12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331 |
- package libcontainerd
- import (
- "context"
- "encoding/json"
- "fmt"
- "io/ioutil"
- "os"
- "path"
- "path/filepath"
- "regexp"
- "strings"
- "sync"
- "syscall"
- "time"
- "github.com/Microsoft/hcsshim"
- opengcs "github.com/Microsoft/opengcs/client"
- "github.com/containerd/containerd"
- "github.com/containerd/containerd/cio"
- "github.com/docker/docker/pkg/sysinfo"
- "github.com/docker/docker/pkg/system"
- specs "github.com/opencontainers/runtime-spec/specs-go"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
- "golang.org/x/sys/windows"
- )
- const InitProcessName = "init"
- type process struct {
- id string
- pid int
- hcsProcess hcsshim.Process
- }
- type container struct {
- sync.Mutex
- // The ociSpec is required, as client.Create() needs a spec, but can
- // be called from the RestartManager context which does not otherwise
- // have access to the Spec
- ociSpec *specs.Spec
- isWindows bool
- manualStopRequested bool
- hcsContainer hcsshim.Container
- id string
- status Status
- exitedAt time.Time
- exitCode uint32
- waitCh chan struct{}
- init *process
- execs map[string]*process
- updatePending bool
- }
- // Win32 error codes that are used for various workarounds
- // These really should be ALL_CAPS to match golangs syscall library and standard
- // Win32 error conventions, but golint insists on CamelCase.
- const (
- CoEClassstring = syscall.Errno(0x800401F3) // Invalid class string
- ErrorNoNetwork = syscall.Errno(1222) // The network is not present or not started
- ErrorBadPathname = syscall.Errno(161) // The specified path is invalid
- ErrorInvalidObject = syscall.Errno(0x800710D8) // The object identifier does not represent a valid object
- )
- // defaultOwner is a tag passed to HCS to allow it to differentiate between
- // container creator management stacks. We hard code "docker" in the case
- // of docker.
- const defaultOwner = "docker"
- func (c *client) Version(ctx context.Context) (containerd.Version, error) {
- return containerd.Version{}, errors.New("not implemented on Windows")
- }
- // Create is the entrypoint to create a container from a spec.
- // Table below shows the fields required for HCS JSON calling parameters,
- // where if not populated, is omitted.
- // +-----------------+--------------------------------------------+---------------------------------------------------+
- // | | Isolation=Process | Isolation=Hyper-V |
- // +-----------------+--------------------------------------------+---------------------------------------------------+
- // | VolumePath | \\?\\Volume{GUIDa} | |
- // | LayerFolderPath | %root%\windowsfilter\containerID | %root%\windowsfilter\containerID (servicing only) |
- // | Layers[] | ID=GUIDb;Path=%root%\windowsfilter\layerID | ID=GUIDb;Path=%root%\windowsfilter\layerID |
- // | HvRuntime | | ImagePath=%root%\BaseLayerID\UtilityVM |
- // +-----------------+--------------------------------------------+---------------------------------------------------+
- //
- // Isolation=Process example:
- //
- // {
- // "SystemType": "Container",
- // "Name": "5e0055c814a6005b8e57ac59f9a522066e0af12b48b3c26a9416e23907698776",
- // "Owner": "docker",
- // "VolumePath": "\\\\\\\\?\\\\Volume{66d1ef4c-7a00-11e6-8948-00155ddbef9d}",
- // "IgnoreFlushesDuringBoot": true,
- // "LayerFolderPath": "C:\\\\control\\\\windowsfilter\\\\5e0055c814a6005b8e57ac59f9a522066e0af12b48b3c26a9416e23907698776",
- // "Layers": [{
- // "ID": "18955d65-d45a-557b-bf1c-49d6dfefc526",
- // "Path": "C:\\\\control\\\\windowsfilter\\\\65bf96e5760a09edf1790cb229e2dfb2dbd0fcdc0bf7451bae099106bfbfea0c"
- // }],
- // "HostName": "5e0055c814a6",
- // "MappedDirectories": [],
- // "HvPartition": false,
- // "EndpointList": ["eef2649d-bb17-4d53-9937-295a8efe6f2c"],
- // "Servicing": false
- //}
- //
- // Isolation=Hyper-V example:
- //
- //{
- // "SystemType": "Container",
- // "Name": "475c2c58933b72687a88a441e7e0ca4bd72d76413c5f9d5031fee83b98f6045d",
- // "Owner": "docker",
- // "IgnoreFlushesDuringBoot": true,
- // "Layers": [{
- // "ID": "18955d65-d45a-557b-bf1c-49d6dfefc526",
- // "Path": "C:\\\\control\\\\windowsfilter\\\\65bf96e5760a09edf1790cb229e2dfb2dbd0fcdc0bf7451bae099106bfbfea0c"
- // }],
- // "HostName": "475c2c58933b",
- // "MappedDirectories": [],
- // "HvPartition": true,
- // "EndpointList": ["e1bb1e61-d56f-405e-b75d-fd520cefa0cb"],
- // "DNSSearchList": "a.com,b.com,c.com",
- // "HvRuntime": {
- // "ImagePath": "C:\\\\control\\\\windowsfilter\\\\65bf96e5760a09edf1790cb229e2dfb2dbd0fcdc0bf7451bae099106bfbfea0c\\\\UtilityVM"
- // },
- // "Servicing": false
- //}
- func (c *client) Create(_ context.Context, id string, spec *specs.Spec, runtimeOptions interface{}) error {
- if ctr := c.getContainer(id); ctr != nil {
- return errors.WithStack(newConflictError("id already in use"))
- }
- // spec.Linux must be nil for Windows containers, but spec.Windows
- // will be filled in regardless of container platform. This is a
- // temporary workaround due to LCOW requiring layer folder paths,
- // which are stored under spec.Windows.
