From dd22a3a8061f51c4d50afc4be7c18623bfb19232 Mon Sep 17 00:00:00 2001 From: Maksym Pavlenko Date: Thu, 5 Jan 2023 20:57:52 -0800 Subject: [PATCH] Move WithMounts to specs Signed-off-by: Maksym Pavlenko --- pkg/cri/opts/spec.go | 7 ++-- pkg/cri/opts/spec_linux.go | 15 ++++---- .../sbserver/podsandbox/sandbox_run_linux.go | 5 +-- pkg/cri/server/sandbox_run_linux.go | 5 +-- pkg/os/mount_windows.go | 38 +++++++++++++++++++ pkg/os/os.go | 5 +++ pkg/os/os_unix.go | 10 ----- pkg/os/testing/fake_os_unix.go | 23 ----------- 8 files changed, 59 insertions(+), 49 deletions(-) create mode 100644 pkg/os/mount_windows.go delete mode 100644 pkg/os/testing/fake_os_unix.go diff --git a/pkg/cri/opts/spec.go b/pkg/cri/opts/spec.go index c8d40b743..d0c9896f6 100644 --- a/pkg/cri/opts/spec.go +++ b/pkg/cri/opts/spec.go @@ -25,12 +25,13 @@ import ( "sort" "strings" - "github.com/containerd/containerd/containers" - "github.com/containerd/containerd/oci" - "github.com/containerd/containerd/pkg/cri/util" imagespec "github.com/opencontainers/image-spec/specs-go/v1" runtimespec "github.com/opencontainers/runtime-spec/specs-go" runtime "k8s.io/cri-api/pkg/apis/runtime/v1" + + "github.com/containerd/containerd/containers" + "github.com/containerd/containerd/oci" + "github.com/containerd/containerd/pkg/cri/util" ) // DefaultSandboxCPUshares is default cpu shares for sandbox container. diff --git a/pkg/cri/opts/spec_linux.go b/pkg/cri/opts/spec_linux.go index 8b94cc5b7..a7fde4a8f 100644 --- a/pkg/cri/opts/spec_linux.go +++ b/pkg/cri/opts/spec_linux.go @@ -31,16 +31,17 @@ import ( "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi" "github.com/containerd/cgroups/v3" "github.com/containerd/cgroups/v3/cgroup1" - "github.com/containerd/containerd/containers" - "github.com/containerd/containerd/log" - "github.com/containerd/containerd/mount" - "github.com/containerd/containerd/oci" - osinterface "github.com/containerd/containerd/pkg/os" runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" runtime "k8s.io/cri-api/pkg/apis/runtime/v1" + + "github.com/containerd/containerd/containers" + "github.com/containerd/containerd/log" + "github.com/containerd/containerd/mount" + "github.com/containerd/containerd/oci" + osinterface "github.com/containerd/containerd/pkg/os" ) // WithMounts sorts and adds runtime and CRI mounts to the spec @@ -134,13 +135,13 @@ func WithMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*ru // Since default root propagation in runc is rprivate ignore // setting the root propagation case runtime.MountPropagation_PROPAGATION_BIDIRECTIONAL: - if err := ensureShared(src, osi.(osinterface.UNIX).LookupMount); err != nil { + if err := ensureShared(src, osi.LookupMount); err != nil { return err } options = append(options, "rshared") s.Linux.RootfsPropagation = "rshared" case runtime.MountPropagation_PROPAGATION_HOST_TO_CONTAINER: - if err := ensureSharedOrSlave(src, osi.(osinterface.UNIX).LookupMount); err != nil { + if err := ensureSharedOrSlave(src, osi.LookupMount); err != nil { return err } options = append(options, "rslave") diff --git a/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go b/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go index 0845bb12a..179b46238 100644 --- a/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go +++ b/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go @@ -33,7 +33,6 @@ import ( "github.com/containerd/containerd/pkg/cri/annotations" customopts "github.com/containerd/containerd/pkg/cri/opts" - osinterface "github.com/containerd/containerd/pkg/os" "github.com/containerd/containerd/pkg/userns" ) @@ -291,7 +290,7 @@ func (c *Controller) setupSandboxFiles(id string, config *runtime.PodSandboxConf return fmt.Errorf("failed to create sandbox shm: %w", err) } shmproperty := fmt.Sprintf("mode=1777,size=%d", defaultShmSize) - if err := c.os.(osinterface.UNIX).Mount("shm", sandboxDevShm, "tmpfs", uintptr(unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV), shmproperty); err != nil { + if err := c.os.Mount("shm", sandboxDevShm, "tmpfs", uintptr(unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV), shmproperty); err != nil { return fmt.Errorf("failed to mount sandbox shm: %w", err) } } @@ -327,7 +326,7 @@ func (c *Controller) cleanupSandboxFiles(id string, config *runtime.PodSandboxCo if err != nil { return fmt.Errorf("failed to follow symlink: %w", err) } - if err := c.os.