Skip to content

Commit

Permalink
cri: handle bugs and edge cases
Browse files Browse the repository at this point in the history 
- It is possible that cri socket be named something different and cri runtime be different like EKS uses dockershim as socket but the runtime is containerd. So we decide based on the runtime and not configured socket

- Recent changes introduced docker getting instantiated later at runtime and not init time due to which we were not fetching already deployed containers, so added a check to instantiate docker handler if nil

Signed-off-by: daemon1024 <[email protected]>
  • Loading branch information
@daemon1024
daemon1024 committed Jul 4, 2022
1 parent 8e74a24 commit 8a0c7e2
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 9 deletions.
10 changes: 4 additions & 6 deletions KubeArmor/core/dockerHandler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -172,9 +172,9 @@ func (dh *DockerHandler) GetEventChannel() <-chan events.Message {

// GetAlreadyDeployedDockerContainers Function
func (dm *KubeArmorDaemon) GetAlreadyDeployedDockerContainers() {
// check if Docker exists
// check if Docker exists else instantiate
if Docker == nil {
return
Docker = NewDockerHandler()
}

if containerList, err := Docker.DockerClient.ContainerList(context.Background(), types.ContainerListOptions{}); err == nil {
Expand Down Expand Up @@ -376,11 +376,9 @@ func (dm *KubeArmorDaemon) MonitorDockerEvents() {
dm.WgDaemon.Add(1)
defer dm.WgDaemon.Done()

Docker = NewDockerHandler()

// check if Docker exists
// check if Docker exists else instantiate
if Docker == nil {
return
Docker = NewDockerHandler()
}

dm.Logger.Print("Started to monitor Docker events")
Expand Down
6 changes: 3 additions & 3 deletions KubeArmor/core/kubeArmor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -461,15 +461,15 @@ func KubeArmor() {
}

// monitor containers
if strings.Contains(cfg.GlobalCfg.CRISocket, "docker") {
if strings.Contains(dm.Node.ContainerRuntimeVersion, "docker") {
// update already deployed containers
dm.GetAlreadyDeployedDockerContainers()
// monitor docker events
go dm.MonitorDockerEvents()
} else if strings.Contains(cfg.GlobalCfg.CRISocket, "containerd") {
} else if strings.Contains(dm.Node.ContainerRuntimeVersion, "containerd") {
// monitor containerd events
go dm.MonitorContainerdEvents()
} else if strings.Contains(cfg.GlobalCfg.CRISocket, "crio") {
} else if strings.Contains(dm.Node.ContainerRuntimeVersion, "crio") {
// monitor crio events
go dm.MonitorCrioEvents()
} else {
Expand Down

0 comments on commit 8a0c7e2

Please sign in to comment.