Skip to content

Commit

Permalink
Pass NOTIFY_SOCKET and LISTEN_FDS env to OCI RUntime if set
Browse files Browse the repository at this point in the history
In order to have sd_notify from systemd to work in containers
we need to pass down the NOTIFY_SOCKET environment variable to
the container.

LISTEN_FDS, tells the application inside of the container to use
socket activation and grab the FDS that are leaked into the container.

Signed-off-by: Daniel J Walsh <[email protected]>

Closes: #271
Approved by: umohnani8
  • Loading branch information
rhatdan authored and rh-atomic-bot committed Feb 5, 2018
1 parent 095aaaa commit 989f5e3
Show file tree
Hide file tree
Showing 5 changed files with 169 additions and 0 deletions.
9 changes: 9 additions & 0 deletions libpod/oci.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"time"

"github.com/containerd/cgroups"
"github.com/coreos/go-systemd/activation"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
Expand Down Expand Up @@ -210,6 +211,14 @@ func (r *OCIRuntime) createContainer(ctr *Container, cgroupParent string) (err e
// 0, 1 and 2 are stdin, stdout and stderr
cmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", 3))
cmd.Env = append(cmd.Env, fmt.Sprintf("_OCI_STARTPIPE=%d", 4))
if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok {
cmd.Env = append(cmd.Env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify))
}
if listenfds, ok := os.LookupEnv("LISTEN_FDS"); ok {
cmd.Env = append(cmd.Env, fmt.Sprintf("LISTEN_FDS=%s", listenfds))
fds := activation.Files(false)
cmd.ExtraFiles = append(cmd.ExtraFiles, fds...)
}

err = cmd.Start()
if err != nil {
Expand Down
11 changes: 11 additions & 0 deletions test/e2e/run_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,17 @@ var _ = Describe("Podman run", func() {
Expect(session.OutputToString()).To(ContainSubstring("15"))
})

It("podman run notify_socket", func() {
sock := "/run/sock"
os.Setenv("NOTIFY_SOCKET", sock)
session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "NOTIFY_SOCKET"})
session.Wait(10)
Expect(session.ExitCode()).To(Equal(0))
match, _ := session.GrepString(sock)
Expect(match).Should(BeTrue())
os.Unsetenv("NOTIFY_SOCKET")
})

It("podman run log-opt", func() {
log := filepath.Join(podmanTest.TempDir, "/container.log")
session := podmanTest.Podman([]string{"run", "--rm", "--log-opt", fmt.Sprintf("path=%s", log), ALPINE, "ls"})
Expand Down
52 changes: 52 additions & 0 deletions vendor/github.com/coreos/go-systemd/activation/files.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

60 changes: 60 additions & 0 deletions vendor/github.com/coreos/go-systemd/activation/listeners.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

37 changes: 37 additions & 0 deletions vendor/github.com/coreos/go-systemd/activation/packetconns.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 989f5e3

Please sign in to comment.