From c05660373e8bda36ddf5181220c76f4327f2abc6 Mon Sep 17 00:00:00 2001 From: Justine Olshan Date: Wed, 18 Jul 2018 16:57:29 -0700 Subject: Moved restore code out of create and made to be called after create. Docker expects containers to be created before they are restored. However, gVisor restoring requires specificactions regarding the kernel and the file system. These actions were originally in booting the sandbox. Now setting up the file system is deferred until a call to a call to runsc start. In the restore case, the kernel is destroyed and a new kernel is created in the same process, as we need the same process for Docker. These changes required careful execution of concurrent processes which required the use of a channel. Full docker integration still needs the ability to restore into the same container. PiperOrigin-RevId: 205161441 Change-Id: Ie1d2304ead7e06855319d5dc310678f701bd099f --- runsc/cmd/boot.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'runsc/cmd/boot.go') diff --git a/runsc/cmd/boot.go b/runsc/cmd/boot.go index 70c4616b4..4e08dafc8 100644 --- a/runsc/cmd/boot.go +++ b/runsc/cmd/boot.go @@ -49,9 +49,6 @@ type Boot struct { // applyCaps determines if capabilities defined in the spec should be applied // to the process. applyCaps bool - - // restoreFD is the file descriptor to the state file to be restored. - restoreFD int } // Name implements subcommands.Command.Name. @@ -76,7 +73,6 @@ func (b *Boot) SetFlags(f *flag.FlagSet) { f.Var(&b.ioFDs, "io-fds", "list of FDs to connect 9P clients. They must follow this order: root first, then mounts as defined in the spec") f.BoolVar(&b.console, "console", false, "set to true if the sandbox should allow terminal ioctl(2) syscalls") f.BoolVar(&b.applyCaps, "apply-caps", false, "if true, apply capabilities defined in the spec to the process") - f.IntVar(&b.restoreFD, "restore-fd", -1, "FD of the state file to be restored") } // Execute implements subcommands.Command.Execute. It starts a sandbox in a @@ -142,11 +138,14 @@ func (b *Boot) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) } // Create the loader. - l, err := boot.New(spec, conf, b.controllerFD, b.restoreFD, b.ioFDs.GetArray(), b.console) + l, err := boot.New(spec, conf, b.controllerFD, b.ioFDs.GetArray(), b.console) if err != nil { Fatalf("error creating loader: %v", err) } + // Notify other processes the loader has been created. + l.NotifyLoaderCreated() + // Wait for the start signal from runsc. l.WaitForStartSignal() -- cgit v1.2.3