Jake Hillion
a2cbe9dc54
All checks were successful
continuous-integration/drone/push Build is passing
|
||
---|---|---|
.vscode | ||
benches | ||
examples | ||
src | ||
.clang-format | ||
.drone.yml | ||
.gitignore | ||
build.rs | ||
Cargo.lock | ||
Cargo.toml | ||
LICENSE | ||
README.md |
clone-shim
Running the examples
examples/fib
The fib example performs fibonacci trivially on a fixed number. It is the most basic example of a process that requires no privilege, excluding Stdout
to print the result.
To run this example:
cargo build
cargo build --example fib
target/debug/clone-shim -s examples/fib/spec.json target/debug/examples/fib
examples/basic
The basic example instructs the shim to spawn two processes, each of which writes "hello from main{1,2}!" to stdout.
To run this example:
cargo build
cargo build --example basic
target/debug/clone-shim -s examples/basic/spec.json target/debug/examples/basic
examples/pipes
The pipes example shows some of the power of the shim by using pipes. The process "pipe_sender" sends two messages down a pipe that it's given by the shim. These two messages each spawn a completely isolated process, "pipe_receiver", that receives that message.
To run this example:
cargo build
cargo build --example pipes
target/debug/clone-shim -s examples/pipes/spec.json target/debug/examples/pipes
examples/pipes
The pipes example shows some of the power of the shim by using pipes. The process "pipe_sender" sends two messages down a pipe that it's given by the shim. These two messages each spawn a completely isolated process, "pipe_receiver", that receives that message.
To run this example:
cargo build
cargo build --example tls
target/debug/clone-shim -s examples/tls/spec.json target/debug/examples/tls
Debugging the shim
The shim can be debugged as with most processes, but it is exceptionally forky. Breaking before a clone in rust-gdb
then running set follow-fork-mode child
is often necessary. The best approach is to go in with a plan of attack.
Debugging the child
Debugging the child processes is vastly more difficult than in other more Linux-like containerisation solutions.
The --debug
flag on the shim attempts to stop application spawned processes as soon as they are voided. This gives you a chance to attach with a debugger.
The debugger must be run from the ambient namespace and not within the void, as none of the prerequisites will exist within the void.
Good luck!