|
@@ -90,9 +90,6 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba
|
|
|
d.activeContainers[c.ID] = &c.Cmd
|
|
|
|
|
|
var (
|
|
|
- master *os.File
|
|
|
- console string
|
|
|
-
|
|
|
dataPath = filepath.Join(d.root, c.ID)
|
|
|
args = append([]string{c.Entrypoint}, c.Arguments...)
|
|
|
)
|
|
@@ -105,72 +102,36 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba
|
|
|
return -1, err
|
|
|
}
|
|
|
|
|
|
- // create a pipe so that we can syncronize with the namespaced process and
|
|
|
- // pass the veth name to the child
|
|
|
- syncPipe, err := nsinit.NewSyncPipe()
|
|
|
- if err != nil {
|
|
|
- return -1, err
|
|
|
- }
|
|
|
term := getTerminal(c, pipes)
|
|
|
|
|
|
- if container.Tty {
|
|
|
- master, console, err = system.CreateMasterAndConsole()
|
|
|
- if err != nil {
|
|
|
- return -1, err
|
|
|
- }
|
|
|
- term.SetMaster(master)
|
|
|
- }
|
|
|
-
|
|
|
- setupCommand(d, c, container, console, syncPipe.Child(), args)
|
|
|
- if err := term.Attach(&c.Cmd); err != nil {
|
|
|
- return -1, err
|
|
|
- }
|
|
|
- defer term.Close()
|
|
|
-
|
|
|
- if err := c.Start(); err != nil {
|
|
|
- return -1, err
|
|
|
- }
|
|
|
-
|
|
|
- started, err := system.GetProcessStartTime(c.Process.Pid)
|
|
|
- if err != nil {
|
|
|
- return -1, err
|
|
|
- }
|
|
|
- if err := nsinit.WritePid(dataPath, c.Process.Pid, started); err != nil {
|
|
|
- c.Process.Kill()
|
|
|
- return -1, err
|
|
|
- }
|
|
|
- defer nsinit.DeletePid(dataPath)
|
|
|
-
|
|
|
- // Do this before syncing with child so that no children
|
|
|
- // can escape the cgroup
|
|
|
- cleaner, err := nsinit.SetupCgroups(container, c.Process.Pid)
|
|
|
- if err != nil {
|
|
|
- c.Process.Kill()
|
|
|
- return -1, err
|
|
|
- }
|
|
|
- if cleaner != nil {
|
|
|
- defer cleaner.Cleanup()
|
|
|
- }
|
|
|
-
|
|
|
- if err := nsinit.InitializeNetworking(container, c.Process.Pid, syncPipe); err != nil {
|
|
|
- c.Process.Kill()
|
|
|
- return -1, err
|
|
|
- }
|
|
|
-
|
|
|
- // Sync with child
|
|
|
- syncPipe.Close()
|
|
|
-
|
|
|
- if startCallback != nil {
|
|
|
- startCallback(c)
|
|
|
- }
|
|
|
-
|
|
|
- if err := c.Wait(); err != nil {
|
|
|
- if _, ok := err.(*exec.ExitError); !ok {
|
|
|
- return -1, err
|
|
|
+ return nsinit.Exec(container, term, c.Rootfs, dataPath, args, func(container *libcontainer.Container, console, rootfs, dataPath, init string, child *os.File, args []string) *exec.Cmd {
|
|
|
+ // we need to join the rootfs because nsinit will setup the rootfs and chroot
|
|
|
+ initPath := filepath.Join(c.Rootfs, c.InitPath)
|
|
|
+
|
|
|
+ c.Path = d.initPath
|
|
|
+ c.Args = append([]string{
|
|
|
+ initPath,
|
|
|
+ "-driver", DriverName,
|
|
|
+ "-console", console,
|
|
|
+ "-pipe", "3",
|
|
|
+ "-root", filepath.Join(d.root, c.ID),
|
|
|
+ "--",
|
|
|
+ }, args...)
|
|
|
+
|
|
|
+ // set this to nil so that when we set the clone flags anything else is reset
|
|
|
+ c.SysProcAttr = nil
|
|
|
+ system.SetCloneFlags(&c.Cmd, uintptr(nsinit.GetNamespaceFlags(container.Namespaces)))
|
|
|
+ c.ExtraFiles = []*os.File{child}
|
|
|
+
|
|
|
+ c.Env = container.Env
|
|
|
+ c.Dir = c.Rootfs
|
|
|
+
|
|
|
+ return &c.Cmd
|
|
|
+ }, func() {
|
|
|
+ if startCallback != nil {
|
|
|
+ startCallback(c)
|
|
|
}
|
|
|
- }
|
|
|
- return c.ProcessState.Sys().(syscall.WaitStatus).ExitStatus(), nil
|
|
|
-
|
|
|
+ })
|
|
|
}
|
|
|
|
|
|
func (d *driver) Kill(p *execdriver.Command, sig int) error {
|
|
@@ -297,26 +258,3 @@ func getTerminal(c *execdriver.Command, pipes *execdriver.Pipes) nsinit.Terminal
|
|
|
c.Terminal = term
|
|
|
return term
|
|
|
}
|
|
|
-
|
|
|
-func setupCommand(d *driver, c *execdriver.Command, container *libcontainer.Container, console string, syncFile *os.File, args []string) {
|
|
|
- // we need to join the rootfs because nsinit will setup the rootfs and chroot
|
|
|
- initPath := filepath.Join(c.Rootfs, c.InitPath)
|
|
|
-
|
|
|
- c.Path = d.initPath
|
|
|
- c.Args = append([]string{
|
|
|
- initPath,
|
|
|
- "-driver", DriverName,
|
|
|
- "-console", console,
|
|
|
- "-pipe", "3",
|
|
|
- "-root", filepath.Join(d.root, c.ID),
|
|
|
- "--",
|
|
|
- }, args...)
|
|
|
-
|
|
|
- // set this to nil so that when we set the clone flags anything else is reset
|
|
|
- c.SysProcAttr = nil
|
|
|
- system.SetCloneFlags(&c.Cmd, uintptr(nsinit.GetNamespaceFlags(container.Namespaces)))
|
|
|
- c.ExtraFiles = []*os.File{syncFile}
|
|
|
-
|
|
|
- c.Env = container.Env
|
|
|
- c.Dir = c.Rootfs
|
|
|
-}
|