diff options
| author | Nicolas Lacasse <nlacasse@google.com> | 2018-05-17 11:54:36 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-05-17 11:55:28 -0700 |
| commit | 31386185fe7c2079ee412a411e536a5bf9e9eb25 (patch) | |
| tree | b74f2fa66e0b95b705b27f2e335910091961bcd6 /runsc/boot/loader.go | |
| parent | 8e1deb2ab8fb67da9a1f6521e31c5635ac587e71 (diff) | |
Push signal-delivery and wait into the sandbox.
This is another step towards multi-container support.
Previously, we delivered signals directly to the sandbox process (which then
forwarded the signal to PID 1 inside the sandbox). Similarly, we waited on a
container by waiting on the sandbox process itself. This approach will not work
when there are multiple containers inside the sandbox, and we need to
signal/wait on individual containers.
This CL adds two new messages, ContainerSignal and ContainerWait. These
messages include the id of the container to signal/wait. The controller inside
the sandbox receives these messages and signals/waits on the appropriate
process inside the sandbox.
The container id is plumbed into the sandbox, but it currently is not used. We
still end up signaling/waiting on PID 1 in all cases. Once we actually have
multiple containers inside the sandbox, we will need to keep some sort of map
of container id -> pid (or possibly pid namespace), and signal/kill the
appropriate process for the container.
PiperOrigin-RevId: 197028366
Change-Id: I07b4d5dc91ecd2affc1447e6b4bdd6b0b7360895
Diffstat (limited to 'runsc/boot/loader.go')
| -rw-r--r-- | runsc/boot/loader.go | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go index 34a25241f..0ff54d349 100644 --- a/runsc/boot/loader.go +++ b/runsc/boot/loader.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -// Package boot loads the kernel and runs the application. +// Package boot loads the kernel and runs a container.. package boot import ( @@ -57,7 +57,7 @@ import ( _ "gvisor.googlesource.com/gvisor/pkg/sentry/socket/unix" ) -// Loader keeps state needed to start the kernel and run the application. +// Loader keeps state needed to start the kernel and run the container.. type Loader struct { // k is the kernel. k *kernel.Kernel @@ -73,10 +73,10 @@ type Loader struct { watchdog *watchdog.Watchdog // stopSignalForwarding disables forwarding of signals to the sandboxed - // app. It should be called when a sandbox is destroyed. + // container. It should be called when a sandbox is destroyed. stopSignalForwarding func() - // procArgs refers to the initial application task. + // procArgs refers to the root container task. procArgs kernel.CreateProcessArgs } @@ -283,10 +283,10 @@ func createPlatform(conf *Config) (platform.Platform, error) { } } -// Run runs the application. +// Run runs the root container.. func (l *Loader) Run() error { err := l.run() - l.ctrl.app.startResultChan <- err + l.ctrl.manager.startResultChan <- err if err != nil { // Give the controller some time to send the error to the // runtime. If we return too quickly here the process will exit @@ -321,7 +321,7 @@ func (l *Loader) run() error { } } - // Create the initial application task. + // Create the root container init task. if _, err := l.k.CreateProcess(l.procArgs); err != nil { return fmt.Errorf("failed to create init process: %v", err) } @@ -335,13 +335,12 @@ func (l *Loader) run() error { // WaitForStartSignal waits for a start signal from the control server. func (l *Loader) WaitForStartSignal() { - <-l.ctrl.app.startChan + <-l.ctrl.manager.startChan } -// WaitExit waits for the application to exit, and returns the application's -// exit status. +// WaitExit waits for the root container to exit, and returns its exit status. func (l *Loader) WaitExit() kernel.ExitStatus { - // Wait for application. + // Wait for container. l.k.WaitExited() return l.k.GlobalInit().ExitStatus() |