Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Refactor] Move core logical from server to manager #269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Crazykev wants to merge 3 commits into from
Closed

[Refactor] Move core logical from server to manager #269

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
322f731
add redundant commit to , easy to review what was changed
Crazykev Dec 13, 2016
24b8336
[refator] move core implement code from server to manager
Crazykev Dec 14, 2016
d598303
add a todo for unimplement manager method
Crazykev Dec 14, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions cmd/server/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"path/filepath"
"text/template"

"github.com/kubernetes-incubator/cri-o/server"
"github.com/kubernetes-incubator/cri-o/manager"
"github.com/opencontainers/runc/libcontainer/selinux"
"github.com/urfave/cli"
)
Expand Down Expand Up @@ -82,18 +82,18 @@ pause = "{{ .Pause }}"
// template. Add it once the storage code has been merged.

// DefaultConfig returns the default configuration for ocid.
func DefaultConfig() *server.Config {
return &server.Config{
RootConfig: server.RootConfig{
func DefaultConfig() *manager.Config {
return &manager.Config{
RootConfig: manager.RootConfig{
Root: ocidRoot,
SandboxDir: filepath.Join(ocidRoot, "sandboxes"),
ContainerDir: filepath.Join(ocidRoot, "containers"),
LogDir: "/var/log/ocid/pods",
},
APIConfig: server.APIConfig{
APIConfig: manager.APIConfig{
Listen: "/var/run/ocid.sock",
},
RuntimeConfig: server.RuntimeConfig{
RuntimeConfig: manager.RuntimeConfig{
Runtime: "/usr/bin/runc",
Conmon: conmonPath,
ConmonEnv: []string{
Expand All @@ -103,7 +103,7 @@ func DefaultConfig() *server.Config {
SeccompProfile: seccompProfilePath,
ApparmorProfile: apparmorProfileName,
},
ImageConfig: server.ImageConfig{
ImageConfig: manager.ImageConfig{
Pause: pausePath,
ImageDir: filepath.Join(ocidRoot, "store"),
},
Expand All @@ -122,7 +122,7 @@ var configCommand = cli.Command{
Action: func(c *cli.Context) error {
// At this point, app.Before has already parsed the user's chosen
// config file. So no need to handle that here.
config := c.App.Metadata["config"].(*server.Config)
config := c.App.Metadata["config"].(*manager.Config)
if c.Bool("default") {
config = DefaultConfig()
}
Expand Down
7 changes: 4 additions & 3 deletions cmd/server/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"sort"

"github.com/Sirupsen/logrus"
"github.com/kubernetes-incubator/cri-o/manager"
"github.com/kubernetes-incubator/cri-o/server"
"github.com/opencontainers/runc/libcontainer/selinux"
"github.com/urfave/cli"
Expand All @@ -16,7 +17,7 @@ import (

const ociConfigPath = "/etc/ocid/ocid.conf"

func mergeConfig(config *server.Config, ctx *cli.Context) error {
func mergeConfig(config *manager.Config, ctx *cli.Context) error {
// Don't parse the config if the user explicitly set it to "".
if path := ctx.GlobalString("config"); path != "" {
if err := config.FromFile(path); err != nil {
Expand Down Expand Up @@ -158,7 +159,7 @@ func main() {

app.Before = func(c *cli.Context) error {
// Load the configuration file.
config := c.App.Metadata["config"].(*server.Config)
config := c.App.Metadata["config"].(*manager.Config)
if err := mergeConfig(config, c); err != nil {
return err
}
Expand Down Expand Up @@ -195,7 +196,7 @@ func main() {
}

app.Action = func(c *cli.Context) error {
config := c.App.Metadata["config"].(*server.Config)
config := c.App.Metadata["config"].(*manager.Config)