- //
- // TODO: @darrenstahlmsft fix this once the OCI spec is updated to
- // support layer folder paths for LCOW
- if spec.Linux == nil {
- return c.createWindows(id, spec, runtimeOptions)
- }
- return c.createLinux(id, spec, runtimeOptions)
- }
- func (c *client) createWindows(id string, spec *specs.Spec, runtimeOptions interface{}) error {
- logger := c.logger.WithField("container", id)
- configuration := &hcsshim.ContainerConfig{
- SystemType: "Container",
- Name: id,
- Owner: defaultOwner,
- IgnoreFlushesDuringBoot: spec.Windows.IgnoreFlushesDuringBoot,
- HostName: spec.Hostname,
- HvPartition: false,
- Servicing: spec.Windows.Servicing,
- }
- if spec.Windows.Resources != nil {
- if spec.Windows.Resources.CPU != nil {
- if spec.Windows.Resources.CPU.Count != nil {
- // This check is being done here rather than in adaptContainerSettings
- // because we don't want to update the HostConfig in case this container
- // is moved to a host with more CPUs than this one.
- cpuCount := *spec.Windows.Resources.CPU.Count
- hostCPUCount := uint64(sysinfo.NumCPU())
- if cpuCount > hostCPUCount {
- c.logger.Warnf("Changing requested CPUCount of %d to current number of processors, %d", cpuCount, hostCPUCount)
- cpuCount = hostCPUCount
- }
- configuration.ProcessorCount = uint32(cpuCount)
- }
- if spec.Windows.Resources.CPU.Shares != nil {
- configuration.ProcessorWeight = uint64(*spec.Windows.Resources.CPU.Shares)
- }
- if spec.Windows.Resources.CPU.Maximum != nil {
- configuration.ProcessorMaximum = int64(*spec.Windows.Resources.CPU.Maximum)
- }
- }
- if spec.Windows.Resources.Memory != nil {
- if spec.Windows.Resources.Memory.Limit != nil {
- configuration.MemoryMaximumInMB = int64(*spec.Windows.Resources.Memory.Limit) / 1024 / 1024
- }
- }
- if spec.Windows.Resources.Storage != nil {
- if spec.Windows.Resources.Storage.Bps != nil {
- configuration.StorageBandwidthMaximum = *spec.Windows.Resources.Storage.Bps
- }
- if spec.Windows.Resources.Storage.Iops != nil {
- configuration.StorageIOPSMaximum = *spec.Windows.Resources.Storage.Iops
- }
- }
- }
- if spec.Windows.HyperV != nil {
- configuration.HvPartition = true
- }
- if spec.Windows.Network != nil {
- configuration.EndpointList = spec.Windows.Network.EndpointList
- configuration.AllowUnqualifiedDNSQuery = spec.Windows.Network.AllowUnqualifiedDNSQuery
- if spec.Windows.Network.DNSSearchList != nil {
- configuration.DNSSearchList = strings.Join(spec.Windows.Network.DNSSearchList, ",")
- }
- configuration.NetworkSharedContainerName = spec.Windows.Network.NetworkSharedContainerName
- }
- if cs, ok := spec.Windows.CredentialSpec.(string); ok {
- configuration.Credentials = cs
- }
- // We must have least two layers in the spec, the bottom one being a
- // base image, the top one being the RW layer.
- if spec.Windows.LayerFolders == nil || len(spec.Windows.LayerFolders) < 2 {
- return fmt.Errorf("OCI spec is invalid - at least two LayerFolders must be supplied to the runtime")
- }
- // Strip off the top-most layer as that's passed in separately to HCS
- configuration.LayerFolderPath = spec.Windows.LayerFolders[len(spec.Windows.LayerFolders)-1]
- layerFolders := spec.Windows.LayerFolders[:len(spec.Windows.LayerFolders)-1]
- if configuration.HvPartition {
- // We don't currently support setting the utility VM image explicitly.
- // TODO @swernli/jhowardmsft circa RS3/4, this may be re-locatable.
- if spec.Windows.HyperV.UtilityVMPath != "" {
- return errors.New("runtime does not support an explicit utility VM path for Hyper-V containers")
- }
- // Find the upper-most utility VM image.
