStatus.encode()
if err != nil {
return errors.Wrap(err, "failed to encode status")
return fmt.Errorf("failed to encode status: %w", err)
}
if err := continuity.AtomicWriteFile(s.path, data, 0600); err != nil {
return errors.Wrapf(err, "failed to checkpoint status to %q", s.path)
return fmt.Errorf("failed to checkpoint status to %q: %w", s.path, err)
}
s.status = newStatus
return nil

4
pkg/cri/store/image/fake_image.go
View File

@@ -16,7 +16,7 @@
package image
import "github.com/pkg/errors"
import "fmt"
// NewFakeStore returns an image store with predefined images.
// Update is not allowed for this fake store.
@@ -27,7 +27,7 @@ func NewFakeStore(images []Image) (*Store, error) {
s.refCache[ref] = i.ID
}
if err := s.store.add(i); err != nil {
return nil, errors.Wrapf(err, "add image %+v", i)
return nil, fmt.Errorf("add image %+v: %w", i, err)
}
}
return s, nil

16
pkg/cri/store/image/image.go
View File

@@ -19,6 +19,7 @@ package image
import (
"context"
"encoding/json"
"fmt"
"sync"
"github.com/containerd/containerd"
@@ -30,7 +31,6 @@ import (
"github.com/opencontainers/go-digest/digestset"
imageidentity "github.com/opencontainers/image-spec/identity"
imagespec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
// Image contains all resources associated with the image. All fields
@@ -77,13 +77,13 @@ func (s *Store) Update(ctx context.Context, ref string) error {
defer s.lock.Unlock()
i, err := s.client.GetImage(ctx, ref)
if err != nil && !errdefs.IsNotFound(err) {
return errors.Wrap(err, "get image from containerd")
return fmt.Errorf("get image from containerd: %w", err)
}
var img *Image
if err == nil {
img, err = getImage(ctx, i)
if err != nil {
return errors.Wrap(err, "get image info from containerd")
return fmt.Errorf("get image info from containerd: %w", err)
}
}
return s.update(ref, img)
@@ -119,28 +119,28 @@ func getImage(ctx context.Context, i containerd.Image) (*Image, error) {
// Get image information.
diffIDs, err := i.RootFS(ctx)
if err != nil {
return nil, errors.Wrap(err, "get image diffIDs")
return nil, fmt.Errorf("get image diffIDs: %w", err)
}
chainID := imageidentity.ChainID(diffIDs)
size, err := i.Size(ctx)
if err != nil {
return nil, errors.Wrap(err, "get image compressed resource size")
return nil, fmt.Errorf("get image compressed resource size: %w", err)
}
desc, err := i.Config(ctx)
if err != nil {
return nil, errors.Wrap(err, "get image config descriptor")
return nil, fmt.Errorf("get image config descriptor: %w", err)
}
id := desc.Digest.String()
rb, err := content.ReadBlob(ctx, i.ContentStore(), desc)
if err != nil {
return nil, errors.Wrap(err, "read image config from content store")
return nil, fmt.Errorf("read image config from content store: %w", err)
}
var ociimage imagespec.Image
if err := json.Unmarshal(rb, &ociimage); err != nil {
return nil, errors.Wrapf(err, "unmarshal image config %s", rb)
return nil, fmt.Errorf("unmarshal image config %s: %w", rb, err)
}
return &Image{

4
pkg/cri/store/sandbox/metadata.go
View File

@@ -18,9 +18,9 @@ package sandbox
import (
"encoding/json"
"fmt"
cni "github.com/containerd/go-cni"
"github.com/pkg/errors"
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
)
@@ -85,5 +85,5 @@ func (c *Metadata) UnmarshalJSON(data []byte) error {
*c = Metadata(versioned.Metadata)
return nil
}
return errors.Errorf("unsupported version: %q", versioned.Version)
return fmt.Errorf("unsupported version: %q", versioned.Version)
}