if !config.SELinux {
selinux.SetDisabled()
Expand Down
0 server/apparmor/aaparser.go → manager/apparmor/aaparser.go
View file
Open in desktop
File renamed without changes.
0 server/apparmor/apparmor_common.go → manager/apparmor/apparmor_common.go
View file
Open in desktop
File renamed without changes.
0 server/apparmor/apparmor_supported.go → manager/apparmor/apparmor_supported.go
View file
Open in desktop
File renamed without changes.
0 server/apparmor/apparmor_unsupported.go → manager/apparmor/apparmor_unsupported.go
View file
Open in desktop
File renamed without changes.
0 server/apparmor/template.go → manager/apparmor/template.go
View file
Open in desktop
File renamed without changes.
2 changes: 1 addition & 1 deletion server/config.go → manager/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package server
package manager

import (
"bytes"
Expand Down
31 changes: 31 additions & 0 deletions manager/container.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package manager

import (
"fmt"

"github.com/kubernetes-incubator/cri-o/oci"
)

const (
// containerTypeSandbox represents a pod sandbox container
containerTypeSandbox = "sandbox"
// containerTypeContainer represents a container running within a pod
containerTypeContainer = "container"
)

func (m *Manager) getContainerWithPartialID(ctrID string) (*oci.Container, error) {
if ctrID == "" {
return nil, fmt.Errorf("container ID should not be empty")
}

containerID, err := m.ctrIDIndex.Get(ctrID)
if err != nil {
return nil, fmt.Errorf("container with ID starting with %s not found: %v", ctrID, err)
}

c := m.state.containers.Get(containerID)
if c == nil {
return nil, fmt.Errorf("specified container not found: %s", containerID)
}
return c, nil
}
91 changes: 41 additions & 50 deletions server/container_create.go → manager/container_create.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package server
package manager

import (
"encoding/json"
Expand All @@ -11,13 +11,12 @@ import (

"github.com/Sirupsen/logrus"
"github.com/docker/docker/pkg/stringid"
"github.com/kubernetes-incubator/cri-o/manager/apparmor"
"github.com/kubernetes-incubator/cri-o/manager/seccomp"
"github.com/kubernetes-incubator/cri-o/oci"
"github.com/kubernetes-incubator/cri-o/server/apparmor"
"github.com/kubernetes-incubator/cri-o/server/seccomp"
"github.com/kubernetes-incubator/cri-o/utils"
"github.com/opencontainers/runc/libcontainer/label"
"github.com/opencontainers/runtime-tools/generate"
"golang.org/x/net/context"
pb "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
)

Expand All @@ -28,45 +27,42 @@ const (
)

// CreateContainer creates a new container in specified PodSandbox
func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerRequest) (res *pb.CreateContainerResponse, err error) {
logrus.Debugf("CreateContainerRequest %+v", req)
sbID := req.GetPodSandboxId()
func (m *Manager) CreateContainer(sbID string, containerConfig *pb.ContainerConfig, sandboxConfig *pb.PodSandboxConfig) (string, error) {
if sbID == "" {
return nil, fmt.Errorf("PodSandboxId should not be empty")
return "", fmt.Errorf("PodSandboxId should not be empty")
}

sandboxID, err := s.podIDIndex.Get(sbID)
sandboxID, err := m.podIDIndex.Get(sbID)
if err != nil {
return nil, fmt.Errorf("PodSandbox with ID starting with %s not found: %v", sbID, err)
return "", fmt.Errorf("PodSandbox with ID starting with %s not found: %v", sbID, err)
}

sb := s.getSandbox(sandboxID)
sb := m.getSandbox(sandboxID)
if sb == nil {
return nil, fmt.Errorf("specified sandbox not found: %s", sandboxID)
return "", fmt.Errorf("specified sandbox not found: %s", sandboxID)
}

// The config of the container
containerConfig := req.GetConfig()
if containerConfig == nil {
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig is nil")
return "", fmt.Errorf("CreateContainerRequest.ContainerConfig is nil")
}

name := containerConfig.GetMetadata().GetName()
if name == "" {
return nil, fmt.Errorf("CreateContainerRequest.ContainerConfig.Name is empty")
return "", fmt.Errorf("CreateContainerRequest.ContainerConfig.Name is empty")
}

attempt := containerConfig.GetMetadata().GetAttempt()
containerID, containerName, err := s.generateContainerIDandName(sb.name, name, attempt)
containerID, containerName, err := m.generateContainerIDandName(sb.name, name, attempt)
if err != nil {
return nil, err
return "", err
}

