github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to new release of moby/ipvs

Browse Source 
hack/pin-dependency.sh github.com/moby/ipvs v1.1.0

- go to a fixed tag for `vishvananda/netns`
- no more references to `pkg/errors`

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
This commit is contained in:
Davanum Srinivas
2023-01-14 16:02:08 -05:00
parent eabb70833a
commit d9b98bc36a
30 changed files with 267 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
vendor/github.com/moby/ipvs/.golangci.yml generated vendored Normal file
View File

@@ -0,0 +1,8 @@
linters:
disable-all: true
enable:
- gofmt
- govet
- ineffassign
- misspell
- revive

8
vendor/github.com/moby/ipvs/LICENSE generated vendored
View File

@@ -1,4 +1,5 @@
Apache License
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
@@ -178,7 +179,7 @@ Apache License
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
@@ -186,7 +187,7 @@ Apache License
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -199,4 +200,3 @@ Apache License
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

3
vendor/github.com/moby/ipvs/README.md generated vendored
View File

@@ -31,4 +31,5 @@ func main() {
Want to hack on ipvs? [Docker's contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md) apply.
## Copyright and license
Code and documentation copyright 2015 Docker, inc. Code released under the Apache 2.0 license. Docs released under Creative commons.
Copyright 2015 Docker, inc. Code released under the [Apache 2.0 license](LICENSE).

26
vendor/github.com/moby/ipvs/constants.go → vendor/github.com/moby/ipvs/constants_linux.go generated vendored
View File

@@ -1,5 +1,3 @@
// +build linux
package ipvs
const (
@@ -88,20 +86,20 @@ const (
ipvsDestAttrAddressFamily
)
// IPVS Svc Statistics constancs
// IPVS Statistics constants
const (
ipvsSvcStatsUnspec int = iota
ipvsSvcStatsConns
ipvsSvcStatsPktsIn
ipvsSvcStatsPktsOut
ipvsSvcStatsBytesIn
ipvsSvcStatsBytesOut
ipvsSvcStatsCPS
ipvsSvcStatsPPSIn
ipvsSvcStatsPPSOut
ipvsSvcStatsBPSIn
ipvsSvcStatsBPSOut
ipvsStatsUnspec int = iota
ipvsStatsConns
ipvsStatsPktsIn
ipvsStatsPktsOut
ipvsStatsBytesIn
ipvsStatsBytesOut
ipvsStatsCPS
ipvsStatsPPSIn
ipvsStatsPPSOut
ipvsStatsBPSIn
ipvsStatsBPSOut
)
// Destination forwarding methods

3
vendor/github.com/moby/ipvs/ipvs.go → vendor/github.com/moby/ipvs/ipvs_linux.go generated vendored
View File

@@ -1,5 +1,3 @@
// +build linux
package ipvs
import (
@@ -181,7 +179,6 @@ func (i *Handle) GetDestinations(s *Service) ([]*Destination, error) {
// GetService gets details of a specific IPVS services, useful in updating statisics etc.,
func (i *Handle) GetService(s *Service) (*Service, error) {
res, err := i.doGetServicesCmd(s)
if err != nil {
return nil, err

58
vendor/github.com/moby/ipvs/netlink.go → vendor/github.com/moby/ipvs/netlink_linux.go generated vendored
View File

