diff --git a/go.mod b/go.mod index e654596fca9..e8d229abd4e 100644 --- a/go.mod +++ b/go.mod @@ -33,7 +33,6 @@ require ( github.com/google/renameio v1.0.0 github.com/google/uuid v1.2.0 github.com/grpc-ecosystem/go-grpc-middleware v1.2.2 - github.com/hpcloud/tail v1.0.0 github.com/json-iterator/go v1.1.10 github.com/onsi/ginkgo v1.15.2 github.com/onsi/gomega v1.11.0 diff --git a/internal/lib/container.go b/internal/lib/container.go index 0d7316d231e..c4d44dcd2ff 100644 --- a/internal/lib/container.go +++ b/internal/lib/container.go @@ -4,87 +4,9 @@ import ( "fmt" "github.com/containers/podman/v3/pkg/registrar" - cstorage "github.com/containers/storage" - "github.com/cri-o/cri-o/internal/lib/sandbox" "github.com/cri-o/cri-o/internal/oci" - "github.com/pkg/errors" ) -// GetStorageContainer searches for a container with the given name or ID in the given store -func (c *ContainerServer) GetStorageContainer(container string) (*cstorage.Container, error) { - ociCtr, err := c.LookupContainer(container) - if err != nil { - return nil, err - } - return c.store.Container(ociCtr.ID()) -} - -// GetContainerTopLayerID gets the ID of the top layer of the given container -func (c *ContainerServer) GetContainerTopLayerID(containerID string) (string, error) { - ctr, err := c.GetStorageContainer(containerID) - if err != nil { - return "", err - } - return ctr.LayerID, nil -} - -// GetContainerRwSize Gets the size of the mutable top layer of the container -func (c *ContainerServer) GetContainerRwSize(containerID string) (int64, error) { - container, err := c.store.Container(containerID) - if err != nil { - return 0, err - } - - // Get the size of the top layer by calculating the size of the diff - // between the layer and its parent. The top layer of a container is - // the only RW layer, all others are immutable - layer, err := c.store.Layer(container.LayerID) - if err != nil { - return 0, err - } - return c.store.DiffSize(layer.Parent, layer.ID) -} - -// GetContainerRootFsSize gets the size of the container's root filesystem -// A container FS is split into two parts. The first is the top layer, a -// mutable layer, and the rest is the RootFS: the set of immutable layers -// that make up the image on which the container is based -func (c *ContainerServer) GetContainerRootFsSize(containerID string) (int64, error) { - container, err := c.store.Container(containerID) - if err != nil { - return 0, err - } - - // Ignore the size of the top layer. The top layer is a mutable RW layer - // and is not considered a part of the rootfs - rwLayer, err := c.store.Layer(container.LayerID) - if err != nil { - return 0, err - } - layer, err := c.store.Layer(rwLayer.Parent) - if err != nil { - return 0, err - } - - size := int64(0) - for layer.Parent != "" { - layerSize, err := c.store.DiffSize(layer.Parent, layer.ID) - if err != nil { - return 0, errors.Wrapf(err, "getting diffsize of layer %q and its parent %q", layer.ID, layer.Parent) - } - size += layerSize - layer, err = c.store.Layer(layer.Parent) - if err != nil { - return 0, err - } - } - // Get the size of the last layer. Has to be outside of the loop - // because the parent of the last layer is "", andlstore.Get("") - // will return an error - layerSize, err := c.store.DiffSize(layer.Parent, layer.ID) - return size + layerSize, err -} - // GetContainerFromShortID gets an oci container matching the specified full or partial id func (c *ContainerServer) GetContainerFromShortID(cid string) (*oci.Container, error) { if cid == "" { @@ -108,23 +30,6 @@ func (c *ContainerServer) GetContainerFromShortID(cid string) (*oci.Container, e return ctr, nil } -func (c *ContainerServer) getSandboxFromRequest(pid string) (*sandbox.Sandbox, error) { - if pid == "" { - return nil, fmt.Errorf("pod ID should not be empty") - } - - podID, err := c.podIDIndex.Get(pid) - if err != nil { - return nil, fmt.Errorf("pod with ID starting with %s not found: %v", pid, err) - } - - sb := c.GetSandbox(podID) - if sb == nil { - return nil, fmt.Errorf("specified pod not found: %s", podID) - } - return sb, nil -} - // LookupContainer returns the container with the given name or full or partial id func (c *ContainerServer) LookupContainer(idOrName string) (*oci.Container, error) { if idOrName == "" { @@ -142,21 +47,3 @@ func (c *ContainerServer) LookupContainer(idOrName string) (*oci.Container, erro return c.GetContainerFromShortID(ctrID) } - -// LookupSandbox returns the pod sandbox with the given name or full or partial id -func (c *ContainerServer) LookupSandbox(idOrName string) (*sandbox.Sandbox, error) { - if idOrName == "" { - return nil, fmt.Errorf("container ID or name should not be empty") - } - - podID, err := c.podNameIndex.Get(idOrName) - if err != nil { - if err == registrar.ErrNameNotReserved { - podID = idOrName - } else { - return