server

package

v0.0.0-...-57637f8 Latest Latest Go to latest Published: Feb 6, 2018 License: Apache-2.0 Imports: 72 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/14rcole/cri-o

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func SysctlsFromPodAnnotations(a map[string]string) ([]Sysctl, []Sysctl, error)
type APIConfig
type Config
- func DefaultConfig() *Config
- func (c *Config) ToFile(path string) error
- func (c *Config) UpdateFromFile(path string) error
type SecretData
- func (s SecretData) SaveTo(dir string) error
type Server
- func New(config *Config) (*Server, error)
type Sysctl
- func SysctlsFromPodAnnotation(annotation string) ([]Sysctl, error)

Constants ¶

View Source

const (
	AttachPipeStdin  = 1
	AttachPipeStdout = 2
	AttachPipeStderr = 3
)

Sync with stdpipe_t in conmon.c

View Source

const (
	// PodInfraOOMAdj is the value that we set for oom score adj for
	// the pod infra container.
	// TODO: Remove this const once this value is provided over CRI
	// See https://github.com/kubernetes/kubernetes/issues/47938
	PodInfraOOMAdj int = -998
	// PodInfraCPUshares is default cpu shares for sandbox container.
	PodInfraCPUshares = 2
)

View Source

const (
	// SysctlsPodAnnotationKey represents the key of sysctls which are set for the infrastructure
	// container of a pod. The annotation value is a comma separated list of sysctl_name=value
	// key-value pairs. Only a limited set of whitelisted and isolated sysctls is supported by
	// the kubelet. Pods with other sysctls will fail to launch.
	SysctlsPodAnnotationKey string = "security.alpha.kubernetes.io/sysctls"

	// UnsafeSysctlsPodAnnotationKey represents the key of sysctls which are set for the infrastructure
	// container of a pod. The annotation value is a comma separated list of sysctl_name=value
	// key-value pairs. Unsafe sysctls must be explicitly enabled for a kubelet. They are properly
	// namespaced to a pod or a container, but their isolation is usually unclear or weak. Their use
	// is at-your-own-risk. Pods that attempt to set an unsafe sysctl that is not enabled for a kubelet
	// will fail to launch.
	UnsafeSysctlsPodAnnotationKey string = "security.alpha.kubernetes.io/unsafe-sysctls"
)

View Source

const CrioConfigPath = "/etc/crio/crio.conf"

CrioConfigPath is the default location for the conf file

Variables ¶

This section is empty.

Functions ¶

func SysctlsFromPodAnnotations ¶

func SysctlsFromPodAnnotations(a map[string]string) ([]Sysctl, []Sysctl, error)

SysctlsFromPodAnnotations parses the sysctl annotations into a slice of safe Sysctls and a slice of unsafe Sysctls. This is only a convenience wrapper around SysctlsFromPodAnnotation.

Types ¶

type APIConfig ¶

type APIConfig struct {
	// Listen is the path to the AF_LOCAL socket on which cri-o will listen.
	// This may support proto://addr formats later, but currently this is just
	// a path.
	Listen string `toml:"listen"`

	// StreamAddress is the IP address on which the stream server will listen.
	StreamAddress string `toml:"stream_address"`

	// StreamPort is the port on which the stream server will listen.
	StreamPort string `toml:"stream_port"`
}

APIConfig represents the "crio.api" TOML config table.

type Config ¶

type Config struct {
	lib.Config
	APIConfig
}

Config represents the entire set of configuration values that can be set for the server. This is intended to be loaded from a toml-encoded config file.

func DefaultConfig ¶

func DefaultConfig() *Config

DefaultConfig returns the default configuration for crio.

func (*Config) ToFile ¶

func (c *Config) ToFile(path string) error

ToFile outputs the given Config as a TOML-encoded file at the given path. Returns errors encountered when generating or writing the file, or nil otherwise.

func (*Config) UpdateFromFile ¶

func (c *Config) UpdateFromFile(path string) error

UpdateFromFile populates the Config from the TOML-encoded file at the given path. Returns errors encountered when reading or parsing the files, or nil otherwise.

type SecretData ¶

type SecretData struct {
	Name string
	Data []byte
}

SecretData info

func (SecretData) SaveTo ¶

func (s SecretData) SaveTo(dir string) error

SaveTo saves secret data to given directory

type Server ¶

type Server struct {
	*lib.ContainerServer
	// contains filtered or unexported fields
}

Server implements the RuntimeService and ImageService

func New ¶

func New(config *Config) (*Server, error)

