2014-10-23 04:45:23 +08:00
|
|
|
// +build linux
|
|
|
|
|
|
|
|
package libcontainer
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2014-11-01 04:56:53 +08:00
|
|
|
"fmt"
|
2014-10-23 04:45:23 +08:00
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2014-11-01 04:56:53 +08:00
|
|
|
"regexp"
|
2014-10-31 06:08:28 +08:00
|
|
|
|
2014-12-06 09:06:58 +08:00
|
|
|
"github.com/golang/glog"
|
2014-12-17 17:12:23 +08:00
|
|
|
|
2015-01-13 05:54:00 +08:00
|
|
|
cgroups "github.com/docker/libcontainer/cgroups/manager"
|
2014-12-17 17:12:23 +08:00
|
|
|
"github.com/docker/libcontainer/configs"
|
2014-12-19 17:40:03 +08:00
|
|
|
"github.com/docker/libcontainer/namespaces"
|
2014-10-23 04:45:23 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
configFilename = "config.json"
|
|
|
|
stateFilename = "state.json"
|
|
|
|
)
|
|
|
|
|
2014-11-01 04:56:53 +08:00
|
|
|
var (
|
2014-11-04 01:42:20 +08:00
|
|
|
idRegex = regexp.MustCompile(`^[\w_]+$`)
|
|
|
|
maxIdLen = 1024
|
2014-11-01 04:56:53 +08:00
|
|
|
)
|
|
|
|
|
2014-10-23 04:45:23 +08:00
|
|
|
// New returns a linux based container factory based in the root directory.
|
2014-12-15 23:05:11 +08:00
|
|
|
func New(root string, initArgs []string) (Factory, error) {
|
|
|
|
if root != "" {
|
|
|
|
if err := os.MkdirAll(root, 0700); err != nil {
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
2014-10-23 04:45:23 +08:00
|
|
|
}
|
|
|
|
return &linuxFactory{
|
2014-12-15 23:05:11 +08:00
|
|
|
root: root,
|
|
|
|
initArgs: initArgs,
|
2014-10-23 04:45:23 +08:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// linuxFactory implements the default factory interface for linux based systems.
|
|
|
|
type linuxFactory struct {
|
|
|
|
// root is the root directory
|
2014-12-15 23:05:11 +08:00
|
|
|
root string
|
|
|
|
initArgs []string
|
2014-10-23 04:45:23 +08:00
|
|
|
}
|
|
|
|
|
2014-12-17 17:12:23 +08:00
|
|
|
func (l *linuxFactory) Create(id string, config *configs.Config) (Container, error) {
|
2014-12-15 23:05:11 +08:00
|
|
|
if l.root == "" {
|
|
|
|
return nil, newGenericError(fmt.Errorf("invalid root"), ConfigInvalid)
|
|
|
|
}
|
2014-11-01 04:56:53 +08:00
|
|
|
if !idRegex.MatchString(id) {
|
2014-11-01 06:34:50 +08:00
|
|
|
return nil, newGenericError(fmt.Errorf("Invalid id format: %v", id), InvalidIdFormat)
|
|
|
|
}
|
|
|
|
|
2014-11-04 01:42:20 +08:00
|
|
|
if len(id) > maxIdLen {
|
|
|
|
return nil, newGenericError(fmt.Errorf("Invalid id format: %v", id), InvalidIdFormat)
|
|
|
|
}
|
|
|
|
|
2014-11-01 06:34:50 +08:00
|
|
|
containerRoot := filepath.Join(l.root, id)
|
2014-11-04 01:42:20 +08:00
|
|
|
_, err := os.Stat(containerRoot)
|
|
|
|
if err == nil {
|
2014-11-01 06:34:50 +08:00
|
|
|
return nil, newGenericError(fmt.Errorf("Container with id exists: %v", id), IdInUse)
|
2014-11-04 01:42:20 +08:00
|
|
|
} else if !os.IsNotExist(err) {
|
|
|
|
return nil, newGenericError(err, SystemError)
|
2014-11-01 04:56:53 +08:00
|
|
|
}
|
|
|
|
|
2014-12-15 23:05:11 +08:00
|
|
|
data, err := json.MarshalIndent(config, "", "\t")
|
|
|
|
if err != nil {
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := os.MkdirAll(containerRoot, 0700); err != nil {
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
|
|
|
|
f, err := os.Create(filepath.Join(containerRoot, configFilename))
|
|
|
|
if err != nil {
|
|
|
|
os.RemoveAll(containerRoot)
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
_, err = f.Write(data)
|
|
|
|
if err != nil {
|
|
|
|
os.RemoveAll(containerRoot)
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
|
2015-01-13 05:54:00 +08:00
|
|
|
cgroupManager := cgroups.NewCgroupManager(config.Cgroups)
|
2014-12-15 23:05:11 +08:00
|
|
|
return &linuxContainer{
|
|
|
|
id: id,
|
|
|
|
root: containerRoot,
|
|
|
|
config: config,
|
|
|
|
initArgs: l.initArgs,
|
2014-12-17 17:30:52 +08:00
