MCPcopy
hub / github.com/containerd/containerd / volumeMounts

Method volumeMounts

internal/cri/server/container_create.go:503–548  ·  view source on GitHub ↗

volumeMounts sets up image volumes for container. Rely on the removal of container root directory to do cleanup. Note that image volume will be skipped, if there is criMounts specified with the same destination.

(platform imagespec.Platform, containerRootDir string, containerConfig *runtime.ContainerConfig, config *imagespec.ImageConfig)

Source from the content-addressed store, hash-verified

501// root directory to do cleanup. Note that image volume will be skipped, if there is criMounts
502// specified with the same destination.
503func (c *criService) volumeMounts(platform imagespec.Platform, containerRootDir string, containerConfig *runtime.ContainerConfig, config *imagespec.ImageConfig) []*runtime.Mount {
504 var uidMappings, gidMappings []*runtime.IDMapping
505 if platform.OS == "linux" {
506 if usernsOpts := containerConfig.GetLinux().GetSecurityContext().GetNamespaceOptions().GetUsernsOptions(); usernsOpts != nil {
507 uidMappings = usernsOpts.GetUids()
508 gidMappings = usernsOpts.GetGids()
509 }
510 }
511
512 criMounts := containerConfig.GetMounts()
513
514 if len(config.Volumes) == 0 {
515 return nil
516 }
517 var mounts []*runtime.Mount
518 for dst := range config.Volumes {
519 if isInCRIMounts(dst, criMounts) {
520 // Skip the image volume, if there is CRI defined volume mapping.
521 // TODO(random-liu): This should be handled by Kubelet in the future.
522 // Kubelet should decide what to use for image volume, and also de-duplicate
523 // the image volume and user mounts.
524 continue
525 }
526 volumeID := util.GenerateID()
527 src := filepath.Join(containerRootDir, "volumes", volumeID)
528 // When the platform OS is Linux, ensure dst is a _Linux_ abs path.
529 // We can't use filepath.IsAbs() because, when executing on Windows, it checks for
530 // Windows abs paths.
531 if platform.OS == "linux" && !strings.HasPrefix(dst, "/") {
532 // On Windows, ToSlash() is needed to ensure the path is a valid Linux path.
533 // On Linux, ToSlash() is a no-op.
534 oldDst := dst
535 dst = filepath.ToSlash(filepath.Join("/", dst))
536 log.L.Debugf("Volume destination %q is not absolute, converted to %q", oldDst, dst)
537 }
538 // addOCIBindMounts will create these volumes.
539 mounts = append(mounts, &runtime.Mount{
540 ContainerPath: dst,
541 HostPath: src,
542 SelinuxRelabel: true,
543 UidMappings: uidMappings,
544 GidMappings: gidMappings,
545 })
546 }
547 return mounts
548}
549
550// runtimeSpec returns a default runtime spec used in cri-containerd.
551func (c *criService) runtimeSpec(id string, platform imagespec.Platform, baseSpecFile string, opts ...oci.SpecOpts) (*runtimespec.Spec, error) {

Callers 2

createContainerMethod · 0.95
TestVolumeMountsFunction · 0.80

Implementers 1

criServiceinternal/cri/server/service.go

Calls 3

GenerateIDFunction · 0.92
isInCRIMountsFunction · 0.85
GetMountsMethod · 0.65

Tested by 1

TestVolumeMountsFunction · 0.64