Skip to content

Commit

Permalink
Rename Capabilities in sysinfo and move it to its own subpackage
Browse files Browse the repository at this point in the history 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <[email protected]> (github: creack)

Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <[email protected]> (github: crosbymichael)
  • Loading branch information
@creack @crosbymichael
creack authored and crosbymichael committed Jan 18, 2014
1 parent ca8dd73 commit 9e9f4b9
Show file tree
Hide file tree
Showing 7 changed files with 85 additions and 74 deletions.
6 changes: 3 additions & 3 deletions api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -657,16 +657,16 @@ func postContainersCreate(srv *Server, version float64, w http.ResponseWriter, r
for scanner.Scan() {
out.Warnings = append(out.Warnings, scanner.Text())
}
if job.GetenvInt("Memory") > 0 && !srv.runtime.capabilities.MemoryLimit {
if job.GetenvInt("Memory") > 0 && !srv.runtime.sysInfo.MemoryLimit {
log.Println("WARNING: Your kernel does not support memory limit capabilities. Limitation discarded.")
out.Warnings = append(out.Warnings, "Your kernel does not support memory limit capabilities. Limitation discarded.")
}
if job.GetenvInt("Memory") > 0 && !srv.runtime.capabilities.SwapLimit {
if job.GetenvInt("Memory") > 0 && !srv.runtime.sysInfo.SwapLimit {
log.Println("WARNING: Your kernel does not support swap limit capabilities. Limitation discarded.")
out.Warnings = append(out.Warnings, "Your kernel does not support memory swap capabilities. Limitation discarded.")
}

if !job.GetenvBool("NetworkDisabled") && srv.runtime.capabilities.IPv4ForwardingDisabled {
if !job.GetenvBool("NetworkDisabled") && srv.runtime.sysInfo.IPv4ForwardingDisabled {
log.Println("Warning: IPv4 forwarding is disabled.")
out.Warnings = append(out.Warnings, "IPv4 forwarding is disabled.")
}
Expand Down
11 changes: 6 additions & 5 deletions commands.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"github.com/dotcloud/docker/auth"
"github.com/dotcloud/docker/engine"
flag "github.com/dotcloud/docker/pkg/mflag"
"github.com/dotcloud/docker/pkg/sysinfo"
"github.com/dotcloud/docker/pkg/term"
"github.com/dotcloud/docker/registry"
"github.com/dotcloud/docker/utils"
Expand Down Expand Up @@ -1745,14 +1746,14 @@ func (cli *DockerCli) CmdTag(args ...string) error {
}

//FIXME Only used in tests
func ParseRun(args []string, capabilities *Capabilities) (*Config, *HostConfig, *flag.FlagSet, error) {
func ParseRun(args []string, sysInfo *sysinfo.SysInfo) (*Config, *HostConfig, *flag.FlagSet, error) {
cmd := flag.NewFlagSet("run", flag.ContinueOnError)
cmd.SetOutput(ioutil.Discard)
cmd.Usage = nil
return parseRun(cmd, args, capabilities)
return parseRun(cmd, args, sysInfo)
}

func parseRun(cmd *flag.FlagSet, args []string, capabilities *Capabilities) (*Config, *HostConfig, *flag.FlagSet, error) {
func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Config, *HostConfig, *flag.FlagSet, error) {
var (
// FIXME: use utils.ListOpts for attach and volumes?
flAttach = NewListOpts(ValidateAttach)
Expand Down Expand Up @@ -1802,7 +1803,7 @@ func parseRun(cmd *flag.FlagSet, args []string, capabilities *Capabilities) (*Co
}

// Check if the kernel supports memory limit cgroup.
if capabilities != nil && *flMemoryString != "" && !capabilities.MemoryLimit {
if sysInfo != nil && *flMemoryString != "" && !sysInfo.MemoryLimit {
*flMemoryString = ""
}

