Skip to content

Commit

Permalink
Merge branch 'cri-compatibility' of github.com:Starnop/pouch into cri…
Browse files Browse the repository at this point in the history
…-compatibility
  • Loading branch information
starnop committed May 19, 2018
2 parents 5c8993b + 2f2e9c1 commit 75aab2b
Show file tree
Hide file tree
Showing 55 changed files with 1,541 additions and 668 deletions.
11 changes: 5 additions & 6 deletions INSTALLATION.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,13 @@ sudo apt-get install curl apt-transport-https ca-certificates software-propertie
curl -fsSL http://mirrors.aliyun.com/opsx/pouch/linux/debian/opsx@service.alibaba.com.gpg.key | sudo apt-key add -
```

Verify that you now have the key with the fingerprint `B615 DDD7 90C7 0912 582D DC2D D7AE A5ED 439A E9EC`, by searching for the last 8 characters of the fingerprint.
Verify that you now have the key with the fingerprint `F443 EDD0 4A58 7E8B F645 9C40 CF68 F84A BE2F 475F`, by searching for the last 8 characters of the fingerprint.

``` bash
$ apt-key fingerprint 439AE9EC
pub 2048R/439AE9EC 2018-01-31
Key fingerprint = B615 DDD7 90C7 0912 582D DC2D D7AE A5ED 439A E9EC
uid Pouch Release <pouch-dev@list.alibaba-inc.com>
sub 2048R/B3D2A915 2018-01-31
$ apt-key fingerprint BE2F475F
pub 4096R/BE2F475F 2018-02-28
Key fingerprint = F443 EDD0 4A58 7E8B F645 9C40 CF68 F84A BE2F 475F
uid opsx-admin <opsx@service.alibaba.com>
```

**2. Set up the pouch repository**
Expand Down
1 change: 1 addition & 0 deletions cli/common_flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ func addCommonFlags(flagSet *pflag.FlagSet) *container {

flagSet.StringVarP(&c.workdir, "workdir", "w", "", "Set the working directory in a container")
flagSet.Var(&c.ulimit, "ulimit", "Set container ulimit")
flagSet.Int64Var(&c.pidsLimit, "pids-limit", -1, "Set container pids limit, -1 for unlimited")

flagSet.BoolVar(&c.rich, "rich", false, "Start container in rich container mode. (default false)")
flagSet.StringVar(&c.richMode, "rich-mode", "", "Choose one rich container mode. dumb-init(default), systemd, sbin-init")
Expand Down
2 changes: 2 additions & 0 deletions cli/container.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ type container struct {
specAnnotation []string
cgroupParent string
ulimit Ulimit
pidsLimit int64

//add for rich container mode
rich bool
Expand Down Expand Up @@ -223,6 +224,7 @@ func (c *container) config() (*types.ContainerCreateConfig, error) {
IntelRdtL3Cbm: intelRdtL3Cbm,
CgroupParent: c.cgroupParent,
Ulimits: c.ulimit.value(),
PidsLimit: c.pidsLimit,
},
EnableLxcfs: c.enableLxcfs,
Privileged: c.privileged,
Expand Down
9 changes: 4 additions & 5 deletions cri/v1alpha1/cri.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ import (
"path"
"path/filepath"
"reflect"
"strings"
"time"

apitypes "github.com/alibaba/pouch/apis/types"
Expand Down Expand Up @@ -648,7 +647,7 @@ func (c *CriManager) ContainerStatus(ctx context.Context, r *runtime.ContainerSt
labels, annotations := extractLabels(container.Config.Labels)

imageRef := container.Image
imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(imageRef, "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, imageRef)
if err != nil {
return nil, fmt.Errorf("failed to get image %s: %v", imageRef, err)
}
Expand Down Expand Up @@ -825,7 +824,7 @@ func (c *CriManager) ListImages(ctx context.Context, r *runtime.ListImagesReques
continue
}
// NOTE: we should query image cache to get the correct image info.
imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(i.ID, "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, i.ID)
if err != nil {
continue
}
Expand All @@ -849,7 +848,7 @@ func (c *CriManager) ImageStatus(ctx context.Context, r *runtime.ImageStatusRequ
return nil, err
}

imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(ref.String(), "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, ref.String())
if err != nil {
// TODO: separate ErrImageNotFound with others.
// Now we just return empty if the error occurred.
Expand Down Expand Up @@ -893,7 +892,7 @@ func (c *CriManager) PullImage(ctx context.Context, r *runtime.PullImageRequest)

// RemoveImage removes the image.
func (c *CriManager) RemoveImage(ctx context.Context, r *runtime.RemoveImageRequest) (*runtime.RemoveImageResponse, error) {
imageRef := strings.TrimPrefix(r.GetImage().GetImage(), "sha256:")
imageRef := r.GetImage().GetImage()

if err := c.ImageMgr.RemoveImage(ctx, imageRef, false); err != nil {
if errtypes.IsNotfound(err) {
Expand Down
46 changes: 18 additions & 28 deletions cri/v1alpha2/cri.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ import (
"path"
"path/filepath"
"reflect"
"strings"
"time"

apitypes "github.com/alibaba/pouch/apis/types"
Expand Down Expand Up @@ -54,7 +53,7 @@ const (
// Address and port of stream server.
// TODO: specify them in the parameters of pouchd.
streamServerAddress = ""
streamServerPort = "10010"
streamServerPort = "10011"

namespaceModeHost = "host"
namespaceModeNone = "none"
Expand Down Expand Up @@ -371,8 +370,8 @@ func (c *CriManager) PodSandboxStatus(ctx context.Context, r *runtime.PodSandbox
}
labels, annotations := extractLabels(sandbox.Config.Labels)

securityContext := sandboxMeta.Config.GetLinux().GetSecurityContext()
hostNet := securityContext.GetNamespaceOptions().GetNetwork() == runtime.NamespaceMode_NODE
nsOpts := sandboxMeta.Config.GetLinux().GetSecurityContext().GetNamespaceOptions()
hostNet := nsOpts.GetNetwork() == runtime.NamespaceMode_NODE

var ip string
// No need to get ip for host network mode.
Expand All @@ -392,7 +391,15 @@ func (c *CriManager) PodSandboxStatus(ctx context.Context, r *runtime.PodSandbox
Labels: labels,
Annotations: annotations,
Network: &runtime.PodSandboxNetworkStatus{Ip: ip},
// TODO: linux specific pod status.
Linux: &runtime.LinuxPodSandboxStatus{
Namespaces: &runtime.Namespace{
Options: &runtime.NamespaceOption{
Network: nsOpts.GetNetwork(),
Pid: nsOpts.GetPid(),
Ipc: nsOpts.GetIpc(),
},
},
},
}

return &runtime.PodSandboxStatusResponse{Status: status}, nil
Expand Down Expand Up @@ -440,8 +447,7 @@ func (c *CriManager) CreateContainer(ctx context.Context, r *runtime.CreateConta

image := ""
if iSpec := config.GetImage(); iSpec != nil {
temp := strings.Split(iSpec.Image, ":")
image = temp[len(temp)-1]
image = iSpec.Image
}
createConfig := &apitypes.ContainerCreateConfig{
ContainerConfig: apitypes.ContainerConfig{
Expand Down Expand Up @@ -638,7 +644,7 @@ func (c *CriManager) ContainerStatus(ctx context.Context, r *runtime.ContainerSt
labels, annotations := extractLabels(container.Config.Labels)

imageRef := container.Image
imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(imageRef, "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, imageRef)
if err != nil {
return nil, fmt.Errorf("failed to get image %s: %v", imageRef, err)
}
Expand Down Expand Up @@ -689,23 +695,7 @@ func (c *CriManager) UpdateContainerResources(ctx context.Context, r *runtime.Up
// to either create a new log file and return nil, or return an error.
// Once it returns error, new container log file MUST NOT be created.
func (c *CriManager) ReopenContainerLog(ctx context.Context, r *runtime.ReopenContainerLogRequest) (*runtime.ReopenContainerLogResponse, error) {
containerID := r.GetContainerId()
container, err := c.ContainerMgr.Get(ctx, containerID)
if err != nil {
return nil, fmt.Errorf("failed to get container of %q: %v", containerID, err)
}
if container.State.Status != apitypes.StatusRunning {
return nil, fmt.Errorf("container %q is not running", containerID)
}
c.ContainerMgr.(*mgr.ContainerManager).IOs.Remove(containerID)
if container.LogPath != "" {
logPath := container.LogPath
err := c.attachLog(logPath, containerID)
if err != nil {
return nil, err
}
}
return &runtime.ReopenContainerLogResponse{}, nil
return nil, fmt.Errorf("UpdateContainerResources Not Implemented Yet")
}

// ExecSync executes a command in the container, and returns the stdout output.
Expand Down Expand Up @@ -840,7 +830,7 @@ func (c *CriManager) ListImages(ctx context.Context, r *runtime.ListImagesReques
continue
}
// NOTE: we should query image cache to get the correct image info.
imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(i.ID, "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, i.ID)
if err != nil {
continue
}
Expand All @@ -864,7 +854,7 @@ func (c *CriManager) ImageStatus(ctx context.Context, r *runtime.ImageStatusRequ
return nil, err
}

imageInfo, err := c.ImageMgr.GetImage(ctx, strings.TrimPrefix(ref.String(), "sha256:"))
imageInfo, err := c.ImageMgr.GetImage(ctx, ref.String())
if err != nil {
// TODO: separate ErrImageNotFound with others.
// Now we just return empty if the error occurred.
Expand Down Expand Up @@ -908,7 +898,7 @@ func (c *CriManager) PullImage(ctx context.Context, r *runtime.PullImageRequest)

// RemoveImage removes the image.
func (c *CriManager) RemoveImage(ctx context.Context, r *runtime.RemoveImageRequest) (*runtime.RemoveImageResponse, error) {
imageRef := strings.TrimPrefix(r.GetImage().GetImage(), "sha256:")
imageRef := r.GetImage().GetImage()

if err := c.ImageMgr.RemoveImage(ctx, imageRef, false); err != nil {
if errtypes.IsNotfound(err) {
Expand Down
6 changes: 3 additions & 3 deletions cri/v1alpha2/cri_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -451,9 +451,9 @@ func modifyContainerNamespaceOptions(nsOpts *runtime.NamespaceOption, podSandbox
if n.hostMode {
*n.nsMode = namespaceModeHost
} else {
if n.nsMode == &hostConfig.PidMode && nsOpts.GetPid() == runtime.NamespaceMode_CONTAINER {
continue
}
//if n.nsMode == &hostConfig.PidMode && nsOpts.GetPid() == runtime.NamespaceMode_CONTAINER {
// continue
//}
*n.nsMode = sandboxNSMode
}
}
Expand Down
3 changes: 1 addition & 2 deletions daemon/mgr/container.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@ import (
"github.com/go-openapi/strfmt"
"github.com/imdario/mergo"
"github.com/magiconair/properties"
digest "github.com/opencontainers/go-digest"
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
Expand Down Expand Up @@ -1919,7 +1918,7 @@ func (mgr *ContainerManager) getMountPointFromImage(ctx context.Context, meta *C
var err error

// parse volumes from image
image, err := mgr.ImageMgr.GetImage(ctx, strings.TrimPrefix(meta.Image, digest.Canonical.String()+":"))
image, err := mgr.ImageMgr.GetImage(ctx, meta.Image)
if err != nil {
return errors.Wrapf(err, "failed to get image: %s", meta.Image)
}
Expand Down
16 changes: 11 additions & 5 deletions daemon/mgr/image.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"fmt"
"io"
"strings"
"time"

"github.com/alibaba/pouch/apis/types"
Expand Down Expand Up @@ -178,8 +179,11 @@ func (mgr *ImageManager) RemoveImage(ctx context.Context, idOrRef string, force
return err
}

// should remove all the references if the reference is Named Only
if reference.IsNamedOnly(namedRef) {
// should remove all the references if the reference is ID (Named Only)
// or Digest ID (Tagged Named)
if reference.IsNamedOnly(namedRef) ||
strings.HasPrefix(id.String(), namedRef.String()) {

// NOTE: the user maybe use the following references to pull one image
//
// busybox:1.25
Expand Down Expand Up @@ -257,9 +261,11 @@ func (mgr *ImageManager) CheckReference(ctx context.Context, idOrRef string) (ac
}
}

// NOTE: if the actualRef is short ID or ID, the primaryRef is first one of
// primary reference
if reference.IsNamedOnly(actualRef) {
// NOTE: if the actualRef is ID (Named Only) or Digest ID (Tagged Named)
// the primaryRef is first one of primary reference
if reference.IsNamedOnly(actualRef) ||
strings.HasPrefix(actualID.String(), actualRef.String()) {

refs := mgr.localStore.GetPrimaryReferences(actualID)
if len(refs) == 0 {
err = errtypes.ErrNotfound
Expand Down
21 changes: 15 additions & 6 deletions daemon/mgr/image_store.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package mgr

import (
"fmt"
"strings"
"sync"

"github.com/alibaba/pouch/pkg/errtypes"
Expand Down Expand Up @@ -141,34 +143,41 @@ func (store *imageStore) Search(ref reference.Named) (digest.Digest, reference.N

// if the reference is short ID or ID
//
// NOTE: by default, use the sha256 as the digest algorithm
id, err := store.searchIDs(digest.Canonical.String(), ref.String())
// NOTE: by default, use the sha256 as the digest algorithm if missing
// algorithm header.
