1package daemon // import "github.com/docker/docker/daemon" 2 3import ( 4 "context" 5 "fmt" 6 "runtime" 7 8 containertypes "github.com/docker/docker/api/types/container" 9 "github.com/docker/docker/container" 10 "github.com/docker/docker/pkg/stringid" 11 volumemounts "github.com/docker/docker/volume/mounts" 12 volumeopts "github.com/docker/docker/volume/service/opts" 13) 14 15// createContainerOSSpecificSettings performs host-OS specific container create functionality 16func (daemon *Daemon) createContainerOSSpecificSettings(container *container.Container, config *containertypes.Config, hostConfig *containertypes.HostConfig) error { 17 18 if container.OS == runtime.GOOS { 19 // Make sure the host config has the default daemon isolation if not specified by caller. 20 if containertypes.Isolation.IsDefault(containertypes.Isolation(hostConfig.Isolation)) { 21 hostConfig.Isolation = daemon.defaultIsolation 22 } 23 } else { 24 // LCOW must be a Hyper-V container as you can't run a shared kernel when one 25 // is a Windows kernel, the other is a Linux kernel. 26 if containertypes.Isolation.IsProcess(containertypes.Isolation(hostConfig.Isolation)) { 27 return fmt.Errorf("process isolation is invalid for Linux containers on Windows") 28 } 29 hostConfig.Isolation = "hyperv" 30 } 31 parser := volumemounts.NewParser(container.OS) 32 for spec := range config.Volumes { 33 34 mp, err := parser.ParseMountRaw(spec, hostConfig.VolumeDriver) 35 if err != nil { 36 return fmt.Errorf("Unrecognised volume spec: %v", err) 37 } 38 39 // If the mountpoint doesn't have a name, generate one. 40 if len(mp.Name) == 0 { 41 mp.Name = stringid.GenerateNonCryptoID() 42 } 43 44 // Skip volumes for which we already have something mounted on that 45 // destination because of a --volume-from. 46 if container.IsDestinationMounted(mp.Destination) { 47 continue 48 } 49 50 volumeDriver := hostConfig.VolumeDriver 51 52 // Create the volume in the volume driver. If it doesn't exist, 53 // a new one will be created. 54 v, err := daemon.volumes.Create(context.TODO(), mp.Name, volumeDriver, volumeopts.WithCreateReference(container.ID)) 55 if err != nil { 56 return err 57 } 58 59 // FIXME Windows: This code block is present in the Linux version and 60 // allows the contents to be copied to the container FS prior to it 61 // being started. However, the function utilizes the FollowSymLinkInScope 62 // path which does not cope with Windows volume-style file paths. There 63 // is a separate effort to resolve this (@swernli), so this processing 64 // is deferred for now. A case where this would be useful is when 65 // a dockerfile includes a VOLUME statement, but something is created 66 // in that directory during the dockerfile processing. What this means 67 // on Windows for TP5 is that in that scenario, the contents will not 68 // copied, but that's (somewhat) OK as HCS will bomb out soon after 69 // at it doesn't support mapped directories which have contents in the 70 // destination path anyway. 71 // 72 // Example for repro later: 73 // FROM windowsservercore 74 // RUN mkdir c:\myvol 75 // RUN copy c:\windows\system32\ntdll.dll c:\myvol 76 // VOLUME "c:\myvol" 77 // 78 // Then 79 // docker build -t vol . 80 // docker run -it --rm vol cmd <-- This is where HCS will error out. 81 // 82 // // never attempt to copy existing content in a container FS to a shared volume 83 // if v.DriverName() == volume.DefaultDriverName { 84 // if err := container.CopyImagePathContent(v, mp.Destination); err != nil { 85 // return err 86 // } 87 // } 88 89 // Add it to container.MountPoints 90 container.AddMountPointWithVolume(mp.Destination, &volumeWrapper{v: v, s: daemon.volumes}, mp.RW) 91 } 92 return nil 93} 94