containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/pkg/domain/infra/abi/system.go

410 lines
11 KiB
Go
Raw Blame History

package abi
import (
"context"
"fmt"
"io/ioutil"
"os"
"os/exec"
"path/filepath"
"strconv"
"syscall"
"github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/util"
iopodman "github.com/containers/libpod/pkg/varlink"
iopodmanAPI "github.com/containers/libpod/pkg/varlinkapi"
"github.com/containers/libpod/utils"
"github.com/containers/libpod/version"
"github.com/docker/distribution/reference"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
"github.com/varlink/go/varlink"
)
func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
return ic.Libpod.Info()
}
func (ic *ContainerEngine) VarlinkService(_ context.Context, opts entities.ServiceOptions) error {
var varlinkInterfaces = []*iopodman.VarlinkInterface{
iopodmanAPI.New(opts.Command, ic.Libpod),
}
service, err := varlink.NewService(
"Atomic",
"podman",
version.Version,
"https://github.com/containers/libpod",
)
if err != nil {
return errors.Wrapf(err, "unable to create new varlink service")
}
for _, i := range varlinkInterfaces {
if err := service.RegisterInterface(i); err != nil {
return errors.Errorf("unable to register varlink interface %v", i)
}
}
// Run the varlink server at the given address
if err = service.Listen(opts.URI, opts.Timeout); err != nil {
switch err.(type) {
case varlink.ServiceTimeoutError:
logrus.Infof("varlink service expired (use --timeout to increase session time beyond %s ms, 0 means never timeout)", opts.Timeout.String())
return nil
default:
return errors.Wrapf(err, "unable to start varlink service")
}
}
return nil
}
func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error {
// do it only after podman has already re-execed and running with uid==0.
if os.Geteuid() == 0 {
ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
if err != nil {
logrus.Warnf("Failed to detect the owner for the current cgroup: %v", err)
}
if !ownsCgroup {
conf, err := ic.Config(context.Background())
if err != nil {
return err
}
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {
if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
logrus.Warnf("Failed to add podman to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err)
}
}
}
return nil
}
pausePidPath, err := util.GetRootlessPauseProcessPidPath()
if err != nil {
return errors.Wrapf(err, "could not get pause process pid file path")
}
became, ret, err := rootless.TryJoinPauseProcess(pausePidPath)
if err != nil {
return err
}
if became {
os.Exit(ret)
}
// if there is no pid file, try to join existing containers, and create a pause process.
ctrs, err := ic.Libpod.GetRunningContainers()
if err != nil {
logrus.Error(err.Error())
os.Exit(1)
}
paths := []string{}
for _, ctr := range ctrs {
paths = append(paths, ctr.Config().ConmonPidFile)
}
became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, true, paths)
if err := movePauseProcessToScope(); err != nil {
conf, err := ic.Config(context.Background())
if err != nil {
return err
}
if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err)
}
}
if err != nil {
logrus.Error(err)
os.Exit(1)
}
if became {
os.Exit(ret)
}
return nil
}
func movePauseProcessToScope() error {
pausePidPath, err := util.GetRootlessPauseProcessPidPath()
if err != nil {
return errors.Wrapf(err, "could not get pause process pid file path")
}
data, err := ioutil.ReadFile(pausePidPath)
if err != nil {
return errors.Wrapf(err, "cannot read pause pid file")
}
pid, err := strconv.ParseUint(string(data), 10, 0)
if err != nil {
return errors.Wrapf(err, "cannot parse pid file %s", pausePidPath)
}
return utils.RunUnderSystemdScope(int(pid), "user.slice", "podman-pause.scope")
}
func setRLimits() error { // nolint:deadcode,unused
rlimits := new(syscall.Rlimit)
rlimits.Cur = 1048576
rlimits.Max = 1048576
if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
return errors.Wrapf(err, "error getting rlimits")
}
rlimits.Cur = rlimits.Max
if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
return errors.Wrapf(err, "error setting new rlimits")
}
}
return nil
}
func setUMask() { // nolint:deadcode,unused
// Be sure we can create directories with 0755 mode.
syscall.Umask(0022)
}
// checkInput can be used to verify any of the globalopt values
func checkInput() error { // nolint:deadcode,unused
return nil
}
// SystemPrune removes unsed data from the system. Pruning pods, containers, volumes and images.