Expand Down Expand Up @@ -1934,7 +1935,7 @@ func parseRun(cmd *flag.FlagSet, args []string, capabilities *Capabilities) (*Co
PublishAllPorts: *flPublishAll,
}

if capabilities != nil && flMemory > 0 && !capabilities.SwapLimit {
if sysInfo != nil && flMemory > 0 && !sysInfo.SwapLimit {
//fmt.Fprintf(stdout, "WARNING: Your kernel does not support swap limit capabilities. Limitation discarded.\n")
config.MemorySwap = -1
}
Expand Down
6 changes: 3 additions & 3 deletions container.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -527,16 +527,16 @@ func (container *Container) Start() (err error) {
}

// Make sure the config is compatible with the current kernel
if container.Config.Memory > 0 && !container.runtime.capabilities.MemoryLimit {
if container.Config.Memory > 0 && !container.runtime.sysInfo.MemoryLimit {
log.Printf("WARNING: Your kernel does not support memory limit capabilities. Limitation discarded.\n")
container.Config.Memory = 0
}
if container.Config.Memory > 0 && !container.runtime.capabilities.SwapLimit {
if container.Config.Memory > 0 && !container.runtime.sysInfo.SwapLimit {
log.Printf("WARNING: Your kernel does not support swap limit capabilities. Limitation discarded.\n")
container.Config.MemorySwap = -1
}

if container.runtime.capabilities.IPv4ForwardingDisabled {
if container.runtime.sysInfo.IPv4ForwardingDisabled {
log.Printf("WARNING: IPv4 forwarding is disabled. Networking will not work")
}

Expand Down
11 changes: 6 additions & 5 deletions lxc_template.go
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package docker

import (
"github.com/dotcloud/docker/pkg/sysinfo"
"strings"
"text/template"
)
Expand Down Expand Up @@ -31,7 +32,7 @@ lxc.console = none
lxc.tty = 1
{{if (getHostConfig .).Privileged}}
lxc.cgroup.devices.allow = a
lxc.cgroup.devices.allow = a
{{else}}
# no implicit access to devices
lxc.cgroup.devices.deny = a
Expand Down Expand Up @@ -82,7 +83,7 @@ lxc.mount.entry = devpts {{escapeFstabSpaces $ROOTFS}}/dev/pts devpts newinstanc
lxc.mount.entry = shm {{escapeFstabSpaces $ROOTFS}}/dev/shm tmpfs size=65536k,nosuid,nodev,noexec 0 0
{{if (getHostConfig .).Privileged}}
{{if (getCapabilities .).AppArmor}}
{{if (getSysInfo .).AppArmor}}
lxc.aa_profile = unconfined
{{else}}
#lxc.aa_profile = unconfined
Expand Down Expand Up @@ -129,16 +130,16 @@ func getHostConfig(container *Container) *HostConfig {
return container.hostConfig
}

func getCapabilities(container *Container) *Capabilities {
return container.runtime.capabilities
func getSysInfo(container *Container) *sysinfo.SysInfo {
return container.runtime.sysInfo
}

func init() {
var err error
funcMap := template.FuncMap{
"getMemorySwap": getMemorySwap,
"getHostConfig": getHostConfig,
"getCapabilities": getCapabilities,
"getSysInfo": getSysInfo,
"escapeFstabSpaces": escapeFstabSpaces,
}
LxcTemplateCompiled, err = template.New("lxc").Funcs(funcMap).Parse(LxcTemplate)
Expand Down
55 changes: 55 additions & 0 deletions pkg/sysinfo/sysinfo.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
package sysinfo

import (
"github.com/dotcloud/docker/cgroups"
"github.com/dotcloud/docker/utils"
"io/ioutil"
"log"
"os"
"path"
)

type SysInfo struct {
MemoryLimit bool
SwapLimit bool
IPv4ForwardingDisabled bool
AppArmor bool
}

func New(quiet bool) *SysInfo {
sysInfo := &SysInfo{}
if cgroupMemoryMountpoint, err := cgroups.FindCgroupMountpoint("memory"); err != nil {
if !quiet {
log.Printf("WARNING: %s\n", err)
}
} else {
_, err1 := ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.limit_in_bytes"))
_, err2 := ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.soft_limit_in_bytes"))
sysInfo.MemoryLimit = err1 == nil && err2 == nil
if !sysInfo.MemoryLimit && !quiet {
log.Printf("WARNING: Your kernel does not support cgroup memory limit.")
}

