jobs

package
v0.0.0-...-5f4265e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2015 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Job implementations for core API. Container jobs control container related actions on a server. Each request object has a default implementation on Linux via systemd, and a structured response if necessary. The Execute() method is separated so that client code and server code can share common sanity checks.

Index

Constants

View Source 
const ContentTypeEnvironment = "env"
View Source 
const (
	DefaultSlice string = "container-small"
)
View Source 
const PendingPortMappingName = "PortMapping"

Variables

View Source 
var (
	ErrContainerNotFound       = jobs.SimpleError{jobs.ResponseNotFound, "The specified container does not exist."}
	ErrContainerAlreadyExists  = jobs.SimpleError{jobs.ResponseAlreadyExists, "A container with this identifier already exists."}
	ErrContainerStartFailed    = jobs.SimpleError{jobs.ResponseError, "Unable to start this container."}
	ErrContainerStopFailed     = jobs.SimpleError{jobs.ResponseError, "Unable to stop this container."}
	ErrContainerRestartFailed  = jobs.SimpleError{jobs.ResponseError, "Unable to restart this container."}
	ErrEnvironmentNotFound     = jobs.SimpleError{jobs.ResponseNotFound, "Unable to find the requested environment."}
	ErrEnvironmentUpdateFailed = jobs.SimpleError{jobs.ResponseError, "Unable to update the specified environment."}
	ErrListImagesFailed        = jobs.SimpleError{jobs.ResponseError, "Unable to list docker images."}
	ErrListContainersFailed    = jobs.SimpleError{jobs.ResponseError, "Unable to list the installed containers."}
	ErrStartRequestThrottled   = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to start."}
	ErrStopRequestThrottled    = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to stop."}
	ErrRestartRequestThrottled = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to restart or the state is currently changing."}
	ErrLinkContainersFailed    = jobs.SimpleError{jobs.ResponseError, "Not all links could be set."}
	ErrDeleteContainerFailed   = jobs.SimpleError{jobs.ResponseError, "Unable to delete the container."}

	ErrContainerCreateFailed              = jobs.SimpleError{jobs.ResponseError, "Unable to create container."}
	ErrContainerCreateFailedInvalidSlice  = jobs.SimpleError{jobs.ResponseError, "Provided systemd slice is not installed on system."}
	ErrContainerCreateFailedPortsReserved = jobs.SimpleError{jobs.ResponseError, "Unable to create container: some ports could not be reserved."}
)

Functions

This section is empty.

Types

type BuildImageRequest 

type BuildImageRequest struct {
	Name         string
	Source       string
	Tag          string
	BaseImage    string
	RuntimeImage string
	Clean        bool
	Verbose      bool
	CallbackUrl  string
}

func (*BuildImageRequest) Check 

func (e *BuildImageRequest) Check() error

type ContainerLogRequest 

type ContainerLogRequest struct {
	Id containers.Identifier
}

type ContainerPortsRequest 

type ContainerPortsRequest struct {
	Id containers.Identifier
}

type ContainerPortsResponse 

type ContainerPortsResponse struct {
	Ports port.PortPairs
}

type ContainerStatusRequest 

type ContainerStatusRequest struct {
	Id containers.Identifier
}

type ContainerUnitResponse 

type ContainerUnitResponse struct {
	UnitResponse
	LoadState string
	JobType   string `json:"JobType,omitempty"`
	// Used by consumers
	Server string `json:"Server,omitempty"`
}

type ContainerUnitResponses 

type ContainerUnitResponses []ContainerUnitResponse

func (ContainerUnitResponses) Len 

func (c ContainerUnitResponses) Len() int

func (ContainerUnitResponses) Less 

func (c ContainerUnitResponses) Less(a, b int) bool

func (ContainerUnitResponses) Swap 

func (c ContainerUnitResponses) Swap(a, b int)

type ContentRequest 

type ContentRequest struct {
	Type    string
	Locator string
	Subpath string
}

type DeleteContainerRequest 

type DeleteContainerRequest struct {
	Id containers.Identifier
}

type GetEnvironmentRequest 

type GetEnvironmentRequest struct {
	Id containers.Identifier
}

type InstallContainerRequest 

type InstallContainerRequest struct {
	jobs.RequestIdentifier `json:"-"`

	Id    containers.Identifier
	Image string

	// A simple container is allowed to default to normal Docker
	// options like -P.  If simple is true no user or home
	// directory is created and SSH is not available
	Simple bool
	// Should this container be run in an isolated fashion
	// (separate user, permission changes)
	Isolate bool
	// Should this container be run in a socket activated fashion
	// Implies Isolated (separate user, permission changes,
	// no port forwarding, socket activated).
	// If UseSocketProxy then socket files are proxies to the
	// appropriate port
	SocketActivation bool
	SkipSocketProxy  bool

