Merge pull request #6703 from mxpv/s

Sandbox API

services/containers/helpers.go

@@ -54,6 +54,7 @@ func containerToProto(container *containers.Container) api.Container {
 		CreatedAt:   container.CreatedAt,
 		UpdatedAt:   container.UpdatedAt,
 		Extensions:  extensions,
+		Sandbox:     container.SandboxID,
 	}
 }
 
@@ -79,5 +80,6 @@ func containerFromProto(containerpb *api.Container) containers.Container {
 		Snapshotter: containerpb.Snapshotter,
 		SnapshotKey: containerpb.SnapshotKey,
 		Extensions:  extensions,
+		SandboxID:   containerpb.Sandbox,
 	}
 }

services/sandbox/controller_local.go

@@ -0,0 +1,196 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package sandbox
+
+import (
+	"context"
+	"fmt"
+
+	api "github.com/containerd/containerd/api/services/sandbox/v1"
+	"github.com/containerd/containerd/errdefs"
+	"github.com/containerd/containerd/events"
+	"github.com/containerd/containerd/events/exchange"
+	"github.com/containerd/containerd/metadata"
+	"github.com/containerd/containerd/plugin"
+	"github.com/containerd/containerd/runtime"
+	v2 "github.com/containerd/containerd/runtime/v2"
+	"github.com/containerd/containerd/runtime/v2/task"
+	proto "github.com/containerd/containerd/runtime/v2/task"
+	"github.com/containerd/containerd/sandbox"
+	"github.com/containerd/containerd/services"
+	"google.golang.org/grpc"
+)
+
+func init() {
+	plugin.Register(&plugin.Registration{
+		Type: plugin.ServicePlugin,
+		ID:   services.SandboxControllerService,
+		Requires: []plugin.Type{
+			plugin.RuntimePluginV2,
+			plugin.MetadataPlugin,
+			plugin.EventPlugin,
+		},
+		InitFn: func(ic *plugin.InitContext) (interface{}, error) {
+			shimPlugin, err := ic.GetByID(plugin.RuntimePluginV2, "shim")
+			if err != nil {
+				return nil, err
+			}
+
+			metadataPlugin, err := ic.Get(plugin.MetadataPlugin)
+			if err != nil {
+				return nil, err
+			}
+
+			exchangePlugin, err := ic.GetByID(plugin.EventPlugin, "exchange")
+			if err != nil {
+				return nil, err
+			}
+
+			var (
+				shims     = shimPlugin.(*v2.ShimManager)
+				publisher = exchangePlugin.(*exchange.Exchange)
+				db        = metadataPlugin.(*metadata.DB)
+				store     = metadata.NewSandboxStore(db)
+			)
+
+			return &controllerLocal{
+				shims:     shims,
+				store:     store,
+				publisher: publisher,
+			}, nil
+		},
+	})
+}
+
+type controllerLocal struct {
+	shims     *v2.ShimManager
+	store     sandbox.Store
+	publisher events.Publisher
+}
+
+var _ api.ControllerClient = (*controllerLocal)(nil)
+
+func (c *controllerLocal) Start(ctx context.Context, in *api.ControllerStartRequest, opts ...grpc.CallOption) (*api.ControllerStartResponse, error) {
+	if _, err := c.shims.Get(ctx, in.SandboxID); err == nil {
+		return nil, fmt.Errorf("sandbox %s already running: %w", in.SandboxID, errdefs.ErrAlreadyExists)
+	}
+
+	info, err := c.store.Get(ctx, in.SandboxID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to query sandbox metadata from store: %w", err)
+	}
+
+	shim, err := c.shims.Start(ctx, in.SandboxID, runtime.CreateOpts{
+		Spec:           info.Spec,
+		RuntimeOptions: info.Runtime.Options,
+		Runtime:        info.Runtime.Name,
+		TaskOptions:    nil,
+	})
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to start new sandbox: %w", err)
+	}
+
+	svc := task.NewSandboxClient(shim.Client())
+
+	resp, err := svc.StartSandbox(ctx, &proto.StartSandboxRequest{
+		SandboxID:  in.SandboxID,
+		BundlePath: shim.Bundle(),
+		Rootfs:     in.Rootfs,
+		Options:    in.Options,
+	})
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to start sandbox %s: %w", in.SandboxID, err)
+	}
+
+	return &api.ControllerStartResponse{
+		SandboxID: in.SandboxID,
+		Pid:       resp.Pid,
+	}, nil
+}
+
+func (c *controllerLocal) Shutdown(ctx context.Context, in *api.ControllerShutdownRequest, opts ...grpc.CallOption) (*api.ControllerShutdownResponse, error) {
+	svc, err := c.getSandbox(ctx, in.SandboxID)
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err := svc.StopSandbox(ctx, &proto.StopSandboxRequest{
+		SandboxID:   in.SandboxID,
+		TimeoutSecs: in.TimeoutSecs,
+	}); err != nil {
+		return nil, fmt.Errorf("failed to stop sandbox: %w", err)
+	}
+
+	if err := c.shims.Delete(ctx, in.SandboxID); err != nil {
+		return nil, fmt.Errorf("failed to delete sandbox shim: %w", err)
+	}
+
+	return &api.ControllerShutdownResponse{}, nil
+}
+
+func (c *controllerLocal) Wait(ctx context.Context, in *api.ControllerWaitRequest, opts ...grpc.CallOption) (*api.ControllerWaitResponse, error) {
+	svc, err := c.getSandbox(ctx, in.SandboxID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := svc.WaitSandbox(ctx, &proto.WaitSandboxRequest{
+		SandboxID: in.SandboxID,
+	})
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to wait sandbox %s: %w", in.SandboxID, err)
+	}
+
+	return &api.ControllerWaitResponse{
+		ExitStatus: resp.ExitStatus,
+		ExitedAt:   resp.ExitedAt,
+	}, nil
+}
+
+func (c *controllerLocal) Status(ctx context.Context, in *api.ControllerStatusRequest, opts ...grpc.CallOption) (*api.ControllerStatusResponse, error) {
+	svc, err := c.getSandbox(ctx, in.SandboxID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := svc.SandboxStatus(ctx, &proto.SandboxStatusRequest{SandboxID: in.SandboxID})
+	if err != nil {
+		return nil, fmt.Errorf("failed to query sandbox %s status: %w", in.SandboxID, err)
+	}
+
+	return &api.ControllerStatusResponse{
+		ID:         resp.ID,
+		Pid:        resp.Pid,
+		State:      resp.State,
+		ExitStatus: resp.ExitStatus,
+		ExitedAt:   resp.ExitedAt,
+		Extra:      resp.Extra,
+	}, nil
+}
+
+func (c *controllerLocal) getSandbox(ctx context.Context, id string) (task.SandboxService, error) {
+	shim, err := c.shims.Get(ctx, id)
+	if err != nil {
+		return nil, errdefs.ErrNotFound
+	}
+
+	svc := task.NewSandboxClient(shim.Client())
+	return svc, nil
+}