nil, err - } - } - - return c.getSandboxFromRequest(podID) -} diff --git a/internal/lib/container_server.go b/internal/lib/container_server.go index f4f6bbc838d..11988d2dcf4 100644 --- a/internal/lib/container_server.go +++ b/internal/lib/container_server.go @@ -19,6 +19,7 @@ import ( "github.com/cri-o/cri-o/internal/storage" crioann "github.com/cri-o/cri-o/pkg/annotations" libconfig "github.com/cri-o/cri-o/pkg/config" + "github.com/cri-o/cri-o/server/cri/types" json "github.com/json-iterator/go" rspec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" @@ -63,21 +64,11 @@ func (c *ContainerServer) StorageImageServer() storage.ImageServer { return c.storageImageServer } -// CtrNameIndex returns the Registrar for the ContainerServer -func (c *ContainerServer) CtrNameIndex() *registrar.Registrar { - return c.ctrNameIndex -} - // CtrIDIndex returns the TruncIndex for the ContainerServer func (c *ContainerServer) CtrIDIndex() *truncindex.TruncIndex { return c.ctrIDIndex } -// PodNameIndex returns the index of pod names -func (c *ContainerServer) PodNameIndex() *registrar.Registrar { - return c.podNameIndex -} - // PodIDIndex returns the index of pod IDs func (c *ContainerServer) PodIDIndex() *truncindex.TruncIndex { return c.podIDIndex @@ -189,7 +180,7 @@ func (c *ContainerServer) LoadSandbox(ctx context.Context, id string) (retErr er privileged := isTrue(m.Annotations[annotations.PrivilegedRuntime]) hostNetwork := isTrue(m.Annotations[annotations.HostNetwork]) - nsOpts := sandbox.NamespaceOption{} + nsOpts := types.NamespaceOption{} if err := json.Unmarshal([]byte(m.Annotations[annotations.NamespaceOptions]), &nsOpts); err != nil { return errors.Wrapf(err, "error unmarshalling %s annotation", annotations.NamespaceOptions) } diff --git a/internal/lib/container_server_test.go b/internal/lib/container_server_test.go index 8a05056ade3..02c3ef7f2cd 100644 --- a/internal/lib/container_server_test.go +++ b/internal/lib/container_server_test.go @@ -103,15 +103,6 @@ var _ = t.Describe("ContainerServer", func() { Expect(res).NotTo(BeNil()) }) - It("should succeed to get the CtrNameIndex", func() { - // Given - // When - res := sut.CtrNameIndex() - - // Then - Expect(res).NotTo(BeNil()) - }) - It("should succeed to get the CtrIDIndex", func() { // Given // When @@ -121,15 +112,6 @@ var _ = t.Describe("ContainerServer", func() { Expect(res).NotTo(BeNil()) }) - It("should succeed to get the PodNameIndex", func() { - // Given - // When - res := sut.PodNameIndex() - - // Then - Expect(res).NotTo(BeNil()) - }) - It("should succeed to get the PodIDIndex", func() { // Given // When diff --git a/internal/lib/container_test.go b/internal/lib/container_test.go index 166a504176d..3355c286d7e 100644 --- a/internal/lib/container_test.go +++ b/internal/lib/container_test.go @@ -1,8 +1,6 @@ package lib_test import ( - cstorage "github.com/containers/storage" - "github.com/golang/mock/gomock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -12,56 +10,6 @@ var _ = t.Describe("ContainerServer", func() { // Prepare the sut BeforeEach(beforeEach) - t.Describe("LookupSandbox", func() { - It("should succeed", func() { - // Given - addContainerAndSandbox() - - // When - sandbox, err := sut.LookupSandbox(sandboxID) - - // Then - Expect(err).To(BeNil()) - Expect(sandbox).NotTo(BeNil()) - }) - - It("should fail with empty ID", func() { - // Given - - // When - sandbox, err := sut.LookupSandbox("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(sandbox).To(BeNil()) - }) - - It("should fail when sandbox not within podIDIndex", func() { - // Given - Expect(sut.PodNameIndex().Reserve(sandboxID, sandboxID)).To(BeNil()) - - // When - sandbox, err := sut.LookupSandbox(sandboxID) - - // Then - Expect(err).NotTo(BeNil()) - Expect(sandbox).To(BeNil()) - }) - - It("should fail when sandbox not available", func() { - // Given - Expect(sut.PodNameIndex().Reserve(sandboxID, sandboxID)).To(BeNil()) - Expect(sut.PodIDIndex().Add(sandboxID)).To(BeNil()) - - // When - sandbox, err := sut.LookupSandbox(sandboxID) - - // Then - Expect(err).NotTo(BeNil()) - Expect(sandbox).To(BeNil()) - }) - }) - t.Describe("LookupContainer", func() { It("should succeed", func() { // Given @@ -137,245 +85,4 @@ var _ = t.Describe("ContainerServer", func() { Expect(container).To(BeNil()) }) }) - - t.Describe("GetContainerRootFsSize", func() { - It("should succeed", func() { - // Given - layerSize := int64(10) - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{Parent: "parent"}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(layerSize, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(layerSize, nil), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).To(BeNil()) - Expect(size).To(BeEquivalentTo(2 * layerSize)) - }) - - It("should fail when diffsize of parent fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{Parent: "parent"}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(int64(0), t.TestError), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail when layer retrieval of parent fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{Parent: "parent"}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(int64(0), nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail when container retrieval fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail when top layer retrieval fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail when second layer retrieval fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRootFsSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - }) - - t.Describe("GetContainerRootFsSize", func() { - It("should succeed", func() { - // Given - layerSize := int64(10) - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(layerSize, nil), - ) - - // When - size, err := sut.GetContainerRwSize("") - - // Then - Expect(err).To(BeNil()) - Expect(size).To(BeEquivalentTo(layerSize)) - }) - - It("should fail if container retrieval fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRwSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail if layer retrieval fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - size, err := sut.GetContainerRwSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - - It("should fail if diffsize fails", func() { - // Given - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{}, nil), - storeMock.EXPECT().Layer(gomock.Any()). - Return(&cstorage.Layer{}, nil), - storeMock.EXPECT().DiffSize(gomock.Any(), gomock.Any()). - Return(int64(0), t.TestError), - ) - - // When - size, err := sut.GetContainerRwSize("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(size).To(BeEquivalentTo(0)) - }) - }) - - t.Describe("GetContainerTopLayerID", func() { - It("should succeed", func() { - // Given - addContainerAndSandbox() - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(&cstorage.Container{LayerID: containerID}, nil), - ) - - // When - layerID, err := sut.GetContainerTopLayerID(containerID) - - // Then - Expect(err).To(BeNil()) - Expect(layerID).To(Equal(containerID)) - }) - - It("should fail when container retrieval fails", func() { - // Given - addContainerAndSandbox() - gomock.InOrder( - storeMock.EXPECT().Container(gomock.Any()). - Return(nil, t.TestError), - ) - - // When - layerID, err := sut.GetContainerTopLayerID(containerID) - - // Then - Expect(err).NotTo(BeNil()) - Expect(layerID).To(BeEmpty()) - }) - - It("should fail on invalid container ID", func() { - // Given - - // When - layerID, err := sut.GetContainerTopLayerID("") - - // Then - Expect(err).NotTo(BeNil()) - Expect(layerID).To(BeEmpty()) - }) - }) }) diff --git a/internal/lib/kill.go b/internal/lib/kill.go deleted file mode 100644 index 60df4ada964..00000000000 --- a/internal/lib/kill.go +++ /dev/null @@ -1,36 +0,0 @@ -package lib - -import ( - "context" - "syscall" - - "github.com/cri-o/cri-o/internal/oci" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" -) - -// ContainerKill sends the user provided signal to the containers primary process. -func (c *ContainerServer) ContainerKill(ctx context.Context, container string, killSignal syscall.Signal) (string, error) { - ctr, err := c.LookupContainer(container) - if err != nil { - return "", errors.Wrapf(err, "failed to find container %s", container) - } - if err := c.runtime.UpdateContainerStatus(ctx, ctr); err != nil { - logrus.Warnf("unable to update containers %s status: %v", ctr.ID(), err) - } - cStatus := ctr.State() - - // If the container is not running, error and move on. - if cStatus.Status != oci.ContainerStateRunning { - return "", errors.Errorf("cannot kill container %s: it is not running", container) - } - - if err := c.runtime.SignalContainer(ctx, ctr, killSignal); err != nil { - return "", err - } - - if err := c.ContainerStateToDisk(ctx, ctr); err != nil { - logrus.Warnf("unable to write containers %s state to disk: %v", ctr.ID(), err) - } - return ctr.ID(), nil -} diff --git a/internal/lib/kill_test.go b/internal/lib/kill_test.go deleted file mode 100644 index 1d4817499ae..00000000000 --- a/internal/lib/kill_test.go +++ /dev/null @@ -1,27 +0,0 @@ -package lib_test - -import ( - "context" - "syscall" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" -) - -// The actual test suite -var _ = t.Describe("ContainerServer", func() { - // Prepare the sut - BeforeEach(beforeEach) - - t.Describe("ContainerKill", func() { - It("should fail when not found", func() { - // Given - // When - res, err := sut.ContainerKill(context.Background(), "", syscall.SIGINT) - - // Then - Expect(err).NotTo(BeNil()) - Expect(res).To(Equal("")) - }) - }) -}) diff --git a/internal/lib/logs.go b/internal/lib/logs.go deleted file mode 100644 index 