	Ports        port.PortPairs
	Environment  *containers.EnvironmentDescription
	NetworkLinks *containers.NetworkLinks
	VolumeConfig *containers.VolumeConfig

	// Should the container be started by default
	Started bool

	// name of systemd slice unit to associate with container
	SystemdSlice string
}

Installing a Container

This job will install a given container definition as a systemd service unit, or update the existing definition if one already exists.

There are a number of run modes for containers. Some options the caller must decide:

  • Is the container transient? Should stop remove any data not in a volume - accomplished by running as a specific user, and by using 'docker run --rm' as ExecStart=
  • Is the container isolated from the rest of the system? Some use cases involve the container having access to the host disk or sockets to perform system roles. Otherwise, where possible containers should be fully isolated from the host via SELinux, user namespaces, and capability dropping.
  • Is the container hooked up to other containers? The defined unit should allow regular docker linking (name based pairing), the iptable-based SDN implemented here, and the propagation to the container environment of that configuration (whether as ENV vars or a file).

Isolated containers:

An isolated container runs in a way that protects it from other containers on the system. At a minimum today this means:

  1. Create a user to represent the container, and run the process in the container as that user. Avoids root compromise
  2. Assign a unique MCS category label to the container.

In the future the need for #1 is removed by user namespaces, although given the relative immaturity of that function in the kernel at the present time it is not considered sufficiently secure for production use.

func (*InstallContainerRequest) Check 

func (req *InstallContainerRequest) Check() error

func (*InstallContainerRequest) PortMappingsFrom 

func (j *InstallContainerRequest) PortMappingsFrom(pending map[string]interface{}) (port.PortPairs, bool)

type LinkContainersRequest 

type LinkContainersRequest struct {
	*containers.ContainerLinks
}

type ListBuildsRequest 

type ListBuildsRequest struct{}

type ListBuildsResponse 

type ListBuildsResponse struct {
	Builds UnitResponses
}

type ListContainersRequest 

type ListContainersRequest struct {
	IncludeInactive bool
}

type ListContainersResponse 

type ListContainersResponse struct {
	Containers ContainerUnitResponses
}

func (*ListContainersResponse) Append 

func (r *ListContainersResponse) Append(other *ListContainersResponse)

func (*ListContainersResponse) Sort 

func (r *ListContainersResponse) Sort()

func (*ListContainersResponse) WriteTableTo 

func (l *ListContainersResponse) WriteTableTo(w io.Writer) error

type ListImagesRequest 

type ListImagesRequest struct {
	DockerSocket string
}

type ListServerContainersResponse 

type ListServerContainersResponse struct {
	ListContainersResponse
}

func (*ListServerContainersResponse) WriteTableTo 

func (l *ListServerContainersResponse) WriteTableTo(w io.Writer) error

type PatchEnvironmentRequest 

type PatchEnvironmentRequest struct {
	containers.EnvironmentDescription
}

type PurgeContainersRequest 

type PurgeContainersRequest struct{}

type PutEnvironmentRequest 

type PutEnvironmentRequest struct {
	containers.EnvironmentDescription
}

type RestartContainerRequest 

type RestartContainerRequest struct {
	Id containers.Identifier
}

type RunContainerRequest 

type RunContainerRequest struct {
	Name      string
	Image     string
	Command   string
	Arguments []string
}

func (*RunContainerRequest) Check 

func (e *RunContainerRequest) Check() error

type StartedContainerStateRequest 

type StartedContainerStateRequest struct {
	Id containers.Identifier
}

type StoppedContainerStateRequest 

type StoppedContainerStateRequest struct {
	Id   containers.Identifier
	Wait bool
}

type UnitResponse 

type UnitResponse struct {
	Id          string
	ActiveState string
	SubState    string
}

type UnitResponses 

type UnitResponses []UnitResponse

func (UnitResponses) Len 

func (c UnitResponses) Len() int

func (UnitResponses) Less 

func (c UnitResponses) Less(a, b int) bool

func (UnitResponses) Swap 

func (c UnitResponses) Swap(a, b int)

Source Files

View all Source files

Directories

Path Synopsis
Provides linux implementations of container jobs.
 Provides linux implementations of container jobs.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.