func (cmd *GuardianCommand) Run(signals <-chan os.Signal, ready chan<- struct{}) error { logger, reconfigurableSink := cmd.Logger.Logger("guardian") if cmd.Server.Rootless { logger.Info("rootless-mode-on") } if err := exec.Command("modprobe", "aufs").Run(); err != nil { logger.Error("unable-to-load-aufs", err) } propManager, err := cmd.loadProperties(logger, cmd.Containers.PropertiesPath) if err != nil { return err } portPoolState, err := ports.LoadState(cmd.Network.PortPoolPropertiesPath) if err != nil { logger.Error("failed-to-parse-port-pool-properties", err) } portPool, err := ports.NewPool( cmd.Network.PortPoolStart, cmd.Network.PortPoolSize, portPoolState, ) if err != nil { return fmt.Errorf("invalid pool range: %s", err) } networker, iptablesStarter, err := cmd.wireNetworker(logger, propManager, portPool) if err != nil { logger.Error("failed-to-wire-networker", err) return err } restorer := gardener.NewRestorer(networker) if cmd.Containers.DestroyContainersOnStartup { restorer = &gardener.NoopRestorer{} } var volumeCreator gardener.VolumeCreator = nil if !cmd.Server.Rootless { volumeCreator = cmd.wireVolumeCreator(logger, cmd.Graph.Dir.Path(), cmd.Docker.InsecureRegistries, cmd.Graph.PersistentImages) } starters := []gardener.Starter{} if !cmd.Server.Rootless { starters = []gardener.Starter{cmd.wireRunDMCStarter(logger), iptablesStarter} } backend := &gardener.Gardener{ UidGenerator: cmd.wireUidGenerator(), Starters: starters, SysInfoProvider: sysinfo.NewProvider(cmd.Containers.Dir.Path()), Networker: networker, VolumeCreator: volumeCreator, Containerizer: cmd.wireContainerizer(logger, cmd.Containers.Dir.Path(), cmd.Bin.Dadoo.Path(), cmd.Bin.Runc, cmd.Bin.NSTar.Path(), cmd.Bin.Tar.Path(), cmd.Containers.DefaultRootFSDir.Path(), cmd.Containers.ApparmorProfile, propManager), PropertyManager: propManager, MaxContainers: cmd.Limits.MaxContainers, Restorer: restorer, Logger: logger, } var listenNetwork, listenAddr string if cmd.Server.BindIP != nil { listenNetwork = "tcp" listenAddr = fmt.Sprintf("%s:%d", cmd.Server.BindIP.IP(), cmd.Server.BindPort) } else { listenNetwork = "unix" listenAddr = cmd.Server.BindSocket } gardenServer := server.New(listenNetwork, listenAddr, cmd.Containers.DefaultGraceTime, backend, logger.Session("api")) cmd.initializeDropsonde(logger) metricsProvider := cmd.wireMetricsProvider(logger, cmd.Containers.Dir.Path(), cmd.Graph.Dir.Path()) metronNotifier := cmd.wireMetronNotifier(logger, metricsProvider) metronNotifier.Start() if cmd.Server.DebugBindIP != nil { addr := fmt.Sprintf("%s:%d", cmd.Server.DebugBindIP.IP(), cmd.Server.DebugBindPort) metrics.StartDebugServer(addr, reconfigurableSink, metricsProvider) } err = gardenServer.Start() if err != nil { logger.Error("failed-to-start-server", err) return err } close(ready) logger.Info("started", lager.Data{ "network": listenNetwork, "addr": listenAddr, }) <-signals gardenServer.Stop() cmd.saveProperties(logger, cmd.Containers.PropertiesPath, propManager) portPoolState = portPool.RefreshState() ports.SaveState(cmd.Network.PortPoolPropertiesPath, portPoolState) return nil }
AfterEach(func() { if tmpdir != "" { os.RemoveAll(tmpdir) } }) XContext("when passed a socket", func() { It("listens on the given socket path and chmods it to 0777", func() { var err error tmpdir, err = ioutil.TempDir(os.TempDir(), "api-server-test") Ω(err).ShouldNot(HaveOccurred()) socketPath := path.Join(tmpdir, "api.sock") apiServer := server.New("unix", socketPath, 0, new(fakes.FakeBackend), logger) err = apiServer.Start() Ω(err).ShouldNot(HaveOccurred()) apiClient = client.New(connection.New("unix", socketPath)) Eventually(apiClient.Ping).Should(Succeed()) stat, err := os.Stat(socketPath) Ω(err).ShouldNot(HaveOccurred()) Ω(int(stat.Mode() & 0777)).Should(Equal(0777)) }) It("deletes the socket file if it is already there", func() { var err error