(osinterface.UNIX).Unmount(path); err != nil && !os.IsNotExist(err) { + if err := c.os.Unmount(path); err != nil && !os.IsNotExist(err) { return fmt.Errorf("failed to unmount %q: %w", path, err) } } diff --git a/pkg/cri/server/sandbox_run_linux.go b/pkg/cri/server/sandbox_run_linux.go index 78cca50c6..ee5d3fb10 100644 --- a/pkg/cri/server/sandbox_run_linux.go +++ b/pkg/cri/server/sandbox_run_linux.go @@ -34,7 +34,6 @@ import ( "github.com/containerd/containerd/pkg/cri/annotations" customopts "github.com/containerd/containerd/pkg/cri/opts" - osinterface "github.com/containerd/containerd/pkg/os" "github.com/containerd/containerd/pkg/userns" ) @@ -309,7 +308,7 @@ func (c *criService) setupSandboxFiles(id string, config *runtime.PodSandboxConf return fmt.Errorf("failed to create sandbox shm: %w", err) } shmproperty := fmt.Sprintf("mode=1777,size=%d", defaultShmSize) - if err := c.os.(osinterface.UNIX).Mount("shm", sandboxDevShm, "tmpfs", uintptr(unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV), shmproperty); err != nil { + if err := c.os.Mount("shm", sandboxDevShm, "tmpfs", uintptr(unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV), shmproperty); err != nil { return fmt.Errorf("failed to mount sandbox shm: %w", err) } } @@ -345,7 +344,7 @@ func (c *criService) cleanupSandboxFiles(id string, config *runtime.PodSandboxCo if err != nil { return fmt.Errorf("failed to follow symlink: %w", err) } - if err := c.os.(osinterface.UNIX).Unmount(path); err != nil && !os.IsNotExist(err) { + if err := c.os.Unmount(path); err != nil && !os.IsNotExist(err) { return fmt.Errorf("failed to unmount %q: %w", path, err) } } diff --git a/pkg/os/mount_windows.go b/pkg/os/mount_windows.go new file mode 100644 index 000000000..78426cd6f --- /dev/null +++ b/pkg/os/mount_windows.go @@ -0,0 +1,38 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package os + +import ( + "errors" + + "github.com/containerd/containerd/mount" +) + +// Mount is an empty stub on Windows. +func (RealOS) Mount(source string, target string, fstype string, flags uintptr, data string) error { + return errors.New("mount is not supported on Windows") +} + +// Unmount is an empty stub on Windows. +func (RealOS) Unmount(target string) error { + return errors.New("unmount is not supported on Windows") +} + +// LookupMount is an empty stub on Windows. +func (RealOS) LookupMount(path string) (mount.Info, error) { + return mount.Info{}, errors.New("mount lookups are not supported on Windows") +} diff --git a/pkg/os/os.go b/pkg/os/os.go index 3a9d8159b..7bdc4046f 100644 --- a/pkg/os/os.go +++ b/pkg/os/os.go @@ -21,6 +21,8 @@ import ( "os" "github.com/moby/sys/symlink" + + "github.com/containerd/containerd/mount" ) // OS collects system level operations that need to be mocked out @@ -34,6 +36,9 @@ type OS interface { CopyFile(src, dest string, perm os.FileMode) error WriteFile(filename string, data []byte, perm os.FileMode) error Hostname() (string, error) + Mount(source string, target string, fstype string, flags uintptr, data string) error + Unmount(target string) error + LookupMount(path string) (mount.Info, error) } // RealOS is used to dispatch the real system level operations. diff --git a/pkg/os/os_unix.go b/pkg/os/os_unix.go index be64d9c94..59bac1e01 100644 --- a/pkg/os/os_unix.go +++ b/pkg/os/os_unix.go @@ -21,18 +21,8 @@ package os import ( "os" "path/filepath" - - "github.com/containerd/containerd/mount" ) -// UNIX collects unix system level operations that need to be -// mocked out during tests. -type UNIX interface { - Mount(source string, target string, fstype string, flags uintptr, data string) error - Unmount(target string) error - LookupMount(path string) (mount.Info, error) -} - // ResolveSymbolicLink will follow any symbolic links func (RealOS) ResolveSymbolicLink(path string) (string, error) { info, err := os.Lstat(path) diff --git a/pkg/os/testing/fake_os_unix.go b/pkg/os/testing/fake_os_unix.go deleted file mode 100644 index 0f65f3ac8..000000000 --- a/pkg/os/testing/fake_os_unix.go +++ /dev/null @@ -1,23 +0,0 @@ -//go:build !windows - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package testing - -import osInterface "github.com/containerd/containerd/pkg/os" - -var _ osInterface.UNIX = &FakeOS{}