_, err = ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.memsw.limit_in_bytes"))
sysInfo.SwapLimit = err == nil
if !sysInfo.SwapLimit && !quiet {
log.Printf("WARNING: Your kernel does not support cgroup swap limit.")
}
}

content, err3 := ioutil.ReadFile("/proc/sys/net/ipv4/ip_forward")
sysInfo.IPv4ForwardingDisabled = err3 != nil || len(content) == 0 || content[0] != '1'
if sysInfo.IPv4ForwardingDisabled && !quiet {
log.Printf("WARNING: IPv4 forwarding is disabled.")
}

// Check if AppArmor seems to be enabled on this system.
if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
utils.Debugf("/sys/kernel/security/apparmor not found; assuming AppArmor is not enabled.")
sysInfo.AppArmor = false
} else {
utils.Debugf("/sys/kernel/security/apparmor found; assuming AppArmor is enabled.")
sysInfo.AppArmor = true
}
return sysInfo
}
58 changes: 6 additions & 52 deletions runtime.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ import (
"container/list"
"fmt"
"github.com/dotcloud/docker/archive"
"github.com/dotcloud/docker/cgroups"
"github.com/dotcloud/docker/execdriver"
"github.com/dotcloud/docker/execdriver/chroot"
"github.com/dotcloud/docker/execdriver/lxc"
Expand All @@ -13,10 +12,10 @@ import (
_ "github.com/dotcloud/docker/graphdriver/devmapper"
_ "github.com/dotcloud/docker/graphdriver/vfs"
"github.com/dotcloud/docker/pkg/graphdb"
"github.com/dotcloud/docker/pkg/sysinfo"
"github.com/dotcloud/docker/utils"
"io"
"io/ioutil"
"log"
"os"
"path"
"regexp"
Expand All @@ -37,13 +36,6 @@ var (
validContainerNamePattern = regexp.MustCompile(`^/?` + validContainerNameChars + `+$`)
)

type Capabilities struct {
MemoryLimit bool
SwapLimit bool
IPv4ForwardingDisabled bool
AppArmor bool
}

type Runtime struct {
repository string
sysInitPath string
Expand All @@ -52,7 +44,7 @@ type Runtime struct {
graph *Graph
repositories *TagStore
idIndex *utils.TruncIndex
capabilities *Capabilities
sysInfo *sysinfo.SysInfo
volumes *Graph
srv *Server
config *DaemonConfig
Expand Down Expand Up @@ -332,44 +324,6 @@ func (runtime *Runtime) restore() error {
return nil
}

func NewRuntimeCapabilities(quiet bool) *Capabilities {
capabilities := &Capabilities{}
if cgroupMemoryMountpoint, err := cgroups.FindCgroupMountpoint("memory"); err != nil {
if !quiet {
log.Printf("WARNING: %s\n", err)
}
} else {
_, err1 := ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.limit_in_bytes"))
_, err2 := ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.soft_limit_in_bytes"))
capabilities.MemoryLimit = err1 == nil && err2 == nil
if !capabilities.MemoryLimit && !quiet {
log.Printf("WARNING: Your kernel does not support cgroup memory limit.")
}

_, err = ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.memsw.limit_in_bytes"))
capabilities.SwapLimit = err == nil
if !capabilities.SwapLimit && !quiet {
log.Printf("WARNING: Your kernel does not support cgroup swap limit.")
}
}

content, err3 := ioutil.ReadFile("/proc/sys/net/ipv4/ip_forward")
capabilities.IPv4ForwardingDisabled = err3 != nil || len(content) == 0 || content[0] != '1'
if capabilities.IPv4ForwardingDisabled && !quiet {
log.Printf("WARNING: IPv4 forwarding is disabled.")
}

