moby/daemon/start_unix.go
Akihiro Suda 612343618d cgroup2: use shim V2
* Requires containerd binaries from containerd/containerd#3799 . Metrics are unimplemented yet.
* Works with crun v0.10.4, but `--security-opt seccomp=unconfined` is needed unless using master version of libseccomp
  ( containers/crun#156, seccomp/libseccomp#177 )
* Doesn't work with master runc yet
* Resource limitations are unimplemented

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-01-01 02:58:40 +09:00

72 lines
2 KiB
Go

// +build !windows
package daemon // import "github.com/docker/docker/daemon"
import (
"fmt"
"os/exec"
"path/filepath"
"github.com/containerd/containerd/runtime/linux/runctypes"
v2runcoptions "github.com/containerd/containerd/runtime/v2/runc/options"
"github.com/docker/docker/container"
"github.com/docker/docker/errdefs"
"github.com/pkg/errors"
)
func (daemon *Daemon) getRuntimeScript(container *container.Container) (string, error) {
name := container.HostConfig.Runtime
rt := daemon.configStore.GetRuntime(name)
if rt == nil {
return "", errdefs.InvalidParameter(errors.Errorf("no such runtime '%s'", name))
}
if len(rt.Args) > 0 {
// First check that the target exist, as using it in a script won't
// give us the right error
if _, err := exec.LookPath(rt.Path); err != nil {
return "", translateContainerdStartErr(container.Path, container.SetExitCode, err)
}
return filepath.Join(daemon.configStore.Root, "runtimes", name), nil
}
return rt.Path, nil
}
// getLibcontainerdCreateOptions callers must hold a lock on the container
func (daemon *Daemon) getLibcontainerdCreateOptions(container *container.Container) (interface{}, error) {
// Ensure a runtime has been assigned to this container
if container.HostConfig.Runtime == "" {
container.HostConfig.Runtime = daemon.configStore.GetDefaultRuntimeName()
container.CheckpointTo(daemon.containersReplica)
}
path, err := daemon.getRuntimeScript(container)
if err != nil {
return nil, err
}
if daemon.useShimV2() {
opts := &v2runcoptions.Options{
BinaryName: path,
Root: filepath.Join(daemon.configStore.ExecRoot,
fmt.Sprintf("runtime-%s", container.HostConfig.Runtime)),
}
if UsingSystemd(daemon.configStore) {
opts.SystemdCgroup = true
}
return opts, nil
}
opts := &runctypes.RuncOptions{
Runtime: path,
RuntimeRoot: filepath.Join(daemon.configStore.ExecRoot,
fmt.Sprintf("runtime-%s", container.HostConfig.Runtime)),
}
if UsingSystemd(daemon.configStore) {
opts.SystemdCgroup = true
}
return opts, nil
}