8
pkg/cri/util/deep_copy.go
View File

@@ -18,8 +18,8 @@ package util
import (
"encoding/json"
"github.com/pkg/errors"
"errors"
"fmt"
)
// DeepCopy makes a deep copy from src into dst.
@@ -32,11 +32,11 @@ func DeepCopy(dst interface{}, src interface{}) error {
}
bytes, err := json.Marshal(src)
if err != nil {
return errors.Wrap(err, "unable to marshal src")
return fmt.Errorf("unable to marshal src: %w", err)
}
err = json.Unmarshal(bytes, dst)
if err != nil {
return errors.Wrap(err, "unable to unmarshal into dst")
return fmt.Errorf("unable to unmarshal into dst: %w", err)
}
return nil
}

5
pkg/dialer/dialer.go
View File

@@ -18,10 +18,9 @@ package dialer
import (
"context"
"fmt"
"net"
"time"
"github.com/pkg/errors"
)
type dialResult struct {
@@ -74,6 +73,6 @@ func timeoutDialer(address string, timeout time.Duration) (net.Conn, error) {
dr.c.Close()
}
}()
return nil, errors.Errorf("dial %s: timeout", address)
return nil, fmt.Errorf("dial %s: timeout", address)
}
}

25
pkg/netns/netns_linux.go
View File

@@ -42,7 +42,6 @@ import (
"github.com/containerd/containerd/mount"
cnins "github.com/containernetworking/plugins/pkg/ns"
"github.com/moby/sys/symlink"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
@@ -54,7 +53,7 @@ import (
func newNS(baseDir string) (nsPath string, err error) {
b := make([]byte, 16)
if _, err := rand.Reader.Read(b); err != nil {
return "", errors.Wrap(err, "failed to generate random netns name")
return "", fmt.Errorf("failed to generate random netns name: %w", err)
}
// Create the directory for mounting network namespaces
@@ -113,13 +112,13 @@ func newNS(baseDir string) (nsPath string, err error) {
// are no threads in the ns.
err = unix.Mount(getCurrentThreadNetNSPath(), nsPath, "none", unix.MS_BIND, "")
if err != nil {
err = errors.Wrapf(err, "failed to bind mount ns at %s", nsPath)
err = fmt.Errorf("failed to bind mount ns at %s: %w", nsPath, err)
}
})()
wg.Wait()
if err != nil {
return "", errors.Wrap(err, "failed to create namespace")
return "", fmt.Errorf("failed to create namespace: %w", err)
}
return nsPath, nil
@@ -131,17 +130,17 @@ func unmountNS(path string) error {
if os.IsNotExist(err) {
return nil
}
return errors.Wrap(err, "failed to stat netns")
return fmt.Errorf("failed to stat netns: %w", err)
}
path, err := symlink.FollowSymlinkInScope(path, "/")
if err != nil {
return errors.Wrap(err, "failed to follow symlink")
return fmt.Errorf("failed to follow symlink: %w", err)
}
if err := mount.Unmount(path, unix.MNT_DETACH); err != nil && !os.IsNotExist(err) {
return errors.Wrap(err, "failed to umount netns")
return fmt.Errorf("failed to umount netns: %w", err)
}
if err := os.RemoveAll(path); err != nil {
return errors.Wrap(err, "failed to remove netns")
return fmt.Errorf("failed to remove netns: %w", err)
}
return nil
}
@@ -163,7 +162,7 @@ type NetNS struct {
func NewNetNS(baseDir string) (*NetNS, error) {
path, err := newNS(baseDir)
if err != nil {
return nil, errors.Wrap(err, "failed to setup netns")
return nil, fmt.Errorf("failed to setup netns: %w", err)
}
return &NetNS{path: path}, nil
}
@@ -190,14 +189,14 @@ func (n *NetNS) Closed() (bool, error) {
if _, ok := err.(cnins.NSPathNotNSErr); ok {
// The network namespace is not mounted, remove it.
if err := os.RemoveAll(n.path); err != nil {
return false, errors.Wrap(err, "remove netns")
return false, fmt.Errorf("remove netns: %w", err)
}
return true, nil
}
return false, errors.Wrap(err, "get netns fd")
return false, fmt.Errorf("get netns fd: %w", err)
}
if err := ns.Close(); err != nil {
return false, errors.Wrap(err, "close netns fd")
return false, fmt.Errorf("close netns fd: %w", err)
}
return false, nil
}
@@ -211,7 +210,7 @@ func (n *NetNS) GetPath() string {
func (n *NetNS) Do(f func(cnins.NetNS) error) error {
ns, err := cnins.GetNS(n.path)
if err != nil {
return errors.Wrap(err, "get netns fd")
return fmt.Errorf("get netns fd: %w", err)
}
defer ns.Close() // nolint: errcheck
return ns.Do(f)

