api/server/router/container/container_routes.go#containerRouter.postContainersCreate

  1. func (s *containerRouter) postContainersCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  2.     if err := httputils.ParseForm(r); err != nil {
  3.         return err
  4.     }
  5.     if err := httputils.CheckForJSON(r); err != nil {
  6.         return err
  7.     }
  9.     name := r.Form.Get("name")
  11.     config, hostConfig, networkingConfig, err := s.decoder.DecodeConfig(r.Body)
  12.     if err != nil {
  13.         return err
  14.     }
  15.     version := httputils.VersionFromContext(ctx)
  16.     adjustCPUShares := versions.LessThan(version, "1.19")
  18.     // When using API 1.24 and under, the client is responsible for removing the container
  19.     if hostConfig != nil && versions.LessThan(version, "1.25") {
  20.         hostConfig.AutoRemove = false
  21.     }
  23.     if hostConfig != nil && versions.LessThan(version, "1.40") {
  24.         // Ignore BindOptions.NonRecursive because it was added in API 1.40.
  25.         for _, m := range hostConfig.Mounts {
  26.             if bo := m.BindOptions; bo != nil {
  27.                 bo.NonRecursive = false
  28.             }
  29.         }
  30.         // Ignore KernelMemoryTCP because it was added in API 1.40.
  31.         hostConfig.KernelMemoryTCP = 0
  32.     }
  34.     // Ignore Capabilities because it was added in API 1.40.
  35.     if hostConfig != nil && versions.LessThan(version, "1.40") {
  36.         hostConfig.Capabilities = nil
  37.     }
  38.     // ********************************** NOTICE ********************************** //
  39.     ccr, err := s.backend.ContainerCreate(types.ContainerCreateConfig{
  40.         Name:             name,
  41.         Config:           config,
  42.         HostConfig:       hostConfig,
  43.         NetworkingConfig: networkingConfig,
  44.         AdjustCPUShares:  adjustCPUShares,
  45.     })
  46.   // ********************************** NOTICE ********************************** //
  47.     if err != nil {
  48.         return err
  49.     }
  51.     return httputils.WriteJSON(w, http.StatusCreated, ccr)
  52. }

1) daemon/create.go#Daemon.ContainerCreate

  1. // ContainerCreate creates a regular container
  2. func (daemon *Daemon) ContainerCreate(params types.ContainerCreateConfig) (containertypes.ContainerCreateCreatedBody, error) {
  3.     return daemon.containerCreate(params, false)
  4. }
  6. func (daemon *Daemon) containerCreate(params types.ContainerCreateConfig, managed bool) (containertypes.ContainerCreateCreatedBody, error) {
  7.     start := time.Now()
  8.     if params.Config == nil {
  9.         return containertypes.ContainerCreateCreatedBody{}, errdefs.InvalidParameter(errors.New("Config cannot be empty in order to create a container"))
  10.     }
  12.     os := runtime.GOOS
  13.     if params.Config.Image != "" {
  14.     // ********************************** NOTICE ********************************** //
  15.         img, err := daemon.imageService.GetImage(params.Config.Image)
  16.     // ********************************** NOTICE ********************************** //
  17.         if err == nil {
  18.             os = img.OS
  19.         }
  20.     } else {
  21.         // This mean scratch. On Windows, we can safely assume that this is a linux
  22.         // container. On other platforms, it's the host OS (which it already is)
  23.         if runtime.GOOS == "windows" && system.LCOWSupported() {
  24.             os = "linux"
  25.         }
  26.     }
  28.     warnings, err := daemon.verifyContainerSettings(os, params.HostConfig, params.Config, false)
  29.     if err != nil {
  30.         return containertypes.ContainerCreateCreatedBody{Warnings: warnings}, errdefs.InvalidParameter(err)
  31.     }
  33.     err = verifyNetworkingConfig(params.NetworkingConfig)
  34.     if err != nil {
  35.         return containertypes.ContainerCreateCreatedBody{Warnings: warnings}, errdefs.InvalidParameter(err)
  36.     }
  38.     if params.HostConfig == nil {
  39.         params.HostConfig = &containertypes.HostConfig{}
  40.     }
  41.     err = daemon.adaptContainerSettings(params.HostConfig, params.AdjustCPUShares)
  42.     if err != nil {
  43.         return containertypes.ContainerCreateCreatedBody{Warnings: warnings}, errdefs.InvalidParameter(err)
  44.     }
  45.     // ********************************** NOTICE ********************************** //
  46.     container, err := daemon.create(params, managed)
  47.   // ********************************** NOTICE ********************************** //
  48.     if err != nil {
  49.         return containertypes.ContainerCreateCreatedBody{Warnings: warnings}, err
  50.     }
  51.     containerActions.WithValues("create").UpdateSince(start)
  52.     return containertypes.ContainerCreateCreatedBody{ID: container.ID, Warnings: warnings}, nil
  53. }