New creates a new Server with options provided

func (*Server) Attach ¶

func (s *Server) Attach(ctx context.Context, req *pb.AttachRequest) (resp *pb.AttachResponse, err error)

Attach prepares a streaming endpoint to attach to a running container.

func (*Server) BindAddress ¶

func (s *Server) BindAddress() string

BindAddress is used to retrieve host's IP

func (*Server) ContainerStats ¶

func (s *Server) ContainerStats(ctx context.Context, req *pb.ContainerStatsRequest) (resp *pb.ContainerStatsResponse, err error)

ContainerStats returns stats of the container. If the container does not exist, the call returns an error.

func (*Server) ContainerStatus ¶

func (s *Server) ContainerStatus(ctx context.Context, req *pb.ContainerStatusRequest) (resp *pb.ContainerStatusResponse, err error)

ContainerStatus returns status of the container.

func (*Server) CreateContainer ¶

func (s *Server) CreateContainer(ctx context.Context, req *pb.CreateContainerRequest) (res *pb.CreateContainerResponse, err error)

CreateContainer creates a new container in specified PodSandbox

func (*Server) CreateMetricsEndpoint ¶

func (s *Server) CreateMetricsEndpoint() (*http.ServeMux, error)

CreateMetricsEndpoint creates a /metrics endpoint for prometheus monitoring

func (*Server) Exec ¶

func (s *Server) Exec(ctx context.Context, req *pb.ExecRequest) (resp *pb.ExecResponse, err error)

Exec prepares a streaming endpoint to execute a command in the container.

func (*Server) ExecSync ¶

func (s *Server) ExecSync(ctx context.Context, req *pb.ExecSyncRequest) (resp *pb.ExecSyncResponse, err error)

ExecSync runs a command in a container synchronously.

func (*Server) ExitMonitorCloseChan ¶

func (s *Server) ExitMonitorCloseChan() chan struct{}

ExitMonitorCloseChan returns the close chan for the exit monitor

func (*Server) GetAttach ¶

func (s *Server) GetAttach(req *pb.AttachRequest) (*pb.AttachResponse, error)

GetAttach returns attach stream request

func (*Server) GetContainer ¶

func (s *Server) GetContainer(id string) *oci.Container

GetContainer returns a container by its ID

func (*Server) GetExec ¶

func (s *Server) GetExec(req *pb.ExecRequest) (*pb.ExecResponse, error)

GetExec returns exec stream request

func (*Server) GetInfoMux ¶

func (s *Server) GetInfoMux() *bone.Mux

GetInfoMux returns the mux used to serve info requests

func (*Server) GetPortForward ¶

func (s *Server) GetPortForward(req *pb.PortForwardRequest) (*pb.PortForwardResponse, error)

GetPortForward returns port forward stream request

func (*Server) GetSandboxContainer ¶

func (s *Server) GetSandboxContainer(id string) *oci.Container

GetSandboxContainer returns the infra container for a given sandbox

func (*Server) ImageFsInfo ¶

func (s *Server) ImageFsInfo(ctx context.Context, req *pb.ImageFsInfoRequest) (resp *pb.ImageFsInfoResponse, err error)

ImageFsInfo returns information of the filesystem that is used to store images.

func (*Server) ImageStatus ¶

func (s *Server) ImageStatus(ctx context.Context, req *pb.ImageStatusRequest) (resp *pb.ImageStatusResponse, err error)

ImageStatus returns the status of the image.

func (*Server) ListContainerStats ¶

func (s *Server) ListContainerStats(ctx context.Context, req *pb.ListContainerStatsRequest) (resp *pb.ListContainerStatsResponse, err error)

ListContainerStats returns stats of all running containers.

func (*Server) ListContainers ¶

func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersRequest) (resp *pb.ListContainersResponse, err error)

ListContainers lists all containers by filters.

func (*Server) ListImages ¶

func (s *Server) ListImages(ctx context.Context, req *pb.ListImagesRequest) (resp *pb.ListImagesResponse, err error)

ListImages lists existing images.

func (*Server) ListPodSandbox ¶

func (s *Server) ListPodSandbox(ctx context.Context, req *pb.ListPodSandboxRequest) (resp *pb.ListPodSandboxResponse, err error)

ListPodSandbox returns a list of SandBoxes.

func (*Server) PodSandboxStatus ¶

func (s *Server) PodSandboxStatus(ctx context.Context, req *pb.PodSandboxStatusRequest) (resp *pb.PodSandboxStatusResponse, err error)

PodSandboxStatus returns the Status of the PodSandbox.

func (*Server) PortForward ¶

func (s *Server) PortForward(ctx context.Context, req *pb.PortForwardRequest) (resp *pb.PortForwardResponse, err error)

