278 lines
6.8 KiB
Go
278 lines
6.8 KiB
Go
// Copyright 2018 The containerd Authors.
|
|
// Copyright 2018 The gVisor Authors.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// https://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package proc
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"io"
|
|
"os"
|
|
"path/filepath"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/containerd/console"
|
|
"github.com/containerd/containerd/errdefs"
|
|
"github.com/containerd/containerd/pkg/stdio"
|
|
"github.com/containerd/fifo"
|
|
runc "github.com/containerd/go-runc"
|
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
|
"golang.org/x/sys/unix"
|
|
|
|
"gvisor.dev/gvisor/pkg/shim/runsc"
|
|
)
|
|
|
|
type execProcess struct {
|
|
wg sync.WaitGroup
|
|
|
|
execState execState
|
|
|
|
mu sync.Mutex
|
|
id string
|
|
console console.Console
|
|
io runc.IO
|
|
status int
|
|
exited time.Time
|
|
pid int
|
|
internalPid int
|
|
closers []io.Closer
|
|
stdin io.Closer
|
|
stdio stdio.Stdio
|
|
path string
|
|
spec specs.Process
|
|
|
|
parent *Init
|
|
waitBlock chan struct{}
|
|
}
|
|
|
|
func (e *execProcess) Wait() {
|
|
<-e.waitBlock
|
|
}
|
|
|
|
func (e *execProcess) ID() string {
|
|
return e.id
|
|
}
|
|
|
|
func (e *execProcess) Pid() int {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
return e.pid
|
|
}
|
|
|
|
func (e *execProcess) ExitStatus() int {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
return e.status
|
|
}
|
|
|
|
func (e *execProcess) ExitedAt() time.Time {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
return e.exited
|
|
}
|
|
|
|
func (e *execProcess) SetExited(status int) {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
|
|
e.execState.SetExited(status)
|
|
}
|
|
|
|
func (e *execProcess) setExited(status int) {
|
|
e.status = status
|
|
e.exited = time.Now()
|
|
e.parent.Platform.ShutdownConsole(context.Background(), e.console)
|
|
close(e.waitBlock)
|
|
}
|
|
|
|
func (e *execProcess) Delete(ctx context.Context) error {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
|
|
return e.execState.Delete(ctx)
|
|
}
|
|
|
|
func (e *execProcess) delete(ctx context.Context) error {
|
|
e.wg.Wait()
|
|
if e.io != nil {
|
|
for _, c := range e.closers {
|
|
c.Close()
|
|
}
|
|
e.io.Close()
|
|
}
|
|
pidfile := filepath.Join(e.path, fmt.Sprintf("%s.pid", e.id))
|
|
// silently ignore error
|
|
os.Remove(pidfile)
|
|
internalPidfile := filepath.Join(e.path, fmt.Sprintf("%s-internal.pid", e.id))
|
|
// silently ignore error
|
|
os.Remove(internalPidfile)
|
|
return nil
|
|
}
|
|
|
|
func (e *execProcess) Resize(ws console.WinSize) error {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
|
|
return e.execState.Resize(ws)
|
|
}
|
|
|
|
func (e *execProcess) resize(ws console.WinSize) error {
|
|
if e.console == nil {
|
|
return nil
|
|
}
|
|
return e.console.Resize(ws)
|
|
}
|
|
|
|
func (e *execProcess) Kill(ctx context.Context, sig uint32, _ bool) error {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
|
|
return e.execState.Kill(ctx, sig, false)
|
|
}
|
|
|
|
func (e *execProcess) kill(ctx context.Context, sig uint32, _ bool) error {
|
|
internalPid := e.internalPid
|
|
if internalPid == 0 {
|
|
return nil
|
|
}
|
|
|
|
opts := runsc.KillOpts{Pid: internalPid}
|
|
if err := e.parent.runtime.Kill(ctx, e.parent.id, int(sig), &opts); err != nil {
|
|
return fmt.Errorf("%s: %w", err.Error(), errdefs.ErrNotFound)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (e *execProcess) Stdin() io.Closer {
|
|
return e.stdin
|
|
}
|
|
|
|
func (e *execProcess) Stdio() stdio.Stdio {
|
|
return e.stdio
|
|
}
|
|
|
|
