Documentation ¶
Index ¶
- Constants
- Variables
- func DefaultSeccompPath() (string, error)
- func FuncTimer(funcName string)
- func GenerateKubeServiceFromV1Pod(pod *v1.Pod, servicePorts []v1.ServicePort) v1.Service
- func JSONDeepCopy(from, to interface{}) error
- func LabelVolumePath(path string, shared bool) error
- func MountExists(specMounts []spec.Mount, dest string) bool
- func RemoveScientificNotationFromFloat(x float64) (float64, error)
- func SetXdgDirs() error
- func Unmount(mount string)
- func WaitForFile(path string, chWait chan error, timeout time.Duration) (bool, error)
- type AttachStreams
- type BoltState
- func (s *BoltState) AddContainer(ctr *Container) error
- func (s *BoltState) AddContainerToPod(pod *Pod, ctr *Container) error
- func (s *BoltState) AddPod(pod *Pod) error
- func (s *BoltState) AddVolume(volume *Volume) error
- func (s *BoltState) AllContainers() ([]*Container, error)
- func (s *BoltState) AllPods() ([]*Pod, error)
- func (s *BoltState) AllVolumes() ([]*Volume, error)
- func (s *BoltState) Close() error
- func (s *BoltState) Container(id string) (*Container, error)
- func (s *BoltState) ContainerInUse(ctr *Container) ([]string, error)
- func (s *BoltState) GetContainerConfig(id string) (*ContainerConfig, error)
- func (s *BoltState) GetDBConfig() (*config.DBConfig, error)
- func (s *BoltState) HasContainer(id string) (bool, error)
- func (s *BoltState) HasPod(id string) (bool, error)
- func (s *BoltState) HasVolume(name string) (bool, error)
- func (s *BoltState) LookupContainer(idOrName string) (*Container, error)
- func (s *BoltState) LookupContainerID(idOrName string) (string, error)
- func (s *BoltState) LookupPod(idOrName string) (*Pod, error)
- func (s *BoltState) LookupVolume(name string) (*Volume, error)
- func (s *BoltState) Pod(id string) (*Pod, error)
- func (s *BoltState) PodContainers(pod *Pod) ([]*Container, error)
- func (s *BoltState) PodContainersByID(pod *Pod) ([]string, error)
- func (s *BoltState) PodHasContainer(pod *Pod, id string) (bool, error)
- func (s *BoltState) Refresh() error
- func (s *BoltState) RemoveContainer(ctr *Container) error
- func (s *BoltState) RemoveContainerFromPod(pod *Pod, ctr *Container) error
- func (s *BoltState) RemovePod(pod *Pod) error
- func (s *BoltState) RemovePodContainers(pod *Pod) error
- func (s *BoltState) RemoveVolume(volume *Volume) error
- func (s *BoltState) RewriteContainerConfig(ctr *Container, newCfg *ContainerConfig) error
- func (s *BoltState) RewritePodConfig(pod *Pod, newCfg *PodConfig) error
- func (s *BoltState) RewriteVolumeConfig(volume *Volume, newCfg *VolumeConfig) error
- func (s *BoltState) SaveContainer(ctr *Container) error
- func (s *BoltState) SavePod(pod *Pod) error
- func (s *BoltState) SaveVolume(volume *Volume) error
- func (s *BoltState) SetNamespace(ns string) error
- func (s *BoltState) UpdateContainer(ctr *Container) error
- func (s *BoltState) UpdatePod(pod *Pod) error
- func (s *BoltState) UpdateVolume(volume *Volume) error
- func (s *BoltState) ValidateDBConfig(runtime *Runtime) error
- func (s *BoltState) Volume(name string) (*Volume, error)
- func (s *BoltState) VolumeInUse(volume *Volume) ([]string, error)
- type ConmonOCIRuntime
- func (r *ConmonOCIRuntime) AttachSocketPath(ctr *Container) (string, error)
- func (r *ConmonOCIRuntime) CheckpointContainer(ctr *Container, options ContainerCheckpointOptions) error
- func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error)
- func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error
- func (r *ConmonOCIRuntime) ExecAttachSocketPath(ctr *Container, sessionID string) (string, error)
- func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options *ExecOptions) (int, chan error, error)
- func (r *ConmonOCIRuntime) ExecContainerCleanup(ctr *Container, sessionID string) error
- func (r *ConmonOCIRuntime) ExecStopContainer(ctr *Container, sessionID string, timeout uint) error
- func (r *ConmonOCIRuntime) ExitFilePath(ctr *Container) (string, error)
- func (r *ConmonOCIRuntime) KillContainer(ctr *Container, signal uint, all bool) error
- func (r *ConmonOCIRuntime) Name() string
- func (r *ConmonOCIRuntime) Path() string
- func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error
- func (r *ConmonOCIRuntime) RuntimeInfo() (map[string]interface{}, error)
- func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error
- func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool) error
- func (r *ConmonOCIRuntime) SupportsCheckpoint() bool
- func (r *ConmonOCIRuntime) SupportsJSONErrors() bool
- func (r *ConmonOCIRuntime) SupportsNoCgroups() bool
- func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error
- func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error
- type Container
- func (c *Container) AddArtifact(name string, data []byte) error
- func (c *Container) Attach(streams *AttachStreams, keys string, resize <-chan remotecommand.TerminalSize) error
- func (c *Container) AttachSocketPath() (string, error)
- func (c *Container) AutoRemove() bool
- func (c *Container) Batch(batchFunc func(*Container) error) error
- func (c *Container) BindMounts() (map[string]string, error)
- func (c *Container) CGroupPath() (string, error)
- func (c *Container) CgroupParent() string
- func (c *Container) Checkpoint(ctx context.Context, options ContainerCheckpointOptions) error
- func (c *Container) CheckpointPath() string
- func (c *Container) Cleanup(ctx context.Context) error