// containerDir is the dir for the container bundle.
containerDir := filepath.Join(s.runtime.ContainerDir(), containerID)
containerDir := filepath.Join(m.runtime.ContainerDir(), containerID)
defer func() {
if err != nil {
s.releaseContainerName(containerName)
m.releaseContainerName(containerName)
err1 := os.RemoveAll(containerDir)
if err1 != nil {
logrus.Warnf("Failed to cleanup container directory: %v", err1)
Expand All @@ -75,42 +71,37 @@ func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerReq
}()

if _, err = os.Stat(containerDir); err == nil {
return nil, fmt.Errorf("container (%s) already exists", containerDir)
return "", fmt.Errorf("container (%s) already exists", containerDir)
}

if err = os.MkdirAll(containerDir, 0755); err != nil {
return nil, err
return "", err
}

container, err := s.createSandboxContainer(containerID, containerName, sb, containerDir, containerConfig)
container, err := m.createSandboxContainer(containerID, containerName, sb, containerDir, containerConfig)
if err != nil {
return nil, err
return "", err
}

if err = s.runtime.CreateContainer(container); err != nil {
return nil, err
if err = m.runtime.CreateContainer(container); err != nil {
return "", err
}

if err = s.runtime.UpdateStatus(container); err != nil {
return nil, err
if err = m.runtime.UpdateStatus(container); err != nil {
return "", err
}

s.addContainer(container)

if err = s.ctrIDIndex.Add(containerID); err != nil {
s.removeContainer(container)
return nil, err
}
m.addContainer(container)

resp := &pb.CreateContainerResponse{
ContainerId: &containerID,
if err = m.ctrIDIndex.Add(containerID); err != nil {
m.removeContainer(container)
return "", err
}

logrus.Debugf("CreateContainerResponse: %+v", resp)
return resp, nil
return containerID, nil
}

func (s *Server) createSandboxContainer(containerID string, containerName string, sb *sandbox, containerDir string, containerConfig *pb.ContainerConfig) (*oci.Container, error) {
func (m *Manager) createSandboxContainer(containerID string, containerName string, sb *sandbox, containerDir string, containerConfig *pb.ContainerConfig) (*oci.Container, error) {
if sb == nil {
return nil, errors.New("createSandboxContainer needs a sandbox")
}
Expand Down Expand Up @@ -195,11 +186,11 @@ func (s *Server) createSandboxContainer(containerID string, containerName string
}

// set this container's apparmor profile if it is set by sandbox
if s.appArmorEnabled {
appArmorProfileName := s.getAppArmorProfileName(sb.annotations, metadata.GetName())
if m.appArmorEnabled {
appArmorProfileName := m.getAppArmorProfileName(sb.annotations, metadata.GetName())
if appArmorProfileName != "" {
// reload default apparmor profile if it is unloaded.
if s.appArmorProfile == apparmor.DefaultApparmorProfile {
if m.appArmorProfile == apparmor.DefaultApparmorProfile {
if err := apparmor.EnsureDefaultApparmorProfile(); err != nil {
return nil, err
}
Expand Down Expand Up @@ -286,7 +277,7 @@ func (s *Server) createSandboxContainer(containerID string, containerName string
}
}
// Join the namespace paths for the pod sandbox container.
podInfraState := s.runtime.ContainerStatus(sb.infraContainer)
podInfraState := m.runtime.ContainerStatus(sb.infraContainer)

logrus.Debugf("pod container state %+v", podInfraState)

Expand Down Expand Up @@ -345,7 +336,7 @@ func (s *Server) createSandboxContainer(containerID string, containerName string
}
specgen.AddAnnotation("ocid/annotations", string(annotationsJSON))

if err = s.setupSeccomp(&specgen, containerName, sb.annotations); err != nil {
if err = m.setupSeccomp(&specgen, containerName, sb.annotations); err != nil {
return nil, err
}