services/sandbox/controller_service.go

@@ -0,0 +1,89 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package sandbox
+
+import (
+	"context"
+	"errors"
+
+	api "github.com/containerd/containerd/api/services/sandbox/v1"
+	"github.com/containerd/containerd/log"
+	"github.com/containerd/containerd/plugin"
+	"github.com/containerd/containerd/services"
+	"google.golang.org/grpc"
+)
+
+func init() {
+	plugin.Register(&plugin.Registration{
+		Type: plugin.GRPCPlugin,
+		ID:   "sandbox-controllers",
+		Requires: []plugin.Type{
+			plugin.ServicePlugin,
+		},
+		InitFn: func(ic *plugin.InitContext) (interface{}, error) {
+			plugins, err := ic.GetByType(plugin.ServicePlugin)
+			if err != nil {
+				return nil, err
+			}
+
+			p, ok := plugins[services.SandboxControllerService]
+			if !ok {
+				return nil, errors.New("sandbox service not found")
+			}
+
+			i, err := p.Instance()
+			if err != nil {
+				return nil, err
+			}
+
+			return &controllerService{
+				local: i.(api.ControllerClient),
+			}, nil
+		},
+	})
+}
+
+type controllerService struct {
+	local api.ControllerClient
+}
+
+var _ api.ControllerServer = (*controllerService)(nil)
+
+func (s *controllerService) Register(server *grpc.Server) error {
+	api.RegisterControllerServer(server, s)
+	return nil
+}
+
+func (s *controllerService) Start(ctx context.Context, req *api.ControllerStartRequest) (*api.ControllerStartResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("start sandbox")
+	return s.local.Start(ctx, req)
+}
+
+func (s *controllerService) Shutdown(ctx context.Context, req *api.ControllerShutdownRequest) (*api.ControllerShutdownResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("delete sandbox")
+	return s.local.Shutdown(ctx, req)
+}
+
+func (s *controllerService) Wait(ctx context.Context, req *api.ControllerWaitRequest) (*api.ControllerWaitResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("wait sandbox")
+	return s.local.Wait(ctx, req)
+}
+
+func (s *controllerService) Status(ctx context.Context, req *api.ControllerStatusRequest) (*api.ControllerStatusResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("sandbox status")
+	return s.local.Status(ctx, req)
+}