- var uvmImagePath string
- for _, path := range layerFolders {
- fullPath := filepath.Join(path, "UtilityVM")
- _, err := os.Stat(fullPath)
- if err == nil {
- uvmImagePath = fullPath
- break
- }
- if !os.IsNotExist(err) {
- return err
- }
- }
- if uvmImagePath == "" {
- return errors.New("utility VM image could not be found")
- }
- configuration.HvRuntime = &hcsshim.HvRuntime{ImagePath: uvmImagePath}
- if spec.Root.Path != "" {
- return errors.New("OCI spec is invalid - Root.Path must be omitted for a Hyper-V container")
- }
- } else {
- const volumeGUIDRegex = `^\\\\\?\\(Volume)\{{0,1}[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\}){0,1}\}\\$`
- if _, err := regexp.MatchString(volumeGUIDRegex, spec.Root.Path); err != nil {
- return fmt.Errorf(`OCI spec is invalid - Root.Path '%s' must be a volume GUID path in the format '\\?\Volume{GUID}\'`, spec.Root.Path)
- }
- // HCS API requires the trailing backslash to be removed
- configuration.VolumePath = spec.Root.Path[:len(spec.Root.Path)-1]
- }
- if spec.Root.Readonly {
- return errors.New(`OCI spec is invalid - Root.Readonly must not be set on Windows`)
- }
- for _, layerPath := range layerFolders {
- _, filename := filepath.Split(layerPath)
- g, err := hcsshim.NameToGuid(filename)
- if err != nil {
- return err
- }
- configuration.Layers = append(configuration.Layers, hcsshim.Layer{
- ID: g.ToString(),
- Path: layerPath,
- })
- }
- // Add the mounts (volumes, bind mounts etc) to the structure
- var mds []hcsshim.MappedDir
- var mps []hcsshim.MappedPipe
- for _, mount := range spec.Mounts {
- const pipePrefix = `\\.\pipe\`
- if mount.Type != "" {
- return fmt.Errorf("OCI spec is invalid - Mount.Type '%s' must not be set", mount.Type)
- }
- if strings.HasPrefix(mount.Destination, pipePrefix) {
- mp := hcsshim.MappedPipe{
- HostPath: mount.Source,
- ContainerPipeName: mount.Destination[len(pipePrefix):],
- }
- mps = append(mps, mp)
- } else {
- md := hcsshim.MappedDir{
- HostPath: mount.Source,
- ContainerPath: mount.Destination,
- ReadOnly: false,
- }
- for _, o := range mount.Options {
- if strings.ToLower(o) == "ro" {
- md.ReadOnly = true
- }
- }
- mds = append(mds, md)
- }
- }
- configuration.MappedDirectories = mds
- if len(mps) > 0 && system.GetOSVersion().Build < 16210 { // replace with Win10 RS3 build number at RTM
- return errors.New("named pipe mounts are not supported on this version of Windows")
- }
- configuration.MappedPipes = mps
- hcsContainer, err := hcsshim.CreateContainer(id, configuration)
- if err != nil {
- return err
- }
- // Construct a container object for calling start on it.
- ctr := &container{
- id: id,
- execs: make(map[string]*process),
- isWindows: true,
- ociSpec: spec,
- hcsContainer: hcsContainer,
- status: StatusCreated,
- waitCh: make(chan struct{}),
- }
- // Start the container. If this is a servicing container, this call
- // will block until the container is done with the servicing
- // execution.
- logger.Debug("starting container")
- if err = hcsContainer.Start(); err != nil {
- c.logger.WithError(err).Error("failed to start container")
- ctr.debugGCS()
- if err := c.terminateContainer(ctr); err != nil {
- c.logger.WithError(err).Error("failed to cleanup after a failed Start")
- } else {
- c.logger.Debug("cleaned up after failed Start by calling Terminate")
- }
- return err
- }
- ctr.debugGCS()
- c.Lock()
- c.containers[id] = ctr
- c.Unlock()
- logger.Debug("createWindows() completed successfully")
- return nil
- }
- func (c *client) createLinux(id string, spec *specs.Spec, runtimeOptions interface{}) error {
- logrus.Debugf("libcontainerd: createLinux(): containerId %s ", id)
- logger := c.logger.WithField("container", id)
- if runtimeOptions == nil {
- return fmt.Errorf("lcow option must be supplied to the runtime")
- }
- lcowConfig, ok := runtimeOptions.(*opengcs.Config)
- if !ok {
- return fmt.Errorf("lcow option must be supplied to the runtime")
- }
- configuration := &hcsshim.ContainerConfig{
- HvPartition: true,
- Name: id,
- SystemType: "container",
- ContainerType: "linux",
- Owner: defaultOwner,
- TerminateOnLastHandleClosed: true,
- }
- if lcowConfig.ActualMode == opengcs.ModeActualVhdx {
- configuration.HvRuntime = &hcsshim.HvRuntime{
- ImagePath: lcowConfig.Vhdx,
- BootSource: "Vhd",
- WritableBootSource: false,
- }
- } else {
- configuration.HvRuntime = &hcsshim.HvRuntime{
- ImagePath: lcowConfig.KirdPath,
- LinuxKernelFile: lcowConfig.KernelFile,
- LinuxInitrdFile: lcowConfig.InitrdFile,
- LinuxBootParameters: lcowConfig.BootParameters,
- }
- }
- if spec.Windows == nil {
- return fmt.Errorf("spec.Windows must not be nil for LCOW containers")
- }
- // We must have least one layer in the spec
- if spec.Windows.LayerFolders == nil || len(spec.Windows.LayerFolders) == 0 {
- return fmt.Errorf("OCI spec is invalid - at least one LayerFolders must be supplied to the runtime")
- }
- // Strip off the top-most layer as that's passed in separately to HCS
- configuration.LayerFolderPath = spec.Windows.LayerFolders[len(spec.Windows.LayerFolders)-1]
- layerFolders := spec.Windows.LayerFolders[:len(spec.Windows.LayerFolders)-1]
- for _, layerPath := range layerFolders {
- _, filename := filepath.Split(layerPath)
- g, err := hcsshim.NameToGuid(filename)
- if err != nil {
- return err
- }
- configuration.Layers = append(configuration.Layers, hcsshim.Layer{
- ID: g.ToString(),
- Path: filepath.Join(layerPath, "layer.vhd"),
- })
- }
- if spec.Windows.Network != nil {
- configuration.EndpointList = spec.Windows.Network.EndpointList
- configuration.AllowUnqualifiedDNSQuery = spec.Windows.Network.AllowUnqualifiedDNSQuery
- if spec.Windows.Network.DNSSearchList != nil {
- configuration.DNSSearchList = strings.Join(spec.Windows.Network.DNSSearchList, ",")
- }
- configuration.NetworkSharedContainerName = spec.Windows.Network.NetworkSharedContainerName
- }
- // Add the mounts (volumes, bind mounts etc) to the structure. We have to do
- // some translation for both the mapped directories passed into HCS and in
- // the spec.
- //
- // For HCS, we only pass in the mounts from the spec which are type "bind".
- // Further, the "ContainerPath" field (which is a little mis-leadingly
- // named when it applies to the utility VM rather than the container in the
- // utility VM) is moved to under /tmp/gcs/<ID>/binds, where this is passed
- // by the caller through a 'uvmpath' option.