@@ -1,5 +1,3 @@
// +build linux
package ipvs
import (
@@ -124,8 +122,8 @@ func (i *Handle) doCmdwithResponse(s *Service, d *Destination, cmd uint8) ([][]b
req.Seq = atomic.AddUint32(&i.seq, 1)
if s == nil {
req.Flags |= syscall.NLM_F_DUMP //Flag to dump all messages
req.AddData(nl.NewRtAttr(ipvsCmdAttrService, nil)) //Add a dummy attribute
req.Flags |= syscall.NLM_F_DUMP // Flag to dump all messages
req.AddData(nl.NewRtAttr(ipvsCmdAttrService, nil)) // Add a dummy attribute
} else {
req.AddData(fillService(s))
}
@@ -134,7 +132,6 @@ func (i *Handle) doCmdwithResponse(s *Service, d *Destination, cmd uint8) ([][]b
if cmd == ipvsCmdGetDest {
req.Flags |= syscall.NLM_F_DUMP
}
} else {
req.AddData(fillDestination(d))
}
@@ -259,7 +256,6 @@ done:
}
func parseIP(ip []byte, family uint16) (net.IP, error) {
var resIP net.IP
switch family {
@@ -276,7 +272,6 @@ func parseIP(ip []byte, family uint16) (net.IP, error) {
// parseStats
func assembleStats(msg []byte) (SvcStats, error) {
var s SvcStats
attrs, err := nl.ParseRouteAttr(msg)
@@ -287,25 +282,25 @@ func assembleStats(msg []byte) (SvcStats, error) {
for _, attr := range attrs {
attrType := int(attr.Attr.Type)
switch attrType {
case ipvsSvcStatsConns:
case ipvsStatsConns:
s.Connections = native.Uint32(attr.Value)
case ipvsSvcStatsPktsIn:
case ipvsStatsPktsIn:
s.PacketsIn = native.Uint32(attr.Value)
case ipvsSvcStatsPktsOut:
case ipvsStatsPktsOut:
s.PacketsOut = native.Uint32(attr.Value)
case ipvsSvcStatsBytesIn:
case ipvsStatsBytesIn:
s.BytesIn = native.Uint64(attr.Value)
case ipvsSvcStatsBytesOut:
case ipvsStatsBytesOut:
s.BytesOut = native.Uint64(attr.Value)
case ipvsSvcStatsCPS:
case ipvsStatsCPS:
s.CPS = native.Uint32(attr.Value)
case ipvsSvcStatsPPSIn:
case ipvsStatsPPSIn:
s.PPSIn = native.Uint32(attr.Value)
case ipvsSvcStatsPPSOut:
case ipvsStatsPPSOut:
s.PPSOut = native.Uint32(attr.Value)
case ipvsSvcStatsBPSIn:
case ipvsStatsBPSIn:
s.BPSIn = native.Uint32(attr.Value)
case ipvsSvcStatsBPSOut:
case ipvsStatsBPSOut:
s.BPSOut = native.Uint32(attr.Value)
}
}
@@ -314,7 +309,6 @@ func assembleStats(msg []byte) (SvcStats, error) {
// assembleService assembles a services back from a hain of netlink attributes
func assembleService(attrs []syscall.NetlinkRouteAttr) (*Service, error) {
var s Service
var addressBytes []byte
@@ -366,10 +360,9 @@ func assembleService(attrs []syscall.NetlinkRouteAttr) (*Service, error) {
// parseService given a ipvs netlink response this function will respond with a valid service entry, an error otherwise
func (i *Handle) parseService(msg []byte) (*Service, error) {
var s *Service
//Remove General header for this message and parse the NetLink message
// Remove General header for this message and parse the NetLink message
hdr := deserializeGenlMsg(msg)
NetLinkAttrs, err := nl.ParseRouteAttr(msg[hdr.Len():])
if err != nil {
@@ -379,13 +372,13 @@ func (i *Handle) parseService(msg []byte) (*Service, error) {
return nil, fmt.Errorf("error no valid netlink message found while parsing service record")
}
//Now Parse and get IPVS related attributes messages packed in this message.
// Now Parse and get IPVS related attributes messages packed in this message.
ipvsAttrs, err := nl.ParseRouteAttr(NetLinkAttrs[0].Value)
if err != nil {
return nil, err
}
//Assemble all the IPVS related attribute messages and create a service record
