mirror of
https://github.com/moby/moby.git
synced 2026-01-11 10:41:43 +00:00
0df791cb72
The Container.State struct holds the container's state, and most of
its fields are expected to change dynamically. Some o these state-changes
are explicit, for example, setting the container to be "stopped". Other
state changes can be more explicit, for example due to the containers'
process exiting or being "OOM" killed by the kernel.
The distinction between explicit ("desired") state changes and "state"
("actual state") is sometimes vague; for some properties, we clearly
separated them, for example if a user requested the container to be
stopped or restarted, we store state in the Container object itself;
HasBeenManuallyStopped bool // used for unless-stopped restart policy
HasBeenManuallyRestarted bool `json:"-"` // used to distinguish restart caused by restart policy from the manual one
Other properties are more ambiguous. such as "HasBeenStartedBefore" and
"RestartCount", which are stored on the Container (and persisted to
disk), but may be more related to "actual" state, and likely should
not be persisted;
RestartCount int
HasBeenStartedBefore bool
Given that (per the above) concurrency must be taken into account, most
changes to the `container.State` struct should be protected; here's where
things get blurry. While the `State` type provides various accessor methods,
only some of them take concurrency into account; for example, [State.IsRunning]
and [State.GetPID] acquire a lock, whereas [State.ExitCodeValue] does not.
Even the (commonly used) [State.StateString] has no locking at all.
The way to handle this is error-prone; [container.State] contains a mutex,
and it's exported. Given that its embedded in the [container.Container]
struct, it's also exposed as an exported mutex for the container. The
assumption here is that by "merging" the two, the caller to acquire a lock
when either the container _or_ its state must be mutated. However, because
some methods on `container.State` handle their own locking, consumers must
be deeply familiar with the internals; if both changes to the `Container`
AND `Container.State` must be made. This gets amplified more as some
(exported!) methods, such as [container.SetRunning] mutate multiple fields,
but don't acquire a lock (so expect the caller to hold one), but their
(also exported) counterpart (e.g. [State.IsRunning]) do.
It should be clear from the above, that this needs some architectural
changes; a clearer separation between "desired" and "actual" state (opening
the potential to update the container's config without manually touching
its `State`), possibly a method to obtain a read-only copy of the current
state (for those querying state), and reviewing which fields belong where
(and should be persisted to disk, or only remain in memory).
This PR preserves the status quo; it makes no structural changes, other
than exposing where we access the container's state. Where previously the
State fields and methods were referred to as "part of the container"
(e.g. `ctr.IsRunning()` or `ctr.Running`), we now explicitly reference
the embedded `State` (`ctr.State.IsRunning`, `ctr.State.Running`).
The exception (for now) is the mutex, which is still referenced through
the embedded struct (`ctr.Lock()` instead of `ctr.State.Lock()`), as this
is (mostly) by design to protect the container, and what's in it (including
its `State`).
[State.IsRunning]: c4afa77157/daemon/container/state.go (L205-L209)
[State.GetPID]: c4afa77157/daemon/container/state.go (L211-L216)
[State.ExitCodeValue]: c4afa77157/daemon/container/state.go (L218-L228)
[State.StateString]: c4afa77157/daemon/container/state.go (L102-L131)
[container.State]: c4afa77157/daemon/container/state.go (L15-L23)
[container.Container]: c4afa77157/daemon/container/container.go (L67-L75)
[container.SetRunning]: c4afa77157/daemon/container/state.go (L230-L277)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
315 lines
9.6 KiB
Go
315 lines
9.6 KiB
Go
package daemon
|
|
|
|
import (
|
|
"errors"
|
|
"io"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"github.com/moby/go-archive"
|
|
"github.com/moby/go-archive/chrootarchive"
|
|
containertypes "github.com/moby/moby/api/types/container"
|
|
"github.com/moby/moby/api/types/events"
|
|
"github.com/moby/moby/v2/daemon/container"
|
|
"github.com/moby/moby/v2/errdefs"
|
|
"github.com/moby/moby/v2/pkg/ioutils"
|
|
)
|
|
|
|
// containerStatPath stats the filesystem resource at the specified path in this
|
|
// container. Returns stat info about the resource.
|
|
func (daemon *Daemon) containerStatPath(container *container.Container, path string) (*containertypes.PathStat, error) {
|
|
container.Lock()
|
|
defer container.Unlock()
|
|
|
|
// Make sure an online file-system operation is permitted.
