├── .gitignore ├── README.md ├── cgroups ├── cgroup_manager.go └── subsystems │ ├── cpu.go │ ├── cpuset.go │ ├── memory.go │ ├── subsystem.go │ └── util.go ├── commands ├── commands.go ├── commit.go ├── container-cmd │ ├── container_commands.go │ ├── exec.go │ ├── init.go │ ├── list.go │ ├── log.go │ ├── remove.go │ ├── run.go │ └── stop.go ├── image.go └── network.go ├── container ├── container.go ├── container_info.go ├── container_process.go ├── init.go └── util.go ├── document └── picture │ ├── diy-docker.png │ └── docker-container-cloud.png ├── go.mod ├── go.sum ├── image ├── image.go └── image_manage.go ├── main.go ├── my-docker ├── my-docker.tar ├── network ├── bridge.go ├── driver.go ├── init.go ├── ipam.go ├── network.go └── network_process.go ├── nsenter └── nsenter.go └── utils └── utils.go /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, built with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # Dependency directories (remove the comment below to include it) 15 | # vendor/ 16 | .idea 17 | *.DS_STORE 18 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # MyDocker 2 | DIY Docker,Just For Fun. 3 | 4 | Thanks for the following two books: 5 | 6 | ![](./document/picture/docker-container-cloud.png) 7 | 8 | ![](./document/picture/diy-docker.png) 9 | # How To Play 10 | ## Build 11 | * This project is developed on MacOS, with golang version `go1.17.1 darwin/amd64`. 12 | * This project contains **cgo** code. 13 | 14 | ### Build on MacOS 15 | Take MacOS for example: 16 | 17 | * First, install `x86_64-linux-musl-gcc` 18 | ``` 19 | arch -x86_64 brew install FiloSottile/musl-cross/musl-cross 20 | ``` 21 | * build with the following command: 22 | ```shell 23 | CC=x86_64-linux-musl-gcc CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -ldflags "-linkmode external -extldflags -static" -o my-docker main.go 24 | ``` 25 | 26 | #### Remote Debug 27 | In order to debug my-docker in linux os env: 28 | 29 | 1. Install go on ubuntu linux 30 | 2. Install delve 31 | ```shell 32 | go install github.com/go-delve/delve/cmd/dlv@latest 33 | ``` 34 | 3. Compile with dlv: 35 | ```shell 36 | CC=x86_64-linux-musl-gcc CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -ldflags "-linkmode external -extldflags -static" -gcflags "all=-N -l" -o my-docker-dlv main.go 37 | 38 | ``` 39 | 4. Start dlv on ubuntu 40 | ```shell 41 | dlv --listen=:2345 --headless=true --api-version=2 --accept-multiclient exec ./my-docker-dlv [command] -- [-option of my-docker] 42 | ``` 43 | 5. Use Go Remote in IDEA to start remote debug 44 | 45 | ## Play 46 | ### Environment 47 | ``` 48 | Linux ubuntu-linux 4.4.0-142-generic #168~14.04.1-Ubuntu SMP Sat Jan 19 11:26:28 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux 49 | ``` 50 | 51 | ### Setup 52 | 53 | * make sure **cgroup** is mounted 54 | * play with **root** user 55 | * for network: 56 | ```shell 57 | echo 1 > /proc/sys/net/ipv4/ip_forward 58 | ``` 59 | * uzip `my-docker.tar` in `/root` 60 | * play with `my-docker` after `chmod` 61 | 62 | ### Commands 63 | ```shell 64 | USAGE: 65 | my-docker [global options] command [command options] [arguments...] 66 | 67 | COMMANDS: 68 | exec exec a command into container 69 | init Init container process run user's process in container. Do not call it outside 70 | ps list all containers 71 | logs print logs of a container 72 | rm remove unused container 73 | run create a container: my-docker run -ti [command] 74 | stop stop a container 75 | network container network commands 76 | commit commit a container to image 77 | image image commands 78 | help, h Shows a list of commands or help for one command 79 | 80 | GLOBAL OPTIONS: 81 | --help, -h show help 82 | ``` 83 | #### run command 84 | ```shell 85 | USAGE: 86 | my-docker run [command options] [arguments...] 87 | 88 | OPTIONS: 89 | --ti enable tty 90 | -d detach container 91 | --mem value memory limit 92 | --cpushare value cpushare limit 93 | --cpuset value cpuset limit 94 | --name value container name 95 | -e value set environment 96 | --net value container network 97 | -p value port mapping 98 | ``` 99 | #### image command 100 | ```shell 101 | USAGE: 102 | my-docker image command [command options] [arguments...] 103 | 104 | COMMANDS: 105 | ls list images 106 | 107 | OPTIONS: 108 | --help, -h show help 109 | ``` 110 | 111 | #### network command 112 | ```shell 113 | USAGE: 114 | my-docker network command [command options] [arguments...] 115 | 116 | COMMANDS: 117 | create create a container network 118 | ls list container network 119 | rm remove container network 120 | 121 | OPTIONS: 122 | --help, -h show help 123 | ``` 124 | 125 | ### Images 126 | * not support `push/pull` command with repositories 127 | * only support make new image with `commit` command 128 | * two built-in images: 129 | ```shell 130 | REPOSITORY TAG IMAGE ID 131 | busybox 1.0.0 7bad98125db6 132 | busybox test 01ca9b37f1c4 133 | ``` 134 | The `busybox:1.0.0` provides a simplified linux environment。 135 | -------------------------------------------------------------------------------- /cgroups/cgroup_manager.go: -------------------------------------------------------------------------------- 1 | package cgroups 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/ForeverSRC/MyDocker/cgroups/subsystems" 7 | log "github.com/sirupsen/logrus" 8 | ) 9 | 10 | type CgroupManager struct { 11 | Path string 12 | Resource *subsystems.ResourceConfig 13 | } 14 | 15 | const CgroupPathFormat = "my-docker-cgroup/%s" 16 | 17 | func NewCgroupManager(path string) *CgroupManager { 18 | return &CgroupManager{ 19 | Path: path, 20 | } 21 | } 22 | 23 | func (m *CgroupManager) Apply(pid int) error { 24 | var err error 25 | for _, subSysIns := range subsystems.SubsystemIns { 26 | err = subSysIns.Apply(m.Path, pid) 27 | if err != nil { 28 | return fmt.Errorf("apply sub system %s error: %v", subSysIns.Name(), err) 29 | } 30 | 31 | } 32 | 33 | return nil 34 | } 35 | 36 | func (m *CgroupManager) Set(res *subsystems.ResourceConfig) error { 37 | var err error 38 | for _, subSysIns := range subsystems.SubsystemIns { 39 | err = subSysIns.Set(m.Path, res) 40 | if err != nil { 41 | return fmt.Errorf("set sub system %s error: %v", subSysIns.Name(), err) 42 | } 43 | 44 | } 45 | return nil 46 | } 47 | 48 | func (m *CgroupManager) Destroy() error { 49 | for _, subSysIns := range subsystems.SubsystemIns { 50 | if err := subSysIns.Remove(m.Path); err != nil { 51 | log.Warnf("remove cgroup fail %v", err) 52 | } 53 | 54 | } 55 | return nil 56 | } 57 | -------------------------------------------------------------------------------- /cgroups/subsystems/cpu.go: -------------------------------------------------------------------------------- 1 | package subsystems 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "path" 8 | "strconv" 9 | ) 10 | 11 | type CpuSubsystem struct { 12 | } 13 | 14 | func (cs *CpuSubsystem) Name() string { 15 | return "cpu" 16 | } 17 | 18 | func (cs *CpuSubsystem) Set(cgroupPath string, res *ResourceConfig) error { 19 | if subsysCgroupPath, err := GetCgroupPath(cs.Name(), cgroupPath, true); err == nil { 20 | if res.CpuShare != "" { 21 | if err := ioutil.WriteFile( 22 | path.Join(subsysCgroupPath, "cpu.shares"), 23 | []byte(res.CpuShare), 0644); err != nil { 24 | return fmt.Errorf("set cgroup cpu fail %v", err) 25 | } 26 | } 27 | return nil 28 | } else { 29 | return err 30 | } 31 | } 32 | 33 | func (cs *CpuSubsystem) Apply(cgroupPath string, pid int) error { 34 | if subsysCgroupPath, err := GetCgroupPath(cs.Name(), cgroupPath, true); err == nil { 35 | if err := ioutil.WriteFile(path.Join(subsysCgroupPath, "tasks"), []byte(strconv.Itoa(pid)), 0644); err != nil { 36 | return fmt.Errorf("set cgroup proc fail %v", err) 37 | } 38 | return nil 39 | } else { 40 | return fmt.Errorf("get cgroup %s error: %v", cgroupPath, err) 41 | } 42 | } 43 | 44 | func (cs *CpuSubsystem) Remove(cgroupPath string) error { 45 | if subsysCgroupPath, err := GetCgroupPath(cs.Name(), cgroupPath, true); err == nil { 46 | return os.Remove(subsysCgroupPath) 47 | } else { 48 | return err 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /cgroups/subsystems/cpuset.go: -------------------------------------------------------------------------------- 1 | package subsystems 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "path" 8 | "strconv" 9 | ) 10 | 11 | type CpuSetSubsystem struct { 12 | } 13 | 14 | func (css *CpuSetSubsystem) Name() string { 15 | return "cpuset" 16 | } 17 | 18 | func (css *CpuSetSubsystem) Set(cgroupPath string, res *ResourceConfig) error { 19 | if subsysCgroupPath, err := GetCgroupPath(css.Name(), cgroupPath, true); err == nil { 20 | if res.CpuSet != "" { 21 | if err := ioutil.WriteFile( 22 | path.Join(subsysCgroupPath, "cpuset.cpus"), 23 | []byte(res.CpuSet), 0644); err != nil { 24 | return fmt.Errorf("set cgroup cpuset fail %v", err) 25 | } 26 | } 27 | return nil 28 | } else { 29 | return err 30 | } 31 | } 32 | 33 | func (css *CpuSetSubsystem) Apply(cgroupPath string, pid int) error { 34 | if subsysCgroupPath, err := GetCgroupPath(css.Name(), cgroupPath, true); err == nil { 35 | if err := ioutil.WriteFile(path.Join(subsysCgroupPath, "tasks"), []byte(strconv.Itoa(pid)), 0644); err != nil { 36 | return fmt.Errorf("set cgroup proc fail: %v", err) 37 | } 38 | return nil 39 | } else { 40 | return fmt.Errorf("get cgroup %s error: %v", cgroupPath, err) 41 | } 42 | } 43 | 44 | func (css *CpuSetSubsystem) Remove(cgroupPath string) error { 45 | if subsysCgroupPath, err := GetCgroupPath(css.Name(), cgroupPath, true); err == nil { 46 | return os.Remove(subsysCgroupPath) 47 | } else { 48 | return err 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /cgroups/subsystems/memory.go: -------------------------------------------------------------------------------- 1 | package subsystems 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "path" 8 | "strconv" 9 | ) 10 | 11 | type MemorySubsystem struct { 12 | } 13 | 14 | func (ms *MemorySubsystem) Name() string { 15 | return "memory" 16 | } 17 | 18 | func (ms *MemorySubsystem) Set(cgroupPath string, res *ResourceConfig) error { 19 | if subsysCgroupPath, err := GetCgroupPath(ms.Name(), cgroupPath, true); err == nil { 20 | if res.MemoryLimit != "" { 21 | if err := ioutil.WriteFile( 22 | path.Join(subsysCgroupPath, "memory.limit_in_bytes"), 23 | []byte(res.MemoryLimit), 0644); err != nil { 24 | return fmt.Errorf("set cgroup memory fail %v", err) 25 | } 26 | } 27 | return nil 28 | } else { 29 | return err 30 | } 31 | } 32 | 33 | func (ms *MemorySubsystem) Apply(cgroupPath string, pid int) error { 34 | if subsysCgroupPath, err := GetCgroupPath(ms.Name(), cgroupPath, true); err == nil { 35 | if err := ioutil.WriteFile(path.Join(subsysCgroupPath, "tasks"), []byte(strconv.Itoa(pid)), 0644); err != nil { 36 | return fmt.Errorf("set cgroup proc fail %v", err) 37 | } 38 | return nil 39 | } else { 40 | return fmt.Errorf("get cgroup %s error: %v", cgroupPath, err) 41 | } 42 | } 43 | 44 | func (ms *MemorySubsystem) Remove(cgroupPath string) error { 45 | if subsysCgroupPath, err := GetCgroupPath(ms.Name(), cgroupPath, true); err == nil { 46 | return os.Remove(subsysCgroupPath) 47 | } else { 48 | return err 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /cgroups/subsystems/subsystem.go: -------------------------------------------------------------------------------- 1 | package subsystems 2 | 3 | type ResourceConfig struct { 4 | MemoryLimit string 5 | CpuShare string 6 | CpuSet string 7 | } 8 | 9 | type Subsystem interface { 10 | // Name 返回subsystem的名字 11 | Name() string 12 | // Set 设置某个cgroup在此subsystem中的资源限制 13 | Set(path string, res *ResourceConfig) error 14 | // Apply 将进程添加到某个cgroup中 15 | Apply(path string, pid int) error 16 | // Remove 移除某个cgroup 17 | Remove(path string) error 18 | } 19 | 20 | var ( 21 | SubsystemIns = []Subsystem{ 22 | &MemorySubsystem{}, 23 | &CpuSubsystem{}, 24 | } 25 | ) 26 | -------------------------------------------------------------------------------- /cgroups/subsystems/util.go: -------------------------------------------------------------------------------- 1 | package subsystems 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "os" 7 | "path" 8 | "strings" 9 | 10 | log "github.com/sirupsen/logrus" 11 | ) 12 | 13 | func FindCgroupMountpoint(subsystem string) string { 14 | f, err := os.Open("/proc/self/mountinfo") 15 | if err != nil { 16 | log.Warnf("file /proc/self/mountinfo not exist %v", err) 17 | return "" 18 | } 19 | 20 | defer f.Close() 21 | scanner := bufio.NewScanner(f) 22 | for scanner.Scan() { 23 | txt := scanner.Text() 24 | fields := strings.Split(txt, " ") 25 | for _, opt := range strings.Split(fields[len(fields)-1], ",") { 26 | if opt == subsystem { 27 | return fields[4] 28 | } 29 | } 30 | } 31 | if err := scanner.Err(); err != nil { 32 | return "" 33 | } 34 | 35 | return "" 36 | } 37 | 38 | func GetCgroupPath(subsystem string, cgroupPath string, autoCreate bool) (string, error) { 39 | cgroupRoot := FindCgroupMountpoint(subsystem) 40 | if _, err := os.Stat(path.Join(cgroupRoot, cgroupPath)); err == nil || (autoCreate && os.IsNotExist(err)) { 41 | if os.IsNotExist(err) { 42 | if err := os.MkdirAll(path.Join(cgroupRoot, cgroupPath), 0755); err == nil { 43 | 44 | } else { 45 | return "", fmt.Errorf("error create cgroup: %v", err) 46 | } 47 | } 48 | return path.Join(cgroupRoot, cgroupPath), nil 49 | } else { 50 | return "", fmt.Errorf("cgroup path error %v", err) 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /commands/commands.go: -------------------------------------------------------------------------------- 1 | package commands 2 | 3 | import ( 4 | containerCmd "github.com/ForeverSRC/MyDocker/commands/container-cmd" 5 | "github.com/urfave/cli" 6 | ) 7 | 8 | var AllCommands []cli.Command 9 | 10 | func init() { 11 | AllCommands = append(AllCommands, containerCmd.ContainerCommands...) 12 | AllCommands = append(AllCommands, networkCommand, commitCommand, imageCommand) 13 | } 14 | -------------------------------------------------------------------------------- /commands/commit.go: -------------------------------------------------------------------------------- 1 | package commands 2 | 3 | import ( 4 | "crypto/sha256" 5 | "encoding/json" 6 | "fmt" 7 | "os" 8 | "os/exec" 9 | "strings" 10 | 11 | "github.com/ForeverSRC/MyDocker/container" 12 | "github.com/ForeverSRC/MyDocker/image" 13 | "github.com/go-basic/uuid" 14 | "github.com/urfave/cli" 15 | ) 16 | 17 | var commitCommand = cli.Command{ 18 | Name: "commit", 19 | Usage: "commit a container to image", 20 | Action: func(context *cli.Context) error { 21 | if len(context.Args()) < 2 { 22 | return fmt.Errorf("missing container id or image repository:tag") 23 | } 24 | 25 | args := context.Args() 26 | containerID := args[0] 27 | imgInfo := args[1] 28 | if !strings.ContainsRune(imgInfo, ':') { 29 | imgInfo = imgInfo + ":latest" 30 | } 31 | 32 | return commitContainer(containerID, imgInfo) 33 | 34 | }, 35 | } 36 | 37 | func commitContainer(containerID, imageInfo string) error { 38 | containerInfo, err := container.GetContainerInfoById(containerID) 39 | if err != nil { 40 | return err 41 | } 42 | 43 | imageID, err := image.GetImageID(containerInfo.Image) 44 | if err != nil { 45 | return fmt.Errorf("get image ID error: %v", err) 46 | } 47 | 48 | layers, err := image.GetImageLayers(imageID) 49 | if err != nil { 50 | return err 51 | } 52 | 53 | writeURL := fmt.Sprintf(container.ContainerWriteLayerUrl, containerID) 54 | roURL := fmt.Sprintf(container.ContainerAUFSRootUrl, uuid.New()) 55 | cmd := exec.Command("cp", "-r", writeURL, roURL) 56 | cmd.Stdout = os.Stdout 57 | cmd.Stderr = os.Stderr 58 | err = cmd.Run() 59 | if err != nil { 60 | return err 61 | } 62 | 63 | newLayers := make([]string, len(layers)) 64 | copy(newLayers, layers) 65 | newLayers = append(newLayers, roURL) 66 | 67 | tmp := strings.Split(imageInfo, ":") 68 | repo, tag := tmp[0], tmp[1] 69 | imgCfg := &image.ImageConfig{ 70 | Repository: repo, 71 | Os: "linux", 72 | Arch: "amd64", 73 | Tag: tag, 74 | Layers: newLayers, 75 | } 76 | 77 | jsonByte, err := json.Marshal(imgCfg) 78 | if err != nil { 79 | return err 80 | } 81 | 82 | newImageID := fmt.Sprintf("%x", sha256.Sum256(jsonByte)) 83 | jsonStr := string(jsonByte) 84 | err = image.CommitNewImage(repo, tag, newImageID, jsonStr) 85 | if err != nil { 86 | return err 87 | } 88 | 89 | fmt.Println(newImageID) 90 | 91 | return nil 92 | 93 | } 94 | -------------------------------------------------------------------------------- /commands/container-cmd/container_commands.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "github.com/urfave/cli" 5 | ) 6 | 7 | var ContainerCommands = []cli.Command{ 8 | execCommand, 9 | initCommand, 10 | listCommand, 11 | logCommand, 12 | removeCommand, 13 | runCommand, 14 | stopCommand, 15 | } 16 | -------------------------------------------------------------------------------- /commands/container-cmd/exec.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "os/exec" 8 | "strconv" 9 | "strings" 10 | 11 | "github.com/ForeverSRC/MyDocker/container" 12 | "github.com/ForeverSRC/MyDocker/utils" 13 | log "github.com/sirupsen/logrus" 14 | "github.com/urfave/cli" 15 | 16 | _ "github.com/ForeverSRC/MyDocker/nsenter" 17 | ) 18 | 19 | const ENV_EXEC_PID = "my_docker_pid" 20 | const ENV_EXEC_CMD = "my_docker_cmd" 21 | 22 | var execCommand = cli.Command{ 23 | Name: "exec", 24 | Usage: "exec a command into container", 25 | Action: func(context *cli.Context) error { 26 | if os.Getenv(ENV_EXEC_PID) != "" { 27 | log.Infof("pid callback pid %d", os.Getgid()) 28 | return nil 29 | } 30 | 31 | if len(context.Args()) < 2 { 32 | return fmt.Errorf("missing container id or command") 33 | } 34 | containerID := context.Args().Get(0) 35 | 36 | var cmdArray []string 37 | for _, arg := range context.Args().Tail() { 38 | cmdArray = append(cmdArray, arg) 39 | } 40 | 41 | execContainer(containerID, cmdArray) 42 | return nil 43 | }, 44 | } 45 | 46 | func execContainer(containerID string, cmdArray []string) { 47 | containerInfo, err := container.GetContainerInfoById(containerID) 48 | if err != nil { 49 | log.Errorf("get container info error:%v", err) 50 | return 51 | } 52 | 53 | if containerInfo.Status != container.RUNNING { 54 | log.Errorf("container %s is not running", containerID) 55 | return 56 | } 57 | 58 | pid, err := strconv.Atoi(containerInfo.Pid) 59 | if err != nil { 60 | log.Errorf("strconv.Atoi error:%v", err) 61 | return 62 | } 63 | 64 | containerProcNotExist := !utils.ProcessExist(pid) 65 | if containerProcNotExist { 66 | log.Warnf("process of container %s is not exist", containerID) 67 | container.SetContainerStateToStop(containerID) 68 | return 69 | } 70 | 71 | cmdStr := strings.Join(cmdArray, " ") 72 | log.Infof("exec container pid %s, command: %s", containerInfo.Pid, cmdStr) 73 | 74 | cmd := exec.Command("/proc/self/exe", "exec") 75 | cmd.Stdin = os.Stdin 76 | cmd.Stdout = os.Stdout 77 | cmd.Stderr = os.Stderr 78 | 79 | if err := os.Setenv(ENV_EXEC_PID, containerInfo.Pid); err != nil { 80 | log.Errorf("set ENV_EXEC_PID = %s error: %v", containerInfo.Pid, err) 81 | return 82 | } 83 | if err := os.Setenv(ENV_EXEC_CMD, cmdStr); err != nil { 84 | log.Errorf("set ENV_EXEC_CMD = %s error: %v", cmdStr, err) 85 | return 86 | } 87 | 88 | containerEnvs := getEnvByPid(containerInfo.Pid) 89 | cmd.Env = append(os.Environ(), containerEnvs...) 90 | 91 | if err := cmd.Run(); err != nil { 92 | log.Errorf("exec container %s error %v", containerID, err) 93 | } 94 | 95 | return 96 | 97 | } 98 | 99 | func getEnvByPid(pid string) []string { 100 | // 进程环境变量存放位置:/proc/PID/environ 101 | path := fmt.Sprintf("/proc/%s/environ", pid) 102 | contentBytes, err := ioutil.ReadFile(path) 103 | 104 | if err != nil { 105 | log.Errorf("read file %s error: %v", path, err) 106 | return nil 107 | } 108 | 109 | envs := strings.Split(string(contentBytes), "\u0000") 110 | return envs 111 | } 112 | -------------------------------------------------------------------------------- /commands/container-cmd/init.