36 lines
949 B
Go
36 lines
949 B
Go
|
package container
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"os"
|
|||
|
|
"syscall"
|
|||
|
|
"upod/internal/log"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
// RunContainerInitProcess 启动容器的init进程
|
|||
|
|
/*
|
|||
|
|
这里的init函数是在容器内部执行的,也就是说,代码执行到这里后,容器所在的进程其实就已经创建出来了,
|
|||
|
|
这是本容器执行的第一个进程。
|
|||
|
|
使用mount先去挂载proc文件系统,以便后面通过ps等系统命令去查看当前进程资源的情况。
|
|||
|
|
*/
|
|||
|
|
func RunContainerInitProcess(command string, args []string) error {
|
|||
|
|
var (
|
|||
|
|
err error
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
log.Debug("RunContainerInitProcess: command=%s args=%v", command, args)
|
|||
|
|
|
|||
|
|
syscall.Mount("", "/", "", syscall.MS_PRIVATE|syscall.MS_REC, "")
|
|||
|
|
|
|||
|
|
defaultMountFlags := syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NODEV
|
|||
|
|
|
|||
|
|
_ = syscall.Mount("proc", "/proc", "proc", uintptr(defaultMountFlags), "")
|
|||
|
|
|
|||
|
|
argv := []string{command}
|
|||
|
|
|
|||
|
|
if err = syscall.Exec(command, argv, os.Environ()); err != nil {
|
|||
|
|
return err
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return nil
|
|||
|
|
}
|