Documentation ¶
Index ¶
- Constants
- Variables
- func AddImageNames(store storage.Store, firstRegistry string, systemContext *types.SystemContext, ...) error
- func ExpandNames(names []string, firstRegistry string, systemContext *types.SystemContext, ...) ([]string, error)
- func FindImage(store storage.Store, firstRegistry string, systemContext *types.SystemContext, ...) (types.ImageReference, *storage.Image, error)
- func GetFailureCause(err, defaultError error) error
- func GetHostIDs(uidmap, gidmap []specs.LinuxIDMapping, uid, gid uint32) (uint32, uint32, error)
- func GetHostRootIDs(spec *specs.Spec) (uint32, uint32, error)
- func GetPolicyContext(ctx *types.SystemContext) (*signature.PolicyContext, error)
- func LogIfNotRetryable(err error, what string) (retry bool)
- func LogIfUnexpectedWhileDraining(err error, what string)
- func ResolveName(name string, firstRegistry string, sc *types.SystemContext, ...) ([]string, string, bool, error)
- func Runtime() string
- func StringInSlice(s string, slice []string) bool
- func WriteError(w io.Writer, err error, lastError error) error
Constants ¶
const ( // DefaultRuntime is the default command to use to run the container. DefaultRuntime = "runc" // DefaultCNIPluginPath is the default location of CNI plugin helpers. DefaultCNIPluginPath = "/usr/libexec/cni:/opt/cni/bin" // DefaultCNIConfigDir is the default location of CNI configuration files. DefaultCNIConfigDir = "/etc/cni/net.d" )
const ( // DefaultTransport is a prefix that we apply to an image name if we // can't find one in the local Store, in order to generate a source // reference for the image that we can then copy to the local Store. DefaultTransport = "docker://" )
Variables ¶
var ( // DefaultCapabilities is the list of capabilities which we grant by // default to containers which are running under UID 0. DefaultCapabilities = []string{ "CAP_AUDIT_WRITE", "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_MKNOD", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", "CAP_SYS_CHROOT", } // DefaultNetworkSysctl is the list of Kernel parameters which we // grant by default to containers which are running under UID 0. DefaultNetworkSysctl = map[string]string{ "net.ipv4.ping_group_range": "0 0", } )
var ( // RegistryDefaultPathPrefix contains a per-registry listing of default prefixes // to prepend to image names that only contain a single path component. RegistryDefaultPathPrefix = map[string]string{ "index.docker.io": "library", "docker.io": "library", } )
Functions ¶
func AddImageNames ¶
func AddImageNames(store storage.Store, firstRegistry string, systemContext *types.SystemContext, image *storage.Image, addNames []string) error
AddImageNames adds the specified names to the specified image.
func ExpandNames ¶
func ExpandNames(names []string, firstRegistry string, systemContext *types.SystemContext, store storage.Store) ([]string, error)
ExpandNames takes unqualified names, parses them as image names, and returns the fully expanded result, including a tag. Names which don't include a registry name will be marked for the most-preferred registry (i.e., the first one in our configuration).
func FindImage ¶
func FindImage(store storage.Store, firstRegistry string, systemContext *types.SystemContext, image string) (types.ImageReference, *storage.Image, error)
FindImage locates the locally-stored image which corresponds to a given name.
func GetFailureCause ¶
GetFailureCause checks the type of the error "err" and returns a new error message that reflects the reason of the failure. In case err type is not a familiar one the error "defaultError" is returned.
func GetHostIDs ¶ added in v1.7.1
GetHostIDs uses ID mappings to compute the host-level IDs that will correspond to a UID/GID pair in the container.
func GetHostRootIDs ¶ added in v1.7.1
GetHostRootIDs uses ID mappings in spec to compute the host-level IDs that will correspond to UID/GID 0/0 in the container.
func GetPolicyContext ¶ added in v1.7.1
func GetPolicyContext(ctx *types.SystemContext) (*signature.PolicyContext, error)
GetPolicyContext sets up, initializes and returns a new context for the specified policy
func LogIfNotRetryable ¶ added in v1.7.1
LogIfNotRetryable logs "what" if err is set and is not an EINTR or EAGAIN syscall.Errno. Returns "true" if we can continue.
func LogIfUnexpectedWhileDraining ¶ added in v1.7.1
LogIfUnexpectedWhileDraining logs "what" if err is set and is not an EINTR or EAGAIN or EIO syscall.Errno.
func ResolveName ¶
func ResolveName(name string, firstRegistry string, sc *types.SystemContext, store storage.Store) ([]string, string, bool, error)
ResolveName checks if name is a valid image name, and if that name doesn't include a domain portion, returns a list of the names which it might correspond to in the set of configured registries, the transport used to pull the image, and a boolean which is true iff 1) the list of search registries was used, and 2) it was empty.
The returned image names never include a transport: prefix, and if transport != "", (transport, image) should be a valid input to alltransports.ParseImageName. transport == "" indicates that image that already exists in a local storage, and the name is valid for store.Image() / storage.Transport.ParseStoreReference().
NOTE: The "list of search registries is empty" check does not count blocked registries, and neither the implied "localhost" nor a possible firstRegistry are counted
func Runtime ¶ added in v1.7.1
func Runtime() string
Runtime is the default command to use to run the container.
func StringInSlice ¶ added in v1.7.1
StringInSlice returns a boolean indicating if the exact value s is present in the slice slice.
Types ¶
This section is empty.