2
pkg/netns/netns_other.go
View File

@@ -20,7 +20,7 @@
package netns
import (
"github.com/pkg/errors"
"errors"
)
var errNotImplementedOnUnix = errors.New("not implemented on unix")

4
pkg/oom/v1/v1.go
View File

@@ -21,6 +21,7 @@ package v1
import (
"context"
"fmt"
"sync"
"github.com/containerd/cgroups"
@@ -28,7 +29,6 @@ import (
"github.com/containerd/containerd/pkg/oom"
"github.com/containerd/containerd/runtime"
"github.com/containerd/containerd/runtime/v2/shim"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
)
@@ -93,7 +93,7 @@ func (e *epoller) Run(ctx context.Context) {
func (e *epoller) Add(id string, cgx interface{}) error {
cg, ok := cgx.(cgroups.Cgroup)
if !ok {
return errors.Errorf("expected cgroups.Cgroup, got: %T", cgx)
return fmt.Errorf("expected cgroups.Cgroup, got: %T", cgx)
}
e.mu.Lock()
defer e.mu.Unlock()

4
pkg/oom/v2/v2.go
View File

@@ -21,13 +21,13 @@ package v2
import (
"context"
"fmt"
cgroupsv2 "github.com/containerd/cgroups/v2"
eventstypes "github.com/containerd/containerd/api/events"
"github.com/containerd/containerd/pkg/oom"
"github.com/containerd/containerd/runtime"
"github.com/containerd/containerd/runtime/v2/shim"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -89,7 +89,7 @@ func (w *watcher) Run(ctx context.Context) {
func (w *watcher) Add(id string, cgx interface{}) error {
cg, ok := cgx.(*cgroupsv2.Manager)
if !ok {
return errors.Errorf("expected *cgroupsv2.Manager, got: %T", cgx)
return fmt.Errorf("expected *cgroupsv2.Manager, got: %T", cgx)
}
// FIXME: cgroupsv2.Manager does not support closing eventCh routine currently.
// The routine shuts down when an error happens, mostly when the cgroup is deleted.

7
pkg/process/deleted_state.go
View File

@@ -21,11 +21,12 @@ package process
import (
"context"
"errors"
"fmt"
"github.com/containerd/console"
"github.com/containerd/containerd/errdefs"
google_protobuf "github.com/gogo/protobuf/types"
"github.com/pkg/errors"
)
type deletedState struct {
@@ -56,11 +57,11 @@ func (s *deletedState) Start(ctx context.Context) error {
}
func (s *deletedState) Delete(ctx context.Context) error {
return errors.Wrap(errdefs.ErrNotFound, "cannot delete a deleted process")
return fmt.Errorf("cannot delete a deleted process: %w", errdefs.ErrNotFound)
}
func (s *deletedState) Kill(ctx context.Context, sig uint32, all bool) error {
return errors.Wrap(errdefs.ErrNotFound, "cannot kill a deleted process")
return fmt.Errorf("cannot kill a deleted process: %w", errdefs.ErrNotFound)
}
func (s *deletedState) SetExited(status int) {

