Skip to content

Commit

Permalink
docs: add proposed re-architecture
Browse files Browse the repository at this point in the history
  • Loading branch information
@nixpig
nixpig committed Oct 29, 2024
1 parent ad48b29 commit 87d1c05
Show file tree
Hide file tree
Showing 5 changed files with 96 additions and 8 deletions.
75 changes: 75 additions & 0 deletions architecture.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
CLI Controller process Container process
(spawn controller processs) (ephemeral) (persistent)

─┬─
┌────────┐ ┌────┴───┐ ┌────┐
│ create ├─────────────────►│ ├──►│ db │
└────────┘ └─┬──┬───┘ └────┘
┌────────┐ │ │
│ reexec │◄───────────────────┘ │
└───┬────┘ │
│ ┌────┴───┐ ┌────────┐
└──────────────────────►│ ├─────────────────►│ │
└────┬───┘ └───┬────┘
┌────┴───┐ │
│ update │◄─────────────────────┘
└────┬─┬─┘ ┌────┐
│ └────►│ db │
─┴─ └────┘


─┬─
┌────────┐ ┌────┴───┐ ┌────┐
│ start ├─────────────────►│ load ├──►│ db │
└────────┘ └────┬───┘ └────┘
┌────┴───┐ ┌────────┐
│ start ├─────────────────►│ │
└────┬───┘ └───┬────┘
┌────┴───┐ │
│ update │◄─────────────────────┘
└────┬─┬─┘ ┌────┐
│ └────►│ db │
─┴─ └────┘


─┬─
┌────────┐ ┌────┴───┐ ┌────┐
│ state ├─────────────────►│ load ├──►│ db │
└────────┘ └────┬───┘ └────┘
─┴─


─┬─
┌────────┐ ┌────┴───┐ ┌────┐
│ kill ├─────────────────►│ load ├──►│ db │
└────────┘ └────┬───┘ └────┘
┌────┴───┐ ┌────────┐
│ kill ├─────────────────►│ │
└────┬───┘ └───┬────┘
┌────┴───┐ │
│ update │◄─────────────────────┘
└────┬─┬─┘ ┌────┐
│ └────►│ db │
─┴─ └────┘


─┬─
┌────────┐ ┌────┴───┐ ┌────┐
│ delete ├─────────────────►│ load ├──►│ db │
└────────┘ └────┬───┘ └────┘
┌────┴───┐ ┌────────┐
│ delete ├─────────────────►│ │
└────┬───┘ └───┬────┘
┌────┴───┐ │
│ update │◄─────────────────────┘
└────┬─┬─┘ ┌────┐
│ └────►│ db │
─┴─ └────┘

2 changes: 1 addition & 1 deletion cmd/cmd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@ func forkCmd(log *zerolog.Logger, db *sql.DB) *cobra.Command {
if err := cntr.Fork(opts, log, db); err != nil {
log.Error().Err(err).Msg("failed to fork container")
cntr.State.Status = specs.StateStopped
if err := cntr.Save(); err != nil {
if err := cntr.SaveState(); err != nil {
log.Error().Err(err).Msg("failed to write state file")
return fmt.Errorf("write state file: %w", err)
}
Expand Down
5 changes: 4 additions & 1 deletion internal/commands/start.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,10 @@ func Start(opts *StartOpts, log *zerolog.Logger, db *sql.DB) error {
if err := cntr.ExecHooks("prestart"); err != nil {
log.Error().Err(err).Msg("failed to execute prestart hooks")
cntr.State.Status = specs.StateStopped
cntr.Save()
if err := cntr.Save(); err != nil {
log.Error().Err(err).Msg("failed to write state file")
return fmt.Errorf("write state file: %w", err)
}
log.Info().Msg("BEFORE FAIL DELETE")

// TODO: run DELETE tasks here, then...
Expand Down
10 changes: 10 additions & 0 deletions internal/container/container.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -379,6 +379,16 @@ func (c *Container) Fork(opts *ForkOpts, log *zerolog.Logger, db *sql.DB) error
}
}

if c.Spec.Root.Readonly {
// FIXME: subsequent attempts to update container state fail, either by
// write to state.json (readonly filesystem) or write to db (readonly db)
// probably we need to send message to a socket that handles it?
if err := syscall.Mount("", "/", "", syscall.MS_BIND|syscall.MS_REMOUNT|syscall.MS_RDONLY, ""); err != nil {
log.Error().Err(err).Msg("failed to remount rootfs as readonly")
return err
}
}

if slices.ContainsFunc(
c.Spec.Linux.Namespaces,
func(n specs.LinuxNamespace) bool {
Expand Down
12 changes: 6 additions & 6 deletions oci.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@ tests=(
"kill"
"kill_no_effect"
# "killsig"
# "linux_cgroups_blkio"
# "linux_cgroups_blkio" # use of features deprecated in Linux kernel 5.0
# "linux_cgroups_cpus"
# "linux_cgroups_devices"
# "linux_cgroups_hugetlb"
# "linux_cgroups_memory"
# "linux_cgroups_network"
# "linux_cgroups_pids"
# "linux_cgroups_relative_blkio"
# "linux_cgroups_relative_blkio" # use of features deprecated in Linux kernel 5.0
# "linux_cgroups_relative_cpus"
# "linux_cgroups_relative_devices"
# "linux_cgroups_relative_hugetlb"
Expand All @@ -34,19 +34,19 @@ tests=(
"linux_devices"
# "linux_masked_paths"
"linux_mount_label"
# "linux_ns_itype"
# "linux_ns_itype" # ???
# "linux_ns_nopath"
# "linux_ns_path"
# "linux_ns_path_type"
# "linux_process_apparmor_profile"
# "linux_process_apparmor_profile" # ???
# "linux_readonly_paths"
"linux_rootfs_propagation"
# "linux_seccomp"
"linux_sysctl"
# "linux_uid_mappings"
# "misc_props"
# "misc_props" # ???
"mounts"
# "pidfile"
# "pidfile" # ???
# "poststart"
# "poststart_fail"
# "poststop"
Expand Down

0 comments on commit 87d1c05

Please sign in to comment.