summaryrefslogtreecommitdiffhomepage
path: root/pkg/shim
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/shim')
-rw-r--r--pkg/shim/BUILD (renamed from pkg/shim/v2/BUILD)8
-rw-r--r--pkg/shim/api.go (renamed from pkg/shim/v2/api.go)2
-rw-r--r--pkg/shim/epoll.go (renamed from pkg/shim/v2/epoll.go)2
-rw-r--r--pkg/shim/options.go (renamed from pkg/shim/v2/options.go)2
-rw-r--r--pkg/shim/proc/BUILD (renamed from pkg/shim/v1/proc/BUILD)2
-rw-r--r--pkg/shim/proc/deleted_state.go (renamed from pkg/shim/v1/proc/deleted_state.go)0
-rw-r--r--pkg/shim/proc/exec.go (renamed from pkg/shim/v1/proc/exec.go)0
-rw-r--r--pkg/shim/proc/exec_state.go (renamed from pkg/shim/v1/proc/exec_state.go)0
-rw-r--r--pkg/shim/proc/init.go (renamed from pkg/shim/v1/proc/init.go)6
-rw-r--r--pkg/shim/proc/init_state.go (renamed from pkg/shim/v1/proc/init_state.go)0
-rw-r--r--pkg/shim/proc/io.go (renamed from pkg/shim/v1/proc/io.go)0
-rw-r--r--pkg/shim/proc/proc.go (renamed from pkg/shim/v1/proc/process.go)3
-rw-r--r--pkg/shim/proc/types.go (renamed from pkg/shim/v1/proc/types.go)0
-rw-r--r--pkg/shim/proc/utils.go (renamed from pkg/shim/v1/proc/utils.go)0
-rw-r--r--pkg/shim/runtimeoptions/BUILD (renamed from pkg/shim/v2/runtimeoptions/BUILD)2
-rw-r--r--pkg/shim/runtimeoptions/runtimeoptions.go (renamed from pkg/shim/v2/runtimeoptions/runtimeoptions.go)0
-rw-r--r--pkg/shim/runtimeoptions/runtimeoptions.proto (renamed from pkg/shim/v2/runtimeoptions/runtimeoptions.proto)0
-rw-r--r--pkg/shim/runtimeoptions/runtimeoptions_cri.go (renamed from pkg/shim/v2/runtimeoptions/runtimeoptions_cri.go)0
-rw-r--r--pkg/shim/runtimeoptions/runtimeoptions_test.go (renamed from pkg/shim/v2/runtimeoptions/runtimeoptions_test.go)0
-rw-r--r--pkg/shim/service.go (renamed from pkg/shim/v2/service.go)10
-rw-r--r--pkg/shim/service_linux.go (renamed from pkg/shim/v2/service_linux.go)2
-rw-r--r--pkg/shim/state.go (renamed from pkg/shim/v2/state.go)2
-rw-r--r--pkg/shim/utils/BUILD (renamed from pkg/shim/v1/utils/BUILD)0
-rw-r--r--pkg/shim/utils/annotations.go (renamed from pkg/shim/v1/utils/annotations.go)0
-rw-r--r--pkg/shim/utils/utils.go (renamed from pkg/shim/v1/utils/utils.go)2
-rw-r--r--pkg/shim/utils/volumes.go (renamed from pkg/shim/v1/utils/volumes.go)0
-rw-r--r--pkg/shim/utils/volumes_test.go (renamed from pkg/shim/v1/utils/volumes_test.go)0
-rw-r--r--pkg/shim/v1/shim/BUILD41
-rw-r--r--pkg/shim/v1/shim/api.go41
-rw-r--r--pkg/shim/v1/shim/platform.go106
-rw-r--r--pkg/shim/v1/shim/service.go572
-rw-r--r--pkg/shim/v1/shim/shim.go17
32 files changed, 21 insertions, 799 deletions
diff --git a/pkg/shim/v2/BUILD b/pkg/shim/BUILD
index b0e8daa51..4f7c02f5d 100644
--- a/pkg/shim/v2/BUILD
+++ b/pkg/shim/BUILD
@@ -3,7 +3,7 @@ load("//tools:defs.bzl", "go_library")
package(licenses = ["notice"])
go_library(
- name = "v2",
+ name = "shim",
srcs = [
"api.go",
"epoll.go",
@@ -15,10 +15,10 @@ go_library(
visibility = ["//shim:__subpackages__"],
deps = [
"//pkg/cleanup",
+ "//pkg/shim/proc",
"//pkg/shim/runsc",
- "//pkg/shim/v1/proc",
- "//pkg/shim/v1/utils",
- "//pkg/shim/v2/runtimeoptions",
+ "//pkg/shim/runtimeoptions",
