mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-22 20:45:18 +00:00
lxc: controller: Improve container error reporting
Add a handshake with the cloned container process to try and detect if it fails to start.
This commit is contained in:
parent
965a957ccc
commit
a7e2dd1c32
@ -90,6 +90,7 @@ struct __lxc_child_argv {
|
||||
char **veths;
|
||||
int monitor;
|
||||
char *ttyPath;
|
||||
int handshakefd;
|
||||
};
|
||||
|
||||
|
||||
@ -128,7 +129,7 @@ static virCommandPtr lxcContainerBuildInitCmd(virDomainDefPtr vmDef)
|
||||
*
|
||||
* Returns 0 on success or -1 in case of error
|
||||
*/
|
||||
static int lxcContainerSetStdio(int control, int ttyfd)
|
||||
static int lxcContainerSetStdio(int control, int ttyfd, int handshakefd)
|
||||
{
|
||||
int rc = -1;
|
||||
int open_max, i;
|
||||
@ -149,7 +150,7 @@ static int lxcContainerSetStdio(int control, int ttyfd)
|
||||
* close all FDs before executing the container */
|
||||
open_max = sysconf (_SC_OPEN_MAX);
|
||||
for (i = 0; i < open_max; i++)
|
||||
if (i != ttyfd && i != control) {
|
||||
if (i != ttyfd && i != control && i != handshakefd) {
|
||||
int tmpfd = i;
|
||||
VIR_FORCE_CLOSE(tmpfd);
|
||||
}
|
||||
@ -802,7 +803,13 @@ static int lxcContainerChild( void *data )
|
||||
if (lxcContainerDropCapabilities() < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (lxcContainerSetStdio(argv->monitor, ttyfd) < 0) {
|
||||
if (lxcContainerSendContinue(argv->handshakefd) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("failed to send continue signal to controller"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (lxcContainerSetStdio(argv->monitor, ttyfd, argv->handshakefd) < 0) {
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -811,6 +818,7 @@ cleanup:
|
||||
VIR_FREE(ttyPath);
|
||||
VIR_FORCE_CLOSE(ttyfd);
|
||||
VIR_FORCE_CLOSE(argv->monitor);
|
||||
VIR_FORCE_CLOSE(argv->handshakefd);
|
||||
|
||||
if (ret == 0) {
|
||||
/* this function will only return if an error occured */
|
||||
@ -870,13 +878,15 @@ int lxcContainerStart(virDomainDefPtr def,
|
||||
unsigned int nveths,
|
||||
char **veths,
|
||||
int control,
|
||||
int handshakefd,
|
||||
char *ttyPath)
|
||||
{
|
||||
pid_t pid;
|
||||
int flags;
|
||||
int stacksize = getpagesize() * 4;
|
||||
char *stack, *stacktop;
|
||||
lxc_child_argv_t args = { def, nveths, veths, control, ttyPath };
|
||||
lxc_child_argv_t args = { def, nveths, veths, control, ttyPath,
|
||||
handshakefd};
|
||||
|
||||
/* allocate a stack for the container */
|
||||
if (VIR_ALLOC_N(stack, stacksize) < 0) {
|
||||
|
@ -52,6 +52,7 @@ int lxcContainerStart(virDomainDefPtr def,
|
||||
unsigned int nveths,
|
||||
char **veths,
|
||||
int control,
|
||||
int handshakefd,
|
||||
char *ttyPath);
|
||||
|
||||
int lxcContainerAvailable(int features);
|
||||
|
@ -617,6 +617,7 @@ lxcControllerRun(virDomainDefPtr def,
|
||||
{
|
||||
int rc = -1;
|
||||
int control[2] = { -1, -1};
|
||||
int containerhandshake[2] = { -1, -1 };
|
||||
int containerPty = -1;
|
||||
char *containerPtyPath = NULL;
|
||||
pid_t container = -1;
|
||||
@ -630,6 +631,12 @@ lxcControllerRun(virDomainDefPtr def,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (socketpair(PF_UNIX, SOCK_STREAM, 0, containerhandshake) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("socketpair failed"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
root = virDomainGetRootFilesystem(def);
|
||||
|
||||
if (lxcSetContainerResources(def) < 0)
|
||||
@ -725,9 +732,11 @@ lxcControllerRun(virDomainDefPtr def,
|
||||
nveths,
|
||||
veths,
|
||||
control[1],
|
||||
containerhandshake[1],
|
||||
containerPtyPath)) < 0)
|
||||
goto cleanup;
|
||||
VIR_FORCE_CLOSE(control[1]);
|
||||
VIR_FORCE_CLOSE(containerhandshake[1]);
|
||||
|
||||
if (lxcControllerMoveInterfaces(nveths, veths, container) < 0)
|
||||
goto cleanup;
|
||||
@ -738,6 +747,12 @@ lxcControllerRun(virDomainDefPtr def,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (lxcContainerWaitForContinue(containerhandshake[0]) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
_("error receiving signal from container"));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* Now the container is running, there's no need for us to keep
|
||||
any elevated capabilities */
|
||||
if (lxcControllerClearCapabilities() < 0)
|
||||
@ -760,6 +775,8 @@ cleanup:
|
||||
VIR_FREE(containerPtyPath);
|
||||
VIR_FORCE_CLOSE(containerPty);
|
||||
VIR_FORCE_CLOSE(handshakefd);
|
||||
VIR_FORCE_CLOSE(containerhandshake[0]);
|
||||
VIR_FORCE_CLOSE(containerhandshake[1]);
|
||||
|
||||
if (container > 1) {
|
||||
int status;
|
||||
|
Loading…
x
Reference in New Issue
Block a user