services/sandbox/store_local.go

@@ -0,0 +1,111 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package sandbox
+
+import (
+	"context"
+
+	"github.com/containerd/containerd/services"
+	"google.golang.org/grpc"
+
+	api "github.com/containerd/containerd/api/services/sandbox/v1"
+	"github.com/containerd/containerd/api/types"
+	"github.com/containerd/containerd/errdefs"
+	"github.com/containerd/containerd/events"
+	"github.com/containerd/containerd/metadata"
+	"github.com/containerd/containerd/plugin"
+	"github.com/containerd/containerd/sandbox"
+)
+
+func init() {
+	plugin.Register(&plugin.Registration{
+		Type: plugin.ServicePlugin,
+		ID:   services.SandboxStoreService,
+		Requires: []plugin.Type{
+			plugin.MetadataPlugin,
+		},
+		InitFn: func(ic *plugin.InitContext) (interface{}, error) {
+			m, err := ic.Get(plugin.MetadataPlugin)
+			if err != nil {
+				return nil, err
+			}
+
+			db := m.(*metadata.DB)
+			return &sandboxLocal{
+				store:     metadata.NewSandboxStore(db),
+				publisher: ic.Events,
+			}, nil
+		},
+	})
+}
+
+type sandboxLocal struct {
+	store     sandbox.Store
+	publisher events.Publisher
+}
+
+var _ = (api.StoreClient)(&sandboxLocal{})
+
+func (s *sandboxLocal) Create(ctx context.Context, in *api.StoreCreateRequest, _ ...grpc.CallOption) (*api.StoreCreateResponse, error) {
+	sb, err := s.store.Create(ctx, sandbox.FromProto(&in.Sandbox))
+	if err != nil {
+		return nil, errdefs.ToGRPC(err)
+	}
+
+	return &api.StoreCreateResponse{Sandbox: sandbox.ToProto(&sb)}, nil
+}
+
+func (s *sandboxLocal) Update(ctx context.Context, in *api.StoreUpdateRequest, _ ...grpc.CallOption) (*api.StoreUpdateResponse, error) {
+	sb, err := s.store.Update(ctx, sandbox.FromProto(&in.Sandbox), in.Fields...)
+	if err != nil {
+		return nil, errdefs.ToGRPC(err)
+	}
+
+	return &api.StoreUpdateResponse{Sandbox: sandbox.ToProto(&sb)}, nil
+}
+
+func (s *sandboxLocal) Get(ctx context.Context, in *api.StoreGetRequest, _ ...grpc.CallOption) (*api.StoreGetResponse, error) {
+	resp, err := s.store.Get(ctx, in.SandboxID)
+	if err != nil {
+		return nil, errdefs.ToGRPC(err)
+	}
+
+	desc := sandbox.ToProto(&resp)
+	return &api.StoreGetResponse{Sandbox: &desc}, nil
+}
+
+func (s *sandboxLocal) List(ctx context.Context, in *api.StoreListRequest, _ ...grpc.CallOption) (*api.StoreListResponse, error) {
+	resp, err := s.store.List(ctx, in.Filters...)
+	if err != nil {
+		return nil, errdefs.ToGRPC(err)
+	}
+
+	list := make([]types.Sandbox, len(resp))
+	for i := range resp {
+		list[i] = sandbox.ToProto(&resp[i])
+	}
+
+	return &api.StoreListResponse{List: list}, nil
+}
+
+func (s *sandboxLocal) Delete(ctx context.Context, in *api.StoreDeleteRequest, _ ...grpc.CallOption) (*api.StoreDeleteResponse, error) {
+	if err := s.store.Delete(ctx, in.SandboxID); err != nil {
+		return nil, errdefs.ToGRPC(err)
+	}
+
+	return &api.StoreDeleteResponse{}, nil
+}

