Andrey Vagin
6334be0ac5
cgroups: add TODO before NewCgroupManager()
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 01:45:49 +03:00
Andrey Vagin
4eaff5e14e
cgroups: don't change a freezer state if an operation failed
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 01:45:49 +03:00
Andrey Vagin
083d91f8c3
cgroups: Add comments for methods of cgroup managers
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 01:45:49 +03:00
Andrey Vagin
ee6e585e21
cgroups: replace SetPaths on LoadCgroupManager
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 00:44:14 +03:00
Andrey Vagin
ba4257a146
new-api: add the Freezer method to cgroup.Manager
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 00:43:14 +03:00
Andrey Vagin
59e66b818d
nsinit: add getContainer()
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 00:43:13 +03:00
Andrey Vagin
6dd7552537
new-api: implement fs and systemd cgroup managers
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-01-15 00:43:13 +03:00
Victor Marmol
a7ab930d8d
Merge pull request #311 from avagin/api-linux
...
new-api: execute a process inside an existing container
2015-01-13 14:59:29 -08:00
Andrey Vagin
195a08efbc
new-api: set Cloneflags in namespace.Exec()
...
This place looks more suitable.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-25 18:44:10 +03:00
Andrey Vagin
d572094b75
new-api: execute a process inside an existing container
...
A new constructor function (like nsenter) is added in this patch. This
function gets arguments from environment variables and its behaviour doesn't
depend on a command line arguments.
A program which calls factory.StartInitialization() must import the nsenter
package. It looks ugly, but I don't know another way how to enter into CT from
a go code.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-25 18:44:10 +03:00
Andrey Vagin
11ce56a9e0
new-api: clean up startInitProcess()
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-24 00:19:18 +03:00
Andrey Vagin
13841ef37d
new-api: return the Running state only if the init process is alive
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-23 16:30:37 +03:00
Andrey Vagin
1a380ac436
nsinit: remove ticks around nsenter
...
If we really need these command, we need to expand API.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-23 16:30:37 +03:00
Victor Marmol
e1b4ec3363
Merge pull request #306 from avagin/api-linux-2
...
Use namespace.Exec() and namespace.Init() to execute processes in CT
2014-12-19 07:44:16 -08:00
Andrey Vagin
c912207636
namespaces: combine Process.Env and Container.Env
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 14:48:16 +03:00
Andrey Vagin
86653c66a3
libcontinaer: use new API in integration tests
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 14:48:16 +03:00
Andrey Vagin
540f44d3b2
process: use io.Reader instead of io.WriteCloser for standard fds
...
Could someone explain why we should close this fds? Usually users
cares about closing them or not.
For example exec.Cmd declares them as io.Reader.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 14:48:16 +03:00
Andrey Vagin
7996829914
libcontainer: optimize updateStateFile()
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 14:48:15 +03:00
Andrey Vagin
5ecd29c1f2
linux_container: fork an init process in a new set of namespaces
...
Use namespace.Exec() and namespace.Init() to execute processes in CT.
Now an init process is actually executed in a new container. This series
doesn't change code about creating containers, it only reworks code according
with new API.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 14:47:04 +03:00
Andrey Vagin
c406a6b6e0
nsinit: clean up
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 12:32:34 +03:00
Andrey Vagin
ce9d63376f
libcontainer: move State in the configs package
...
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 12:32:34 +03:00
Andrey Vagin
7038ddbc8c
libcontainer: move Config in a separate package
...
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-19 12:32:34 +03:00
Victor Marmol
c44e63a62d
Merge pull request #299 from avagin/api-linux
...
Prepare ground for moving on new API
2014-12-18 09:22:17 -08:00
Andrey Vagin
44024d0c47
Makefile: get the glog package
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2014-12-17 07:39:18 +03:00
Andrey Vagin
8e9a6d28d2
linux_container: execute an init process in a new CT
...
Here is a first step to implement a new API. Currently the init
processes is executed without namespaces and cgroups.
Signed-off-by: Andrew Vagin <avagin@openvz.org>
2014-12-17 07:39:18 +03:00
Andrey Vagin
2441babc48
linux_factory: add StartInitialization()
...