1.1) daemon/images/image.go#ImageService.GetImage

  1. // GetImage returns an image corresponding to the image referred to by refOrID.
  2. func (i *ImageService) GetImage(refOrID string) (*image.Image, error) {
  3.     ref, err := reference.ParseAnyReference(refOrID)
  4.     if err != nil {
  5.         return nil, errdefs.InvalidParameter(err)
  6.     }
  7.     namedRef, ok := ref.(reference.Named)
  8.     if !ok {
  9.         digested, ok := ref.(reference.Digested)
  10.         if !ok {
  11.             return nil, ErrImageDoesNotExist{ref}
  12.         }
  13.         id := image.IDFromDigest(digested.Digest())
  14.         if img, err := i.imageStore.Get(id); err == nil {
  15.             return img, nil
  16.         }
  17.         return nil, ErrImageDoesNotExist{ref}
  18.     }
  20.     if digest, err := i.referenceStore.Get(namedRef); err == nil {
  21.         // Search the image stores to get the operating system, defaulting to host OS.
  22.         id := image.IDFromDigest(digest)
  23.         if img, err := i.imageStore.Get(id); err == nil {
  24.             return img, nil
  25.         }
  26.     }
  28.     // Search based on ID
  29.     if id, err := i.imageStore.Search(refOrID); err == nil {
  30.         img, err := i.imageStore.Get(id)
  31.         if err != nil {
  32.             return nil, ErrImageDoesNotExist{ref}
  33.         }
  34.         return img, nil
  35.     }
  37.     return nil, ErrImageDoesNotExist{ref}
  38. }

