start.go 7.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229
  1. package daemon
  2. import (
  3. "fmt"
  4. "net/http"
  5. "runtime"
  6. "strings"
  7. "syscall"
  8. "time"
  9. "google.golang.org/grpc"
  10. "github.com/Sirupsen/logrus"
  11. apierrors "github.com/docker/docker/api/errors"
  12. "github.com/docker/docker/api/types"
  13. containertypes "github.com/docker/docker/api/types/container"
  14. "github.com/docker/docker/container"
  15. "github.com/docker/docker/runconfig"
  16. )
  17. // ContainerStart starts a container.
  18. func (daemon *Daemon) ContainerStart(name string, hostConfig *containertypes.HostConfig, checkpoint string, checkpointDir string) error {
  19. if checkpoint != "" && !daemon.HasExperimental() {
  20. return apierrors.NewBadRequestError(fmt.Errorf("checkpoint is only supported in experimental mode"))
  21. }
  22. container, err := daemon.GetContainer(name)
  23. if err != nil {
  24. return err
  25. }
  26. if container.IsPaused() {
  27. return fmt.Errorf("Cannot start a paused container, try unpause instead.")
  28. }
  29. if container.IsRunning() {
  30. err := fmt.Errorf("Container already started")
  31. return apierrors.NewErrorWithStatusCode(err, http.StatusNotModified)
  32. }
  33. // Windows does not have the backwards compatibility issue here.
  34. if runtime.GOOS != "windows" {
  35. // This is kept for backward compatibility - hostconfig should be passed when
  36. // creating a container, not during start.
  37. if hostConfig != nil {
  38. logrus.Warn("DEPRECATED: Setting host configuration options when the container starts is deprecated and has been removed in Docker 1.12")
  39. oldNetworkMode := container.HostConfig.NetworkMode
  40. if err := daemon.setSecurityOptions(container, hostConfig); err != nil {
  41. return err
  42. }
  43. if err := daemon.mergeAndVerifyLogConfig(&hostConfig.LogConfig); err != nil {
  44. return err
  45. }
  46. if err := daemon.setHostConfig(container, hostConfig); err != nil {
  47. return err
  48. }
  49. newNetworkMode := container.HostConfig.NetworkMode
  50. if string(oldNetworkMode) != string(newNetworkMode) {
  51. // if user has change the network mode on starting, clean up the
  52. // old networks. It is a deprecated feature and has been removed in Docker 1.12
  53. container.NetworkSettings.Networks = nil
  54. if err := container.ToDisk(); err != nil {
  55. return err
  56. }
  57. }
  58. container.InitDNSHostConfig()
  59. }
  60. } else {
  61. if hostConfig != nil {
  62. return fmt.Errorf("Supplying a hostconfig on start is not supported. It should be supplied on create")
  63. }
  64. }
  65. // check if hostConfig is in line with the current system settings.
  66. // It may happen cgroups are umounted or the like.
  67. if _, err = daemon.verifyContainerSettings(container.HostConfig, nil, false); err != nil {
  68. return err
  69. }
  70. // Adapt for old containers in case we have updates in this function and
  71. // old containers never have chance to call the new function in create stage.
  72. if hostConfig != nil {
  73. if err := daemon.adaptContainerSettings(container.HostConfig, false); err != nil {
  74. return err
  75. }
  76. }
  77. return daemon.containerStart(container, checkpoint, checkpointDir, true)
  78. }
  79. // Start starts a container
  80. func (daemon *Daemon) Start(container *container.Container) error {
  81. return daemon.containerStart(container, "", "", true)
  82. }
  83. // containerStart prepares the container to run by setting up everything the
  84. // container needs, such as storage and networking, as well as links
  85. // between containers. The container is left waiting for a signal to
  86. // begin running.
  87. func (daemon *Daemon) containerStart(container *container.Container, checkpoint string, checkpointDir string, resetRestartManager bool) (err error) {
  88. start := time.Now()
  89. container.Lock()
  90. defer container.Unlock()
  91. if resetRestartManager && container.Running { // skip this check if already in restarting step and resetRestartManager==false
  92. return nil
  93. }
  94. if container.RemovalInProgress || container.Dead {
  95. return fmt.Errorf("Container is marked for removal and cannot be started.")
