moby/daemon/start_unix.go

//go:build !windows

package daemon // import "github.com/docker/docker/daemon"

import (
	"github.com/docker/docker/container"
)

// getLibcontainerdCreateOptions callers must hold a lock on the container
func (daemon *Daemon) getLibcontainerdCreateOptions(daemonCfg *configStore, container *container.Container) (string, interface{}, error) {
	// Ensure a runtime has been assigned to this container
	if container.HostConfig.Runtime == "" {
		container.HostConfig.Runtime = daemonCfg.Runtimes.Default
		container.CheckpointTo(daemon.containersReplica)
	}

	shim, opts, err := daemonCfg.Runtimes.Get(container.HostConfig.Runtime)
	if err != nil {
		return "", nil, setExitCodeFromError(container.SetExitCode, err)
	}

	return shim, opts, nil
}
Update to Go 1.17.0, and gofmt with Go 1.17 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-23 13:14:53 +00:00			`//go:build !windows`
Add functional support for Docker sub commands on Solaris Signed-off-by: Amit Krishnan <krish.amit@gmail.com> Signed-off-by: Alexander Morozov <lk4d4@docker.com> 2016-06-07 07:45:21 +00:00
Add canonical import comment Signed-off-by: Daniel Nephin <dnephin@docker.com> 2018-02-05 21:05:59 +00:00			`package daemon // import "github.com/docker/docker/daemon"`
Add support for multiples runtimes Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2016-05-23 21:49:50 +00:00
			`import (`
			`"github.com/docker/docker/container"`
			`)`

Update libcontainerd to use containerd 1.0 Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2017-09-22 13:52:41 +00:00			`// getLibcontainerdCreateOptions callers must hold a lock on the container`
daemon: reload runtimes w/o breaking containers The existing runtimes reload logic went to great lengths to replace the directory containing runtime wrapper scripts as atomically as possible within the limitations of the Linux filesystem ABI. Trouble is, atomically swapping the wrapper scripts directory solves the wrong problem! The runtime configuration is "locked in" when a container is started, including the path to the runC binary. If a container is started with a runtime which requires a daemon-managed wrapper script and then the daemon is reloaded with a config which no longer requires the wrapper script (i.e. some args -> no args, or the runtime is dropped from the config), that container would become unmanageable. Any attempts to stop, exec or otherwise perform lifecycle management operations on the container are likely to fail due to the wrapper script no longer existing at its original path. Atomically swapping the wrapper scripts is also incompatible with the read-copy-update paradigm for reloading configuration. A handler in the daemon could retain a reference to the pre-reload configuration for an indeterminate amount of time after the daemon configuration has been reloaded and updated. It is possible for the daemon to attempt to start a container using a deleted wrapper script if a request to run a container races a reload. Solve the problem of deleting referenced wrapper scripts by ensuring that all wrapper scripts are immutable for the lifetime of the daemon process. Any given runtime wrapper script must always exist with the same contents, no matter how many times the daemon config is reloaded, or what changes are made to the config. This is accomplished by using everyone's favourite design pattern: content-addressable storage. Each wrapper script file name is suffixed with the SHA-256 digest of its contents to (probabilistically) guarantee immutability without needing any concurrency control. Stale runtime wrapper scripts are only cleaned up on the next daemon restart. Split the derived runtimes configuration from the user-supplied configuration to have a place to store derived state without mutating the user-supplied configuration or exposing daemon internals in API struct types. Hold the derived state and the user-supplied configuration in a single struct value so that they can be updated as an atomic unit. Signed-off-by: Cory Snider <csnider@mirantis.com> 2022-08-31 20:12:30 +00:00			`func (daemon Daemon) getLibcontainerdCreateOptions(daemonCfg configStore, container *container.Container) (string, interface{}, error) {`
Fix missing container runtime on upgrade Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2016-06-20 18:21:01 +00:00			`// Ensure a runtime has been assigned to this container`
			`if container.HostConfig.Runtime == "" {`
daemon: consolidate runtimes config validation The daemon has made a habit of mutating the DefaultRuntime and Runtimes values in the Config struct to merge defaults. This would be fine if it was a part of the regular configuration loading and merging process, as is done with other config options. The trouble is it does so in surprising places, such as in functions with 'verify' or 'validate' in their name. It has been necessary in order to validate that the user has not defined a custom runtime named "runc" which would shadow the built-in runtime of the same name. Other daemon code depends on the runtime named "runc" always being defined in the config, but merging it with the user config at the same time as the other defaults are merged would trip the validation. The root of the issue is that the daemon has used the same config values for both validating the daemon runtime configuration as supplied by the user and for keeping track of which runtimes have been set up by the daemon. Now that a completely separate value is used for the latter purpose, surprising contortions are no longer required to make the validation work as intended. Consolidate the validation of the runtimes config and merging of the built-in runtimes into the daemon.setupRuntimes() function. Set the result of merging the built-in runtimes config and default default runtime on the returned runtimes struct, without back-propagating it onto the config.Config argument. Signed-off-by: Cory Snider <csnider@mirantis.com> 2022-08-31 21:24:22 +00:00			`container.HostConfig.Runtime = daemonCfg.Runtimes.Default`
save deep copies of Container in the replica store Reuse existing structures and rely on json serialization to deep copy Container objects. Also consolidate all "save" operations on container.CheckpointTo, which now both saves a serialized json to disk, and replicates state to the ACID in-memory store. Signed-off-by: Fabio Kung <fabio.kung@gmail.com> 2017-03-27 17:18:53 +00:00			`container.CheckpointTo(daemon.containersReplica)`
Fix missing container runtime on upgrade Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2016-06-20 18:21:01 +00:00			`}`