- func (c *Container) Command() []string
- func (c *Container) Commit(ctx context.Context, destImage string, options ContainerCommitOptions) (*image.Image, error)
- func (c *Container) Config() *ContainerConfig
- func (c *Container) ConmonPID() (int, error)
- func (c *Container) ContainerState() (*ContainerState, error)
- func (c *Container) ControlSocketPath() string
- func (c *Container) CreatedTime() time.Time
- func (c *Container) DNSOption() []string
- func (c *Container) DNSSearch() []string
- func (c *Container) DNSServers() []net.IP
- func (c *Container) Dependencies() []string
- func (c *Container) Entrypoint() []string
- func (c *Container) Exec(tty, privileged bool, env map[string]string, cmd []string, ...) (int, error)
- func (c *Container) ExecSession(id string) (*ExecSession, error)
- func (c *Container) ExecSessions() ([]string, error)
- func (c *Container) ExitCode() (int32, bool, error)
- func (c *Container) Export(path string) error
- func (c *Container) FinishedTime() (time.Time, error)
- func (c *Container) GenerateForKube() (*v1.Pod, error)
- func (c *Container) GetArtifact(name string) ([]byte, error)
- func (c *Container) GetContainerPidInformation(descriptors []string) ([]string, error)
- func (c *Container) GetContainerStats(previousStats *ContainerStats) (*ContainerStats, error)
- func (c *Container) GetHealthCheckLog() (HealthCheckResults, error)
- func (c *Container) HasHealthCheck() bool
- func (c *Container) HealthCheckConfig() *manifest.Schema2HealthConfig
- func (c *Container) HealthCheckStatus() (string, error)
- func (c *Container) Hostname() string
- func (c *Container) HostsAdd() []string
- func (c *Container) ID() string
- func (c *Container) IDMappings() (storage.IDMappingOptions, error)
- func (c *Container) IPs() ([]net.IPNet, error)
- func (c *Container) Image() (string, string)
- func (c *Container) ImageVolumes() bool
- func (c *Container) Init(ctx context.Context) (err error)
- func (c *Container) Inspect(size bool) (*InspectContainerData, error)
- func (c *Container) IsInfra() bool
- func (c *Container) IsReadOnly() bool
- func (c *Container) Kill(signal uint) error
- func (c *Container) Labels() map[string]string
- func (c *Container) LogDriver() string
- func (c *Container) LogPath() string
- func (c *Container) Mount() (string, error)
- func (c *Container) MountLabel() string
- func (c *Container) Mounted() (bool, string, error)
- func (c *Container) Name() string
- func (c *Container) NamedVolumes() []*ContainerNamedVolume
- func (c *Container) Namespace() string
- func (c *Container) NamespacePath(linuxNS LinuxNS) (string, error)
- func (c *Container) NetworkDisabled() (bool, error)
- func (c *Container) NewNetNS() bool
- func (c *Container) OOMKilled() (bool, error)
- func (c *Container) PID() (int, error)
- func (c *Container) Pause() error
- func (c *Container) PodID() string
- func (c *Container) PortMappings() ([]ocicni.PortMapping, error)
- func (c *Container) Privileged() bool
- func (c *Container) ProcessLabel() string
- func (c *Container) RWSize() (int64, error)
- func (c *Container) ReadLog(options *logs.LogOptions, logChannel chan *logs.LogLine) error
- func (c *Container) Refresh(ctx context.Context) error
- func (c *Container) RemoveArtifact(name string) error
- func (c *Container) RestartPolicy() string
- func (c *Container) RestartRetries() uint
- func (c *Container) RestartWithTimeout(ctx context.Context, timeout uint) (err error)
- func (c *Container) Restore(ctx context.Context, options ContainerCheckpointOptions) (err error)
- func (c *Container) RootFsSize() (int64, error)
- func (c *Container) RootGID() int
- func (c *Container) RootUID() int
- func (c *Container) Routes() ([]types.Route, error)
- func (c *Container) RuntimeName() string
- func (c *Container) ShmDir() string
- func (c *Container) ShmSize() int64
- func (c *Container) Spec() *spec.Spec
- func (c *Container) Start(ctx context.Context, recursive bool) (err error)
- func (c *Container) StartAndAttach(ctx context.Context, streams *AttachStreams, keys string, ...) (attachResChan <-chan error, err error)
- func (c *Container) StartedTime() (time.Time, error)
- func (c *Container) State() (define.ContainerStatus, error)
- func (c *Container) StaticDir() string
- func (c *Container) Stdin() bool
- func (c *Container) Stop() error
- func (c *Container) StopSignal() uint
- func (c *Container) StopTimeout() uint
- func (c *Container) StopWithTimeout(timeout uint) error
- func (c *Container) StoppedByUser() (bool, error)
- func (c *Container) Sync() error
- func (c *Container) Top(descriptors []string) ([]string, error)
- func (c *Container) Unmount(force bool) error
- func (c *Container) Unpause() error
- func (c *Container) User() string
- func (c *Container) UserVolumes() []string
- func (c *Container) Wait() (int32, error)
- func (c *Container) WaitWithInterval(waitTimeout time.Duration) (int32, error)
- func (c *Container) WorkingDir() string
- type ContainerCheckpointOptions
- type ContainerCommitOptions
- type ContainerConfig
- type ContainerFilter
- type ContainerGraph
- type ContainerInfo
- type ContainerNamedVolume
- type ContainerState
- type ContainerStats
- type CtrCreateOption
- func WithCgroupNSFrom(nsCtr *Container) CtrCreateOption
- func WithCgroupParent(parent string) CtrCreateOption
- func WithCommand(command []string) CtrCreateOption
- func WithConmonPidFile(path string) CtrCreateOption