// Assemble all the IPVS related attribute messages and create a service record
s, err = assembleService(ipvsAttrs)
if err != nil {
return nil, err
@@ -422,7 +415,6 @@ func (i *Handle) doCmdWithoutAttr(cmd uint8) ([][]byte, error) {
}
func assembleDestination(attrs []syscall.NetlinkRouteAttr) (*Destination, error) {
var d Destination
var addressBytes []byte
@@ -447,9 +439,9 @@ func assembleDestination(attrs []syscall.NetlinkRouteAttr) (*Destination, error)
case ipvsDestAttrLowerThreshold:
d.LowerThreshold = native.Uint32(attr.Value)
case ipvsDestAttrActiveConnections:
d.ActiveConnections = int(native.Uint16(attr.Value))
d.ActiveConnections = int(native.Uint32(attr.Value))
case ipvsDestAttrInactiveConnections:
d.InactiveConnections = int(native.Uint16(attr.Value))
d.InactiveConnections = int(native.Uint32(attr.Value))
case ipvsDestAttrStats:
stats, err := assembleStats(attr.Value)
if err != nil {
@@ -486,9 +478,12 @@ func assembleDestination(attrs []syscall.NetlinkRouteAttr) (*Destination, error)
// getIPFamily parses the IP family based on raw data from netlink.
// For AF_INET, netlink will set the first 4 bytes with trailing zeros
// 10.0.0.1 -> [10 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0]
//
// 10.0.0.1 -> [10 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0]
//
// For AF_INET6, the full 16 byte array is used:
// 2001:db8:3c4d:15::1a00 -> [32 1 13 184 60 77 0 21 0 0 0 0 0 0 26 0]
//
// 2001:db8:3c4d:15::1a00 -> [32 1 13 184 60 77 0 21 0 0 0 0 0 0 26 0]
func getIPFamily(address []byte) (uint16, error) {
if len(address) == 4 {
return syscall.AF_INET, nil
@@ -519,7 +514,7 @@ func isZeros(b []byte) bool {
func (i *Handle) parseDestination(msg []byte) (*Destination, error) {
var dst *Destination
//Remove General header for this message
// Remove General header for this message
hdr := deserializeGenlMsg(msg)
NetLinkAttrs, err := nl.ParseRouteAttr(msg[hdr.Len():])
if err != nil {
@@ -529,13 +524,13 @@ func (i *Handle) parseDestination(msg []byte) (*Destination, error) {
return nil, fmt.Errorf("error no valid netlink message found while parsing destination record")
}
//Now Parse and get IPVS related attributes messages packed in this message.
// Now Parse and get IPVS related attributes messages packed in this message.
ipvsAttrs, err := nl.ParseRouteAttr(NetLinkAttrs[0].Value)
if err != nil {
return nil, err
}
//Assemble netlink attributes and create a Destination record
// Assemble netlink attributes and create a Destination record
dst, err = assembleDestination(ipvsAttrs)
if err != nil {
return nil, err
@@ -546,7 +541,6 @@ func (i *Handle) parseDestination(msg []byte) (*Destination, error) {
// doGetDestinationsCmd a wrapper function to be used by GetDestinations and GetDestination(d) apis
func (i *Handle) doGetDestinationsCmd(s *Service, d *Destination) ([]*Destination, error) {
var res []*Destination
msgs, err := i.doCmdwithResponse(s, d, ipvsCmdGetDest)
@@ -568,7 +562,7 @@ func (i *Handle) doGetDestinationsCmd(s *Service, d *Destination) ([]*Destinatio
func (i *Handle) parseConfig(msg []byte) (*Config, error) {
var c Config
//Remove General header for this message
// Remove General header for this message
hdr := deserializeGenlMsg(msg)
attrs, err := nl.ParseRouteAttr(msg[hdr.Len():])
if err != nil {

