forked from aws/amazon-ecs-agent
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker_task_engine_state.go
513 lines (437 loc) · 17.5 KB
/
docker_task_engine_state.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
// Copyright 2014-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License"). You may
// not use this file except in compliance with the License. A copy of the
// License is located at
//
// http://aws.amazon.com/apache2.0/
//
// or in the "license" file accompanying this file. This file is distributed
// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
// express or implied. See the License for the specific language governing
// permissions and limitations under the License.
package dockerstate
import (
"encoding/json"
"strings"
"sync"
apicontainer "github.com/aws/amazon-ecs-agent/agent/api/container"
apieni "github.com/aws/amazon-ecs-agent/agent/api/eni"
apitask "github.com/aws/amazon-ecs-agent/agent/api/task"
"github.com/aws/amazon-ecs-agent/agent/engine/image"
"github.com/aws/amazon-ecs-agent/agent/logger"
"github.com/cihub/seelog"
)
var log = logger.ForModule("dockerstate")
// TaskEngineState keeps track of all mappings between tasks we know about
// and containers docker runs
type TaskEngineState interface {
// AllTasks returns all of the tasks
AllTasks() []*apitask.Task
// AllImageStates returns all of the image.ImageStates
AllImageStates() []*image.ImageState
// GetAllContainerIDs returns all of the Container Ids
GetAllContainerIDs() []string
// ContainerByID returns an apicontainer.DockerContainer for a given container ID
ContainerByID(id string) (*apicontainer.DockerContainer, bool)
// ContainerMapByArn returns a map of containers belonging to a particular task ARN
ContainerMapByArn(arn string) (map[string]*apicontainer.DockerContainer, bool)
// TaskByShortID retrieves the task of a given docker short container id
TaskByShortID(cid string) ([]*apitask.Task, bool)
// TaskByID returns an apitask.Task for a given container ID
TaskByID(cid string) (*apitask.Task, bool)
// TaskByArn returns a task for a given ARN
TaskByArn(arn string) (*apitask.Task, bool)
// AddTask adds a task to the state to be stored
AddTask(task *apitask.Task)
// AddContainer adds a container to the state to be stored for a given task
AddContainer(container *apicontainer.DockerContainer, task *apitask.Task)
// AddImageState adds an image.ImageState to be stored
AddImageState(imageState *image.ImageState)
// AddENIAttachment adds an eni attachment from acs to be stored
AddENIAttachment(eni *apieni.ENIAttachment)
// RemoveENIAttachment removes an eni attachment to stop tracking
RemoveENIAttachment(mac string)
// ENIByMac returns the specific ENIAttachment of the given mac address
ENIByMac(mac string) (*apieni.ENIAttachment, bool)
// RemoveTask removes a task from the state
RemoveTask(task *apitask.Task)
// Reset resets all the fileds in the state
Reset()
// RemoveImageState removes an image.ImageState
RemoveImageState(imageState *image.ImageState)
// AddTaskIPAddress adds ip adddress for a task arn into the state
AddTaskIPAddress(addr string, taskARN string)
// GetTaskByIPAddress gets the task arn for an IP address
GetTaskByIPAddress(addr string) (string, bool)
// DockerIDByV3EndpointID returns a docker ID for a given v3 endpoint ID
DockerIDByV3EndpointID(v3EndpointID string) (string, bool)
// TaskARNByV3EndpointID returns a taskARN for a given v3 endpoint ID
TaskARNByV3EndpointID(v3EndpointID string) (string, bool)
json.Marshaler
json.Unmarshaler
}
// DockerTaskEngineState keeps track of all mappings between tasks we know about
// and containers docker runs
// It contains a mutex that can be used to ensure out-of-date state cannot be
// accessed before an update comes and to ensure multiple goroutines can safely
// work with it.
//
// The methods on it will acquire the read lock, but not all acquire the write
// lock (sometimes it is up to the caller). This is because the write lock for
// containers should encapsulate the creation of the resource as well as adding,
// and creating the resource (docker container) is outside the scope of this
// package. This isn't ideal usage and I'm open to this being reworked/improved.
