mirror of
				https://github.com/containers/podman.git
				synced 2025-10-25 18:25:59 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			222 lines
		
	
	
		
			6.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			222 lines
		
	
	
		
			6.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| package libpod
 | |
| 
 | |
| import (
 | |
| 	"os"
 | |
| 	"path/filepath"
 | |
| 	"sync"
 | |
| 
 | |
| 	is "github.com/containers/image/storage"
 | |
| 	"github.com/containers/image/types"
 | |
| 	"github.com/containers/storage"
 | |
| 	"github.com/pkg/errors"
 | |
| 	"github.com/sirupsen/logrus"
 | |
| 	"github.com/ulule/deepcopier"
 | |
| )
 | |
| 
 | |
| // A RuntimeOption is a functional option which alters the Runtime created by
 | |
| // NewRuntime
 | |
| type RuntimeOption func(*Runtime) error
 | |
| 
 | |
| // Runtime is the core libpod runtime
 | |
| type Runtime struct {
 | |
| 	config         *RuntimeConfig
 | |
| 	state          State
 | |
| 	store          storage.Store
 | |
| 	storageService *storageService
 | |
| 	imageContext   *types.SystemContext
 | |
| 	ociRuntime     *OCIRuntime
 | |
| 	valid          bool
 | |
| 	lock           sync.RWMutex
 | |
| }
 | |
| 
 | |
| // RuntimeConfig contains configuration options used to set up the runtime
 | |
| type RuntimeConfig struct {
 | |
| 	StorageConfig         storage.StoreOptions
 | |
| 	ImageDefaultTransport string
 | |
| 	InsecureRegistries    []string
 | |
| 	Registries            []string
 | |
| 	SignaturePolicyPath   string
 | |
| 	InMemoryState         bool
 | |
| 	RuntimePath           string
 | |
| 	ConmonPath            string
 | |
| 	ConmonEnvVars         []string
 | |
| 	CgroupManager         string
 | |
| 	StaticDir             string
 | |
| 	TmpDir                string
 | |
| 	SelinuxEnabled        bool
 | |
| 	PidsLimit             int64
 | |
| 	MaxLogSize            int64
 | |
| 	NoPivotRoot           bool
 | |
| }
 | |
| 
 | |
| var (
 | |
| 	defaultRuntimeConfig = RuntimeConfig{
 | |
| 		// Leave this empty so containers/storage will use its defaults
 | |
| 		StorageConfig:         storage.StoreOptions{},
 | |
| 		ImageDefaultTransport: "docker://",
 | |
| 		InMemoryState:         false,
 | |
| 		RuntimePath:           "/usr/bin/runc",
 | |
| 		ConmonPath:            "/usr/local/libexec/crio/conmon",
 | |
| 		ConmonEnvVars: []string{
 | |
| 			"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
 | |
| 		},
 | |
| 		CgroupManager:  "cgroupfs",
 | |
| 		StaticDir:      "/var/lib/libpod",
 | |
| 		TmpDir:         "/var/run/libpod",
 | |
| 		SelinuxEnabled: false,
 | |
| 		PidsLimit:      1024,
 | |
| 		MaxLogSize:     -1,
 | |
| 		NoPivotRoot:    false,
 | |
| 	}
 | |
| )
 | |
| 
 | |
| // NewRuntime creates a new container runtime
 | |
| // Options can be passed to override the default configuration for the runtime
 | |
| func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
 | |
| 	runtime = new(Runtime)
 | |
| 	runtime.config = new(RuntimeConfig)
 | |
| 
 | |
| 	// Copy the default configuration
 | |
| 	deepcopier.Copy(defaultRuntimeConfig).To(runtime.config)
 | |
| 
 | |
| 	// Overwrite it with user-given configuration options
 | |
| 	for _, opt := range options {
 | |
| 		if err := opt(runtime); err != nil {
 | |
| 			return nil, errors.Wrapf(err, "error configuring runtime")
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	// Set up containers/storage
 | |
| 	store, err := storage.GetStore(runtime.config.StorageConfig)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	runtime.store = store
 | |
| 	is.Transport.SetStore(store)
 | |
| 	defer func() {
 | |
| 		if err != nil {
 | |
| 			// Don't forcibly shut down
 | |
| 			// We could be opening a store in use by another libpod
 | |
| 			_, err2 := store.Shutdown(false)
 | |
| 			if err2 != nil {
 | |
| 				logrus.Errorf("Error removing store for partially-created runtime: %s", err2)
 | |
| 			}
 | |
| 		}
 | |
| 	}()
 | |
| 
 | |
