mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-29 14:37:00 +00:00
Pass Nsenter to NsenterMounter and NsenterWriter
So Nsenter is initialized only once and with the right parameters.
This commit is contained in:
Jan Safranek
parent
a8a37fb714
commit
9b74125440
@ -110,6 +110,7 @@ go_library(
|
||||
"//pkg/util/io:go_default_library",
|
||||
"//pkg/util/mount:go_default_library",
|
||||
"//pkg/util/node:go_default_library",
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
"//pkg/util/oom:go_default_library",
|
||||
"//pkg/util/rlimit:go_default_library",
|
||||
"//pkg/version:go_default_library",
|
||||
@ -170,6 +171,7 @@ go_library(
|
||||
"//vendor/k8s.io/client-go/tools/record:go_default_library",
|
||||
"//vendor/k8s.io/client-go/util/cert:go_default_library",
|
||||
"//vendor/k8s.io/client-go/util/certificate:go_default_library",
|
||||
"//vendor/k8s.io/utils/exec:go_default_library",
|
||||
] + select({
|
||||
"@io_bazel_rules_go//go/platform:linux": [
|
||||
"//vendor/golang.org/x/exp/inotify:go_default_library",
|
||||
|
||||
@ -91,10 +91,12 @@ import (
|
||||
kubeio "k8s.io/kubernetes/pkg/util/io"
|
||||
"k8s.io/kubernetes/pkg/util/mount"
|
||||
nodeutil "k8s.io/kubernetes/pkg/util/node"
|
||||
"k8s.io/kubernetes/pkg/util/nsenter"
|
||||
"k8s.io/kubernetes/pkg/util/oom"
|
||||
"k8s.io/kubernetes/pkg/util/rlimit"
|
||||
"k8s.io/kubernetes/pkg/version"
|
||||
"k8s.io/kubernetes/pkg/version/verflag"
|
||||
"k8s.io/utils/exec"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -360,11 +362,12 @@ func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, err
|
||||
var writer kubeio.Writer = &kubeio.StdWriter{}
|
||||
if s.Containerized {
|
||||
glog.V(2).Info("Running kubelet in containerized mode")
|
||||
mounter, err = mount.NewNsenterMounter(s.RootDirectory)
|
||||
ne, err := nsenter.NewNsenter(nsenter.DefaultHostRootFsPath, exec.New())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
writer = &kubeio.NsenterWriter{}
|
||||
mounter = mount.NewNsenterMounter(s.RootDirectory, ne)
|
||||
writer = kubeio.NewNsenterWriter(ne)
|
||||
}
|
||||
|
||||
var dockerClientConfig *dockershim.ClientConfig
|
||||
|
||||
@ -50,18 +50,24 @@ func (writer *StdWriter) WriteFile(filename string, data []byte, perm os.FileMod
|
||||
// it will not see the mounted device in its own namespace. To work around this
|
||||
// limitation one has to first enter hosts namespace (by using 'nsenter') and
|
||||
// only then write data.
|
||||
type NsenterWriter struct{}
|
||||
type NsenterWriter struct {
|
||||
ne *nsenter.Nsenter
|
||||
}
|
||||
|
||||
// NewNsenterWriter creates a new Writer that allows writing data to file using
|
||||
// nsenter command.
|
||||
func NewNsenterWriter(ne *nsenter.Nsenter) *NsenterWriter {
|
||||
return &NsenterWriter{
|
||||
ne: ne,
|
||||
}
|
||||
}
|
||||
|
||||
// WriteFile calls 'nsenter cat - > <the file>' and 'nsenter chmod' to create a
|
||||
// file on the host.
|
||||
func (writer *NsenterWriter) WriteFile(filename string, data []byte, perm os.FileMode) error {
|
||||
ne, err := nsenter.NewNsenter()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
echoArgs := []string{"-c", fmt.Sprintf("cat > %s", filename)}
|
||||
glog.V(5).Infof("nsenter: write data to file %s by nsenter", filename)
|
||||
command := ne.Exec("sh", echoArgs)
|
||||
command := writer.ne.Exec("sh", echoArgs)
|
||||
command.SetStdin(bytes.NewBuffer(data))
|
||||
outputBytes, err := command.CombinedOutput()
|
||||
if err != nil {
|
||||
@ -71,7 +77,7 @@ func (writer *NsenterWriter) WriteFile(filename string, data []byte, perm os.Fil
|
||||
|
||||
chmodArgs := []string{fmt.Sprintf("%o", perm), filename}
|
||||
glog.V(5).Infof("nsenter: change permissions of file %s to %s", filename, chmodArgs[0])
|
||||
outputBytes, err = ne.Exec("chmod", chmodArgs).CombinedOutput()
|
||||
outputBytes, err = writer.ne.Exec("chmod", chmodArgs).CombinedOutput()
|
||||
if err != nil {
|
||||
glog.Errorf("Output from chmod command: %v", string(outputBytes))
|
||||
return err
|
||||
|
||||
@ -71,6 +71,18 @@ go_library(
|
||||
"//vendor/github.com/golang/glog:go_default_library",
|
||||
"//vendor/k8s.io/utils/exec:go_default_library",
|
||||
] + select({
|
||||
"@io_bazel_rules_go//go/platform:android": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:darwin": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:dragonfly": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:freebsd": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:linux": [
|
||||
"//pkg/util/file:go_default_library",
|
||||
"//pkg/util/io:go_default_library",
|
||||
@ -78,8 +90,24 @@ go_library(
|
||||
"//vendor/golang.org/x/sys/unix:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:nacl": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:netbsd": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:openbsd": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:plan9": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:solaris": [
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"@io_bazel_rules_go//go/platform:windows": [
|
||||
"//pkg/util/file:go_default_library",
|
||||
"//pkg/util/nsenter:go_default_library",
|
||||
],
|
||||
"//conditions:default": [],
|
||||
}),
|
||||
|
||||
@ -48,15 +48,11 @@ type NsenterMounter struct {
|
||||
}
|
||||
|
||||
// NewNsenterMounter creates a new mounter for kubelet that runs as a container.
|
||||
// rootDir is location of /var/lib/kubelet directory (in case it's not on the
|
||||
// default place). This directory must be available in the container
|
||||
// on the same place as it's on the host.
|
||||
func NewNsenterMounter(rootDir string) (*NsenterMounter, error) {
|
||||
ne, err := nsenter.NewNsenter()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
func NewNsenterMounter(rootDir string, ne *nsenter.Nsenter) *NsenterMounter {
|
||||
return &NsenterMounter{
|
||||
rootDir: rootDir,
|
||||
ne: ne,
|
||||
}
|
||||
return &NsenterMounter{ne: ne}, nil
|
||||
}
|
||||
|
||||
// NsenterMounter implements mount.Interface
|
||||
|
||||
@ -21,12 +21,14 @@ package mount
|
||||
import (
|
||||
"errors"
|
||||
"os"
|
||||
|
||||
"k8s.io/kubernetes/pkg/util/nsenter"
|
||||
)
|
||||
|
||||
type NsenterMounter struct{}
|
||||
|
||||
func NewNsenterMounter(rootDir string) (*NsenterMounter, error) {
|
||||
return &NsenterMounter{}, nil
|
||||
func NewNsenterMounter(rootDir string, ne *nsenter.Nsenter) *NsenterMounter {
|
||||
return &NsenterMounter{}
|
||||
}
|
||||
|
||||
var _ = Interface(&NsenterMounter{})
|
||||
|
||||
Loading…
Reference in New Issue
Block a user