|
Dobby
3.0
Dobby “Docker based Thingy” is a tool for managing and running OCI containers using crun
|
Class for useful utility methods for plugins such as adding mounts and environment variables. More...
#include <DobbyRdkPluginUtils.h>
Public Member Functions | |
| DobbyRdkPluginUtils (const std::shared_ptr< rt_dobby_schema > &cfg, const std::string &containerId) | |
| DobbyRdkPluginUtils (const std::shared_ptr< rt_dobby_schema > &cfg, const std::shared_ptr< IDobbyStartState > &startState, const std::string &containerId) | |
| DobbyRdkPluginUtils (const std::shared_ptr< rt_dobby_schema > &cfg, const std::shared_ptr< const rt_state_schema > &state, const std::string &containerId) | |
| DobbyRdkPluginUtils (const std::shared_ptr< rt_dobby_schema > &cfg, const std::shared_ptr< const rt_state_schema > &state, const std::shared_ptr< IDobbyStartState > &startState, const std::string &containerId) | |
| template<class Function , class... Args> | |
| bool | callInNamespace (pid_t pid, int nsType, Function &&f, Args &&... args) const |
| Slightly nicer version of callInNamespace, handles the function bind for you automatically. More... | |
| bool | callInNamespaceImpl (pid_t pid, int nsType, const std::function< bool()> &func) const |
| Utility function to run some code in a specific namespace of the container. More... | |
| void | nsThread (int newNsFd, int nsType, bool *success, std::function< bool()> &func) const |
| Thread helper function that implements the setns syscall. More... | |
| pid_t | getContainerPid () const |
| Gets the container pid from the stdin string of a hook. More... | |
| std::string | getContainerId () const |
| Gets the container ID. More... | |
| bool | getContainerNetworkInfo (ContainerNetworkInfo &networkInfo) |
| Gets network info about the container (veth/IP) More... | |
| bool | getTakenVeths (std::vector< std::string > &takenVeths) |
| Gets allocated veth devices. More... | |
| bool | writeTextFile (const std::string &path, const std::string &str, int flags, mode_t mode) const |
| Simply writes a string into a file. More... | |
| std::string | readTextFile (const std::string &path) const |
| Simply reads a file into a string. More... | |
| bool | addMount (const std::string &source, const std::string &target, const std::string &fsType, const std::list< std::string > &mountOptions) const |
| Public api to allow for adding additional mounts to a container's config file. More... | |
| bool | addEnvironmentVar (const std::string &envVar) const |
| Public api to allow for adding additional environment variables. More... | |
| int | addFileDescriptor (const std::string &pluginName, int fd) |
| Adds another file descriptor to be passed into the container. More... | |
| std::list< int > | files () const |
| Gets all file descriptor registered by any client. More... | |
| std::list< int > | files (const std::string &pluginName) const |
| Gets all file descriptor registered by concrete client. More... | |
Static Public Member Functions | |
| static bool | mkdirRecursive (const std::string &path, mode_t mode) |
| Makes a directory and all parent directories as needed. More... | |
Public Attributes | |
| int | exitStatus |
Private Member Functions | |
| std::string | ipAddressToString (const in_addr_t &ipAddress) |
Private Attributes | |
| std::mutex | mLock |
| std::shared_ptr< rt_dobby_schema > | mConf |
| std::shared_ptr< const rt_state_schema > | mState |
| std::shared_ptr< IDobbyStartState > | mStartState |
| const std::string | mContainerId |
Class for useful utility methods for plugins such as adding mounts and environment variables.
| bool DobbyRdkPluginUtils::addEnvironmentVar | ( | const std::string & | envVar | ) | const |
Public api to allow for adding additional environment variables.
This can only obviously be called before the config file is persisted to disk.
| [in] | cfg | Pointer to OCI config struct |
| [in] | envVar | The environment variable to set |
| int DobbyRdkPluginUtils::addFileDescriptor | ( | const std::string & | pluginName, |
| int | fd | ||
| ) |
Adds another file descriptor to be passed into the container.
The number of the file descriptor in the container namespace is returned, unless there was an error in which case a negative value is returned. File descriptors start at 3.
The method dups the supplied file descriptor so it can be closed immmediatly after the call. The file descriptor will be closed after the container is started and handed over.
File descriptors are recorded per client (plugin name).
Lastly to help find issues, this function will log an error and reject the file descriptor if it doesn't have the FD_CLOEXEC bit set.
Please mind that this call should be used only in preCreation hook. That's due to the fact preserve fds list should be initialized before container starts.
| [in] | pluginName | The plugin name for which fd will be recorded |
| [in] | fd | The file descriptor to pass to the container |
| bool DobbyRdkPluginUtils::addMount | ( | const std::string & | source, |
| const std::string & | destination, | ||
| const std::string & | type, | ||
| const std::list< std::string > & | mountOptions | ||
| ) | const |
Public api to allow for adding additional mounts to a container's config file.