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "github.com/ForeverSRC/MyDocker/container" 5 | log "github.com/sirupsen/logrus" 6 | "github.com/urfave/cli" 7 | ) 8 | 9 | var initCommand = cli.Command{ 10 | Name: "init", 11 | Usage: "Init container process run user's process in container. Do not call it outside", 12 | Action: func(context *cli.Context) error { 13 | if err := container.RunContainerInitProcess(); err != nil { 14 | log.Errorf("run init command error: %v", err) 15 | return err 16 | } 17 | 18 | return nil 19 | }, 20 | } 21 | -------------------------------------------------------------------------------- /commands/container-cmd/list.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/ForeverSRC/MyDocker/container" 7 | "github.com/ForeverSRC/MyDocker/utils" 8 | "github.com/urfave/cli" 9 | ) 10 | 11 | const containerTableTitle = "CONTAINER ID\tIMAGE\tName\tPID\tSTATUS\tCOMMAND\tCREATED\tNETWORK\tIP\tPort Mapping\n" 12 | 13 | var listCommand = cli.Command{ 14 | Name: "ps", 15 | Usage: "list all containers", 16 | Action: func(context *cli.Context) error { 17 | cInfos, err := container.ListContainers() 18 | if err != nil { 19 | return err 20 | } 21 | 22 | printContainerInfoTable(cInfos) 23 | 24 | return nil 25 | }, 26 | } 27 | 28 | func printContainerInfoTable(containers []*container.ContainerInfo) { 29 | infos := make([]string, len(containers)) 30 | for idx, item := range containers { 31 | infos[idx] = fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n", 32 | item.Id, 33 | item.Image, 34 | item.Name, 35 | item.Pid, 36 | item.Status, 37 | item.Command, 38 | item.CreateTime, 39 | item.Network, 40 | item.IpAddress, 41 | item.PortMapping, 42 | ) 43 | } 44 | 45 | utils.PrintInfoTable(containerTableTitle, infos) 46 | } 47 | -------------------------------------------------------------------------------- /commands/container-cmd/log.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/ForeverSRC/MyDocker/container" 7 | "github.com/urfave/cli" 8 | ) 9 | 10 | var logCommand = cli.Command{ 11 | Name: "logs", 12 | Usage: "print logs of a container", 13 | Action: func(context *cli.Context) error { 14 | if len(context.Args()) < 1 { 15 | return fmt.Errorf("container id missed, please input") 16 | } 17 | containerID := context.Args().Get(0) 18 | container.LogContainer(containerID) 19 | return nil 20 | }, 21 | } 22 | -------------------------------------------------------------------------------- /commands/container-cmd/remove.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | 7 | "github.com/ForeverSRC/MyDocker/cgroups" 8 | "github.com/ForeverSRC/MyDocker/container" 9 | "github.com/ForeverSRC/MyDocker/network" 10 | log "github.com/sirupsen/logrus" 11 | "github.com/urfave/cli" 12 | ) 13 | 14 | var removeCommand = cli.Command{ 15 | Name: "rm", 16 | Usage: "remove unused container", 17 | Action: func(context *cli.Context) error { 18 | if len(context.Args()) < 1 { 19 | return fmt.Errorf("missing container id") 20 | } 21 | 22 | containerID := context.Args().Get(0) 23 | RemoveContainer(containerID) 24 | 25 | return nil 26 | }, 27 | } 28 | 29 | func RemoveContainer(containerID string) { 30 | containerInfo, err := container.GetContainerInfoById(containerID) 31 | if err != nil { 32 | log.Errorf("get container %s info error %v", containerID, err) 33 | return 34 | } 35 | 36 | if containerInfo.Status == container.RUNNING { 37 | log.Errorf("could not remove running container") 38 | return 39 | } 40 | 41 | // remove container config files 42 | dirUrl := fmt.Sprintf(container.DefaultInfoLocation, containerID) 43 | if err = os.RemoveAll(dirUrl); err != nil { 44 | log.Errorf("remove file %s error: %v", dirUrl, err) 45 | return 46 | } 47 | 48 | // remove container write layer 49 | if err = container.DeleteWorkSpace(containerID); err != nil { 50 | log.Errorf("remove workspace of container %s error: %v", containerID, err) 51 | return 52 | } 53 | 54 | // remove container cgroups 55 | cgroupManager := cgroups.NewCgroupManager(fmt.Sprintf(cgroups.CgroupPathFormat, containerID)) 56 | if err = cgroupManager.Destroy(); err != nil { 57 | log.Errorf("remove cgroup of container %s error: %v", containerID, err) 58 | } 59 | 60 | // Release ip allocated for container 61 | if containerInfo.Network != "" && containerInfo.IpAddress != "" { 62 | network.Init() 63 | network.ReleaseIp(containerInfo.Network, containerInfo.IpAddress) 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /commands/container-cmd/run.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | "net" 6 | "os" 7 | "os/exec" 8 | "strconv" 9 | "strings" 10 | "syscall" 11 | 12 | "github.com/ForeverSRC/MyDocker/cgroups" 13 | "github.com/ForeverSRC/MyDocker/cgroups/subsystems" 14 | "github.com/ForeverSRC/MyDocker/container" 15 | img "github.com/ForeverSRC/MyDocker/image" 16 | "github.com/ForeverSRC/MyDocker/network" 17 | log "github.com/sirupsen/logrus" 18 | "github.com/urfave/cli" 19 | ) 20 | 21 | var runCommand = cli.Command{ 22 | Name: "run", 23 | Usage: `create a container: my-docker run -ti [command]`, 24 | Flags: []cli.Flag{ 25 | cli.BoolFlag{ 26 | Name: "ti", 27 | Usage: "enable tty", 28 | }, 29 | cli.BoolFlag{ 30 | Name: "d", 31 | Usage: "detach container", 32 | }, 33 | cli.StringFlag{ 34 | Name: "mem", 35 | Usage: "memory limit", 36 | }, 37 | cli.StringFlag{ 38 | Name: "cpushare", 39 | Usage: "cpushare limit", 40 | }, 41 | cli.StringFlag{ 42 | Name: "cpuset", 43 | Usage: "cpuset limit", 44 | }, 45 | cli.StringFlag{ 46 | Name: "name", 47 | Usage: "container name", 48 | }, 49 | cli.StringSliceFlag{ 50 | Name: "e", 51 | Usage: "set environment", 52 | }, 53 | cli.StringFlag{ 54 | Name: "net", 55 | Usage: "container network", 56 | }, 57 | cli.StringSliceFlag{ 58 | Name: "p", 59 | Usage: "port mapping", 60 | }, 61 | }, 62 | 63 | Action: func(context *cli.Context) error { 64 | if len(context.Args()) < 2 { 65 | return fmt.Errorf("missing image or container command") 66 | } 67 | 68 | var args []string 69 | for _, arg := range context.Args() { 70 | args = append(args, arg) 71 | } 72 | 73 | image := args[0] 74 | cmdArray := args[1:] 75 | 76 | tty := context.Bool("ti") 77 | detach := context.Bool("d") 78 | if tty && detach { 79 | return fmt.Errorf("-ti and -d parameter can not both provided") 80 | } 81 | 82 | resConf := &subsystems.ResourceConfig{ 83 | MemoryLimit: context.String("mem"), 84 | CpuSet: context.String("cpuset"), 85 | CpuShare: context.String("cpushare"), 86 | } 87 | 88 | containerName := context.String("name") 89 | 90 | envSlice := context.StringSlice("e") 91 | network := context.String("net") 92 | portMapping := context.StringSlice("p") 93 | 94 | runCmdArgs := &runArgs{ 95 | image: image, 96 | tty: tty, 97 | cmdArray: cmdArray, 98 | containerName: containerName, 99 | res: resConf, 100 | envSlice: envSlice, 101 | network: network, 102 | portMapping: portMapping, 103 | } 104 | 105 | if err := run(runCmdArgs); err != nil { 106 | log.Error(err) 107 | return err 108 | } 109 | 110 | return nil 111 | }, 112 | } 113 | 114 | type runArgs struct { 115 | image string 116 | tty bool 117 | cmdArray []string 118 | containerName string 119 | res *subsystems.ResourceConfig 120 | envSlice []string 121 | network string 122 | portMapping []string 123 | } 124 | 125 | func run(args *runArgs) (err error) { 126 | var mntUrl string 127 | var parent *exec.Cmd = nil 128 | var writePipe *os.File = nil 129 | var cgroupManager *cgroups.CgroupManager = nil 130 | 131 | cinfo := &container.ContainerInfo{} 132 | 133 | defer func() { 134 | rcv := recover() 135 | if err != nil || rcv != nil { 136 | if parent != nil { 137 | _ = syscall.Kill(parent.Process.Pid, syscall.SIGTERM) 138 | } 139 | 140 | if writePipe != nil { 141 | _ = writePipe.Close() 142 | } 143 | 144 | if mntUrl != "" { 145 | _ = container.DeleteWorkSpace(cinfo.Id) 146 | } 147 | 148 | if cgroupManager != nil { 149 | _ = cgroupManager.Destroy() 150 | } 151 | } 152 | }() 153 | 154 | imageID := checkImage(args.image) 155 | if imageID == "" { 156 | log.Errorf("image:%s is not exist", args.image) 157 | return 158 | } 159 | 160 | cinfo.Image = args.image 161 | 162 | cID, cName := container.GenerateContainerIDAndName(args.containerName) 163 | cinfo.Id = cID 164 | cinfo.Name = cName 165 | 166 | mntUrl, err = createContainerWorkspace(imageID, cID) 167 | if err != nil { 168 | return 169 | } 170 | 171 | parent, writePipe = container.NewParentProcess(mntUrl, args.tty, cID, args.envSlice) 172 | if parent == nil { 173 | err = fmt.Errorf("new parent process error") 174 | return 175 | } 176 | 177 | // 只有Start()后才有Process,才能有pid 178 | if err = parent.Start(); err != nil { 179 | return 180 | } 181 | 182 | cinfo.Pid = strconv.Itoa(parent.Process.Pid) 183 | 184 | cgroupManager = cgroups.NewCgroupManager(fmt.Sprintf(cgroups.CgroupPathFormat, cID)) 185 | if err = createCgroups(cgroupManager, args.res, parent.Process.Pid); err != nil { 186 | return 187 | } 188 | 189 | if args.network != "" { 190 | cinfo.PortMapping = args.portMapping 191 | 192 | var ip net.IP 193 | ip, err = processNetwork(args.network, cinfo) 194 | if err != nil { 195 | err = fmt.Errorf("error connect network %s: %v", args.network, err) 196 | return 197 | } 198 | 199 | cinfo.Network = args.network 200 | cinfo.IpAddress = ip.To4().String() 201 | } 202 | 203 | cinfo.Command = strings.Join(args.cmdArray, "") 204 | if err = container.RecordContainerInfo(cinfo); err != nil { 205 | err = fmt.Errorf("record container info error: %v", err) 206 | return 207 | } 208 | 209 | if err = sendInitCommand(args.cmdArray, writePipe); err != nil { 210 | return 211 | } 212 | 213 | if args.tty { 214 | err2 := parent.Wait() 215 | if err2 != nil { 216 | log.Errorf("parent wait return error: %v", err2) 217 | } 218 | 219 | container.SetContainerStateToStop(cID) 220 | } 221 | 222 | return 223 | } 224 | 225 | func checkImage(image string) string { 226 | imageID, err := img.GetImageID(image) 227 | if err != nil { 228 | log.Errorf("get image id of image: %s error: %v", image, err) 229 | return "" 230 | } 231 | 232 | return imageID 233 | } 234 | 235 | func createContainerWorkspace(imageID string, containerID string) (string, error) { 236 | mntUrl, err := container.NewWorkspace(imageID, containerID) 237 | if err != nil { 238 | log.Errorf("new workspace