// Check if AppArmor seems to be enabled on this system.
if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
utils.Debugf("/sys/kernel/security/apparmor not found; assuming AppArmor is not enabled.")
capabilities.AppArmor = false
} else {
utils.Debugf("/sys/kernel/security/apparmor found; assuming AppArmor is enabled.")
capabilities.AppArmor = true
}
return capabilities
}

// Create creates a new container from the given configuration with a given name.
func (runtime *Runtime) Create(config *Config, name string) (*Container, []string, error) {
// Lookup image
Expand Down Expand Up @@ -732,22 +686,22 @@ func NewRuntimeFromDirectory(config *DaemonConfig) (*Runtime, error) {
sysInitPath = localCopy
}

capabilities := NewRuntimeCapabilities(false)
sysInfo := sysinfo.New(false)

/*
temporarilly disabled.
*/
if false {
var ed execdriver.Driver
if driver := os.Getenv("EXEC_DRIVER"); driver == "lxc" {
ed, err = lxc.NewDriver(config.Root, capabilities.AppArmor)
ed, err = lxc.NewDriver(config.Root, sysInfo.AppArmor)
} else {
ed, err = chroot.NewDriver()
}
if ed != nil {
}
}
ed, err := lxc.NewDriver(config.Root, capabilities.AppArmor)
ed, err := lxc.NewDriver(config.Root, sysInfo.AppArmor)
if err != nil {
return nil, err
}
Expand All @@ -759,7 +713,7 @@ func NewRuntimeFromDirectory(config *DaemonConfig) (*Runtime, error) {
graph: g,
repositories: repositories,
idIndex: utils.NewTruncIndex(),
capabilities: capabilities,
sysInfo: sysInfo,
volumes: volumes,
config: config,
containerGraph: graph,
Expand Down
12 changes: 6 additions & 6 deletions server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -516,7 +516,7 @@ func (srv *Server) ImageInsert(job *engine.Job) engine.Status {
}
defer file.Body.Close()

config, _, _, err := ParseRun([]string{img.ID, "echo", "insert", url, path}, srv.runtime.capabilities)
config, _, _, err := ParseRun([]string{img.ID, "echo", "insert", url, path}, srv.runtime.sysInfo)
if err != nil {
job.Error(err)
return engine.StatusErr
Expand Down Expand Up @@ -678,9 +678,9 @@ func (srv *Server) DockerInfo(job *engine.Job) engine.Status {
v.SetInt("Images", imgcount)
v.Set("Driver", srv.runtime.driver.String())
v.SetJson("DriverStatus", srv.runtime.driver.Status())
v.SetBool("MemoryLimit", srv.runtime.capabilities.MemoryLimit)
v.SetBool("SwapLimit", srv.runtime.capabilities.SwapLimit)
v.SetBool("IPv4Forwarding", !srv.runtime.capabilities.IPv4ForwardingDisabled)
v.SetBool("MemoryLimit", srv.runtime.sysInfo.MemoryLimit)
v.SetBool("SwapLimit", srv.runtime.sysInfo.SwapLimit)
v.SetBool("IPv4Forwarding", !srv.runtime.sysInfo.IPv4ForwardingDisabled)
v.SetBool("Debug", os.Getenv("DEBUG") != "")
v.SetInt("NFd", utils.GetTotalUsedFds())
v.SetInt("NGoroutines", runtime.NumGoroutine())
Expand Down Expand Up @@ -1470,10 +1470,10 @@ func (srv *Server) ContainerCreate(job *engine.Job) engine.Status {
job.Errorf("Minimum memory limit allowed is 512k")
return engine.StatusErr
}
if config.Memory > 0 && !srv.runtime.capabilities.MemoryLimit {
if config.Memory > 0 && !srv.runtime.sysInfo.MemoryLimit {
config.Memory = 0
}
if config.Memory > 0 && !srv.runtime.capabilities.SwapLimit {
if config.Memory > 0 && !srv.runtime.sysInfo.SwapLimit {
config.MemorySwap = -1
}
container, buildWarnings, err := srv.runtime.Create(&config, name)
Expand Down

0 comments on commit 9e9f4b9

Please sign in to comment.