- func WithCtrNamespace(ns string) CtrCreateOption
- func WithDNS(dnsServers []string) CtrCreateOption
- func WithDNSOption(dnsOptions []string) CtrCreateOption
- func WithDNSSearch(searchDomains []string) CtrCreateOption
- func WithDependencyCtrs(ctrs []*Container) CtrCreateOption
- func WithEntrypoint(entrypoint []string) CtrCreateOption
- func WithExitCommand(exitCommand []string) CtrCreateOption
- func WithGroups(groups []string) CtrCreateOption
- func WithHealthCheck(healthCheck *manifest.Schema2HealthConfig) CtrCreateOption
- func WithHosts(hosts []string) CtrCreateOption
- func WithIDMappings(idmappings storage.IDMappingOptions) CtrCreateOption
- func WithIPCNSFrom(nsCtr *Container) CtrCreateOption
- func WithLabels(labels map[string]string) CtrCreateOption
- func WithLogDriver(driver string) CtrCreateOption
- func WithLogPath(path string) CtrCreateOption
- func WithMountNSFrom(nsCtr *Container) CtrCreateOption
- func WithName(name string) CtrCreateOption
- func WithNamedVolumes(volumes []*ContainerNamedVolume) CtrCreateOption
- func WithNetNS(portMappings []ocicni.PortMapping, postConfigureNetNS bool, netmode string, ...) CtrCreateOption
- func WithNetNSFrom(nsCtr *Container) CtrCreateOption
- func WithNoCgroups() CtrCreateOption
- func WithPIDNSFrom(nsCtr *Container) CtrCreateOption
- func WithPrivileged(privileged bool) CtrCreateOption
- func WithRestartPolicy(policy string) CtrCreateOption
- func WithRestartRetries(tries uint) CtrCreateOption
- func WithRootFS(rootfs string) CtrCreateOption
- func WithRootFSFromImage(imageID string, imageName string, useImageVolumes bool) CtrCreateOption
- func WithSecLabels(labelOpts []string) CtrCreateOption
- func WithShmDir(dir string) CtrCreateOption
- func WithShmSize(size int64) CtrCreateOption
- func WithStaticIP(ip net.IP) CtrCreateOption
- func WithStdin() CtrCreateOption
- func WithStopSignal(signal syscall.Signal) CtrCreateOption
- func WithStopTimeout(timeout uint) CtrCreateOption
- func WithSystemd() CtrCreateOption
- func WithUTSNSFrom(nsCtr *Container) CtrCreateOption
- func WithUTSNSFromPod(p *Pod) CtrCreateOption
- func WithUseImageHosts() CtrCreateOption
- func WithUseImageResolvConf() CtrCreateOption
- func WithUser(user string) CtrCreateOption
- func WithUserNSFrom(nsCtr *Container) CtrCreateOption
- func WithUserVolumes(volumes []string) CtrCreateOption
- type ExecOptions
- type ExecSession
- type HealthCheckLog
- type HealthCheckResults
- type HealthCheckStatus
- type InMemoryState
- func (s *InMemoryState) AddContainer(ctr *Container) error
- func (s *InMemoryState) AddContainerToPod(pod *Pod, ctr *Container) error
- func (s *InMemoryState) AddPod(pod *Pod) error
- func (s *InMemoryState) AddVolume(volume *Volume) error
- func (s *InMemoryState) AllContainers() ([]*Container, error)
- func (s *InMemoryState) AllPods() ([]*Pod, error)
- func (s *InMemoryState) AllVolumes() ([]*Volume, error)
- func (s *InMemoryState) Close() error
- func (s *InMemoryState) Container(id string) (*Container, error)
- func (s *InMemoryState) ContainerInUse(ctr *Container) ([]string, error)
- func (s *InMemoryState) GetContainerConfig(id string) (*ContainerConfig, error)
- func (s *InMemoryState) GetDBConfig() (*config.DBConfig, error)
- func (s *InMemoryState) HasContainer(id string) (bool, error)
- func (s *InMemoryState) HasPod(id string) (bool, error)
- func (s *InMemoryState) HasVolume(name string) (bool, error)
- func (s *InMemoryState) LookupContainer(idOrName string) (*Container, error)
- func (s *InMemoryState) LookupContainerID(idOrName string) (string, error)
- func (s *InMemoryState) LookupPod(idOrName string) (*Pod, error)
- func (s *InMemoryState) LookupVolume(name string) (*Volume, error)
- func (s *InMemoryState) Pod(id string) (*Pod, error)
- func (s *InMemoryState) PodContainers(pod *Pod) ([]*Container, error)
- func (s *InMemoryState) PodContainersByID(pod *Pod) ([]string, error)
- func (s *InMemoryState) PodHasContainer(pod *Pod, ctrID string) (bool, error)
- func (s *InMemoryState) Refresh() error
- func (s *InMemoryState) RemoveContainer(ctr *Container) error
- func (s *InMemoryState) RemoveContainerFromPod(pod *Pod, ctr *Container) error
- func (s *InMemoryState) RemovePod(pod *Pod) error
- func (s *InMemoryState) RemovePodContainers(pod *Pod) error
- func (s *InMemoryState) RemoveVolume(volume *Volume) error
- func (s *InMemoryState) RewriteContainerConfig(ctr *Container, newCfg *ContainerConfig) error
- func (s *InMemoryState) RewritePodConfig(pod *Pod, newCfg *PodConfig) error
- func (s *InMemoryState) RewriteVolumeConfig(volume *Volume, newCfg *VolumeConfig) error
- func (s *InMemoryState) SaveContainer(ctr *Container) error
- func (s *InMemoryState) SavePod(pod *Pod) error
- func (s *InMemoryState) SaveVolume(volume *Volume) error
- func (s *InMemoryState) SetNamespace(ns string) error
- func (s *InMemoryState) UpdateContainer(ctr *Container) error
- func (s *InMemoryState) UpdatePod(pod *Pod) error
- func (s *InMemoryState) UpdateVolume(volume *Volume) error
- func (s *InMemoryState) ValidateDBConfig(runtime *Runtime) error
- func (s *InMemoryState) Volume(name string) (*Volume, error)
- func (s *InMemoryState) VolumeInUse(volume *Volume) ([]string, error)
- type InfraContainerConfig
- type InspectBlkioThrottleDevice
- type InspectBlkioWeightDevice
- type InspectContainerConfig
- type InspectContainerData
- type InspectContainerHostConfig
- type InspectContainerState
- type InspectDevice
