opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-20 00:51:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3529 from giuseppe/healthcheck-rootless

Browse Source 
healthcheck: support rootless mode
This commit is contained in:
OpenShift Merge Robot
2019-07-09 16:09:37 +02:00
committed by GitHub
parent 5786a3a7dc c6c637da00
commit 76aa8f6d2d
1 changed files with 45 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
libpod/healthcheck_linux.go
View File

@ -4,13 +4,50 @@ import (
"fmt" "fmt"
"os" "os"
"os/exec" "os/exec"
"path/filepath"
"strconv"
"strings" "strings"
"github.com/containers/libpod/pkg/rootless"
"github.com/coreos/go-systemd/dbus" "github.com/coreos/go-systemd/dbus"
godbus "github.com/godbus/dbus"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
func dbusAuthRootlessConnection(createBus func(opts ...godbus.ConnOption) (*godbus.Conn, error)) (*godbus.Conn, error) {
conn, err := createBus()
if err != nil {
return nil, err
}
methods := []godbus.Auth{godbus.AuthExternal(strconv.Itoa(rootless.GetRootlessUID()))}
err = conn.Auth(methods)
if err != nil {
conn.Close()
return nil, err
}
return conn, nil
}
func newRootlessConnection() (*dbus.Conn, error) {
return dbus.NewConnection(func() (*godbus.Conn, error) {
return dbusAuthRootlessConnection(func(opts ...godbus.ConnOption) (*godbus.Conn, error) {
path := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "systemd/private")
return godbus.Dial(fmt.Sprintf("unix:path=%s", path))
})
})
}
func getConnection() (*dbus.Conn, error) {
if rootless.IsRootless() {
return newRootlessConnection()
}
return dbus.NewSystemdConnection()
}
// createTimer systemd timers for healthchecks of a container // createTimer systemd timers for healthchecks of a container
func (c *Container) createTimer() error { func (c *Container) createTimer() error {
if c.disableHealthCheckSystemd() { if c.disableHealthCheckSystemd() {
@ -21,9 +58,13 @@ func (c *Container) createTimer() error {
return errors.Wrapf(err, "failed to get path for podman for a health check timer") return errors.Wrapf(err, "failed to get path for podman for a health check timer")
} }
var cmd = []string{"--unit", fmt.Sprintf("%s", c.ID()), fmt.Sprintf("--on-unit-inactive=%s", c.HealthCheckConfig().Interval.String()), "--timer-property=AccuracySec=1s", podman, "healthcheck", "run", c.ID()} var cmd = []string{}
if rootless.IsRootless() {
cmd = append(cmd, "--user")
}
cmd = append(cmd, "--unit", fmt.Sprintf("%s", c.ID()), fmt.Sprintf("--on-unit-inactive=%s", c.HealthCheckConfig().Interval.String()), "--timer-property=AccuracySec=1s", podman, "healthcheck", "run", c.ID())
conn, err := dbus.NewSystemdConnection() conn, err := getConnection()
if err != nil { if err != nil {
return errors.Wrapf(err, "unable to get systemd connection to add healthchecks") return errors.Wrapf(err, "unable to get systemd connection to add healthchecks")
} }
@ -42,7 +83,7 @@ func (c *Container) startTimer() error {
if c.disableHealthCheckSystemd() { if c.disableHealthCheckSystemd() {
return nil return nil
} }
conn, err := dbus.NewSystemdConnection() conn, err := getConnection()
if err != nil { if err != nil {
return errors.Wrapf(err, "unable to get systemd connection to start healthchecks") return errors.Wrapf(err, "unable to get systemd connection to start healthchecks")
} }
@ -57,7 +98,7 @@ func (c *Container) removeTimer() error {
if c.disableHealthCheckSystemd() { if c.disableHealthCheckSystemd() {
return nil return nil
} }
conn, err := dbus.NewSystemdConnection() conn, err := getConnection()
if err != nil { if err != nil {
return errors.Wrapf(err, "unable to get systemd connection to remove healthchecks") return errors.Wrapf(err, "unable to get systemd connection to remove healthchecks")
} }