Merge pull request #3173 from liubin/fix/3172

agent: user container ID as watchable storage key for hashmap
2025-06-30 17:22:33 +00:00 · 2021-12-03 09:35:32 -06:00 · 2021-12-03 09:35:32 -06:00 · d02a0932d6
commit d02a0932d6
parent 3fdc97e110 39b35d0073
2 changed files with 25 additions and 8 deletions
--- a/src/agent/src/mount.rs
+++ b/src/agent/src/mount.rs
@ -405,14 +405,18 @@ async fn bind_watcher_storage_handler(
    logger: &Logger,
    storage: &Storage,
    sandbox: Arc<Mutex<Sandbox>>,
+    cid: Option<String>,
 ) -> Result<()> {
    let mut locked = sandbox.lock().await;
-    let container_id = locked.id.clone();

+    if let Some(cid) = cid {
        locked
            .bind_watcher
-        .add_container(container_id, iter::once(storage.clone()), logger)
+            .add_container(cid, iter::once(storage.clone()), logger)
            .await
+    } else {
+        Ok(())
+    }
 }

 // mount_storage performs the mount described by the storage structure.
@ -521,6 +525,7 @@ pub async fn add_storages(
    logger: Logger,
    storages: Vec<Storage>,
    sandbox: Arc<Mutex<Sandbox>>,
+    cid: Option<String>,
 ) -> Result<Vec<String>> {
    let mut mount_list = Vec::new();

@ -551,7 +556,8 @@ pub async fn add_storages(
            }
            DRIVER_NVDIMM_TYPE => nvdimm_storage_handler(&logger, &storage, sandbox.clone()).await,
            DRIVER_WATCHABLE_BIND_TYPE => {
-                bind_watcher_storage_handler(&logger, &storage, sandbox.clone()).await?;
+                bind_watcher_storage_handler(&logger, &storage, sandbox.clone(), cid.clone())
+                    .await?;
                // Don't register watch mounts, they're handled separately by the watcher.
                Ok(String::new())
            }
--- a/src/agent/src/rpc.rs
+++ b/src/agent/src/rpc.rs
@ -155,6 +155,10 @@ impl AgentService {
        };

        info!(sl!(), "receive createcontainer, spec: {:?}", &oci);
+        info!(
+            sl!(),
+            "receive createcontainer, storages: {:?}", &req.storages
+        );

        // Some devices need some extra processing (the ones invoked with
        // --device for instance), and that's what this call is doing. It
@ -170,7 +174,13 @@ impl AgentService {
        // After all those storages have been processed, no matter the order
        // here, the agent will rely on rustjail (using the oci.Mounts
        // list) to bind mount all of them inside the container.
-        let m = add_storages(sl!(), req.storages.to_vec(), self.sandbox.clone()).await?;
+        let m = add_storages(
+            sl!(),
+            req.storages.to_vec(),
+            self.sandbox.clone(),
+            Some(req.container_id.clone()),
+        )
+        .await?;
        {
            sandbox = self.sandbox.clone();
            s = sandbox.lock().await;
@ -580,6 +590,7 @@ impl protocols::agent_ttrpc::AgentService for AgentService {
    ) -> ttrpc::Result<Empty> {
        trace_rpc_call!(ctx, "remove_container", req);
        is_allowed!(req);
+
        match self.do_remove_container(req).await {
            Err(e) => Err(ttrpc_error(ttrpc::Code::INTERNAL, e.to_string())),
            Ok(_) => Ok(Empty::new()),
@ -993,7 +1004,7 @@ impl protocols::agent_ttrpc::AgentService for AgentService {
                .map_err(|e| ttrpc_error(ttrpc::Code::INTERNAL, e.to_string()))?;
        }

-        match add_storages(sl!(), req.storages.to_vec(), self.sandbox.clone()).await {
+        match add_storages(sl!(), req.storages.to_vec(), self.sandbox.clone(), None).await {
            Ok(m) => {
                let sandbox = self.sandbox.clone();
                let mut s = sandbox.lock().await;