Moved restore code out of create and made to be called after create.

Docker expects containers to be created before they are restored. However, gVisor restoring requires specificactions regarding the kernel and the file system. These actions were originally in booting the sandbox. Now setting up the file system is deferred until a call to a call to runsc start. In the restore case, the kernel is destroyed and a new kernel is created in the same process, as we need the same process for Docker. These changes required careful execution of concurrent processes which required the use of a channel. Full docker integration still needs the ability to restore into the same container. PiperOrigin-RevId: 205161441 Change-Id: Ie1d2304ead7e06855319d5dc310678f701bd099f
author: Justine Olshan <justineolshan@google.com> 2018-07-18 16:57:29 -0700
committer: Shentubot <shentubot@google.com> 2018-07-18 16:58:30 -0700
commit: c05660373e8bda36ddf5181220c76f4327f2abc6 (patch)
tree: 019da46831903e23e9a2283e127835659dcadbfb /runsc/cmd
parent: e5d8f99c6071c09aa7bca4e79d28b26f95dc7716 (diff)
4 files changed, 12 insertions, 14 deletions
diff --git a/runsc/cmd/boot.go b/runsc/cmd/boot.go
index 70c4616b4..4e08dafc8 100644
--- a/runsc/cmd/boot.go
+++ b/runsc/cmd/boot.go
@@ -49,9 +49,6 @@ type Boot struct {
 	// applyCaps determines if capabilities defined in the spec should be applied
 	// to the process.
 	applyCaps bool
-
-	// restoreFD is the file descriptor to the state file to be restored.
-	restoreFD int
 }
 
 // Name implements subcommands.Command.Name.
@@ -76,7 +73,6 @@ func (b *Boot) SetFlags(f *flag.FlagSet) {
 	f.Var(&b.ioFDs, "io-fds", "list of FDs to connect 9P clients. They must follow this order: root first, then mounts as defined in the spec")
 	f.BoolVar(&b.console, "console", false, "set to true if the sandbox should allow terminal ioctl(2) syscalls")
 	f.BoolVar(&b.applyCaps, "apply-caps", false, "if true, apply capabilities defined in the spec to the process")
-	f.IntVar(&b.restoreFD, "restore-fd", -1, "FD of the state file to be restored")
 }
 
 // Execute implements subcommands.Command.Execute.  It starts a sandbox in a
@@ -142,11 +138,14 @@ func (b *Boot) Execute(_ context.Context, f *flag.FlagSet, args ...interface{})
 	}
 
 	// Create the loader.
-	l, err := boot.New(spec, conf, b.controllerFD, b.restoreFD, b.ioFDs.GetArray(), b.console)
+	l, err := boot.New(spec, conf, b.controllerFD, b.ioFDs.GetArray(), b.console)
 	if err != nil {
 		Fatalf("error creating loader: %v", err)
 	}
 
+	// Notify other processes the loader has been created.
+	l.NotifyLoaderCreated()
+
 	// Wait for the start signal from runsc.
 	l.WaitForStartSignal()
 
diff --git a/runsc/cmd/checkpoint.go b/runsc/cmd/checkpoint.go
index 94efc3517..05014ba3d 100644
--- a/runsc/cmd/checkpoint.go
+++ b/runsc/cmd/checkpoint.go
@@ -133,12 +133,12 @@ func (c *Checkpoint) Execute(_ context.Context, f *flag.FlagSet, args ...interfa
 		Fatalf("error destroying container: %v", err)
 	}
 
-	cont, err = container.Create(id, spec, conf, bundleDir, "", "", fullImagePath)
+	cont, err = container.Create(id, spec, conf, bundleDir, "", "")
 	if err != nil {
 		Fatalf("error restoring container: %v", err)
 	}
 
-	if err := cont.Start(conf); err != nil {
+	if err := cont.Restore(spec, conf, fullImagePath); err != nil {
 		Fatalf("error starting container: %v", err)
 	}
 
diff --git a/runsc/cmd/create.go b/runsc/cmd/create.go
index 5a887c73c..94a889077 100644
--- a/runsc/cmd/create.go
+++ b/runsc/cmd/create.go
@@ -87,7 +87,7 @@ func (c *Create) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}
 	// Create the container. A new sandbox will be created for the
 	// container unless the metadata specifies that it should be run in an
 	// existing container.
-	if _, err := container.Create(id, spec, conf, bundleDir, c.consoleSocket, c.pidFile, ""); err != nil {
+	if _, err := container.Create(id, spec, conf, bundleDir, c.consoleSocket, c.pidFile); err != nil {
 		Fatalf("error creating container: %v", err)
 	}
 	return subcommands.ExitSuccess
diff --git a/runsc/cmd/restore.go b/runsc/cmd/restore.go
index 69cdb35c1..6dc044672 100644
--- a/runsc/cmd/restore.go
+++ b/runsc/cmd/restore.go
@@ -94,16 +94,15 @@ func (r *Restore) Execute(_ context.Context, f *flag.FlagSet, args ...interface{
 
 	restoreFile := filepath.Join(r.imagePath, checkpointFileName)
 
-	cont, err := container.Create(id, spec, conf, bundleDir, r.consoleSocket, r.pidFile, restoreFile)
+	c, err := container.Load(conf.RootDir, id)
 	if err != nil {
-		Fatalf("error restoring container: %v", err)
+		Fatalf("error loading container: %v", err)
 	}
-
-	if err := cont.Start(conf); err != nil {
-		Fatalf("error starting container: %v", err)
+	if err := c.Restore(spec, conf, restoreFile); err != nil {
+		Fatalf("error restoring container: %v", err)
 	}
 
-	ws, err := cont.Wait()
+	ws, err := c.Wait()
 	if err != nil {
 		Fatalf("error running container: %v", err)
 	}
author	Justine Olshan <justineolshan@google.com>	2018-07-18 16:57:29 -0700
committer	Shentubot <shentubot@google.com>	2018-07-18 16:58:30 -0700
commit	c05660373e8bda36ddf5181220c76f4327f2abc6 (patch)
tree	019da46831903e23e9a2283e127835659dcadbfb /runsc/cmd
parent	e5d8f99c6071c09aa7bca4e79d28b26f95dc7716 (diff)