Deuxfleurs/nomad-driver-nix2
17
2
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Add bind and bind_read_only parameters, not tested yet

Browse source
This commit is contained in:
Alex 2022-11-28 12:45:27 +01:00
parent 77a2fb9190
commit cf4285e812
Signed by: lx
GPG key ID: 0E496D15096376BE
1 changed files with 40 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
exec2/driver.go
View file

@ -16,6 +16,7 @@ import (
"github.com/hashicorp/nomad/drivers/shared/eventer" "github.com/hashicorp/nomad/drivers/shared/eventer"
"github.com/hashicorp/nomad/drivers/shared/executor" "github.com/hashicorp/nomad/drivers/shared/executor"
"github.com/hashicorp/nomad/drivers/shared/resolvconf" "github.com/hashicorp/nomad/drivers/shared/resolvconf"
"github.com/hashicorp/nomad/helper/pluginutils/hclutils"
"github.com/hashicorp/nomad/helper/pluginutils/loader" "github.com/hashicorp/nomad/helper/pluginutils/loader"
"github.com/hashicorp/nomad/helper/pointer" "github.com/hashicorp/nomad/helper/pointer"
"github.com/hashicorp/nomad/plugins/base" "github.com/hashicorp/nomad/plugins/base"
@ -78,6 +79,8 @@ var (
taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{ taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{
"command": hclspec.NewAttr("command", "string", true), "command": hclspec.NewAttr("command", "string", true),
"args": hclspec.NewAttr("args", "list(string)", false), "args": hclspec.NewAttr("args", "list(string)", false),
"bind": hclspec.NewAttr("bind", "list(map(string))", false),
"bind_read_only": hclspec.NewAttr("bind_read_only", "list(map(string))", false),
"pid_mode": hclspec.NewAttr("pid_mode", "string", false), "pid_mode": hclspec.NewAttr("pid_mode", "string", false),
"ipc_mode": hclspec.NewAttr("ipc_mode", "string", false), "ipc_mode": hclspec.NewAttr("ipc_mode", "string", false),
"cap_add": hclspec.NewAttr("cap_add", "list(string)", false), "cap_add": hclspec.NewAttr("cap_add", "list(string)", false),
@ -179,6 +182,12 @@ type TaskConfig struct {
// Args are passed along to Command. // Args are passed along to Command.
Args []string `codec:"args"` Args []string `codec:"args"`
// Paths to bind for read-write acess
Bind hclutils.MapStrStr `codec:"bind"`
// Paths to bind for read-only acess
BindReadOnly hclutils.MapStrStr `codec:"bind_read_only"`
// ModePID indicates whether PID namespace isolation is enabled for the task. // ModePID indicates whether PID namespace isolation is enabled for the task.
// Must be "private" or "host" if set. // Must be "private" or "host" if set.
ModePID string `codec:"pid_mode"` ModePID string `codec:"pid_mode"`
@ -466,6 +475,27 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
cfg.Mounts = append(cfg.Mounts, dnsMount) cfg.Mounts = append(cfg.Mounts, dnsMount)
} }
if driverConfig.Bind != nil {
for k, v := range driverConfig.Bind {
cfg.Mounts = append(cfg.Mounts, &drivers.MountConfig{
TaskPath: v,
HostPath: k,
Readonly: false,
PropagationMode: "private",
})
}
}
if driverConfig.BindReadOnly != nil {
for k, v := range driverConfig.Bind {
cfg.Mounts = append(cfg.Mounts, &drivers.MountConfig{
TaskPath: v,
HostPath: k,
Readonly: true,
PropagationMode: "private",
})
}
}
caps, err := capabilities.Calculate( caps, err := capabilities.Calculate(
capabilities.NomadDefaults(), d.config.AllowCaps, driverConfig.CapAdd, driverConfig.CapDrop, capabilities.NomadDefaults(), d.config.AllowCaps, driverConfig.CapAdd, driverConfig.CapDrop,
) )