- //
- // We do similar translation for the mounts in the spec by stripping out
- // the uvmpath option, and translating the Source path to the location in the
- // utility VM calculated above.
- //
- // From inside the utility VM, you would see a 9p mount such as in the following
- // where a host folder has been mapped to /target. The line with /tmp/gcs/<ID>/binds
- // specifically:
- //
- // / # mount
- // rootfs on / type rootfs (rw,size=463736k,nr_inodes=115934)
- // proc on /proc type proc (rw,relatime)
- // sysfs on /sys type sysfs (rw,relatime)
- // udev on /dev type devtmpfs (rw,relatime,size=498100k,nr_inodes=124525,mode=755)
- // tmpfs on /run type tmpfs (rw,relatime)
- // cgroup on /sys/fs/cgroup type cgroup (rw,relatime,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,net_cls,perf_event,net_prio,hugetlb,pids,rdma)
- // mqueue on /dev/mqueue type mqueue (rw,relatime)
- // devpts on /dev/pts type devpts (rw,relatime,mode=600,ptmxmode=000)
- // /binds/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/target on /binds/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/target type 9p (rw,sync,dirsync,relatime,trans=fd,rfdno=6,wfdno=6)
- // /dev/pmem0 on /tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/layer0 type ext4 (ro,relatime,block_validity,delalloc,norecovery,barrier,dax,user_xattr,acl)
- // /dev/sda on /tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/scratch type ext4 (rw,relatime,block_validity,delalloc,barrier,user_xattr,acl)
- // overlay on /tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/rootfs type overlay (rw,relatime,lowerdir=/tmp/base/:/tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/layer0,upperdir=/tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/scratch/upper,workdir=/tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc/scratch/work)
- //
- // /tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc # ls -l
- // total 16
- // drwx------ 3 0 0 60 Sep 7 18:54 binds
- // -rw-r--r-- 1 0 0 3345 Sep 7 18:54 config.json
- // drwxr-xr-x 10 0 0 4096 Sep 6 17:26 layer0
- // drwxr-xr-x 1 0 0 4096 Sep 7 18:54 rootfs
- // drwxr-xr-x 5 0 0 4096 Sep 7 18:54 scratch
- //
- // /tmp/gcs/b3ea9126d67702173647ece2744f7c11181c0150e9890fc9a431849838033edc # ls -l binds
- // total 0
- // drwxrwxrwt 2 0 0 4096 Sep 7 16:51 target
- mds := []hcsshim.MappedDir{}
- specMounts := []specs.Mount{}
- for _, mount := range spec.Mounts {
- specMount := mount
- if mount.Type == "bind" {
- // Strip out the uvmpath from the options
- updatedOptions := []string{}
- uvmPath := ""
- readonly := false
- for _, opt := range mount.Options {
- dropOption := false
- elements := strings.SplitN(opt, "=", 2)
- switch elements[0] {
- case "uvmpath":
- uvmPath = elements[1]
- dropOption = true
- case "rw":
- case "ro":
- readonly = true
- case "rbind":
- default:
- return fmt.Errorf("unsupported option %q", opt)
- }
- if !dropOption {
- updatedOptions = append(updatedOptions, opt)
- }
- }
- mount.Options = updatedOptions
- if uvmPath == "" {
- return fmt.Errorf("no uvmpath for bind mount %+v", mount)
- }
- md := hcsshim.MappedDir{
- HostPath: mount.Source,
- ContainerPath: path.Join(uvmPath, mount.Destination),
- CreateInUtilityVM: true,
- ReadOnly: readonly,
- }
- mds = append(mds, md)
- specMount.Source = path.Join(uvmPath, mount.Destination)
- }
- specMounts = append(specMounts, specMount)
- }
- configuration.MappedDirectories = mds
- hcsContainer, err := hcsshim.CreateContainer(id, configuration)
- if err != nil {
- return err
- }
- spec.Mounts = specMounts
- // Construct a container object for calling start on it.
- ctr := &container{
- id: id,
- execs: make(map[string]*process),
- isWindows: false,
- ociSpec: spec,
- hcsContainer: hcsContainer,
- status: StatusCreated,
- waitCh: make(chan struct{}),
- }
- // Start the container. If this is a servicing container, this call
- // will block until the container is done with the servicing
- // execution.
- logger.Debug("starting container")
- if err = hcsContainer.Start(); err != nil {
- c.logger.WithError(err).Error("failed to start container")
- ctr.debugGCS()
- if err := c.terminateContainer(ctr); err != nil {
- c.logger.WithError(err).Error("failed to cleanup after a failed Start")
- } else {
- c.logger.Debug("cleaned up after failed Start by calling Terminate")
- }
- return err
- }
- ctr.debugGCS()
- c.Lock()
- c.containers[id] = ctr
- c.Unlock()
- c.eventQ.append(id, func() {
- ei := EventInfo{
- ContainerID: id,
- }
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventCreate,
- }).Info("sending event")
- err := c.backend.ProcessEvent(id, EventCreate, ei)
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": id,
- "event": EventCreate,
- }).Error("failed to process event")
- }
- })
- logger.Debug("createLinux() completed successfully")
- return nil
- }
- func (c *client) Start(_ context.Context, id, _ string, withStdin bool, attachStdio StdioCallback) (int, error) {
- ctr := c.getContainer(id)
- switch {
- case ctr == nil:
- return -1, errors.WithStack(newNotFoundError("no such container"))
- case ctr.init != nil:
- return -1, errors.WithStack(newConflictError("container already started"))
- }
- logger := c.logger.WithField("container", id)
- // Note we always tell HCS to create stdout as it's required
- // regardless of '-i' or '-t' options, so that docker can always grab
- // the output through logs. We also tell HCS to always create stdin,
- // even if it's not used - it will be closed shortly. Stderr is only
- // created if it we're not -t.