21
pkg/process/exec.go
View File

@@ -37,7 +37,6 @@ import (
"github.com/containerd/fifo"
runc "github.com/containerd/go-runc"
specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
)
type execProcess struct {
@@ -146,12 +145,12 @@ func (e *execProcess) kill(ctx context.Context, sig uint32, _ bool) error {
pid := e.pid.get()
switch {
case pid == 0:
return errors.Wrap(errdefs.ErrFailedPrecondition, "process not created")
return fmt.Errorf("process not created: %w", errdefs.ErrFailedPrecondition)
case !e.exited.IsZero():
return errors.Wrapf(errdefs.ErrNotFound, "process already finished")
return fmt.Errorf("process already finished: %w", errdefs.ErrNotFound)
default:
if err := unix.Kill(pid, syscall.Signal(sig)); err != nil {
return errors.Wrapf(checkKillError(err), "exec kill error")
return fmt.Errorf("exec kill error: %w", checkKillError(err))
}
}
return nil
@@ -187,12 +186,12 @@ func (e *execProcess) start(ctx context.Context) (err error) {
)
if e.stdio.Terminal {
if socket, err = runc.NewTempConsoleSocket(); err != nil {
return errors.Wrap(err, "failed to create runc console socket")
return fmt.Errorf("failed to create runc console socket: %w", err)
}
defer socket.Close()
} else {
if pio, err = createIO(ctx, e.id, e.parent.IoUID, e.parent.IoGID, e.stdio); err != nil {
return errors.Wrap(err, "failed to create init process I/O")
return fmt.Errorf("failed to create init process I/O: %w", err)
}
e.io = pio
}
@@ -220,19 +219,19 @@ func (e *execProcess) start(ctx context.Context) (err error) {
if socket != nil {
console, err := socket.ReceiveMaster()
if err != nil {
return errors.Wrap(err, "failed to retrieve console master")
return fmt.Errorf("failed to retrieve console master: %w", err)
}
if e.console, err = e.parent.Platform.CopyConsole(ctx, console, e.id, e.stdio.Stdin, e.stdio.Stdout, e.stdio.Stderr, &e.wg); err != nil {
return errors.Wrap(err, "failed to start console copy")
return fmt.Errorf("failed to start console copy: %w", err)
}
} else {
if err := pio.Copy(ctx, &e.wg); err != nil {
return errors.Wrap(err, "failed to start io pipe copy")
return fmt.Errorf("failed to start io pipe copy: %w", err)
}
}
pid, err := pidFile.Read()
if err != nil {
return errors.Wrap(err, "failed to retrieve OCI runtime exec pid")
return fmt.Errorf("failed to retrieve OCI runtime exec pi: %wd", err)
}
e.pid.pid = pid
return nil
@@ -241,7 +240,7 @@ func (e *execProcess) start(ctx context.Context) (err error) {
func (e *execProcess) openStdin(path string) error {
sc, err := fifo.OpenFifo(context.Background(), path, syscall.O_WRONLY|syscall.O_NONBLOCK, 0)
if err != nil {
return errors.Wrapf(err, "failed to open stdin fifo %s", path)
return fmt.Errorf("failed to open stdin fifo %s: %w", path, err)
}
e.stdin = sc
e.closers = append(e.closers, sc)

9
pkg/process/exec_state.go
View File

@@ -21,9 +21,10 @@ package process
import (
"context"
"errors"
"fmt"
"github.com/containerd/console"
"github.com/pkg/errors"
)
type execState interface {
@@ -48,7 +49,7 @@ func (s *execCreatedState) transition(name string) error {
case "deleted":
s.p.execState = &deletedState{}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -97,7 +98,7 @@ func (s *execRunningState) transition(name string) error {
case "stopped":
s.p.execState = &execStoppedState{p: s.p}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -139,7 +140,7 @@ func (s *execStoppedState) transition(name string) error {
case "deleted":
s.p.execState = &deletedState{}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}