error: %v", err) 239 | return "", nil 240 | } 241 | 242 | return mntUrl, nil 243 | } 244 | 245 | func createCgroups(cgroupManager *cgroups.CgroupManager, res *subsystems.ResourceConfig, pid int) error { 246 | if err := cgroupManager.Set(res); err != nil { 247 | return err 248 | } 249 | 250 | if err := cgroupManager.Apply(pid); err != nil { 251 | return err 252 | } 253 | 254 | return nil 255 | } 256 | 257 | func processNetwork(nw string, cinfo *container.ContainerInfo) (net.IP, error) { 258 | network.Init() 259 | ip, err := network.Connect(nw, cinfo) 260 | if err != nil { 261 | return nil, fmt.Errorf("error connect network %s: %v", nw, err) 262 | } 263 | 264 | return ip, nil 265 | } 266 | 267 | func sendInitCommand(cmdArray []string, writePipe *os.File) error { 268 | defer writePipe.Close() 269 | command := strings.Join(cmdArray, " ") 270 | if _, err := writePipe.WriteString(command); err != nil { 271 | return fmt.Errorf("send init command [%s] error:%v", command, err) 272 | } 273 | 274 | return nil 275 | 276 | } 277 | -------------------------------------------------------------------------------- /commands/container-cmd/stop.go: -------------------------------------------------------------------------------- 1 | package container_cmd 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/ForeverSRC/MyDocker/container" 7 | "github.com/urfave/cli" 8 | ) 9 | 10 | var stopCommand = cli.Command{ 11 | Name: "stop", 12 | Usage: "stop a container", 13 | Action: func(context *cli.Context) error { 14 | if len(context.Args()) < 1 { 15 | return fmt.Errorf("container name missed, please input") 16 | } 17 | containerID := context.Args().Get(0) 18 | container.StopContainer(containerID) 19 | return nil 20 | }, 21 | } 22 | -------------------------------------------------------------------------------- /commands/image.go: -------------------------------------------------------------------------------- 1 | package commands 2 | 3 | import ( 4 | "github.com/ForeverSRC/MyDocker/image" 5 | "github.com/ForeverSRC/MyDocker/utils" 6 | "github.com/urfave/cli" 7 | ) 8 | 9 | var imageCommand = cli.Command{ 10 | Name: "image", 11 | Usage: "image commands", 12 | Subcommands: []cli.Command{ 13 | imageListCmd, 14 | }, 15 | } 16 | 17 | const imageTableTitle = "REPOSITORY\tTAG\tIMAGE ID\n" 18 | 19 | var imageListCmd = cli.Command{ 20 | Name: "ls", 21 | Usage: "list images", 22 | Action: func(context *cli.Context) error { 23 | infos := image.ListImages() 24 | utils.PrintInfoTable(imageTableTitle, infos) 25 | return nil 26 | }, 27 | } 28 | -------------------------------------------------------------------------------- /commands/network.go: -------------------------------------------------------------------------------- 1 | package commands 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/ForeverSRC/MyDocker/network" 7 | "github.com/ForeverSRC/MyDocker/utils" 8 | "github.com/urfave/cli" 9 | ) 10 | 11 | var networkCommand = cli.Command{ 12 | Name: "network", 13 | Usage: "container network commands", 14 | Subcommands: []cli.Command{ 15 | networkCreateCmd, 16 | networkListCmd, 17 | networkRemoveCmd, 18 | }, 19 | } 20 | 21 | var networkCreateCmd = cli.Command{ 22 | Name: "create", 23 | Usage: "create a container network", 24 | Flags: []cli.Flag{ 25 | cli.StringFlag{ 26 | Name: "driver", 27 | Usage: "network driver", 28 | }, 29 | cli.StringFlag{ 30 | Name: "subnet", 31 | Usage: "subnet cider", 32 | }, 33 | }, 34 | Action: func(context *cli.Context) error { 35 | if len(context.Args()) < 1 { 36 | return fmt.Errorf("missing network name") 37 | } 38 | 39 | network.Init() 40 | err := network.CreateNetwork(context.String("driver"), context.String("subnet"), context.Args()[0]) 41 | if err != nil { 42 | return fmt.Errorf("create network error %v", err) 43 | } 44 | 45 | return nil 46 | }, 47 | } 48 | 49 | const networkTableTitle = "NAME\tSubnet\tGateway\tDriver\n" 50 | 51 | var networkListCmd = cli.Command{ 52 | Name: "ls", 53 | Usage: "list container network", 54 | Action: func(context *cli.Context) error { 55 | network.Init() 56 | infos := network.ListNetwork() 57 | utils.PrintInfoTable(networkTableTitle, infos) 58 | return nil 59 | }, 60 | } 61 | 62 | var networkRemoveCmd = cli.Command{ 63 | Name: "rm", 64 | Usage: "remove container network", 65 | Action: func(context *cli.Context) error { 66 | if len(context.Args()) < 1 { 67 | return fmt.Errorf("missing network name") 68 | } 69 | 70 | network.Init() 71 | err := network.DeleteNetwork(context.Args()[0]) 72 | if err != nil { 73 | return fmt.Errorf("remove network error: %v", err) 74 | } 75 | 76 | return nil 77 | }, 78 | } 79 | -------------------------------------------------------------------------------- /container/container.go: -------------------------------------------------------------------------------- 1 | package container 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "strconv" 8 | "syscall" 9 | "time" 10 | 11 | "github.com/ForeverSRC/MyDocker/utils" 12 | log "github.com/sirupsen/logrus" 13 | ) 14 | 15 | func GenerateContainerIDAndName(containerName string) (string, string) { 16 | id := randStringBytes(10) 17 | if containerName == "" { 18 | containerName = id 19 | } 20 | 21 | return id, containerName 22 | } 23 | 24 | func RecordContainerInfo(containerInfo *ContainerInfo) error { 25 | containerInfo.CreateTime = time.Now().Format("2006-01-02 15:04:05") 26 | containerInfo.Status = RUNNING 27 | 28 | if err := containerInfo.dump(); err != nil { 29 | log.Errorf("record container info error: %v", err) 30 | return err 31 | } 32 | 33 | return nil 34 | } 35 | 36 | func GetContainerInfoById(containerID string) (*ContainerInfo, error) { 37 | configFilePath := getContainerConfigFilePath(containerID) 38 | 39 | var containerInfo = &ContainerInfo{} 40 | if err := containerInfo.load(configFilePath); err != nil { 41 | return nil, err 42 | } 43 | 44 | return containerInfo, nil 45 | } 46 | 47 | func ListContainers() ([]*ContainerInfo, error) { 48 | dirUrl := fmt.Sprintf(DefaultInfoLocation, "") 49 | dirUrl = dirUrl[:len(dirUrl)-1] 50 | 51 | dirs, err := ioutil.ReadDir(dirUrl) 52 | if err != nil { 53 | return nil, fmt.Errorf("read dir %s error:%v", dirUrl, err) 54 | 55 | } 56 | 57 | var containers []*ContainerInfo 58 | 59 | for _, dir := range dirs { 60 | containerID := dir.Name() 61 | tmpContainer, err := GetContainerInfoById(containerID) 62 | if err != nil { 63 | log.Errorf("get container info error: %v", err) 64 | continue 65 | } 66 | 67 | if tmpContainer.Status == RUNNING { 68 | pid, err := strconv.Atoi(tmpContainer.Pid) 69 | containerProcNotExist := !utils.ProcessExist(pid) 70 | if err != nil || containerProcNotExist { 71 | log.Warnf("process of container %s is not exist", containerID) 72 | tmpContainer = SetContainerStateToStop(containerID) 73 | } 74 | } 75 | 76 | containers = append(containers, tmpContainer) 77 | } 78 | 79 | return containers, nil 80 | } 81 | 82 | func LogContainer(containerID string) { 83 | dirUrl := fmt.Sprintf(DefaultInfoLocation, containerID) 84 | logFileLocation := dirUrl + ContainerLogFile 85 | 86 | file, err := os.Open(logFileLocation) 87 | defer file.Close() 88 | 89 | if err != nil { 90 | log.Errorf("log container open file %s error: %v", logFileLocation, err) 91 | return 92 | } 93 | 94 | content, err := ioutil.ReadAll(file) 95 | if err != nil { 96 | log.Errorf("log container read file %s error: %v", logFileLocation, err) 97 | return 98 | } 99 | 100 | fmt.Fprint(os.Stdout, string(content)) 101 | } 102 | 103 | func StopContainer(containerID string) { 104 | containerInfo, err := GetContainerInfoById(containerID) 105 | if err != nil { 106 | log.Errorf("get container info of %s error: %v", containerID, err) 107 | return 108 | } 109 | 110 | if containerInfo.Status == STOP { 111 | return 112 | } 113 | 114 | pid, err := strconv.Atoi(containerInfo.Pid) 115 | if err != nil { 116 | log.Errorf("convert pid from string to int error: %v", err) 117 | return 118 | } 119 | 120 | exist := utils.ProcessExist(pid) 121 | if exist { 122 | if err := syscall.Kill(pid, syscall.SIGTERM); err != nil { 123 | log.Errorf("stop container %s error: %v", containerID, err) 124 | return 125 | } 126 | 127 | changeContainerInfoToStop(containerInfo) 128 | } 129 | } 130 | 131 | func SetContainerStateToStop(containerID string) *ContainerInfo { 132 | containerInfo, err := GetContainerInfoById(containerID) 133 | if err != nil { 134 | log.Errorf("get container info of %s error: %v", containerID, err) 135 | return nil 136 | } 137 | 138 | return changeContainerInfoToStop(containerInfo) 139 | } 140 | 141 | func changeContainerInfoToStop(containerInfo *ContainerInfo) *ContainerInfo { 142 | containerInfo.Status = STOP 143 | containerInfo.Pid = " " 144 | err := containerInfo.dump() 145 | if err != nil { 146 | log.Errorf("change container %s to stop error: %v", containerInfo.Id, err) 147 | } 148 | 149 | return containerInfo 150 | } 151 | -------------------------------------------------------------------------------- /container/container_info.go: -------------------------------------------------------------------------------- 1 | package container 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "io/ioutil" 7 | "os" 8 | "path" 9 | 10 | log "github.com/sirupsen/logrus" 11 | ) 12 | 13 | type ContainerInfo struct { 14 | Pid string `json:"pid"` 15 | Id string `json:"id"` 16 | Image string `json:"image"` 17 | Name string `json:"name"` 18 | Command string `json:"command"` 19 | CreateTime string `json:"createTime"` 20 | Status string `json:"status"` 21 | Network string `json:"network"` 22 | IpAddress string `json:"ipAddress"` 23 | PortMapping []string `json:"portMapping"` 24 | } 25 | 26 | const ( 27 | RUNNING = "running" 28 | STOP = "stopped" 29 | EXIT = "exited" 30 | ) 31 | 32 | const ( 33 | DefaultInfoLocation = "/root/my-docker/containers/%s/" 34 | ConfigName = "config.json" 35 | ContainerLogFile = "container.log" 36 | ) 37 | 38 | func (c *ContainerInfo) dump() error { 39 | dirUrl := fmt.Sprintf(DefaultInfoLocation, c.Id) 40 | if _, err := os.Stat(dirUrl); err != nil { 41 | if os.IsNotExist(err) { 42 | err = os.MkdirAll(dirUrl, 0644) 43 | if err != nil { 44 | return err 45 | } 46 | } else { 47 | return err 48 | } 49 | } 50 | 51 | fileName := path.Join(dirUrl, ConfigName) 52 | configFile, err := os.OpenFile(fileName, os.O_TRUNC|os.O_RDWR|os.O_CREATE, 0644) 53 | defer configFile.Close() 54 | if err != nil { 55 | return fmt.Errorf("open %s error: %v", fileName, err) 56 | } 57 | 58 | jsonBytes, err := json.Marshal(c) 59 | if err != nil { 60 | return err 61 | } 62 | 63 | if _, err = configFile.Write(jsonBytes); err != nil { 64 | return err 65 | } 66 | 67 | return nil 68 | } 69 | 70 | func (c *ContainerInfo) load(dumpPath string) error { 71 | configJson, err := ioutil.ReadFile(dumpPath) 72 | if err != nil { 73 | return err 74 | } 75 | 76 | err = json.Unmarshal(configJson, c) 77 | if err != nil { 78 | log.Errorf("error load container info: %v", err) 79 | return err 80 | } 81 | 82 | return nil 83 | } 84 | -------------------------------------------------------------------------------- /container/container_process.go: -------------------------------------------------------------------------------- 1 | package container 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "os/exec" 7 | "strings" 8 | "syscall" 9 | 10 | img "github.com/ForeverSRC/MyDocker/image" 11 | 12 | log "github.com/sirupsen/logrus" 13 | ) 14 | 15 | const ( 16 | ContainerMntURL = "/root/my-docker/aufs/mnt/container-%s/" 17 | ContainerWriteLayerUrl = "/root/my-docker/aufs/diff/rw-%s/" 18 | ContainerAUFSRootUrl = "/root/my-docker/aufs/diff/%s/" 19 | ) 20 | 21 | func NewParentProcess(mntUrl string, tty bool, containerID string, envSlice []string) (*exec.Cmd, *os.File) { 22 | cmd := exec.Command("/proc/self/exe", "init") 23 | cmd.SysProcAttr = &syscall.SysProcAttr{ 24 | Cloneflags: syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID | syscall.CLONE_NEWNS | syscall.CLONE_NEWNET | syscall.CLONE_NEWIPC, 25 | } 26 | 27 | readPipe, writePipe, err := newPipe() 28 | if err != nil { 29 | log.Errorf("new pipe error %v", err) 30 | return nil, nil 31 | } 32 | 33 | // 传入管道文件读取端句柄,外带此句柄去创建子进程 34 | cmd.ExtraFiles = []*os.File{readPipe} 35 | cmd.Env = append(os.Environ(), envSlice...) 36 | cmd.Dir = mntUrl 37 | 38 | if tty { 39 | cmd.Stdin = os.Stdin 40 | cmd.Stdout = os.Stdout 41 | cmd.Stderr = os.Stderr 42 | } else { 43 | dirUrl := fmt.Sprintf(DefaultInfoLocation, containerID) 44 | if err := os.MkdirAll(dirUrl, 0622); err != nil { 45 | log.Errorf("new parent process mkdir %s error: %v", dirUrl, err) 46 | return nil, nil 47 | } 48 | 49 | stdLogFilePath := dirUrl + ContainerLogFile 50 | stdLogFile, err := os.Create(stdLogFilePath) 51 | if err != nil { 52 | log.Errorf("new parent process create file %s error: %v", stdLogFilePath, err) 53 | return nil, nil 54 | } 55 | 56 | cmd.Stdout = stdLogFile 57 | 58 | } 59 | 60 | return cmd, writePipe 61 | } 62 | 63 | func newPipe() (*os.File, *os.File, error) { 64 | read, write, err := os.Pipe() 65 | if err != nil { 66 | return nil, nil, err 67 | } 68 | 69 | return read, write, nil 70 | } 71 | 72 | // NewWorkspace Create a AUFS filesystem as container root workspace 73 | func NewWorkspace(imageID, containerID string) (string, error) { 74 | writeUrl, err := createWriteLayer(containerID) 75 | if err != nil { 76 | return "", err 77 | } 78 | 79 | return createMountPoint(imageID, containerID, writeUrl) 80 | } 81 | 82 | func createWriteLayer(containerID string) (string, error) { 83 | writeURL := fmt.Sprintf(ContainerWriteLayerUrl, containerID) 84 | if err := os.Mkdir(writeURL, 0777); err != nil { 85 | return "", fmt.Errorf("mkdir %s error: %v", writeURL, err) 86 | } 87 | 88 | return writeURL, nil 89 | } 90 | 91 | func createMountPoint(imageID, containerID, writeUrl string) (string, error) { 92 | mntUrl := fmt.Sprintf(ContainerMntURL, containerID) 93 | if err := os.Mkdir(mntUrl, 0777); err != nil { 94 | return "", fmt.Errorf("mkdir %s error: %v", mntUrl, err) 95 | } 96 | 97 | imageLayers, err := img.GetImageLayers(imageID) 98 | if err != nil { 99 | return "", err 100 | } 101 | 102 | roLayers := make([]string, len(imageLayers)) 103 | l := len(imageLayers) 104 | for i := 0; i < l; i++ { 105 | roLayers[i] = imageLayers[l-1-i] 106 | } 107 | 108 | roLayerStr := strings.Join(roLayers, ":") 109 | 110 | dirs := fmt.Sprintf("dirs=%s:%s", writeUrl, roLayerStr) 111 | 112 | cmd := exec.Command("mount", "-t", "aufs", "-o", dirs, "none", mntUrl) 113 | cmd.Stdout = os.Stdout 114 | cmd.Stderr = os.Stderr 115 | 116 | err = cmd.Run() 117 | return mntUrl, err 118 | } 119 | 120 | func DeleteWorkSpace(containerID string) error { 121 | if err := deleteMountPoint(containerID); err != nil { 122 | return err 123 | } 124 | 125 | return deleteWriterLayer(containerID) 126 | } 127 | 128 | func deleteMountPoint(containerID string) error { 129 | mntUrl := fmt.Sprintf(ContainerMntURL, containerID) 130 | 131 | cmd := exec.Command("umount", mntUrl) 132 | cmd.Stdout = os.Stdout 133 | cmd.Stderr = os.Stderr 134 | if err := cmd.Run(); err != nil { 135 | return err 136 | } 137 | 138 | if err := os.RemoveAll(mntUrl); err != nil { 139 | return fmt.Errorf("remove dir %s error: %v", mntUrl, err) 140 | } 141 | 142 | return nil 143 | } 144 | 145 | func deleteWriterLayer(containerID string) error { 146 | writeURL := fmt.Sprintf(ContainerWriteLayerUrl, containerID) 147 | return os.RemoveAll(writeURL) 148 | } 149 | -------------------------------------------------------------------------------- /container/init.go: -------------------------------------------------------------------------------- 1 | package container 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "os/exec" 8 | "path/filepath" 9 | "strings" 10 | "syscall" 11 | 12 | log "github.com/sirupsen/logrus" 13 | ) 14 | 15 | /* 16 | RunContainerInitProcess 此方法在容器内部执行,生成本容器执行的第一个进程 17 | 使用mount挂载proc文件系统,以便后面通过ps等命令查看当前进程资源的情况 18 | */ 19 | func RunContainerInitProcess() error { 20 | // block 21 | cmdArray := readUserCommand() 22 | if cmdArray == nil || len(cmdArray) == 0 { 23 | return fmt.Errorf("run container get user command error, cmdArray is nil") 24 | } 25 | 26 | if err := setUpMount(); err != nil { 27 | return err 28 | } 29 | 30 | // 可在系统的PATH中寻找命令的绝对路径 31 | path, err := exec.LookPath(cmdArray[0]) 32 | if err != nil { 33 | return fmt.Errorf("exec look path error %v", err) 34 | } 35 | 36 | // init进程读取了父进程传递过来的参数,在子进程内执行,完成了将用户指定命令传递给子进程的操作 37 | if err = syscall.Exec(path, cmdArray[0:], os.Environ()); err != nil { 38 | log.Errorf("syscall exec error: %v", err.Error()) 39 | } 40 | 41 | return nil 42 | } 43 | 44 | func readUserCommand() []string { 45 | // 0-stdin 46 | // 1-stdout 47 | // 2-stderr 48 | // 3-pipe 49 | pipe := os.NewFile(uintptr(3), "pipe") 50 | 51 | // block read 52 | msg, err := ioutil.ReadAll(pipe) 53 | if err != nil { 54 | log.Errorf("init read pipe error %v", err) 55 | return nil 56 | } 57 | 58 | msgStr := string(msg) 59 | return strings.Split(msgStr, " ") 60 | } 61 | 62 | func setUpMount() error { 63 | pwd, err := os.Getwd() 64 | if err != nil { 65 | return fmt.Errorf("pwd error:%v", err) 66 | } 67 | 68 | if err = pivotRoot(pwd); err != nil { 69 | return fmt.Errorf("pivot root error: %v", err) 70 | } 71 | 72 | defaultMountFlags := syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NODEV 73 | err = syscall.Mount("proc", "/proc", "proc", uintptr(defaultMountFlags), "") 74 | if err != nil { 75 | return fmt.Errorf("mount proc error: %v", err) 76 | } 77 | 78 | err = syscall.Mount("tmpfs", "/dev", "tmpfs", syscall.MS_NOSUID|syscall.MS_STRICTATIME, "mode=755") 79 | if err != nil { 80 | return fmt.Errorf("mount tmpfs error: %v", err) 81 | } 82 | 83 | return nil 84 | 85 | } 86 | 87 | func pivotRoot(root string) error { 88 | // systemd 加入linux之后, mount namespace 就变成 shared by default, 必须显式声明新的mount namespace独立。 89 | err := syscall.Mount("", "/", "", syscall.MS_PRIVATE|syscall.MS_REC, "") 90 | if err != nil { 91 | return err 92 | } 93 | // 重新mount root 94 | // bind mount:将相同内容换挂载点 95 | if err := syscall.Mount(root, root, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil { 96 | return fmt.Errorf("mount rootfs to itself error: %v", err) 97 | } 98 | 99 | // 创建 rootfs/.pivot_root 存储 old_root 100 | pivotDir := filepath.Join(root, ".pivot_root") 101 | if err := os.Mkdir(pivotDir, 0777); err != nil { 102 | return err 103 | } 104 | 105 | // pivot_root 到新的rootfs, 老的 old_root挂载在rootfs/.pivot_root 106 | // 挂载点现在依然可以在mount命令中看到 107 | if err := syscall.PivotRoot(root, pivotDir); err != nil { 108 | return fmt.Errorf("pivot_root error: %v", err) 109 | } 110 | 111 | // 修改当前的工作目录到根目录 112 | if err := syscall.Chdir("/"); err != nil { 113 | return fmt.Errorf("chdir error: %v", err) 114 | } 115 | 116 | pivotDir = filepath.Join("/", ".pivot_root") 117 | 118 | if err := syscall.Unmount(pivotDir, syscall.MNT_DETACH); err != nil { 119 | return fmt.Errorf("unmount pivot_root dir error: %v", err) 120 | } 121 | 122 | // 删除临时文件夹 123 | return os.Remove(pivotDir) 124 | } 125 | -------------------------------------------------------------------------------- /container/util.go: -------------------------------------------------------------------------------- 1 | package container 2 | 3 | import ( 4 | "fmt" 5 | "math/rand" 6 | "time" 7 | ) 8 | 9 | const letterBytes = "1234567890" 10 | 11 | func randStringBytes(n int) string { 12 | rand.Seed(time.Now().UnixNano()) 13 | b := make([]byte, n) 14 | for i := range b { 15 | b[i] = letterBytes[rand.Intn(len(letterBytes))] 16 | } 17 | 18 | return string(b) 19 | } 20 | 21 | func getContainerConfigFilePath(containerID string) string { 22 | dirUrl := fmt.Sprintf(DefaultInfoLocation, containerID) 23 | configFilePath := dirUrl + ConfigName 24 | 25 | return configFilePath 26 | } 27 | -------------------------------------------------------------------------------- /document/picture/diy-docker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ForeverSRC/MyDocker/769a0be115d6b890e7523f4acd3f7c6756126147/document/picture/diy-docker.png -------------------------------------------------------------------------------- /document/picture/docker-container-cloud.