- type InspectHostPort
- type InspectLogConfig
- type InspectMount
- type InspectNetworkSettings
- type InspectRestartPolicy
- type InspectUlimit
- type InspectVolumeData
- type LinuxNS
- type MissingRuntime
- func (r *MissingRuntime) AttachSocketPath(ctr *Container) (string, error)
- func (r *MissingRuntime) CheckpointContainer(ctr *Container, options ContainerCheckpointOptions) error
- func (r *MissingRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) error
- func (r *MissingRuntime) DeleteContainer(ctr *Container) error
- func (r *MissingRuntime) ExecAttachSocketPath(ctr *Container, sessionID string) (string, error)
- func (r *MissingRuntime) ExecContainer(ctr *Container, sessionID string, options *ExecOptions) (int, chan error, error)
- func (r *MissingRuntime) ExecContainerCleanup(ctr *Container, sessionID string) error
- func (r *MissingRuntime) ExecStopContainer(ctr *Container, sessionID string, timeout uint) error
- func (r *MissingRuntime) ExitFilePath(ctr *Container) (string, error)
- func (r *MissingRuntime) KillContainer(ctr *Container, signal uint, all bool) error
- func (r *MissingRuntime) Name() string
- func (r *MissingRuntime) Path() string
- func (r *MissingRuntime) PauseContainer(ctr *Container) error
- func (r *MissingRuntime) RuntimeInfo() (map[string]interface{}, error)
- func (r *MissingRuntime) StartContainer(ctr *Container) error
- func (r *MissingRuntime) StopContainer(ctr *Container, timeout uint, all bool) error
- func (r *MissingRuntime) SupportsCheckpoint() bool
- func (r *MissingRuntime) SupportsJSONErrors() bool
- func (r *MissingRuntime) SupportsNoCgroups() bool
- func (r *MissingRuntime) UnpauseContainer(ctr *Container) error
- func (r *MissingRuntime) UpdateContainerStatus(ctr *Container) error
- type OCIRuntime
- type Pod
- func (p *Pod) AllContainers() ([]*Container, error)
- func (p *Pod) AllContainersByID() ([]string, error)
- func (p *Pod) CgroupParent() string
- func (p *Pod) CgroupPath() (string, error)
- func (p *Pod) CreatedTime() time.Time
- func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error)
- func (p *Pod) GetPodPidInformation(descriptors []string) ([]string, error)
- func (p *Pod) GetPodStats(previousContainerStats map[string]*ContainerStats) (map[string]*ContainerStats, error)
- func (p *Pod) HasContainer(id string) (bool, error)
- func (p *Pod) HasInfraContainer() bool
- func (p *Pod) ID() string
- func (p *Pod) InfraContainerID() (string, error)
- func (p *Pod) Inspect() (*PodInspect, error)
- func (p *Pod) Kill(signal uint) (map[string]error, error)
- func (p *Pod) Labels() map[string]string
- func (p *Pod) Name() string
- func (p *Pod) Namespace() string
- func (p *Pod) Pause() (map[string]error, error)
- func (p *Pod) Restart(ctx context.Context) (map[string]error, error)
- func (p *Pod) SharesCgroup() bool
- func (p *Pod) SharesIPC() bool
- func (p *Pod) SharesMount() bool
- func (p *Pod) SharesNamespaces() bool
- func (p *Pod) SharesNet() bool
- func (p *Pod) SharesPID() bool
- func (p *Pod) SharesUTS() bool
- func (p *Pod) SharesUser() bool
- func (p *Pod) Start(ctx context.Context) (map[string]error, error)
- func (p *Pod) Status() (map[string]define.ContainerStatus, error)
- func (p *Pod) Stop(ctx context.Context, cleanup bool) (map[string]error, error)
- func (p *Pod) StopWithTimeout(ctx context.Context, cleanup bool, timeout int) (map[string]error, error)
- func (p *Pod) Unpause() (map[string]error, error)
- type PodConfig
- type PodContainerInfo
- type PodContainerStats
- type PodCreateOption
- func WithInfraContainer() PodCreateOption
- func WithInfraContainerPorts(bindings []ocicni.PortMapping) PodCreateOption
- func WithPodCgroupParent(path string) PodCreateOption
- func WithPodCgroups() PodCreateOption
- func WithPodHostname(hostname string) PodCreateOption
- func WithPodIPC() PodCreateOption
- func WithPodLabels(labels map[string]string) PodCreateOption
- func WithPodMount() PodCreateOption
- func WithPodName(name string) PodCreateOption
- func WithPodNamespace(ns string) PodCreateOption
- func WithPodNet() PodCreateOption
- func WithPodPID() PodCreateOption
- func WithPodUTS() PodCreateOption
- func WithPodUser() PodCreateOption
- type PodFilter
- type PodInspect
- type PodInspectState
- type Runtime
- func (r *Runtime) ApplyDiffTarStream(to string, diff io.Reader) error
- func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions, dockerfiles ...string) error
- func (r *Runtime) DeferredShutdown(force bool)
- func (r *Runtime) Events(options events.ReadOptions) error
- func (r *Runtime) EvictContainer(ctx context.Context, idOrName string, removeVolume bool) (string, error)
- func (r *Runtime) GetAllContainers() ([]*Container, error)
- func (r *Runtime) GetAllPods() ([]*Pod, error)
- func (r *Runtime) GetAllVolumes() ([]*Volume, error)
- func (r *Runtime) GetConfig() (*config.Config, error)
- func (r *Runtime) GetContainer(id string) (*Container, error)
- func (r *Runtime) GetContainers(filters ...ContainerFilter) ([]*Container, error)
- func (r *Runtime) GetContainersByList(containers []string) ([]*Container, error)
- func (r *Runtime) GetDiff(from, to string) ([]archive.Change, error)
- func (r *Runtime) GetDiffTarStream(from, to string) (io.ReadCloser, error)
- func (r *Runtime) GetEvents(filters []string) ([]*events.Event, error)
- func (r *Runtime) GetHostDistributionInfo() map[string]string
- func (r *Runtime) GetLastContainerEvent(nameOrID string, containerEvent events.Status) (*events.Event, error)