func (e *execProcess) Start(ctx context.Context) error {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
|
|
return e.execState.Start(ctx)
|
|
}
|
|
|
|
func (e *execProcess) start(ctx context.Context) (err error) {
|
|
var (
|
|
socket *runc.Socket
|
|
pidfile = filepath.Join(e.path, fmt.Sprintf("%s.pid", e.id))
|
|
internalPidfile = filepath.Join(e.path, fmt.Sprintf("%s-internal.pid", e.id))
|
|
)
|
|
if e.stdio.Terminal {
|
|
if socket, err = runc.NewTempConsoleSocket(); err != nil {
|
|
return fmt.Errorf("failed to create runc console socket: %w", err)
|
|
}
|
|
defer socket.Close()
|
|
} else if e.stdio.IsNull() {
|
|
if e.io, err = runc.NewNullIO(); err != nil {
|
|
return fmt.Errorf("creating new NULL IO: %w", err)
|
|
}
|
|
} else {
|
|
if e.io, err = runc.NewPipeIO(e.parent.IoUID, e.parent.IoGID, withConditionalIO(e.stdio)); err != nil {
|
|
return fmt.Errorf("failed to create runc io pipes: %w", err)
|
|
}
|
|
}
|
|
opts := &runsc.ExecOpts{
|
|
PidFile: pidfile,
|
|
InternalPidFile: internalPidfile,
|
|
IO: e.io,
|
|
Detach: true,
|
|
}
|
|
if socket != nil {
|
|
opts.ConsoleSocket = socket
|
|
}
|
|
eventCh := e.parent.Monitor.Subscribe()
|
|
defer func() {
|
|
// Unsubscribe if an error is returned.
|
|
if err != nil {
|
|
e.parent.Monitor.Unsubscribe(eventCh)
|
|
}
|
|
}()
|
|
if err := e.parent.runtime.Exec(ctx, e.parent.id, e.spec, opts); err != nil {
|
|
close(e.waitBlock)
|
|
return e.parent.runtimeError(err, "OCI runtime exec failed")
|
|
}
|
|
if e.stdio.Stdin != "" {
|
|
sc, err := fifo.OpenFifo(context.Background(), e.stdio.Stdin, unix.O_WRONLY|unix.O_NONBLOCK, 0)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to open stdin fifo %s: %w", e.stdio.Stdin, err)
|
|
}
|
|
e.closers = append(e.closers, sc)
|
|
e.stdin = sc
|
|
}
|
|
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
|
|
defer cancel()
|
|
if socket != nil {
|
|
console, err := socket.ReceiveMaster()
|
|
if err != nil {
|
|
return fmt.Errorf("failed to retrieve console master: %w", err)
|
|
}
|
|
if e.console, err = e.parent.Platform.CopyConsole(ctx, console, e.stdio.Stdin, e.stdio.Stdout, e.stdio.Stderr, &e.wg); err != nil {
|
|
return fmt.Errorf("failed to start console copy: %w", err)
|
|
}
|
|
} else if !e.stdio.IsNull() {
|
|
if err := copyPipes(ctx, e.io, e.stdio.Stdin, e.stdio.Stdout, e.stdio.Stderr, &e.wg); err != nil {
|
|
return fmt.Errorf("failed to start io pipe copy: %w", err)
|
|
}
|
|
}
|
|
pid, err := runc.ReadPidFile(opts.PidFile)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to retrieve OCI runtime exec pid: %w", err)
|
|
}
|
|
e.pid = pid
|
|
internalPid, err := runc.ReadPidFile(opts.InternalPidFile)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to retrieve OCI runtime exec internal pid: %w", err)
|
|
}
|
|
e.internalPid = internalPid
|
|
go func() {
|
|
defer e.parent.Monitor.Unsubscribe(eventCh)
|
|
for event := range eventCh {
|
|
if event.Pid == e.pid {
|
|
ExitCh <- Exit{
|
|
Timestamp: event.Timestamp,
|
|
ID: e.id,
|
|
Status: event.Status,
|
|
}
|
|
break
|
|
}
|
|
}
|
|
}()
|
|
return nil
|
|
}
|
|
|
|
func (e *execProcess) Status(ctx context.Context) (string, error) {
|
|
e.mu.Lock()
|
|
defer e.mu.Unlock()
|
|
// if we don't have a pid then the exec process has just been created
|
|
if e.pid == 0 {
|
|
return "created", nil
|
|
}
|
|
// if we have a pid and it can be signaled, the process is running
|
|
// TODO(random-liu): Use `runsc kill --pid`.
|
|
if err := unix.Kill(e.pid, 0); err == nil {
|
|
return "running", nil
|
|
}
|
|
// else if we have a pid but it can nolonger be signaled, it has stopped
|
|
return "stopped", nil
|
|
}
|