PortForward prepares a streaming endpoint to forward ports from a PodSandbox.

func (*Server) PullImage ¶

func (s *Server) PullImage(ctx context.Context, req *pb.PullImageRequest) (resp *pb.PullImageResponse, err error)

PullImage pulls a image with authentication config.

func (*Server) RemoveContainer ¶

func (s *Server) RemoveContainer(ctx context.Context, req *pb.RemoveContainerRequest) (resp *pb.RemoveContainerResponse, err error)

RemoveContainer removes the container. If the container is running, the container should be force removed.

func (*Server) RemoveImage ¶

func (s *Server) RemoveImage(ctx context.Context, req *pb.RemoveImageRequest) (resp *pb.RemoveImageResponse, err error)

RemoveImage removes the image.

func (*Server) RemovePodSandbox ¶

func (s *Server) RemovePodSandbox(ctx context.Context, req *pb.RemovePodSandboxRequest) (resp *pb.RemovePodSandboxResponse, err error)

RemovePodSandbox deletes the sandbox. If there are any running containers in the sandbox, they should be force deleted.

func (*Server) RunPodSandbox ¶

func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest) (resp *pb.RunPodSandboxResponse, err error)

RunPodSandbox creates and runs a pod-level sandbox.

func (*Server) Shutdown ¶

func (s *Server) Shutdown() error

Shutdown attempts to shut down the server's storage cleanly

func (*Server) StartContainer ¶

func (s *Server) StartContainer(ctx context.Context, req *pb.StartContainerRequest) (resp *pb.StartContainerResponse, err error)

StartContainer starts the container.

func (*Server) StartExitMonitor ¶

func (s *Server) StartExitMonitor()

StartExitMonitor start a routine that monitors container exits and updates the container status

func (*Server) Status ¶

func (s *Server) Status(ctx context.Context, req *pb.StatusRequest) (resp *pb.StatusResponse, err error)

Status returns the status of the runtime

func (*Server) StopAllPodSandboxes ¶

func (s *Server) StopAllPodSandboxes()

StopAllPodSandboxes removes all pod sandboxes

func (*Server) StopContainer ¶

func (s *Server) StopContainer(ctx context.Context, req *pb.StopContainerRequest) (resp *pb.StopContainerResponse, err error)

StopContainer stops a running container with a grace period (i.e., timeout).

func (*Server) StopExitMonitor ¶

func (s *Server) StopExitMonitor()

StopExitMonitor stops the exit monitor

func (*Server) StopPodSandbox ¶

func (s *Server) StopPodSandbox(ctx context.Context, req *pb.StopPodSandboxRequest) (resp *pb.StopPodSandboxResponse, err error)

StopPodSandbox stops the sandbox. If there are any running containers in the sandbox, they should be force terminated.

func (*Server) StopStreamServer ¶

func (s *Server) StopStreamServer() error

StopStreamServer stops the stream server

func (*Server) StreamingServerCloseChan ¶

func (s *Server) StreamingServerCloseChan() chan struct{}

StreamingServerCloseChan returns the close channel for the streaming server

func (*Server) Update ¶

func (s *Server) Update()

Update makes changes to the server's state (lists of pods and containers) to reflect the list of pods and containers that are stored on disk, possibly having been modified by other parties

func (*Server) UpdateContainerResources ¶

func (s *Server) UpdateContainerResources(ctx context.Context, req *pb.UpdateContainerResourcesRequest) (resp *pb.UpdateContainerResourcesResponse, err error)

UpdateContainerResources updates ContainerConfig of the container.

func (*Server) UpdateRuntimeConfig ¶

func (s *Server) UpdateRuntimeConfig(ctx context.Context, req *pb.UpdateRuntimeConfigRequest) (resp *pb.UpdateRuntimeConfigResponse, err error)

UpdateRuntimeConfig updates the configuration of a running container.

func (*Server) Version ¶

func (s *Server) Version(ctx context.Context, req *pb.VersionRequest) (resp *pb.VersionResponse, err error)

Version returns the runtime name, runtime version and runtime API version

type Sysctl ¶

type Sysctl struct {
	// Name of a property to set
	Name string `json:"name"`
	// Value of a property to set
	Value string `json:"value"`
}

Sysctl defines a kernel parameter to be set

func SysctlsFromPodAnnotation ¶

func SysctlsFromPodAnnotation(annotation string) ([]Sysctl, error)

SysctlsFromPodAnnotation parses an annotation value into a slice of Sysctls.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
apparmor
metrics
seccomp

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL