|
@@ -12,6 +12,7 @@ import (
|
|
|
"os"
|
|
"os"
|
|
|
"path/filepath"
|
|
"path/filepath"
|
|
|
|
|
|
|
|
|
|
+ "github.com/docker/docker/pkg/stringid"
|
|
|
"github.com/docker/libnetwork/types"
|
|
"github.com/docker/libnetwork/types"
|
|
|
"github.com/opencontainers/runtime-spec/specs-go"
|
|
"github.com/opencontainers/runtime-spec/specs-go"
|
|
|
"github.com/sirupsen/logrus"
|
|
"github.com/sirupsen/logrus"
|
|
@@ -24,7 +25,7 @@ const (
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
// processSetKeyReexec is a private function that must be called only on an reexec path
|
|
// processSetKeyReexec is a private function that must be called only on an reexec path
|
|
|
-// It expects 3 args { [0] = "libnetwork-setkey", [1] = <container-id>, [2] = <controller-id> }
|
|
|
|
|
|
|
+// It expects 3 args { [0] = "libnetwork-setkey", [1] = <container-id>, [2] = <short-controller-id> }
|
|
|
// It also expects specs.State as a json string in <stdin>
|
|
// It also expects specs.State as a json string in <stdin>
|
|
|
// Refer to https://github.com/opencontainers/runc/pull/160/ for more information
|
|
// Refer to https://github.com/opencontainers/runc/pull/160/ for more information
|
|
|
// The docker exec-root can be specified as "-exec-root" flag. The default value is "/run/docker".
|
|
// The docker exec-root can be specified as "-exec-root" flag. The default value is "/run/docker".
|
|
@@ -41,14 +42,14 @@ func processSetKeyReexec() {
|
|
|
execRoot := flag.String("exec-root", defaultExecRoot, "docker exec root")
|
|
execRoot := flag.String("exec-root", defaultExecRoot, "docker exec root")
|
|
|
flag.Parse()
|
|
flag.Parse()
|
|
|
|
|
|
|
|
- // expecting 3 os.Args {[0]="libnetwork-setkey", [1]=<container-id>, [2]=<controller-id> }
|
|
|
|
|
|
|
+ // expecting 3 os.Args {[0]="libnetwork-setkey", [1]=<container-id>, [2]=<short-controller-id> }
|
|
|
// (i.e. expecting 2 flag.Args())
|
|
// (i.e. expecting 2 flag.Args())
|
|
|
args := flag.Args()
|
|
args := flag.Args()
|
|
|
if len(args) < 2 {
|
|
if len(args) < 2 {
|
|
|
err = fmt.Errorf("Re-exec expects 2 args (after parsing flags), received : %d", len(args))
|
|
err = fmt.Errorf("Re-exec expects 2 args (after parsing flags), received : %d", len(args))
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
- containerID, controllerID := args[0], args[1]
|
|
|
|
|
|
|
+ containerID, shortCtlrID := args[0], args[1]
|
|
|
|
|
|
|
|
// We expect specs.State as a json string in <stdin>
|
|
// We expect specs.State as a json string in <stdin>
|
|
|
stateBuf, err := ioutil.ReadAll(os.Stdin)
|
|
stateBuf, err := ioutil.ReadAll(os.Stdin)
|
|
@@ -60,16 +61,16 @@ func processSetKeyReexec() {
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- err = SetExternalKey(controllerID, containerID, fmt.Sprintf("/proc/%d/ns/net", state.Pid), *execRoot)
|
|
|
|
|
|
|
+ err = SetExternalKey(shortCtlrID, containerID, fmt.Sprintf("/proc/%d/ns/net", state.Pid), *execRoot)
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// SetExternalKey provides a convenient way to set an External key to a sandbox
|
|
// SetExternalKey provides a convenient way to set an External key to a sandbox
|
|
|
-func SetExternalKey(controllerID string, containerID string, key string, execRoot string) error {
|
|
|
|
|
|
|
+func SetExternalKey(shortCtlrID string, containerID string, key string, execRoot string) error {
|
|
|
keyData := setKeyData{
|
|
keyData := setKeyData{
|
|
|
ContainerID: containerID,
|
|
ContainerID: containerID,
|
|
|
Key: key}
|
|
Key: key}
|
|
|
|
|
|
|
|
- uds := filepath.Join(execRoot, execSubdir, controllerID+".sock")
|
|
|
|
|
|
|
+ uds := filepath.Join(execRoot, execSubdir, shortCtlrID+".sock")
|
|
|
c, err := net.Dial("unix", uds)
|
|
c, err := net.Dial("unix", uds)
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
return err
|
|
return err
|
|
@@ -120,7 +121,8 @@ func (c *controller) startExternalKeyListener() error {
|
|
|
if err := os.MkdirAll(udsBase, 0600); err != nil {
|
|
if err := os.MkdirAll(udsBase, 0600); err != nil {
|
|
|
return err
|
|
return err
|
|
|
}
|
|
}
|
|
|
- uds := filepath.Join(udsBase, c.id+".sock")
|
|
|
|
|
|
|
+ shortCtlrID := stringid.TruncateID(c.id)
|
|
|
|
|
+ uds := filepath.Join(udsBase, shortCtlrID+".sock")
|
|
|
l, err := net.Listen("unix", uds)
|
|
l, err := net.Listen("unix", uds)
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
return err
|
|
return err
|
Grant Millar