func (req *InstallContainerRequest) Execute(resp jobs.Response) {
id := req.Id
unitName := id.UnitNameFor()
unitPath := id.UnitPathFor()
unitVersionPath := id.VersionedUnitPathFor(req.RequestIdentifier.String())
socketUnitName := id.SocketUnitNameFor()
socketUnitPath := id.SocketUnitPathFor()
var socketActivationType string
if req.SocketActivation {
socketActivationType = "enabled"
if !req.SkipSocketProxy {
socketActivationType = "proxied"
}
}
// attempt to download the environment if it is remote
env := req.Environment
if env != nil {
if err := env.Fetch(100 * 1024); err != nil {
resp.Failure(ErrContainerCreateFailed)
return
}
if env.Empty() {
env = nil
}
}
// open and lock the base path (to prevent simultaneous updates)
state, exists, err := utils.OpenFileExclusive(unitPath, 0664)
if err != nil {
log.Print("install_container: Unable to lock unit file: ", err)
resp.Failure(ErrContainerCreateFailed)
}
defer state.Close()
// write a new file to disk that describes the new service
unit, err := utils.CreateFileExclusive(unitVersionPath, 0664)
if err != nil {
log.Print("install_container: Unable to open unit file definition: ", err)
resp.Failure(ErrContainerCreateFailed)
return
}
defer unit.Close()
// if this is an existing container, read the currently reserved ports
existingPorts := port.PortPairs{}
if exists {
existingPorts, err = containers.GetExistingPorts(id)
if err != nil {
if _, ok := err.(*os.PathError); !ok {
log.Print("install_container: Unable to read existing ports from file: ", err)
resp.Failure(ErrContainerCreateFailed)
return
}
}
}
// allocate and reserve ports for this container
reserved, erra := port.AtomicReserveExternalPorts(unitVersionPath, req.Ports, existingPorts)
if erra != nil {
log.Printf("install_container: Unable to reserve external ports: %+v", erra)
resp.Failure(ErrContainerCreateFailedPortsReserved)
return
}
if len(reserved) > 0 {
resp.WritePendingSuccess(PendingPortMappingName, reserved)
}
var portSpec string
if req.Simple && len(reserved) == 0 {
portSpec = "-P"
} else {
portSpec = dockerPortSpec(reserved)
}
// write the environment to disk
var environmentPath string
if env != nil {
if errw := env.Write(false); errw != nil {
resp.Failure(ErrContainerCreateFailed)
return
}
environmentPath = env.Id.EnvironmentPathFor()
}
// write the network links (if any) to disk
if req.NetworkLinks != nil {
if errw := req.NetworkLinks.Write(id.NetworkLinksPathFor(), false); errw != nil {
resp.Failure(ErrContainerCreateFailed)
return
}
}
slice := "container-small"
// write the definition unit file
args := csystemd.ContainerUnit{
Id: id,
Image: req.Image,
PortSpec: portSpec,
Slice: slice + ".slice",
Isolate: req.Isolate,
ReqId: req.RequestIdentifier.String(),
HomeDir: id.HomePath(),
RunDir: id.RunPathFor(),
EnvironmentPath: environmentPath,
ExecutablePath: filepath.Join("/", "usr", "bin", "gear"),
IncludePath: "",
PortPairs: reserved,
SocketUnitName: socketUnitName,
SocketActivationType: socketActivationType,
DockerFeatures: config.SystemDockerFeatures,
}
var templateName string
switch {
case req.SocketActivation:
templateName = "SOCKETACTIVATED"
case config.SystemDockerFeatures.ForegroundRun:
templateName = "FOREGROUND"
default:
templateName = "SIMPLE"
}
if erre := csystemd.ContainerUnitTemplate.ExecuteTemplate(unit, templateName, args); erre != nil {
log.Printf("install_container: Unable to output template: %+v", erre)
resp.Failure(ErrContainerCreateFailed)
defer os.Remove(unitVersionPath)
return
}
if err := unit.Close(); err != nil {
log.Printf("install_container: Unable to finish writing unit: %+v", err)
resp.Failure(ErrContainerCreateFailed)
defer os.Remove(unitVersionPath)
return
}
// swap the new definition with the old one
if err := utils.AtomicReplaceLink(unitVersionPath, unitPath); err != nil {
log.Printf("install_container: Failed to activate new unit: %+v", err)
resp.Failure(ErrContainerCreateFailed)
return
}
state.Close()