services/sandbox/store_service.go

@@ -0,0 +1,90 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package sandbox
+
+import (
+	"context"
+	"errors"
+
+	"google.golang.org/grpc"
+
+	api "github.com/containerd/containerd/api/services/sandbox/v1"
+	"github.com/containerd/containerd/log"
+	"github.com/containerd/containerd/plugin"
+	"github.com/containerd/containerd/services"
+)
+
+func init() {
+	plugin.Register(&plugin.Registration{
+		Type: plugin.GRPCPlugin,
+		ID:   "sandboxes",
+		Requires: []plugin.Type{
+			plugin.ServicePlugin,
+		},
+		InitFn: func(ic *plugin.InitContext) (interface{}, error) {
+			plugins, err := ic.GetByType(plugin.ServicePlugin)
+			if err != nil {
+				return nil, err
+			}
+			p, ok := plugins[services.SandboxStoreService]
+			if !ok {
+				return nil, errors.New("sandbox store service not found")
+			}
+			i, err := p.Instance()
+			if err != nil {
+				return nil, err
+			}
+			return &sandboxService{local: i.(api.StoreClient)}, nil
+		},
+	})
+}
+
+type sandboxService struct {
+	local api.StoreClient
+}
+
+var _ api.StoreServer = (*sandboxService)(nil)
+
+func (s *sandboxService) Register(server *grpc.Server) error {
+	api.RegisterStoreServer(server, s)
+	return nil
+}
+
+func (s *sandboxService) Create(ctx context.Context, req *api.StoreCreateRequest) (*api.StoreCreateResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("create sandbox")
+	return s.local.Create(ctx, req)
+}
+
+func (s *sandboxService) Update(ctx context.Context, req *api.StoreUpdateRequest) (*api.StoreUpdateResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("update sandbox")
+	return s.local.Update(ctx, req)
+}
+
+func (s *sandboxService) List(ctx context.Context, req *api.StoreListRequest) (*api.StoreListResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("list sandboxes")
+	return s.local.List(ctx, req)
+}
+
+func (s *sandboxService) Get(ctx context.Context, req *api.StoreGetRequest) (*api.StoreGetResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("get sandbox")
+	return s.local.Get(ctx, req)
+}
+
+func (s *sandboxService) Delete(ctx context.Context, req *api.StoreDeleteRequest) (*api.StoreDeleteResponse, error) {
+	log.G(ctx).WithField("req", req).Debug("delete sandbox")
+	return s.local.Delete(ctx, req)
+}

services/services.go

@@ -33,4 +33,8 @@ const (
 	DiffService = "diff-service"
 	// IntrospectionService is the id of introspection service
 	IntrospectionService = "introspection-service"
+	// SandboxStoreService is the id of Sandbox's store service
+	SandboxStoreService = "sandbox-store-service"
+	// SandboxControllerService is the id of Sandbox's controller service
+	SandboxControllerService = "sandbox-controller-service"
 )

services/tasks/local.go

@@ -200,6 +200,7 @@ func (l *local) Create(ctx context.Context, r *api.CreateTaskRequest, _ ...grpc.
 		Runtime:        container.Runtime.Name,
 		RuntimeOptions: container.Runtime.Options,
 		TaskOptions:    r.Options,
+		SandboxID:      container.SandboxID,
 	}
 	if r.RuntimePath != "" {
 		opts.Runtime = r.RuntimePath