GitList

Browse code

Merge pull request #41072 from AkihiroSuda/fix-41071

cgroup2: unshare cgroupns by default regardless to API version

Brian Goff authored on 2020/10/02 03:56:00
Showing 3 changed files

api/server/router/container/container.go index 401be4a..df68fcb 100644
api/server/router/container/container_routes.go index 5001bc0..641537d 100644
cmd/dockerd/daemon.go index 275d9a7..96c3194 100644

api/server/router/container/container.go

@@ -10,13 +10,15 @@ type containerRouter struct {
                      	backend Backend
                      	decoder httputils.ContainerDecoder
                      	routes  []router.Route
                     +	cgroup2 bool
+                     }
                      // NewRouter initializes a new container router
                     -func NewRouter(b Backend, decoder httputils.ContainerDecoder) router.Router {
                     +func NewRouter(b Backend, decoder httputils.ContainerDecoder, cgroup2 bool) router.Router {
                      	r := &containerRouter{
                      		backend: b,
                      		decoder: decoder,
                     +		cgroup2: cgroup2,
+                     	}
                      	r.initRoutes()
                      	return r

api/server/router/container/container_routes.go

History View file @ 816fbcd

@@ -494,8 +494,8 @@ func (s *containerRouter) postContainersCreate(ctx context.Context, w http.Respo
 			hostConfig.IpcMode = container.IpcMode("shareable")
 		}
 	}
-	if hostConfig != nil && versions.LessThan(version, "1.41") {
-		// Older clients expect the default to be "host"
+	if hostConfig != nil && versions.LessThan(version, "1.41") && !s.cgroup2 {
+		// Older clients expect the default to be "host" on cgroup v1 hosts
 		if hostConfig.CgroupnsMode.IsEmpty() {
 			hostConfig.CgroupnsMode = container.CgroupnsMode("host")
 		}

cmd/dockerd/daemon.go

History View file @ 816fbcd

@@ -477,7 +477,7 @@ func initRouter(opts routerOptions) {
                      	routers := []router.Router{
                      		// we need to add the checkpoint router before the container router or the DELETE gets masked
                      		checkpointrouter.NewRouter(opts.daemon, decoder),
                     -		container.NewRouter(opts.daemon, decoder),
                     +		container.NewRouter(opts.daemon, decoder, opts.daemon.RawSysInfo(true).CgroupUnified),
                      		image.NewRouter(opts.daemon.ImageService()),
                      		systemrouter.NewRouter(opts.daemon, opts.cluster, opts.buildkit, opts.features),
                      		volume.NewRouter(opts.daemon.VolumesService()),

...	...	@@ -494,8 +494,8 @@ func (s *containerRouter) postContainersCreate(ctx context.Context, w http.Respo
494	494	hostConfig.IpcMode = container.IpcMode("shareable")
495	495	}
496	496	}
497		- if hostConfig != nil && versions.LessThan(version, "1.41") {
498		- // Older clients expect the default to be "host"
	497	+ if hostConfig != nil && versions.LessThan(version, "1.41") && !s.cgroup2 {
	498	+ // Older clients expect the default to be "host" on cgroup v1 hosts
499	499	if hostConfig.CgroupnsMode.IsEmpty() {
500	500	hostConfig.CgroupnsMode = container.CgroupnsMode("host")
501	501	}