//
// Some information is duplicated in the interest of having efficient lookups
type DockerTaskEngineState struct {
lock sync.RWMutex
tasks map[string]*apitask.Task // taskarn -> apitask.Task
idToTask map[string]string // DockerId -> taskarn
taskToID map[string]map[string]*apicontainer.DockerContainer // taskarn -> (containername -> c.DockerContainer)
idToContainer map[string]*apicontainer.DockerContainer // DockerId -> c.DockerContainer
eniAttachments map[string]*apieni.ENIAttachment // ENIMac -> apieni.ENIAttachment
imageStates map[string]*image.ImageState
ipToTask map[string]string // ip address -> task arn
v3EndpointIDToTask map[string]string // container's v3 endpoint id -> taskarn
v3EndpointIDToDockerID map[string]string // container's v3 endpoint id -> DockerId
}
// NewTaskEngineState returns a new TaskEngineState
func NewTaskEngineState() TaskEngineState {
return newDockerTaskEngineState()
}
func newDockerTaskEngineState() *DockerTaskEngineState {
state := &DockerTaskEngineState{}
state.initializeDockerTaskEngineState()
return state
}
func (state *DockerTaskEngineState) initializeDockerTaskEngineState() {
state.lock.Lock()
defer state.lock.Unlock()
state.tasks = make(map[string]*apitask.Task)
state.idToTask = make(map[string]string)
state.taskToID = make(map[string]map[string]*apicontainer.DockerContainer)
state.idToContainer = make(map[string]*apicontainer.DockerContainer)
state.imageStates = make(map[string]*image.ImageState)
state.eniAttachments = make(map[string]*apieni.ENIAttachment)
state.ipToTask = make(map[string]string)
state.v3EndpointIDToTask = make(map[string]string)
state.v3EndpointIDToDockerID = make(map[string]string)
}
// Reset resets all the states
func (state *DockerTaskEngineState) Reset() {
state.initializeDockerTaskEngineState()
}
// AllTasks returns all of the tasks
func (state *DockerTaskEngineState) AllTasks() []*apitask.Task {
state.lock.RLock()
defer state.lock.RUnlock()
return state.allTasksUnsafe()
}
func (state *DockerTaskEngineState) allTasksUnsafe() []*apitask.Task {
ret := make([]*apitask.Task, len(state.tasks))
ndx := 0
for _, task := range state.tasks {
ret[ndx] = task
ndx++
}
return ret
}
// AllImageStates returns all of the image.ImageStates
func (state *DockerTaskEngineState) AllImageStates() []*image.ImageState {
state.lock.RLock()
defer state.lock.RUnlock()
return state.allImageStatesUnsafe()
}
func (state *DockerTaskEngineState) allImageStatesUnsafe() []*image.ImageState {
var allImageStates []*image.ImageState
for _, imageState := range state.imageStates {
allImageStates = append(allImageStates, imageState)
}
return allImageStates
}
// AllENIAttachments returns all the enis managed by ecs on the instance
func (state *DockerTaskEngineState) AllENIAttachments() []*apieni.ENIAttachment {
state.lock.RLock()
defer state.lock.RUnlock()
return state.allENIAttachmentsUnsafe()
}
func (state *DockerTaskEngineState) allENIAttachmentsUnsafe() []*apieni.ENIAttachment {
var allENIAttachments []*apieni.ENIAttachment
for _, v := range state.eniAttachments {
allENIAttachments = append(allENIAttachments, v)
}
return allENIAttachments
}
// ENIByMac returns the eni object that match the give mac address
func (state *DockerTaskEngineState) ENIByMac(mac string) (*apieni.ENIAttachment, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
eni, ok := state.eniAttachments[mac]
return eni, ok
}
// AddENIAttachment adds the eni into the state
func (state *DockerTaskEngineState) AddENIAttachment(eniAttachment *apieni.ENIAttachment) {
if eniAttachment == nil {
log.Debug("Cannot add empty eni attachment information")
return
}
state.lock.Lock()
defer state.lock.Unlock()
if _, ok := state.eniAttachments[eniAttachment.MACAddress]; !ok {
state.eniAttachments[eniAttachment.MACAddress] = eniAttachment
} else {
seelog.Debugf("Duplicate eni attachment information: %v", eniAttachment)
}
}
// RemoveENIAttachment removes the eni from state and stop managing
func (state *DockerTaskEngineState) RemoveENIAttachment(mac string) {
if mac == "" {
log.Debug("Cannot remove empty eni attachment information")
return
}
state.lock.Lock()
defer state.lock.Unlock()
if _, ok := state.eniAttachments[mac]; ok {
delete(state.eniAttachments, mac)
} else {
seelog.Debugf("Delete non-existed eni attachment: %v", mac)
}
}
// GetAllContainerIDs returns all of the Container Ids
func (state *DockerTaskEngineState) GetAllContainerIDs() []string {
state.lock.RLock()
defer state.lock.RUnlock()
var ids []string
for id := range state.idToTask {
ids = append(ids, id)
}
return ids
}
// ContainerByID returns an apicontainer.DockerContainer for a given container ID
func (state *DockerTaskEngineState) ContainerByID(id string) (*apicontainer.DockerContainer, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