1.2) daemon/create.go#Daemon.create

  1. // Create creates a new container from the given configuration with a given name.
  2. func (daemon *Daemon) create(params types.ContainerCreateConfig, managed bool) (retC *container.Container, retErr error) {
  3.     var (
  4.         container *container.Container
  5.         img       *image.Image
  6.         imgID     image.ID
  7.         err       error
  8.     )
  10.     os := runtime.GOOS
  11.     if params.Config.Image != "" {
  12.         img, err = daemon.imageService.GetImage(params.Config.Image)
  13.         if err != nil {
  14.             return nil, err
  15.         }
  16.         if img.OS != "" {
  17.             os = img.OS
  18.         } else {
  19.             // default to the host OS except on Windows with LCOW
  20.             if runtime.GOOS == "windows" && system.LCOWSupported() {
  21.                 os = "linux"
  22.             }
  23.         }
  24.         imgID = img.ID()
  26.         if runtime.GOOS == "windows" && img.OS == "linux" && !system.LCOWSupported() {
  27.             return nil, errors.New("operating system on which parent image was created is not Windows")
  28.         }
  29.     } else {
  30.         if runtime.GOOS == "windows" {
  31.             os = "linux" // 'scratch' case.
  32.         }
  33.     }
  35.     if err := daemon.mergeAndVerifyConfig(params.Config, img); err != nil {
  36.         return nil, errdefs.InvalidParameter(err)
  37.     }
  39.     if err := daemon.mergeAndVerifyLogConfig(&params.HostConfig.LogConfig); err != nil {
  40.         return nil, errdefs.InvalidParameter(err)
  41.     }
  43.   // ********************************** NOTICE ********************************** //
  44.     if container, err = daemon.newContainer(params.Name, os, params.Config, params.HostConfig, imgID, managed); err != nil {
  45.     // ********************************** NOTICE ********************************** //
  46.         return nil, err
  47.     }
  48.     defer func() {
  49.         if retErr != nil {
  50.             if err := daemon.cleanupContainer(container, true, true); err != nil {
  51.                 logrus.Errorf("failed to cleanup container on create error: %v", err)
  52.             }
  53.         }
  54.     }()
  56.     if err := daemon.setSecurityOptions(container, params.HostConfig); err != nil {
  57.         return nil, err
  58.     }
  60.     container.HostConfig.StorageOpt = params.HostConfig.StorageOpt
  62.     // Fixes: https://github.com/moby/moby/issues/34074 and
  63.     // https://github.com/docker/for-win/issues/999.
  64.     // Merge the daemon's storage options if they aren't already present. We only
  65.     // do this on Windows as there's no effective sandbox size limit other than
  66.     // physical on Linux.
  67.     if runtime.GOOS == "windows" {
  68.         if container.HostConfig.StorageOpt == nil {
  69.             container.HostConfig.StorageOpt = make(map[string]string)
  70.         }
  71.         for _, v := range daemon.configStore.GraphOptions {
  72.             opt := strings.SplitN(v, "=", 2)
  73.             if _, ok := container.HostConfig.StorageOpt[opt[0]]; !ok {
  74.                 container.HostConfig.StorageOpt[opt[0]] = opt[1]
  75.             }
  76.         }
  77.     }
  79.     // Set RWLayer for container after mount labels have been set
  80.     rwLayer, err := daemon.imageService.CreateLayer(container, setupInitLayer(daemon.idMapping))
  81.     if err != nil {
  82.         return nil, errdefs.System(err)
  83.     }
  84.     container.RWLayer = rwLayer
  86.     rootIDs := daemon.idMapping.RootPair()
  88.     if err := idtools.MkdirAndChown(container.Root, 0700, rootIDs); err != nil {
  89.         return nil, err
  90.     }
  91.     if err := idtools.MkdirAndChown(container.CheckpointDir(), 0700, rootIDs); err != nil {
  92.         return nil, err
  93.     }
  95.     if err := daemon.setHostConfig(container, params.HostConfig); err != nil {
  96.         return nil, err
  97.     }
  99.     if err := daemon.createContainerOSSpecificSettings(container, params.Config, params.HostConfig); err != nil {
  100.         return nil, err
  101.     }
  103.     var endpointsConfigs map[string]*networktypes.EndpointSettings
  104.     if params.NetworkingConfig != nil {
  105.         endpointsConfigs = params.NetworkingConfig.EndpointsConfig
  106.     }
  107.     // Make sure NetworkMode has an acceptable value. We do this to ensure
  108.     // backwards API compatibility.
  109.     runconfig.SetDefaultNetModeIfBlank(container.HostConfig)
  111.     daemon.updateContainerNetworkSettings(container, endpointsConfigs)
  112.   // ********************************** NOTICE ********************************** //
  113.     if err := daemon.Register(container); err != nil {
  114.     // ********************************** NOTICE ********************************** //
  115.         return nil, err
  116.     }
  117.     stateCtr.set(container.ID, "stopped")
  118.     daemon.LogContainerEvent(container, "create")
  119.     return container, nil
  120. }

