Skip to content

Commit

Permalink
Merge pull request #3813 from baude/nofds
Browse files Browse the repository at this point in the history
do not activate sd_notify support when varlink
  • Loading branch information
openshift-merge-robot authored Aug 18, 2019
2 parents 76f327f + e667301 commit 438cbf4
Show file tree
Hide file tree
Showing 6 changed files with 38 additions and 10 deletions.
19 changes: 14 additions & 5 deletions cmd/podman/libpodruntime/runtime.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,25 +15,30 @@ import (

// GetRuntimeMigrate gets a libpod runtime that will perform a migration of existing containers
func GetRuntimeMigrate(ctx context.Context, c *cliconfig.PodmanCommand) (*libpod.Runtime, error) {
return getRuntime(ctx, c, false, true, false)
return getRuntime(ctx, c, false, true, false, true)
}

// GetRuntimeDisableFDs gets a libpod runtime that will disable sd notify
func GetRuntimeDisableFDs(ctx context.Context, c *cliconfig.PodmanCommand) (*libpod.Runtime, error) {
return getRuntime(ctx, c, false, false, false, false)
}

// GetRuntimeRenumber gets a libpod runtime that will perform a lock renumber
func GetRuntimeRenumber(ctx context.Context, c *cliconfig.PodmanCommand) (*libpod.Runtime, error) {
return getRuntime(ctx, c, true, false, false)
return getRuntime(ctx, c, true, false, false, true)
}

// GetRuntime generates a new libpod runtime configured by command line options
func GetRuntime(ctx context.Context, c *cliconfig.PodmanCommand) (*libpod.Runtime, error) {
return getRuntime(ctx, c, false, false, false)
return getRuntime(ctx, c, false, false, false, true)
}

// GetRuntimeNoStore generates a new libpod runtime configured by command line options
func GetRuntimeNoStore(ctx context.Context, c *cliconfig.PodmanCommand) (*libpod.Runtime, error) {
return getRuntime(ctx, c, false, false, true)
return getRuntime(ctx, c, false, false, true, true)
}

func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, renumber, migrate, noStore bool) (*libpod.Runtime, error) {
func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, renumber, migrate, noStore, withFDS bool) (*libpod.Runtime, error) {
options := []libpod.RuntimeOption{}
storageOpts := storage.StoreOptions{}
storageSet := false
Expand Down Expand Up @@ -165,6 +170,10 @@ func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, renumber, migra
infraCommand, _ := c.Flags().GetString("infra-command")
options = append(options, libpod.WithDefaultInfraCommand(infraCommand))
}

if withFDS {
options = append(options, libpod.WithEnableSDNotify())
}
if c.Flags().Changed("config") {
return libpod.NewRuntimeFromConfig(ctx, c.GlobalFlags.Config, options...)
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/podman/varlink.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ func varlinkCmd(c *cliconfig.VarlinkValues) error {
timeout := time.Duration(c.Timeout) * time.Millisecond

// Create a single runtime for varlink
runtime, err := libpodruntime.GetRuntime(getContext(), &c.PodmanCommand)
runtime, err := libpodruntime.GetRuntimeDisableFDs(getContext(), &c.PodmanCommand)
if err != nil {
return errors.Wrapf(err, "error creating libpod runtime")
}
Expand Down
2 changes: 2 additions & 0 deletions libpod/oci.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ type OCIRuntime struct {
noPivot bool
reservePorts bool
supportsJSON bool
sdNotify bool
}

// ociError is used to parse the OCI runtime JSON log. It is not part of the
Expand Down Expand Up @@ -87,6 +88,7 @@ func newOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *R
runtime.logSizeMax = runtimeCfg.MaxLogSize
runtime.noPivot = runtimeCfg.NoPivotRoot
runtime.reservePorts = runtimeCfg.EnablePortReservation
runtime.sdNotify = runtimeCfg.SDNotify

// TODO: probe OCI runtime for feature and enable automatically if
// available.
Expand Down
12 changes: 8 additions & 4 deletions libpod/oci_internal_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,10 +247,14 @@ func (r *OCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*os.File
if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok {
env = append(env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify))
}
if listenfds, ok := os.LookupEnv("LISTEN_FDS"); ok {
env = append(env, fmt.Sprintf("LISTEN_FDS=%s", listenfds), "LISTEN_PID=1")
fds := activation.Files(false)
extraFiles = append(extraFiles, fds...)
if !r.sdNotify {
if listenfds, ok := os.LookupEnv("LISTEN_FDS"); ok {
env = append(env, fmt.Sprintf("LISTEN_FDS=%s", listenfds), "LISTEN_PID=1")
fds := activation.Files(false)
extraFiles = append(extraFiles, fds...)
}
} else {
logrus.Debug("disabling SD notify")
}
return env, extraFiles, nil
}
Expand Down
9 changes: 9 additions & 0 deletions libpod/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -482,6 +482,15 @@ func WithEventsLogger(logger string) RuntimeOption {
}
}

// WithEnableSDNotify sets a runtime option so we know whether to disable socket/FD
// listening
func WithEnableSDNotify() RuntimeOption {
return func(rt *Runtime) error {
rt.config.SDNotify = true
return nil
}
}

// Container Creation Options

// WithShmDir sets the directory that should be mounted on /dev/shm.
Expand Down
4 changes: 4 additions & 0 deletions libpod/runtime.go
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,10 @@ type RuntimeConfig struct {
EventsLogFilePath string `toml:"-events_logfile_path"`
//DetachKeys is the sequence of keys used to detach a container
DetachKeys string `toml:"detach_keys"`

// SDNotify tells Libpod to allow containers to notify the host
// systemd of readiness using the SD_NOTIFY mechanism
SDNotify bool
}

// runtimeConfiguredFrom is a struct used during early runtime init to help
Expand Down

0 comments on commit 438cbf4

Please sign in to comment.