jobs

package
v0.0.0-...-5f4265e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2015 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Job implementations for core API. Container jobs control container related actions on a server. Each request object has a default implementation on Linux via systemd, and a structured response if necessary. The Execute() method is separated so that client code and server code can share common sanity checks.

Index

Constants

View Source
const ContentTypeEnvironment = "env"
View Source
const (
	DefaultSlice string = "container-small"
)
View Source
const PendingPortMappingName = "PortMapping"

Variables

View Source
var (
	ErrContainerNotFound       = jobs.SimpleError{jobs.ResponseNotFound, "The specified container does not exist."}
	ErrContainerAlreadyExists  = jobs.SimpleError{jobs.ResponseAlreadyExists, "A container with this identifier already exists."}
	ErrContainerStartFailed    = jobs.SimpleError{jobs.ResponseError, "Unable to start this container."}
	ErrContainerStopFailed     = jobs.SimpleError{jobs.ResponseError, "Unable to stop this container."}
	ErrContainerRestartFailed  = jobs.SimpleError{jobs.ResponseError, "Unable to restart this container."}
	ErrEnvironmentNotFound     = jobs.SimpleError{jobs.ResponseNotFound, "Unable to find the requested environment."}
	ErrEnvironmentUpdateFailed = jobs.SimpleError{jobs.ResponseError, "Unable to update the specified environment."}
	ErrListImagesFailed        = jobs.SimpleError{jobs.ResponseError, "Unable to list docker images."}
	ErrListContainersFailed    = jobs.SimpleError{jobs.ResponseError, "Unable to list the installed containers."}
	ErrStartRequestThrottled   = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to start."}
	ErrStopRequestThrottled    = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to stop."}
	ErrRestartRequestThrottled = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to restart or the state is currently changing."}
	ErrLinkContainersFailed    = jobs.SimpleError{jobs.ResponseError, "Not all links could be set."}
	ErrDeleteContainerFailed   = jobs.SimpleError{jobs.ResponseError, "Unable to delete the container."}

	ErrContainerCreateFailed              = jobs.SimpleError{jobs.ResponseError, "Unable to create container."}
	ErrContainerCreateFailedInvalidSlice  = jobs.SimpleError{jobs.ResponseError, "Provided systemd slice is not installed on system."}
	ErrContainerCreateFailedPortsReserved = jobs.SimpleError{jobs.ResponseError, "Unable to create container: some ports could not be reserved."}
)

Functions

This section is empty.

Types

type BuildImageRequest

type BuildImageRequest struct {
	Name         string
	Source       string
	Tag          string
	BaseImage    string
	RuntimeImage string
	Clean        bool
	Verbose      bool
	CallbackUrl  string
}

func (*BuildImageRequest) Check

func (e *BuildImageRequest) Check() error

type ContainerLogRequest

type ContainerLogRequest struct {
	Id containers.Identifier
}

type ContainerPortsRequest

type ContainerPortsRequest struct {
	Id containers.Identifier
}

type ContainerPortsResponse

type ContainerPortsResponse struct {
	Ports port.PortPairs
}

type ContainerStatusRequest

type ContainerStatusRequest struct {
	Id containers.Identifier
}

type ContainerUnitResponse

type ContainerUnitResponse struct {
	UnitResponse
	LoadState string
	JobType   string `json:"JobType,omitempty"`
	// Used by consumers
	Server string `json:"Server,omitempty"`
}

type ContainerUnitResponses

type ContainerUnitResponses []ContainerUnitResponse

func (ContainerUnitResponses) Len

func (c ContainerUnitResponses) Len() int

func (ContainerUnitResponses) Less

func (c ContainerUnitResponses) Less(a, b int) bool

func (ContainerUnitResponses) Swap

func (c ContainerUnitResponses) Swap(a, b int)

type ContentRequest

type ContentRequest struct {
	Type    string
	Locator string
	Subpath string
}

type DeleteContainerRequest

type DeleteContainerRequest struct {
	Id containers.Identifier
}

type GetEnvironmentRequest

type GetEnvironmentRequest struct {
	Id containers.Identifier
}

type InstallContainerRequest

type InstallContainerRequest struct {
	jobs.RequestIdentifier `json:"-"`

	Id    containers.Identifier
	Image string

	// A simple container is allowed to default to normal Docker
	// options like -P.  If simple is true no user or home
	// directory is created and SSH is not available
	Simple bool
	// Should this container be run in an isolated fashion
	// (separate user, permission changes)
	Isolate bool
	// Should this container be run in a socket activated fashion
	// Implies Isolated (separate user, permission changes,
	// no port forwarding, socket activated).
	// If UseSocketProxy then socket files are proxies to the
	// appropriate port
	SocketActivation bool
	SkipSocketProxy  bool