|
|
if err := daemon.isOnlineFSOperationPermitted(container); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := daemon.Mount(container); err != nil {
|
|
return nil, err
|
|
}
|
|
defer daemon.Unmount(container)
|
|
|
|
err := daemon.mountVolumes(container)
|
|
defer container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Normalize path before sending to rootfs
|
|
path = filepath.FromSlash(path)
|
|
|
|
resolvedPath, absPath, err := container.ResolvePath(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return container.StatPath(resolvedPath, absPath)
|
|
}
|
|
|
|
// containerArchivePath creates an archive of the filesystem resource at the specified
|
|
// path in this container. Returns a tar archive of the resource and stat info
|
|
// about the resource.
|
|
func (daemon *Daemon) containerArchivePath(container *container.Container, path string) (content io.ReadCloser, stat *containertypes.PathStat, retErr error) {
|
|
container.Lock()
|
|
|
|
defer func() {
|
|
if retErr != nil {
|
|
// Wait to unlock the container until the archive is fully read
|
|
// (see the ReadCloseWrapper func below) or if there is an error
|
|
// before that occurs.
|
|
container.Unlock()
|
|
}
|
|
}()
|
|
|
|
// Make sure an online file-system operation is permitted.
|
|
if err := daemon.isOnlineFSOperationPermitted(container); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if err := daemon.Mount(container); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
defer func() {
|
|
if retErr != nil {
|
|
// unmount any volumes
|
|
container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
// unmount the container's rootfs
|
|
daemon.Unmount(container)
|
|
}
|
|
}()
|
|
|
|
if err := daemon.mountVolumes(container); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Normalize path before sending to rootfs
|
|
path = filepath.FromSlash(path)
|
|
|
|
resolvedPath, absPath, err := container.ResolvePath(path)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
stat, err = container.StatPath(resolvedPath, absPath)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// We need to rebase the archive entries if the last element of the
|
|
// resolved path was a symlink that was evaluated and is now different
|
|
// than the requested path. For example, if the given path was "/foo/bar/",
|
|
// but it resolved to "/var/lib/docker/containers/{id}/foo/baz/", we want
|
|
// to ensure that the archive entries start with "bar" and not "baz". This
|
|
// also catches the case when the root directory of the container is
|
|
// requested: we want the archive entries to start with "/" and not the
|
|
// container ID.
|
|
|
|
// Get the source and the base paths of the container resolved path in order
|
|
// to get the proper tar options for the rebase tar.
|
|
resolvedPath = filepath.Clean(resolvedPath)
|
|
if filepath.Base(resolvedPath) == "." {
|
|
resolvedPath += string(filepath.Separator) + "."
|
|
}
|
|
|
|
sourceDir := resolvedPath
|
|
sourceBase := "."
|
|
|
|
if stat.Mode&os.ModeDir == 0 { // not dir
|
|
sourceDir, sourceBase = filepath.Split(resolvedPath)
|
|
}
|
|
opts := archive.TarResourceRebaseOpts(sourceBase, filepath.Base(absPath))
|
|
|
|
data, err := chrootarchive.Tar(sourceDir, opts, container.BaseFS)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
content = ioutils.NewReadCloserWrapper(data, func() error {
|
|
err := data.Close()
|
|
container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
daemon.Unmount(container)
|
|
container.Unlock()
|
|
return err
|
|
})
|
|
|
|
daemon.LogContainerEvent(container, events.ActionArchivePath)
|
|
|
|
return content, stat, nil
|
|
}
|
|
|
|
// containerExtractToDir extracts the given tar archive to the specified location in the
|
|
// filesystem of this container. The given path must be of a directory in the
|
|
// container. If it is not, the error will be an errdefs.InvalidParameter. If
|
|
// noOverwriteDirNonDir is true then it will be an error if unpacking the
|
|
// given content would cause an existing directory to be replaced with a non-
|
|
// directory and vice versa.
|
|
//
|
|
// FIXME(thaJeztah): copyUIDGID is not supported on Windows, but currently ignored silently
|
|
func (daemon *Daemon) containerExtractToDir(container *container.Container, path string, copyUIDGID, allowOverwriteDirWithFile bool, content io.Reader) error {
|
|
container.Lock()
|
|
defer container.Unlock()
|
|
|
|
// Make sure an online file-system operation is permitted.
|
|
if err := daemon.isOnlineFSOperationPermitted(container); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := daemon.Mount(container); err != nil {
|
|
return err
|
|
}
|
|
defer daemon.Unmount(container)
|
|
|
|
err := daemon.mountVolumes(container)
|
|
defer container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Normalize path before sending to rootfs'
|
|
path = filepath.FromSlash(path)
|
|
|
|
// Check if a drive letter supplied, it must be the system drive. No-op except on Windows
|
|
path, err = archive.CheckSystemDriveAndRemoveDriveLetter(path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// The destination path needs to be resolved to a host path, with all
|
|
// symbolic links followed in the scope of the container's rootfs. Note
|
|
// that we do not use `container.ResolvePath(path)` here because we need
|
|
// to also evaluate the last path element if it is a symlink. This is so
|
|
// that you can extract an archive to a symlink that points to a directory.
