runsc fsgofer: Support dynamic serving of filesystems.

When multiple containers run inside a sentry, each container has its own root filesystem and set of mounts. Containers are also added after sentry boot rather than all configured and known at boot time. The fsgofer needs to be able to serve the root filesystem of each container. Thus, it must be possible to add filesystems after the fsgofer has already started. This change: * Creates a URPC endpoint within the gofer process that listens for requests to serve new content. * Enables the sentry, when starting a new container, to add the new container's filesystem. * Mounts those new filesystems at separate roots within the sentry. PiperOrigin-RevId: 208903248 Change-Id: Ifa91ec9c8caf5f2f0a9eead83c4a57090ce92068
author: Kevin Krakauer <krakauer@google.com> 2018-08-15 16:24:07 -0700
committer: Shentubot <shentubot@google.com> 2018-08-15 16:25:22 -0700
commit: 635b0c45933cd841298b0c21a513a9169e849594 (patch)
tree: 058bae2ead9f7f182baaf3491580b5a419cb6c94 /runsc/container/container.go
parent: 2033f61aae6ff1b3e613d7bb9e9da273791a5176 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/runsc/container/container.go b/runsc/container/container.go
index 574075b00..da2ce0d25 100644
--- a/runsc/container/container.go
+++ b/runsc/container/container.go
@@ -249,6 +249,13 @@ func Create(id string, spec *specs.Spec, conf *boot.Config, bundleDir, consoleSo
 			return nil, err
 		}
 		c.Sandbox = sb.Sandbox
+
+		// Prepare the gofer to serve the container's filesystem.
+		err = sb.Sandbox.CreateChild(c.ID, bundleDir)
+		if err != nil {
+			c.Destroy()
+			return nil, err
+		}
 	}
 	c.Status = Created
author	Kevin Krakauer <krakauer@google.com>	2018-08-15 16:24:07 -0700
committer	Shentubot <shentubot@google.com>	2018-08-15 16:25:22 -0700
commit	635b0c45933cd841298b0c21a513a9169e849594 (patch)
tree	058bae2ead9f7f182baaf3491580b5a419cb6c94 /runsc/container/container.go
parent	2033f61aae6ff1b3e613d7bb9e9da273791a5176 (diff)