	Ports        port.PortPairs
	Environment  *containers.EnvironmentDescription
	NetworkLinks *containers.NetworkLinks
	VolumeConfig *containers.VolumeConfig

	// Should the container be started by default
	Started bool

	// name of systemd slice unit to associate with container
	SystemdSlice string
}

Installing a Container

This job will install a given container definition as a systemd service unit, or update the existing definition if one already exists.

There are a number of run modes for containers. Some options the caller must decide:

  • Is the container transient? Should stop remove any data not in a volume - accomplished by running as a specific user, and by using 'docker run --rm' as ExecStart=
  • Is the container isolated from the rest of the system? Some use cases involve the container having access to the host disk or sockets to perform system roles. Otherwise, where possible containers should be fully isolated from the host via SELinux, user namespaces, and capability dropping.
  • Is the container hooked up to other containers? The defined unit should allow regular docker linking (name based pairing), the iptable-based SDN implemented here, and the propagation to the container environment of that configuration (whether as ENV vars or a file).

Isolated containers:

An isolated container runs in a way that protects it from other containers on the system. At a minimum today this means:

  1. Create a user to represent the container, and run the process in the container as that user. Avoids root compromise
  2. Assign a unique MCS category label to the container.

In the future the need for #1 is removed by user namespaces, although given the relative immaturity of that function in the kernel at the present time it is not considered sufficiently secure for production use.

func (*InstallContainerRequest) Check

func (req *InstallContainerRequest) Check() error

func (*InstallContainerRequest) PortMappingsFrom

func (j *InstallContainerRequest) PortMappingsFrom(pending map[string]interface{}) (port.PortPairs, bool)

type LinkContainersRequest

type LinkContainersRequest struct {
	*containers.ContainerLinks
}

type ListBuildsRequest

type ListBuildsRequest struct{}

type ListBuildsResponse

type ListBuildsResponse struct {
	Builds UnitResponses
}

type ListContainersRequest

type ListContainersRequest struct {
	IncludeInactive bool
}

type ListContainersResponse

type ListContainersResponse struct {
	Containers ContainerUnitResponses
}

func (*ListContainersResponse) Append

func (*ListContainersResponse) Sort

func (r *ListContainersResponse) Sort()

func (*ListContainersResponse) WriteTableTo

func (l *ListContainersResponse) WriteTableTo(w io.Writer) error

type ListImagesRequest

type ListImagesRequest struct {
	DockerSocket string
}

type ListServerContainersResponse

type ListServerContainersResponse struct {
	ListContainersResponse
}

func (*ListServerContainersResponse) WriteTableTo

func (l *ListServerContainersResponse) WriteTableTo(w io.Writer) error

type PatchEnvironmentRequest

type PatchEnvironmentRequest struct {
	containers.EnvironmentDescription
}

type PurgeContainersRequest

type PurgeContainersRequest struct{}

type PutEnvironmentRequest

type PutEnvironmentRequest struct {
	containers.EnvironmentDescription
}

type RestartContainerRequest

type RestartContainerRequest struct {
	Id containers.Identifier
}

type RunContainerRequest

type RunContainerRequest struct {
	Name      string
	Image     string
	Command   string
	Arguments []string
}

func (*RunContainerRequest) Check

func (e *RunContainerRequest) Check() error

type StartedContainerStateRequest

type StartedContainerStateRequest struct {
	Id containers.Identifier
}

type StoppedContainerStateRequest

type StoppedContainerStateRequest struct {
	Id   containers.Identifier
	Wait bool
}

type UnitResponse

type UnitResponse struct {
	Id          string
	ActiveState string
	SubState    string
}

type UnitResponses

type UnitResponses []UnitResponse

func (UnitResponses) Len

func (c UnitResponses) Len() int

func (UnitResponses) Less

func (c UnitResponses) Less(a, b int) bool

func (UnitResponses) Swap

func (c UnitResponses) Swap(a, b int)

Directories

Path Synopsis
Provides linux implementations of container jobs.
Provides linux implementations of container jobs.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL