github.com/jen20/docker@v1.13.1/daemon/oci_solaris.go (about) 1 package daemon 2 3 import ( 4 "fmt" 5 "path/filepath" 6 "sort" 7 "strconv" 8 9 containertypes "github.com/docker/docker/api/types/container" 10 "github.com/docker/docker/container" 11 "github.com/docker/docker/oci" 12 "github.com/docker/libnetwork" 13 "github.com/opencontainers/runtime-spec/specs-go" 14 ) 15 16 func setResources(s *specs.Spec, r containertypes.Resources) error { 17 mem := getMemoryResources(r) 18 s.Solaris.CappedMemory = &mem 19 20 capCPU := getCPUResources(r) 21 s.Solaris.CappedCPU = &capCPU 22 23 return nil 24 } 25 26 func setUser(s *specs.Spec, c *container.Container) error { 27 uid, gid, additionalGids, err := getUser(c, c.Config.User) 28 if err != nil { 29 return err 30 } 31 s.Process.User.UID = uid 32 s.Process.User.GID = gid 33 s.Process.User.AdditionalGids = additionalGids 34 return nil 35 } 36 37 func getUser(c *container.Container, username string) (uint32, uint32, []uint32, error) { 38 return 0, 0, nil, nil 39 } 40 41 func (daemon *Daemon) getRunzAnet(ep libnetwork.Endpoint) (specs.Anet, error) { 42 var ( 43 linkName string 44 lowerLink string 45 defRouter string 46 ) 47 48 epInfo := ep.Info() 49 if epInfo == nil { 50 return specs.Anet{}, fmt.Errorf("invalid endpoint") 51 } 52 53 nw, err := daemon.GetNetworkByName(ep.Network()) 54 if err != nil { 55 return specs.Anet{}, fmt.Errorf("Failed to get network %s: %v", ep.Network(), err) 56 } 57 58 // Evaluate default router, linkname and lowerlink for interface endpoint 59 switch nw.Type() { 60 case "bridge": 61 defRouter = epInfo.Gateway().String() 62 linkName = "net0" // Should always be net0 for a container 63 64 // TODO We construct lowerlink here exactly as done for solaris bridge 65 // initialization. Need modular code to reuse. 66 options := nw.Info().DriverOptions() 67 nwName := options["com.docker.network.bridge.name"] 68 lastChar := nwName[len(nwName)-1:] 69 if _, err = strconv.Atoi(lastChar); err != nil { 70 lowerLink = nwName + "_0" 71 } else { 72 lowerLink = nwName 73 } 74 75 case "overlay": 76 defRouter = "" 77 linkName = "net1" 78 79 // TODO Follows generateVxlanName() in solaris overlay. 80 id := nw.ID() 81 if len(nw.ID()) > 12 { 82 id = nw.ID()[:12] 83 } 84 lowerLink = "vx_" + id + "_0" 85 } 86 87 runzanet := specs.Anet{ 88 Linkname: linkName, 89 Lowerlink: lowerLink, 90 Allowedaddr: epInfo.Iface().Address().String(), 91 Configallowedaddr: "true", 92 Defrouter: defRouter, 93 Linkprotection: "mac-nospoof, ip-nospoof", 94 Macaddress: epInfo.Iface().MacAddress().String(), 95 } 96 97 return runzanet, nil 98 } 99 100 func (daemon *Daemon) setNetworkInterface(s *specs.Spec, c *container.Container) error { 101 var anets []specs.Anet 102 103 sb, err := daemon.netController.SandboxByID(c.NetworkSettings.SandboxID) 104 if err != nil { 105 return fmt.Errorf("Could not obtain sandbox for container") 106 } 107 108 // Populate interfaces required for each endpoint 109 for _, ep := range sb.Endpoints() { 110 runzanet, err := daemon.getRunzAnet(ep) 111 if err != nil { 112 return fmt.Errorf("Failed to get interface information for endpoint %d: %v", ep.ID(), err) 113 } 114 anets = append(anets, runzanet) 115 } 116 117 s.Solaris.Anet = anets 118 if anets != nil { 119 s.Solaris.Milestone = "svc:/milestone/container:default" 120 } 121 return nil 122 } 123 124 func (daemon *Daemon) populateCommonSpec(s *specs.Spec, c *container.Container) error { 125 linkedEnv, err := daemon.setupLinkedContainers(c) 126 if err != nil { 127 return err 128 } 129 s.Root = specs.Root{ 130 Path: filepath.Dir(c.BaseFS), 131 Readonly: c.HostConfig.ReadonlyRootfs, 132 } 133 rootUID, rootGID := daemon.GetRemappedUIDGID() 134 if err := c.SetupWorkingDirectory(rootUID, rootGID); err != nil { 135 return err 136 } 137 cwd := c.Config.WorkingDir 138 s.Process.Args = append([]string{c.Path}, c.Args...) 139 s.Process.Cwd = cwd 140 s.Process.Env = c.CreateDaemonEnvironment(c.Config.Tty, linkedEnv) 141 s.Process.Terminal = c.Config.Tty 142 s.Hostname = c.FullHostname() 143 144 return nil 145 } 146 147 func (daemon *Daemon) createSpec(c *container.Container) (*specs.Spec, error) { 148 s := oci.DefaultSpec() 149 if err := daemon.populateCommonSpec(&s, c); err != nil { 150 return nil, err 151 } 152 153 if err := setResources(&s, c.HostConfig.Resources); err != nil { 154 return nil, fmt.Errorf("runtime spec resources: %v", err) 155 } 156 157 if err := setUser(&s, c); err != nil { 158 return nil, fmt.Errorf("spec user: %v", err) 159 } 160 161 if err := daemon.setNetworkInterface(&s, c); err != nil { 162 return nil, err 163 } 164 165 if err := daemon.setupIpcDirs(c); err != nil { 166 return nil, err 167 } 168 169 ms, err := daemon.setupMounts(c) 170 if err != nil { 171 return nil, err 172 } 173 ms = append(ms, c.IpcMounts()...) 174 tmpfsMounts, err := c.TmpfsMounts() 175 if err != nil { 176 return nil, err 177 } 178 ms = append(ms, tmpfsMounts...) 179 sort.Sort(mounts(ms)) 180 181 return (*specs.Spec)(&s), nil 182 } 183 184 // mergeUlimits merge the Ulimits from HostConfig with daemon defaults, and update HostConfig 185 // It will do nothing on non-Linux platform 186 func (daemon *Daemon) mergeUlimits(c *containertypes.HostConfig) { 187 return 188 }