From 8cb887afdc1b51a231a15eed5e9013120def5dc4 Mon Sep 17 00:00:00 2001 From: Laitron Date: Fri, 20 Jan 2023 23:56:43 +0800 Subject: [PATCH] [Refactor] Move generateSharingPIDOpts from cmd to pkg/containerutil Signed-off-by: Laitron --- cmd/nerdctl/run.go | 45 ------------------------------ cmd/nerdctl/run_linux.go | 2 +- cmd/nerdctl/start.go | 3 +- pkg/containerutil/containerutil.go | 45 ++++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+), 48 deletions(-) diff --git a/cmd/nerdctl/run.go b/cmd/nerdctl/run.go index aed79cab273..cb320124b81 100644 --- a/cmd/nerdctl/run.go +++ b/cmd/nerdctl/run.go @@ -43,7 +43,6 @@ import ( "github.com/containerd/nerdctl/pkg/clientutil" "github.com/containerd/nerdctl/pkg/cmd/container" "github.com/containerd/nerdctl/pkg/cmd/image" - "github.com/containerd/nerdctl/pkg/containerutil" "github.com/containerd/nerdctl/pkg/defaults" "github.com/containerd/nerdctl/pkg/errutil" "github.com/containerd/nerdctl/pkg/idgen" @@ -56,7 +55,6 @@ import ( "github.com/containerd/nerdctl/pkg/netutil" "github.com/containerd/nerdctl/pkg/platformutil" "github.com/containerd/nerdctl/pkg/referenceutil" - "github.com/containerd/nerdctl/pkg/rootlessutil" "github.com/containerd/nerdctl/pkg/strutil" "github.com/containerd/nerdctl/pkg/taskutil" dopts "github.com/docker/cli/opts" @@ -1237,49 +1235,6 @@ func withOSEnv(envs []string) ([]string, error) { return newEnvs, nil } -func generateSharingPIDOpts(ctx context.Context, targetCon containerd.Container) ([]oci.SpecOpts, error) { - opts := make([]oci.SpecOpts, 0) - - task, err := targetCon.Task(ctx, nil) - if err != nil { - return nil, err - } - status, err := task.Status(ctx) - if err != nil { - return nil, err - } - - if status.Status != containerd.Running { - return nil, fmt.Errorf("shared container is not running") - } - - spec, err := targetCon.Spec(ctx) - if err != nil { - return nil, err - } - - isHost := true - for _, n := range spec.Linux.Namespaces { - if n.Type == specs.PIDNamespace { - isHost = false - } - } - if isHost { - opts = append(opts, oci.WithHostNamespace(specs.PIDNamespace)) - if rootlessutil.IsRootless() { - opts = append(opts, containerutil.WithBindMountHostProcfs) - } - } else { - ns := specs.LinuxNamespace{ - Type: specs.PIDNamespace, - Path: fmt.Sprintf("/proc/%d/ns/pid", task.Pid()), - } - opts = append(opts, oci.WithLinuxNamespace(ns)) - } - - return opts, nil -} - // generateEnvs combines environment variables from `--env-file` and `--env`. // Pass an empty slice if any arg is not used. func generateEnvs(envFile []string, env []string) ([]string, error) { diff --git a/cmd/nerdctl/run_linux.go b/cmd/nerdctl/run_linux.go index 213621e8d84..dea0d713448 100644 --- a/cmd/nerdctl/run_linux.go +++ b/cmd/nerdctl/run_linux.go @@ -297,7 +297,7 @@ func generatePIDOpts(ctx context.Context, client *containerd.Client, pid string) return fmt.Errorf("multiple IDs found with provided prefix: %s", found.Req) } - o, err := generateSharingPIDOpts(ctx, found.Container) + o, err := containerutil.GenerateSharingPIDOpts(ctx, found.Container) if err != nil { return err } diff --git a/cmd/nerdctl/start.go b/cmd/nerdctl/start.go index da6aa16b4a7..e035beaa61c 100644 --- a/cmd/nerdctl/start.go +++ b/cmd/nerdctl/start.go @@ -38,7 +38,6 @@ import ( "github.com/containerd/nerdctl/pkg/netutil/nettype" "github.com/containerd/nerdctl/pkg/taskutil" "github.com/opencontainers/runtime-spec/specs-go" - "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) @@ -250,7 +249,7 @@ func reconfigPIDContainer(ctx context.Context, c containerd.Container, client *c return err } - opts, err := generateSharingPIDOpts(ctx, targetCon) + opts, err := containerutil.GenerateSharingPIDOpts(ctx, targetCon) if err != nil { return err } diff --git a/pkg/containerutil/containerutil.go b/pkg/containerutil/containerutil.go index 215a0291b84..ea96028fe2f 100644 --- a/pkg/containerutil/containerutil.go +++ b/pkg/containerutil/containerutil.go @@ -30,6 +30,7 @@ import ( "github.com/containerd/containerd/oci" "github.com/containerd/containerd/runtime/restart" "github.com/containerd/nerdctl/pkg/portutil" + "github.com/containerd/nerdctl/pkg/rootlessutil" "github.com/opencontainers/runtime-spec/specs-go" ) @@ -129,3 +130,47 @@ func WithBindMountHostProcfs(_ context.Context, _ oci.Client, _ *containers.Cont s.Linux.ReadonlyPaths = newROP return nil } + +// GenerateSharingPIDOpts returns the oci.SpecOpts that shares the host linux namespace from `targetCon` +// If `targetCon` doesn't have a `PIDNamespace`, a new one is generated from its `Pid`. +func GenerateSharingPIDOpts(ctx context.Context, targetCon containerd.Container) ([]oci.SpecOpts, error) { + opts := make([]oci.SpecOpts, 0) + + task, err := targetCon.Task(ctx, nil) + if err != nil { + return nil, err + } + status, err := task.Status(ctx) + if err != nil { + return nil, err + } + + if status.Status != containerd.Running { + return nil, fmt.Errorf("shared container is not running") + } + + spec, err := targetCon.Spec(ctx) + if err != nil { + return nil, err + } + + isHost := true + for _, n := range spec.Linux.Namespaces { + if n.Type == specs.PIDNamespace { + isHost = false + } + } + if isHost { + opts = append(opts, oci.WithHostNamespace(specs.PIDNamespace)) + if rootlessutil.IsRootless() { + opts = append(opts, WithBindMountHostProcfs) + } + } else { + ns := specs.LinuxNamespace{ + Type: specs.PIDNamespace, + Path: fmt.Sprintf("/proc/%d/ns/pid", task.Pid()), + } + opts = append(opts, oci.WithLinuxNamespace(ns)) + } + return opts, nil +}