- var (
- emulateConsole bool
- createStdErrPipe bool
- )
- if ctr.ociSpec.Process != nil {
- emulateConsole = ctr.ociSpec.Process.Terminal
- createStdErrPipe = !ctr.ociSpec.Process.Terminal && !ctr.ociSpec.Windows.Servicing
- }
- createProcessParms := &hcsshim.ProcessConfig{
- EmulateConsole: emulateConsole,
- WorkingDirectory: ctr.ociSpec.Process.Cwd,
- CreateStdInPipe: !ctr.ociSpec.Windows.Servicing,
- CreateStdOutPipe: !ctr.ociSpec.Windows.Servicing,
- CreateStdErrPipe: createStdErrPipe,
- }
- if ctr.ociSpec.Process != nil && ctr.ociSpec.Process.ConsoleSize != nil {
- createProcessParms.ConsoleSize[0] = uint(ctr.ociSpec.Process.ConsoleSize.Height)
- createProcessParms.ConsoleSize[1] = uint(ctr.ociSpec.Process.ConsoleSize.Width)
- }
- // Configure the environment for the process
- createProcessParms.Environment = setupEnvironmentVariables(ctr.ociSpec.Process.Env)
- if ctr.isWindows {
- createProcessParms.CommandLine = strings.Join(ctr.ociSpec.Process.Args, " ")
- } else {
- createProcessParms.CommandArgs = ctr.ociSpec.Process.Args
- }
- createProcessParms.User = ctr.ociSpec.Process.User.Username
- // LCOW requires the raw OCI spec passed through HCS and onwards to
- // GCS for the utility VM.
- if !ctr.isWindows {
- ociBuf, err := json.Marshal(ctr.ociSpec)
- if err != nil {
- return -1, err
- }
- ociRaw := json.RawMessage(ociBuf)
- createProcessParms.OCISpecification = &ociRaw
- }
- ctr.Lock()
- defer ctr.Unlock()
- // Start the command running in the container.
- newProcess, err := ctr.hcsContainer.CreateProcess(createProcessParms)
- if err != nil {
- logger.WithError(err).Error("CreateProcess() failed")
- return -1, err
- }
- defer func() {
- if err != nil {
- if err := newProcess.Kill(); err != nil {
- logger.WithError(err).Error("failed to kill process")
- }
- go func() {
- if err := newProcess.Wait(); err != nil {
- logger.WithError(err).Error("failed to wait for process")
- }
- if err := newProcess.Close(); err != nil {
- logger.WithError(err).Error("failed to clean process resources")
- }
- }()
- }
- }()
- p := &process{
- hcsProcess: newProcess,
- id: InitProcessName,
- pid: newProcess.Pid(),
- }
- logger.WithField("pid", p.pid).Debug("init process started")
- // If this is a servicing container, wait on the process synchronously here and
- // if it succeeds, wait for it cleanly shutdown and merge into the parent container.
- if ctr.ociSpec.Windows.Servicing {
- // reapProcess takes the lock
- ctr.Unlock()
- defer ctr.Lock()
- exitCode := c.reapProcess(ctr, p)
- if exitCode != 0 {
- return -1, errors.Errorf("libcontainerd: servicing container %s returned non-zero exit code %d", ctr.id, exitCode)
- }
- return p.pid, nil
- }
- dio, err := newIOFromProcess(newProcess, ctr.ociSpec.Process.Terminal)
- if err != nil {
- logger.WithError(err).Error("failed to get stdio pipes")
- return -1, err
- }
- _, err = attachStdio(dio)
- if err != nil {
- logger.WithError(err).Error("failed to attache stdio")
- return -1, err
- }
- ctr.status = StatusRunning
- ctr.init = p
- // Spin up a go routine waiting for exit to handle cleanup
- go c.reapProcess(ctr, p)
- // Generate the associated event
- c.eventQ.append(id, func() {
- ei := EventInfo{
- ContainerID: id,
- ProcessID: InitProcessName,
- Pid: uint32(p.pid),
- }
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventStart,
- "event-info": ei,
- }).Info("sending event")
- err := c.backend.ProcessEvent(ei.ContainerID, EventStart, ei)
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": id,
- "event": EventStart,
- "event-info": ei,
- }).Error("failed to process event")
- }
- })
- logger.Debug("start() completed")
- return p.pid, nil
- }
- func newIOFromProcess(newProcess hcsshim.Process, terminal bool) (*cio.DirectIO, error) {
- stdin, stdout, stderr, err := newProcess.Stdio()
- if err != nil {
- return nil, err
- }
- dio := cio.NewDirectIO(createStdInCloser(stdin, newProcess), nil, nil, terminal)
- // Convert io.ReadClosers to io.Readers
- if stdout != nil {
- dio.Stdout = ioutil.NopCloser(&autoClosingReader{ReadCloser: stdout})
- }
- if stderr != nil {
- dio.Stderr = ioutil.NopCloser(&autoClosingReader{ReadCloser: stderr})
- }
- return dio, nil
- }
- // Exec adds a process in an running container
- func (c *client) Exec(ctx context.Context, containerID, processID string, spec *specs.Process, withStdin bool, attachStdio StdioCallback) (int, error) {
- ctr := c.getContainer(containerID)
- switch {
- case ctr == nil:
- return -1, errors.WithStack(newNotFoundError("no such container"))
- case ctr.hcsContainer == nil:
- return -1, errors.WithStack(newInvalidParameterError("container is not running"))
- case ctr.execs != nil && ctr.execs[processID] != nil:
- return -1, errors.WithStack(newConflictError("id already in use"))
- }
- logger := c.logger.WithFields(logrus.Fields{
- "container": containerID,
- "exec": processID,
- })
- // Note we always tell HCS to
- // create stdout as it's required regardless of '-i' or '-t' options, so that
- // docker can always grab the output through logs. We also tell HCS to always
- // create stdin, even if it's not used - it will be closed shortly. Stderr
- // is only created if it we're not -t.
