github.com/moby/docker@v26.1.3+incompatible/daemon/container_operations_windows.go (about) 1 package daemon // import "github.com/docker/docker/daemon" 2 3 import ( 4 "context" 5 "fmt" 6 "os" 7 8 "github.com/containerd/log" 9 "github.com/docker/docker/container" 10 "github.com/docker/docker/daemon/config" 11 "github.com/docker/docker/libnetwork" 12 "github.com/docker/docker/pkg/system" 13 "github.com/pkg/errors" 14 ) 15 16 func (daemon *Daemon) setupLinkedContainers(container *container.Container) ([]string, error) { 17 return nil, nil 18 } 19 20 func (daemon *Daemon) setupConfigDir(c *container.Container) (setupErr error) { 21 if len(c.ConfigReferences) == 0 { 22 return nil 23 } 24 25 localPath := c.ConfigsDirPath() 26 log.G(context.TODO()).Debugf("configs: setting up config dir: %s", localPath) 27 28 // create local config root 29 if err := system.MkdirAllWithACL(localPath, 0, system.SddlAdministratorsLocalSystem); err != nil { 30 return errors.Wrap(err, "error creating config dir") 31 } 32 33 defer func() { 34 if setupErr != nil { 35 if err := os.RemoveAll(localPath); err != nil { 36 log.G(context.TODO()).Errorf("error cleaning up config dir: %s", err) 37 } 38 } 39 }() 40 41 if c.DependencyStore == nil { 42 return fmt.Errorf("config store is not initialized") 43 } 44 45 for _, configRef := range c.ConfigReferences { 46 // TODO (ehazlett): use type switch when more are supported 47 if configRef.File == nil { 48 // Runtime configs are not mounted into the container, but they're 49 // a valid type of config so we should not error when we encounter 50 // one. 51 if configRef.Runtime == nil { 52 log.G(context.TODO()).Error("config target type is not a file or runtime target") 53 } 54 // However, in any case, this isn't a file config, so we have no 55 // further work to do 56 continue 57 } 58 59 fPath, err := c.ConfigFilePath(*configRef) 60 if err != nil { 61 return errors.Wrap(err, "error getting config file path for container") 62 } 63 log := log.G(context.TODO()).WithFields(log.Fields{"name": configRef.File.Name, "path": fPath}) 64 65 log.Debug("injecting config") 66 config, err := c.DependencyStore.Configs().Get(configRef.ConfigID) 67 if err != nil { 68 return errors.Wrap(err, "unable to get config from config store") 69 } 70 if err := os.WriteFile(fPath, config.Spec.Data, configRef.File.Mode); err != nil { 71 return errors.Wrap(err, "error injecting config") 72 } 73 } 74 75 return nil 76 } 77 78 func (daemon *Daemon) setupIpcDirs(container *container.Container) error { 79 return nil 80 } 81 82 // TODO Windows: Fix Post-TP5. This is a hack to allow docker cp to work 83 // against containers which have volumes. You will still be able to cp 84 // to somewhere on the container drive, but not to any mounted volumes 85 // inside the container. Without this fix, docker cp is broken to any 86 // container which has a volume, regardless of where the file is inside the 87 // container. 88 func (daemon *Daemon) mountVolumes(container *container.Container) error { 89 return nil 90 } 91 92 func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) { 93 if len(c.SecretReferences) == 0 { 94 return nil 95 } 96 97 localMountPath, err := c.SecretMountPath() 98 if err != nil { 99 return err 100 } 101 log.G(context.TODO()).Debugf("secrets: setting up secret dir: %s", localMountPath) 102 103 // create local secret root 104 if err := system.MkdirAllWithACL(localMountPath, 0, system.SddlAdministratorsLocalSystem); err != nil { 105 return errors.Wrap(err, "error creating secret local directory") 106 } 107 108 defer func() { 109 if setupErr != nil { 110 if err := os.RemoveAll(localMountPath); err != nil { 111 log.G(context.TODO()).Errorf("error cleaning up secret mount: %s", err) 112 } 113 } 114 }() 115 116 if c.DependencyStore == nil { 117 return fmt.Errorf("secret store is not initialized") 118 } 119 120 for _, s := range c.SecretReferences { 121 // TODO (ehazlett): use type switch when more are supported 122 if s.File == nil { 123 log.G(context.TODO()).Error("secret target type is not a file target") 124 continue 125 } 126 127 // secrets are created in the SecretMountPath on the host, at a 128 // single level 129 fPath, err := c.SecretFilePath(*s) 130 if err != nil { 131 return err 132 } 133 log.G(context.TODO()).WithFields(log.Fields{ 134 "name": s.File.Name, 135 "path": fPath, 136 }).Debug("injecting secret") 137 secret, err := c.DependencyStore.Secrets().Get(s.SecretID) 138 if err != nil { 139 return errors.Wrap(err, "unable to get secret from secret store") 140 } 141 if err := os.WriteFile(fPath, secret.Spec.Data, s.File.Mode); err != nil { 142 return errors.Wrap(err, "error injecting secret") 143 } 144 } 145 146 return nil 147 } 148 149 func killProcessDirectly(container *container.Container) error { 150 return nil 151 } 152 153 func isLinkable(child *container.Container) bool { 154 return false 155 } 156 157 func enableIPOnPredefinedNetwork() bool { 158 return true 159 } 160 161 // serviceDiscoveryOnDefaultNetwork indicates if service discovery is supported on the default network 162 func serviceDiscoveryOnDefaultNetwork() bool { 163 return true 164 } 165 166 func buildSandboxPlatformOptions(container *container.Container, cfg *config.Config, sboxOptions *[]libnetwork.SandboxOption) error { 167 // By default, the Windows internal resolver does not forward requests to 168 // external resolvers - but forwarding can be enabled using feature flag 169 // "windows-dns-proxy":true. 170 if doproxy, exists := cfg.Features["windows-dns-proxy"]; !exists || !doproxy { 171 *sboxOptions = append(*sboxOptions, libnetwork.OptionDNSNoProxy()) 172 } 173 return nil 174 } 175 176 func (daemon *Daemon) initializeNetworkingPaths(container *container.Container, nc *container.Container) error { 177 if nc.HostConfig.Isolation.IsHyperV() { 178 return fmt.Errorf("sharing of hyperv containers network is not supported") 179 } 180 181 container.NetworkSharedContainerID = nc.ID 182 183 if nc.NetworkSettings != nil { 184 for n := range nc.NetworkSettings.Networks { 185 sn, err := daemon.FindNetwork(n) 186 if err != nil { 187 continue 188 } 189 190 ep, err := getEndpointInNetwork(nc.Name, sn) 191 if err != nil { 192 continue 193 } 194 195 data, err := ep.DriverInfo() 196 if err != nil { 197 continue 198 } 199 200 if data["GW_INFO"] != nil { 201 gwInfo := data["GW_INFO"].(map[string]interface{}) 202 if gwInfo["hnsid"] != nil { 203 container.SharedEndpointList = append(container.SharedEndpointList, gwInfo["hnsid"].(string)) 204 } 205 } 206 207 if data["hnsid"] != nil { 208 container.SharedEndpointList = append(container.SharedEndpointList, data["hnsid"].(string)) 209 } 210 } 211 } 212 213 return nil 214 }