opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-15 02:06:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add namespaces and initial constraints to database

Browse Source 
Add basic awareness of namespaces to the database. As part of
this, add constraints so containers can only be added to pods in
the same namespace.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
This commit is contained in:
Matthew Heon
2018-06-25 13:27:57 -04:00
parent 2445787336
commit ab9bc21877
5 changed files with 130 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
libpod/boltdb_state_internal.go
View File

@ -1,6 +1,7 @@
package libpod
import (
"bytes"
"encoding/json"
"path/filepath"
"runtime"
@ -27,6 +28,7 @@ const (
netNSName = "netns"
containersName = "containers"
podIDName = "pod-id"
namespaceName = "namespace"
)
var (
@ -44,6 +46,7 @@ var (
netNSKey = []byte(netNSName)
containersBkt = []byte(containersName)
podIDKey = []byte(podIDName)
namespaceKey = []byte(namespaceName)
)
// Check if the configuration of the database is compatible with the
@ -262,6 +265,11 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
ctrID := []byte(ctr.ID())
ctrName := []byte(ctr.Name())
var ctrNamespace []byte
if ctr.config.Namespace != "" {
ctrNamespace = []byte(ctr.config.Namespace)
}
db, err := s.getDBCon()
if err != nil {
return err
@ -309,6 +317,12 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if podCtrs == nil {
return errors.Wrapf(ErrInternal, "pod %s does not have a containers bucket", pod.ID())
}
podNS := podDB.Get(namespaceKey)
if !bytes.Equal(podNS, ctrNamespace) {
return errors.Wrapf(ErrNSMismatch, "container %s is in namespace %s and pod %s is in namespace %s",
ctr.ID(), ctr.config.Namespace, pod.ID(), pod.config.Namespace)
}
}
// Check if we already have a container with the given ID and name
@ -344,6 +358,11 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
if err := newCtrBkt.Put(stateKey, stateJSON); err != nil {
return errors.Wrapf(err, "error adding container %s state to DB", ctr.ID())
}
if ctrNamespace != nil {
if err := newCtrBkt.Put(namespaceKey, ctrNamespace); err != nil {
return errors.Wrapf(err, "error adding container %s namespace to DB", ctr.ID())
}
}
if pod != nil {
if err := newCtrBkt.Put(podIDKey, []byte(pod.ID())); err != nil {
return errors.Wrapf(err, "error adding container %s pod to DB", ctr.ID())