// loadFactory returns the configured factory instance for execing containers.
func loadFactory(context *cli.Context) (libcontainer.Factory, error) {
var (
debug = "false"
root = context.GlobalString("root")
)
if context.GlobalBool("debug") {
debug = "true"
}
abs, err := filepath.Abs(root)
if err != nil {
return nil, err
}
logAbs, err := filepath.Abs(context.GlobalString("log"))
if err != nil {
return nil, err
}
return libcontainer.New(abs, libcontainer.Cgroupfs, func(l *libcontainer.LinuxFactory) error {
l.CriuPath = context.GlobalString("criu")
return nil
},
libcontainer.InitArgs(os.Args[0],
"--log", logAbs,
"--log-format", context.GlobalString("log-format"),
fmt.Sprintf("--debug=%s", debug),
"init"),
)
}
func NewLibcontainerBackend(config *LibcontainerConfig) (Backend, error) {
factory, err := libcontainer.New(
containerRoot,
libcontainer.Cgroupfs,
libcontainer.InitArgs(os.Args[0], "libcontainer-init"),
)
if err != nil {
return nil, err
}
if err := setupCGroups(config.PartitionCGroups); err != nil {
return nil, err
}
defaultTmpfs, err := createTmpfs(resource.DefaultTempDiskSize)
if err != nil {
return nil, err
}
shutdown.BeforeExit(func() { defaultTmpfs.Delete() })
l := &LibcontainerBackend{
LibcontainerConfig: config,
factory: factory,
logStreams: make(map[string]map[string]*logmux.LogStream),
containers: make(map[string]*Container),
defaultEnv: make(map[string]string),
resolvConf: "/etc/resolv.conf",
ipalloc: ipallocator.New(),
discoverdConfigured: make(chan struct{}),
networkConfigured: make(chan struct{}),
globalState: &libcontainerGlobalState{},
defaultTmpfs: defaultTmpfs,
}
l.httpClient = &http.Client{Transport: &http.Transport{
Dial: dialer.RetryDial(l.discoverdDial),
}}
return l, nil
}
func NewLibcontainerBackend(state *State, vman *volumemanager.Manager, bridgeName, initPath string, mux *logmux.Mux, partitionCGroups map[string]int64, logger log15.Logger) (Backend, error) {
factory, err := libcontainer.New(
containerRoot,
libcontainer.Cgroupfs,
libcontainer.InitArgs(os.Args[0], "libcontainer-init"),
)
pinkertonCtx, err := pinkerton.BuildContext("aufs", imageRoot)
if err != nil {
return nil, err
}
if err := setupCGroups(partitionCGroups); err != nil {
return nil, err
}
return &LibcontainerBackend{
InitPath: initPath,
factory: factory,
state: state,
vman: vman,
pinkerton: pinkertonCtx,
logStreams: make(map[string]map[string]*logmux.LogStream),
containers: make(map[string]*Container),
defaultEnv: make(map[string]string),
resolvConf: "/etc/resolv.conf",
mux: mux,
ipalloc: ipallocator.New(),
bridgeName: bridgeName,
discoverdConfigured: make(chan struct{}),
networkConfigured: make(chan struct{}),
partitionCGroups: partitionCGroups,
logger: logger,
globalState: &libcontainerGlobalState{},
}, nil
}
// runCmdInDir runs the given command inside a container under dir
func runCmdInDir(im *schema.ImageManifest, cmd, dir string, jail bool, mounts []*configs.Mount) error {
exePath, err := osext.Executable()
if err != nil {
return fmt.Errorf("error getting path to the current executable: %v", err)
}
factory, err := libcontainer.New(dir, libcontainer.InitArgs(exePath, "init"))
if err != nil {
return fmt.Errorf("error creating a container factory: %v", err)
}
// The containter ID doesn't really matter here... using a UUID
containerID := uuid.NewV4().String()
var container libcontainer.Container
if jail {
config := &configs.Config{}
if err := json.Unmarshal([]byte(LibcontainerDefaultConfig), config); err != nil {
return fmt.Errorf("error unmarshalling default config: %v", err)
}
config.Rootfs = dir
config.Readonlyfs = false
container, err = factory.Create(containerID, config)
if err != nil {
return fmt.Errorf("error creating a container: %v", err)
}
} else {
container, err = factory.Create(containerID, &configs.Config{
Rootfs: dir,
Mounts: mounts,
Cgroups: &configs.Cgroup{
Name: containerID,
Parent: "system",
AllowAllDevices: false,
AllowedDevices: configs.DefaultAllowedDevices,
},
})
if err != nil {
return fmt.Errorf("error creating a container: %v", err)
}
}
process := &libcontainer.Process{
Args: strings.Fields(cmd),
User: "******",
Stdin: os.Stdin,
Stdout: os.Stdout,
Stderr: os.Stderr,
}
if im.App != nil {
process.Env = util.ACIEnvironmentToList(im.App.Environment)
}
process.Env = []string{"PATH=/usr/bin:/sbin/:/bin"}
if err := container.Start(process); err != nil {
return fmt.Errorf("error starting the process inside the container: %v", err)
}
_, err = process.Wait()
if err != nil {
return fmt.Errorf("error running the process: %v", err)
}
if err := container.Destroy(); err != nil {
return fmt.Errorf("error destroying the container: %v", err)
}
return nil
}