/
spec.go
62 lines (49 loc) · 1.43 KB
/
spec.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package mgr
import (
"context"
"github.com/alibaba/pouch/oci"
specs "github.com/opencontainers/runtime-spec/specs-go"
)
// SpecWrapper wraps the container's specs and add manager operations.
type SpecWrapper struct {
s *specs.Spec
ctrMgr ContainerMgr
volMgr VolumeMgr
netMgr NetworkMgr
prioArr []int
argsArr [][]string
useSystemd bool
}
// All the functions related to the spec is lock-free for container instance,
// so when calling functions here like createSpec, setupProcess, setupMounts,
// setupUser and so on, caller should explicitly add lock for container instance.
// createSpec create a runtime-spec.
func createSpec(ctx context.Context, c *Container, specWrapper *SpecWrapper) error {
// new a default spec from containerd.
s := oci.NewDefaultSpec()
specWrapper.s = s
s.Hostname = c.Config.Hostname.String()
s.Root = &specs.Root{
Path: c.BaseFS,
Readonly: c.HostConfig.ReadonlyRootfs,
}
// create Spec.Process spec
if err := setupProcess(ctx, c, s); err != nil {
return err
}
// create Spec.Mounts spec
if err := setupMounts(ctx, c, s); err != nil {
return err
}
// create Spec.Annotations
if err := setupAnnotations(ctx, c, s); err != nil {
return err
}
// create Spec.Hooks spec
if err := setupHook(ctx, c, specWrapper); err != nil {
return err
}
// platform-specified spec setting
// TODO: support window and Solaris platform
return populatePlatform(ctx, c, specWrapper)
}