- func (r *Runtime) GetLatestContainer() (*Container, error)
- func (r *Runtime) GetLatestPod() (*Pod, error)
- func (r *Runtime) GetOCIRuntimePath() string
- func (r *Runtime) GetPod(id string) (*Pod, error)
- func (r *Runtime) GetRunningContainers() ([]*Container, error)
- func (r *Runtime) GetRunningPods() ([]*Pod, error)
- func (r *Runtime) GetVolume(name string) (*Volume, error)
- func (r *Runtime) HasContainer(id string) (bool, error)
- func (r *Runtime) HasPod(id string) (bool, error)
- func (r *Runtime) HasVolume(name string) (bool, error)
- func (r *Runtime) HealthCheck(name string) (HealthCheckStatus, error)
- func (r *Runtime) ImageRuntime() *image.Runtime
- func (r *Runtime) Import(ctx context.Context, source string, reference string, changes []string, ...) (string, error)
- func (r *Runtime) Info() ([]define.InfoData, error)
- func (r *Runtime) ListStorageContainers() ([]*StorageContainer, error)
- func (r *Runtime) LoadImage(ctx context.Context, name, inputFile string, writer io.Writer, ...) (string, error)
- func (r *Runtime) Log(containers []*Container, options *logs.LogOptions, ...) error
- func (r *Runtime) LookupContainer(idOrName string) (*Container, error)
- func (r *Runtime) LookupPod(idOrName string) (*Pod, error)
- func (r *Runtime) LookupVolume(name string) (*Volume, error)
- func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options ...CtrCreateOption) (c *Container, err error)
- func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Pod, Err error)
- func (r *Runtime) NewVolume(ctx context.Context, options ...VolumeCreateOption) (*Volume, error)
- func (r *Runtime) Pods(filters ...PodFilter) ([]*Pod, error)
- func (r *Runtime) PruneVolumes(ctx context.Context) ([]string, []error)
- func (r *Runtime) RemoveContainer(ctx context.Context, c *Container, force bool, removeVolume bool) error
- func (r *Runtime) RemoveImage(ctx context.Context, img *image.Image, force bool) (string, error)
- func (r *Runtime) RemovePod(ctx context.Context, p *Pod, removeCtrs, force bool) error
- func (r *Runtime) RemoveStorageContainer(idOrName string, force bool) error
- func (r *Runtime) RemoveVolume(ctx context.Context, v *Volume, force bool) error
- func (r *Runtime) RestoreContainer(ctx context.Context, rSpec *spec.Spec, config *ContainerConfig) (c *Container, err error)
- func (r *Runtime) Shutdown(force bool) error
- func (r *Runtime) SystemContext() *types.SystemContext
- func (r *Runtime) Volumes(filters ...VolumeFilter) ([]*Volume, error)
- func (r *Runtime) WithPod(pod *Pod) CtrCreateOption
- type RuntimeContainerMetadata
- type RuntimeOption
- func WithCNIConfigDir(dir string) RuntimeOption
- func WithCNIPluginDir(dir string) RuntimeOption
- func WithCgroupManager(manager string) RuntimeOption
- func WithConmonEnv(environment []string) RuntimeOption
- func WithConmonPath(path string) RuntimeOption
- func WithDefaultInfraCommand(cmd string) RuntimeOption
- func WithDefaultInfraImage(img string) RuntimeOption
- func WithDefaultMountsFile(mountsFile string) RuntimeOption
- func WithDefaultTransport(defaultTransport string) RuntimeOption
- func WithEnableSDNotify() RuntimeOption
- func WithEventsLogger(logger string) RuntimeOption
- func WithHooksDir(hooksDirs ...string) RuntimeOption
- func WithMaxLogSize(limit int64) RuntimeOption
- func WithMigrate() RuntimeOption
- func WithMigrateRuntime(requestedRuntime string) RuntimeOption
- func WithNamespace(ns string) RuntimeOption
- func WithNetworkCmdPath(path string) RuntimeOption
- func WithNoPivotRoot() RuntimeOption
- func WithNoStore() RuntimeOption
- func WithOCIRuntime(runtime string) RuntimeOption
- func WithRenumber() RuntimeOption
- func WithSignaturePolicy(path string) RuntimeOption
- func WithStateType(storeType define.RuntimeStateStore) RuntimeOption
- func WithStaticDir(dir string) RuntimeOption
- func WithStorageConfig(config storage.StoreOptions) RuntimeOption
- func WithTmpDir(dir string) RuntimeOption
- func WithVolumePath(volPath string) RuntimeOption
- type State
- type StorageContainer
- type Volume
- func (v *Volume) CreatedTime() time.Time
- func (v *Volume) Driver() string
- func (v *Volume) GID() int
- func (v *Volume) Inspect() (*InspectVolumeData, error)
- func (v *Volume) IsCtrSpecific() bool
- func (v *Volume) Labels() map[string]string
- func (v *Volume) MountPoint() string
- func (v *Volume) Name() string
- func (v *Volume) Options() map[string]string
- func (v *Volume) Scope() string
- func (v *Volume) UID() int
- type VolumeConfig
- type VolumeCreateOption
- func WithVolumeDriver(driver string) VolumeCreateOption
- func WithVolumeGID(gid int) VolumeCreateOption
- func WithVolumeLabels(labels map[string]string) VolumeCreateOption
- func WithVolumeName(name string) VolumeCreateOption
- func WithVolumeOptions(options map[string]string) VolumeCreateOption
- func WithVolumeUID(uid int) VolumeCreateOption
- type VolumeFilter
- type VolumeState
Constants ¶
const ( // RestartPolicyNone indicates that no restart policy has been requested // by a container. RestartPolicyNone = "" // RestartPolicyNo is identical in function to RestartPolicyNone. RestartPolicyNo = "no" // RestartPolicyAlways unconditionally restarts the container. RestartPolicyAlways = "always" // RestartPolicyOnFailure restarts the container on non-0 exit code, // with an optional maximum number of retries. RestartPolicyOnFailure = "on-failure" )
Valid restart policy types.
