Skip to content

Commit 547bb94

Browse files
jterry75jterry75
committed
Fix ctr run for Windows containers
1. Fixes bugs in ctr run that were introduced by 1d9b969 2. Adds support for the --isolated flag that runs Windows HyperV cotainers instead of process isolated containers on Windows. Signed-off-by: Justin Terry (VM) <[email protected]>
1 parent 7768ab1 commit 547bb94

File tree

4 files changed

+73
-36
lines changed

4 files changed

+73
-36
lines changed

cmd/ctr/commands/run/run.go

+4
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,10 @@ var Command = cli.Command{
106106
Name: "fifo-dir",
107107
Usage: "directory used for storing IO FIFOs",
108108
},
109+
cli.BoolFlag{
110+
Name: "isolated",
111+
Usage: "run the container with vm isolation",
112+
},
109113
}, append(commands.SnapshotterFlags, commands.ContainerFlags...)...),
110114
Action: func(context *cli.Context) error {
111115
var (

cmd/ctr/commands/run/run_windows.go

+58-35
Original file line numberDiff line numberDiff line change
@@ -31,57 +31,80 @@ import (
3131
// NewContainer creates a new container
3232
func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli.Context) (containerd.Container, error) {
3333
var (
34-
ref = context.Args().First()
35-
id = context.Args().Get(1)
36-
args = context.Args()[2:]
37-
)
38-
39-
image, err := client.GetImage(ctx, ref)
40-
if err != nil {
41-
return nil, err
42-
}
43-
44-
var (
34+
id string
4535
opts []oci.SpecOpts
4636
cOpts []containerd.NewContainerOpts
4737
spec containerd.NewContainerOpts
38+
39+
config = context.IsSet("config")
4840
)
4941

50-
if context.IsSet("config") {
42+
if config {
43+
id = context.Args().First()
5144
opts = append(opts, oci.WithSpecFromFile(context.String("config")))
5245
} else {
53-
opts = append(opts, oci.WithDefaultSpec())
54-
}
55-
56-
opts = append(opts, oci.WithImageConfig(image))
57-
opts = append(opts, oci.WithEnv(context.StringSlice("env")))
58-
opts = append(opts, withMounts(context))
59-
if context.Bool("tty") {
60-
opts = append(opts, oci.WithTTY)
46+
var (
47+
ref = context.Args().First()
48+
args = context.Args()[2:]
49+
)
50+
51+
id = context.Args().Get(1)
52+
snapshotter := context.String("snapshotter")
53+
if snapshotter == "windows-lcow" {
54+
opts = append(opts, oci.WithDefaultSpecForPlatform("linux/amd64"))
55+
// Clear the rootfs section.
56+
opts = append(opts, oci.WithRootFSPath(""))
57+
} else {
58+
opts = append(opts, oci.WithDefaultSpec())
59+
}
60+
opts = append(opts, oci.WithEnv(context.StringSlice("env")))
61+
opts = append(opts, withMounts(context))
6162

62-
con := console.Current()
63-
size, err := con.Size()
63+
image, err := client.GetImage(ctx, ref)
6464
if err != nil {
65-
logrus.WithError(err).Error("console size")
65+
return nil, err
6666
}
67-
opts = append(opts, oci.WithTTYSize(int(size.Width), int(size.Height)))
68-
}
67+
unpacked, err := image.IsUnpacked(ctx, snapshotter)
68+
if err != nil {
69+
return nil, err
70+
}
71+
if !unpacked {
72+
if err := image.Unpack(ctx, snapshotter); err != nil {
73+
return nil, err
74+
}
75+
}
76+
opts = append(opts, oci.WithImageConfig(image))
77+
cOpts = append(cOpts, containerd.WithImage(image))
78+
cOpts = append(cOpts, containerd.WithSnapshotter(snapshotter))
79+
cOpts = append(cOpts, containerd.WithNewSnapshot(id, image))
6980

70-
if len(args) > 0 {
71-
opts = append(opts, oci.WithProcessArgs(args...))
72-
}
73-
if cwd := context.String("cwd"); cwd != "" {
74-
opts = append(opts, oci.WithProcessCwd(cwd))
81+
if len(args) > 0 {
82+
opts = append(opts, oci.WithProcessArgs(args...))
83+
}
84+
if cwd := context.String("cwd"); cwd != "" {
85+
opts = append(opts, oci.WithProcessCwd(cwd))
86+
}
87+
if context.Bool("tty") {
88+
opts = append(opts, oci.WithTTY)
89+
90+
con := console.Current()
91+
size, err := con.Size()
92+
if err != nil {
93+
logrus.WithError(err).Error("console size")
94+
}
95+
opts = append(opts, oci.WithTTYSize(int(size.Width), int(size.Height)))
96+
}
97+
if context.Bool("isolated") {
98+
opts = append(opts, oci.WithWindowsHyperV)
99+
}
75100
}
76101

102+
cOpts = append(cOpts, containerd.WithContainerLabels(commands.LabelArgs(context.StringSlice("label"))))
103+
cOpts = append(cOpts, containerd.WithRuntime(context.String("runtime"), nil))
104+
77105
var s specs.Spec
78106
spec = containerd.WithSpec(&s, opts...)
79107

80-
cOpts = append(cOpts, containerd.WithContainerLabels(commands.LabelArgs(context.StringSlice("label"))))
81-
cOpts = append(cOpts, containerd.WithImage(image))
82-
cOpts = append(cOpts, containerd.WithSnapshotter(context.String("snapshotter")))
83-
cOpts = append(cOpts, containerd.WithNewSnapshot(id, image))
84-
cOpts = append(cOpts, containerd.WithRuntime(context.String("runtime"), nil))
85108
cOpts = append(cOpts, spec)
86109

87110
return client.NewContainer(ctx, id, cOpts...)

oci/spec_opts.go

+11
Original file line numberDiff line numberDiff line change
@@ -1011,3 +1011,14 @@ var WithPrivileged = Compose(
10111011
WithApparmorProfile(""),
10121012
WithSeccompUnconfined,
10131013
)
1014+
1015+
// WithWindowsHyperV sets the Windows.HyperV section for HyperV isolation of containers.
1016+
func WithWindowsHyperV(_ context.Context, _ Client, _ *containers.Container, s *Spec) error {
1017+
if s.Windows == nil {
1018+
s.Windows = &specs.Windows{}
1019+
}
1020+
if s.Windows.HyperV == nil {
1021+
s.Windows.HyperV = &specs.WindowsHyperV{}
1022+
}
1023+
return nil
1024+
}

runtime/v2/runhcs/service.go

-1
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,6 @@ import (
4949
)
5050

5151
const (
52-
runhcsBinary = "runhcs"
5352
runhcsShimVersion = "0.0.1"
5453
)
5554

0 commit comments

Comments
 (0)