iSulad: prepare for oci supported isulad-shim

Signed-off-by: N gaohuatao <gaohuatao@huawei.com>

iSulad: prepare for oci supported isulad-shim
Signed-off-by: N gaohuatao <gaohuatao@huawei.com>
b8cd5aba · gaohuatao · jingrui · 6da699de · b8cd5aba · b8cd5aba
24 changed file
--- a/src/cmd/isula/base/create.c
+++ b/src/cmd/isula/base/create.c
@@ -37,7 +37,7 @@ const char g_cmd_create_desc[] = "Create a new container";
 const char g_cmd_create_usage[] = "create [OPTIONS] --external-rootfs=PATH|IMAGE [COMMAND] [ARG...]";

 struct client_arguments g_cmd_create_args = {
-    .runtime = "lcr",
+    .runtime = "",
    .restart = "no",
    .log_file_size = "1MB",
    .log_file_rotate = 7,

--- a/src/cmd/isula/base/run.c
+++ b/src/cmd/isula/base/run.c
@@ -29,7 +29,7 @@ const char g_cmd_run_desc[] = "Run a command in a new container";
 const char g_cmd_run_usage[] = "run [OPTIONS] ROOTFS|IMAGE [COMMAND] [ARG...]";
 static int run_checker(struct client_arguments *args);
 struct client_arguments g_cmd_run_args = {
-    .runtime = "lcr",
+    .runtime = "",
    .restart = "no",
    .log_file = NULL,
    .log_file_size = "1MB",

--- a/src/config/isulad_config.c
+++ b/src/config/isulad_config.c
@@ -1206,6 +1206,28 @@ out:
    return result;
 }

+char *conf_get_default_runtime()
+{
+    struct service_arguments *conf = NULL;
+    char *result = NULL;
+
+    if (isulad_server_conf_rdlock()) {
+        ERROR("BUG conf_rdlock failed");
+        return NULL;
+    }
+
+    conf = conf_get_server_conf();
+    if (conf == NULL || conf->json_confs == NULL) {
+        goto out;
+    }
+
+    result = strings_to_lower(conf->json_confs->default_runtime);
+
+out:
+    (void)isulad_server_conf_unlock();
+    return result;
+}
+
 bool conf_update_im_server_sock_addr(const char *new_sock_addr)
 {
    struct service_arguments *conf = NULL;
@@ -1765,6 +1787,7 @@ int merge_json_confs_into_global(struct service_arguments *args)
        goto out;
    }

+    override_string_value(&args->json_confs->default_runtime, &tmp_json_confs->default_runtime);
    override_string_value(&args->json_confs->group, &tmp_json_confs->group);
    override_string_value(&args->json_confs->graph, &tmp_json_confs->graph);
    override_string_value(&args->json_confs->state, &tmp_json_confs->state);
@@ -1790,6 +1813,9 @@ int merge_json_confs_into_global(struct service_arguments *args)
    override_string_value(&args->json_confs->cni_bin_dir, &tmp_json_confs->cni_bin_dir);
    override_string_value(&args->json_confs->cni_conf_dir, &tmp_json_confs->cni_conf_dir);

+    args->json_confs->runtimes = tmp_json_confs->runtimes;
+    tmp_json_confs->runtimes = NULL;
+
    // Daemon storage-driver
    if (merge_storage_conf_into_global(args, tmp_json_confs)) {
        ret = -1;

--- a/src/config/isulad_config.h
+++ b/src/config/isulad_config.h
@@ -92,6 +92,8 @@ unsigned int conf_get_im_opt_timeout();

 char *conf_get_im_server_sock_addr();

+char *conf_get_default_runtime();
+
 bool conf_update_im_server_sock_addr(const char *new_sock_addr);

 char *conf_get_graph_check_flag_file();

--- a/src/connect/client/grpc/grpc_containers_client.cc
+++ b/src/connect/client/grpc/grpc_containers_client.cc
@@ -230,10 +230,6 @@ public:
    {
        int nret = -1;

-        if (req.runtime().empty()) {
-            ERROR("Missing runtime in the request");
-            return nret;
-        }
        if (req.rootfs().empty() && req.image().empty()) {
            ERROR("Missing container rootfs or image arguments in the request");
            return nret;

--- a/src/container_def.h
+++ b/src/container_def.h
@@ -40,7 +40,7 @@ extern "C" {
 #define SECCOMP_DEFAULT_PATH "/etc/isulad/seccomp_default.json"
 #endif
 #ifndef OCI_VERSION
-#define OCI_VERSION "1.0.0-rc5-dev"
+#define OCI_VERSION "1.0.1"
 #endif

 typedef enum {

--- a/src/contrib/config/config.json
+++ b/src/contrib/config/config.json
 {
-	"ociVersion": "1.0.0-rc5-dev",
+	"ociVersion": "1.0.1",
 	"process": {
 		"terminal": true,
 		"consoleSize": {