c, ok := state.idToContainer[id]
return c, ok
}
// ContainerMapByArn returns a map of containers belonging to a particular task ARN
func (state *DockerTaskEngineState) ContainerMapByArn(arn string) (map[string]*apicontainer.DockerContainer, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
ret, ok := state.taskToID[arn]
// Copy the map to avoid data race
if ok {
mc := make(map[string]*apicontainer.DockerContainer)
for k, v := range ret {
mc[k] = v
}
return mc, ok
}
return ret, ok
}
// TaskByShortID retrieves the task of a given docker short container id
func (state *DockerTaskEngineState) TaskByShortID(cid string) ([]*apitask.Task, bool) {
containerIDs := state.GetAllContainerIDs()
var tasks []*apitask.Task
for _, id := range containerIDs {
if strings.HasPrefix(id, cid) {
if task, ok := state.TaskByID(id); ok {
tasks = append(tasks, task)
}
}
}
return tasks, len(tasks) > 0
}
// TaskByID retrieves the task of a given docker container id
func (state *DockerTaskEngineState) TaskByID(cid string) (*apitask.Task, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
arn, found := state.idToTask[cid]
if !found {
return nil, false
}
return state.taskByArn(arn)
}
// TaskByArn returns a task for a given ARN
func (state *DockerTaskEngineState) TaskByArn(arn string) (*apitask.Task, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
return state.taskByArn(arn)
}
func (state *DockerTaskEngineState) taskByArn(arn string) (*apitask.Task, bool) {
t, ok := state.tasks[arn]
return t, ok
}
// AddTask adds a new task to the state
func (state *DockerTaskEngineState) AddTask(task *apitask.Task) {
state.lock.Lock()
defer state.lock.Unlock()
state.tasks[task.Arn] = task
}
// AddContainer adds a container to the state.
// If the container has been added with only a name and no docker-id, this
// updates the state to include the docker id
func (state *DockerTaskEngineState) AddContainer(container *apicontainer.DockerContainer, task *apitask.Task) {
state.lock.Lock()
defer state.lock.Unlock()
if task == nil || container == nil {
log.Crit("Addcontainer called with nil task/container")
return
}
_, exists := state.tasks[task.Arn]
if !exists {
log.Debug("AddContainer called with unknown task; adding", "arn", task.Arn)
state.tasks[task.Arn] = task
}
state.storeIDToContainerTaskUnsafe(container, task)
dockerID := container.DockerID
v3EndpointID := container.Container.V3EndpointID
// stores the v3EndpointID mappings only if container's dockerID exists and container's v3EndpointID has been generated
if dockerID != "" && v3EndpointID != "" {
state.storeV3EndpointIDToTaskUnsafe(v3EndpointID, task.Arn)
state.storeV3EndpointIDToDockerIDUnsafe(v3EndpointID, dockerID)
}
existingMap, exists := state.taskToID[task.Arn]
if !exists {
existingMap = make(map[string]*apicontainer.DockerContainer, len(task.Containers))
state.taskToID[task.Arn] = existingMap
}
existingMap[container.Container.Name] = container
}
// AddImageState adds an image.ImageState to be stored
func (state *DockerTaskEngineState) AddImageState(imageState *image.ImageState) {
if imageState == nil {
log.Debug("Cannot add empty image state")
return
}
if imageState.Image.ImageID == "" {
log.Debug("Cannot add image state with empty image id")
return
}
state.lock.Lock()
defer state.lock.Unlock()
state.imageStates[imageState.Image.ImageID] = imageState
}
// RemoveTask removes a task from this state. It removes all containers and
// other associated metadata. It does acquire the write lock.
func (state *DockerTaskEngineState) RemoveTask(task *apitask.Task) {
state.lock.Lock()
defer state.lock.Unlock()
task, ok := state.tasks[task.Arn]
if !ok {
seelog.Warnf("Failed to locate task %s for removal from state", task.Arn)
return
}
delete(state.tasks, task.Arn)
if ip, ok := state.taskToIPUnsafe(task.Arn); ok {
delete(state.ipToTask, ip)
}
containerMap, ok := state.taskToID[task.Arn]
if !ok {
seelog.Warnf("Failed to locate containerMap for task %s for removal from state", task.Arn)
return
}
delete(state.taskToID, task.Arn)
for _, dockerContainer := range containerMap {
state.removeIDToContainerTaskUnsafe(dockerContainer)
// remove v3 endpoint mappings
state.removeV3EndpointIDToTaskContainerUnsafe(dockerContainer.Container.V3EndpointID)
}
}
// taskToIPUnsafe gets the ip address for a given task arn
func (state *DockerTaskEngineState) taskToIPUnsafe(arn string) (string, bool) {
for ip, taskARN := range state.ipToTask {
if arn == taskARN {
return ip, true
}
}
return "", false
}
// storeIDToContainerTaskUnsafe stores the container in the idToContainer and idToTask maps. The key to the maps is
// either the Docker-generated ID or the agent-generated name (if the ID is not available). If the container is updated
// with an ID, a subsequent call to this function will update the map to use the ID as the key.
func (state *DockerTaskEngineState) storeIDToContainerTaskUnsafe(container *apicontainer.DockerContainer, task *apitask.Task) {
if container.DockerID != "" {
// Update the container id to the state
state.idToContainer[container.DockerID] = container
state.idToTask[container.DockerID] = task.Arn
// Remove the previously added name mapping
delete(state.idToContainer, container.DockerName)
delete(state.idToTask, container.DockerName)
} else if container.DockerName != "" {
// Update the container name mapping to the state when the ID isn't available
state.idToContainer[container.DockerName] = container
state.idToTask[container.DockerName] = task.Arn
}
}
// removeIDToContainerTaskUnsafe removes the container from the idToContainer and idToTask maps. They key to the maps
// is either the Docker-generated ID or the agent-generated name (if the ID is not available). This function assumes
// that the ID takes precedence and will delete by the ID when the ID is available.
func (state *DockerTaskEngineState) removeIDToContainerTaskUnsafe(container *apicontainer.DockerContainer) {
// The key to these maps is either the Docker ID or agent-generated name. We use the agent-generated name
// before a Docker ID is available.
key := container.DockerID
if key == "" {
key = container.DockerName
}
delete(state.idToTask, key)
delete(state.idToContainer, key)
}
// removeV3EndpointIDToTaskContainerUnsafe removes the container from v3EndpointIDToTask and v3EndpointIDToDockerID maps
func (state *DockerTaskEngineState) removeV3EndpointIDToTaskContainerUnsafe(v3EndpointID string) {
if v3EndpointID != "" {
delete(state.v3EndpointIDToTask, v3EndpointID)
delete(state.v3EndpointIDToDockerID, v3EndpointID)
}
}
// RemoveImageState removes an image.ImageState
func (state *DockerTaskEngineState) RemoveImageState(imageState *image.ImageState) {
if imageState == nil {
log.Debug("Cannot remove empty image state")
return
}
state.lock.Lock()
defer state.lock.Unlock()
imageState, ok := state.imageStates[imageState.Image.ImageID]
if !ok {
log.Debug("Image State is not found. Cannot be removed")
return
}
delete(state.imageStates, imageState.Image.ImageID)
}
// AddTaskIPAddress adds ip adddress for a task arn into the state
func (state *DockerTaskEngineState) AddTaskIPAddress(addr string, taskARN string) {
state.lock.Lock()
defer state.lock.Unlock()
state.ipToTask[addr] = taskARN
}
// GetTaskByIPAddress gets the task arn for an IP address
func (state *DockerTaskEngineState) GetTaskByIPAddress(addr string) (string, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
taskARN, ok := state.ipToTask[addr]
return taskARN, ok
}
// storeV3EndpointIDToTaskUnsafe adds v3EndpointID -> taskARN mapping to state
func (state *DockerTaskEngineState) storeV3EndpointIDToTaskUnsafe(v3EndpointID, taskARN string) {
state.v3EndpointIDToTask[v3EndpointID] = taskARN
}
// storeV3EndpointIDToContainerNameUnsafe adds v3EndpointID -> dockerID mapping to state
func (state *DockerTaskEngineState) storeV3EndpointIDToDockerIDUnsafe(v3EndpointID, dockerID string) {
state.v3EndpointIDToDockerID[v3EndpointID] = dockerID
}
// DockerIDByV3EndpointID returns a docker ID for a given v3 endpoint ID
func (state *DockerTaskEngineState) DockerIDByV3EndpointID(v3EndpointID string) (string, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
dockerID, ok := state.v3EndpointIDToDockerID[v3EndpointID]
return dockerID, ok
}
// TaskARNByV3EndpointID returns a taskARN for a given v3 endpoint ID
func (state *DockerTaskEngineState) TaskARNByV3EndpointID(v3EndpointID string) (string, bool) {
state.lock.RLock()
defer state.lock.RUnlock()
taskArn, ok := state.v3EndpointIDToTask[v3EndpointID]
return taskArn, ok
}