  96. }
  97. // if we encounter an error during start we need to ensure that any other
  98. // setup has been cleaned up properly
  99. defer func() {
  100. if err != nil {
  101. container.SetError(err)
  102. // if no one else has set it, make sure we don't leave it at zero
  103. if container.ExitCode() == 0 {
  104. container.SetExitCode(128)
  105. }
  106. container.ToDisk()
  107. daemon.Cleanup(container)
  108. // if containers AutoRemove flag is set, remove it after clean up
  109. if container.HostConfig.AutoRemove {
  110. container.Unlock()
  111. if err := daemon.ContainerRm(container.ID, &types.ContainerRmConfig{ForceRemove: true, RemoveVolume: true}); err != nil {
  112. logrus.Errorf("can't remove container %s: %v", container.ID, err)
  113. }
  114. container.Lock()
  115. }
  116. }
  117. }()
  118. if err := daemon.conditionalMountOnStart(container); err != nil {
  119. return err
  120. }
  121. // Make sure NetworkMode has an acceptable value. We do this to ensure
  122. // backwards API compatibility.
  123. container.HostConfig = runconfig.SetDefaultNetModeIfBlank(container.HostConfig)
  124. if err := daemon.initializeNetworking(container); err != nil {
  125. return err
  126. }
  127. spec, err := daemon.createSpec(container)
  128. if err != nil {
  129. return err
  130. }
  131. createOptions, err := daemon.getLibcontainerdCreateOptions(container)
  132. if err != nil {
  133. return err
  134. }
  135. if resetRestartManager {
  136. container.ResetRestartManager(true)
  137. }
  138. if checkpointDir == "" {
  139. checkpointDir = container.CheckpointDir()
  140. }
  141. if err := daemon.containerd.Create(container.ID, checkpoint, checkpointDir, *spec, container.InitializeStdio, createOptions...); err != nil {
  142. errDesc := grpc.ErrorDesc(err)
  143. contains := func(s1, s2 string) bool {
  144. return strings.Contains(strings.ToLower(s1), s2)
  145. }
  146. logrus.Errorf("Create container failed with error: %s", errDesc)
  147. // if we receive an internal error from the initial start of a container then lets
  148. // return it instead of entering the restart loop
  149. // set to 127 for container cmd not found/does not exist)
  150. if contains(errDesc, container.Path) &&
  151. (contains(errDesc, "executable file not found") ||
  152. contains(errDesc, "no such file or directory") ||
  153. contains(errDesc, "system cannot find the file specified")) {
  154. container.SetExitCode(127)
  155. }
  156. // set to 126 for container cmd can't be invoked errors
  157. if contains(errDesc, syscall.EACCES.Error()) {
  158. container.SetExitCode(126)
  159. }
  160. // attempted to mount a file onto a directory, or a directory onto a file, maybe from user specified bind mounts
  161. if contains(errDesc, syscall.ENOTDIR.Error()) {
  162. errDesc += ": Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type"
  163. container.SetExitCode(127)
  164. }
  165. container.Reset(false)
  166. return fmt.Errorf("%s", errDesc)
  167. }
  168. containerActions.WithValues("start").UpdateSince(start)
  169. return nil
  170. }
  171. // Cleanup releases any network resources allocated to the container along with any rules
  172. // around how containers are linked together. It also unmounts the container's root filesystem.
  173. func (daemon *Daemon) Cleanup(container *container.Container) {
  174. daemon.releaseNetwork(container)
  175. container.UnmountIpcMounts(detachMounted)
  176. if err := daemon.conditionalUnmountOnCleanup(container); err != nil {
  177. // FIXME: remove once reference counting for graphdrivers has been refactored
  178. // Ensure that all the mounts are gone
  179. if mountid, err := daemon.layerStore.GetMountID(container.ID); err == nil {
  180. daemon.cleanupMountsByID(mountid)
  181. }
  182. }
  183. if err := container.UnmountSecrets(); err != nil {
  184. logrus.Warnf("%s cleanup: failed to unmount secrets: %s", container.ID, err)
  185. }
  186. for _, eConfig := range container.ExecCommands.Commands() {
  187. daemon.unregisterExecCommand(container, eConfig)
  188. }
  189. if container.BaseFS != "" {
  190. if err := container.UnmountVolumes(daemon.LogVolumeEvent); err != nil {
  191. logrus.Warnf("%s cleanup: Failed to umount volumes: %v", container.ID, err)
  192. }
  193. }
  194. container.CancelAttachContext()
  195. }