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ForeverSRC/MyDocker/769a0be115d6b890e7523f4acd3f7c6756126147/document/picture/docker-container-cloud.png -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/ForeverSRC/MyDocker 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/go-basic/uuid v1.0.0 7 | github.com/sirupsen/logrus v1.8.1 8 | github.com/urfave/cli v1.22.5 9 | github.com/vishvananda/netlink v1.1.0 10 | github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 11 | ) 12 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 2 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY= 3 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 4 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 5 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 6 | github.com/go-basic/uuid v1.0.0 h1:Faqtetcr8uwOzR2qp8RSpkahQiv4+BnJhrpuXPOo63M= 7 | github.com/go-basic/uuid v1.0.0/go.mod h1:yVtVnsXcmaLc9F4Zw7hTV7R0+vtuQw00mdXi+F6tqco= 8 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 9 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 10 | github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= 11 | github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 12 | github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= 13 | github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= 14 | github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= 15 | github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= 16 | github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= 17 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 18 | github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU= 19 | github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= 20 | github.com/vishvananda/netlink v1.1.0 h1:1iyaYNBLmP6L0220aDnYQpo1QEV4t4hJ+xEEhhJH8j0= 21 | github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= 22 | github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= 23 | github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg= 24 | github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= 25 | golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 26 | golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 27 | golang.org/x/sys v0.0.0-20200217220822-9197077df867 h1:JoRuNIf+rpHl+VhScRQQvzbHed86tKkqwPMV34T8myw= 28 | golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 29 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 30 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 31 | -------------------------------------------------------------------------------- /image/image.go: -------------------------------------------------------------------------------- 1 | package image 2 | 3 | type ImageConfig struct { 4 | Repository string `json:"repository"` 5 | Os string `json:"os"` 6 | Arch string `json:"arch"` 7 | Tag string `json:"tag"` 8 | Layers []string `json:"layers"` 9 | } 10 | 11 | type ImageRepositories struct { 12 | Repositories map[string]map[string]string `json:"repositories"` 13 | } 14 | 15 | const ImageRepositoriesPath = "/root/my-docker/image/aufs/repositories.json" 16 | 17 | const ImageRootPath = "/root/my-docker/image/aufs/imagedb/content/sha256/" 18 | 19 | const ImageConfigFileName = "config.json" 20 | -------------------------------------------------------------------------------- /image/image_manage.go: -------------------------------------------------------------------------------- 1 | package image 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "io/ioutil" 7 | "os" 8 | "strings" 9 | 10 | log "github.com/sirupsen/logrus" 11 | ) 12 | 13 | func GetImageLayers(imageID string) ([]string, error) { 14 | imgID := strings.Split(imageID, ":") 15 | 16 | imageConfigDir := ImageRootPath + imgID[1] + "/config.json" 17 | content, err := ioutil.ReadFile(imageConfigDir) 18 | if err != nil { 19 | return nil, fmt.Errorf("get image %s config file error: %v", imageID, err) 20 | } 21 | 22 | var imageConfig ImageConfig 23 | if err := json.Unmarshal(content, &imageConfig); err != nil { 24 | 25 | return nil, fmt.Errorf("unmarshal image %s config info error: %v", imageID, err) 26 | } 27 | 28 | return imageConfig.Layers, nil 29 | 30 | } 31 | 32 | func GetImageID(image string) (string, error) { 33 | imgRepo, err := getRepositories() 34 | if err != nil { 35 | log.Errorf("get image repositories info error: %v", err) 36 | return "", err 37 | } 38 | 39 | info := getImageRepoNameAndTag(image) 40 | name := info[0] 41 | 42 | imageRepo, ok := imgRepo.Repositories[name] 43 | if !ok { 44 | err = fmt.Errorf("image %s not exist", name) 45 | return "", err 46 | } 47 | 48 | imageID, ok := imageRepo[image] 49 | if !ok { 50 | err = fmt.Errorf("image ID of %s not exist", image) 51 | return "", err 52 | } 53 | 54 | return imageID, nil 55 | } 56 | 57 | func getRepositories() (*ImageRepositories, error) { 58 | content, err := ioutil.ReadFile(ImageRepositoriesPath) 59 | if err != nil { 60 | return nil, err 61 | } 62 | 63 | var imageRepo ImageRepositories 64 | err = json.Unmarshal(content, &imageRepo) 65 | 66 | return &imageRepo, err 67 | } 68 | 69 | func getImageRepoNameAndTag(image string) []string { 70 | return strings.Split(image, ":") 71 | } 72 | 73 | func CommitNewImage(repo string, tag string, imageID string, config string) error { 74 | dirUrl := ImageRootPath + imageID + "/" 75 | if err := os.Mkdir(dirUrl, 0622); err != nil { 76 | return err 77 | } 78 | 79 | configFileName := dirUrl + ImageConfigFileName 80 | 81 | file, err := os.Create(configFileName) 82 | defer file.Close() 83 | if err != nil { 84 | return err 85 | } 86 | 87 | if _, err := file.WriteString(config); err != nil { 88 | return err 89 | } 90 | 91 | return updateRepositories(repo, tag, imageID) 92 | 93 | } 94 | 95 | func updateRepositories(repo string, tag string, imageID string) error { 96 | repositories, err := getRepositories() 97 | if err != nil { 98 | return err 99 | } 100 | 101 | repoInfo, ok := repositories.Repositories[repo] 102 | if ok { 103 | repoInfo[repo+":"+tag] = "sha256:" + imageID 104 | } else { 105 | tmpMap := make(map[string]string) 106 | tmpMap[repo+":"+tag] = "sha256:" + imageID 107 | repositories.Repositories[repo] = tmpMap 108 | } 109 | 110 | reposJsonByte, err := json.Marshal(repositories) 111 | if err != nil { 112 | return fmt.Errorf("marshal repositories json error: %v", err) 113 | } 114 | 115 | err = ioutil.WriteFile(ImageRepositoriesPath, reposJsonByte, 0766) 116 | if err != nil { 117 | return fmt.Errorf("write to %s error: %v", err) 118 | } 119 | 120 | return nil 121 | } 122 | 123 | func ListImages() []string { 124 | imgRepo, err := getRepositories() 125 | if err != nil { 126 | log.Errorf("get image repositories info error: %v", err) 127 | return nil 128 | } 129 | 130 | infos := make([]string, 0) 131 | for repo, imgs := range imgRepo.Repositories { 132 | for img, id := range imgs { 133 | info := fmt.Sprintf("%s\t%s\t%s\n", 134 | repo, 135 | getImageRepoNameAndTag(img)[1], 136 | strings.Split(id, ":")[1][:12]) 137 | infos = append(infos, info) 138 | } 139 | 140 | } 141 | 142 | return infos 143 | 144 | } 145 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "os" 5 | 6 | "github.com/ForeverSRC/MyDocker/commands" 7 | log "github.com/sirupsen/logrus" 8 | "github.com/urfave/cli" 9 | ) 10 | 11 | const usage = `a simple container runtime implementation. Just for fun.` 12 | 13 | func main() { 14 | app := cli.NewApp() 15 | app.Name = "my-docker" 16 | app.Usage = usage 17 | 18 | app.Commands = commands.AllCommands 19 | 20 | app.Before = func(context *cli.Context) error { 21 | log.SetReportCaller(true) 22 | log.SetFormatter(&log.JSONFormatter{}) 23 | log.SetOutput(os.Stdout) 24 | 25 | return nil 26 | } 27 | 28 | if err := app.Run(os.Args); err != nil { 29 | log.Fatal(err) 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /my-docker: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ForeverSRC/MyDocker/769a0be115d6b890e7523f4acd3f7c6756126147/my-docker -------------------------------------------------------------------------------- /my-docker.tar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ForeverSRC/MyDocker/769a0be115d6b890e7523f4acd3f7c6756126147/my-docker.tar -------------------------------------------------------------------------------- /network/bridge.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "fmt" 5 | "net" 6 | "os/exec" 7 | "strings" 8 | 9 | log "github.com/sirupsen/logrus" 10 | "github.com/vishvananda/netlink" 11 | ) 12 | 13 | type BridgeNetworkDriver struct { 14 | } 15 | 16 | func (b *BridgeNetworkDriver) Name() string { 17 | return "bridge" 18 | } 19 | 20 | func (b *BridgeNetworkDriver) Create(subnet string, gatewayIP string, name string) (*Network, error) { 21 | n := &Network{ 22 | Name: name, 23 | Driver: b.Name(), 24 | Subnet: subnet, 25 | Gateway: gatewayIP, 26 | } 27 | 28 | err := b.initBridge(n) 29 | if err != nil { 30 | log.Errorf("error init bridge: %v", err) 31 | } 32 | 33 | return n, err 34 | } 35 | 36 | func (b *BridgeNetworkDriver) Recover(n *Network) { 37 | _ = b.initBridge(n) 38 | } 39 | 40 | func (b *BridgeNetworkDriver) Delete(network *Network) error { 41 | bridgeName := network.Name 42 | br, err := netlink.LinkByName(bridgeName) 43 | if err != nil { 44 | return err 45 | } 46 | 47 | return netlink.LinkDel(br) 48 | } 49 | 50 | func (b *BridgeNetworkDriver) Connect(network *Network, endpoint *Endpoint) error { 51 | bridgeName := network.Name 52 | br, err := netlink.LinkByName(bridgeName) 53 | if err != nil { 54 | return err 55 | } 56 | 57 | la := netlink.NewLinkAttrs() 58 | la.Name = "veth" + endpoint.ID[:5] 59 | 60 | // 设置veth的一端挂载到网络对应的Linux Bridge上 61 | la.MasterIndex = br.Attrs().Index 62 | endpoint.Device = netlink.Veth{ 63 | LinkAttrs: la, 64 | PeerName: "cif-" + endpoint.ID[:5], 65 | } 66 | 67 | if err = netlink.LinkAdd(&endpoint.Device); err != nil { 68 | return fmt.Errorf("error add endpoint device: %v", err) 69 | } 70 | 71 | // bash: ip link set xxx up 72 | if err = netlink.LinkSetUp(&endpoint.Device); err != nil { 73 | return fmt.Errorf("error set endpoint device up: %v", err) 74 | } 75 | 76 | return nil 77 | 78 | } 79 | 80 | func (b *BridgeNetworkDriver) DisConnect(network *Network, endpoint *Endpoint) error { 81 | return nil 82 | } 83 | 84 | func (b *BridgeNetworkDriver) initBridge(n *Network) error { 85 | //1.