- createProcessParms := hcsshim.ProcessConfig{
- CreateStdInPipe: true,
- CreateStdOutPipe: true,
- CreateStdErrPipe: !spec.Terminal,
- }
- if spec.Terminal {
- createProcessParms.EmulateConsole = true
- if spec.ConsoleSize != nil {
- createProcessParms.ConsoleSize[0] = uint(spec.ConsoleSize.Height)
- createProcessParms.ConsoleSize[1] = uint(spec.ConsoleSize.Width)
- }
- }
- // Take working directory from the process to add if it is defined,
- // otherwise take from the first process.
- if spec.Cwd != "" {
- createProcessParms.WorkingDirectory = spec.Cwd
- } else {
- createProcessParms.WorkingDirectory = ctr.ociSpec.Process.Cwd
- }
- // Configure the environment for the process
- createProcessParms.Environment = setupEnvironmentVariables(spec.Env)
- if ctr.isWindows {
- createProcessParms.CommandLine = strings.Join(spec.Args, " ")
- } else {
- createProcessParms.CommandArgs = spec.Args
- }
- createProcessParms.User = spec.User.Username
- logger.Debugf("exec commandLine: %s", createProcessParms.CommandLine)
- // Start the command running in the container.
- newProcess, err := ctr.hcsContainer.CreateProcess(&createProcessParms)
- if err != nil {
- logger.WithError(err).Errorf("exec's CreateProcess() failed")
- return -1, err
- }
- pid := newProcess.Pid()
- defer func() {
- if err != nil {
- if err := newProcess.Kill(); err != nil {
- logger.WithError(err).Error("failed to kill process")
- }
- go func() {
- if err := newProcess.Wait(); err != nil {
- logger.WithError(err).Error("failed to wait for process")
- }
- if err := newProcess.Close(); err != nil {
- logger.WithError(err).Error("failed to clean process resources")
- }
- }()
- }
- }()
- dio, err := newIOFromProcess(newProcess, spec.Terminal)
- if err != nil {
- logger.WithError(err).Error("failed to get stdio pipes")
- return -1, err
- }
- // Tell the engine to attach streams back to the client
- _, err = attachStdio(dio)
- if err != nil {
- return -1, err
- }
- p := &process{
- id: processID,
- pid: pid,
- hcsProcess: newProcess,
- }
- // Add the process to the container's list of processes
- ctr.Lock()
- ctr.execs[processID] = p
- ctr.Unlock()
- // Spin up a go routine waiting for exit to handle cleanup
- go c.reapProcess(ctr, p)
- c.eventQ.append(ctr.id, func() {
- ei := EventInfo{
- ContainerID: ctr.id,
- ProcessID: p.id,
- Pid: uint32(p.pid),
- }
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventExecAdded,
- "event-info": ei,
- }).Info("sending event")
- err := c.backend.ProcessEvent(ctr.id, EventExecAdded, ei)
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventExecAdded,
- "event-info": ei,
- }).Error("failed to process event")
- }
- err = c.backend.ProcessEvent(ctr.id, EventExecStarted, ei)
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventExecStarted,
- "event-info": ei,
- }).Error("failed to process event")
- }
- })
- return pid, nil
- }
- // Signal handles `docker stop` on Windows. While Linux has support for
- // the full range of signals, signals aren't really implemented on Windows.
- // We fake supporting regular stop and -9 to force kill.
- func (c *client) SignalProcess(_ context.Context, containerID, processID string, signal int) error {
- ctr, p, err := c.getProcess(containerID, processID)
- if err != nil {
- return err
- }
- ctr.manualStopRequested = true
- logger := c.logger.WithFields(logrus.Fields{
- "container": containerID,
- "process": processID,
- "pid": p.pid,
- "signal": signal,
- })
- logger.Debug("Signal()")
- if processID == InitProcessName {
- if syscall.Signal(signal) == syscall.SIGKILL {
- // Terminate the compute system
- if err := ctr.hcsContainer.Terminate(); err != nil {
- if !hcsshim.IsPending(err) {
- logger.WithError(err).Error("failed to terminate hccshim container")
- }
- }
- } else {
- // Shut down the container
- if err := ctr.hcsContainer.Shutdown(); err != nil {
- if !hcsshim.IsPending(err) && !hcsshim.IsAlreadyStopped(err) {
- // ignore errors
- logger.WithError(err).Error("failed to shutdown hccshim container")
- }
- }
- }
- } else {
- return p.hcsProcess.Kill()
- }
- return nil
- }
- // Resize handles a CLI event to resize an interactive docker run or docker
- // exec window.