This can only obviously be called before the config file is persisted to disk.
| [in] | source | The mount source |
| [in] | destination | The mount destination |
| [in] | type | The file system type of the mount |
| [in] | mountOptions | The mount options (mount(2) data parameter) |
|
inline |
Slightly nicer version of callInNamespace, handles the function bind for you automatically.
You'd typically use this to perform options in the namespace of a container. The pid argument would be the pid of the containered process.
The nsType argument should be one of the following values: CLONE_NEWIPC - run in a IPC namespace CLONE_NEWNET - run in a network namespace CLONE_NEWNS - run in a mount namespace CLONE_NEWPID - run in a PID namespace CLONE_NEWUSER - run in a user namespace CLONE_NEWUTS - run in a UTS namespace
| [in] | pid | The pid owner of the namespace to enter, typically the pid of the process in the container. |
| [in] | nsType | The type of the namespace to enter, see above. |
| [in] | func | The actual function to execute. |
| bool DobbyRdkPluginUtils::callInNamespaceImpl | ( | pid_t | pid, |
| int | nsType, | ||
| const std::function< bool()> & | func | ||
| ) | const |
Utility function to run some code in a specific namespace of the container.
This function uses the setns syscall and therefore it must spawn a thread to run the callback in. However this function blocks until the thread completes, so although it is multi-threaded it's API is blocking, i.e. effectively single threaded.
The nsType argument should be one of the following values: CLONE_NEWIPC - run in a IPC namespace CLONE_NEWNET - run in a network namespace CLONE_NEWNS - run in a mount namespace CLONE_NEWPID - run in a PID namespace CLONE_NEWUSER - run in a user namespace CLONE_NEWUTS - run in a UTS namespace
| [in] | pid | The pid of the process namespace to enter. |
| [in] | nsType | The namespace to run the function in, see above. |
| [in] | func | The function to execute. |
| std::list< int > DobbyRdkPluginUtils::files | ( | ) | const |
Gets all file descriptor registered by any client.
| std::list< int > DobbyRdkPluginUtils::files | ( | const std::string & | pluginName | ) | const |
Gets all file descriptor registered by concrete client.
| [in] | pluginName | RDK plugin name |
| std::string DobbyRdkPluginUtils::getContainerId | ( | ) | const |
Gets the container ID.
| bool DobbyRdkPluginUtils::getContainerNetworkInfo | ( | ContainerNetworkInfo & | networkInfo | ) |
Gets network info about the container (veth/IP)
Designed to allow other plugins to create their own iptables rules once the networking plugin has run.
@params[out] networkInfo struct containing veth/ip address
| pid_t DobbyRdkPluginUtils::getContainerPid | ( | ) | const |
Gets the container pid from the stdin string of a hook.
The stdin needs to be read from within the context of the hook. This function only parses the pid from a string.
| bool DobbyRdkPluginUtils::getTakenVeths | ( | std::vector< std::string > & | takenVeths | ) |
Gets allocated veth devices.
As we are storing veth device names in the files we should be able to tell which veth devices are "taken".
@params[out] takenVeths vector of veth devices that are thaken
|
static |
Makes a directory and all parent directories as needed.
This is equivalent to the 'mkdir -p' command.
All directories created will have access mode set by mode, for this reason the mode should be at least 'rwx---—'.
| [in] | path | The path to the directory to create. |
| [in] | mode | The file access mode to give to all directories created. |
| void DobbyRdkPluginUtils::nsThread | ( | int | newNsFd, |
| int | nsType, | ||
| bool * | success, | ||
| std::function< bool()> & | func | ||
| ) | const |
Thread helper function that implements the setns syscall.
This must be executed as a thread as it calls setns which switches namespaces and you don't really want to do this in the main thread.
| [in] | newNsFd | The file descriptor for the namespace to switch into. |
| [in] | nsType | The type of namespace to switch into i.e. "CLONE_NEWIPC". |
| [out] | success | Return if thread execution of the function was the success. |
| [in] | func | The function to execute in the new namespace. |
| std::string DobbyRdkPluginUtils::readTextFile | ( | const std::string & | path | ) | const |
Simply reads a file into a string.
| [in] | path | The path to file to read from. |
| bool DobbyRdkPluginUtils::writeTextFile | ( | const std::string & | path, |
| const std::string & | str, | ||
| int | flags, | ||
| mode_t | mode | ||
| ) | const |
Simply writes a string into a file.
| [in] | path | The path to file to write to. |
| [in] | str | String to write to the file. |
| [in] | flags | Open flags, these will be OR'd with O_WRONLY and O_CLOEXEC. |
| [in] | mode | The file access mode to set if O_CREAT was specified in flags and the file was created. |
1.9.1