23
pkg/process/init.go
View File

@@ -38,7 +38,6 @@ import (
runc "github.com/containerd/go-runc"
google_protobuf "github.com/gogo/protobuf/types"
specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
@@ -120,12 +119,12 @@ func (p *Init) Create(ctx context.Context, r *CreateConfig) error {
if r.Terminal {
if socket, err = runc.NewTempConsoleSocket(); err != nil {
return errors.Wrap(err, "failed to create OCI runtime console socket")
return fmt.Errorf("failed to create OCI runtime console socket: %w", err)
}
defer socket.Close()
} else {
if pio, err = createIO(ctx, p.id, p.IoUID, p.IoGID, p.stdio); err != nil {
return errors.Wrap(err, "failed to create init process I/O")
return fmt.Errorf("failed to create init process I/O: %w", err)
}
p.io = pio
}
@@ -156,21 +155,21 @@ func (p *Init) Create(ctx context.Context, r *CreateConfig) error {
if socket != nil {
console, err := socket.ReceiveMaster()
if err != nil {
return errors.Wrap(err, "failed to retrieve console master")
return fmt.Errorf("failed to retrieve console master: %w", err)
}
console, err = p.Platform.CopyConsole(ctx, console, p.id, r.Stdin, r.Stdout, r.Stderr, &p.wg)
if err != nil {
return errors.Wrap(err, "failed to start console copy")
return fmt.Errorf("failed to start console copy: %w", err)
}
p.console = console
} else {
if err := pio.Copy(ctx, &p.wg); err != nil {
return errors.Wrap(err, "failed to start io pipe copy")
return fmt.Errorf("failed to start io pipe copy: %w", err)
}
}
pid, err := pidFile.Read()
if err != nil {
return errors.Wrap(err, "failed to retrieve OCI runtime container pid")
return fmt.Errorf("failed to retrieve OCI runtime container pid: %w", err)
}
p.pid = pid
return nil
@@ -179,7 +178,7 @@ func (p *Init) Create(ctx context.Context, r *CreateConfig) error {
func (p *Init) openStdin(path string) error {
sc, err := fifo.OpenFifo(context.Background(), path, unix.O_WRONLY|unix.O_NONBLOCK, 0)
if err != nil {
return errors.Wrapf(err, "failed to open stdin fifo %s", path)
return fmt.Errorf("failed to open stdin fifo %s: %w", path, err)
}
p.stdin = sc
p.closers = append(p.closers, sc)
@@ -313,7 +312,7 @@ func (p *Init) delete(ctx context.Context) error {
if err2 := mount.UnmountAll(p.Rootfs, 0); err2 != nil {
log.G(ctx).WithError(err2).Warn("failed to cleanup rootfs mount")
if err == nil {
err = errors.Wrap(err2, "failed rootfs umount")
err = fmt.Errorf("failed rootfs umount: %w", err2)
}
}
return err
@@ -482,11 +481,11 @@ func (p *Init) runtimeError(rErr error, msg string) error {
rMsg, err := getLastRuntimeError(p.runtime)
switch {
case err != nil:
return errors.Wrapf(rErr, "%s: %s (%s)", msg, "unable to retrieve OCI runtime error", err.Error())
return fmt.Errorf("%s: %s (%s): %w", msg, "unable to retrieve OCI runtime error", err.Error(), rErr)
case rMsg == "":
return errors.Wrap(rErr, msg)
return fmt.Errorf("%s: %w", msg, rErr)
default:
return errors.Errorf("%s: %s", msg, rMsg)
return fmt.Errorf("%s: %s", msg, rMsg)
}
}