// write whether this container should be started on next boot
if req.Started {
if errs := csystemd.SetUnitStartOnBoot(id, true); errs != nil {
log.Print("install_container: Unable to write container boot link: ", err)
resp.Failure(ErrContainerCreateFailed)
return
}
}
// Generate the socket file and ignore failures
paths := []string{unitPath}
if req.SocketActivation {
if err := writeSocketUnit(socketUnitPath, &args); err == nil {
paths = []string{unitPath, socketUnitPath}
}
}
if err := systemd.EnableAndReloadUnit(systemd.Connection(), unitName, paths...); err != nil {
log.Printf("install_container: Could not enable container %s (%v): %v", unitName, paths, err)
resp.Failure(ErrContainerCreateFailed)
return
}
if req.Started {
if req.SocketActivation {
// Start the socket file, not the service and ignore failures
if err := systemd.Connection().StartUnitJob(socketUnitName, "replace"); err != nil {
log.Printf("install_container: Could not start container socket %s: %v", socketUnitName, err)
resp.Failure(ErrContainerCreateFailed)
return
}
} else {
if err := systemd.Connection().StartUnitJob(unitName, "replace"); err != nil {
log.Printf("install_container: Could not start container %s: %v", unitName, err)
resp.Failure(ErrContainerCreateFailed)
return
}
}
}
w := resp.SuccessWithWrite(jobs.ResponseAccepted, true, false)
if req.Started {
fmt.Fprintf(w, "Container %s is starting\n", id)
} else {
fmt.Fprintf(w, "Container %s is installed\n", id)
}
}
func (h *HttpTransport) ExecuteRemote(baseUrl *url.URL, job RemoteExecutable, res jobs.Response) error {
reader, writer := io.Pipe()
httpreq, errn := http.NewRequest(job.HttpMethod(), baseUrl.String(), reader)
if errn != nil {
return errn
}
id := job.MarshalRequestIdentifier()
if len(id) == 0 {
id = jobs.NewRequestIdentifier()
}
query := &url.Values{}
job.MarshalUrlQuery(query)
req := httpreq
req.Header.Set("X-Request-Id", id.String())
req.Header.Set("If-Match", "api="+ApiVersion())
req.Header.Set("Content-Type", "application/json")
//TODO: introduce API version per job
//TODO: content request signing for GETs
req.URL.Path = job.HttpPath()
req.URL.RawQuery = query.Encode()
go func() {
if err := job.MarshalHttpRequestBody(writer); err != nil {
log.Printf("http_remote: Error when writing to http: %v", err)
writer.CloseWithError(err)
} else {
writer.Close()
}
}()
resp, err := h.client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
isJson := resp.Header.Get("Content-Type") == "application/json"
switch code := resp.StatusCode; {
case code == 202:
if isJson {
return errors.New("Decoding of streaming JSON has not been implemented")
}
data, err := job.UnmarshalHttpResponse(resp.Header, nil, ResponseTable)
if err != nil {
return err
}
if pending, ok := data.(map[string]interface{}); ok {
for k := range pending {
res.WritePendingSuccess(k, pending[k])
}
}
w := res.SuccessWithWrite(jobs.ResponseOk, false, false)
if _, err := io.Copy(w, resp.Body); err != nil {
return err
}
case code == 204:
data, err := job.UnmarshalHttpResponse(resp.Header, nil, ResponseTable)
if err != nil {
return err
}
if pending, ok := data.(map[string]interface{}); ok {
for k := range pending {
res.WritePendingSuccess(k, pending[k])
}
}
res.Success(jobs.ResponseOk)
case code >= 200 && code < 300:
if !isJson {
return errors.New(fmt.Sprintf("remote: Response with %d status code had content type %s (should be application/json)", code, resp.Header.Get("Content-Type")))
}
data, err := job.UnmarshalHttpResponse(nil, resp.Body, ResponseJson)
if err != nil {
return err
}
res.SuccessWithData(jobs.ResponseOk, data)
default:
if isJson {
decoder := json.NewDecoder(resp.Body)
data := httpFailureResponse{}
if err := decoder.Decode(&data); err != nil {
return err
}
res.Failure(jobs.SimpleError{jobs.ResponseError, data.Message})
return nil
}
io.Copy(os.Stderr, resp.Body)
res.Failure(jobs.SimpleError{jobs.ResponseError, "Unable to decode response."})
}
return nil
}