diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2021-02-07 00:58:10 +0100 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2021-02-07 00:58:10 +0100 |
| commit | dd6fe704381513df583196cf9d504246e94cc65e (patch) | |
| tree | 88c6078b84cadb5fb0eb10cb6c997a2a4e418136 /src | |
| parent | 76c849a6a412c8dcc4e33601088872d5ef626125 (diff) | |
| download | rebel-dd6fe704381513df583196cf9d504246e94cc65e.tar rebel-dd6fe704381513df583196cf9d504246e94cc65e.zip | |
runc: run commands in runc containers
Diffstat (limited to 'src')
| -rw-r--r-- | src/runner/runc/run.rs | 77 |
1 files changed, 52 insertions, 25 deletions
diff --git a/src/runner/runc/run.rs b/src/runner/runc/run.rs index 10acbe6..e7fb393 100644 --- a/src/runner/runc/run.rs +++ b/src/runner/runc/run.rs @@ -1,12 +1,17 @@ -use std::{fs::DirBuilder, io, process}; +use std::{io, process}; use nix::{ mount::{self, MsFlags}, sched::{self, CloneFlags}, }; +use oci_spec::runtime; use serde::{Deserialize, Serialize}; -use crate::{types::*, util::ToIOResult}; +use crate::{ + types::*, + unshare, + util::{Checkable, ToIOResult}, +}; #[derive(Debug, Deserialize, Serialize)] pub enum Error { @@ -44,35 +49,53 @@ fn init_task() -> Result<(), Error> { ) .to_io_result()?; - DirBuilder::new().create("build/tmp/runc/rootfs")?; + Ok(()) +} - mount::mount::<_, _, str, str>( - Some("build/tmp/rootfs"), - "build/tmp/runc/rootfs", - None, - MsFlags::MS_BIND, - None, - ) - .to_io_result()?; - mount::mount::<str, _, str, str>( - None, - "build/tmp/runc/rootfs", - None, - MsFlags::MS_BIND | MsFlags::MS_REMOUNT | MsFlags::MS_RDONLY, - None, - ) - .to_io_result()?; +fn configure_spec(path: &str, run: &str) { + let mut spec = runtime::Spec::load(path).unwrap(); - Ok(()) + let process = spec.process.as_mut().unwrap(); + process.terminal = Some(false); + process.user = runtime::User { + uid: unshare::BUILD_UID, + gid: unshare::BUILD_GID, + additional_gids: None, + username: None, + }; + process.args = Some( + vec!["sh", "-c", run] + .into_iter() + .map(str::to_string) + .collect(), + ); + process.cwd = "/rebel".to_string(); + + let root = spec.root.as_mut().unwrap(); + root.path = "../rootfs".to_string(); + + spec.hostname = Some("rebel-builder".to_string()); + + spec.save(path).unwrap(); } pub fn handle_task(task: TaskRef, task_def: Task) -> Result<(), Error> { init_task()?; - let output = process::Command::new("sh") - .arg("-c") - .arg(task_def.run) - .current_dir("build/tmp/runc/rootfs") + process::Command::new("runc") + .arg("spec") + .current_dir("build/tmp/runc") + .status()? + .check()?; + + configure_spec("build/tmp/runc/config.json", task_def.run.as_str()); + + let output = process::Command::new("runc") + .arg("--root") + .arg("build/tmp/runc/state") + .arg("run") + .arg("rebel") + .current_dir("build/tmp/runc") .output()?; if output.status.success() { @@ -82,7 +105,11 @@ pub fn handle_task(task: TaskRef, task_def: Task) -> Result<(), Error> { String::from_utf8_lossy(output.stdout.as_slice()), ); } else { - println!("{}:\n\t{:?}", task, output); + println!( + "{}:\n{}", + task, + String::from_utf8_lossy(output.stderr.as_slice()), + ); } Ok(()) |