+ "//pkg/shim/utils",
"//runsc/specutils",
"@com_github_burntsushi_toml//:go_default_library",
"@com_github_containerd_cgroups//:go_default_library",
diff --git a/pkg/shim/v2/api.go b/pkg/shim/api.go
index 5a60a04db..6d1741f0c 100644
--- a/pkg/shim/v2/api.go
+++ b/pkg/shim/api.go
@@ -13,7 +13,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-package v2
+package shim
import (
"github.com/containerd/containerd/api/events"
diff --git a/pkg/shim/v2/epoll.go b/pkg/shim/epoll.go
index 41232cca8..737d2b781 100644
--- a/pkg/shim/v2/epoll.go
+++ b/pkg/shim/epoll.go
@@ -15,7 +15,7 @@
// +build linux
-package v2
+package shim
import (
"context"
diff --git a/pkg/shim/v2/options.go b/pkg/shim/options.go
index 9db33fd1f..e40a1a07d 100644
--- a/pkg/shim/v2/options.go
+++ b/pkg/shim/options.go
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-package v2
+package shim
const optionsType = "io.containerd.runsc.v1.options"
diff --git a/pkg/shim/v1/proc/BUILD b/pkg/shim/proc/BUILD
index 4377306af..544bdc170 100644
--- a/pkg/shim/v1/proc/BUILD
+++ b/pkg/shim/proc/BUILD
@@ -11,7 +11,7 @@ go_library(
"init.go",
"init_state.go",
"io.go",
- "process.go",
+ "proc.go",
"types.go",
"utils.go",
],
diff --git a/pkg/shim/v1/proc/deleted_state.go b/pkg/shim/proc/deleted_state.go
index d9b970c4d..d9b970c4d 100644
--- a/pkg/shim/v1/proc/deleted_state.go
+++ b/pkg/shim/proc/deleted_state.go
diff --git a/pkg/shim/v1/proc/exec.go b/pkg/shim/proc/exec.go
index 1d1d90488..1d1d90488 100644
--- a/pkg/shim/v1/proc/exec.go
+++ b/pkg/shim/proc/exec.go
diff --git a/pkg/shim/v1/proc/exec_state.go b/pkg/shim/proc/exec_state.go
index 4dcda8b44..4dcda8b44 100644
--- a/pkg/shim/v1/proc/exec_state.go
+++ b/pkg/shim/proc/exec_state.go
diff --git a/pkg/shim/v1/proc/init.go b/pkg/shim/proc/init.go
index 9fd7d978c..cacaade88 100644
--- a/pkg/shim/v1/proc/init.go
+++ b/pkg/shim/proc/init.go
@@ -39,9 +39,6 @@ import (
"gvisor.dev/gvisor/pkg/shim/runsc"
)
-// InitPidFile name of the file that contains the init pid.
-const InitPidFile = "init.pid"
-
// Init represents an initial process for a container.
type Init struct {
wg sync.WaitGroup
@@ -122,7 +119,8 @@ func (p *Init) Create(ctx context.Context, r *CreateConfig) (err error) {
return fmt.Errorf("failed to create OCI runtime io pipes: %w", err)
}
}
- pidFile := filepath.Join(p.Bundle, InitPidFile)
+ // pidFile is the file that will contain the sandbox pid.
+ pidFile := filepath.Join(p.Bundle, "init.pid")
opts := &runsc.CreateOpts{
PidFile: pidFile,
}
diff --git a/pkg/shim/v1/proc/init_state.go b/pkg/shim/proc/init_state.go
index 0065fc385..0065fc385 100644
--- a/pkg/shim/v1/proc/init_state.go
+++ b/pkg/shim/proc/init_state.go
diff --git a/pkg/shim/v1/proc/io.go b/pkg/shim/proc/io.go
index 34d825fb7..34d825fb7 100644
--- a/pkg/shim/v1/proc/io.go
+++ b/pkg/shim/proc/io.go
diff --git a/pkg/shim/v1/proc/process.go b/pkg/shim/proc/proc.go
index e8315326d..edba3fca5 100644
--- a/pkg/shim/v1/proc/process.go
+++ b/pkg/shim/proc/proc.go
@@ -13,7 +13,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// Package proc contains process-related utilities.