- func (c *client) ResizeTerminal(_ context.Context, containerID, processID string, width, height int) error {
- _, p, err := c.getProcess(containerID, processID)
- if err != nil {
- return err
- }
- c.logger.WithFields(logrus.Fields{
- "container": containerID,
- "process": processID,
- "height": height,
- "width": width,
- "pid": p.pid,
- }).Debug("resizing")
- return p.hcsProcess.ResizeConsole(uint16(width), uint16(height))
- }
- func (c *client) CloseStdin(_ context.Context, containerID, processID string) error {
- _, p, err := c.getProcess(containerID, processID)
- if err != nil {
- return err
- }
- return p.hcsProcess.CloseStdin()
- }
- // Pause handles pause requests for containers
- func (c *client) Pause(_ context.Context, containerID string) error {
- ctr, _, err := c.getProcess(containerID, InitProcessName)
- if err != nil {
- return err
- }
- if ctr.ociSpec.Windows.HyperV == nil {
- return errors.New("cannot pause Windows Server Containers")
- }
- ctr.Lock()
- defer ctr.Unlock()
- if err = ctr.hcsContainer.Pause(); err != nil {
- return err
- }
- ctr.status = StatusPaused
- c.eventQ.append(containerID, func() {
- err := c.backend.ProcessEvent(containerID, EventPaused, EventInfo{
- ContainerID: containerID,
- ProcessID: InitProcessName,
- })
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventPaused,
- }).Info("sending event")
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": containerID,
- "event": EventPaused,
- }).Error("failed to process event")
- }
- })
- return nil
- }
- // Resume handles resume requests for containers
- func (c *client) Resume(_ context.Context, containerID string) error {
- ctr, _, err := c.getProcess(containerID, InitProcessName)
- if err != nil {
- return err
- }
- if ctr.ociSpec.Windows.HyperV == nil {
- return errors.New("cannot resume Windows Server Containers")
- }
- ctr.Lock()
- defer ctr.Unlock()
- if err = ctr.hcsContainer.Resume(); err != nil {
- return err
- }
- ctr.status = StatusRunning
- c.eventQ.append(containerID, func() {
- err := c.backend.ProcessEvent(containerID, EventResumed, EventInfo{
- ContainerID: containerID,
- ProcessID: InitProcessName,
- })
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventResumed,
- }).Info("sending event")
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": containerID,
- "event": EventResumed,
- }).Error("failed to process event")
- }
- })
- return nil
- }
- // Stats handles stats requests for containers
- func (c *client) Stats(_ context.Context, containerID string) (*Stats, error) {
- ctr, _, err := c.getProcess(containerID, InitProcessName)
- if err != nil {
- return nil, err
- }
- readAt := time.Now()
- s, err := ctr.hcsContainer.Statistics()
- if err != nil {
- return nil, err
- }
- return &Stats{
- Read: readAt,
- HCSStats: &s,
- }, nil
- }
- // Restore is the handler for restoring a container
- func (c *client) Restore(ctx context.Context, id string, attachStdio StdioCallback) (bool, int, error) {
- c.logger.WithField("container", id).Debug("restore()")
- // TODO Windows: On RS1, a re-attach isn't possible.
- // However, there is a scenario in which there is an issue.
- // Consider a background container. The daemon dies unexpectedly.
- // HCS will still have the compute service alive and running.
- // For consistence, we call in to shoot it regardless if HCS knows about it
- // We explicitly just log a warning if the terminate fails.
- // Then we tell the backend the container exited.
- if hc, err := hcsshim.OpenContainer(id); err == nil {
- const terminateTimeout = time.Minute * 2
- err := hc.Terminate()
- if hcsshim.IsPending(err) {
- err = hc.WaitTimeout(terminateTimeout)
- } else if hcsshim.IsAlreadyStopped(err) {
- err = nil
- }
- if err != nil {
- c.logger.WithField("container", id).WithError(err).Debug("terminate failed on restore")
- return false, -1, err
- }
- }
- return false, -1, nil
- }
- // GetPidsForContainer returns a list of process IDs running in a container.
- // Not used on Windows.
- func (c *client) ListPids(_ context.Context, _ string) ([]uint32, error) {
- return nil, errors.New("not implemented on Windows")
- }
- // Summary returns a summary of the processes running in a container.
- // This is present in Windows to support docker top. In linux, the
- // engine shells out to ps to get process information. On Windows, as
- // the containers could be Hyper-V containers, they would not be
- // visible on the container host. However, libcontainerd does have
- // that information.
- func (c *client) Summary(_ context.Context, containerID string) ([]Summary, error) {
- ctr, _, err := c.getProcess(containerID, InitProcessName)
- if err != nil {
- return nil, err
- }
- p, err := ctr.hcsContainer.ProcessList()
- if err != nil {
- return nil, err
- }
- pl := make([]Summary, len(p))
- for i := range p {
- pl[i] = Summary(p[i])
- }
- return pl, nil
- }
- func (c *client) DeleteTask(ctx context.Context, containerID string) (uint32, time.Time, error) {
- ec := -1
- ctr := c.getContainer(containerID)
- if ctr == nil {
- return uint32(ec), time.Now(), errors.WithStack(newNotFoundError("no such container"))
- }
- select {
- case <-ctx.Done():
- return uint32(ec), time.Now(), errors.WithStack(ctx.Err())
- case <-ctr.waitCh:
- default:
- return uint32(ec), time.Now(), errors.New("container is not stopped")
- }
- ctr.Lock()
- defer ctr.Unlock()
- return ctr.exitCode, ctr.exitedAt, nil
- }
- func (c *client) Delete(_ context.Context, containerID string) error {
- c.Lock()
- defer c.Unlock()
- ctr := c.containers[containerID]
- if ctr == nil {
- return errors.WithStack(newNotFoundError("no such container"))
- }
- ctr.Lock()
- defer ctr.Unlock()
- switch ctr.status {
- case StatusCreated:
- if err := c.shutdownContainer(ctr); err != nil {
- return err
- }
- fallthrough
- case StatusStopped:
- delete(c.containers, containerID)
- return nil
- }
- return errors.WithStack(newInvalidParameterError("container is not stopped"))
- }
- func (c *client) Status(ctx context.Context, containerID string) (Status, error) {
- c.Lock()
- defer c.Unlock()
- ctr := c.containers[containerID]
- if ctr == nil {
- return StatusUnknown, errors.WithStack(newNotFoundError("no such container"))
- }
- ctr.Lock()
- defer ctr.Unlock()
- return ctr.status, nil
- }
- func (c *client) UpdateResources(ctx context.Context, containerID string, resources *Resources) error {
- // Updating resource isn't supported on Windows
- // but we should return nil for enabling updating container
- return nil
- }
- func (c *client) CreateCheckpoint(ctx context.Context, containerID, checkpointDir string, exit bool) error {
- return errors.New("Windows: Containers do not support checkpoints")
- }
- func (c *client) getContainer(id string) *container {
- c.Lock()
- ctr := c.containers[id]
- c.Unlock()
- return ctr
- }
- func (c *client) getProcess(containerID, processID string) (*container, *process, error) {
- ctr := c.getContainer(containerID)
- switch {
- case ctr == nil:
- return nil, nil, errors.WithStack(newNotFoundError("no such container"))
- case ctr.init == nil:
- return nil, nil, errors.WithStack(newNotFoundError("container is not running"))
- case processID == InitProcessName:
- return ctr, ctr.init, nil
- default:
- ctr.Lock()
- defer ctr.Unlock()
- if ctr.execs == nil {
- return nil, nil, errors.WithStack(newNotFoundError("no execs"))
- }
- }
- p := ctr.execs[processID]
- if p == nil {
- return nil, nil, errors.WithStack(newNotFoundError("no such exec"))
- }
- return ctr, p, nil
- }
- func (c *client) shutdownContainer(ctr *container) error {
- const shutdownTimeout = time.Minute * 5
- err := ctr.hcsContainer.Shutdown()
- if hcsshim.IsPending(err) {
- err = ctr.hcsContainer.WaitTimeout(shutdownTimeout)
- } else if hcsshim.IsAlreadyStopped(err) {
- err = nil
- }
- if err != nil {
- c.logger.WithError(err).WithField("container", ctr.id).
- Debug("failed to shutdown container, terminating it")
- return c.terminateContainer(ctr)
- }
- return nil
- }
- func (c *client) terminateContainer(ctr *container) error {
- const terminateTimeout = time.Minute * 5
- err := ctr.hcsContainer.Terminate()
- if hcsshim.IsPending(err) {
- err = ctr.hcsContainer.WaitTimeout(terminateTimeout)
- } else if hcsshim.IsAlreadyStopped(err) {
- err = nil
- }
- if err != nil {
- c.logger.WithError(err).WithField("container", ctr.id).
- Debug("failed to terminate container")
- return err
- }
- return nil
- }
- func (c *client) reapProcess(ctr *container, p *process) int {
- logger := c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "process": p.id,
- })
- // Block indefinitely for the process to exit.
- if err := p.hcsProcess.Wait(); err != nil {
- if herr, ok := err.(*hcsshim.ProcessError); ok && herr.Err != windows.ERROR_BROKEN_PIPE {
- logger.WithError(err).Warnf("Wait() failed (container may have been killed)")
- }
- // Fall through here, do not return. This ensures we attempt to
- // continue the shutdown in HCS and tell the docker engine that the
- // process/container has exited to avoid a container being dropped on
- // the floor.
- }
- exitedAt := time.Now()
- exitCode, err := p.hcsProcess.ExitCode()
- if err != nil {
- if herr, ok := err.(*hcsshim.ProcessError); ok && herr.Err != windows.ERROR_BROKEN_PIPE {
- logger.WithError(err).Warnf("unable to get exit code for process")
- }
- // Since we got an error retrieving the exit code, make sure that the
- // code we return doesn't incorrectly indicate success.
- exitCode = -1
- // Fall through here, do not return. This ensures we attempt to
- // continue the shutdown in HCS and tell the docker engine that the
- // process/container has exited to avoid a container being dropped on
- // the floor.
- }
- if err := p.hcsProcess.Close(); err != nil {
- logger.WithError(err).Warnf("failed to cleanup hcs process resources")
- }
- var pendingUpdates bool
- if p.id == InitProcessName {
- // Update container status
- ctr.Lock()
- ctr.status = StatusStopped
- ctr.exitedAt = exitedAt
- ctr.exitCode = uint32(exitCode)
- close(ctr.waitCh)
- ctr.Unlock()
- // Handle any servicing
- if exitCode == 0 && ctr.isWindows && !ctr.ociSpec.Windows.Servicing {
- pendingUpdates, err = ctr.hcsContainer.HasPendingUpdates()
- logger.Infof("Pending updates: %v", pendingUpdates)
- if err != nil {
- logger.WithError(err).
- Warnf("failed to check for pending updates (container may have been killed)")
- }
- }
- if err := c.shutdownContainer(ctr); err != nil {
- logger.WithError(err).Warn("failed to shutdown container")
- } else {
- logger.Debug("completed container shutdown")
- }
- if err := ctr.hcsContainer.Close(); err != nil {
- logger.WithError(err).Error("failed to clean hcs container resources")
- }
- }
- if !(ctr.isWindows && ctr.ociSpec.Windows.Servicing) {
- c.eventQ.append(ctr.id, func() {
- ei := EventInfo{
- ContainerID: ctr.id,
- ProcessID: p.id,
- Pid: uint32(p.pid),
- ExitCode: uint32(exitCode),
- ExitedAt: exitedAt,
- UpdatePending: pendingUpdates,
- }
- c.logger.WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventExit,
- "event-info": ei,
- }).Info("sending event")
- err := c.backend.ProcessEvent(ctr.id, EventExit, ei)
- if err != nil {
- c.logger.WithError(err).WithFields(logrus.Fields{
- "container": ctr.id,
- "event": EventExit,
- "event-info": ei,
- }).Error("failed to process event")
- }
- if p.id != InitProcessName {
- ctr.Lock()
- delete(ctr.execs, p.id)
- ctr.Unlock()
- }
- })
- }
- return exitCode
- }
|