Expand All @@ -367,7 +358,7 @@ func (s *Server) createSandboxContainer(containerID string, containerName string
return container, nil
}

func (s *Server) setupSeccomp(specgen *generate.Generator, cname string, sbAnnotations map[string]string) error {
func (m *Manager) setupSeccomp(specgen *generate.Generator, cname string, sbAnnotations map[string]string) error {
profile, ok := sbAnnotations["security.alpha.kubernetes.io/seccomp/container/"+cname]
if !ok {
profile, ok = sbAnnotations["security.alpha.kubernetes.io/seccomp/pod"]
Expand All @@ -376,7 +367,7 @@ func (s *Server) setupSeccomp(specgen *generate.Generator, cname string, sbAnnot
profile = seccompUnconfined
}
}
if !s.seccompEnabled {
if !m.seccompEnabled {
if profile != seccompUnconfined {
return fmt.Errorf("seccomp is not enabled in your kernel, cannot run with a profile")
}
Expand All @@ -388,7 +379,7 @@ func (s *Server) setupSeccomp(specgen *generate.Generator, cname string, sbAnnot
return nil
}
if profile == seccompRuntimeDefault {
return seccomp.LoadProfileFromStruct(s.seccompProfile, specgen)
return seccomp.LoadProfileFromStruct(m.seccompProfile, specgen)
}
if !strings.HasPrefix(profile, seccompLocalhostPrefix) {
return fmt.Errorf("unknown seccomp profile option: %q", profile)
Expand All @@ -402,7 +393,7 @@ func (s *Server) setupSeccomp(specgen *generate.Generator, cname string, sbAnnot
return nil
}

func (s *Server) generateContainerIDandName(podName string, name string, attempt uint32) (string, string, error) {
func (m *Manager) generateContainerIDandName(podName string, name string, attempt uint32) (string, string, error) {
var (
err error
id = stringid.GenerateNonCryptoID()
Expand All @@ -411,14 +402,14 @@ func (s *Server) generateContainerIDandName(podName string, name string, attempt
if name == "infra" {
nameStr = fmt.Sprintf("%s-%s", podName, name)
}
if name, err = s.reserveContainerName(id, nameStr); err != nil {
if name, err = m.reserveContainerName(id, nameStr); err != nil {
return "", "", err
}
return id, name, err
}

// getAppArmorProfileName gets the profile name for the given container.
func (s *Server) getAppArmorProfileName(annotations map[string]string, ctrName string) string {
func (m *Manager) getAppArmorProfileName(annotations map[string]string, ctrName string) string {
profile := apparmor.GetProfileNameFromPodAnnotations(annotations, ctrName)

if profile == "" {
Expand All @@ -427,7 +418,7 @@ func (s *Server) getAppArmorProfileName(annotations map[string]string, ctrName s

if profile == apparmor.ProfileRuntimeDefault {
// If the value is runtime/default, then return default profile.
return s.appArmorProfile
return m.appArmorProfile
}

return strings.TrimPrefix(profile, apparmor.ProfileNamePrefix)
Expand Down
35 changes: 35 additions & 0 deletions manager/container_execsync.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
package manager

import (
"fmt"

"github.com/kubernetes-incubator/cri-o/oci"
)

// ExecSync runs a command in a container synchronously.
func (m *Manager) ExecSync(ctrID string, cmd []string, timeout int64) (*oci.ExecSyncResponse, error) {
c, err := m.getContainerWithPartialID(ctrID)
if err != nil {
return nil, err
}

if err = m.runtime.UpdateStatus(c); err != nil {
return nil, err
}

cState := m.runtime.ContainerStatus(c)
if !(cState.Status == oci.ContainerStateRunning || cState.Status == oci.ContainerStateCreated) {
return nil, fmt.Errorf("container is not created or running")
}

if cmd == nil {
return nil, fmt.Errorf("exec command cannot be empty")
}

execResp, err := m.runtime.ExecSync(c, cmd, timeout)
if err != nil {
return nil, err
}

return execResp, nil
}
Loading