创建bridge虚拟设备 86 | bridgeName := n.Name 87 | if err := createBridgeInterface(bridgeName); err != nil { 88 | return fmt.Errorf("error add bridge %s, error: %v", bridgeName, err) 89 | } 90 | 91 | //2.设置bridge设备的路由和地址 92 | if err := setInterfaceIP(bridgeName, n.getIPNet()); err != nil { 93 | return fmt.Errorf("error assigning address %s on bridge %s with an error of: %v", n.Subnet, bridgeName, err) 94 | } 95 | 96 | //3.启动bridge设备 97 | if err := setInterfaceUP(bridgeName); err != nil { 98 | return fmt.Errorf("error set bridge %s up, error: %v", bridgeName, err) 99 | } 100 | 101 | //4.设置iptables的SNAT规则 102 | if err := setupIpTables(bridgeName, n.Subnet); err != nil { 103 | return fmt.Errorf("error setting iptables for %s, error: %v", bridgeName, err) 104 | } 105 | 106 | return nil 107 | } 108 | 109 | // createBridgeInterface 创建linux Bridge设备 110 | func createBridgeInterface(bridgeName string) error { 111 | 112 | iface, err := net.InterfaceByName(bridgeName) 113 | // err==nil 说明找到了对应的interface 114 | interfaceExist := err == nil 115 | if interfaceExist { 116 | if iface.Flags&net.FlagUp > 0 { 117 | return fmt.Errorf("interface exists and is up") 118 | } 119 | // 如果错误是 "no such network interface",说明没有,接下来要创建,如果不是这个,说明是其他错误,需要返回 120 | } else if !strings.Contains(err.Error(), "no such network interface") { 121 | return err 122 | } 123 | 124 | la := netlink.NewLinkAttrs() 125 | la.Name = bridgeName 126 | 127 | br := &netlink.Bridge{ 128 | LinkAttrs: la, 129 | } 130 | 131 | // 添加bridge网络设备 132 | if err = netlink.LinkAdd(br); err != nil { 133 | return fmt.Errorf("bridge creation failed for bridge %s: %v", bridgeName, err) 134 | } 135 | 136 | return nil 137 | } 138 | 139 | // setInterfaceIP 设置一个网络接口的IP地址 140 | func setInterfaceIP(name string, ipNet *net.IPNet) error { 141 | iface, err := netlink.LinkByName(name) 142 | if err != nil { 143 | return fmt.Errorf("error get interface: %v", err) 144 | } 145 | 146 | addr := &netlink.Addr{ 147 | IPNet: ipNet, 148 | Label: "", 149 | Flags: 0, 150 | Scope: 0, 151 | } 152 | 153 | // bash: ip addr add xxx 154 | return netlink.AddrAdd(iface, addr) 155 | } 156 | 157 | // setInterfaceUP 设置网络借口状态为UP 158 | func setInterfaceUP(interfaceName string) error { 159 | iface, err := netlink.LinkByName(interfaceName) 160 | 161 | if err != nil { 162 | return fmt.Errorf("error retrieving a link named [%s]: %v", iface.Attrs().Name, err) 163 | } 164 | 165 | // 启用网络设备 166 | // bash: ip link set xxx up 167 | if err = netlink.LinkSetUp(iface); err != nil { 168 | return fmt.Errorf("error enableing interface for %s: %v", interfaceName, err) 169 | } 170 | 171 | return nil 172 | } 173 | 174 | // setupIpTables 设置iptables对应bridge的MASQUERADE规则 175 | func setupIpTables(bridgeName string, subnet string) error { 176 | // bash: iptables -t nat -A POSTROUTING -s ! -o -j MASQUERADE 177 | iptablesCmd := fmt.Sprintf("-t nat -A POSTROUTING -s %s ! -o %s -j MASQUERADE", subnet, bridgeName) 178 | cmd := exec.Command("iptables", strings.Split(iptablesCmd, " ")...) 179 | output, err := cmd.Output() 180 | if err != nil { 181 | log.Errorf("iptables output: %v", output) 182 | } 183 | 184 | return nil 185 | } 186 | -------------------------------------------------------------------------------- /network/driver.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | type NetworkDriver interface { 4 | Name() string 5 | Create(subnet string, gatewayIP string, name string) (*Network, error) 6 | Recover(network *Network) 7 | Delete(network *Network) error 8 | Connect(network *Network, endpoint *Endpoint) error 9 | DisConnect(network *Network, endpoint *Endpoint) error 10 | } 11 | -------------------------------------------------------------------------------- /network/init.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "io/fs" 5 | "os" 6 | "path" 7 | "path/filepath" 8 | 9 | log "github.com/sirupsen/logrus" 10 | ) 11 | 12 | var ( 13 | drivers = map[string]NetworkDriver{} 14 | networks = map[string]*Network{} 15 | ) 16 | 17 | const defaultNetworkPath = "/root/my-docker/network/network/" 18 | 19 | func Init() error { 20 | var bridgeDriver = BridgeNetworkDriver{} 21 | drivers[bridgeDriver.Name()] = &bridgeDriver 22 | 23 | if _, err := os.Stat(defaultNetworkPath); err != nil { 24 | if os.IsNotExist(err) { 25 | err = os.MkdirAll(defaultNetworkPath, 0644) 26 | if err != nil { 27 | return err 28 | } 29 | } else { 30 | return err 31 | } 32 | } 33 | 34 | err := filepath.Walk(defaultNetworkPath, func(nwPath string, info fs.FileInfo, err error) error { 35 | if info.IsDir() { 36 | return nil 37 | } 38 | 39 | _, nwName := path.Split(nwPath) 40 | nw := &Network{ 41 | Name: nwName, 42 | } 43 | 44 | if err := nw.load(nwPath); err != nil { 45 | log.Errorf("error load network: %v", err) 46 | return err 47 | } 48 | 49 | networks[nwName] = nw 50 | drivers[nw.Driver].Recover(nw) 51 | return nil 52 | }) 53 | 54 | return err 55 | } 56 | -------------------------------------------------------------------------------- /network/ipam.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "net" 7 | "os" 8 | "path" 9 | "strings" 10 | 11 | log "github.com/sirupsen/logrus" 12 | ) 13 | 14 | const ipamDefaultAllocatorPath = "/root/my-docker/network/ipam/subnet.json" 15 | 16 | type IPAM struct { 17 | SubnetAllocatorPath string 18 | Subnets *map[string]string 19 | } 20 | 21 | var ipAllocator = &IPAM{ 22 | SubnetAllocatorPath: ipamDefaultAllocatorPath, 23 | } 24 | 25 | func (ipam *IPAM) load() error { 26 | if _, err := os.Stat(ipam.SubnetAllocatorPath); err != nil { 27 | if os.IsNotExist(err) { 28 | return nil 29 | } else { 30 | return err 31 | } 32 | } 33 | 34 | subnetConfigFile, err := os.Open(ipam.SubnetAllocatorPath) 35 | defer subnetConfigFile.Close() 36 | if err != nil { 37 | return err 38 | } 39 | 40 | subnetJson := make([]byte, 2000) 41 | n, err := subnetConfigFile.Read(subnetJson) 42 | if err != nil { 43 | return err 44 | } 45 | 46 | err = json.Unmarshal(subnetJson[:n], ipam.Subnets) 47 | if err != nil { 48 | return err 49 | } 50 | return nil 51 | 52 | } 53 | 54 | func (ipam *IPAM) dump() error { 55 | ipamConfigFileDir, _ := path.Split(ipam.SubnetAllocatorPath) 56 | if _, err := os.Stat(ipamConfigFileDir); err != nil { 57 | if os.IsNotExist(err) { 58 | if err = os.MkdirAll(ipamConfigFileDir, 0644); err != nil { 59 | return err 60 | } 61 | } else { 62 | return err 63 | } 64 | } 65 | 66 | subnetConfigFile, err := os.OpenFile(ipam.SubnetAllocatorPath, os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0644) 67 | defer subnetConfigFile.Close() 68 | if err != nil { 69 | return err 70 | } 71 | 72 | ipamConfigJson, err := json.Marshal(ipam.Subnets) 73 | if err != nil { 74 | return err 75 | } 76 | 77 | _, err = subnetConfigFile.Write(ipamConfigJson) 78 | if err != nil { 79 | return err 80 | } 81 | 82 | return nil 83 | } 84 | 85 | func (ipam *IPAM) CreateSubnet(subnet *net.IPNet) (net.IP, error) { 86 | ipam.Subnets = &map[string]string{} 87 | err := ipam.load() 88 | if err != nil { 89 | log.Errorf("error load allocation info: %v", err) 90 | return nil, err 91 | } 92 | 93 | ones, size := subnet.Mask.Size() 94 | subnetStr := subnet.String() 95 | 96 | _, exist := (*ipam.Subnets)[subnetStr] 97 | if exist { 98 | return nil, fmt.Errorf("pool overlaps with other one on this address space: %s", subnetStr) 99 | } 100 | 101 | // 如果之前没有分配过指定网段,则初始化网段的分配配置 102 | // 用 0 填满网段配置,1<>24),uint8(65555>>16),uint8(65555>>8),uint8(65555>>0)] 154 | // 结果为[0,1,0,19] 则偏移后的ip为[172,17,0,19] 155 | ip, _, _ = net.ParseCIDR(subnet) 156 | ip = ip.To4() 157 | for t := uint(4); t > 0; t -= 1 { 158 | ip[4-t] += uint8(idx >> ((t - 1) * 8)) 159 | } 160 | 161 | // 计算下一个可用的ip 162 | 163 | ip[3] += uint8(1) 164 | 165 | ipalloc := []byte((*ipam.Subnets)[subnet]) 166 | ipalloc[idx] = '1' 167 | (*ipam.Subnets)[subnet] = string(ipalloc) 168 | break 169 | } 170 | } 171 | 172 | if ip == nil { 173 | return nil, fmt.Errorf("no available ip for subnet %s", subnet) 174 | } 175 | 176 | return ip, nil 177 | } 178 | 179 | func (ipam *IPAM) Release(subnet *net.IPNet, ipAddr *net.IP) error { 180 | ipam.Subnets = &map[string]string{} 181 | err := ipam.load() 182 | if err != nil { 183 | log.Errorf("error load allocation info %v", err) 184 | return err 185 | } 186 | 187 | c := 0 188 | // 4字节表示方式 189 | releaseIP := ipAddr.To4() 190 | releaseIP[3] -= 1 191 | for t := uint(4); t > 0; t -= 1 { 192 | c += int(releaseIP[t-1]-subnet.IP[t-1]) << ((4 - t) * 8) 193 | } 194 | 195 | ipalloc := []byte((*ipam.Subnets)[subnet.String()]) 196 | ipalloc[c] = '0' 197 | (*ipam.Subnets)[subnet.String()] = string(ipalloc) 198 | 199 | err = ipam.dump() 200 | if err != nil { 201 | log.Errorf("error dump allocation info: %v", err) 202 | return err 203 | } 204 | 205 | return nil 206 | } 207 | 208 | func (ipam *IPAM) Delete(subnetStr string) error { 209 | ipam.Subnets = &map[string]string{} 210 | err := ipam.load() 211 | if err != nil { 212 | log.Errorf("error load allocation info: %v", err) 213 | return err 214 | } 215 | 216 | // 检查是否存在除网关外仍在使用的ip,如果存在,不允许释放 217 | ipalloc := []byte((*ipam.Subnets)[subnetStr]) 218 | for i := 1; i < len(ipalloc); i++ { 219 | if ipalloc[i] == '1' { 220 | return fmt.Errorf("exist used ip addr in subnet %s", subnetStr) 221 | } 222 | } 223 | 224 | delete(*ipam.Subnets, subnetStr) 225 | 226 | err = ipam.dump() 227 | if err != nil { 228 | log.Errorf("error dump allocation info: %v", err) 229 | return err 230 | } 231 | 232 | return nil 233 | 234 | } 235 | -------------------------------------------------------------------------------- /network/network.