+// Package proc is responsible to manage the communication between the shim and
+// the sandbox process running the container.
package proc
import (
diff --git a/pkg/shim/v1/proc/types.go b/pkg/shim/proc/types.go
index fc182cf5e..fc182cf5e 100644
--- a/pkg/shim/v1/proc/types.go
+++ b/pkg/shim/proc/types.go
diff --git a/pkg/shim/v1/proc/utils.go b/pkg/shim/proc/utils.go
index 7c2c409af..7c2c409af 100644
--- a/pkg/shim/v1/proc/utils.go
+++ b/pkg/shim/proc/utils.go
diff --git a/pkg/shim/v2/runtimeoptions/BUILD b/pkg/shim/runtimeoptions/BUILD
index abb8c3be3..029be7c09 100644
--- a/pkg/shim/v2/runtimeoptions/BUILD
+++ b/pkg/shim/runtimeoptions/BUILD
@@ -15,7 +15,7 @@ go_library(
"runtimeoptions.go",
"runtimeoptions_cri.go",
],
- visibility = ["//pkg/shim/v2:__pkg__"],
+ visibility = ["//pkg/shim:__pkg__"],
deps = ["@com_github_gogo_protobuf//proto:go_default_library"],
)
diff --git a/pkg/shim/v2/runtimeoptions/runtimeoptions.go b/pkg/shim/runtimeoptions/runtimeoptions.go
index 072dd87f0..072dd87f0 100644
--- a/pkg/shim/v2/runtimeoptions/runtimeoptions.go
+++ b/pkg/shim/runtimeoptions/runtimeoptions.go
diff --git a/pkg/shim/v2/runtimeoptions/runtimeoptions.proto b/pkg/shim/runtimeoptions/runtimeoptions.proto
index 057032e34..057032e34 100644
--- a/pkg/shim/v2/runtimeoptions/runtimeoptions.proto
+++ b/pkg/shim/runtimeoptions/runtimeoptions.proto
diff --git a/pkg/shim/v2/runtimeoptions/runtimeoptions_cri.go b/pkg/shim/runtimeoptions/runtimeoptions_cri.go
index e6102b4cf..e6102b4cf 100644
--- a/pkg/shim/v2/runtimeoptions/runtimeoptions_cri.go
+++ b/pkg/shim/runtimeoptions/runtimeoptions_cri.go
diff --git a/pkg/shim/v2/runtimeoptions/runtimeoptions_test.go b/pkg/shim/runtimeoptions/runtimeoptions_test.go
index c59a2400e..c59a2400e 100644
--- a/pkg/shim/v2/runtimeoptions/runtimeoptions_test.go
+++ b/pkg/shim/runtimeoptions/runtimeoptions_test.go
diff --git a/pkg/shim/v2/service.go b/pkg/shim/service.go
index 6aaf5fab8..9aba26ac7 100644
--- a/pkg/shim/v2/service.go
+++ b/pkg/shim/service.go
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// Package v2 implements Containerd Shim v2 interface.
-package v2
+// Package shim implements Containerd Shim v2 interface.
+package shim
import (
"context"
@@ -49,10 +49,10 @@ import (
"golang.org/x/sys/unix"
"gvisor.dev/gvisor/pkg/cleanup"
+ "gvisor.dev/gvisor/pkg/shim/proc"
"gvisor.dev/gvisor/pkg/shim/runsc"
- "gvisor.dev/gvisor/pkg/shim/v1/proc"
- "gvisor.dev/gvisor/pkg/shim/v1/utils"
- "gvisor.dev/gvisor/pkg/shim/v2/runtimeoptions"
+ "gvisor.dev/gvisor/pkg/shim/runtimeoptions"
+ "gvisor.dev/gvisor/pkg/shim/utils"
"gvisor.dev/gvisor/runsc/specutils"
)
diff --git a/pkg/shim/v2/service_linux.go b/pkg/shim/service_linux.go
index 1800ab90b..11622ed60 100644
--- a/pkg/shim/v2/service_linux.go
+++ b/pkg/shim/service_linux.go
@@ -15,7 +15,7 @@
// +build linux
-package v2
+package shim
import (
"context"
diff --git a/pkg/shim/v2/state.go b/pkg/shim/state.go
index 1f4be33d3..5e9e92ec3 100644
--- a/pkg/shim/v2/state.go
+++ b/pkg/shim/state.go
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-package v2
+package shim
import (
"encoding/json"
diff --git a/pkg/shim/v1/utils/BUILD b/pkg/shim/utils/BUILD
index 54a0aabb7..54a0aabb7 100644
--- a/pkg/shim/v1/utils/BUILD
+++ b/pkg/shim/utils/BUILD
diff --git a/pkg/shim/v1/utils/annotations.go b/pkg/shim/utils/annotations.go
index 1e9d3f365..1e9d3f365 100644
--- a/pkg/shim/v1/utils/annotations.go
+++ b/pkg/shim/utils/annotations.go
diff --git a/pkg/shim/v1/utils/utils.go b/pkg/shim/utils/utils.go
index 21e75d16d..7b1cd983e 100644
--- a/pkg/shim/v1/utils/utils.go
+++ b/pkg/shim/utils/utils.go
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// Package utils contains utility functions.