func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.SystemPruneOptions) (*entities.SystemPruneReport, error) {
var systemPruneReport = new(entities.SystemPruneReport)
podPruneReport, err := ic.prunePodHelper(ctx)
if err != nil {
return nil, err
}
systemPruneReport.PodPruneReport = podPruneReport
containerPruneReport, err := ic.pruneContainersHelper(ctx, nil)
if err != nil {
return nil, err
}
systemPruneReport.ContainerPruneReport = containerPruneReport
results, err := ic.Libpod.ImageRuntime().PruneImages(ctx, options.All, nil)
if err != nil {
return nil, err
}
report := entities.ImagePruneReport{
Report: entities.Report{
Id: results,
Err: nil,
},
}
systemPruneReport.ImagePruneReport = &report
if options.Volume {
volumePruneReport, err := ic.pruneVolumesHelper(ctx)
if err != nil {
return nil, err
}
systemPruneReport.VolumePruneReport = volumePruneReport
}
return systemPruneReport, nil
}
func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.SystemDfOptions) (*entities.SystemDfReport, error) {
var (
dfImages []*entities.SystemDfImageReport
dfContainers []*entities.SystemDfContainerReport
dfVolumes []*entities.SystemDfVolumeReport
runningContainers []string
)
// Get Images and iterate them
imgs, err := ic.Libpod.ImageRuntime().GetImages()
if err != nil {
return nil, err
}
for _, i := range imgs {
var sharedSize uint64
cons, err := i.Containers()
if err != nil {
return nil, err
}
imageSize, err := i.Size(ctx)
if err != nil {
return nil, err
}
uniqueSize := *imageSize
parent, err := i.GetParent(ctx)
if err != nil {
return nil, err
}
if parent != nil {
parentSize, err := parent.Size(ctx)
if err != nil {
return nil, err
}
uniqueSize = *parentSize - *imageSize
sharedSize = *imageSize - uniqueSize
}
var name, repository, tag string
for _, n := range i.Names() {
if len(n) > 0 {
name = n
break
}
}
named, err := reference.ParseNormalizedNamed(name)
if err != nil {
return nil, err
}
repository = named.Name()
if tagged, isTagged := named.(reference.NamedTagged); isTagged {
tag = tagged.Tag()
}
report := entities.SystemDfImageReport{
Repository: repository,
Tag: tag,
ImageID: i.ID(),
Created: i.Created(),
Size: int64(*imageSize),
SharedSize: int64(sharedSize),
UniqueSize: int64(uniqueSize),
Containers: len(cons),
}
dfImages = append(dfImages, &report)
}
// GetContainers and iterate them
cons, err := ic.Libpod.GetAllContainers()
if err != nil {
return nil, err
}
for _, c := range cons {
iid, _ := c.Image()
conSize, err := c.RootFsSize()
if err != nil {
return nil, err
}
state, err := c.State()
if err != nil {
return nil, err
}
rwsize, err := c.RWSize()
if err != nil {
return nil, err
}
report := entities.SystemDfContainerReport{
ContainerID: c.ID(),
Image: iid,
Command: c.Command(),
LocalVolumes: len(c.UserVolumes()),
RWSize: rwsize,
Size: conSize,
Created: c.CreatedTime(),
Status: state.String(),
Names: c.Name(),
}
dfContainers = append(dfContainers, &report)
}
// Get volumes and iterate them
vols, err := ic.Libpod.GetAllVolumes()
if err != nil {
return nil, err
}
running, err := ic.Libpod.GetRunningContainers()
if err != nil {
return nil, err
}
for _, c := range running {
runningContainers = append(runningContainers, c.ID())
}
for _, v := range vols {
var consInUse int
volSize, err := sizeOfPath(v.MountPoint())
if err != nil {
return nil, err
}
inUse, err := v.VolumesInUse()
if err != nil {
return nil, err
}
for _, viu := range inUse {
if util.StringInSlice(viu, runningContainers) {
consInUse += 1
}
}
report := entities.SystemDfVolumeReport{
VolumeName: v.Name(),
Links: consInUse,
Size: volSize,
}
dfVolumes = append(dfVolumes, &report)
}
return &entities.SystemDfReport{
Images: dfImages,
Containers: dfContainers,
Volumes: dfVolumes,
}, nil
}
// sizeOfPath determines the file usage of a given path. it was called volumeSize in v1
// and now is made to be generic and take a path instead of a libpod volume
func sizeOfPath(path string) (int64, error) {
var size int64
err := filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
if err == nil && !info.IsDir() {
size += info.Size()
}
return err
})
return size, err
}
func (se *SystemEngine) Reset(ctx context.Context, options entities.SystemResetOptions) error {
return se.Libpod.Reset(ctx)
}
func (se *SystemEngine) Renumber(ctx context.Context, flags *pflag.FlagSet, config *entities.PodmanConfig) error {
return nil
}
func (s SystemEngine) Migrate(ctx context.Context, flags *pflag.FlagSet, config *entities.PodmanConfig, options entities.SystemMigrateOptions) error {
return nil
}
func (s SystemEngine) Shutdown(ctx context.Context) {
if err := s.Libpod.Shutdown(false); err != nil {
logrus.Error(err)
}
}
func unshareEnv(graphroot, runroot string) []string {
return append(os.Environ(), "_CONTAINERS_USERNS_CONFIGURED=done",
fmt.Sprintf("CONTAINERS_GRAPHROOT=%s", graphroot),
fmt.Sprintf("CONTAINERS_RUNROOT=%s", runroot))
}
func (ic *ContainerEngine) Unshare(ctx context.Context, args []string) error {
cmd := exec.Command(args[0], args[1:]...)
cmd.Env = unshareEnv(ic.Libpod.StorageConfig().GraphRoot, ic.Libpod.StorageConfig().RunRoot)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
return cmd.Run()
}
Reference in New Issue View Git Blame Copy Permalink