aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-31 20:24:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
54f0c8f88ee49367d7499cb204fd71b7d5ffbb95
kata-containers/src/runtime/virtcontainers/fs_share.go
Pradipta Banerjee ab13ef87ee runtime: propagate configmap/secrets etc changes for remote-hyp 
For remote hypervisor, the configmap, secrets, downward-api or project-volumes are
copied from host to guest. This patch watches for changes to the host files
and copies the changes to the guest.

Note that configmap updates takes significantly longer than updates via downward-api.
This is similar across runc and Kata runtimes.

Fixes: #7210

Signed-off-by: Pradipta Banerjee <pradipta.banerjee@gmail.com>
Signed-off-by: Julien Ropé <jrope@redhat.com>
(cherry picked from commit 3081cd5f8e)
(cherry picked from commit 68ec673bc4d9cd853eee51b21a0e91fcec149aad)
2023-08-11 16:31:08 +01:00

86 lines
2.9 KiB
Go
Raw Blame History

// Copyright (c) 2022 Apple Inc.
//
// SPDX-License-Identifier: Apache-2.0
//
package virtcontainers
import (
"context"
"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols/grpc"
)
// fsShareTracingTags defines tags for the trace span
var fsShareTracingTags = map[string]string{
"source": "runtime",
"package": "virtcontainers",
"subsystem": "fs_share",
}
// SharedFile represents the outcome of a host filesystem sharing
// operation.
type SharedFile struct {
storage *grpc.Storage
guestPath string
}
type FilesystemSharer interface {
// Prepare will set the host filesystem up, making it ready
// to share container files and directories with the guest.
// It will be called before any container is running.
//
// For example, the Linux implementation would create and
// prepare the host shared folders, and also make all
// sandbox mounts ready to be shared.
//
// Implementation of this method must be idempotent and be
// ready to potentially be called several times in a row,
// without symmetric calls to Cleanup in between.
Prepare(context.Context) error
// Cleanup cleans the host filesystem up from the initial
// setup created by Prepare.
// It will be called after all containers are terminated.
//
// Implementation of this method must be idempotent and be
// ready to potentially be called several times in a row,
// without symmetric calls to Prepare in between.
Cleanup(context.Context) error
// ShareFile shares a file (a regular file or a directory)
// from the host filesystem with a container running in the
// guest. The host file to be shared is described by the
// Mount argument.
// This method should be called for each container file to
// be shared with the guest.
//
// The returned SharedFile pointer describes how the file
// should be shared between the host and the guest. If it
// is nil, then the shared filed described by the Mount
// argument will be ignored by the guest, i.e. it will NOT
// be shared with the guest.
ShareFile(context.Context, *Container, *Mount) (*SharedFile, error)
// UnshareFile stops sharing a container file, described by
// the Mount argument.
UnshareFile(context.Context, *Container, *Mount) error
// ShareRootFilesystem shares a container bundle rootfs with
// the Kata guest, allowing the kata agent to eventually start
// the container from that shared rootfs.
ShareRootFilesystem(context.Context, *Container) (*SharedFile, error)
// UnshareRootFilesystem stops sharing a container bundle
// rootfs.
UnshareRootFilesystem(context.Context, *Container) error
// startFileEventWatcher is the event loop to detect changes in
// specific volumes - configmap, secrets, downward-api, projected-volumes
// and copy the changes to the guest
StartFileEventWatcher(context.Context) error
// Stops the event loop for file watcher
StopFileEventWatcher(context.Context)
}
Reference in New Issue View Git Blame Copy Permalink