Documentation
¶
Overview ¶
Package common provides low-level container, process, and device primitives shared across chrek packages.
Index ¶
- Constants
- func ApplyDeletedFiles(checkpointPath, targetRoot string, log logr.Logger) error
- func ApplyRootfsDiff(checkpointPath, targetRoot string, log logr.Logger) error
- func BuildMountPolicy(mounts []types.MountInfo, rootFS string, maskedPaths []string) (map[string]string, []string)
- func CaptureDeletedFiles(upperDir, checkpointDir string) (bool, error)
- func CaptureRootfsDiff(upperDir, checkpointDir string, exclusions types.OverlaySettings, ...) (string, error)
- func ClassifyMounts(mounts []types.MountInfo, ociSpec *specs.Spec, rootFS string) []types.MountInfo
- func GetNetNSInode(pid int) (uint64, error)
- func GetOverlayUpperDir(pid int) (string, error)
- func GetRootFS(pid int) (string, error)
- func ParseProcExitCode(statLine string) (syscall.WaitStatus, error)
- func ProcessTreePIDs(rootPID int) []int
- func ReadMountInfo(pid int) ([]types.MountInfo, error)
- func RemountProcSys(rw bool) error
- func ResolveCgroupRootFromHostPID(pid int) (string, error)
- func ResolveContainer(ctx context.Context, client *containerd.Client, containerID string) (int, *specs.Spec, error)
- func ResolveContainerByPod(ctx context.Context, client *containerd.Client, ...) (int, *specs.Spec, error)
- func SendSignalToPID(log logr.Logger, pid int, sig syscall.Signal, reason string) error
- func SendSignalViaPIDNamespace(ctx context.Context, log logr.Logger, referenceHostPID, targetNamespacePID int, ...) error
- func ValidateProcessState(procRoot string, pid int) error
Constants ¶
const (
// ContainerdSocket is the default containerd socket path.
ContainerdSocket = "/run/containerd/containerd.sock"
)
const HostCgroupPath = "/sys/fs/cgroup"
const HostProcPath = "/host/proc"
HostProcPath is the mount point for the host's /proc in DaemonSet pods.
Variables ¶
This section is empty.
Functions ¶
func ApplyDeletedFiles ¶
ApplyDeletedFiles removes files marked as deleted in the checkpoint.
func ApplyRootfsDiff ¶
ApplyRootfsDiff extracts rootfs-diff.tar into the target root.
func BuildMountPolicy ¶
func BuildMountPolicy(mounts []types.MountInfo, rootFS string, maskedPaths []string) (map[string]string, []string)
BuildMountPolicy classifies mounts and masked paths for CRIU dump. Mounts must already have IsOCIManaged set by ClassifyMounts.
Policy (evaluated top to bottom):
- Skip: non-OCI /proc/*, /sys/*, /run/* submounts (virtual/runtime, not in placeholder)
- Native: /dev/shm tmpfs (CRIU saves and restores content)
- Masked: OCI masked non-directory paths that exist under rootFS → /dev/null
- Externalize: everything else (OCI mounts the runtime recreates in placeholder)
func CaptureDeletedFiles ¶
CaptureDeletedFiles finds whiteout files and saves them to a JSON file.
func CaptureRootfsDiff ¶
func CaptureRootfsDiff(upperDir, checkpointDir string, exclusions types.OverlaySettings, bindMountDests []string) (string, error)
CaptureRootfsDiff captures the overlay upperdir to a tar file.
func ClassifyMounts ¶
ClassifyMounts sets IsOCIManaged on each mount by matching against the container's OCI spec (mounts, masked paths, readonly paths). Handles /run/ ↔ /var/run/ aliasing since some images symlink one to the other.
func GetNetNSInode ¶
GetNetNSInode returns the network namespace inode for a container process via /host/proc.
func GetOverlayUpperDir ¶
GetOverlayUpperDir extracts the overlay upperdir from mountinfo.
func ParseProcExitCode ¶
func ParseProcExitCode(statLine string) (syscall.WaitStatus, error)
ParseProcExitCode extracts and decodes the exit_code field (field 52) from a /proc/<pid>/stat line.
func ProcessTreePIDs ¶
ProcessTreePIDs walks the process tree rooted at rootPID and returns all PIDs. Used by nsrestore for in-namespace CUDA PID discovery.
func ReadMountInfo ¶
ReadMountInfo reads and parses mountinfo for a container process via /host/proc.
func RemountProcSys ¶
RemountProcSys remounts /proc/sys read-write or read-only.
func ResolveCgroupRootFromHostPID ¶
ResolveCgroupRootFromHostPID reads the unified cgroup v2 path for a PID via /host/proc.
func ResolveContainer ¶
func ResolveContainer(ctx context.Context, client *containerd.Client, containerID string) (int, *specs.Spec, error)
ResolveContainer resolves a container by ID and returns its PID and OCI spec.
func ResolveContainerByPod ¶
func ResolveContainerByPod(ctx context.Context, client *containerd.Client, podName, podNamespace, containerName string) (int, *specs.Spec, error)
ResolveContainerByPod finds a container by pod name, namespace, and container name by listing containerd containers and matching CRI labels.
func SendSignalToPID ¶
SendSignalToPID sends a signal to a host-visible PID via syscall.Kill.
func SendSignalViaPIDNamespace ¶
func SendSignalViaPIDNamespace(ctx context.Context, log logr.Logger, referenceHostPID, targetNamespacePID int, sig syscall.Signal, reason string) error
SendSignalViaPIDNamespace sends a signal to a namespace-relative PID by entering the PID namespace of referenceHostPID via nsenter.
func ValidateProcessState ¶
ValidateProcessState checks that a process is alive and not a zombie.
Types ¶
This section is empty.
Source Files