After forking a new processes in a new container, we need to call exec()
and tune namespaces.
Signed-off-by: Andrew Vagin <avagin@openvz.org>
2014-12-16 09:19:16 +03:00
Andrey Vagin
bce773a8c4
linux_container: ct.Destroy() returns error if CT isn't stopped
...
Signed-off-by: Andrew Vagin <avagin@openvz.org>
2014-12-16 09:19:12 +03:00
Andrey Vagin
159db89c1f
nsinit: use the new API for executing processes
...
Signed-off-by: Andrew Vagin <avagin@openvz.org>
2014-12-16 09:19:02 +03:00
Andrey Vagin
b608f5df10
nsinit: Add Makefile
...
Signed-off-by: Andrew Vagin <avagin@openvz.org>
2014-12-16 09:18:48 +03:00
Victor Marmol
646ca2ba11
Minor refactorings to fix build.
...
Signed-off-by: Victor Marmol <vmarmol@google.com>
2014-12-05 17:13:25 -08:00
Victor Marmol
e5636543cc
Switch from logrus to glog.
...
Signed-off-by: Victor Marmol <vmarmol@google.com>
2014-12-05 17:06:58 -08:00
Mrunal Patel
de57f78590
More error handling and fixup
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2014-12-05 15:24:42 -08:00
Mrunal Patel
3f26e9a891
Add check for ID already in use.
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2014-12-05 15:24:42 -08:00
Mrunal Patel
66e6806fd2
Adds ID validation.
...
Docker-DCO-1.1-Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
2014-12-05 15:24:42 -08:00
Michael Crosby
47b41a6f5d
Add logger to container and factory
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
d5b8418f75
Remove ContainerInfo interface
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
ccb83a1e83
Add cgroup manage for mocking of package resources
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
926ab56ea8
Add testing for linux factory Load
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
7760faaab4
Add stacktrace package for collection of stacktraces
...
This helps aid our effort of returning useful errors.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
6310a958e6
Implement linux factory and container with readonly interface
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:24:42 -08:00
Michael Crosby
6bf1e4ddfc
Update container interface with process operations
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:20:16 -08:00
Michael Crosby
e28b636b7b
Add ContainerInfo instead of using a readonly state
...
This modifies Load in the factory to return a ContainerInfo interface
that is the read only view of the container when it is loaded.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-05 15:20:16 -08:00
Mrunal Patel
6ffd59a784
Merge pull request #279 from crosbymichael/namespaces-join
...
Change namespaces config to include path for setns
2014-12-04 11:19:48 -08:00
Michael Crosby
12124f731d
Remove unused namespace types
...
This removes the unsued namespace types from the namespace package
and simplifies getting the values for the namespaces.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-03 15:47:26 -08:00
Michael Crosby
549f508d5b
Change namespaces config to include path for setns
...
This changes the namespace configuration on the config to include the
name of the namespace along with an optional path. This path is used to
point to a file of another namespace for the namespace so that it can be
joined in place of the empty, initialized namespace.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-03 12:00:43 -08:00
Mrunal Patel
53eca435e6
Merge pull request #273 from vishh/prctl
...
Set child sub reaper option on nsenter
2014-12-02 15:28:38 -08:00
Michael Crosby
b02b0b037b
Merge pull request #278 from milosgajdos83/macvtap
...
Introducing macvtap device to netlink package
2014-12-02 15:16:51 -08:00
Rohit Jnagal
51aa43f44c
Merge pull request #282 from crosbymichael/spec
...
Add container spec
2014-12-02 00:03:08 -08:00
Michael Crosby
c511f7cfed
Add container spec
...
This document specifies the current container specification with all the
underlying setup and configuration that goes into making a container.
This is the v1 spec that is today but allows for flexability when we
introduce more features such as seccomp default profiles and more.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-12-01 16:42:01 -05:00
Michael Crosby
7ce34f58cb
Merge pull request #280 from cpuguy83/add_rlimit_support
...
Add support for setting rlimit for contianer
2014-11-26 11:14:49 -08:00