StartSubcontainer runs a created container within a sandbox.
(args *StartArgs, _ *struct{})
| 380 | |
| 381 | // StartSubcontainer runs a created container within a sandbox. |
| 382 | func (cm *containerManager) StartSubcontainer(args *StartArgs, _ *struct{}) error { |
| 383 | // Validate arguments. |
| 384 | if args == nil { |
| 385 | return errors.New("start missing arguments") |
| 386 | } |
| 387 | log.Debugf("containerManager.StartSubcontainer, cid: %s, args: %+v", args.CID, args) |
| 388 | if args.Spec == nil { |
| 389 | return errors.New("start arguments missing spec") |
| 390 | } |
| 391 | if args.Conf == nil { |
| 392 | return errors.New("start arguments missing config") |
| 393 | } |
| 394 | if args.CID == "" { |
| 395 | return errors.New("start argument missing container ID") |
| 396 | } |
| 397 | cm.l.mu.Lock() |
| 398 | state := cm.l.state |
| 399 | cm.l.mu.Unlock() |
| 400 | if state != started && state != restored { |
| 401 | if state == restoringUnstarted { |
| 402 | // Translate the `runsc start` to `runsc restore`. |
| 403 | // TODO(b/441106898): Move this to the shim once single-shim-per-pod is implemented. |
| 404 | log.Warningf("StartSubcontainer called on a restoring sandbox, restoring subcontainer instead: id=%s", args.CID) |
| 405 | return cm.RestoreSubcontainer(args, nil) |
| 406 | } |
| 407 | return fmt.Errorf("sandbox is not in started state, cannot start subcontainer: state=%s", state) |
| 408 | } |
| 409 | expectedFDs := 1 // At least one FD for the root filesystem. |
| 410 | expectedFDs += args.NumGoferFilestoreFDs |
| 411 | if args.IsDevIoFilePresent { |
| 412 | expectedFDs++ |
| 413 | } |
| 414 | if !args.Spec.Process.Terminal { |
| 415 | expectedFDs += 3 |
| 416 | } |
| 417 | if args.IsRootfsUpperTarFilePresent { |
| 418 | if cm.l.fsRestore != nil { |
| 419 | return fmt.Errorf("rootfs upper tar file is mutually exclusive with filesystem checkpoint restore") |
| 420 | } |
| 421 | expectedFDs++ |
| 422 | } |
| 423 | if len(args.Files) < expectedFDs { |
| 424 | return fmt.Errorf("start arguments must contain at least %d FDs, but only got %d", expectedFDs, len(args.Files)) |
| 425 | } |
| 426 | |
| 427 | // All validation passed, logs the spec for debugging. |
| 428 | specutils.LogSpecDebug(args.Spec, args.Conf.OCISeccomp) |
| 429 | |
| 430 | goferFiles := args.Files |
| 431 | var stdios []*fd.FD |
| 432 | if !args.Spec.Process.Terminal { |
| 433 | // When not using a terminal, stdios come as the first 3 files in the |
| 434 | // payload. |
| 435 | var err error |
| 436 | stdios, err = fd.NewFromFiles(goferFiles[:3]) |
| 437 | if err != nil { |
| 438 | return fmt.Errorf("error dup'ing stdio files: %w", err) |
| 439 | } |
nothing calls this directly
no test coverage detected