| 	// Set up a storage service for creating container root filesystems from
 | |
| 	// images
 | |
| 	storageService, err := getStorageService(runtime.store)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	runtime.storageService = storageService
 | |
| 
 | |
| 	// Set up containers/image
 | |
| 	runtime.imageContext = &types.SystemContext{
 | |
| 		SignaturePolicyPath: runtime.config.SignaturePolicyPath,
 | |
| 	}
 | |
| 
 | |
| 	// Make an OCI runtime to perform container operations
 | |
| 	ociRuntime, err := newOCIRuntime("runc", runtime.config.RuntimePath,
 | |
| 		runtime.config.ConmonPath, runtime.config.ConmonEnvVars,
 | |
| 		runtime.config.CgroupManager, runtime.config.TmpDir,
 | |
| 		runtime.config.MaxLogSize, runtime.config.NoPivotRoot)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	runtime.ociRuntime = ociRuntime
 | |
| 
 | |
| 	// Make the static files directory if it does not exist
 | |
| 	if err := os.MkdirAll(runtime.config.StaticDir, 0755); err != nil {
 | |
| 		// The directory is allowed to exist
 | |
| 		if !os.IsExist(err) {
 | |
| 			return nil, errors.Wrapf(err, "error creating runtime static files directory %s",
 | |
| 				runtime.config.StaticDir)
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	// Make the per-boot files directory if it does not exist
 | |
| 	if err := os.MkdirAll(runtime.config.TmpDir, 0755); err != nil {
 | |
| 		// The directory is allowed to exist
 | |
| 		if !os.IsExist(err) {
 | |
| 			return nil, errors.Wrapf(err, "error creating runtime temporary files directory %s",
 | |
| 				runtime.config.TmpDir)
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	// Set up the state
 | |
| 	if runtime.config.InMemoryState {
 | |
| 		state, err := NewInMemoryState()
 | |
| 		if err != nil {
 | |
| 			return nil, err
 | |
| 		}
 | |
| 		runtime.state = state
 | |
| 	} else {
 | |
| 		dbPath := filepath.Join(runtime.config.StaticDir, "state.sql")
 | |
| 		lockPath := filepath.Join(runtime.config.TmpDir, "state.lck")
 | |
| 		specsDir := filepath.Join(runtime.config.StaticDir, "ocispec")
 | |
| 
 | |
| 		// Make a directory to hold JSON versions of container OCI specs
 | |
| 		if err := os.MkdirAll(specsDir, 0755); err != nil {
 | |
| 			// The directory is allowed to exist
 | |
| 			if !os.IsExist(err) {
 | |
| 				return nil, errors.Wrapf(err, "error creating runtime OCI specs directory %s",
 | |
| 					specsDir)
 | |
| 			}
 | |
| 		}
 | |
| 
 | |
| 		state, err := NewSQLState(dbPath, lockPath, specsDir, runtime)
 | |
| 		if err != nil {
 | |
| 			return nil, err
 | |
| 		}
 | |
| 		runtime.state = state
 | |
| 	}
 | |
| 
 | |
| 	// Mark the runtime as valid - ready to be used, cannot be modified
 | |
| 	// further
 | |
| 	runtime.valid = true
 | |
| 
 | |
| 	return runtime, nil
 | |
| }
 | |
| 
 | |
| // GetConfig returns a copy of the configuration used by the runtime
 | |
| func (r *Runtime) GetConfig() *RuntimeConfig {
 | |
| 	r.lock.RLock()
 | |
| 	defer r.lock.RUnlock()
 | |
| 
 | |
| 	if !r.valid {
 | |
| 		return nil
 | |
| 	}
 | |
| 
 | |
| 	config := new(RuntimeConfig)
 | |
| 
 | |
| 	// Copy so the caller won't be able to modify the actual config
 | |
| 	deepcopier.Copy(r.config).To(config)
 | |
| 
 | |
| 	return config
 | |
| }
 | |
| 
 | |
| // Shutdown shuts down the runtime and associated containers and storage
 | |
| // If force is true, containers and mounted storage will be shut down before
 | |
| // cleaning up; if force is false, an error will be returned if there are
 | |
| // still containers running or mounted
 | |
| func (r *Runtime) Shutdown(force bool) error {
 | |
| 	r.lock.Lock()
 | |
| 	defer r.lock.Unlock()
 | |
| 
 | |
| 	if !r.valid {
 | |
| 		return ErrRuntimeStopped
 | |
| 	}
 | |
| 
 | |
| 	r.valid = false
 | |
| 
 | |
| 	_, err := r.store.Shutdown(force)
 | |
| 	if err != nil {
 | |
| 		return err
 | |
| 	}
 | |
| 
 | |
| 	// TODO: Should always call this even if store.Shutdown failed
 | |
| 	return r.state.Close()
 | |
| }
 | 