+// Package utils container miscellaneous utility function used by the shim.
package utils
import (
diff --git a/pkg/shim/v1/utils/volumes.go b/pkg/shim/utils/volumes.go
index 52a428179..52a428179 100644
--- a/pkg/shim/v1/utils/volumes.go
+++ b/pkg/shim/utils/volumes.go
diff --git a/pkg/shim/v1/utils/volumes_test.go b/pkg/shim/utils/volumes_test.go
index 3e02c6151..3e02c6151 100644
--- a/pkg/shim/v1/utils/volumes_test.go
+++ b/pkg/shim/utils/volumes_test.go
diff --git a/pkg/shim/v1/shim/BUILD b/pkg/shim/v1/shim/BUILD
deleted file mode 100644
index e5b6bf186..000000000
--- a/pkg/shim/v1/shim/BUILD
+++ /dev/null
@@ -1,41 +0,0 @@
-load("//tools:defs.bzl", "go_library")
-
-package(licenses = ["notice"])
-
-go_library(
- name = "shim",
- srcs = [
- "api.go",
- "platform.go",
- "service.go",
- "shim.go",
- ],
- visibility = [
- "//pkg/shim:__subpackages__",
- "//shim:__subpackages__",
- ],
- deps = [
- "//pkg/shim/runsc",
- "//pkg/shim/v1/proc",
- "//pkg/shim/v1/utils",
- "@com_github_containerd_console//:go_default_library",
- "@com_github_containerd_containerd//api/events:go_default_library",
- "@com_github_containerd_containerd//api/types/task:go_default_library",
- "@com_github_containerd_containerd//errdefs:go_default_library",
- "@com_github_containerd_containerd//events:go_default_library",
- "@com_github_containerd_containerd//log:go_default_library",
- "@com_github_containerd_containerd//mount:go_default_library",
- "@com_github_containerd_containerd//namespaces:go_default_library",
- "@com_github_containerd_containerd//pkg/process:go_default_library",
- "@com_github_containerd_containerd//pkg/stdio:go_default_library",
- "@com_github_containerd_containerd//runtime:go_default_library",
- "@com_github_containerd_containerd//runtime/linux/runctypes:go_default_library",
- "@com_github_containerd_containerd//runtime/v1/shim/v1:go_default_library",
- "@com_github_containerd_containerd//sys/reaper:go_default_library",
- "@com_github_containerd_fifo//:go_default_library",
- "@com_github_containerd_typeurl//:go_default_library",
- "@com_github_gogo_protobuf//types:go_default_library",
- "@org_golang_google_grpc//codes:go_default_library",
- "@org_golang_google_grpc//status:go_default_library",
- ],
-)
diff --git a/pkg/shim/v1/shim/api.go b/pkg/shim/v1/shim/api.go
deleted file mode 100644
index 8200eb012..000000000
--- a/pkg/shim/v1/shim/api.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// Copyright 2018 The containerd Authors.
-// Copyright 2019 The gVisor Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package shim
-
-import (
- "github.com/containerd/containerd/api/events"
-)
-
-// TaskCreate is an alias for events.TaskCreate.
-type TaskCreate = events.TaskCreate
-
-// TaskStart is an alias for events.TaskStart.
-type TaskStart = events.TaskStart
-
-// TaskOOM is an alias for events.TaskOOM.
-type TaskOOM = events.TaskOOM
-
-// TaskExit is an alias for events.TaskExit.
-type TaskExit = events.TaskExit
-
-// TaskDelete is an alias for events.TaskDelete.
-type TaskDelete = events.TaskDelete
-
-// TaskExecAdded is an alias for events.TaskExecAdded.
-type TaskExecAdded = events.TaskExecAdded
-
-// TaskExecStarted is an alias for events.TaskExecStarted.
-type TaskExecStarted = events.TaskExecStarted
diff --git a/pkg/shim/v1/shim/platform.go b/pkg/shim/v1/shim/platform.go
deleted file mode 100644
index f590f80ef..000000000
--- a/pkg/shim/v1/shim/platform.go
+++ /dev/null
@@ -1,106 +0,0 @@
-// Copyright 2018 The containerd Authors.
