Exemple #1
0
func init() {
	execdriver.RegisterInitFunc(DriverName, func(args *execdriver.InitArgs) error {
		var container *libcontainer.Config
		f, err := os.Open(filepath.Join(args.Root, "container.json"))
		if err != nil {
			return err
		}

		if err := json.NewDecoder(f).Decode(&container); err != nil {
			f.Close()
			return err
		}
		f.Close()

		rootfs, err := os.Getwd()
		if err != nil {
			return err
		}

		syncPipe, err := syncpipe.NewSyncPipeFromFd(0, uintptr(args.Pipe))
		if err != nil {
			return err
		}

		if err := namespaces.Init(container, rootfs, args.Console, syncPipe, args.Args); err != nil {
			return err
		}

		return nil
	})
}
Exemple #2
0
func initAction(context *cli.Context) {
	runtime.LockOSThread()

	container, err := loadConfig()
	if err != nil {
		log.Fatal(err)
	}

	rootfs, err := os.Getwd()
	if err != nil {
		log.Fatal(err)
	}

	pipeFd, err := strconv.Atoi(rawPipeFd)
	if err != nil {
		log.Fatal(err)
	}

	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, uintptr(pipeFd))
	if err != nil {
		log.Fatalf("unable to create sync pipe: %s", err)
	}

	if err := namespaces.Init(container, rootfs, console, syncPipe, []string(context.Args())); err != nil {
		log.Fatalf("unable to initialize for container: %s", err)
	}
}
Exemple #3
0
// init runs the libcontainer initialization code because of the busybox style needs
// to work around the go runtime and the issues with forking
func init() {
	if len(os.Args) < 2 || os.Args[1] != "init" {
		return
	}
	runtime.LockOSThread()

	container, err := loadConfig()
	if err != nil {
		log.Fatal(err)
	}

	rootfs, err := os.Getwd()
	if err != nil {
		log.Fatal(err)
	}

	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, 3)
	if err != nil {
		log.Fatalf("unable to create sync pipe: %s", err)
	}

	if err := namespaces.Init(container, rootfs, "", syncPipe, os.Args[3:]); err != nil {
		log.Fatalf("unable to initialize for container: %s", err)
	}
	os.Exit(1)
}
Exemple #4
0
// loadConfigFromFd loads a container's config from the sync pipe that is provided by
// fd 3 when running a process
func loadConfigFromFd() (*libcontainer.Config, error) {
	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, 3)
	if err != nil {
		return nil, err
	}

	var config *libcontainer.Config
	if err := syncPipe.ReadFromParent(&config); err != nil {
		return nil, err
	}

	return config, nil
}
Exemple #5
0
// this expects that we already have our namespaces setup by the C initializer
// we are expected to finalize the namespace and exec the user's application
func nsenter() {
	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, 3)
	if err != nil {
		log.Fatalf("unable to create sync pipe: %s", err)
	}

	var config *libcontainer.Config
	if err := syncPipe.ReadFromParent(&config); err != nil {
		log.Fatalf("reading container config from parent: %s", err)
	}

	if err := namespaces.FinalizeSetns(config, findUserArgs()); err != nil {
		log.Fatalf("failed to nsenter: %s", err)
	}
}
Exemple #6
0
func initializer() {
	runtime.LockOSThread()

	var (
		pipe    = flag.Int("pipe", 0, "sync pipe fd")
		console = flag.String("console", "", "console (pty slave) path")
		root    = flag.String("root", ".", "root path for configuration files")
	)

	flag.Parse()

	var container *libcontainer.Config
	f, err := os.Open(filepath.Join(*root, "container.json"))
	if err != nil {
		writeError(err)
	}

	if err := json.NewDecoder(f).Decode(&container); err != nil {
		f.Close()
		writeError(err)
	}
	f.Close()

	rootfs, err := os.Getwd()
	if err != nil {
		writeError(err)
	}

	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, uintptr(*pipe))
	if err != nil {
		writeError(err)
	}

	if err := namespaces.Init(container, rootfs, *console, syncPipe, flag.Args()); err != nil {
		writeError(err)
	}

	panic("Unreachable")
}
func execMonitor() {
	log.Debugf("Starting docker monitor %v", os.Args)

	var (
		root        string
		socketGroup string
		ID          string
		err         error
	)

	flag.StringVar(&root, "root", "/var/lib/docker", "docker root directory")
	flag.StringVar(&socketGroup, "group", "docker", "socket user group")
	flag.StringVar(&ID, "id", "", "container id")

	flag.Parse()

	initLogging(true)

	if ID == "" || root == "" {
		log.Errorf("%s: container id can't be null", dockerMonitor)
		flag.Usage()
		os.Exit(1)
	}

	monitorCfg.ID = ID
	monitorCfg.Root = root
	monitorCfg.SocketGroup = socketGroup

	syncPipe, err := syncpipe.NewSyncPipeFromFd(0, 3)
	if err != nil {
		log.Errorf("%s: open sync pipe failed: %v", dockerMonitor, err)
		os.Exit(1)
	}

	watching := daemon.NewStateWatcher()

	log.Debugf("MonitorConfig: %v", *monitorCfg)

	monitor := daemon.InitDockerMonitor(monitorCfg, watching)
	if monitor == nil {
		log.Errorf("Initial docker monitor return nil")
		os.Exit(1)
	}

	srv := apiserver.NewMonitorServer(&apiserver.ServerConfig{
		Logging:     true,
		EnableCors:  true,
		Version:     dockerversion.VERSION,
		SocketGroup: monitorCfg.SocketGroup,
	}, monitor, watching)

	signal.Trap(srv.Shutdown)

	// notify monitor proxy when server is setup
	go func() {
		select {
		case <-srv.Start():
			log.Debugf("Monitor server is up, notify monitor proxy")
			syncPipe.CloseChild()
		}
	}()

	//srvAPIWait := make(chan error)

	// setup Monitor server
	protoAddrs := []string{fmt.Sprintf("unix://%s/%s.sock", daemon.MonitorSockDir, ID)}
	go func() {
		if err := srv.ServeApi(protoAddrs); err != nil {
			log.Errorf("ServeAPI error: %v", err)
			//srvAPIWait <- err
			srv.Notify(err)
		}
	}()
	srv.AcceptConnections()

	err = srv.Wait()

	log.Infof("docker monitor exit, with error: %v", err)
}