4
vendor/github.com/sirupsen/logrus/README.md generated vendored
View File

@@ -1,4 +1,4 @@
# Logrus <img src="http://i.imgur.com/hTeVwmJ.png" width="40" height="40" alt=":walrus:" class="emoji" title=":walrus:"/> [![Build Status](https://travis-ci.org/sirupsen/logrus.svg?branch=master)](https://travis-ci.org/sirupsen/logrus) [![GoDoc](https://godoc.org/github.com/sirupsen/logrus?status.svg)](https://godoc.org/github.com/sirupsen/logrus)
# Logrus <img src="http://i.imgur.com/hTeVwmJ.png" width="40" height="40" alt=":walrus:" class="emoji" title=":walrus:"/> [![Build Status](https://github.com/sirupsen/logrus/workflows/CI/badge.svg)](https://github.com/sirupsen/logrus/actions?query=workflow%3ACI) [![Build Status](https://travis-ci.org/sirupsen/logrus.svg?branch=master)](https://travis-ci.org/sirupsen/logrus) [![Go Reference](https://pkg.go.dev/badge/github.com/sirupsen/logrus.svg)](https://pkg.go.dev/github.com/sirupsen/logrus)
Logrus is a structured logger for Go (golang), completely API compatible with
the standard library logger.
@@ -341,7 +341,7 @@ import (
log "github.com/sirupsen/logrus"
)
init() {
func init() {
// do something here to set environment depending on an environment variable
// or command-line flag
if Environment == "production" {

9
vendor/github.com/sirupsen/logrus/buffer_pool.go generated vendored
View File

@@ -26,15 +26,6 @@ func (p *defaultPool) Get() *bytes.Buffer {
return p.pool.Get().(*bytes.Buffer)
}
func getBuffer() *bytes.Buffer {
return bufferPool.Get()
}
func putBuffer(buf *bytes.Buffer) {
buf.Reset()
bufferPool.Put(buf)
}
// SetBufferPool allows to replace the default logrus buffer pool
// to better meets the specific needs of an application.
func SetBufferPool(bp BufferPool) {

21
vendor/github.com/sirupsen/logrus/entry.go generated vendored
View File

@@ -232,6 +232,7 @@ func (entry *Entry) log(level Level, msg string) {
newEntry.Logger.mu.Lock()
reportCaller := newEntry.Logger.ReportCaller
bufPool := newEntry.getBufferPool()
newEntry.Logger.mu.Unlock()
if reportCaller {
@@ -239,11 +240,11 @@ func (entry *Entry) log(level Level, msg string) {
}
newEntry.fireHooks()
buffer = getBuffer()
buffer = bufPool.Get()
defer func() {
newEntry.Buffer = nil
putBuffer(buffer)
buffer.Reset()
bufPool.Put(buffer)
}()
buffer.Reset()
newEntry.Buffer = buffer
@@ -260,6 +261,13 @@ func (entry *Entry) log(level Level, msg string) {
}
}
func (entry *Entry) getBufferPool() (pool BufferPool) {
if entry.Logger.BufferPool != nil {
return entry.Logger.BufferPool
}
return bufferPool
}
func (entry *Entry) fireHooks() {
var tmpHooks LevelHooks
entry.Logger.mu.Lock()
@@ -276,18 +284,21 @@ func (entry *Entry) fireHooks() {
}
func (entry *Entry) write() {
entry.Logger.mu.Lock()
defer entry.Logger.mu.Unlock()
serialized, err := entry.Logger.Formatter.Format(entry)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to obtain reader, %v\n", err)
return
}
entry.Logger.mu.Lock()
defer entry.Logger.mu.Unlock()
if _, err := entry.Logger.Out.Write(serialized); err != nil {
fmt.Fprintf(os.Stderr, "Failed to write to log, %v\n", err)
}
}
// Log will log a message at the level given as parameter.
// Warning: using Log at Panic or Fatal level will not respectively Panic nor Exit.
// For this behaviour Entry.Panic or Entry.Fatal should be used instead.
func (entry *Entry) Log(level Level, args ...interface{}) {
if entry.Logger.IsLevelEnabled(level) {
entry.log(level, fmt.Sprint(args...))

