daemon: allow tmpfs to trump over VOLUME(s)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2016-06-06 11:57:11 +02:00
parent 73169da9db
commit 756f6cef4a
5 changed files with 32 additions and 4 deletions

View file

@ -54,7 +54,8 @@ func (container *Container) UnmountVolumes(forceSyscall bool, volumeEventLog fun
// TmpfsMounts returns the list of tmpfs mounts
func (container *Container) TmpfsMounts() []Mount {
return nil
var mounts []Mount
return mounts
}
// UpdateContainer updates configuration of a container

View file

@ -480,9 +480,10 @@ func setMounts(daemon *Daemon, s *specs.Spec, c *container.Container, mounts []c
}
if m.Source == "tmpfs" {
data := c.HostConfig.Tmpfs[m.Destination]
options := []string{"noexec", "nosuid", "nodev", volume.DefaultPropagationMode}
if m.Data != "" {
options = append(options, strings.Split(m.Data, ",")...)
if data != "" {
options = append(options, strings.Split(data, ",")...)
}
merged, err := mount.MergeTmpfsOptions(options)

View file

@ -129,7 +129,8 @@ func (daemon *Daemon) registerMountPoints(container *container.Container, hostCo
return err
}
if binds[bind.Destination] {
_, tmpfsExists := hostConfig.Tmpfs[bind.Destination]
if binds[bind.Destination] || tmpfsExists {
return fmt.Errorf("Duplicate mount point '%s'", bind.Destination)
}

View file

@ -16,7 +16,15 @@ import (
// /etc/resolv.conf, and if it is not, appends it to the array of mounts.
func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
var mounts []container.Mount
// TODO: tmpfs mounts should be part of Mountpoints
tmpfsMounts := make(map[string]bool)
for _, m := range c.TmpfsMounts() {
tmpfsMounts[m.Destination] = true
}
for _, m := range c.MountPoints {
if tmpfsMounts[m.Destination] {
continue
}
if err := daemon.lazyInitializeVolume(c.ID, m); err != nil {
return nil, err
}

View file

@ -829,6 +829,23 @@ func (s *DockerSuite) TestRunTmpfsMounts(c *check.C) {
}
}
func (s *DockerSuite) TestRunTmpfsMountsOverrideImageVolumes(c *check.C) {
name := "img-with-volumes"
_, err := buildImage(
name,
`
FROM busybox
VOLUME /run
RUN touch /run/stuff
`,
true)
if err != nil {
c.Fatal(err)
}
out, _ := dockerCmd(c, "run", "--tmpfs", "/run", name, "ls", "/run")
c.Assert(out, checker.Not(checker.Contains), "stuff")
}
// Test case for #22420
func (s *DockerSuite) TestRunTmpfsMountsWithOptions(c *check.C) {
testRequires(c, DaemonIsLinux)