diff options
-rw-r--r-- | runsc/boot/config.go | 17 | ||||
-rw-r--r-- | runsc/boot/loader.go | 2 | ||||
-rw-r--r-- | runsc/main.go | 7 |
3 files changed, 25 insertions, 1 deletions
diff --git a/runsc/boot/config.go b/runsc/boot/config.go index 24be82906..074cd6a63 100644 --- a/runsc/boot/config.go +++ b/runsc/boot/config.go @@ -18,6 +18,8 @@ import ( "fmt" "strconv" "strings" + + "gvisor.googlesource.com/gvisor/pkg/sentry/watchdog" ) // PlatformType tells which platform to use. @@ -130,6 +132,18 @@ func (n NetworkType) String() string { } } +// MakeWatchdogAction converts type from string. +func MakeWatchdogAction(s string) (watchdog.Action, error) { + switch strings.ToLower(s) { + case "log", "logwarning": + return watchdog.LogWarning, nil + case "panic": + return watchdog.Panic, nil + default: + return 0, fmt.Errorf("invalid watchdog action %q", s) + } +} + // Config holds configuration that is not part of the runtime spec. type Config struct { // RootDir is the runtime root directory. @@ -180,6 +194,8 @@ type Config struct { // MultiContainer enables multiple containers support inside one sandbox. // TODO: Remove this when multiple container is fully supported. MultiContainer bool + + WatchdogAction watchdog.Action } // ToFlags returns a slice of flags that correspond to the given Config. @@ -199,5 +215,6 @@ func (c *Config) ToFlags() []string { "--strace=" + strconv.FormatBool(c.Strace), "--strace-syscalls=" + strings.Join(c.StraceSyscalls, ","), "--strace-log-size=" + strconv.Itoa(int(c.StraceLogSize)), + "--watchdog-action=" + c.WatchdogAction.String(), } } diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go index 69b982ff8..da95fa0e7 100644 --- a/runsc/boot/loader.go +++ b/runsc/boot/loader.go @@ -205,7 +205,7 @@ func New(spec *specs.Spec, conf *Config, controllerFD, restoreFD int, ioFDs []in } // Create a watchdog. - watchdog := watchdog.New(k, watchdog.DefaultTimeout, watchdog.LogWarning) + watchdog := watchdog.New(k, watchdog.DefaultTimeout, conf.WatchdogAction) // Create the control server using the provided FD. // diff --git a/runsc/main.go b/runsc/main.go index aa5796d42..563ef8c67 100644 --- a/runsc/main.go +++ b/runsc/main.go @@ -60,6 +60,7 @@ var ( fileAccess = flag.String("file-access", "proxy", "specifies which filesystem to use: proxy (default), direct. Using a proxy is more secure because it disallows the sandbox from opennig files directly in the host.") overlay = flag.Bool("overlay", false, "wrap filesystem mounts with writable overlay. All modifications are stored in memory inside the sandbox.") multiContainer = flag.Bool("multi-container", false, "enable *experimental* multi-container support.") + watchdogAction = flag.String("watchdog-action", "log", "sets what action the watchdog takes when triggered: log (default), panic.") ) var gitRevision = "" @@ -110,6 +111,11 @@ func main() { cmd.Fatalf("%v", err) } + wa, err := boot.MakeWatchdogAction(*watchdogAction) + if err != nil { + cmd.Fatalf("%v", err) + } + // Create a new Config from the flags. conf := &boot.Config{ RootDir: *rootDir, @@ -125,6 +131,7 @@ func main() { Strace: *strace, StraceLogSize: *straceLogSize, MultiContainer: *multiContainer, + WatchdogAction: wa, } if len(*straceSyscalls) != 0 { conf.StraceSyscalls = strings.Split(*straceSyscalls, ",") |