id, err := store.searchIDs(ref.String())
if err != nil {
return "", nil, err
}
return id, ref, nil
}

func (store *imageStore) searchIDs(algo string, prefixID string) (digest.Digest, error) {
func (store *imageStore) searchIDs(refID string) (digest.Digest, error) {
var ids []digest.Digest
var id string

id = refID
if !strings.HasPrefix(refID, digest.Canonical.String()) {
id = fmt.Sprintf("%s:%s", digest.Canonical.String(), refID)
}

fn := func(_ patricia.Prefix, item patricia.Item) error {
if got, ok := item.(digest.Digest); ok {
ids = append(ids, got)
}

if len(ids) > 1 {
return pkgerrors.Wrap(errtypes.ErrTooMany, "image: "+prefixID)
return pkgerrors.Wrap(errtypes.ErrTooMany, "image: "+refID)
}
return nil
}

if err := store.idSet.VisitSubtree(patricia.Prefix(algo+":"+prefixID), fn); err != nil {
if err := store.idSet.VisitSubtree(patricia.Prefix(id), fn); err != nil {
return "", err
}

if len(ids) == 0 {
return "", pkgerrors.Wrap(errtypes.ErrNotfound, "image: "+prefixID)
return "", pkgerrors.Wrap(errtypes.ErrNotfound, "image: "+refID)
}
return ids[0], nil
}
Expand Down
19 changes: 17 additions & 2 deletions daemon/mgr/image_store_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func TestSearch(t *testing.T) {

// search
{
// should return id if the reference is id
// should return id if the reference is id without algorithm header
{
namedStr := id.Hex()

Expand All @@ -127,6 +127,21 @@ func TestSearch(t *testing.T) {
assert.Equal(t, gotRef.String(), namedRef.String())
}

// should return id if the reference is digest id
{
namedStr := id.String()

namedRef, err := reference.Parse(namedStr)
if err != nil {
t.Fatalf("unexpected error during parse reference %v: %v", namedStr, err)
}

gotID, gotRef, err := store.Search(namedRef)
assert.Equal(t, err, nil)
assert.Equal(t, gotID.String(), id.String())
assert.Equal(t, gotRef.String(), namedRef.String())
}

// should return busybox:latest if the reference is busybox
{
namedStr := "busybox"
Expand Down Expand Up @@ -202,7 +217,7 @@ func TestSearch(t *testing.T) {

// should return ErrTooMany if the reference is commonPart
{
namedStr := id.Hex()[:20]
namedStr := id.String()[:20]

namedRef, err := reference.Parse(namedStr)
if err != nil {
Expand Down
5 changes: 4 additions & 1 deletion daemon/mgr/spec_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,10 @@ func setupResource(ctx context.Context, c *Container, s *specs.Spec) error {
return err
}

//TODO: nedd support Pids, HugepageLimits, Network cgroup set
// start to setup pids limit
s.Linux.Resources.Pids = &specs.LinuxPids{
Limit: c.HostConfig.PidsLimit,
}

return nil
}
Expand Down
2 changes: 1 addition & 1 deletion daemon/mgr/system.go
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ func (mgr *SystemManager) Version() (types.SystemVersion, error) {
Arch: runtime.GOARCH,
BuildTime: version.BuildTime,
GitCommit: version.GitCommit,
GoVersion: version.GOVersion,
GoVersion: runtime.Version(),
KernelVersion: kernelVersion,
Os: runtime.GOOS,
Version: version.Version,
Expand Down
1 change: 1 addition & 0 deletions daemon/mgr/volume.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ func (vm *VolumeManager) Remove(ctx context.Context, name string) error {
if strings.Contains(err.Error(), "not found") {
return errors.Wrap(errtypes.ErrNotfound, err.Error())
}
return err
}

return nil
Expand Down
Loading

0 comments on commit 75aab2b

Please sign in to comment.