-// Copyright 2019 The gVisor Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package shim
-
-import (
- "context"
- "fmt"
- "io"
- "sync"
- "syscall"
-
- "github.com/containerd/console"
- "github.com/containerd/fifo"
-)
-
-type linuxPlatform struct {
- epoller *console.Epoller
-}
-
-func (p *linuxPlatform) CopyConsole(ctx context.Context, console console.Console, stdin, stdout, stderr string, wg *sync.WaitGroup) (console.Console, error) {
- if p.epoller == nil {
- return nil, fmt.Errorf("uninitialized epoller")
- }
-
- epollConsole, err := p.epoller.Add(console)
- if err != nil {
- return nil, err
- }
-
- if stdin != "" {
- in, err := fifo.OpenFifo(ctx, stdin, syscall.O_RDONLY, 0)
- if err != nil {
- return nil, err
- }
- go func() {
- p := bufPool.Get().(*[]byte)
- defer bufPool.Put(p)
- io.CopyBuffer(epollConsole, in, *p)
- }()
- }
-
- outw, err := fifo.OpenFifo(ctx, stdout, syscall.O_WRONLY, 0)
- if err != nil {
- return nil, err
- }
- outr, err := fifo.OpenFifo(ctx, stdout, syscall.O_RDONLY, 0)
- if err != nil {
- return nil, err
- }
- wg.Add(1)
- go func() {
- p := bufPool.Get().(*[]byte)
- defer bufPool.Put(p)
- io.CopyBuffer(outw, epollConsole, *p)
- epollConsole.Close()
- outr.Close()
- outw.Close()
- wg.Done()
- }()
- return epollConsole, nil
-}
-
-func (p *linuxPlatform) ShutdownConsole(ctx context.Context, cons console.Console) error {
- if p.epoller == nil {
- return fmt.Errorf("uninitialized epoller")
- }
- epollConsole, ok := cons.(*console.EpollConsole)
- if !ok {
- return fmt.Errorf("expected EpollConsole, got %#v", cons)
- }
- return epollConsole.Shutdown(p.epoller.CloseConsole)
-}
-
-func (p *linuxPlatform) Close() error {
- return p.epoller.Close()
-}
-
-// initialize a single epoll fd to manage our consoles. `initPlatform` should
-// only be called once.
-func (s *Service) initPlatform() error {
- if s.platform != nil {
- return nil
- }
- epoller, err := console.NewEpoller()
- if err != nil {
- return fmt.Errorf("failed to initialize epoller: %w", err)
- }
- s.platform = &linuxPlatform{
- epoller: epoller,
- }
- go epoller.Wait()
- return nil
-}
diff --git a/pkg/shim/v1/shim/service.go b/pkg/shim/v1/shim/service.go
deleted file mode 100644
index 80aa59b33..000000000
--- a/pkg/shim/v1/shim/service.go
+++ /dev/null
@@ -1,572 +0,0 @@
-// Copyright 2018 The containerd Authors.
-// Copyright 2019 The gVisor Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package shim
-
-import (
- "context"
- "fmt"
- "os"
- "path/filepath"
- "sync"
-
- "github.com/containerd/console"
- "github.com/containerd/containerd/api/types/task"
- "github.com/containerd/containerd/errdefs"
- "github.com/containerd/containerd/events"
- "github.com/containerd/containerd/log"
- "github.com/containerd/containerd/mount"
- "github.com/containerd/containerd/namespaces"
- "github.com/containerd/containerd/pkg/process"
- "github.com/containerd/containerd/pkg/stdio"
- "github.com/containerd/containerd/runtime"
- "github.com/containerd/containerd/runtime/linux/runctypes"
- shim "github.com/containerd/containerd/runtime/v1/shim/v1"
- "github.com/containerd/containerd/sys/reaper"
- "github.com/containerd/typeurl"
- "github.com/gogo/protobuf/types"
- "google.golang.org/grpc/codes"
- "google.golang.org/grpc/status"
-
- "gvisor.dev/gvisor/pkg/shim/runsc"
- "gvisor.dev/gvisor/pkg/shim/v1/proc"
- "gvisor.dev/gvisor/pkg/shim/v1/utils"
-)
-
-var (
- empty = &types.Empty{}
- bufPool = sync.Pool{
- New: func() interface{} {
- buffer := make([]byte, 32<<10)
- return &buffer
- },
- }
-)
-
-// Config contains shim specific configuration.
-type Config struct {
- Path string
- Namespace string
- WorkDir string
- RuntimeRoot string
- RunscConfig map[string]string
-}
-
-// NewService returns a new shim service that can be used via GRPC.
-func NewService(config Config, publisher events.Publisher) (*Service, error) {
- if config.Namespace == "" {
- return nil, fmt.Errorf("shim namespace cannot be empty")
- }
- ctx := namespaces.WithNamespace(context.Background(), config.Namespace)
- s := &Service{
- config: config,
- context: ctx,
- processes: make(map[string]process.Process),
- events: make(chan interface{}, 128),
- ec: proc.ExitCh,
- }
- go s.processExits()
- if err := s.initPlatform(); err != nil {
- return nil, fmt.Errorf("failed to initialized platform behavior: %w", err)
- }
- go s.forward(publisher)
- return s, nil
-}
-
-// Service is the shim implementation of a remote shim over GRPC.
-type Service struct {
- mu sync.Mutex
-
- config Config
- context context.Context
- processes map[string]process.Process
- events chan interface{}
- platform stdio.Platform
- ec chan proc.Exit
-
- // Filled by Create()
- id string
- bundle string
-}
-
-// Create creates a new initial process and container with the underlying OCI runtime.
-func (s *Service) Create(ctx context.Context, r *shim.CreateTaskRequest) (_ *shim.CreateTaskResponse, err error) {
- s.mu.Lock()
- defer s.mu.Unlock()
-
- var mounts []proc.Mount
- for _, m := range r.Rootfs {
- mounts = append(mounts, proc.Mount{
- Type: m.Type,
- Source: m.Source,
- Target: m.Target,
- Options: m.Options,
- })
- }
-
- rootfs := filepath.Join(r.Bundle, "rootfs")
- if err := os.Mkdir(rootfs, 0711); err != nil && !os.IsExist(err) {
- return nil, err
- }
-
- config := &proc.CreateConfig{
- ID: r.ID,
- Bundle: r.Bundle,
- Runtime: r.Runtime,
- Rootfs: mounts,
- Terminal: r.Terminal,
- Stdin: r.Stdin,
- Stdout: r.Stdout,
- Stderr: r.Stderr,
- }
- defer func() {
- if err != nil {
- if err2 := mount.UnmountAll(rootfs, 0); err2 != nil {
- log.G(ctx).WithError(err2).Warn("Failed to cleanup rootfs mount")
- }
- }
- }()
- for _, rm := range mounts {
- m := &mount.Mount{
- Type: rm.Type,
- Source: rm.Source,
- Options: rm.Options,
- }
- if err := m.Mount(rootfs); err != nil {
- return nil, fmt.Errorf("failed to mount rootfs component %v: %w", m, err)
- }
- }
- process, err := newInit(
- s.config.Path,
- s.config.WorkDir,
- s.config.RuntimeRoot,
- s.config.Namespace,
- s.config.RunscConfig,
- s.platform,
- config,
- r.Options,
- )
- if err := process.Create(ctx, config); err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- // Save the main task id and bundle to the shim for additional
- // requests.
- s.id = r.ID
- s.bundle = r.Bundle
- pid := process.Pid()
- s.processes[r.ID] = process
- return &shim.CreateTaskResponse{
- Pid: uint32(pid),
- }, nil
-}
-
-// Start starts a process.
-func (s *Service) Start(ctx context.Context, r *shim.StartRequest) (*shim.StartResponse, error) {
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- if err := p.Start(ctx); err != nil {
- return nil, err
- }
- return &shim.StartResponse{
- ID: p.ID(),
- Pid: uint32(p.Pid()),
- }, nil
-}
-
-// Delete deletes the initial process and container.
-func (s *Service) Delete(ctx context.Context, r *types.Empty) (*shim.DeleteResponse, error) {
- p, err := s.getInitProcess()
- if err != nil {
- return nil, err
- }
- if err := p.Delete(ctx); err != nil {
- return nil, err
- }
- s.mu.Lock()
- delete(s.processes, s.id)
- s.mu.Unlock()
- s.platform.Close()
- return &shim.DeleteResponse{
- ExitStatus: uint32(p.ExitStatus()),
- ExitedAt: p.ExitedAt(),
- Pid: uint32(p.Pid()),
- }, nil
-}
-
-// DeleteProcess deletes an exec'd process.
-func (s *Service) DeleteProcess(ctx context.Context, r *shim.DeleteProcessRequest) (*shim.DeleteResponse, error) {
- if r.ID == s.id {
- return nil, status.Errorf(codes.InvalidArgument, "cannot delete init process with DeleteProcess")
- }
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- if err := p.Delete(ctx); err != nil {
- return nil, err
- }
- s.mu.Lock()
- delete(s.processes, r.ID)
- s.mu.Unlock()
- return &shim.DeleteResponse{
- ExitStatus: uint32(p.ExitStatus()),
- ExitedAt: p.ExitedAt(),
- Pid: uint32(p.Pid()),
- }, nil
-}
-
-// Exec spawns an additional process inside the container.
-func (s *Service) Exec(ctx context.Context, r *shim.ExecProcessRequest) (*types.Empty, error) {
- s.mu.Lock()
-
- if p := s.processes[r.ID]; p != nil {
- s.mu.Unlock()
- return nil, errdefs.ToGRPCf(errdefs.ErrAlreadyExists, "id %s", r.ID)
- }
-
- p := s.processes[s.id]
- s.mu.Unlock()
- if p == nil {
- return nil, errdefs.ToGRPCf(errdefs.ErrFailedPrecondition, "container must be created")
- }
-
- process, err := p.(*proc.Init).Exec(ctx, s.config.Path, &proc.ExecConfig{
- ID: r.ID,
- Terminal: r.Terminal,
- Stdin: r.Stdin,
- Stdout: r.Stdout,
- Stderr: r.Stderr,
- Spec: r.Spec,
- })
- if err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- s.mu.Lock()
- s.processes[r.ID] = process
- s.mu.Unlock()
- return empty, nil
-}
-
-// ResizePty resises the terminal of a process.
