зеркало из https://github.com/microsoft/docker.git
281 строка
7.8 KiB
Go
281 строка
7.8 KiB
Go
package daemon
|
|
|
|
import (
|
|
"fmt"
|
|
"io"
|
|
"strings"
|
|
"time"
|
|
|
|
"golang.org/x/net/context"
|
|
|
|
"github.com/Sirupsen/logrus"
|
|
"github.com/docker/docker/api/errors"
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/docker/docker/api/types/strslice"
|
|
"github.com/docker/docker/container"
|
|
"github.com/docker/docker/daemon/exec"
|
|
"github.com/docker/docker/libcontainerd"
|
|
"github.com/docker/docker/pkg/pools"
|
|
"github.com/docker/docker/pkg/signal"
|
|
"github.com/docker/docker/pkg/term"
|
|
"github.com/docker/docker/utils"
|
|
)
|
|
|
|
// Seconds to wait after sending TERM before trying KILL
|
|
const termProcessTimeout = 10
|
|
|
|
func (d *Daemon) registerExecCommand(container *container.Container, config *exec.Config) {
|
|
// Storing execs in container in order to kill them gracefully whenever the container is stopped or removed.
|
|
container.ExecCommands.Add(config.ID, config)
|
|
// Storing execs in daemon for easy access via remote API.
|
|
d.execCommands.Add(config.ID, config)
|
|
}
|
|
|
|
// ExecExists looks up the exec instance and returns a bool if it exists or not.
|
|
// It will also return the error produced by `getConfig`
|
|
func (d *Daemon) ExecExists(name string) (bool, error) {
|
|
if _, err := d.getExecConfig(name); err != nil {
|
|
return false, err
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
// getExecConfig looks up the exec instance by name. If the container associated
|
|
// with the exec instance is stopped or paused, it will return an error.
|
|
func (d *Daemon) getExecConfig(name string) (*exec.Config, error) {
|
|
ec := d.execCommands.Get(name)
|
|
|
|
// If the exec is found but its container is not in the daemon's list of
|
|
// containers then it must have been deleted, in which case instead of
|
|
// saying the container isn't running, we should return a 404 so that
|
|
// the user sees the same error now that they will after the
|
|
// 5 minute clean-up loop is run which erases old/dead execs.
|
|
|
|
if ec != nil {
|
|
if container := d.containers.Get(ec.ContainerID); container != nil {
|
|
if !container.IsRunning() {
|
|
return nil, fmt.Errorf("Container %s is not running: %s", container.ID, container.State.String())
|
|
}
|
|
if container.IsPaused() {
|
|
return nil, errExecPaused(container.ID)
|
|
}
|
|
if container.IsRestarting() {
|
|
return nil, errContainerIsRestarting(container.ID)
|
|
}
|
|
return ec, nil
|
|
}
|
|
}
|
|
|
|
return nil, errExecNotFound(name)
|
|
}
|
|
|
|
func (d *Daemon) unregisterExecCommand(container *container.Container, execConfig *exec.Config) {
|
|
container.ExecCommands.Delete(execConfig.ID)
|
|
d.execCommands.Delete(execConfig.ID)
|
|
}
|
|
|
|
func (d *Daemon) getActiveContainer(name string) (*container.Container, error) {
|
|
container, err := d.GetContainer(name)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !container.IsRunning() {
|
|
return nil, errNotRunning{container.ID}
|
|
}
|
|
if container.IsPaused() {
|
|
return nil, errExecPaused(name)
|
|
}
|
|
if container.IsRestarting() {
|
|
return nil, errContainerIsRestarting(container.ID)
|
|
}
|
|
return container, nil
|
|
}
|
|
|
|
// ContainerExecCreate sets up an exec in a running container.
|
|
func (d *Daemon) ContainerExecCreate(name string, config *types.ExecConfig) (string, error) {
|
|
container, err := d.getActiveContainer(name)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
cmd := strslice.StrSlice(config.Cmd)
|
|
entrypoint, args := d.getEntrypointAndArgs(strslice.StrSlice{}, cmd)
|
|
|
|
keys := []byte{}
|
|
if config.DetachKeys != "" {
|
|
keys, err = term.ToBytes(config.DetachKeys)
|
|
if err != nil {
|
|
err = fmt.Errorf("Invalid escape keys (%s) provided", config.DetachKeys)
|
|
return "", err
|
|
}
|
|
}
|
|
|
|
execConfig := exec.NewConfig()
|
|
execConfig.OpenStdin = config.AttachStdin
|
|
execConfig.OpenStdout = config.AttachStdout
|
|
execConfig.OpenStderr = config.AttachStderr
|
|
execConfig.ContainerID = container.ID
|
|
execConfig.DetachKeys = keys
|
|
execConfig.Entrypoint = entrypoint
|
|
execConfig.Args = args
|
|
execConfig.Tty = config.Tty
|
|
execConfig.Privileged = config.Privileged
|
|
execConfig.User = config.User
|
|
|
|
linkedEnv, err := d.setupLinkedContainers(container)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
execConfig.Env = utils.ReplaceOrAppendEnvValues(container.CreateDaemonEnvironment(config.Tty, linkedEnv), config.Env)
|
|
if len(execConfig.User) == 0 {
|
|
execConfig.User = container.Config.User
|
|
}
|
|
|
|
d.registerExecCommand(container, execConfig)
|
|
|
|
d.LogContainerEvent(container, "exec_create: "+execConfig.Entrypoint+" "+strings.Join(execConfig.Args, " "))
|
|
|
|
return execConfig.ID, nil
|
|
}
|
|
|
|
// ContainerExecStart starts a previously set up exec instance. The
|
|
// std streams are set up.
