sysbox

package

v1.0.1 Latest Latest Go to latest Published: May 17, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cedana/sysbox-runc

Links

Open Source Insights

Documentation ¶

Index ¶

func CheckHostConfig(context *cli.Context, spec *specs.Spec) error
func CheckUidShifting(sysMgr *Mgr, spec *specs.Spec) (sh.IDShiftType, sh.IDShiftType, error)
type Fs
- func NewFs(id string, enable bool) *Fs
type FsRegInfo
type Mgr
- func NewMgr(id string, enable bool) *Mgr
type Sysbox
- func NewSysbox(id string, withMgr, withFs bool) *Sysbox

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckHostConfig ¶

func CheckHostConfig(context *cli.Context, spec *specs.Spec) error

CheckHostConfig checks if the host is configured appropriately to run a container with sysbox

func CheckUidShifting ¶

func CheckUidShifting(sysMgr *Mgr, spec *specs.Spec) (sh.IDShiftType, sh.IDShiftType, error)

checkUidShifting returns the type of UID shifting needed (if any) for the container. The first return value indicates the type of UID shifting to be used for the container's rootfs, while the second indicates the type of UID shifting for container bind-mounts.

Types ¶

type Fs ¶

type Fs struct {
	Active     bool
	Id         string // container-id
	PreReg     bool   // indicates if the container was pre-registered with sysbox-fs
	Reg        bool   // indicates if sys container was registered with sysbox-fs
	Mountpoint string // sysbox-fs FUSE mountpoint
}

func NewFs ¶

func NewFs(id string, enable bool) *Fs

func (*Fs) Enabled ¶

func (fs *Fs) Enabled() bool

func (*Fs) GetConfig ¶

func (fs *Fs) GetConfig() error

func (*Fs) PreRegister ¶

func (fs *Fs) PreRegister(linuxNamespaces []specs.LinuxNamespace) error

Pre-registers container with sysbox-fs.

func (*Fs) Register ¶

func (fs *Fs) Register(info *FsRegInfo) error

Registers container with sysbox-fs.

func (*Fs) SendCreationTime ¶

func (fs *Fs) SendCreationTime(t time.Time) error

Sends container creation time to sysbox-fs

func (*Fs) SendSeccompInit ¶

func (fs *Fs) SendSeccompInit(pid int, id string, seccompFd int32) error

Sends the seccomp-notification fd to sysbox-fs (tracer) to setup syscall trapping and waits for its response (ack).

func (*Fs) Unregister ¶

func (fs *Fs) Unregister() error

Unregisters the container with sysbox-fs

type FsRegInfo ¶

type FsRegInfo struct {
	Hostname      string
	Pid           int
	Uid           int
	Gid           int
	IdSize        int
	ProcRoPaths   []string
	ProcMaskPaths []string
}

FsRegInfo contains info about a sys container registered with sysbox-fs

type Mgr ¶

type Mgr struct {
	Active bool
	Id     string                  // container-id
	Config *ipcLib.ContainerConfig // sysbox-mgr mandated container config
	// contains filtered or unexported fields
}

func NewMgr ¶

func NewMgr(id string, enable bool) *Mgr

func (*Mgr) ChownClonedRootfs ¶

func (mgr *Mgr) ChownClonedRootfs(uidOffset, gidOffset int32) error

Sends a requests to sysbox-mgr to chown a cloned rootfs, using the given uid and gid offsets. Must call after CloneRootfs().

func (*Mgr) CloneRootfs ¶

func (mgr *Mgr) CloneRootfs() (string, error)

ClonedRootfs sends a request to sysbox-mgr to setup an alternate rootfs for the container. It returns the path to the new rootfs.

func (*Mgr) Enabled ¶

func (mgr *Mgr) Enabled() bool

func (*Mgr) GetClonedRootfs ¶

func (mgr *Mgr) GetClonedRootfs() string

func (*Mgr) IsRootfsCloned ¶

func (mgr *Mgr) IsRootfsCloned() bool

func (*Mgr) Pause ¶

func (mgr *Mgr) Pause() error

func (*Mgr) PrepMounts ¶

func (mgr *Mgr) PrepMounts(uid, gid uint32, prepList []ipcLib.MountPrepInfo) error

PrepMounts sends a request to sysbox-mgr for prepare the given container mounts; all paths must be absolute.

func (*Mgr) Register ¶

func (mgr *Mgr) Register(spec *specs.Spec) error

Registers the container with sysbox-mgr. If successful, stores the sysbox configuration tokens for sysbox-runc in mgr.Config

func (*Mgr) ReqFsState ¶

func (mgr *Mgr) ReqFsState(rootfs string) ([]configs.FsEntry, error)

ReqFsState sends a request to sysbox-mgr for container's rootfs state.

func (*Mgr) ReqMounts ¶

func (mgr *Mgr) ReqMounts(rootfsUidShiftType sh.IDShiftType, reqList []ipcLib.MountReqInfo) ([]specs.Mount, error)

ReqMounts sends a request to sysbox-mgr for container mounts; all paths must be absolute.

func (*Mgr) ReqShiftfsMark ¶

func (mgr *Mgr) ReqShiftfsMark(mounts []shiftfs.MountPoint) ([]shiftfs.MountPoint, error)

ReqShiftfsMark sends a request to sysbox-mgr to mark shiftfs on the given dirs; all paths must be absolute.

func (*Mgr) ReqSubid ¶

func (mgr *Mgr) ReqSubid(size uint32) (uint32, uint32, error)

ReqSubid requests sysbox-mgr to allocate uid & gids for the container user-ns.

func (*Mgr) Resume ¶

func (mgr *Mgr) Resume() error

func (*Mgr) RevertClonedRootfsChown ¶

func (mgr *Mgr) RevertClonedRootfsChown() error

Sends a requests to sysbox-mgr to revert the chown of a cloned rootfs. Must call after ChownClonedRootfs().

func (*Mgr) Unregister ¶

func (mgr *Mgr) Unregister() error

Unregisters the container with sysbox-mgr.

func (*Mgr) Update ¶

func (mgr *Mgr) Update(userns, netns string,
	uidMappings, gidMappings []specs.LinuxIDMapping,
	rootfsUidShiftType sh.IDShiftType) error

type Sysbox ¶

type Sysbox struct {
	Id                  string
	Mgr                 *Mgr
	Fs                  *Fs
	RootfsUidShiftType  sh.IDShiftType
	BindMntUidShiftType sh.IDShiftType
	RootfsCloned        bool
	SwitchDockerDns     bool
	OrigRootfs          string
	OrigMounts          []specs.Mount
	IDshiftIgnoreList   []string
}

Holds sysbox-specific config

func NewSysbox ¶

func NewSysbox(id string, withMgr, withFs bool) *Sysbox

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL