Exemplo n.º 1
0
func StartEarthquakeRoutines(c *docker.Container, cfg config.Config) error {
	log.Debugf("Starting Orchestrator")
	go func() {
		oerr := StartOrchestrator(cfg)
		if oerr != nil {
			panic(log.Critical(oerr))
		}
	}()

	if cfg.GetBool("containerParam.enableEthernetInspector") {
		nfqNum := cfg.GetInt("containerParam.ethernetNFQNumber")
		if nfqNum <= 0 {
			return fmt.Errorf("strange containerParam.ethernetNFQNumber: %d", nfqNum)
		}
		log.Debugf("Configuring NFQUEUE %d for container %s", nfqNum, c.ID)
		err := SetupNFQUEUE(c, nfqNum, false, false)
		if err != nil {
			return err
		}
		log.Debugf("Starting Ethernet Inspector")
		go func() {
			ierr := StartEthernetInspector(c, nfqNum)
			if ierr != nil {
				panic(log.Critical(ierr))
			}
		}()
	}

	if cfg.GetBool("containerParam.enableProcInspector") {
		watchInterval := cfg.GetDuration("containerParam.procWatchInterval")
		if watchInterval <= 0 {
			return fmt.Errorf("strange containerParam.procWatchInterval: %s", watchInterval)
		}
		log.Debugf("Starting Process Inspector")
		go func() {
			ierr := StartProcInspector(c, watchInterval)
			if ierr != nil {
				panic(log.Critical(ierr))
			}
		}()
	}

	return nil
}
Exemplo n.º 2
0
func checkPrerequisite(cfg config.Config) error {
	dummyPID := 0
	capInst, err := cap.NewPid(dummyPID)
	if err != nil {
		return err
	}

	if cfg.GetBool("containerParam.enableEthernetInspector") {
		if !capInst.Get(cap.EFFECTIVE, cap.CAP_NET_ADMIN) {
			return fmt.Errorf("CAP_NET_ADMIN is needed.")
		}
		if !capInst.Get(cap.EFFECTIVE, cap.CAP_SYS_ADMIN) {
			return fmt.Errorf("CAP_SYS_ADMIN is needed.")
		}
	}

	if cfg.GetBool("containerParam.enableProcInspector") {
		if !capInst.Get(cap.EFFECTIVE, cap.CAP_SYS_NICE) {
			return fmt.Errorf("CAP_SYS_NICE is needed.")
		}
	}

	return nil
}