3bb52c9f2fe..00000000000 --- a/internal/lib/logs.go +++ /dev/null @@ -1,77 +0,0 @@ -package lib - -import ( - "path" - "strings" - "time" - - "github.com/hpcloud/tail" -) - -// LogOptions contains all of the options for displaying logs in podman -type LogOptions struct { - Details bool - Follow bool - SinceTime time.Time - Tail uint64 -} - -// GetLogs gets each line of a log file and, if it matches the criteria in logOptions, sends it down logChan -func (c *ContainerServer) GetLogs(container string, logChan chan string, opts LogOptions) error { - defer close(logChan) - // Get the full ID of the container - ctr, err := c.LookupContainer(container) - if err != nil { - return err - } - - containerID := ctr.ID() - sandbox := ctr.Sandbox() - if sandbox == "" { - sandbox = containerID - } - // Read the log line by line and pass it into the pipe - logsFile := path.Join(c.config.LogDir, sandbox, containerID+".log") - - seekInfo := &tail.SeekInfo{Offset: 0, Whence: 0} - if opts.Tail > 0 { - // seek to correct position in logs files - seekInfo.Offset = int64(opts.Tail) - seekInfo.Whence = 2 - } - - t, err := tail.TailFile(logsFile, tail.Config{Follow: false, ReOpen: false, Location: seekInfo}) - for line := range t.Lines { - if since, err := logSinceTime(opts.SinceTime, line.Text); err != nil || !since { - continue - } - logMessage := line.Text[secondSpaceIndex(line.Text):] - logChan <- logMessage - } - return err -} - -func logSinceTime(sinceTime time.Time, logStr string) (bool, error) { - timestamp := strings.Split(logStr, " ")[0] - logTime, err := time.Parse("2006-01-02T15:04:05.999999999-07:00", timestamp) - if err != nil { - return false, err - } - return logTime.After(sinceTime) || logTime.Equal(sinceTime), nil -} - -// secondSpaceIndex returns the index of the second space in a string -// In a line of the logs, the first two tokens are a timestamp and stdout/stderr, -// followed by the message itself. This allows us to get the index of the message -// and avoid sending the other information back to the caller of GetLogs() -func secondSpaceIndex(line string) int { - index := strings.Index(line, " ") - if index == -1 { - return 0 - } - index = strings.Index(line[index:], " ") - if index == -1 { - return 0 - } - return index -} diff --git a/internal/lib/logs_test.go b/internal/lib/logs_test.go deleted file mode 100644 index 39a5e159cb5..00000000000 --- a/internal/lib/logs_test.go +++ /dev/null @@ -1,73 +0,0 @@ -package lib_test - -import ( - "io/ioutil" - "os" - "path" - "time" - - "github.com/cri-o/cri-o/internal/lib" - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" -) - -// The actual test suite -var _ = t.Describe("ContainerServer", func() { - // Prepare the sut - BeforeEach(beforeEach) - - t.Describe("GetLogs", func() { - It("should succeed", func() { - // Given - c := make(chan string) - e := make(chan error) - - // Prepare the container - addContainerAndSandbox() - - // Prepare the log file - logString := []byte("2007-01-02T15:04:05.0-07:00 Log\n" + - "1996-01-02T15:04:05.0-07:00 Before\n" + - "WRONG_DATE Invalid\n" + - "WRONG\n") - logFile := path.Join(sandboxID, containerID+".log") - Expect(os.MkdirAll(sandboxID, 0o755)).To(BeNil()) - Expect(ioutil.WriteFile(logFile, logString, 0o644)).To(BeNil()) - defer os.RemoveAll(sandboxID) - - // When - go func() { - e <- sut.GetLogs(containerID, c, lib.LogOptions{ - SinceTime: time.Date(2000, 0, 0, 0, 0, 0, 0, time.UTC), - }) - }() - - // Then - Expect(<-c).To(ContainSubstring("Log")) - Expect(<-e).To(BeNil()) - }) - - It("should succeed with seek info", func() { - // Given - c := make(chan string) - addContainerAndSandbox() - - // When - err := sut.GetLogs(containerID, c, lib.LogOptions{Tail: 1}) - - // Then - Expect(<-c).To(BeEmpty()) - Expect(err).To(BeNil()) - }) - - It("should fail on invalid container ID", func() { - // Given - - // When - err := sut.GetLogs("", make(chan string), lib.LogOptions{}) - - // Then - Expect(err).NotTo(BeNil()) - }) - }) -}) diff --git a/internal/lib/pause.go b/internal/lib/pause.go deleted file mode 100644 index 6ce485c4d43..00000000000 --- a/internal/lib/pause.go +++ /dev/null @@ -1,54 +0,0 @@ -package lib - -import ( - "context" - "fmt" - - "github.com/cri-o/cri-o/internal/oci" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" -) - -// ContainerPause pauses a running container. -func (c *ContainerServer) ContainerPause(ctx context.Context, container string) (string, error) { - ctr, err := c.LookupContainer(container) - if err != nil { - return "", errors.Wrapf(err, "failed to find container %s", container) - } - - cStatus := ctr.State() - if cStatus.Status != oci.ContainerStatePaused { - if err := c.runtime.PauseContainer(ctx, ctr); err != nil { - return "", errors.Wrapf(err, "failed to pause container %s", ctr.ID()) - } - if err := c.ContainerStateToDisk(ctx, ctr); err != nil { - logrus.Warnf("unable to write containers %s state to disk: %v", ctr.ID(), err) - } - } else { - return "", fmt.Errorf("container %s is already paused", ctr.ID()) - } - - return ctr.ID(), nil -} - -// ContainerUnpause unpauses a running container with a grace period (i.e., timeout). -func (c *ContainerServer) ContainerUnpause(ctx context.Context, container string) (string, error) { - ctr, err := c.LookupContainer(container) - if err != nil { - return "", errors.Wrapf(err, "failed to find container %s", container) - } - - cStatus := ctr.State() - if cStatus.Status == oci.ContainerStatePaused { - if err := c.runtime.UnpauseContainer(ctx, ctr); err != nil { - return "", errors.Wrapf(err, "failed to unpause container %s", ctr.ID()) - } - if err := c.ContainerStateToDisk(ctx, ctr); err != nil { - logrus.Warnf("unable to write containers %s state to disk: %v", ctr.ID(), err) - } - } else { - return "", fmt.Errorf("the container %s is not paused", ctr.ID()) - } - - return ctr.ID(), nil -} diff --git a/internal/lib/pause_test.go b/internal/lib/pause_test.go deleted file mode 100644 index 7a137ba5ceb..00000000000 --- a/internal/lib/pause_test.go +++ /dev/null @@ -1,39 +0,0 @@ -package lib_test - -import ( - "context" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" -) - -// The actual test suite -var _ = t.Describe("ContainerServer", func() { - // Prepare the sut - BeforeEach(beforeEach) - - t.Describe("ContainerPause", func() { - It("should fail with invalid container ID", func() { - // Given - - // When - res, err := sut.ContainerPause(context.Background(), "") - - // Then - Expect(err).NotTo(BeNil()) - Expect(res).To(Equal("")) - }) - }) - - t.Describe("ContainerUnpause", func() { - It("should fail on invalid container", func() { - // Given - // When - res, err := sut.ContainerUnpause(context.Background(), "") - - // Then - Expect(err).NotTo(BeNil()) - Expect(res).To(BeEmpty()) - }) - }) -}) diff --git a/internal/lib/rename.go b/internal/lib/rename.go deleted file mode 100644 index 3502ff0207b..00000000000 --- a/internal/lib/rename.go +++ /dev/null @@ -1,115 +0,0 @@ -package lib - -import ( - "path/filepath" - - "github.com/containers/podman/v3/pkg/annotations" - "github.com/containers/storage/pkg/ioutils" - "github.com/cri-o/cri-o/internal/lib/sandbox" - "github.com/cri-o/cri-o/internal/oci" - json "github.com/json-iterator/go" - "github.com/opencontainers/runtime-tools/generate" -) - -const configFile = "config.json" - -// ContainerRename renames the given container -func (c *ContainerServer) ContainerRename(container, name string) (retErr error) { - ctr, err := c.LookupContainer(container) - if err != nil { - return err - } - - oldName := ctr.Name() - _, err = c.ReserveContainerName(ctr.ID(), name) - if err != nil { - return err - } - defer func() { - if retErr != nil { - c.ReleaseContainerName(name) - } else { - c.ReleaseContainerName(oldName) - } - }() - - // Update state.json - if err := c.updateStateName(ctr, name); err != nil { - return err - } - - // Update config.json - configRuntimePath := filepath.Join(ctr.BundlePath(), configFile) - if err := updateConfigName(configRuntimePath, name); err != nil { - return err - } - configStoragePath := filepath.Join(ctr.Dir(), configFile) - if err := updateConfigName(configStoragePath, name); err != nil { - return err - } - - // Update containers.json - return c.store.SetNames(ctr.ID(), []string{name}) -} - -func updateConfigName(configPath, name string) error { - specgen, err := generate.NewFromFile(configPath) - if err != nil { - return err - } - specgen.AddAnnotation(annotations.Name, name) - specgen.AddAnnotation(annotations.Metadata, updateMetadata(specgen.Config.Annotations, name)) - - return specgen.SaveToFile(configPath, generate.ExportOptions{}) -} - -func (c *ContainerServer) updateStateName(ctr *oci.Container, name string) error { - if ctr != nil && ctr.State() != nil && ctr.State().Annotations != nil { - ctr.State().Annotations[annotations.Name] = name - ctr.State().Annotations[annotations.Metadata] = updateMetadata(ctr.State().Annotations, name) - } - // This is taken directly from c.ContainerStateToDisk(), which can't be used because of the call to UpdateStatus() in the first line - jsonSource, err := ioutils.NewAtomicFileWriter(ctr.StatePath(), 0o644) - if err != nil { - return err - } - defer jsonSource.Close() - enc := json.NewEncoder(jsonSource) - return enc.Encode(ctr.State()) -} - -// Attempts to update a metadata annotation -func updateMetadata(specAnnotations map[string]string, name string) string { - oldMetadata := specAnnotations[annotations.Metadata] - containerType := specAnnotations[annotations.ContainerType] - switch containerType { - case "container": - metadata := oci.Metadata{} - err := json.Unmarshal([]byte(oldMetadata), &metadata) - if err != nil { - return oldMetadata - } - metadata.Name = name - m, err := json.Marshal(metadata) - if err != nil { - return oldMetadata - } - return string(m) - - case "sandbox": - metadata := sandbox.Metadata{} - err := json.Unmarshal([]byte(oldMetadata), &metadata) - if err != nil { - return oldMetadata - } - metadata.Name = name - m, err := json.Marshal(metadata) - if err != nil { - return oldMetadata - } - return string(m) - - default: - return specAnnotations[annotations.Metadata] - } -} diff --git a/internal/lib/rename_test.go b/internal/lib/rename_test.go deleted file mode 100644 index 1113c9e6a74..00000000000 --- a/internal/lib/rename_test.go +++ /dev/null @@ -1,23 +0,0 @@ -package lib_test - -import ( - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" -) - -// The actual test suite -var _ = t.Describe("ContainerServer", func() { - // Prepare the sut - BeforeEach(beforeEach) - - t.Describe("ContainerRename", func() { - It("should fail on invalid container ID", func() { - // Given - // When - err := sut.ContainerRename("", "") - - // Then - Expect(err).NotTo(BeNil()) - }) - }) -}) diff --git a/internal/lib/sandbox/namespaces.go b/internal/lib/sandbox/namespaces.go index 9385dd788da..1c2f18e237f 100644 --- a/internal/lib/sandbox/namespaces.go +++ b/internal/lib/sandbox/namespaces.go @@ -10,53 +10,6 @@ import ( "github.com/sirupsen/logrus" ) -// A NamespaceMode describes the intended namespace configuration for each -// of the namespaces (Network, PID, IPC) in NamespaceOption. Runtimes should -// map these modes as appropriate for the technology underlying the runtime. -type NamespaceMode int32 - -const ( - // A pod namespace is common to all containers in a pod. - // For example, a container with a pid namespace of pod expects to view - // all of the processes in all of the containers in the pod. - NamespaceModePod NamespaceMode = 0 - - // A container namespace is restricted to a single container. - // For example, a container with a pid namespace of container expects to - // view only the processes in that container. - NamespaceModeContainer NamespaceMode = 1 - - // A node namespace is the namespace of the Kubernetes node. - // For example, a container with a pid namespace of node expects to view - // all of the processes on the host running the kubelet. - NamespaceModeNode NamespaceMode = 2 - - // NamespaceModeTarget targets the namespace of another container. When - // this is specified, a target_id must be specified in NamespaceOption and - // refer to a container previously created with NamespaceModeContainer. - // This containers namespace will be made to match that of container - // target_id. For example, a container with a pid namespace of - // NamespaceModeTarget expects to view all of the processes that container - // target_id can view. - NamespaceModeTarget NamespaceMode = 3 -) - -type NamespaceOption struct { - // Network namespace for this container/sandbox. - Network NamespaceMode `json:"network,omitempty"` - - // PID namespace for this container/sandbox. - Pid NamespaceMode `json:"pid,omitempty"` - - // IPC namespace for this container/sandbox. - Ipc NamespaceMode `json:"ipc,omitempty"` - - // Target Container ID for NamespaceModeTarget. This container must have - // been previously created in the same pod. It is not possible to specify - // different targets for each namespace. - TargetID string `json:"target_id,omitempty"` -} - // ManagedNamespace is a structure that holds all the necessary information a caller would // need for a sandbox managed namespace // Where nsmgr.Namespace does hold similar information, ManagedNamespace exists to allow this library diff --git a/internal/lib/sandbox/sandbox.go b/internal/lib/sandbox/sandbox.go index d1c356467ed..49e1d6dc517 100644 --- a/internal/lib/sandbox/sandbox.go +++ b/internal/lib/sandbox/sandbox.go @@ -10,6 +10,7 @@ import ( "github.com/cri-o/cri-o/internal/config/nsmgr" "github.com/cri-o/cri-o/internal/hostport" "github.com/cri-o/cri-o/internal/oci" + "github.com/cri-o/cri-o/server/cri/types" "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" @@ -55,7 +56,7 @@ type Sandbox struct { annotations map[string]string infraContainer *oci.Container metadata *Metadata - nsOpts *NamespaceOption + nsOpts *types.NamespaceOption stopMutex sync.RWMutex created bool stopped bool @@ -135,12 +136,12 @@ func (s *Sandbox) AddIPs(ips []string) { } // SetNamespaceOptions sets whether the pod is running using host network -func (s *Sandbox) SetNamespaceOptions(nsOpts *NamespaceOption) { +func (s *Sandbox) SetNamespaceOptions(nsOpts *types.NamespaceOption) { s.nsOpts = nsOpts } // NamespaceOptions returns the namespace options for the sandbox -func (s *Sandbox) NamespaceOptions() *NamespaceOption { +func (s *Sandbox) NamespaceOptions() *types.NamespaceOption { return s.nsOpts } @@ -449,5 +450,5 @@ func (s *Sandbox) UnmountShm() error { // If the server manages the namespace lifecycles, and the Pid option on the sandbox // is node or container level, the infra container is not needed func (s *Sandbox) NeedsInfra(serverDropsInfra bool) bool { - return !serverDropsInfra || s.nsOpts.Pid == NamespaceModePod + return !serverDropsInfra || s.nsOpts.Pid == types.NamespaceModePOD } diff --git a/internal/lib/sandbox/sandbox_test.go b/internal/lib/sandbox/sandbox_test.go index a596e5f0611..6d9f885d5f9 100644 --- a/internal/lib/sandbox/sandbox_test.go +++ b/internal/lib/sandbox/sandbox_test.go @@ -6,6 +6,7 @@ import ( "github.com/cri-o/cri-o/internal/hostport" "github.com/cri-o/cri-o/internal/lib/sandbox" "github.com/cri-o/cri-o/internal/oci" + "github.com/cri-o/cri-o/server/cri/types" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -155,7 +156,7 @@ var _ = t.Describe("Sandbox", func() { t.Describe("SetNamespaceOptions", func() { It("should succeed", func() { // Given - newNamespaceOption := &sandbox.NamespaceOption{ + newNamespaceOption := &types.NamespaceOption{ Network: 1, Pid: 2, Ipc: 3, @@ -260,8 +261,8 @@ var _ = t.Describe("Sandbox", func() { It("should not need when managing NS and NS mode NODE", func() { // Given manageNS := true - newNamespaceOption := &sandbox.NamespaceOption{ - Pid: sandbox.NamespaceModeNode, + newNamespaceOption := &types.NamespaceOption{ + Pid: types.NamespaceModeNODE, } // When @@ -274,8 +275,8 @@ var _ = t.Describe("Sandbox", func() { It("should not need when managing NS and NS mode CONTAINER", func() { // Given manageNS := true - newNamespaceOption := &sandbox.NamespaceOption{ - Pid: sandbox.NamespaceModeContainer, + newNamespaceOption := &types.NamespaceOption{ + Pid: types.NamespaceModeCONTAINER, } // When @@ -288,8 +289,8 @@ var _ = t.Describe("Sandbox", func() { It("should need when namespace mode POD", func() { // Given manageNS := false - newNamespaceOption := &sandbox.NamespaceOption{ - Pid: sandbox.NamespaceModePod, + newNamespaceOption := &types.NamespaceOption{ + Pid: types.NamespaceModePOD, } // When @@ -302,8 +303,8 @@ var _ = t.Describe("Sandbox", func() { It("should need when not managing NS", func() { // Given manageNS := true - newNamespaceOption := &sandbox.NamespaceOption{ - Pid: sandbox.NamespaceModeContainer, + newNamespaceOption := &types.NamespaceOption{ + Pid: types.NamespaceModeCONTAINER, } // When diff --git a/internal/lib/wait.go b/internal/lib/wait.go deleted file mode 100644 index 259450eb4ba..00000000000 --- a/internal/lib/wait.go +++ /dev/null @@ -1,44 +0,0 @@ -package lib - -import ( - "context" - - "github.com/cri-o/cri-o/internal/oci" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" - "k8s.io/apimachinery/pkg/util/wait" -) - -func isStopped(ctx context.Context, c *ContainerServer, ctr *oci.Container) bool { - if err := c.runtime.UpdateContainerStatus(ctx, ctr); err != nil { - logrus.Warnf("unable to update containers %s status: %v", ctr.ID(), err) - } - cStatus := ctr.State() - return cStatus.Status == oci.ContainerStateStopped -} - -// ContainerWait stops a running container with a grace period (i.e., timeout). -func (c *ContainerServer) ContainerWait(ctx context.Context, container string) (int32, error) { - ctr, err := c.LookupContainer(container) - if err != nil { - return 0, errors.Wrapf(err, "failed to find container %s", container) - } - - err = wait.PollImmediateInfinite(1, - func() (bool, error) { - return isStopped(ctx, c, ctr), nil - }, - ) - - if err != nil { - return 0, err - } - exitCode := ctr.State().ExitCode - if err := c.ContainerStateToDisk(ctx, ctr); err != nil { - logrus.Warnf("unable to write containers %s state to disk: %v", ctr.ID(), err) - } - if exitCode == nil { - return 0, errors.New("exit code not set") - } - return *exitCode, nil -} diff --git a/internal/lib/wait_test.go b/internal/lib/wait_test.go deleted file mode 100644 index 9941a98a8a3..00000000000 --- a/internal/lib/wait_test.go +++ /dev/null @@ -1,26 +0,0 @@ -package lib_test - -import ( - "context" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" -) - -// The actual test suite -var _ = t.Describe("ContainerServer", func() { - // Prepare the sut - BeforeEach(beforeEach) - - t.Describe("ContainerWait", func() { - It("should fail on invalid container ID", func() { - // Given - // When - res, err := sut.ContainerWait(context.Background(), "") - - // Then - Expect(err).NotTo(BeNil()) - Expect(res).To(BeEquivalentTo(0)) - }) - }) -}) diff --git a/internal/oci/runtime_oci.go b/internal/oci/runtime_oci.go index 8dae67889bb..3ac764b9783 100644 --- a/internal/oci/runtime_oci.go +++ b/internal/oci/runtime_oci.go @@ -1205,59 +1205,6 @@ func prepareProcessExec(c *Container, cmd []string, tty bool) (processFile strin return processFile, nil } -// ReadConmonPidFile attempts