13
vendor/github.com/sirupsen/logrus/logger.go generated vendored
View File

@@ -44,6 +44,9 @@ type Logger struct {
entryPool sync.Pool
// Function to exit the application, defaults to `os.Exit()`
ExitFunc exitFunc
// The buffer pool used to format the log. If it is nil, the default global
// buffer pool will be used.
BufferPool BufferPool
}
type exitFunc func(int)
@@ -192,6 +195,9 @@ func (logger *Logger) Panicf(format string, args ...interface{}) {
logger.Logf(PanicLevel, format, args...)
}
// Log will log a message at the level given as parameter.
// Warning: using Log at Panic or Fatal level will not respectively Panic nor Exit.
// For this behaviour Logger.Panic or Logger.Fatal should be used instead.
func (logger *Logger) Log(level Level, args ...interface{}) {
if logger.IsLevelEnabled(level) {
entry := logger.newEntry()
@@ -402,3 +408,10 @@ func (logger *Logger) ReplaceHooks(hooks LevelHooks) LevelHooks {
logger.mu.Unlock()
return oldHooks
}
// SetBufferPool sets the logger buffer pool.
func (logger *Logger) SetBufferPool(pool BufferPool) {
logger.mu.Lock()
defer logger.mu.Unlock()
logger.BufferPool = pool
}