-func (s *Service) ResizePty(ctx context.Context, r *shim.ResizePtyRequest) (*types.Empty, error) {
- if r.ID == "" {
- return nil, errdefs.ToGRPCf(errdefs.ErrInvalidArgument, "id not provided")
- }
- ws := console.WinSize{
- Width: uint16(r.Width),
- Height: uint16(r.Height),
- }
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- if err := p.Resize(ws); err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- return empty, nil
-}
-
-// State returns runtime state information for a process.
-func (s *Service) State(ctx context.Context, r *shim.StateRequest) (*shim.StateResponse, error) {
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- st, err := p.Status(ctx)
- if err != nil {
- return nil, err
- }
- status := task.StatusUnknown
- switch st {
- case "created":
- status = task.StatusCreated
- case "running":
- status = task.StatusRunning
- case "stopped":
- status = task.StatusStopped
- }
- sio := p.Stdio()
- return &shim.StateResponse{
- ID: p.ID(),
- Bundle: s.bundle,
- Pid: uint32(p.Pid()),
- Status: status,
- Stdin: sio.Stdin,
- Stdout: sio.Stdout,
- Stderr: sio.Stderr,
- Terminal: sio.Terminal,
- ExitStatus: uint32(p.ExitStatus()),
- ExitedAt: p.ExitedAt(),
- }, nil
-}
-
-// Pause pauses the container.
-func (s *Service) Pause(ctx context.Context, r *types.Empty) (*types.Empty, error) {
- return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
-}
-
-// Resume resumes the container.
-func (s *Service) Resume(ctx context.Context, r *types.Empty) (*types.Empty, error) {
- return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
-}
-
-// Kill kills a process with the provided signal.
-func (s *Service) Kill(ctx context.Context, r *shim.KillRequest) (*types.Empty, error) {
- if r.ID == "" {
- p, err := s.getInitProcess()
- if err != nil {
- return nil, err
- }
- if err := p.Kill(ctx, r.Signal, r.All); err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- return empty, nil
- }
-
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- if err := p.Kill(ctx, r.Signal, r.All); err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- return empty, nil
-}
-
-// ListPids returns all pids inside the container.
-func (s *Service) ListPids(ctx context.Context, r *shim.ListPidsRequest) (*shim.ListPidsResponse, error) {
- pids, err := s.getContainerPids(ctx, r.ID)
- if err != nil {
- return nil, errdefs.ToGRPC(err)
- }
- var processes []*task.ProcessInfo
- for _, pid := range pids {
- pInfo := task.ProcessInfo{
- Pid: pid,
- }
- for _, p := range s.processes {
- if p.Pid() == int(pid) {
- d := &runctypes.ProcessDetails{
- ExecID: p.ID(),
- }
- a, err := typeurl.MarshalAny(d)
- if err != nil {
- return nil, fmt.Errorf("failed to marshal process %d info: %w", pid, err)
- }
- pInfo.Info = a
- break
- }
- }
- processes = append(processes, &pInfo)
- }
- return &shim.ListPidsResponse{
- Processes: processes,
- }, nil
-}
-
-// CloseIO closes the I/O context of a process.
-func (s *Service) CloseIO(ctx context.Context, r *shim.CloseIORequest) (*types.Empty, error) {
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- if stdin := p.Stdin(); stdin != nil {
- if err := stdin.Close(); err != nil {
- return nil, fmt.Errorf("close stdin: %w", err)
- }
- }
- return empty, nil
-}
-
-// Checkpoint checkpoints the container.
-func (s *Service) Checkpoint(ctx context.Context, r *shim.CheckpointTaskRequest) (*types.Empty, error) {
- return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
-}
-
-// ShimInfo returns shim information such as the shim's pid.
-func (s *Service) ShimInfo(ctx context.Context, r *types.Empty) (*shim.ShimInfoResponse, error) {
- return &shim.ShimInfoResponse{
- ShimPid: uint32(os.Getpid()),
- }, nil
-}
-
-// Update updates a running container.
-func (s *Service) Update(ctx context.Context, r *shim.UpdateTaskRequest) (*types.Empty, error) {
- return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
-}
-
-// Wait waits for a process to exit.
-func (s *Service) Wait(ctx context.Context, r *shim.WaitRequest) (*shim.WaitResponse, error) {
- p, err := s.getExecProcess(r.ID)
- if err != nil {
- return nil, err
- }
- p.Wait()
-
- return &shim.WaitResponse{
- ExitStatus: uint32(p.ExitStatus()),
- ExitedAt: p.ExitedAt(),
- }, nil
-}
-
-func (s *Service) processExits() {
- for e := range s.ec {
- s.checkProcesses(e)
- }
-}
-
-func (s *Service) allProcesses() []process.Process {
- s.mu.Lock()
- defer s.mu.Unlock()
-
- res := make([]process.Process, 0, len(s.processes))
- for _, p := range s.processes {
- res = append(res, p)
- }
- return res
-}
-
-func (s *Service) checkProcesses(e proc.Exit) {
- for _, p := range s.allProcesses() {
- if p.ID() == e.ID {
- if ip, ok := p.(*proc.Init); ok {
- // Ensure all children are killed.