1.2.1) daemon/container.go#Daemon.newContainer

  1. func (daemon *Daemon) newContainer(name string, operatingSystem string, config *containertypes.Config, hostConfig *containertypes.HostConfig, imgID image.ID, managed bool) (*container.Container, error) {
  2.     var (
  3.         id             string
  4.         err            error
  5.         noExplicitName = name == ""
  6.     )
  7.     id, name, err = daemon.generateIDAndName(name)
  8.     if err != nil {
  9.         return nil, err
  10.     }
  12.     if hostConfig.NetworkMode.IsHost() {
  13.         if config.Hostname == "" {
  14.             config.Hostname, err = os.Hostname()
  15.             if err != nil {
  16.                 return nil, errdefs.System(err)
  17.             }
  18.         }
  19.     } else {
  20.         daemon.generateHostname(id, config)
  21.     }
  22.     entrypoint, args := daemon.getEntrypointAndArgs(config.Entrypoint, config.Cmd)
  24.   // ********************************** NOTICE ********************************** //
  25.     base := daemon.newBaseContainer(id)
  26.   // ********************************** NOTICE ********************************** //
  27.     base.Created = time.Now().UTC()
  28.     base.Managed = managed
  29.     base.Path = entrypoint
  30.     base.Args = args //FIXME: de-duplicate from config
  31.     base.Config = config
  32.     base.HostConfig = &containertypes.HostConfig{}
  33.     base.ImageID = imgID
  34.     base.NetworkSettings = &network.Settings{IsAnonymousEndpoint: noExplicitName}
  35.     base.Name = name
  36.     base.Driver = daemon.imageService.GraphDriverForOS(operatingSystem)
  37.     base.OS = operatingSystem
  38.     return base, err
  39. }
  41. // newBaseContainer creates a new container with its initial
  42. // configuration based on the root storage from the daemon.
  43. func (daemon *Daemon) newBaseContainer(id string) *container.Container {
  44.   // ********************************** NOTICE ********************************** //
  45.     return container.NewBaseContainer(id, daemon.containerRoot(id))
  46.   // ********************************** NOTICE ********************************** //
  47. }
  49. // NewBaseContainer creates a new container with its
  50. // basic configuration.
  51. func NewBaseContainer(id, root string) *Container {
  52.     return &Container{
  53.         ID:            id,
  54.         State:         NewState(),
  55.         ExecCommands:  exec.NewStore(),
  56.         Root:          root,
  57.         MountPoints:   make(map[string]*volumemounts.MountPoint),
  58.         StreamConfig:  stream.NewConfig(),
  59.         attachContext: &attachContext{},
  60.     }
  61. }

1.2.2) daemon/container.go#Daemon.Register

  1. // Register makes a container object usable by the daemon as <container.ID>
  2. func (daemon *Daemon) Register(c *container.Container) error {
  3.     // Attach to stdout and stderr
  4.     if c.Config.OpenStdin {
  5.         c.StreamConfig.NewInputPipes()
  6.     } else {
  7.         c.StreamConfig.NewNopInputPipe()
  8.     }
  10.     // once in the memory store it is visible to other goroutines
  11.     // grab a Lock until it has been checkpointed to avoid races
  12.     c.Lock()
  13.     defer c.Unlock()
  14.     // ********************************** NOTICE ********************************** //
  15.     daemon.containers.Add(c.ID, c)
  16.   daemon.idIndex.Add(c.ID)
  17.   // ********************************** NOTICE ********************************** //
  18.     return c.CheckpointTo(daemon.containersReplica)
  19. }

1.2.2.1) container/memory_store.go#memoryStore.Add

  1. // Store defines an interface that
  2. // any container store must implement.
  3. type Store interface {
  4.     // Add appends a new container to the store.
  5.     Add(string, *Container)
  6.     // Get returns a container from the store by the identifier it was stored with.
  7.     Get(string) *Container
  8.     // Delete removes a container from the store by the identifier it was stored with.
  9.     Delete(string)
  10.     // List returns a list of containers from the store.
  11.     List() []*Container
  12.     // Size returns the number of containers in the store.
  13.     Size() int
  14.     // First returns the first container found in the store by a given filter.
  15.     First(StoreFilter) *Container
  16.     // ApplyAll calls the reducer function with every container in the store.
  17.     ApplyAll(StoreReducer)
  18. }
  1. // memoryStore implements a Store in memory.
  2. type memoryStore struct {
  3.     s map[string]*Container
  4.     sync.RWMutex
  5. }
  7. // Add appends a new container to the memory store.
  8. // It overrides the id if it existed before.
  9. func (c *memoryStore) Add(id string, cont *Container) {
  10.     c.Lock()
  11.     c.s[id] = cont
  12.     c.Unlock()
  13. }