12
vendor/github.com/vishvananda/netns/README.md generated vendored
View File

@@ -23,6 +23,7 @@ import (
"fmt"
"net"
"runtime"
"github.com/vishvananda/netns"
)
@@ -48,3 +49,14 @@ func main() {
}
```
## NOTE
The library can be safely used only with Go >= 1.10 due to [golang/go#20676](https://github.com/golang/go/issues/20676).
After locking a goroutine to its current OS thread with `runtime.LockOSThread()`
and changing its network namespace, any new subsequent goroutine won't be
scheduled on that thread while it's locked. Therefore, the new goroutine
will run in a different namespace leading to unexpected results.
See [here](https://www.weave.works/blog/linux-namespaces-golang-followup) for more details.

9
vendor/github.com/vishvananda/netns/doc.go generated vendored Normal file
View File

@@ -0,0 +1,9 @@
// Package netns allows ultra-simple network namespace handling. NsHandles
// can be retrieved and set. Note that the current namespace is thread
// local so actions that set and reset namespaces should use LockOSThread
// to make sure the namespace doesn't change due to a goroutine switch.
// It is best to close NsHandles when you are done with them. This can be
// accomplished via a `defer ns.Close()` on the handle. Changing namespaces
// requires elevated privileges, so in most cases this code needs to be run
// as root.
package netns

108
vendor/github.com/vishvananda/netns/netns_linux.go generated vendored
View File

@@ -1,5 +1,3 @@
// +build linux
package netns
import (
@@ -10,24 +8,25 @@ import (
"path/filepath"
"strconv"
"strings"
"syscall"
"golang.org/x/sys/unix"
)
// Deprecated: use syscall pkg instead (go >= 1.5 needed).
// Deprecated: use golang.org/x/sys/unix pkg instead.
const (
CLONE_NEWUTS = 0x04000000 /* New utsname group? */
CLONE_NEWIPC = 0x08000000 /* New ipcs */
CLONE_NEWUSER = 0x10000000 /* New user namespace */
CLONE_NEWPID = 0x20000000 /* New pid namespace */
CLONE_NEWNET = 0x40000000 /* New network namespace */
CLONE_IO = 0x80000000 /* Get io context */
bindMountPath = "/run/netns" /* Bind mount path for named netns */
CLONE_NEWUTS = unix.CLONE_NEWUTS /* New utsname group? */
CLONE_NEWIPC = unix.CLONE_NEWIPC /* New ipcs */
CLONE_NEWUSER = unix.CLONE_NEWUSER /* New user namespace */
CLONE_NEWPID = unix.CLONE_NEWPID /* New pid namespace */
CLONE_NEWNET = unix.CLONE_NEWNET /* New network namespace */
CLONE_IO = unix.CLONE_IO /* Get io context */
)
// Setns sets namespace using syscall. Note that this should be a method
// in syscall but it has not been added.
const bindMountPath = "/run/netns" /* Bind mount path for named netns */
// Setns sets namespace using golang.org/x/sys/unix.Setns.
//
// Deprecated: Use golang.org/x/sys/unix.Setns instead.
func Setns(ns NsHandle, nstype int) (err error) {
return unix.Setns(int(ns), nstype)
}
@@ -35,19 +34,20 @@ func Setns(ns NsHandle, nstype int) (err error) {
// Set sets the current network namespace to the namespace represented
// by NsHandle.
func Set(ns NsHandle) (err error) {
return Setns(ns, CLONE_NEWNET)
return unix.Setns(int(ns), unix.CLONE_NEWNET)
}
// New creates a new network namespace, sets it as current and returns
// a handle to it.
func New() (ns NsHandle, err error) {
if err := unix.Unshare(CLONE_NEWNET); err != nil {
if err := unix.Unshare(unix.CLONE_NEWNET); err != nil {
return -1, err
}
return Get()
}
// NewNamed creates a new named network namespace and returns a handle to it
// NewNamed creates a new named network namespace, sets it as current,
// and returns a handle to it
func NewNamed(name string) (NsHandle, error) {
if _, err := os.Stat(bindMountPath); os.IsNotExist(err) {
err = os.MkdirAll(bindMountPath, 0755)
@@ -65,13 +65,15 @@ func NewNamed(name string) (NsHandle, error) {
f, err := os.OpenFile(namedPath, os.O_CREATE|os.O_EXCL, 0444)
if err != nil {
newNs.Close()
return None(), err
}
f.Close()
nsPath := fmt.Sprintf("/proc/%d/task/%d/ns/net", os.Getpid(), syscall.Gettid())
err = syscall.Mount(nsPath, namedPath, "bind", syscall.MS_BIND, "")
nsPath := fmt.Sprintf("/proc/%d/task/%d/ns/net", os.Getpid(), unix.Gettid())
err = unix.Mount(nsPath, namedPath, "bind", unix.MS_BIND, "")
if err != nil {
newNs.Close()
return None(), err
}
@@ -82,7 +84,7 @@ func NewNamed(name string) (NsHandle, error) {
func DeleteNamed(name string) error {
namedPath := path.Join(bindMountPath, name)
