forked from taylorsilva/dcind
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-lib.sh
executable file
·136 lines (105 loc) · 3.31 KB
/
docker-lib.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/bash
# Based on https://github.com/concourse/docker-image-resource/blob/master/assets/common.sh
LOG_FILE=${LOG_FILE:-/tmp/docker.log}
SKIP_PRIVILEGED=${SKIP_PRIVILEGED:-false}
STARTUP_TIMEOUT=${STARTUP_TIMEOUT:-20}
DOCKER_DATA_ROOT=${DOCKER_DATA_ROOT:-/scratch/docker}
sanitize_cgroups() {
# Skip cgroup sanitization for cgroup v2 (https://github.com/concourse/docker-image-resource/commit/a43ad7b03f)
if [ -e /sys/fs/cgroup/cgroup.controllers ]; then
return
fi
mkdir -p /sys/fs/cgroup
mountpoint -q /sys/fs/cgroup || \
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
mount -o remount,rw /sys/fs/cgroup
sed -e 1d /proc/cgroups | while read sys hierarchy num enabled; do
if [ "$enabled" != "1" ]; then
# subsystem disabled; skip
continue
fi
grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")" || true
if [ -z "$grouping" ]; then
# subsystem not mounted anywhere; mount it on its own
grouping="$sys"
fi
mountpoint="/sys/fs/cgroup/$grouping"
mkdir -p "$mountpoint"
# clear out existing mount to make sure new one is read-write
if mountpoint -q "$mountpoint"; then
umount "$mountpoint"
fi
mount -n -t cgroup -o "$grouping" cgroup "$mountpoint"
if [ "$grouping" != "$sys" ]; then
if [ -L "/sys/fs/cgroup/$sys" ]; then
rm "/sys/fs/cgroup/$sys"
fi
ln -s "$mountpoint" "/sys/fs/cgroup/$sys"
fi
done
if [ ! -e /sys/fs/cgroup/systemd ] && [ $(cat /proc/self/cgroup | grep '^1:name=openrc:' | wc -l) -eq 0 ]; then
mkdir /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd none /sys/fs/cgroup/systemd
fi
}
start_docker() {
echo "Starting Docker..."
if [ -f /tmp/docker.pid ]; then
echo "Docker is already running"
return
fi
mkdir -p /var/log
mkdir -p /var/run
if [ "$SKIP_PRIVILEGED" = "false" ]; then
sanitize_cgroups
# check for /proc/sys being mounted readonly, as systemd does
if grep '/proc/sys\s\+\w\+\s\+ro,' /proc/mounts >/dev/null; then
mount -o remount,rw /proc/sys
fi
fi
local mtu=$(cat /sys/class/net/$(ip route get 8.8.8.8|awk '{ print $5 }')/mtu)
local server_args="--mtu ${mtu}"
local registry=""
for registry in $1; do
server_args="${server_args} --insecure-registry ${registry}"
done
if [ -n "$2" ]; then
server_args="${server_args} --registry-mirror $2"
fi
export server_args LOG_FILE DOCKER_DATA_ROOT
trap stop_docker EXIT
try_start() {
dockerd --data-root $DOCKER_DATA_ROOT ${server_args} >$LOG_FILE 2>&1 &
echo $! > /tmp/docker.pid
sleep 1
echo waiting for docker to come up...
until docker info >/dev/null 2>&1; do
sleep 1
if ! kill -0 "$(cat /tmp/docker.pid)" 2>/dev/null; then
return 1
fi
done
}
if [ "$(command -v declare)" ]; then
declare -fx try_start
if ! timeout ${STARTUP_TIMEOUT} bash -ce 'while true; do try_start && break; done'; then
[ -f "$LOG_FILE" ] && cat "${LOG_FILE}"
echo Docker failed to start within ${STARTUP_TIMEOUT} seconds.
return 1
fi
else
try_start
fi
}
stop_docker() {
echo "Stopping Docker..."
if [ ! -f /tmp/docker.pid ]; then
return 0
fi
local pid=$(cat /tmp/docker.pid)
if [ -z "$pid" ]; then
return 0
fi
kill -TERM $pid
rm /tmp/docker.pid
}