25
pkg/process/init_state.go
View File

@@ -21,10 +21,11 @@ package process
import (
"context"
"errors"
"fmt"
runc "github.com/containerd/go-runc"
google_protobuf "github.com/gogo/protobuf/types"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -54,7 +55,7 @@ func (s *createdState) transition(name string) error {
case "deleted":
s.p.initState = &deletedState{}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -123,7 +124,7 @@ func (s *createdCheckpointState) transition(name string) error {
case "deleted":
s.p.initState = &deletedState{}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -154,7 +155,7 @@ func (s *createdCheckpointState) Start(ctx context.Context) error {
)
if sio.Terminal {
if socket, err = runc.NewTempConsoleSocket(); err != nil {
return errors.Wrap(err, "failed to create OCI runtime console socket")
return fmt.Errorf("failed to create OCI runtime console socket: %w", err)
}
defer socket.Close()
s.opts.ConsoleSocket = socket
@@ -165,27 +166,27 @@ func (s *createdCheckpointState) Start(ctx context.Context) error {
}
if sio.Stdin != "" {
if err := p.openStdin(sio.Stdin); err != nil {
return errors.Wrapf(err, "failed to open stdin fifo %s", sio.Stdin)
return fmt.Errorf("failed to open stdin fifo %s: %w", sio.Stdin, err)
}
}
if socket != nil {
console, err := socket.ReceiveMaster()
if err != nil {
return errors.Wrap(err, "failed to retrieve console master")
return fmt.Errorf("failed to retrieve console master: %w", err)
}
console, err = p.Platform.CopyConsole(ctx, console, p.id, sio.Stdin, sio.Stdout, sio.Stderr, &p.wg)
if err != nil {
return errors.Wrap(err, "failed to start console copy")
return fmt.Errorf("failed to start console copy: %w", err)
}
p.console = console
} else {
if err := p.io.Copy(ctx, &p.wg); err != nil {
return errors.Wrap(err, "failed to start io pipe copy")
return fmt.Errorf("failed to start io pipe copy: %w", err)
}
}
pid, err := runc.ReadPidFile(s.opts.PidFile)
if err != nil {
return errors.Wrap(err, "failed to retrieve OCI runtime container pid")
return fmt.Errorf("failed to retrieve OCI runtime container pid: %w", err)
}
p.pid = pid
return s.transition("running")
@@ -229,7 +230,7 @@ func (s *runningState) transition(name string) error {
case "paused":
s.p.initState = &pausedState{p: s.p}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -300,7 +301,7 @@ func (s *pausedState) transition(name string) error {
case "stopped":
s.p.initState = &stoppedState{p: s.p}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}
@@ -366,7 +367,7 @@ func (s *stoppedState) transition(name string) error {
case "deleted":
s.p.initState = &deletedState{}
default:
return errors.Errorf("invalid state transition %q to %q", stateName(s), name)
return fmt.Errorf("invalid state transition %q to %q", stateName(s), name)
}
return nil
}