--- a/src/contrib/config/daemon.json
+++ b/src/contrib/config/daemon.json
 {
    "group": "isulad",
+    "default-runtime": "lcr",
    "graph": "/var/lib/isulad",
    "state": "/var/run/isulad",
    "engine": "lcr",

--- a/src/contrib/config/systemcontainer_config.json
+++ b/src/contrib/config/systemcontainer_config.json
 {
-	"ociVersion": "1.0.0-rc5-dev",
+	"ociVersion": "1.0.1",
 	"process": {
 		"terminal": true,
 		"consoleSize": {

--- a/src/cutils/utils.c
+++ b/src/cutils/utils.c
@@ -34,7 +34,6 @@
 #include <fcntl.h>
 #include <libgen.h>
 #include <stdio.h>
-#include <stdlib.h>
 #include <sys/mount.h>
 #include <sys/prctl.h>
 #include <sys/types.h>

--- a/src/cutils/utils_file.c
+++ b/src/cutils/utils_file.c
@@ -552,7 +552,7 @@ char *util_full_file_digest(const char *filename)
    return full_digest;
 }

-static char *util_path_dir(const char *path)
+char *util_path_dir(const char *path)
 {
    char *dir = NULL;
    int len = 0;

--- a/src/cutils/utils_file.h
+++ b/src/cutils/utils_file.h
@@ -55,6 +55,8 @@ FILE *util_fopen(const char *filename, const char *mode);

 char *util_full_file_digest(const char *filename);

+char *util_path_dir(const char *path);
+
 char *util_add_path(const char *path, const char *name);

 char *util_read_text_file(const char *path);

--- a/src/cutils/utils_string.c
+++ b/src/cutils/utils_string.c
@@ -79,6 +79,18 @@ bool strings_contains_any(const char *str, const char *substr)
    return false;
 }

+bool strings_contains_word(const char *str, const char *substr)
+{
+    if (str == NULL || substr == NULL) {
+        return false;
+    }
+
+    if (strcasestr(str, substr) != NULL) {
+        return true;
+    }
+    return false;
+}
+
 int strings_count(const char *str, unsigned char c)
 {
    size_t i = 0;

--- a/src/cutils/utils_string.h
+++ b/src/cutils/utils_string.h
@@ -25,6 +25,8 @@ extern "C" {

 bool strings_contains_any(const char *str, const char *substr);

+bool strings_contains_word(const char *str, const char *substr);
+
 int strings_count(const char *str, unsigned char c);

 bool strings_in_slice(const char **strarray, size_t alen, const char *str);

--- a/src/cutils/utils_verify.c
+++ b/src/cutils/utils_verify.c
@@ -274,7 +274,7 @@ bool util_valid_runtime_name(const char *name)
        return false;
    }

-    return strcasecmp(name, "lcr") == 0;
+    return true;
 }

 bool util_valid_host_name(const char *name)

--- a/src/json/schema/schema/defs.json
+++ b/src/json/schema/schema/defs.json
@@ -232,6 +232,25 @@
                }
            }
        },
+        "mapStringObjectRuntimes": {
+            "type": "object",
+            "patternProperties": {
+                ".{1,}": {
+                    "type": "object",
+                    "properties": {
+                        "path": {
+                            "type": "string"
+                        },
+                        "runtime-args": {
+                            "type":"array",
+                            "items": {
+                                "type":"string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
        "ociVersion": {
            "description": "The version of Open Container Runtime Specification that the document complies with",
            "type": "string"

--- a/src/json/schema/schema/isulad-daemon-configs.json
+++ b/src/json/schema/schema/isulad-daemon-configs.json
@@ -5,6 +5,9 @@
        "hosts": {
            "type": "ArrayOfStrings"
        },
+        "default-runtime": {
+            "type": "string"
+        },
        "group": {
            "type": "string"
        },
@@ -144,6 +147,9 @@
 		            }
                }
            }
+        },
+        "runtimes": {
+            "$ref": "defs.json#/definitions/mapStringObjectRuntimes"
        }
    }
 }
--- a/src/services/cri/cri_container.cc
+++ b/src/services/cri/cri_container.cc
@@ -155,6 +155,19 @@ container_config *CRIRuntimeServiceImpl::GenerateCreateContainerCustomConfig(
        }
    }