|
|
|
state: &configs.State{},
|
2014-12-15 23:05:11 +08:00
|
|
|
cgroupManager: cgroupManager,
|
|
|
|
}, nil
|
2014-10-23 04:45:23 +08:00
|
|
|
}
|
|
|
|
|
2014-10-28 08:51:14 +08:00
|
|
|
func (l *linuxFactory) Load(id string) (Container, error) {
|
2014-12-15 23:05:11 +08:00
|
|
|
if l.root == "" {
|
|
|
|
return nil, newGenericError(fmt.Errorf("invalid root"), ConfigInvalid)
|
|
|
|
}
|
2014-10-23 04:45:23 +08:00
|
|
|
containerRoot := filepath.Join(l.root, id)
|
2014-12-06 09:06:58 +08:00
|
|
|
glog.Infof("loading container config from %s", containerRoot)
|
2014-10-23 04:45:23 +08:00
|
|
|
config, err := l.loadContainerConfig(containerRoot)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2014-12-06 09:06:58 +08:00
|
|
|
glog.Infof("loading container state from %s", containerRoot)
|
2014-10-23 04:45:23 +08:00
|
|
|
state, err := l.loadContainerState(containerRoot)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2015-01-14 23:47:26 +08:00
|
|
|
cgroupManager := cgroups.LoadCgroupManager(config.Cgroups, state.CgroupPaths)
|
2014-12-06 09:06:58 +08:00
|
|
|
glog.Infof("using %s as cgroup manager", cgroupManager)
|
2014-10-23 04:45:23 +08:00
|
|
|
return &linuxContainer{
|
2014-10-23 07:53:28 +08:00
|
|
|
id: id,
|
|
|
|
root: containerRoot,
|
|
|
|
config: config,
|
|
|
|
state: state,
|
2014-10-31 06:08:28 +08:00
|
|
|
cgroupManager: cgroupManager,
|
2014-12-15 23:05:11 +08:00
|
|
|
initArgs: l.initArgs,
|
2014-10-23 04:45:23 +08:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2014-12-17 17:12:23 +08:00
|
|
|
func (l *linuxFactory) loadContainerConfig(root string) (*configs.Config, error) {
|
2014-10-23 04:45:23 +08:00
|
|
|
f, err := os.Open(filepath.Join(root, configFilename))
|
|
|
|
if err != nil {
|
|
|
|
if os.IsNotExist(err) {
|
2014-10-23 07:27:06 +08:00
|
|
|
return nil, newGenericError(err, ContainerNotExists)
|
2014-10-23 04:45:23 +08:00
|
|
|
}
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
|
2014-12-17 17:12:23 +08:00
|
|
|
var config *configs.Config
|
2014-10-23 04:45:23 +08:00
|
|
|
if err := json.NewDecoder(f).Decode(&config); err != nil {
|
|
|
|
return nil, newGenericError(err, ConfigInvalid)
|
|
|
|
}
|
|
|
|
return config, nil
|
|
|
|
}
|
|
|
|
|
2014-12-17 17:30:52 +08:00
|
|
|
func (l *linuxFactory) loadContainerState(root string) (*configs.State, error) {
|
2014-10-23 04:45:23 +08:00
|
|
|
f, err := os.Open(filepath.Join(root, stateFilename))
|
|
|
|
if err != nil {
|
|
|
|
if os.IsNotExist(err) {
|
2014-10-23 07:27:06 +08:00
|
|
|
return nil, newGenericError(err, ContainerNotExists)
|
2014-10-23 04:45:23 +08:00
|
|
|
}
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
|
2014-12-17 17:30:52 +08:00
|
|
|
var state *configs.State
|
2014-10-23 04:45:23 +08:00
|
|
|
if err := json.NewDecoder(f).Decode(&state); err != nil {
|
|
|
|
return nil, newGenericError(err, SystemError)
|
|
|
|
}
|
|
|
|
return state, nil
|
|
|
|
}
|
2014-12-15 23:05:11 +08:00
|
|
|
|
|
|
|
// StartInitialization loads a container by opening the pipe fd from the parent to read the configuration and state
|
|
|
|
// This is a low level implementation detail of the reexec and should not be consumed externally
|
|
|
|
func (f *linuxFactory) StartInitialization(pipefd uintptr) (err error) {
|
2014-12-19 17:40:03 +08:00
|
|
|
pipe := os.NewFile(uintptr(pipefd), "pipe")
|
2014-12-15 23:05:11 +08:00
|
|
|
|
2015-01-27 20:54:19 +08:00
|
|
|
setupUserns := os.Getenv("_LIBCONTAINER_USERNS")
|
2014-12-23 06:06:22 +08:00
|
|
|
pid := os.Getenv("_LIBCONTAINER_INITPID")
|
2015-01-27 20:54:19 +08:00
|
|
|
if pid != "" && setupUserns == "" {
|
2014-12-23 06:06:22 +08:00
|
|
|
return namespaces.InitIn(pipe)
|
|
|
|
}
|
|
|
|
|
2015-01-27 20:54:19 +08:00
|
|
|
return namespaces.Init(pipe, setupUserns != "")
|
2014-12-15 23:05:11 +08:00
|
|
|
}
|