33
pkg/process/io.go
View File

@@ -37,7 +37,6 @@ import (
"github.com/containerd/fifo"
runc "github.com/containerd/go-runc"
"github.com/hashicorp/go-multierror"
"github.com/pkg/errors"
exec "golang.org/x/sys/execabs"
)
@@ -77,7 +76,7 @@ func (p *processIO) Copy(ctx context.Context, wg *sync.WaitGroup) error {
}
var cwg sync.WaitGroup
if err := copyPipes(ctx, p.IO(), p.stdio.Stdin, p.stdio.Stdout, p.stdio.Stderr, wg, &cwg); err != nil {
return errors.Wrap(err, "unable to copy pipes")
return fmt.Errorf("unable to copy pipes: %w", err)
}
cwg.Wait()
return nil
@@ -97,7 +96,7 @@ func createIO(ctx context.Context, id string, ioUID, ioGID int, stdio stdio.Stdi
}
u, err := url.Parse(stdio.Stdout)
if err != nil {
return nil, errors.Wrap(err, "unable to parse stdout uri")
return nil, fmt.Errorf("unable to parse stdout uri: %w", err)
}
if u.Scheme == "" {
u.Scheme = "fifo"
@@ -125,7 +124,7 @@ func createIO(ctx context.Context, id string, ioUID, ioGID int, stdio stdio.Stdi
pio.copy = true
pio.io, err = runc.NewPipeIO(ioUID, ioGID, withConditionalIO(stdio))
default:
return nil, errors.Errorf("unknown STDIO scheme %s", u.Scheme)
return nil, fmt.Errorf("unknown STDIO scheme %s", u.Scheme)
}
if err != nil {
return nil, err
@@ -189,10 +188,10 @@ func copyPipes(ctx context.Context, rio runc.IO, stdin, stdout, stderr string, w
)
if ok {
if fw, err = fifo.OpenFifo(ctx, i.name, syscall.O_WRONLY, 0); err != nil {
return errors.Wrapf(err, "containerd-shim: opening w/o fifo %q failed", i.name)
return fmt.Errorf("containerd-shim: opening w/o fifo %q failed: %w", i.name, err)
}
if fr, err = fifo.OpenFifo(ctx, i.name, syscall.O_RDONLY, 0); err != nil {
return errors.Wrapf(err, "containerd-shim: opening r/o fifo %q failed", i.name)
return fmt.Errorf("containerd-shim: opening r/o fifo %q failed: %w", i.name, err)
}
} else {
if sameFile != nil {
@@ -201,7 +200,7 @@ func copyPipes(ctx context.Context, rio runc.IO, stdin, stdout, stderr string, w
continue
}
if fw, err = os.OpenFile(i.name, syscall.O_WRONLY|syscall.O_APPEND, 0); err != nil {
return errors.Wrapf(err, "containerd-shim: opening file %q failed", i.name)
return fmt.Errorf("containerd-shim: opening file %q failed: %w", i.name, err)
}
if stdout == stderr {
sameFile = &countingWriteCloser{
@@ -266,13 +265,13 @@ func NewBinaryIO(ctx context.Context, id string, uri *url.URL) (_ runc.IO, err e
out, err := newPipe()
if err != nil {
return nil, errors.Wrap(err, "failed to create stdout pipes")
return nil, fmt.Errorf("failed to create stdout pipes: %w", err)
}
closers = append(closers, out.Close)
serr, err := newPipe()
if err != nil {
return nil, errors.Wrap(err, "failed to create stderr pipes")
return nil, fmt.Errorf("failed to create stderr pipes: %w", err)
}
closers = append(closers, serr.Close)
@@ -287,19 +286,19 @@ func NewBinaryIO(ctx context.Context, id string, uri *url.URL) (_ runc.IO, err e
// don't need to register this with the reaper or wait when
// running inside a shim
if err := cmd.Start(); err != nil {
return nil, errors.Wrap(err, "failed to start binary process")
return nil, fmt.Errorf("failed to start binary process: %w", err)
}
closers = append(closers, func() error { return cmd.Process.Kill() })
// close our side of the pipe after start
if err := w.Close(); err != nil {
return nil, errors.Wrap(err, "failed to close write pipe after start")
return nil, fmt.Errorf("failed to close write pipe after start: %w", err)
}
// wait for the logging binary to be ready
b := make([]byte, 1)
if _, err := r.Read(b); err != nil && err != io.EOF {
return nil, errors.Wrap(err, "failed to read from logging binary")
return nil, fmt.Errorf("failed to read from logging binary: %w", err)
}
return &binaryIO{
@@ -357,12 +356,12 @@ func (b *binaryIO) cancel() error {
// Send SIGTERM first, so logger process has a chance to flush and exit properly
if err := b.cmd.Process.Signal(syscall.SIGTERM); err != nil {
result := multierror.Append(errors.Wrap(err, "failed to send SIGTERM"))
result := multierror.Append(fmt.Errorf("failed to send SIGTERM: %w", err))
log.L.WithError(err).Warn("failed to send SIGTERM signal, killing logging shim")
if err := b.cmd.Process.Kill(); err != nil {
result = multierror.Append(result, errors.Wrap(err, "failed to kill process after faulty SIGTERM"))
result = multierror.Append(result, fmt.Errorf("failed to kill process after faulty SIGTERM: %w", err))
}
return result.ErrorOrNil()
@@ -381,7 +380,7 @@ func (b *binaryIO) cancel() error {
err := b.cmd.Process.Kill()
if err != nil {
return errors.Wrap(err, "failed to kill shim logger process")
return fmt.Errorf("failed to kill shim logger process: %w", err)
}
return nil
@@ -429,11 +428,11 @@ func (p *pipe) Close() error {
var result *multierror.Error
if err := p.w.Close(); err != nil {
result = multierror.Append(result, errors.Wrap(err, "failed to close write pipe"))
result = multierror.Append(result, fmt.Errorf("failed to close write pipe: %w", err))
}
if err := p.r.Close(); err != nil {
result = multierror.Append(result, errors.Wrap(err, "failed to close read pipe"))
result = multierror.Append(result, fmt.Errorf("failed to close read pipe: %w", err))
}
return multierror.Prefix(result.ErrorOrNil(), "pipe:")