- if err := ip.KillAll(s.context); err != nil {
- log.G(s.context).WithError(err).WithField("id", ip.ID()).
- Error("failed to kill init's children")
- }
- }
- p.SetExited(e.Status)
- s.events <- &TaskExit{
- ContainerID: s.id,
- ID: p.ID(),
- Pid: uint32(p.Pid()),
- ExitStatus: uint32(e.Status),
- ExitedAt: p.ExitedAt(),
- }
- return
- }
- }
-}
-
-func (s *Service) getContainerPids(ctx context.Context, id string) ([]uint32, error) {
- p, err := s.getInitProcess()
- if err != nil {
- return nil, err
- }
-
- ps, err := p.(*proc.Init).Runtime().Ps(ctx, id)
- if err != nil {
- return nil, err
- }
- pids := make([]uint32, 0, len(ps))
- for _, pid := range ps {
- pids = append(pids, uint32(pid))
- }
- return pids, nil
-}
-
-func (s *Service) forward(publisher events.Publisher) {
- for e := range s.events {
- if err := publisher.Publish(s.context, getTopic(s.context, e), e); err != nil {
- log.G(s.context).WithError(err).Error("post event")
- }
- }
-}
-
-// getInitProcess returns the init process.
-func (s *Service) getInitProcess() (process.Process, error) {
- s.mu.Lock()
- defer s.mu.Unlock()
- p := s.processes[s.id]
- if p == nil {
- return nil, errdefs.ToGRPCf(errdefs.ErrFailedPrecondition, "container must be created")
- }
- return p, nil
-}
-
-// getExecProcess returns the given exec process.
-func (s *Service) getExecProcess(id string) (process.Process, error) {
- s.mu.Lock()
- defer s.mu.Unlock()
- p := s.processes[id]
- if p == nil {
- return nil, errdefs.ToGRPCf(errdefs.ErrNotFound, "process %s does not exist", id)
- }
- return p, nil
-}
-
-func getTopic(ctx context.Context, e interface{}) string {
- switch e.(type) {
- case *TaskCreate:
- return runtime.TaskCreateEventTopic
- case *TaskStart:
- return runtime.TaskStartEventTopic
- case *TaskOOM:
- return runtime.TaskOOMEventTopic
- case *TaskExit:
- return runtime.TaskExitEventTopic
- case *TaskDelete:
- return runtime.TaskDeleteEventTopic
- case *TaskExecAdded:
- return runtime.TaskExecAddedEventTopic
- case *TaskExecStarted:
- return runtime.TaskExecStartedEventTopic
- default:
- log.L.Printf("no topic for type %#v", e)
- }
- return runtime.TaskUnknownTopic
-}
-
-func newInit(path, workDir, runtimeRoot, namespace string, config map[string]string, platform stdio.Platform, r *proc.CreateConfig, options *types.Any) (*proc.Init, error) {
- var opts runctypes.CreateOptions
- if options != nil {
- v, err := typeurl.UnmarshalAny(options)
- if err != nil {
- return nil, err
- }
- opts = *v.(*runctypes.CreateOptions)
- }
-
- spec, err := utils.ReadSpec(r.Bundle)
- if err != nil {
- return nil, fmt.Errorf("read oci spec: %w", err)
- }
- if err := utils.UpdateVolumeAnnotations(r.Bundle, spec); err != nil {
- return nil, fmt.Errorf("update volume annotations: %w", err)
- }
-
- runsc.FormatRunscLogPath(r.ID, config)
- rootfs := filepath.Join(path, "rootfs")
- runtime := proc.NewRunsc(runtimeRoot, path, namespace, r.Runtime, config)
- p := proc.New(r.ID, runtime, stdio.Stdio{
- Stdin: r.Stdin,
- Stdout: r.Stdout,
- Stderr: r.Stderr,
- Terminal: r.Terminal,
- })
- p.Bundle = r.Bundle
- p.Platform = platform
- p.Rootfs = rootfs
- p.WorkDir = workDir
- p.IoUID = int(opts.IoUid)
- p.IoGID = int(opts.IoGid)
- p.Sandbox = utils.IsSandbox(spec)
- p.UserLog = utils.UserLogPath(spec)
- p.Monitor = reaper.Default
- return p, nil
-}
diff --git a/pkg/shim/v1/shim/shim.go b/pkg/shim/v1/shim/shim.go
deleted file mode 100644
index 1855a8769..000000000
--- a/pkg/shim/v1/shim/shim.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2018 The containerd Authors.
-// Copyright 2019 The gVisor Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Package shim contains the core containerd shim implementation.
-package shim