err := syscall.Unmount(namedPath, syscall.MNT_DETACH)
err := unix.Unmount(namedPath, unix.MNT_DETACH)
if err != nil {
return err
}
@@ -108,7 +110,7 @@ func GetFromPath(path string) (NsHandle, error) {
// GetFromName gets a handle to a named network namespace such as one
// created by `ip netns add`.
func GetFromName(name string) (NsHandle, error) {
return GetFromPath(fmt.Sprintf("/var/run/netns/%s", name))
return GetFromPath(filepath.Join(bindMountPath, name))
}
// GetFromPid gets a handle to the network namespace of a given pid.
@@ -133,32 +135,37 @@ func GetFromDocker(id string) (NsHandle, error) {
}
// borrowed from docker/utils/utils.go
func findCgroupMountpoint(cgroupType string) (string, error) {
func findCgroupMountpoint(cgroupType string) (int, string, error) {
output, err := ioutil.ReadFile("/proc/mounts")
if err != nil {
return "", err
return -1, "", err
}
// /proc/mounts has 6 fields per line, one mount per line, e.g.
// cgroup /sys/fs/cgroup/devices cgroup rw,relatime,devices 0 0
for _, line := range strings.Split(string(output), "\n") {
parts := strings.Split(line, " ")
if len(parts) == 6 && parts[2] == "cgroup" {
for _, opt := range strings.Split(parts[3], ",") {
if opt == cgroupType {
return parts[1], nil
if len(parts) == 6 {
switch parts[2] {
case "cgroup2":
return 2, parts[1], nil
case "cgroup":
for _, opt := range strings.Split(parts[3], ",") {
if opt == cgroupType {
return 1, parts[1], nil
}
}
}
}
}
return "", fmt.Errorf("cgroup mountpoint not found for %s", cgroupType)
return -1, "", fmt.Errorf("cgroup mountpoint not found for %s", cgroupType)
}
// Returns the relative path to the cgroup docker is running in.
// borrowed from docker/utils/utils.go
// modified to get the docker pid instead of using /proc/self
func getThisCgroup(cgroupType string) (string, error) {
func getDockerCgroup(cgroupVer int, cgroupType string) (string, error) {
dockerpid, err := ioutil.ReadFile("/var/run/docker.pid")
if err != nil {
return "", err
@@ -178,7 +185,8 @@ func getThisCgroup(cgroupType string) (string, error) {
for _, line := range strings.Split(string(output), "\n") {
parts := strings.Split(line, ":")
// any type used by docker should work
if parts[1] == cgroupType {
if (cgroupVer == 1 && parts[1] == cgroupType) ||
(cgroupVer == 2 && parts[1] == "") {
return parts[2], nil
}
}
@@ -190,40 +198,56 @@ func getThisCgroup(cgroupType string) (string, error) {
// modified to only return the first pid
// modified to glob with id
// modified to search for newer docker containers
// modified to look for cgroups v2
func getPidForContainer(id string) (int, error) {
pid := 0
// memory is chosen randomly, any cgroup used by docker works
cgroupType := "memory"
cgroupRoot, err := findCgroupMountpoint(cgroupType)
cgroupVer, cgroupRoot, err := findCgroupMountpoint(cgroupType)
if err != nil {
return pid, err
}
cgroupThis, err := getThisCgroup(cgroupType)
cgroupDocker, err := getDockerCgroup(cgroupVer, cgroupType)
if err != nil {
return pid, err
}
id += "*"
var pidFile string
if cgroupVer == 1 {
pidFile = "tasks"
} else if cgroupVer == 2 {
pidFile = "cgroup.procs"
} else {
return -1, fmt.Errorf("Invalid cgroup version '%d'", cgroupVer)
}
attempts := []string{
filepath.Join(cgroupRoot, cgroupThis, id, "tasks"),
filepath.Join(cgroupRoot, cgroupDocker, id, pidFile),
// With more recent lxc versions use, cgroup will be in lxc/
filepath.Join(cgroupRoot, cgroupThis, "lxc", id, "tasks"),
filepath.Join(cgroupRoot, cgroupDocker, "lxc", id, pidFile),
// With more recent docker, cgroup will be in docker/
filepath.Join(cgroupRoot, cgroupThis, "docker", id, "tasks"),
filepath.Join(cgroupRoot, cgroupDocker, "docker", id, pidFile),
// Even more recent docker versions under systemd use docker-<id>.scope/
filepath.Join(cgroupRoot, "system.slice", "docker-"+id+".scope", "tasks"),
filepath.Join(cgroupRoot, "system.slice", "docker-"+id+".scope", pidFile),
// Even more recent docker versions under cgroup/systemd/docker/<id>/
filepath.Join(cgroupRoot, "..", "systemd", "docker", id, "tasks"),
// Kubernetes with docker and CNI is even more different
filepath.Join(cgroupRoot, "..", "systemd", "kubepods", "*", "pod*", id, "tasks"),
// Another flavor of containers location in recent kubernetes 1.11+
filepath.Join(cgroupRoot, cgroupThis, "kubepods.slice", "kubepods-besteffort.slice", "*", "docker-"+id+".scope", "tasks"),