const ( // InspectAnnotationCIDFile is used by Inspect to determine if a // container ID file was created for the container. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationCIDFile = "io.podman.annotations.cid-file" // InspectAnnotationAutoremove is used by Inspect to determine if a // container will be automatically removed on exit. // If an annotation with this key is found in the OCI spec and is one of // the two supported boolean values (InspectResponseTrue and // InspectResponseFalse) it will be used in the output of Inspect(). InspectAnnotationAutoremove = "io.podman.annotations.autoremove" // InspectAnnotationVolumesFrom is used by Inspect to identify // containers whose volumes are are being used by this container. // It is expected to be a comma-separated list of container names and/or // IDs. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationVolumesFrom = "io.podman.annotations.volumes-from" // InspectAnnotationPrivileged is used by Inspect to identify containers // which are privileged (IE, running with elevated privileges). // It is expected to be a boolean, populated by one of // InspectResponseTrue or InspectResponseFalse. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationPrivileged = "io.podman.annotations.privileged" // InspectAnnotationPublishAll is used by Inspect to identify containers // which have all the ports from their image published. // It is expected to be a boolean, populated by one of // InspectResponseTrue or InspectResponseFalse. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationPublishAll = "io.podman.annotations.publish-all" // InspectAnnotationInit is used by Inspect to identify containers that // mount an init binary in. // It is expected to be a boolean, populated by one of // InspectResponseTrue or InspectResponseFalse. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationInit = "io.podman.annotations.init" // InspectAnnotationLabel is used by Inspect to identify containers with // special SELinux-related settings. It is used to populate the output // of the SecurityOpt setting. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationLabel = "io.podman.annotations.label" // InspectAnnotationSeccomp is used by Inspect to identify containers // with special Seccomp-related settings. It is used to populate the // output of the SecurityOpt setting in Inspect. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationSeccomp = "io.podman.annotations.seccomp" // InspectAnnotationApparmor is used by Inspect to identify containers // with special Apparmor-related settings. It is used to populate the // output of the SecurityOpt setting. // If an annotation with this key is found in the OCI spec, it will be // used in the output of Inspect(). InspectAnnotationApparmor = "io.podman.annotations.apparmor" // InspectResponseTrue is a boolean True response for an inspect // annotation. InspectResponseTrue = "TRUE" // InspectResponseFalse is a boolean False response for an inspect // annotation. InspectResponseFalse = "FALSE" )
const ( // HealthCheckSuccess means the health worked HealthCheckSuccess HealthCheckStatus = iota // HealthCheckFailure means the health ran and failed HealthCheckFailure HealthCheckStatus = iota // HealthCheckContainerStopped means the health check cannot // be run because the container is stopped HealthCheckContainerStopped HealthCheckStatus = iota // HealthCheckContainerNotFound means the container could // not be found in local store HealthCheckContainerNotFound HealthCheckStatus = iota // HealthCheckNotDefined means the container has no health // check defined in it HealthCheckNotDefined HealthCheckStatus = iota // HealthCheckInternalError means somes something failed obtaining or running // a given health check HealthCheckInternalError HealthCheckStatus = iota // HealthCheckDefined means the healthcheck was found on the container HealthCheckDefined HealthCheckStatus = iota // MaxHealthCheckNumberLogs is the maximum number of attempts we keep // in the healthcheck history file MaxHealthCheckNumberLogs int = 5 // MaxHealthCheckLogLength in characters MaxHealthCheckLogLength = 500 // HealthCheckHealthy describes a healthy container HealthCheckHealthy string = "healthy" // HealthCheckUnhealthy describes an unhealthy container HealthCheckUnhealthy string = "unhealthy" // HealthCheckStarting describes the time between when the container starts // and the start-period (time allowed for the container to start and application // to be running) expires. HealthCheckStarting string = "starting" )
const ( // MountPrivate represents the private mount option. MountPrivate = "private" // MountRPrivate represents the rprivate mount option. MountRPrivate = "rprivate" MountShared = "shared" MountRShared = "rshared" // MountSlave represents the slave mount option. MountSlave = "slave" // MountRSlave represents the rslave mount option. MountRSlave = "rslave" )
const ( AttachPipeStdin = 1 AttachPipeStdout = 2 AttachPipeStderr = 3 )
Sync with stdpipe_t in conmon.c
const CgroupfsDefaultCgroupParent = "/libpod_parent"
CgroupfsDefaultCgroupParent is the cgroup parent for CGroupFS in libpod
const DefaultWaitInterval = 250 * time.Millisecond
DefaultWaitInterval is the default interval between container status checks while waiting.
const ( // IDTruncLength is the length of the pod's id that will be used to make the // infra container name IDTruncLength = 12 )
const JSONLogging = "json-file"
JSONLogging is the string conmon expects when specifying to use the json logging format
const JournaldLogging = "journald"
JournaldLogging is the string conmon expects to specify journald logging
const KubernetesLogging = "k8s-file"
KubernetesLogging is the string conmon expects when specifying to use the kubernetes logging format
const SystemdDefaultCgroupParent = "machine.slice"
SystemdDefaultCgroupParent is the cgroup parent for the systemd cgroup manager in libpod
const SystemdDefaultRootlessCgroupParent = "user.slice"
SystemdDefaultRootlessCgroupParent is the cgroup parent for the systemd cgroup manager in libpod when running as rootless
Variables ¶
var ( NameRegex = regexp.MustCompile("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$") RegexError = errors.Wrapf(define.ErrInvalidArg, "names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*") )
Functions ¶
func DefaultSeccompPath ¶ added in v1.6.3
func FuncTimer ¶
func FuncTimer(funcName string)
FuncTimer helps measure the execution time of a function For debug purposes, do not leave in code used like defer FuncTimer("foo")
func GenerateKubeServiceFromV1Pod ¶ added in v1.0.0
GenerateKubeServiceFromV1Pod creates a v1 service object from a v1 pod object
func JSONDeepCopy ¶ added in v1.2.0
func JSONDeepCopy(from, to interface{}) error
JSONDeepCopy performs a deep copy by performing a JSON encode/decode of the given structures. From and To should be identically typed structs.