|
|
// If ctx is cancelled, the process is terminated.
|
|
func (d *Daemon) ContainerExecStart(ctx context.Context, name string, stdin io.ReadCloser, stdout io.Writer, stderr io.Writer) (err error) {
|
|
var (
|
|
cStdin io.ReadCloser
|
|
cStdout, cStderr io.Writer
|
|
)
|
|
|
|
ec, err := d.getExecConfig(name)
|
|
if err != nil {
|
|
return errExecNotFound(name)
|
|
}
|
|
|
|
ec.Lock()
|
|
if ec.ExitCode != nil {
|
|
ec.Unlock()
|
|
err := fmt.Errorf("Error: Exec command %s has already run", ec.ID)
|
|
return errors.NewRequestConflictError(err)
|
|
}
|
|
|
|
if ec.Running {
|
|
ec.Unlock()
|
|
return fmt.Errorf("Error: Exec command %s is already running", ec.ID)
|
|
}
|
|
ec.Running = true
|
|
defer func() {
|
|
if err != nil {
|
|
ec.Running = false
|
|
exitCode := 126
|
|
ec.ExitCode = &exitCode
|
|
}
|
|
}()
|
|
ec.Unlock()
|
|
|
|
c := d.containers.Get(ec.ContainerID)
|
|
logrus.Debugf("starting exec command %s in container %s", ec.ID, c.ID)
|
|
d.LogContainerEvent(c, "exec_start: "+ec.Entrypoint+" "+strings.Join(ec.Args, " "))
|
|
|
|
if ec.OpenStdin && stdin != nil {
|
|
r, w := io.Pipe()
|
|
go func() {
|
|
defer w.Close()
|
|
defer logrus.Debug("Closing buffered stdin pipe")
|
|
pools.Copy(w, stdin)
|
|
}()
|
|
cStdin = r
|
|
}
|
|
if ec.OpenStdout {
|
|
cStdout = stdout
|
|
}
|
|
if ec.OpenStderr {
|
|
cStderr = stderr
|
|
}
|
|
|
|
if ec.OpenStdin {
|
|
ec.NewInputPipes()
|
|
} else {
|
|
ec.NewNopInputPipe()
|
|
}
|
|
|
|
p := libcontainerd.Process{
|
|
Args: append([]string{ec.Entrypoint}, ec.Args...),
|
|
Env: ec.Env,
|
|
Terminal: ec.Tty,
|
|
}
|
|
|
|
if err := execSetPlatformOpt(c, ec, &p); err != nil {
|
|
return err
|
|
}
|
|
|
|
attachErr := container.AttachStreams(ctx, ec.StreamConfig, ec.OpenStdin, true, ec.Tty, cStdin, cStdout, cStderr, ec.DetachKeys)
|
|
|
|
systemPid, err := d.containerd.AddProcess(ctx, c.ID, name, p, ec.InitializeStdio)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
ec.Lock()
|
|
ec.Pid = systemPid
|
|
ec.Unlock()
|
|
|
|
select {
|
|
case <-ctx.Done():
|
|
logrus.Debugf("Sending TERM signal to process %v in container %v", name, c.ID)
|
|
d.containerd.SignalProcess(c.ID, name, int(signal.SignalMap["TERM"]))
|
|
select {
|
|
case <-time.After(termProcessTimeout * time.Second):
|
|
logrus.Infof("Container %v, process %v failed to exit within %d seconds of signal TERM - using the force", c.ID, name, termProcessTimeout)
|
|
d.containerd.SignalProcess(c.ID, name, int(signal.SignalMap["KILL"]))
|
|
case <-attachErr:
|
|
// TERM signal worked
|
|
}
|
|
return fmt.Errorf("context cancelled")
|
|
case err := <-attachErr:
|
|
if err != nil {
|
|
if _, ok := err.(container.DetachError); !ok {
|
|
return fmt.Errorf("exec attach failed with error: %v", err)
|
|
}
|
|
d.LogContainerEvent(c, "exec_detach")
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// execCommandGC runs a ticker to clean up the daemon references
|
|
// of exec configs that are no longer part of the container.
|
|
func (d *Daemon) execCommandGC() {
|
|
for range time.Tick(5 * time.Minute) {
|
|
var (
|
|
cleaned int
|
|
liveExecCommands = d.containerExecIds()
|
|
)
|
|
for id, config := range d.execCommands.Commands() {
|
|
if config.CanRemove {
|
|
cleaned++
|
|
d.execCommands.Delete(id)
|
|
} else {
|
|
if _, exists := liveExecCommands[id]; !exists {
|
|
config.CanRemove = true
|
|
}
|
|
}
|
|
}
|
|
if cleaned > 0 {
|
|
logrus.Debugf("clean %d unused exec commands", cleaned)
|
|
}
|
|
}
|
|
}
|
|
|
|
// containerExecIds returns a list of all the current exec ids that are in use
|
|
// and running inside a container.
|
|
func (d *Daemon) containerExecIds() map[string]struct{} {
|
|
ids := map[string]struct{}{}
|
|
for _, c := range d.containers.List() {
|
|
for _, id := range c.ExecCommands.List() {
|
|
ids[id] = struct{}{}
|
|
}
|
|
}
|
|
return ids
|
|
}
|