|
|
|
|
// Consider the given path as an absolute path in the container.
|
|
absPath := archive.PreserveTrailingDotOrSeparator(filepath.Join(string(filepath.Separator), path), path)
|
|
|
|
// This will evaluate the last path element if it is a symlink.
|
|
resolvedPath, err := container.GetResourcePath(absPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
stat, err := os.Lstat(resolvedPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if !stat.IsDir() {
|
|
return errdefs.InvalidParameter(errors.New("extraction point is not a directory"))
|
|
}
|
|
|
|
// TODO(thaJeztah): add check for writable path once windows supports read-only rootFS and (read-only) volumes during copy
|
|
//
|
|
// - e5261d6e4a1e96d4c0fa4b4480042046b695eda1 added "FIXME Post-TP4 / TP5"; check whether this would be possible to implement on Windows.
|
|
// - e5261d6e4a1e96d4c0fa4b4480042046b695eda1 added "or extracting to a mount point inside a volume"; check whether this is is still true, and adjust this check accordingly
|
|
//
|
|
// This comment is left in-place as a reminder :)
|
|
//
|
|
// absPath = filepath.Join(string(filepath.Separator), baseRel)
|
|
// if err := checkWritablePath(container, absPath); err != nil {
|
|
// return err
|
|
// }
|
|
|
|
options := daemon.defaultTarCopyOptions(allowOverwriteDirWithFile)
|
|
if err := chrootarchive.UntarWithRoot(content, resolvedPath, options, container.BaseFS); err != nil {
|
|
return err
|
|
}
|
|
|
|
daemon.LogContainerEvent(container, events.ActionExtractToDir)
|
|
|
|
return nil
|
|
}
|
|
|
|
func (daemon *Daemon) containerCopy(container *container.Container, resource string) (_ io.ReadCloser, retErr error) {
|
|
if resource[0] == '/' || resource[0] == '\\' {
|
|
resource = resource[1:]
|
|
}
|
|
container.Lock()
|
|
|
|
defer func() {
|
|
if retErr != nil {
|
|
// Wait to unlock the container until the archive is fully read
|
|
// (see the ReadCloseWrapper func below) or if there is an error
|
|
// before that occurs.
|
|
container.Unlock()
|
|
}
|
|
}()
|
|
|
|
// Make sure an online file-system operation is permitted.
|
|
if err := daemon.isOnlineFSOperationPermitted(container); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := daemon.Mount(container); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
defer func() {
|
|
if retErr != nil {
|
|
// unmount any volumes
|
|
container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
// unmount the container's rootfs
|
|
daemon.Unmount(container)
|
|
}
|
|
}()
|
|
|
|
if err := daemon.mountVolumes(container); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Normalize path before sending to rootfs
|
|
resource = filepath.FromSlash(resource)
|
|
|
|
basePath, err := container.GetResourcePath(resource)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
stat, err := os.Stat(basePath)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var filter []string
|
|
if !stat.IsDir() {
|
|
d, f := filepath.Split(basePath)
|
|
basePath = d
|
|
filter = []string{f}
|
|
}
|
|
archv, err := chrootarchive.Tar(basePath, &archive.TarOptions{
|
|
Compression: archive.Uncompressed,
|
|
IncludeFiles: filter,
|
|
}, container.BaseFS)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
reader := ioutils.NewReadCloserWrapper(archv, func() error {
|
|
err := archv.Close()
|
|
container.DetachAndUnmount(daemon.LogVolumeEvent)
|
|
daemon.Unmount(container)
|
|
container.Unlock()
|
|
return err
|
|
})
|
|
daemon.LogContainerEvent(container, events.ActionCopy)
|
|
return reader, nil
|
|
}
|
|
|
|
// isOnlineFSOperationPermitted returns an error if an online filesystem operation
|
|
// is not permitted (such as stat or for copying). Running Hyper-V containers
|
|
// cannot have their file-system interrogated from the host as the filter is
|
|
// loaded inside the utility VM, not the host.
|
|
// IMPORTANT: The container lock MUST be held when calling this function.
|
|
func (daemon *Daemon) isOnlineFSOperationPermitted(ctr *container.Container) error {
|
|
if !ctr.State.Running {
|
|
return nil
|
|
}
|
|
|
|
// Determine isolation. If not specified in the hostconfig, use daemon default.
|
|
if ctr.HostConfig.Isolation.IsHyperV() || ctr.HostConfig.Isolation.IsDefault() && daemon.defaultIsolation.IsHyperV() {
|
|
return errors.New("filesystem operations against a running Hyper-V container are not supported")
|
|
}
|
|
return nil
|
|
}
|