func LabelVolumePath ¶ added in v1.2.0
LabelVolumePath takes a mount path for a volume and gives it an selinux label of either shared or not
func MountExists ¶ added in v0.2.2
MountExists returns true if dest exists in the list of mounts
func RemoveScientificNotationFromFloat ¶
RemoveScientificNotationFromFloat returns a float without any scientific notation if the number has any. golang does not handle conversion of float64s that have scientific notation in them and otherwise stinks. please replace this if you have a better implementation.
func SetXdgDirs ¶ added in v1.5.0
func SetXdgDirs() error
SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set. containers/image uses XDG_RUNTIME_DIR to locate the auth file, XDG_CONFIG_HOME is use for the libpod.conf configuration file.
Types ¶
type AttachStreams ¶ added in v0.4.2
type AttachStreams struct { // OutputStream will be attached to container's STDOUT OutputStream io.WriteCloser // ErrorStream will be attached to container's STDERR ErrorStream io.WriteCloser // InputStream will be attached to container's STDIN InputStream io.Reader // AttachOutput is whether to attach to STDOUT // If false, stdout will not be attached AttachOutput bool // AttachError is whether to attach to STDERR // If false, stdout will not be attached AttachError bool // AttachInput is whether to attach to STDIN // If false, stdout will not be attached AttachInput bool }
AttachStreams contains streams that will be attached to the container
type BoltState ¶
type BoltState struct {
// contains filtered or unexported fields
}
BoltState is a state implementation backed by a Bolt DB
func (*BoltState) AddContainer ¶
AddContainer adds a container to the state The container being added cannot belong to a pod
func (*BoltState) AddContainerToPod ¶
AddContainerToPod adds the given container to an existing pod The container will be added to the state and the pod
func (*BoltState) AddVolume ¶ added in v0.12.1
AddVolume adds the given volume to the state. It also adds ctrDepID to the sub bucket holding the container dependencies that this volume has
func (*BoltState) AllContainers ¶
AllContainers retrieves all the containers in the database
func (*BoltState) AllVolumes ¶ added in v0.12.1
AllVolumes returns all volumes present in the state
func (*BoltState) ContainerInUse ¶
ContainerInUse checks if other containers depend on the given container It returns a slice of the IDs of the containers depending on the given container. If the slice is empty, no containers depend on the given container
func (*BoltState) GetContainerConfig ¶ added in v1.6.2
func (s *BoltState) GetContainerConfig(id string) (*ContainerConfig, error)
GetContainerConfig returns a container config from the database by full ID
func (*BoltState) GetDBConfig ¶ added in v0.12.1
GetDBConfig retrieves runtime configuration fields that were created when the database was first initialized
func (*BoltState) HasContainer ¶
HasContainer checks if a container is present in the state
func (*BoltState) HasVolume ¶ added in v0.12.1
HasVolume returns true if the given volume exists in the state, otherwise it returns false
func (*BoltState) LookupContainer ¶
LookupContainer retrieves a container from the state by full or unique partial ID or name
func (*BoltState) LookupContainerID ¶ added in v1.6.2
LookupContainerID retrieves a container ID from the state by full or unique partial ID or name
func (*BoltState) LookupVolume ¶ added in v1.6.0
LookupVolume locates a volume from a partial name.
func (*BoltState) PodContainers ¶
PodContainers returns all the containers present in the given pod
func (*BoltState) PodContainersByID ¶
PodContainersByID returns the IDs of all containers present in the given pod
func (*BoltState) PodHasContainer ¶
PodHasContainer checks if the given pod has a container with the given ID
func (*BoltState) RemoveContainer ¶
RemoveContainer removes a container from the state Only removes containers not in pods - for containers that are a member of a pod, use RemoveContainerFromPod
func (*BoltState) RemoveContainerFromPod ¶
RemoveContainerFromPod removes a container from an existing pod The container will also be removed from the state
func (*BoltState) RemovePod ¶
RemovePod removes the given pod from the state Only empty pods can be removed
func (*BoltState) RemovePodContainers ¶
RemovePodContainers removes all containers in a pod
func (*BoltState) RemoveVolume ¶ added in v0.12.1
RemoveVolume removes the given volume from the state
func (*BoltState) RewriteContainerConfig ¶ added in v1.1.0
func (s *BoltState) RewriteContainerConfig(ctr *Container, newCfg *ContainerConfig) error
RewriteContainerConfig rewrites a container's configuration. WARNING: This function is DANGEROUS. Do not use without reading the full comment on this function in state.go.
func (*BoltState) RewritePodConfig ¶ added in v1.1.0
RewritePodConfig rewrites a pod's configuration. WARNING: This function is DANGEROUS. Do not use without reading the full comment on this function in state.go.
func (*BoltState) RewriteVolumeConfig ¶ added in v1.6.0
func (s *BoltState) RewriteVolumeConfig(volume *Volume, newCfg *VolumeConfig) error
RewriteVolumeConfig rewrites a volume's configuration. WARNING: This function is DANGEROUS. Do not use without reading the full comment on this function in state.go.
func (*BoltState) SaveContainer ¶
SaveContainer saves a container's current state in the database
func (*BoltState) SaveVolume ¶ added in v1.6.0
SaveVolume saves the volume's state to the database.
func (*BoltState) SetNamespace ¶ added in v0.7.4
SetNamespace sets the namespace that will be used for container and pod retrieval
func (*BoltState) UpdateContainer ¶
UpdateContainer updates a container's state from the database
func (*BoltState) UpdateVolume ¶ added in v1.6.0
UpdateVolume updates the volume's state from the database.