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "encoding/json" 5 | "io/ioutil" 6 | "net" 7 | "os" 8 | "path" 9 | 10 | log "github.com/sirupsen/logrus" 11 | "github.com/vishvananda/netlink" 12 | ) 13 | 14 | type Network struct { 15 | Name string 16 | Driver string 17 | Subnet string 18 | Gateway string 19 | } 20 | 21 | type Endpoint struct { 22 | ID string `json:"id"` 23 | Device netlink.Veth `json:"dev"` 24 | IPAddress net.IP `json:"ip"` 25 | MacAddress net.HardwareAddr `json:"mac"` 26 | PortMapping []string `json:"portMapping"` 27 | Network *Network 28 | } 29 | 30 | func (nw *Network) dump(dumpPath string) error { 31 | if _, err := os.Stat(dumpPath); err != nil { 32 | if os.IsNotExist(err) { 33 | err := os.MkdirAll(dumpPath, 0644) 34 | if err != nil { 35 | return err 36 | } 37 | } else { 38 | return err 39 | } 40 | } 41 | 42 | nwPath := path.Join(dumpPath, nw.Name) 43 | nwFile, err := os.OpenFile(nwPath, os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0644) 44 | defer nwFile.Close() 45 | if err != nil { 46 | log.Errorf("open %s error: %v", nwPath, err) 47 | return err 48 | } 49 | 50 | nwJson, err := json.Marshal(nw) 51 | if err != nil { 52 | return err 53 | } 54 | 55 | _, err = nwFile.Write(nwJson) 56 | if err != nil { 57 | return err 58 | } 59 | 60 | return nil 61 | } 62 | 63 | func (nw *Network) load(dumpPath string) error { 64 | nwJson, err := ioutil.ReadFile(dumpPath) 65 | if err != nil { 66 | return err 67 | } 68 | 69 | err = json.Unmarshal(nwJson, nw) 70 | if err != nil { 71 | log.Errorf("error load nw info: %v", err) 72 | return err 73 | } 74 | 75 | return nil 76 | } 77 | 78 | func (nw *Network) remove(dumpPath string) error { 79 | nwPath := path.Join(dumpPath, nw.Name) 80 | if _, err := os.Stat(nwPath); err != nil { 81 | if os.IsNotExist(err) { 82 | return nil 83 | } else { 84 | return err 85 | } 86 | } else { 87 | return os.Remove(nwPath) 88 | } 89 | 90 | } 91 | 92 | func (nw *Network) getIPNet() *net.IPNet { 93 | _, cider, _ := net.ParseCIDR(nw.Subnet) 94 | cider.IP = net.ParseIP(nw.Gateway) 95 | return cider 96 | } 97 | -------------------------------------------------------------------------------- /network/network_process.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | import ( 4 | "fmt" 5 | "net" 6 | "os" 7 | "os/exec" 8 | "runtime" 9 | "strings" 10 | 11 | "github.com/ForeverSRC/MyDocker/container" 12 | log "github.com/sirupsen/logrus" 13 | "github.com/vishvananda/netlink" 14 | "github.com/vishvananda/netns" 15 | ) 16 | 17 | func CreateNetwork(driver, subnet, name string) error { 18 | _, exist := networks[name] 19 | if exist { 20 | return fmt.Errorf("network with name %s already exists", name) 21 | } 22 | 23 | // 将网段字符串转换为net.IPNet 24 | _, cider, _ := net.ParseCIDR(subnet) 25 | 26 | gatewayIp, err := ipAllocator.CreateSubnet(cider) 27 | if err != nil { 28 | return err 29 | } 30 | 31 | nw, err := drivers[driver].Create(subnet, gatewayIp.To4().String(), name) 32 | 33 | if err != nil { 34 | return err 35 | } 36 | 37 | return nw.dump(defaultNetworkPath) 38 | } 39 | 40 | func Connect(networkName string, cinfo *container.ContainerInfo) (net.IP, error) { 41 | network, ok := networks[networkName] 42 | if !ok { 43 | return nil, fmt.Errorf("not such network %s", networkName) 44 | } 45 | 46 | ip, err := ipAllocator.Allocate(network.Subnet) 47 | if err != nil { 48 | return nil, err 49 | } 50 | 51 | ep := &Endpoint{ 52 | ID: fmt.Sprintf("%s-%s", cinfo.Id, networkName), 53 | IPAddress: ip, 54 | Network: network, 55 | PortMapping: cinfo.PortMapping, 56 | } 57 | 58 | if err = drivers[network.Driver].Connect(network, ep); err != nil { 59 | return nil, err 60 | } 61 | 62 | if err = configEndpointIpAddrAndRoute(ep, cinfo.Pid); err != nil { 63 | return nil, err 64 | } 65 | 66 | if err = configPortMapping(ep); err != nil { 67 | return nil, err 68 | } 69 | 70 | return ip, nil 71 | 72 | } 73 | 74 | func ReleaseIp(network, ipAddr string) { 75 | nw, ok := networks[network] 76 | if !ok { 77 | log.Errorf("network %s is not exist", network) 78 | return 79 | } 80 | 81 | _, subnet, _ := net.ParseCIDR(nw.Subnet) 82 | ip := net.ParseIP(ipAddr) 83 | 84 | if err := ipAllocator.Release(subnet, &ip); err != nil { 85 | log.Errorf("release ip address %s error: %v", ipAddr, err) 86 | } 87 | } 88 | 89 | func configEndpointIpAddrAndRoute(ep *Endpoint, pid string) error { 90 | vethPeerName := ep.Device.PeerName 91 | peerLink, err := netlink.LinkByName(vethPeerName) 92 | if err != nil { 93 | return fmt.Errorf("fail config endpoint: %v", err) 94 | } 95 | 96 | // 将容器的网络端点加入到容器的网络空间中 97 | // 并使当前函数下面的操作都在此网络空间中进行,当前函数执行完毕后,恢复为默认的网络空间 98 | defer enterContainerNetns(&peerLink, pid)() 99 | 100 | // 获取到容器的IP地址及网段,用于配置容器内部接口地址 101 | interfaceIP := ep.Network.getIPNet() 102 | interfaceIP.IP = ep.IPAddress 103 | 104 | if err = setInterfaceIP(vethPeerName, interfaceIP); err != nil { 105 | return fmt.Errorf("set network %s interface ip [%s] error: %v", ep.Network.Name, interfaceIP.IP.String(), err) 106 | } 107 | 108 | // 启动容器内的veth端点 109 | if err = setInterfaceUP(vethPeerName); err != nil { 110 | return err 111 | } 112 | 113 | // net ns中默认本地地址127.0.0.1的lo网卡默认关闭,需要启动 114 | if err = setInterfaceUP("lo"); err != nil { 115 | return err 116 | } 117 | 118 | // 设置容器内的外部请求都通过容器内的veth端点访问 119 | // 0.0.0.0/0 表示所有的ip地址 120 | 121 | _, cider, _ := net.ParseCIDR("0.0.0.0/0") 122 | 123 | // 构建需要添加的路由数据 124 | // bash: route add -net 0.0.0.0/0 gw {bridge addr} dev {veth in container} 125 | defaultRoute := &netlink.Route{ 126 | LinkIndex: peerLink.Attrs().Index, 127 | Gw: net.ParseIP(ep.Network.Gateway), 128 | Dst: cider, 129 | } 130 | 131 | if err = netlink.RouteAdd(defaultRoute); err != nil { 132 | return err 133 | } 134 | 135 | return nil 136 | 137 | } 138 | 139 | func enterContainerNetns(enLink *netlink.Link, pid string) func() { 140 | // /proc/[pid]/ns/net 打开此文件描述符,即可操作 Net Namespace 141 | f, err := os.OpenFile(fmt.Sprintf("/proc/%s/ns/net", pid), os.O_RDONLY, 0) 142 | if err != nil { 143 | log.Errorf("error get container net namespace, %v", err) 144 | } 145 | 146 | nsFD := f.Fd() 147 | 148 | // 锁定当前程序所执行的线程,如果不锁定操作系统线程 149 | // goroutine可能会被调度到别的线程上,无法保证一直在所需的net namespace中 150 | runtime.LockOSThread() 151 | 152 | // 修改veth的另一端,将其移动到容器进程的net ns中 153 | if err = netlink.LinkSetNsFd(*enLink, int(nsFD)); err != nil { 154 | log.Errorf("error set link netns: %v", err) 155 | } 156 | 157 | origns, err := netns.Get() 158 | if err != nil { 159 | log.Errorf("error get current netns: %v", err) 160 | } 161 | 162 | // setns 163 | if err = netns.Set(netns.NsHandle(nsFD)); err != nil { 164 | log.Errorf("error set netns: %v", err) 165 | } 166 | 167 | return func() { 168 | netns.Set(origns) 169 | origns.Close() 170 | runtime.UnlockOSThread() 171 | f.Close() 172 | } 173 | 174 | } 175 | 176 | func configPortMapping(ep *Endpoint) error { 177 | for _, pm := range ep.PortMapping { 178 | portMapping := strings.Split(pm, ":") 179 | if len(portMapping) != 2 { 180 | log.Errorf("port mapping format error, %v", pm) 181 | continue 182 | } 183 | 184 | iptableCmd := fmt.Sprintf("-t nat -A PREROUTING -p tcp -m tcp --dport %s -j DNAT --to-destination %s:%s", 185 | portMapping[0], ep.IPAddress.String(), portMapping[1]) 186 | cmd := exec.Command("iptables", strings.Split(iptableCmd, " ")...) 187 | output, err := cmd.Output() 188 | if err != nil { 189 | log.Errorf("iptables output %v", output) 190 | continue 191 | } 192 | 193 | } 194 | 195 | return nil 196 | } 197 | 198 | func ListNetwork() []string { 199 | infos := make([]string, len(networks)) 200 | idx := 0 201 | for _, nw := range networks { 202 | infos[idx] = fmt.Sprintf("%s\t%s\t%s\t%s\n", 203 | nw.Name, 204 | nw.Subnet, 205 | nw.Gateway, 206 | nw.Driver, 207 | ) 208 | idx++ 209 | } 210 | 211 | return infos 212 | } 213 | 214 | func DeleteNetwork(networkName string) error { 215 | nw, ok := networks[networkName] 216 | if !ok { 217 | return fmt.Errorf("no such network: %s", networkName) 218 | } 219 | 220 | if err := ipAllocator.Delete(nw.Subnet); err != nil { 221 | return fmt.Errorf("error remove network driver: %v", err) 222 | } 223 | 224 | if err := drivers[nw.Driver].Delete(nw); err != nil { 225 | return fmt.Errorf("error remove network driver %s error: %v", nw.Driver, err) 226 | } 227 | 228 | return nw.remove(defaultNetworkPath) 229 | } 230 | -------------------------------------------------------------------------------- /nsenter/nsenter.go: -------------------------------------------------------------------------------- 1 | package nsenter 2 | 3 | /* 4 | #define _GNU_SOURCE 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | __attribute__((constructor)) void enter_namespace(void){ 14 | char* my_docker_pid; 15 | my_docker_pid=getenv("my_docker_pid"); 16 | 17 | if(my_docker_pid){ 18 | //fprintf(stdout, "got my_docker_pid=%s\n",my_docker_pid); 19 | }else{ 20 | //fprintf(stdout, "missing my_docker_pid env, skip nsenter\n",my_docker_pid); 21 | return; 22 | } 23 | 24 | char *my_docker_cmd; 25 | my_docker_cmd=getenv("my_docker_cmd"); 26 | if(my_docker_cmd){ 27 | //fprintf(stdout, "got my_docker_cmd=%s\n",my_docker_pid); 28 | }else{ 29 | //fprintf(stdout, "missing my_docker_cmd env, skip nsenter\n",my_docker_pid); 30 | return; 31 | } 32 | 33 | int i; 34 | char nspath[1024]; 35 | 36 | char *namespaces[]={"ipc","uts","net","pid","mnt"}; 37 | 38 | for(i=0;i<5;i++){ 39 | // e.g. /proc/pid/ns/ipc 40 | sprintf(nspath,"/proc/%s/ns/%s",my_docker_pid,namespaces[i]); 41 | int fd=open(nspath,O_RDONLY); 42 | 43 | if(setns(fd,0)==-1){ 44 | fprintf(stderr, "setns on %s namespace failed: %s\n",namespaces[i], strerror(errno)); 45 | } 46 | 47 | close(fd); 48 | } 49 | 50 | int res=system(my_docker_cmd); 51 | exit(0); 52 | return; 53 | 54 | 55 | } 56 | */ 57 | import "C" 58 | -------------------------------------------------------------------------------- /utils/utils.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "syscall" 7 | "text/tabwriter" 8 | 9 | log "github.com/sirupsen/logrus" 10 | ) 11 | 12 | func ProcessExist(containerPid int) bool { 13 | if err := syscall.Kill(containerPid, 0); err != nil { 14 | return false 15 | } 16 | 17 | return true 18 | } 19 | 20 | func PrintInfoTable(title string, infos []string) { 21 | w := tabwriter.NewWriter(os.Stdout, 12, 1, 3, ' ', 0) 22 | fmt.Fprint(w, title) 23 | for _, item := range infos { 24 | fmt.Fprint(w, item) 25 | } 26 | 27 | if err := w.Flush(); err != nil { 28 | log.Errorf("flush error: %v", err) 29 | } 30 | } 31 | --------------------------------------------------------------------------------