func (engine *DockerTaskEngine) createContainer(task *api.Task, container *api.Container) DockerContainerMetadata { log.Info("Creating container", "task", task, "container", container) client := engine.client if container.DockerConfig.Version != nil { client = client.WithVersion(dockerclient.DockerVersion(*container.DockerConfig.Version)) } // Resolve HostConfig // we have to do this in create, not start, because docker no longer handles // merging create config with start hostconfig the same; e.g. memory limits // get lost containerMap, ok := engine.state.ContainerMapByArn(task.Arn) if !ok { containerMap = make(map[string]*api.DockerContainer) } hostConfig, hcerr := task.DockerHostConfig(container, containerMap) hostConfig.NetworkMode = "host" if hcerr != nil { return DockerContainerMetadata{Error: api.NamedError(hcerr)} } config, err := task.DockerConfig(container) if err != nil { return DockerContainerMetadata{Error: api.NamedError(err)} } name := "" for i := 0; i < len(container.Name); i++ { c := container.Name[i] if !((c <= '9' && c >= '0') || (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c == '-')) { continue } name += string(c) } containerName := "ecs-" + task.Family + "-" + task.Version + "-" + name + "-" + utils.RandHex() // Pre-add the container in case we stop before the next, more useful, // AddContainer call. This ensures we have a way to get the container if // we die before 'createContainer' returns because we can inspect by // name engine.state.AddContainer(&api.DockerContainer{DockerName: containerName, Container: container}, task) metadata := client.CreateContainer(config, hostConfig, containerName) if metadata.Error != nil { return metadata } engine.state.AddContainer(&api.DockerContainer{DockerId: metadata.DockerId, DockerName: containerName, Container: container}, task) hostConfig.NetworkMode = "host" log.Info("Created container successfully", "task", task, "container", container) return metadata }
func (u *updater) download(info *ecsacs.UpdateInfo) (err error) { if info == nil || info.Location == nil { return errors.New("No location given") } if info.Signature == nil { return errors.New("No signature given") } resp, err := u.httpclient.Get(*info.Location) if resp != nil && resp.Body != nil { defer resp.Body.Close() } if err != nil { return err } outFileBasename := utils.RandHex() + ".ecs-update.tar" outFilePath := filepath.Join(u.config.UpdateDownloadDir, outFileBasename) outFile, err := u.fs.Create(outFilePath) if err != nil { return err } defer func() { outFile.Close() if err != nil { u.fs.Remove(outFilePath) } }() hashsum := sha256.New() bodyHashReader := io.TeeReader(resp.Body, hashsum) _, err = io.Copy(outFile, bodyHashReader) if err != nil { return err } shasum := hashsum.Sum(nil) shasumString := fmt.Sprintf("%x", shasum) if shasumString != strings.TrimSpace(*info.Signature) { return errors.New("Hashsum validation failed") } err = u.fs.WriteFile(filepath.Join(u.config.UpdateDownloadDir, desiredImageFile), []byte(outFileBasename+"\n"), 0644) return err }
func (engine *DockerTaskEngine) createContainer(task *api.Task, container *api.Container) DockerContainerMetadata { log.Info("Creating container", "task", task, "container", container) client := engine.client if container.DockerConfig.Version != nil { client = client.WithVersion(dockerclient.DockerVersion(*container.DockerConfig.Version)) } // Resolve HostConfig // we have to do this in create, not start, because docker no longer handles // merging create config with start hostconfig the same; e.g. memory limits // get lost containerMap, ok := engine.state.ContainerMapByArn(task.Arn) if !ok { containerMap = make(map[string]*api.DockerContainer) } hostConfig, hcerr := task.DockerHostConfig(container, containerMap) if hcerr != nil { return DockerContainerMetadata{Error: api.NamedError(hcerr)} } config, err := task.DockerConfig(container) if err != nil { return DockerContainerMetadata{Error: api.NamedError(err)} } // Augment labels with some metadata from the agent. Explicitly do this last // such that it will always override duplicates in the provided raw config // data. config.Labels[labelPrefix+"task-arn"] = task.Arn config.Labels[labelPrefix+"container-name"] = container.Name config.Labels[labelPrefix+"task-definition-family"] = task.Family config.Labels[labelPrefix+"task-definition-version"] = task.Version config.Labels[labelPrefix+"cluster"] = engine.cfg.Cluster name := "" for i := 0; i < len(container.Name); i++ { c := container.Name[i] if !((c <= '9' && c >= '0') || (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c == '-')) { continue } name += string(c) } containerName := "ecs-" + task.Family + "-" + task.Version + "-" + name + "-" + utils.RandHex() // Pre-add the container in case we stop before the next, more useful, // AddContainer call. This ensures we have a way to get the container if // we die before 'createContainer' returns because we can inspect by // name engine.state.AddContainer(&api.DockerContainer{DockerName: containerName, Container: container}, task) seelog.Infof("Created container name mapping for task %s - %s -> %s", task, container, containerName) engine.saver.ForceSave() metadata := client.CreateContainer(config, hostConfig, containerName) if metadata.DockerId != "" { engine.state.AddContainer(&api.DockerContainer{DockerId: metadata.DockerId, DockerName: containerName, Container: container}, task) } seelog.Infof("Created docker container for task %s: %s -> %s", task, container, metadata.DockerId) return metadata }