sandbox

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 25, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultShmSize = 64 * 1024 * 1024

DefaultShmSize is the default shm size

View Source 
const DevShmPath = "/dev/shm"

DevShmPath is the default system wide shared memory path

Variables

View Source 
var ErrIDEmpty = errors.New("PodSandboxId should not be empty")

ErrIDEmpty is the error returned when the id of the sandbox is empty

Functions

This section is empty.

Types

type History 

type History []*Sandbox

History is a convenience type for storing a list of sandboxes, sorted by creation date in descendant order.

func (*History) Len 

func (history *History) Len() int

Len returns the number of sandboxes in the history.

func (*History) Less 

func (history *History) Less(i, j int) bool

Less compares two sandboxes and returns true if the second one was created before the first one.

func (*History) Swap 

func (history *History) Swap(i, j int)

Swap switches sandboxes i and j positions in the history.

type ManagedNamespace 

type ManagedNamespace struct {
	// contains filtered or unexported fields
}

ManagedNamespace is a structure that holds all the necessary information a caller would need for a sandbox managed namespace Where nsmgr.Namespace does hold similar information, ManagedNamespace exists to allow this library to not return data not necessarily in a Namespace (for instance, when a namespace is not managed by CRI-O, but instead is based off of the infra pid)

func (*ManagedNamespace) Path 

func (m *ManagedNamespace) Path() string

Type returns the namespace path

func (*ManagedNamespace) Type 

func (m *ManagedNamespace) Type() nsmgr.NSType

Type returns the namespace type

type Sandbox 

type Sandbox struct {
	// contains filtered or unexported fields
}

Sandbox contains data surrounding kubernetes sandboxes on the server

func New 

func New(id, namespace, name, kubeName, logDir string, labels, annotations map[string]string, processLabel, mountLabel string, metadata *types.PodSandboxMetadata, shmPath, cgroupParent string, privileged bool, runtimeHandler, resolvPath, hostname string, portMappings []*hostport.PortMapping, hostNetwork bool, createdAt time.Time, usernsMode string, overhead, resources *types.LinuxContainerResources) (*Sandbox, error)

New creates and populates a new pod sandbox New sandboxes have no containers, no infra container, and no network namespaces associated with them An infra container must be attached before the sandbox is added to the state

func (*Sandbox) AddContainer 

func (s *Sandbox) AddContainer(ctx context.Context, c *oci.Container)

AddContainer adds a container to the sandbox

func (*Sandbox) AddHostnamePath 

func (s *Sandbox) AddHostnamePath(hostname string)

AddHostnamePath adds the hostname path to the sandbox

func (*Sandbox) AddIPs 

func (s *Sandbox) AddIPs(ips []string)

AddIPs stores the ip in the sandbox

func (*Sandbox) AddManagedNamespaces 

func (s *Sandbox) AddManagedNamespaces(namespaces []nsmgr.Namespace)

func (*Sandbox) Annotations 

func (s *Sandbox) Annotations() map[string]string

Annotations returns a list of annotations for the sandbox

func (*Sandbox) CRISandbox 

func (s *Sandbox) CRISandbox() *types.PodSandbox

func (*Sandbox) CgroupParent 

func (s *Sandbox) CgroupParent() string

CgroupParent returns the cgroup parent of the sandbox

func (*Sandbox) ContainerEnvPath 

func (s *Sandbox) ContainerEnvPath() string

ContainerEnvPath retrieves the .containerenv path from a sandbox

func (*Sandbox) Containers 

func (s *Sandbox) Containers() oci.ContainerStorer

Containers returns the ContainerStorer that contains information on all of the containers in the sandbox

func (*Sandbox) Created 

func (s *Sandbox) Created() bool

Created returns the created status of sandbox

func (*Sandbox) CreatedAt 

func (s *Sandbox) CreatedAt() int64

func (*Sandbox) DNSConfig 

func (s *Sandbox) DNSConfig() *types.DNSConfig

DNSConfig returns the dnsConfig for the sandbox

func (*Sandbox) GetContainer 

func (s *Sandbox) GetContainer(ctx context.Context, name string) *oci.Container

GetContainer retrieves a container from the sandbox

func (*Sandbox) HostNetwork 

func (s *Sandbox) HostNetwork() bool

HostNetwork returns whether the sandbox runs in the host network namespace

func (*Sandbox) Hostname 

func (s *Sandbox) Hostname() string

Hostname returns the hostname of the sandbox

func (*Sandbox) HostnamePath 

func (s *Sandbox) HostnamePath() string

HostnamePath retrieves the hostname path from a sandbox

func (*Sandbox) ID 

func (s *Sandbox) ID() string

ID returns the id of the sandbox

func (*Sandbox) IPs 

func (s *Sandbox) IPs() []string

IPs returns the ip of the sandbox

func (*Sandbox) InfraContainer 

func (s *Sandbox) InfraContainer() *oci.Container

InfraContainer returns the infrastructure container for the sandbox

func (*Sandbox) IpcNsJoin 

func (s *Sandbox) IpcNsJoin(nspath string) error

IpcNsJoin attempts to join the sandbox to an existing IPC namespace This will fail if the sandbox is already part of a IPC namespace

func (*Sandbox) IpcNsPath 

func (s *Sandbox) IpcNsPath() string

IpcNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned

func (*Sandbox) KubeName 

func (s *Sandbox) KubeName() string

KubeName returns the kubernetes name for the sandbox

func (*Sandbox) Labels 

func (s *Sandbox) Labels() fields.Set

Labels returns the labels associated with the sandbox

func (*Sandbox) LogDir 

func (s *Sandbox) LogDir() string

LogDir returns the location of the logging directory for the sandbox

func (*Sandbox) Metadata 

func (s *Sandbox) Metadata() *types.PodSandboxMetadata

Metadata returns a set of metadata about the sandbox

func (*Sandbox) MountLabel 

func (s *Sandbox) MountLabel() string

MountLabel returns the mount label for the sandbox

func (*Sandbox) Name 

func (s *Sandbox) Name() string

Name returns the name of the sandbox

func (*Sandbox) Namespace 

func (s *Sandbox) Namespace() string

Namespace returns the namespace for the sandbox

func (*Sandbox) NamespaceOptions 

func (s *Sandbox) NamespaceOptions() *types.NamespaceOption

NamespaceOptions returns the namespace options for the sandbox

func (*Sandbox) NamespacePaths 

func (s *Sandbox) NamespacePaths() []*ManagedNamespace

NamespacePaths returns all the paths of the namespaces of the sandbox. If a namespace is not managed by the sandbox, the namespace of the infra container will be returned. It returns a slice of ManagedNamespaces

func (*Sandbox) NeedsInfra 

func (s *Sandbox) NeedsInfra(serverDropsInfra bool) bool

NeedsInfra is a function that returns whether the sandbox will need an infra container. If the server manages the namespace lifecycles, and the Pid option on the sandbox is node or container level, the infra container is not needed

func (*Sandbox) NetNsJoin 

func (s *Sandbox) NetNsJoin(nspath string) error

NetNsJoin attempts to join the sandbox to an existing network namespace This will fail if the sandbox is already part of a network namespace

func (*Sandbox) NetNsPath 

func (s *Sandbox) NetNsPath() string

NetNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned

func (*Sandbox) NetworkStopped 

func (s *Sandbox) NetworkStopped() bool

NetworkStopped returns whether the network has been stopped

func (*Sandbox) PidNsPath 

func (s *Sandbox) PidNsPath() string

PidNsPath returns the path to the pid namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

func (*Sandbox) PodLinuxOverhead 

func (s *Sandbox) PodLinuxOverhead() *types.LinuxContainerResources

PodLinuxOverhead returns the overheads associated with this sandbox

func (*Sandbox) PodLinuxResources 

func (s *Sandbox) PodLinuxResources() *types.LinuxContainerResources

PodLinuxResources returns the sum of container resources for this sandbox

func (*Sandbox) PortMappings 

func (s *Sandbox) PortMappings() []*hostport.PortMapping

PortMappings returns a list of port mappings between the host and the sandbox

func (*Sandbox) Privileged 

func (s *Sandbox) Privileged() bool

Privileged returns whether or not the containers in the sandbox are privileged containers

func (*Sandbox) ProcessLabel 

func (s *Sandbox) ProcessLabel() string

ProcessLabel returns the process label for the sandbox

func (*Sandbox) Ready 

func (s *Sandbox) Ready(takeLock bool) bool

Ready returns whether the sandbox should be marked as ready to the kubelet if there is no infra container, it is always considered ready. `takeLock` should be set if we need to take the lock to get the infra container's state. If there is no infra container, it is never considered ready. If the infra container is spoofed, the pod is considered ready when it has been created, but not stopped.

func (*Sandbox) RemoveContainer 

func (s *Sandbox) RemoveContainer(ctx context.Context, c *oci.Container)

RemoveContainer deletes a container from the sandbox

func (*Sandbox) RemoveInfraContainer 

func (s *Sandbox) RemoveInfraContainer()

RemoveInfraContainer removes the infrastructure container of a sandbox

func (*Sandbox) RemoveManagedNamespaces 

func (s *Sandbox) RemoveManagedNamespaces() error

RemoveManagedNamespaces removes the formerly mounted namespace. Must be stopped first or this will fail.

func (*Sandbox) ResolvPath 

func (s *Sandbox) ResolvPath() string

ResolvPath returns the resolv path for the sandbox

func (*Sandbox) RestoreStopped 

func (s *Sandbox) RestoreStopped()

func (*Sandbox) RuntimeHandler 

func (s *Sandbox) RuntimeHandler() string

RuntimeHandler returns the name of the runtime handler that should be picked from the list of runtimes. The name must match the key from the map of runtimes.

