github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-25 15:02:45 +00:00
Code Issues Projects Releases Wiki Activity

virtcontainers: remove systemd paramenter from constraintGRPCSpec

Browse Source 
systemd paramenter is no longer needed since `isSystemdCgroup` function
can be used to know if the cgroup path is a systemd cgroup path.

Signed-off-by: Julio Montes <julio.montes@intel.com>
This commit is contained in:
Julio Montes 2019-12-09 17:33:36 +00:00
parent 8c63c18098
commit ce2795e949
2 changed files with 9 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
virtcontainers/kata_agent.go
View File

@ -12,7 +12,6 @@ import (
"io/ioutil" "io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
"regexp"
"strconv" "strconv"
"strings" "strings"
"sync" "sync"
@ -1008,7 +1007,7 @@ func (k *kataAgent) replaceOCIMountsForStorages(spec *specs.Spec, volumeStorages
return nil return nil
} }
func constraintGRPCSpec(grpcSpec *grpc.Spec, systemdCgroup bool, passSeccomp bool) { func constraintGRPCSpec(grpcSpec *grpc.Spec, passSeccomp bool) {
// Disable Hooks since they have been handled on the host and there is // Disable Hooks since they have been handled on the host and there is
// no reason to send them to the agent. It would make no sense to try // no reason to send them to the agent. It would make no sense to try
// to apply them on the guest. // to apply them on the guest.
@ -1033,19 +1032,14 @@ func constraintGRPCSpec(grpcSpec *grpc.Spec, systemdCgroup bool, passSeccomp boo
// - Initrd image doesn't have systemd. // - Initrd image doesn't have systemd.
// - Nobody will be able to modify the resources of a specific container by using systemctl set-property. // - Nobody will be able to modify the resources of a specific container by using systemctl set-property.
// - docker is not running in the VM. // - docker is not running in the VM.
if systemdCgroup { if isSystemdCgroup(grpcSpec.Linux.CgroupsPath) {
// Convert systemd cgroup to cgroupfs // Convert systemd cgroup to cgroupfs
// systemd cgroup path: slice:prefix:name slice := strings.Split(grpcSpec.Linux.CgroupsPath, ":")
re := regexp.MustCompile(`([[:alnum:]]|.)+:([[:alnum:]]|.)+:([[:alnum:]]|.)+`)
systemdCgroupPath := re.FindString(grpcSpec.Linux.CgroupsPath)
if systemdCgroupPath != "" {
slice := strings.Split(systemdCgroupPath, ":")
// 0 - slice: system.slice // 0 - slice: system.slice
// 1 - prefix: docker // 1 - prefix: docker
// 2 - name: abc123 // 2 - name: abc123
grpcSpec.Linux.CgroupsPath = filepath.Join("/", slice[1], slice[2]) grpcSpec.Linux.CgroupsPath = filepath.Join("/", slice[1], slice[2])
} }
}
// Disable network namespace since it is already handled on the host by // Disable network namespace since it is already handled on the host by
// virtcontainers. The network is a complex part which cannot be simply // virtcontainers. The network is a complex part which cannot be simply
@ -1318,7 +1312,7 @@ func (k *kataAgent) createContainer(sandbox *Sandbox, c *Container) (p *Process,
// We need to constraint the spec to make sure we're not passing // We need to constraint the spec to make sure we're not passing
// irrelevant information to the agent. // irrelevant information to the agent.
constraintGRPCSpec(grpcSpec, sandbox.config.SystemdCgroup, passSeccomp) constraintGRPCSpec(grpcSpec, passSeccomp)
k.handleShm(grpcSpec, sandbox) k.handleShm(grpcSpec, sandbox)

2
virtcontainers/kata_agent_test.go
View File

@ -489,7 +489,7 @@ func TestConstraintGRPCSpec(t *testing.T) {
}, },
} }
constraintGRPCSpec(g, true, true) constraintGRPCSpec(g, true)
// check nil fields // check nil fields
assert.Nil(g.Hooks) assert.Nil(g.Hooks)