prepareFilesystem sets up the mounts and cgroups, before the container is created
(path string, runtime Runtime)
| 163 | |
| 164 | // prepareFilesystem sets up the mounts and cgroups, before the container is created |
| 165 | func prepareFilesystem(path string, runtime Runtime) error { |
| 166 | // execute the runtime config that should be done up front |
| 167 | // we execute Mounts before Mkdir so you can make a directory under a mount |
| 168 | // but we do mkdir of the destination path in case missing |
| 169 | rootfs := filepath.Join(path, "rootfs") |
| 170 | makeAbsolute := func(dir string) string { |
| 171 | if filepath.IsAbs(dir) { |
| 172 | return dir |
| 173 | } |
| 174 | // relative paths are relative to rootfs of container |
| 175 | return filepath.Join(rootfs, dir) |
| 176 | } |
| 177 | |
| 178 | for _, mount := range runtime.Mounts { |
| 179 | const mode os.FileMode = 0755 |
| 180 | dir := makeAbsolute(mount.Destination) |
| 181 | err := os.MkdirAll(dir, mode) |
| 182 | if err != nil { |
| 183 | return fmt.Errorf("Cannot create directory for mount destination %s: %v", dir, err) |
| 184 | } |
| 185 | // also mkdir upper and work directories on overlay |
| 186 | for _, o := range mount.Options { |
| 187 | eq := strings.SplitN(o, "=", 2) |
| 188 | if len(eq) == 2 && (eq[0] == "upperdir" || eq[0] == "workdir") { |
| 189 | err := os.MkdirAll(eq[1], mode) |
| 190 | if err != nil { |
| 191 | return fmt.Errorf("Cannot create directory for overlay %s=%s: %v", eq[0], eq[1], err) |
| 192 | } |
| 193 | } |
| 194 | } |
| 195 | opts, data := parseMountOptions(mount.Options) |
| 196 | if err := unix.Mount(mount.Source, dir, mount.Type, uintptr(opts), data); err != nil { |
| 197 | return fmt.Errorf("Failed to mount %s: %v", mount.Source, err) |
| 198 | } |
| 199 | } |
| 200 | for _, dir := range runtime.Mkdir { |
| 201 | // in future we may need to change the structure to set mode, ownership |
| 202 | const mode os.FileMode = 0755 |
| 203 | dir = makeAbsolute(dir) |
| 204 | err := os.MkdirAll(dir, mode) |
| 205 | if err != nil { |
| 206 | return fmt.Errorf("Cannot create directory %s: %v", dir, err) |
| 207 | } |
| 208 | } |
| 209 | |
| 210 | for _, cgroup := range runtime.Cgroups { |
| 211 | // currently no way to specify resource limits on new cgroups at creation time |
| 212 | if err := newCgroup(cgroup); err != nil { |
| 213 | return fmt.Errorf("Cannot create cgroup %s: %v", cgroup, err) |
| 214 | } |
| 215 | } |
| 216 | |
| 217 | return nil |
| 218 | } |
| 219 | |
| 220 | // bind mount a namespace file |
| 221 | func bindNS(ns string, path string, pid int) error { |
no test coverage detected