mirror of
https://github.com/opencontainers/runc.git
synced 2025-12-24 11:50:58 +08:00
f5adb05bce
This preserves the given number of file descriptors on top of the 3 stdio and the socket activation ($LISTEN_FDS=M) fds. If LISTEN_FDS is not set then [3..3+N) would be preserved by --preserve-fds=N. Given LISTEN_FDS=3 and --preserve-fds=5 then we would preserve fds [3, 11) (in addition to stdio). That's 3, 4 & 5 from LISTEN_FDS=3 and 6, 7, 8, 9 & 10 from --preserve-fds=5. Signed-off-by: Ian Campbell <ian.campbell@docker.com>
75 lines
2.3 KiB
Go
75 lines
2.3 KiB
Go
package main
|
|
|
|
import (
|
|
"os"
|
|
|
|
"github.com/urfave/cli"
|
|
)
|
|
|
|
var createCommand = cli.Command{
|
|
Name: "create",
|
|
Usage: "create a container",
|
|
ArgsUsage: `<container-id>
|
|
|
|
Where "<container-id>" is your name for the instance of the container that you
|
|
are starting. The name you provide for the container instance must be unique on
|
|
your host.`,
|
|
Description: `The create command creates an instance of a container for a bundle. The bundle
|
|
is a directory with a specification file named "` + specConfig + `" and a root
|
|
filesystem.
|
|
|
|
The specification file includes an args parameter. The args parameter is used
|
|
to specify command(s) that get run when the container is started. To change the
|
|
command(s) that get executed on start, edit the args parameter of the spec. See
|
|
"runc spec --help" for more explanation.`,
|
|
Flags: []cli.Flag{
|
|
cli.StringFlag{
|
|
Name: "bundle, b",
|
|
Value: "",
|
|
Usage: `path to the root of the bundle directory, defaults to the current directory`,
|
|
},
|
|
cli.StringFlag{
|
|
Name: "console-socket",
|
|
Value: "",
|
|
Usage: "path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal",
|
|
},
|
|
cli.StringFlag{
|
|
Name: "pid-file",
|
|
Value: "",
|
|
Usage: "specify the file to write the process id to",
|
|
},
|
|
cli.BoolFlag{
|
|
Name: "no-pivot",
|
|
Usage: "do not use pivot root to jail process inside rootfs. This should be used whenever the rootfs is on top of a ramdisk",
|
|
},
|
|
cli.BoolFlag{
|
|
Name: "no-new-keyring",
|
|
Usage: "do not create a new session keyring for the container. This will cause the container to inherit the calling processes session key",
|
|
},
|
|
cli.IntFlag{
|
|
Name: "preserve-fds",
|
|
Usage: "Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total)",
|
|
},
|
|
},
|
|
Action: func(context *cli.Context) error {
|
|
if err := checkArgs(context, 1, exactArgs); err != nil {
|
|
return err
|
|
}
|
|
if err := revisePidFile(context); err != nil {
|
|
return err
|
|
}
|
|
spec, err := setupSpec(context)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
status, err := startContainer(context, spec, true)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
// exit with the container's exit status so any external supervisor is
|
|
// notified of the exit with the correct exit status.
|
|
os.Exit(status)
|
|
return nil
|
|
},
|
|
}
|