daemon: reload runtimes w/o breaking containers The existing runtimes reload logic went to great lengths to replace the directory containing runtime wrapper scripts as atomically as possible within the limitations of the Linux filesystem ABI. Trouble is, atomically swapping the wrapper scripts directory solves the wrong problem! The runtime configuration is "locked in" when a container is started, including the path to the runC binary. If a container is started with a runtime which requires a daemon-managed wrapper script and then the daemon is reloaded with a config which no longer requires the wrapper script (i.e. some args -> no args, or the runtime is dropped from the config), that container would become unmanageable. Any attempts to stop, exec or otherwise perform lifecycle management operations on the container are likely to fail due to the wrapper script no longer existing at its original path. Atomically swapping the wrapper scripts is also incompatible with the read-copy-update paradigm for reloading configuration. A handler in the daemon could retain a reference to the pre-reload configuration for an indeterminate amount of time after the daemon configuration has been reloaded and updated. It is possible for the daemon to attempt to start a container using a deleted wrapper script if a request to run a container races a reload. Solve the problem of deleting referenced wrapper scripts by ensuring that all wrapper scripts are immutable for the lifetime of the daemon process. Any given runtime wrapper script must always exist with the same contents, no matter how many times the daemon config is reloaded, or what changes are made to the config. This is accomplished by using everyone's favourite design pattern: content-addressable storage. Each wrapper script file name is suffixed with the SHA-256 digest of its contents to (probabilistically) guarantee immutability without needing any concurrency control. Stale runtime wrapper scripts are only cleaned up on the next daemon restart. Split the derived runtimes configuration from the user-supplied configuration to have a place to store derived state without mutating the user-supplied configuration or exposing daemon internals in API struct types. Hold the derived state and the user-supplied configuration in a single struct value so that they can be updated as an atomic unit. Signed-off-by: Cory Snider <csnider@mirantis.com> 2022-08-31 20:12:30 +00:00			`shim, opts, err := daemonCfg.Runtimes.Get(container.HostConfig.Runtime)`
Add shim config for custom runtimes for plugins This fixes a panic when an admin specifies a custom default runtime, when a plugin is started the shim config is nil. Signed-off-by: Brian Goff <cpuguy83@gmail.com> 2021-01-04 19:43:19 +00:00			`if err != nil {`
daemon: translateContainerdStartErr(): rename to setExitCodeFromError() This should hopefully make it slightly clearer what it does. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-08-24 10:44:05 +00:00			`return "", nil, setExitCodeFromError(container.SetExitCode, err)`
daemon: ensure systemd cgroup is passed down to runtimes Signed-off-by: Antonio Murdaca <runcom@redhat.com> 2016-08-26 13:33:26 +00:00			`}`
Add support for multiples runtimes Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2016-05-23 21:49:50 +00:00
daemon: reload runtimes w/o breaking containers The existing runtimes reload logic went to great lengths to replace the directory containing runtime wrapper scripts as atomically as possible within the limitations of the Linux filesystem ABI. Trouble is, atomically swapping the wrapper scripts directory solves the wrong problem! The runtime configuration is "locked in" when a container is started, including the path to the runC binary. If a container is started with a runtime which requires a daemon-managed wrapper script and then the daemon is reloaded with a config which no longer requires the wrapper script (i.e. some args -> no args, or the runtime is dropped from the config), that container would become unmanageable. Any attempts to stop, exec or otherwise perform lifecycle management operations on the container are likely to fail due to the wrapper script no longer existing at its original path. Atomically swapping the wrapper scripts is also incompatible with the read-copy-update paradigm for reloading configuration. A handler in the daemon could retain a reference to the pre-reload configuration for an indeterminate amount of time after the daemon configuration has been reloaded and updated. It is possible for the daemon to attempt to start a container using a deleted wrapper script if a request to run a container races a reload. Solve the problem of deleting referenced wrapper scripts by ensuring that all wrapper scripts are immutable for the lifetime of the daemon process. Any given runtime wrapper script must always exist with the same contents, no matter how many times the daemon config is reloaded, or what changes are made to the config. This is accomplished by using everyone's favourite design pattern: content-addressable storage. Each wrapper script file name is suffixed with the SHA-256 digest of its contents to (probabilistically) guarantee immutability without needing any concurrency control. Stale runtime wrapper scripts are only cleaned up on the next daemon restart. Split the derived runtimes configuration from the user-supplied configuration to have a place to store derived state without mutating the user-supplied configuration or exposing daemon internals in API struct types. Hold the derived state and the user-supplied configuration in a single struct value so that they can be updated as an atomic unit. Signed-off-by: Cory Snider <csnider@mirantis.com> 2022-08-31 20:12:30 +00:00			`return shim, opts, nil`
Add support for multiples runtimes Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com> 2016-05-23 21:49:50 +00:00			`}`