add sandbox process operation relay API support#259
add sandbox process operation relay API support#259amshinde merged 5 commits intokata-containers:masterfrom
Conversation
|
Just adding do-not-merge for now, since we need to get #252 in first. |
Codecov Report
@@ Coverage Diff @@
## master #259 +/- ##
=========================================
Coverage ? 65.26%
=========================================
Files ? 76
Lines ? 8185
Branches ? 0
=========================================
Hits ? 5342
Misses ? 2269
Partials ? 574
Continue to review full report at Codecov.
|
|
#252 got merged, please rebase. |
9b4d63e to
057b2cc
Compare
|
PR rebased. PTAL. |
It waits a process inside the container of a sandbox. Signed-off-by: Peng Tao <bergwolf@gmail.com>
It sends the signal to a process of a container, or all processes inside a container. Signed-off-by: Peng Tao <bergwolf@gmail.com>
It sends tty resize request to the agent to resize a process's tty window. Signed-off-by: Peng Tao <bergwolf@gmail.com>
It returns stdin, stdout and stderr stream of the specified process in the container. Fixes: kata-containers#258 Signed-off-by: Peng Tao <bergwolf@gmail.com>
virtcontainers/hyperstart_agent.go
Outdated
| } | ||
|
|
||
| func (h *hyper) waitProcess(c *Container, processID string) (int32, error) { | ||
| // cc-agent does not support wait process |
virtcontainers/hyperstart_agent.go
Outdated
| } | ||
|
|
||
| func (h *hyper) readProcessStderr(c *Container, processID string, data []byte) (int, error) { | ||
| // cc-agent does not support stderr read request |
There was a problem hiding this comment.
s/cc-agent/hyperstart-agent?
same for all the other comments above...
| if err := waitForShim(c.process.Pid); err != nil { | ||
| // Force the container to be killed. | ||
| if err := c.sandbox.agent.killContainer(c.sandbox, *c, syscall.SIGKILL, true); err != nil { | ||
| if err := c.kill(syscall.SIGKILL, true); err != nil { |
There was a problem hiding this comment.
Why not just call into c.signalProcess here. c.kill api is not really required.
There was a problem hiding this comment.
It's a helper function for cases like this when we want to send signals to the container process itself. And it hides the detail that we use c.process.Token as process ID of the container process, useful because it's also called by KillContainer() in api.go.
amshinde
left a comment
There was a problem hiding this comment.
I have just one comment here, overall looks good to me.
As @egernst pointed out, it should be hyperstart_agent instead of cc-agent. Signed-off-by: Peng Tao <bergwolf@gmail.com>
|
@amshinde - PTAL at the update and merge if you're okay with the explanation provided? |
| ) | ||
|
|
||
| type iostream struct { | ||
| sandbox *Sandbox |
There was a problem hiding this comment.
I think an iostream is only bounded to a container, so we don't need the sandbox here, and sandbox can be fetched from container.sandbox if needed.
We have lots of redundant struct fields in many places, maybe we can rework them later.
|
LGTM |
1 similar comment
|
LGTM |
I found your comment has been resolved (reasonable answered, actually, IMO)
If new vCPUs have been added, container cpuset cgroup *parents* MUST BE updated, doesn't matter if the container already have a cgroup defined. Updating cpuset cgroup *parents* won't affect to the container cpuset cgroup. fixes kata-containers#259 Signed-off-by: Julio Montes <julio.montes@intel.com>
As described in the API design, we need to support
sandbox.WaitProcess(),sandbox.WinsizeProcess(),sandbox.SignalProcess()andsandbox.IOStream()operations.