Skip to content

Commit

Permalink
Defer bail out for cgroup not found
Browse files Browse the repository at this point in the history 
This likely means that the container died.
  • Loading branch information
@nbdd0121
nbdd0121 committed Mar 19, 2024
1 parent 2d6266e commit d66ed3e
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 4 deletions.
20 changes: 19 additions & 1 deletion src/docker/cgroup.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use anyhow::{ensure, Context, Result};
use anyhow::{bail, ensure, Context, Result};
use aya::maps::{HashMap, MapData};
use aya::programs::{CgroupDevice, Link};
use std::fs::File;
Expand Down Expand Up @@ -196,3 +196,21 @@ impl DeviceAccessController for DeviceAccessControllerV2 {
Ok(())
}
}

pub struct DeviceAccessControllerDummy;

impl DeviceAccessController for DeviceAccessControllerDummy {
fn set_permission(
&mut self,
_ty: DeviceType,
_major: u32,
_minor: u32,
_access: Access,
) -> Result<()> {
bail!("neither cgroup v1 and cgroup v2 works");
}

fn stop(self: Box<Self>) -> Result<()> {
Ok(())
}
}
14 changes: 11 additions & 3 deletions src/docker/container.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,10 @@ use tokio::signal::unix::{signal, SignalKind};
use tokio::task::{spawn, JoinHandle};
use tokio_stream::StreamExt;

use super::cgroup::{Access, DeviceAccessController, DeviceAccessControllerV1, DeviceAccessControllerV2, DeviceType};
use super::cgroup::{
Access, DeviceAccessController, DeviceAccessControllerDummy, DeviceAccessControllerV1,
DeviceAccessControllerV2, DeviceType,
};
use super::{IoStream, IoStreamSource};

#[derive(Clone)]
Expand Down Expand Up @@ -42,9 +45,14 @@ impl Container {
let cgroup_device_filter: Box<dyn DeviceAccessController + Send> =
match DeviceAccessControllerV2::new(id) {
Ok(v) => Box::new(v),
Err(err) => match DeviceAccessControllerV1::new(id) {
Err(err2) => match DeviceAccessControllerV1::new(id) {
Ok(v) => Box::new(v),
Err(_) => Err(err).context("neither cgroup v1 and cgroup v2 works")?,
Err(err1) => {
log::error!("neither cgroup v1 and cgroup v2 works");
log::error!("cgroup v2: {err2}");
log::error!("cgroup v1: {err1}");
Box::new(DeviceAccessControllerDummy)
}
},
};

Expand Down

0 comments on commit d66ed3e

Please sign in to comment.