func (*Sandbox) SeccompProfilePath 

func (s *Sandbox) SeccompProfilePath() string

SeccompProfilePath returns the seccomp profile path

func (*Sandbox) SetContainerEnvFile 

func (s *Sandbox) SetContainerEnvFile(ctx context.Context) error

SetContainerEnvFile sets the container environment file.

func (*Sandbox) SetCreated 

func (s *Sandbox) SetCreated()

SetCreated sets the created status of sandbox to true

func (*Sandbox) SetDNSConfig 

func (s *Sandbox) SetDNSConfig(dnsConfig *types.DNSConfig)

SetDNSConfig sets the DNSConfig

func (*Sandbox) SetInfraContainer 

func (s *Sandbox) SetInfraContainer(infraCtr *oci.Container) error

SetInfraContainer sets the infrastructure container of a sandbox Attempts to set the infrastructure container after one is already present will throw an error

func (*Sandbox) SetNamespaceOptions 

func (s *Sandbox) SetNamespaceOptions(nsOpts *types.NamespaceOption)

SetNamespaceOptions sets whether the pod is running using host network

func (*Sandbox) SetNetworkStopped 

func (s *Sandbox) SetNetworkStopped(ctx context.Context, createFile bool) error

SetNetworkStopped sets the sandbox network state as stopped This should be set after a network stop operation succeeds, so we don't double stop the network if createFile is true, it creates a "network-stopped" file in the infra container's persistent dir this is used to track the network is stopped over reboots returns an error if an error occurred when creating the network-stopped file

func (*Sandbox) SetSeccompProfilePath 

func (s *Sandbox) SetSeccompProfilePath(pp string)

SetSeccompProfilePath sets the seccomp profile path

func (*Sandbox) SetStopped 

func (s *Sandbox) SetStopped(ctx context.Context, createFile bool)

SetStopped sets the sandbox state to stopped. This should be set after a stop operation succeeds so that subsequent stops can return fast. if createFile is true, it also creates a "stopped" file in the infra container's persistent dir this is used to track the sandbox is stopped over reboots

func (*Sandbox) ShmPath 

func (s *Sandbox) ShmPath() string

ShmPath returns the shm path of the sandbox

func (*Sandbox) State 

func (s *Sandbox) State() types.PodSandboxState

func (*Sandbox) StopMutex 

func (s *Sandbox) StopMutex() *sync.RWMutex

StopMutex returns the mutex to use when stopping the sandbox

func (*Sandbox) Stopped 

func (s *Sandbox) Stopped() bool

Stopped returns whether the sandbox state has been set to stopped.

func (*Sandbox) UnmountShm 

func (s *Sandbox) UnmountShm(ctx context.Context) error

UnmountShm removes the shared memory mount for the sandbox and returns an error if any failure occurs.

func (*Sandbox) UserNsJoin 

func (s *Sandbox) UserNsJoin(nspath string) error

UserNsJoin attempts to join the sandbox to an existing User namespace This will fail if the sandbox is already part of a User namespace

func (*Sandbox) UserNsPath 

func (s *Sandbox) UserNsPath() string

UserNsPath returns the path to the user namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned

func (*Sandbox) UsernsMode 

func (s *Sandbox) UsernsMode() string

UsernsMode returns the mode for setting the user namespace, if any.

func (*Sandbox) UtsNsJoin 

func (s *Sandbox) UtsNsJoin(nspath string) error

UtsNsJoin attempts to join the sandbox to an existing UTS namespace This will fail if the sandbox is already part of a UTS namespace

func (*Sandbox) UtsNsPath 

func (s *Sandbox) UtsNsPath() string

UtsNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned

type StoreFilter 

type StoreFilter func(*Sandbox) bool

StoreFilter defines a function to filter sandboxes in the store.

type StoreReducer 

type StoreReducer func(*Sandbox)

StoreReducer defines a function to manipulate sandboxes in the store

type Storer 

type Storer interface {
	// Add appends a new sandbox to the store.
	Add(string, *Sandbox)
	// Get returns a sandbox from the store by the identifier it was stored with.
	Get(string) *Sandbox
	// Delete removes a sandbox from the store by the identifier it was stored with.
	Delete(string)
	// List returns a list of sandboxes from the store.
	List() []*Sandbox
	// Size returns the number of sandboxes in the store.
	Size() int
	// First returns the first sandbox found in the store by a given filter.
	First(StoreFilter) *Sandbox
	// ApplyAll calls the reducer function with every sandbox in the store.
	ApplyAll(StoreReducer)
}

Storer defines an interface that any container store must implement.

func NewMemoryStore 

func NewMemoryStore() Storer

NewMemoryStore initializes a new memory store.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.