+    if (append_json_map_string_string(custom_config->annotations,
+                                      CRIHelpers::Constants::CONTAINER_TYPE_ANNOTATION_KEY.c_str(),
+                                      CRIHelpers::Constants::CONTAINER_TYPE_ANNOTATION_CONTAINER.c_str())) {
+        error.SetError("Append map string string failed");
+        goto cleanup;
+    }
+    if (append_json_map_string_string(custom_config->annotations,
+                                      CRIHelpers::Constants::SANDBOX_ID_ANNOTATION_KEY.c_str(),
+                                      realPodSandboxID.c_str())) {
+        error.SetError("Append map string string failed");
+        goto cleanup;
+    }
+
    if (append_json_map_string_string(custom_config->labels, CRIHelpers::Constants::SANDBOX_ID_LABEL_KEY.c_str(),
                                      realPodSandboxID.c_str())) {
        error.SetError("Append map string string failed");
@@ -301,8 +314,6 @@ container_create_request *CRIRuntimeServiceImpl::GenerateCreateContainerRequest(
    std::string cname = CRINaming::MakeContainerName(podSandboxConfig, containerConfig);
    request->id = util_strdup_s(cname.c_str());

-    request->runtime = util_strdup_s(CRIHelpers::Constants::DEFAULT_RUNTIME_NAME.c_str());
-
    if (!containerConfig.image().image().empty()) {
        request->image = util_strdup_s(containerConfig.image().image().c_str());
    }

--- a/src/services/cri/cri_helpers.cc
+++ b/src/services/cri/cri_helpers.cc
@@ -45,6 +45,10 @@ const std::string Constants::DOCKER_PULLABLE_IMAGEID_PREFIX { "docker-pullable:/
 const std::string Constants::RUNTIME_READY { "RuntimeReady" };
 const std::string Constants::NETWORK_READY { "NetworkReady" };
 const std::string Constants::POD_CHECKPOINT_KEY { "cri.sandbox.isulad.checkpoint" };
+const std::string Constants::CONTAINER_TYPE_ANNOTATION_KEY { "io.kubernetes.cri.container-type" };
+const std::string Constants::CONTAINER_TYPE_ANNOTATION_CONTAINER { "container" };
+const std::string Constants::CONTAINER_TYPE_ANNOTATION_SANDBOX { "sandbox" };
+const std::string Constants::SANDBOX_ID_ANNOTATION_KEY { "io.kubernetes.cri.sandbox-id" };

 const char *InternalLabelKeys[] = {
    CRIHelpers::Constants::CONTAINER_TYPE_LABEL_KEY.c_str(),

--- a/src/services/cri/cri_helpers.h
+++ b/src/services/cri/cri_helpers.h
@@ -49,6 +49,10 @@ public:
    static const std::string NETWORK_READY;
    static const std::string POD_CHECKPOINT_KEY;
    static const size_t MAX_CHECKPOINT_KEY_LEN { 250 };
+    static const std::string CONTAINER_TYPE_ANNOTATION_KEY;
+    static const std::string CONTAINER_TYPE_ANNOTATION_CONTAINER;
+    static const std::string CONTAINER_TYPE_ANNOTATION_SANDBOX;
+    static const std::string SANDBOX_ID_ANNOTATION_KEY;
 };
 std::string GetDefaultSandboxImage(Errors &err);


--- a/src/services/cri/cri_sandbox.cc
+++ b/src/services/cri/cri_sandbox.cc
@@ -217,6 +217,12 @@ void CRIRuntimeServiceImpl::MakeSandboxIsuladConfig(const runtime::v1alpha2::Pod
    if (error.NotEmpty()) {
        return;
    }
+    if (append_json_map_string_string(custom_config->annotations,
+                                      CRIHelpers::Constants::CONTAINER_TYPE_ANNOTATION_KEY.c_str(),
+                                      CRIHelpers::Constants::CONTAINER_TYPE_ANNOTATION_SANDBOX.c_str()) != 0) {
+        error.SetError("Append container type into annotation failed");
+        return;
+    }

    if (!c.hostname().empty()) {
        custom_config->hostname = util_strdup_s(c.hostname().c_str());
@@ -323,7 +329,6 @@ container_create_request *CRIRuntimeServiceImpl::PackCreateContainerRequest(

    std::string sandboxName = CRINaming::MakeSandboxName(config.metadata());
    create_request->id = util_strdup_s(sandboxName.c_str());
-    create_request->runtime = util_strdup_s(CRIHelpers::Constants::DEFAULT_RUNTIME_NAME.c_str());
    create_request->image = util_strdup_s(image.c_str());

    create_request->hostconfig = host_config_generate_json(hostconfig, &ctx, &perror);

--- a/src/services/execution/execute/execution_create.c
+++ b/src/services/execution/execute/execution_create.c
@@ -44,6 +44,56 @@
 #include "error.h"
 #include "constants.h"

+static int runtime_check(const char *name, bool *runtime_res)
+{
+    int ret = 0;
+    struct service_arguments *args = NULL;
+    defs_map_string_object_runtimes *runtimes = NULL;
+
+    if (isulad_server_conf_rdlock()) {
+        ret = -1;
+        goto out;
+    }
+
+    args = conf_get_server_conf();
+    if (args == NULL) {
+        ERROR("Failed to get isulad server config");
+        ret = -1;
+        goto unlock_out;
+    }
+
+    if (args->json_confs != NULL) {
+        runtimes = args->json_confs->runtimes;
+    }
+    if (runtimes == NULL) {
+        EVENT("isulad runtimes param is null");
+        goto unlock_out;
+    }
+
+    size_t runtime_nums = runtimes->len;
+    for (size_t i = 0; i < runtime_nums; i++) {
+        if (strcmp(name, runtimes->keys[i]) == 0) {
+            *runtime_res = true;
+            goto unlock_out;
+        }
+    }
+unlock_out:
+    if (isulad_server_conf_unlock()) {
+        ERROR("Failed to unlock isulad server config");
+        ret = -1;
+    }
+out:
+    if (strcmp(name, "runc") == 0 || strcmp(name, "lcr") == 0) {
+        *runtime_res = true;
+    }
+
+    if (strcmp(name, "kata-runtime") == 0) {
+        *runtime_res = true;
+    }
+
+    return ret;
+}
+
 static int create_request_check(const container_create_request *request)
 {
    int ret = 0;
@@ -68,20 +118,6 @@ static int create_request_check(const container_create_request *request)
        goto out;
    }

-    if (request->runtime == NULL) {
-        ERROR("Receive NULL Request runtime");
-        ret = -1;
-        goto out;
-    }
-
-    if (!util_valid_runtime_name(request->runtime)) {
-        ERROR("Invalid runtime name:%s", request->runtime);
-        isulad_set_error_message("Invalid runtime name (%s), only \"lcr\" supported.",
-                                 request->runtime);
-        ret = -1;
-        goto out;
-    }
-
    if (request->hostconfig == NULL) {
        ERROR("Receive NULL Request hostconfig");
        ret = -1;
@@ -685,12 +721,30 @@ static int get_request_image_info(const container_create_request *request, char
 static int preparate_runtime_environment(const container_create_request *request, const char *id,
                                         char **runtime, char **runtime_root, uint32_t *cc)
 {
-    *runtime = get_runtime_from_request(request);
+    bool runtime_res = false;
+
+    if (request->runtime) {
+        *runtime = get_runtime_from_request(request);
+    } else {
+        *runtime = conf_get_default_runtime();
+    }
    if (*runtime == NULL) {
        *cc = ISULAD_ERR_INPUT;
        return -1;
    }

+    if (runtime_check(*runtime, &runtime_res) != 0) {
+        ERROR("Runtimes param check failed");
+        return -1;
+    }
+
+    if (!runtime_res) {
+        ERROR("Invalid runtime name:%s", *runtime);
+        isulad_set_error_message("Invalid runtime name (%s).",
+                                 *runtime);
+        return -1;
+    }
+
    *runtime_root = conf_get_routine_rootdir(*runtime);
    if (*runtime_root == NULL) {
        *cc = ISULAD_ERR_EXEC;

--- a/src/services/execution/manager/health_check.c
+++ b/src/services/execution/manager/health_check.c
@@ -559,7 +559,7 @@ void *health_check_run(void *arg)
    container_req->tty = false;
    container_req->attach_stdin = false;
    container_req->attach_stdout = true;
-    container_req->attach_stderr = true;
+    container_req->attach_stderr = false;
    container_req->timeout = timeout_with_default(config->health_check->timeout, DEFAULT_PROBE_TIMEOUT) / Time_Second;
    container_req->container_id = util_strdup_s(cont->common_config->id);
    container_req->argv = cmd_slice;

--- a/test/image/oci/oci_config_merge/oci_runtime_spec.json
+++ b/test/image/oci/oci_config_merge/oci_runtime_spec.json
 {
-    "ociVersion": "1.0.0-rc5-dev",
+    "ociVersion": "1.0.1",
    "hooks": {

    },