to read conmon's pid from its pid file -// This function makes no verification that this file should exist -// it is up to the caller to verify that this container has a conmon -func ReadConmonPidFile(c *Container) (int, error) { - contents, err := ioutil.ReadFile(c.conmonPidFilePath()) - if err != nil { - return -1, err - } - // Convert it to an int - conmonPID, err := strconv.Atoi(string(contents)) - if err != nil { - return -1, err - } - return conmonPID, nil -} - func (c *Container) conmonPidFilePath() string { return filepath.Join(c.bundlePath, "conmon-pidfile") } - -// SpoofOOM is a function that sets a container state as though it OOM'd. It's used in situations -// where another process in the container's cgroup (like conmon) OOM'd when it wasn't supposed to, -// allowing us to report to the kubelet that the container OOM'd instead. -func (r *Runtime) SpoofOOM(c *Container) { - ecBytes := []byte{'1', '3', '7'} - - c.opLock.Lock() - defer c.opLock.Unlock() - - c.state.Status = ContainerStateStopped - c.state.Finished = time.Now() - c.state.ExitCode = utils.Int32Ptr(137) - c.state.OOMKilled = true - - oomFilePath := filepath.Join(c.bundlePath, "oom") - oomFile, err := os.Create(oomFilePath) - if err != nil { - logrus.Debugf("unable to write to oom file path %s: %v", oomFilePath, err) - } - oomFile.Close() - - exitFilePath := filepath.Join(r.config.ContainerExitsDir, c.id) - exitFile, err := os.Create(exitFilePath) - if err != nil { - logrus.Debugf("unable to write exit file path %s: %v", exitFilePath, err) - return - } - if _, err := exitFile.Write(ecBytes); err != nil { - logrus.Debugf("failed to write exit code to file %s: %v", exitFilePath, err) - } - exitFile.Close() -} - -func ConmonPath(r *Runtime) string { - return r.config.Conmon -} diff --git a/pkg/config/config.go b/pkg/config/config.go index 50a8b055293..f53e2cd19ca 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -109,10 +109,6 @@ const ( // DefaultLogSizeMax is the default value for the maximum log size // allowed for a container. Negative values mean that no limit is imposed. DefaultLogSizeMax = -1 - - // DefaultLogToJournald is the default value for whether conmon should - // log to journald in addition to kubernetes log file. - DefaultLogToJournald = false ) const ( @@ -1125,11 +1121,6 @@ func (r *RuntimeHandler) ValidateRuntimeType(name string) error { return nil } -func (c *Config) SetLocations(singleConfigPath, dropInConfigDir string) { - c.singleConfigPath = singleConfigPath - c.dropInConfigDir = dropInConfigDir -} - // CNIPlugin returns the network configuration CNI plugin func (c *NetworkConfig) CNIPlugin() ocicni.CNIPlugin { return c.cniPlugin diff --git a/pkg/config/sysctl.go b/pkg/config/sysctl.go index cfb7a013746..6f7c1a31875 100644 --- a/pkg/config/sysctl.go +++ b/pkg/config/sysctl.go @@ -48,9 +48,6 @@ const ( // NetNamespace is the network namespace NetNamespace = Namespace("net") - - // UnknownNamespace is the zero value if no namespace is known - UnknownNamespace = Namespace("") ) var namespaces = map[string]Namespace{ diff --git a/server/sandbox_run_linux.go b/server/sandbox_run_linux.go index 7e4e5fa060f..d464c76385a 100644 --- a/server/sandbox_run_linux.go +++ b/server/sandbox_run_linux.go @@ -820,15 +820,7 @@ func (s *Server) runPodSandbox(ctx context.Context, req *types.RunPodSandboxRequ makeOCIConfigurationRootless(g) } - namespaceOpts := securityContext.NamespaceOptions - sb.SetNamespaceOptions( - &libsandbox.NamespaceOption{ - Network: libsandbox.NamespaceMode(namespaceOpts.Network), - Pid: libsandbox.NamespaceMode(namespaceOpts.Pid), - Ipc: libsandbox.NamespaceMode(namespaceOpts.Ipc), - TargetID: namespaceOpts.TargetID, - }, - ) + sb.SetNamespaceOptions(securityContext.NamespaceOptions) seccompProfilePath := securityContext.SeccompProfilePath g.AddAnnotation(annotations.SeccompProfilePath, seccompProfilePath) diff --git a/server/server_test_inject.go b/server/server_test_inject.go index 4a1f7145ca2..a05db6bd006 100644 --- a/server/server_test_inject.go +++ b/server/server_test_inject.go @@ -8,11 +8,6 @@ import ( "github.com/cri-o/ocicni/pkg/ocicni" ) -// RuntimeServer returns the runtime server of the stream service -func (s *StreamService) RuntimeServer() *Server { - return s.runtimeServer -} - // SetStorageRuntimeServer sets the runtime server for the ContainerServer func (s *StreamService) SetRuntimeServer(server *Server) { s.runtimeServer = server diff --git a/vendor/modules.txt b/vendor/modules.txt index 1f48f636c9f..141efa4b99e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -555,7 +555,6 @@ github.com/hashicorp/go-multierror github.com/hashicorp/golang-lru github.com/hashicorp/golang-lru/simplelru # github.com/hpcloud/tail v1.0.0 -## explicit github.com/hpcloud/tail github.com/hpcloud/tail/ratelimiter github.com/hpcloud/tail/util