Skip to content

Commit

Permalink
Refactor I/O and add SD_NOTIFY proxy support
Browse files Browse the repository at this point in the history
Refactored all the conn_sock functionality to be more generic. It can deal
with different types of sockets, stream vs dgram, and reuses all the same
callbacks, shutdown and async functionality.

Conmon creates a notify socket which podman bind-mounts into the container,
and passes in via the spec's environment variables.  Conmon relays the
READY=1 signal.  This is similar to what runc and crun do, but doing it in
conmon and NOT passing NOTIFY_SOCKET to the OCI runtime allows us to start
up properly without runc and crun blocking on the "start" command.

It would also be trivial to add more proxied sockets, i.e. the /dev/log
proof of concept I did would now be super easy, if we wanted to revisit that.

Signed-off-by: Joseph Gooch <[email protected]>
  • Loading branch information
goochjj committed Aug 21, 2020
1 parent 7ab6aa1 commit 6270ce7
Show file tree
Hide file tree
Showing 6 changed files with 289 additions and 77 deletions.
10 changes: 10 additions & 0 deletions src/conmon.c
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,16 @@ int main(int argc, char *argv[])
/* before we fork, ensure our children will be reaped */
atexit(reap_children);

/* Capture sd-notify socket for our purposes and remove from environment */
char *notify_socket_path = getenv("NOTIFY_SOCKET");
if (notify_socket_path != NULL) {
setup_notify_socket(notify_socket_path);
int r = unsetenv("NOTIFY_SOCKET");
if (r < 0) {
nwarnf("Cannot unset NOTIFY_SOCKET %d", r)
}
}

/* Environment variables */
sync_pipe_fd = get_pipe_fd_from_env("_OCI_SYNCPIPE");

Expand Down
Loading

0 comments on commit 6270ce7

Please sign in to comment.