9
pkg/process/utils.go
View File

@@ -33,7 +33,6 @@ import (
"github.com/containerd/containerd/errdefs"
runc "github.com/containerd/go-runc"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
@@ -137,11 +136,11 @@ func checkKillError(err error) error {
strings.Contains(err.Error(), "container not running") ||
strings.Contains(strings.ToLower(err.Error()), "no such process") ||
err == unix.ESRCH {
return errors.Wrapf(errdefs.ErrNotFound, "process already finished")
return fmt.Errorf("process already finished: %w", errdefs.ErrNotFound)
} else if strings.Contains(err.Error(), "does not exist") {
return errors.Wrapf(errdefs.ErrNotFound, "no such container")
return fmt.Errorf("no such container: %w", errdefs.ErrNotFound)
}
return errors.Wrapf(err, "unknown error after kill")
return fmt.Errorf("unknown error after kill: %w", err)
}
func newPidFile(bundle string) *pidFile {
@@ -199,5 +198,5 @@ func stateName(v interface{}) string {
case *stoppedState:
return "stopped"
}
panic(errors.Errorf("invalid state %v", v))
panic(fmt.Errorf("invalid state %v", v))
}

9
pkg/registrar/registrar.go
View File

@@ -17,9 +17,8 @@
package registrar
import (
"fmt"
"sync"
"github.com/pkg/errors"
)
// Registrar stores one-to-one name<->key mappings.
@@ -50,19 +49,19 @@ func (r *Registrar) Reserve(name, key string) error {
defer r.lock.Unlock()
if name == "" || key == "" {
return errors.Errorf("invalid name %q or key %q", name, key)
return fmt.Errorf("invalid name %q or key %q", name, key)
}
if k, exists := r.nameToKey[name]; exists {
if k != key {
return errors.Errorf("name %q is reserved for %q", name, k)
return fmt.Errorf("name %q is reserved for %q", name, k)
}
return nil
}
if n, exists := r.keyToName[key]; exists {
if n != name {
return errors.Errorf("key %q is reserved for %q", key, n)
return fmt.Errorf("key %q is reserved for %q", key, n)
}
return nil
}

5
pkg/ttrpcutil/client.go
View File

@@ -17,13 +17,14 @@
package ttrpcutil
import (
"errors"
"fmt"
"sync"
"time"
v1 "github.com/containerd/containerd/api/services/ttrpc/events/v1"
"github.com/containerd/containerd/pkg/dialer"
"github.com/containerd/ttrpc"
"github.com/pkg/errors"
)
const ttrpcDialTimeout = 5 * time.Second
@@ -43,7 +44,7 @@ func NewClient(address string, opts ...ttrpc.ClientOpts) (*Client, error) {
connector := func() (*ttrpc.Client, error) {
conn, err := dialer.Dialer(address, ttrpcDialTimeout)
if err != nil {
return nil, errors.Wrap(err, "failed to connect")
return nil, fmt.Errorf("failed to connect: %w", err)
}
client := ttrpc.NewClient(conn, opts...)