// When runs inside of a container with recent kubernetes 1.11+
filepath.Join(cgroupRoot, "kubepods.slice", "kubepods-besteffort.slice", "*", "docker-"+id+".scope", "tasks"),
filepath.Join(cgroupRoot, "..", "systemd", "docker", id, pidFile),
// Kubernetes with docker and CNI is even more different. Works for BestEffort and Burstable QoS
filepath.Join(cgroupRoot, "..", "systemd", "kubepods", "*", "pod*", id, pidFile),
// Same as above but for Guaranteed QoS
filepath.Join(cgroupRoot, "..", "systemd", "kubepods", "pod*", id, pidFile),
// Another flavor of containers location in recent kubernetes 1.11+. Works for BestEffort and Burstable QoS
filepath.Join(cgroupRoot, cgroupDocker, "kubepods.slice", "*.slice", "*", "docker-"+id+".scope", pidFile),
// Same as above but for Guaranteed QoS
filepath.Join(cgroupRoot, cgroupDocker, "kubepods.slice", "*", "docker-"+id+".scope", pidFile),
// When runs inside of a container with recent kubernetes 1.11+. Works for BestEffort and Burstable QoS
filepath.Join(cgroupRoot, "kubepods.slice", "*.slice", "*", "docker-"+id+".scope", pidFile),
// Same as above but for Guaranteed QoS
filepath.Join(cgroupRoot, "kubepods.slice", "*", "docker-"+id+".scope", pidFile),
}
var filename string

17
vendor/github.com/vishvananda/netns/netns_unspecified.go → vendor/github.com/vishvananda/netns/netns_others.go generated vendored
View File

@@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
package netns
@@ -10,6 +11,14 @@ var (
ErrNotImplemented = errors.New("not implemented")
)
// Setns sets namespace using golang.org/x/sys/unix.Setns on Linux. It
// is not implemented on other platforms.
//
// Deprecated: Use golang.org/x/sys/unix.Setns instead.
func Setns(ns NsHandle, nstype int) (err error) {
return ErrNotImplemented
}
func Set(ns NsHandle) (err error) {
return ErrNotImplemented
}
@@ -18,6 +27,14 @@ func New() (ns NsHandle, err error) {
return -1, ErrNotImplemented
}
func NewNamed(name string) (NsHandle, error) {
return -1, ErrNotImplemented
}
func DeleteNamed(name string) error {
return ErrNotImplemented
}
func Get() (NsHandle, error) {
return -1, ErrNotImplemented
}

10
vendor/github.com/vishvananda/netns/netns.go → vendor/github.com/vishvananda/netns/nshandle_linux.go generated vendored
View File

@@ -1,11 +1,3 @@
// Package netns allows ultra-simple network namespace handling. NsHandles
// can be retrieved and set. Note that the current namespace is thread
// local so actions that set and reset namespaces should use LockOSThread
// to make sure the namespace doesn't change due to a goroutine switch.
// It is best to close NsHandles when you are done with them. This can be
// accomplished via a `defer ns.Close()` on the handle. Changing namespaces
// requires elevated privileges, so in most cases this code needs to be run
// as root.
package netns
import (
@@ -71,7 +63,7 @@ func (ns *NsHandle) Close() error {
if err := unix.Close(int(*ns)); err != nil {
return err
}
(*ns) = -1
*ns = -1
return nil
}

45
vendor/github.com/vishvananda/netns/nshandle_others.go generated vendored Normal file
View File

@@ -0,0 +1,45 @@
//go:build !linux
// +build !linux
package netns
// NsHandle is a handle to a network namespace. It can only be used on Linux,
// but provides stub methods on other platforms.
type NsHandle int
// Equal determines if two network handles refer to the same network
// namespace. It is only implemented on Linux.
func (ns NsHandle) Equal(_ NsHandle) bool {
return false
}
// String shows the file descriptor number and its dev and inode.
// It is only implemented on Linux, and returns "NS(none)" on other
// platforms.
func (ns NsHandle) String() string {
return "NS(None)"
}
// UniqueId returns a string which uniquely identifies the namespace
// associated with the network handle. It is only implemented on Linux,
// and returns "NS(none)" on other platforms.
func (ns NsHandle) UniqueId() string {
return "NS(none)"
}
// IsOpen returns true if Close() has not been called. It is only implemented
// on Linux and always returns false on other platforms.
func (ns NsHandle) IsOpen() bool {
return false
}
// Close closes the NsHandle and resets its file descriptor to -1.
// It is only implemented on Linux.
func (ns *NsHandle) Close() error {
return nil
}
// None gets an empty (closed) NsHandle.
func None() NsHandle {
return NsHandle(-1)
}