Read the warden started the source code, and looked at the creation of container source:
In Lib/warden/server.rb, the run! method uses the Start_unix_domain_server method of the EM to start a unixsock, The second parameter, clientconnection, defines what to do with what is received, and the process method in clientconnection deals with the Create:
When Protocol::createrequest
container = Server.container_klass.new
Container.register_connection (self)
Response = Container.dispatch (Request)
(Container_klass for Warden::container::linux in configuration)
Through dispatch, the Do_create method in LINUX.RB is executed.
(1) Get, set Rootfs storage directory warden separate runtime/tmp/warden/rootfs
(2) Execute script src/warden/root/linux/create.sh, pass in Parameters: New container path; container Additional parameters required
(2.1) Check if the container path already exists, and stop creating if it already exists
(2.2) Copy all the \src\warden\warden\root\linux\skeleton directory to container
(2.3) Execute the script under container, unshare-m setup.sh Create a separate file System namespace
(2.3.1) writes the following information to the Etc/config file under Container, which is later loaded when the network is started
Id=17jqe2nv7dh
network_netmask=255.255.255.252
network_host_ip=10.254.0.5
network_host_iface=w-17jqe2nv7dh-0
network_container_ip=10.254.0.6
Network_container_iface=w-17jqe2nv7dh-1
user_uid=10001
Rootfs_path=/tmp/warden/rootfs
Allow_nested_warden=false
(2.3.2) Execute Setup_fs_ubuntu ()
Mount-n-T Aufs-o br:tmp/rootfs=rw: $rootfs _path=ro+wh None mnt
The AUFS parameter format indicates that the TMP/ROOTFS is mounted read-write, $rootfs _path mounted read-only, stacked on mnt
(2.3.3) The MNT path under container directory for the file methods required in lightweight container: include adding users to container, configuring DNS, configuring domain names, hosts files ....
(2.4) Function Write_bind_mount_commands: hook-child-before-pivot.sh under the execution Lib directory
(2.4.1) writes the action required to bind in the request to the hook-child-before-pivot.sh script, and if the DEA needs to increase the mount's information, you can set the request parameter
(2.4.2) If nesting warden is allowed, the/tmp/warden/cgroup directory needs to be created in the container and container on the/tmp/warden/cgroup directory and host in the newly created/tmp/warden /cgroup Mount,cgroup the subsystem CPU CPUACCT devices memory perform the same mount operation (here just writes the operation to the script ook-child-before-pivot.sh)
(3) Start container, invoke startup script: warden\root\linux\skeleton\start.sh
(3.1) Load configuration file source./etc/config
(3.2) Start the network./NET.SH Setup
(3.3) Execute C code
Nice-n/bin/wshd--run/run--lib/lib.--root/mnt "--title: $id" \
Sets the process priority and the Red Section executes./BIN/WSHD parameters
More Wonderful content: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/cloud-computing/
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