func (*BoltState) ValidateDBConfig ¶ added in v0.12.1
ValidateDBConfig validates paths in the given runtime against the database
func (*BoltState) VolumeInUse ¶ added in v0.12.1
VolumeInUse checks if any container is using the volume It returns a slice of the IDs of the containers using the given volume. If the slice is empty, no containers use the given volume
type ConmonOCIRuntime ¶ added in v1.6.2
type ConmonOCIRuntime struct {
// contains filtered or unexported fields
}
ConmonOCIRuntime is an OCI runtime managed by Conmon. TODO: Make all calls to OCI runtime have a timeout.
func (*ConmonOCIRuntime) AttachSocketPath ¶ added in v1.6.2
func (r *ConmonOCIRuntime) AttachSocketPath(ctr *Container) (string, error)
AttachSocketPath is the path to a single container's attach socket.
func (*ConmonOCIRuntime) CheckpointContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) CheckpointContainer(ctr *Container, options ContainerCheckpointOptions) error
CheckpointContainer checkpoints the given container.
func (*ConmonOCIRuntime) CreateContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error)
CreateContainer creates a container.
func (*ConmonOCIRuntime) DeleteContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error
DeleteContainer deletes a container from the OCI runtime.
func (*ConmonOCIRuntime) ExecAttachSocketPath ¶ added in v1.6.2
func (r *ConmonOCIRuntime) ExecAttachSocketPath(ctr *Container, sessionID string) (string, error)
ExecAttachSocketPath is the path to a container's exec session attach socket.
func (*ConmonOCIRuntime) ExecContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options *ExecOptions) (int, chan error, error)
ExecContainer executes a command in a running container TODO: Split into Create/Start/Attach/Wait
func (*ConmonOCIRuntime) ExecContainerCleanup ¶ added in v1.6.2
func (r *ConmonOCIRuntime) ExecContainerCleanup(ctr *Container, sessionID string) error
ExecCleanupContainer cleans up files created when a command is run via ExecContainer. This includes the attach socket for the exec session.
func (*ConmonOCIRuntime) ExecStopContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) ExecStopContainer(ctr *Container, sessionID string, timeout uint) error
ExecStopContainer stops a given exec session in a running container.
func (*ConmonOCIRuntime) ExitFilePath ¶ added in v1.6.2
func (r *ConmonOCIRuntime) ExitFilePath(ctr *Container) (string, error)
ExitFilePath is the path to a container's exit file.
func (*ConmonOCIRuntime) KillContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) KillContainer(ctr *Container, signal uint, all bool) error
KillContainer sends the given signal to the given container. If all is set, send to all PIDs in the container. All is only supported if the container created cgroups.
func (*ConmonOCIRuntime) Name ¶ added in v1.6.2
func (r *ConmonOCIRuntime) Name() string
Name returns the name of the runtime being wrapped by Conmon.
func (*ConmonOCIRuntime) Path ¶ added in v1.6.2
func (r *ConmonOCIRuntime) Path() string
Path returns the path of the OCI runtime being wrapped by Conmon.
func (*ConmonOCIRuntime) PauseContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error
PauseContainer pauses the given container.
func (*ConmonOCIRuntime) RuntimeInfo ¶ added in v1.6.2
func (r *ConmonOCIRuntime) RuntimeInfo() (map[string]interface{}, error)
RuntimeInfo provides information on the runtime.
func (*ConmonOCIRuntime) StartContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error
StartContainer starts the given container. Sets time the container was started, but does not save it.
func (*ConmonOCIRuntime) StopContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool) error
StopContainer stops a container, first using its given stop signal (or SIGTERM if no signal was specified), then using SIGKILL. Timeout is given in seconds. If timeout is 0, the container will be immediately kill with SIGKILL. Does not set finished time for container, assumes you will run updateStatus after to pull the exit code.
func (*ConmonOCIRuntime) SupportsCheckpoint ¶ added in v1.6.2
func (r *ConmonOCIRuntime) SupportsCheckpoint() bool
SupportsCheckpoint checks if the OCI runtime supports checkpointing containers.
func (*ConmonOCIRuntime) SupportsJSONErrors ¶ added in v1.6.2
func (r *ConmonOCIRuntime) SupportsJSONErrors() bool
SupportsJSONErrors checks if the OCI runtime supports JSON-formatted error messages.
func (*ConmonOCIRuntime) SupportsNoCgroups ¶ added in v1.6.2
func (r *ConmonOCIRuntime) SupportsNoCgroups() bool
SupportsNoCgroups checks if the OCI runtime supports running containers without cgroups (the --cgroup-manager=disabled flag).
func (*ConmonOCIRuntime) UnpauseContainer ¶ added in v1.6.2
func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error
UnpauseContainer unpauses the given container.
func (*ConmonOCIRuntime) UpdateContainerStatus ¶ added in v1.6.2
func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error
UpdateContainerStatus retrieves the current status of the container from the runtime. It updates the container's state but does not save it. If useRuntime is false, we will not directly hit runc to see the container's status, but will instead only check for the existence of the conmon exit file and update state to stopped if it exists.
type Container ¶
type Container struct {
// contains filtered or unexported fields
}
Container is a single OCI container. All operations on a Container that access state must begin with a call to syncContainer(). There is no guarantee that state exists in a readable state before syncContainer() is run, and even if it does, its contents will be out of date and must be refreshed from the database. Generally, this requirement applies only to top-level functions; helpers can assume that their callers handled this requirement. Generally speaking, if a function takes the container lock and accesses any part of state, it should syncContainer() immediately after locking.
func (*Container) AddArtifact ¶
AddArtifact creates and writes to an artifact file for the container
func (*Container) Attach ¶
func (c *Container) Attach(streams *AttachStreams, keys string, resize <-chan remotecommand.TerminalSize) error
Attach attaches to a container
func (*Container) AttachSocketPath ¶ added in v0.5.4
AttachSocketPath retrieves the path of the container's attach socket
func (*Container) AutoRemove ¶ added in v1.6.0
AutoRemove indicates whether the container will be removed after it is executed
func (*Container) Batch ¶
Batch starts a batch operation on the given container All commands in the passed function will execute under the same lock and without syncronyzing state after each operation This will result in substantial performance benefits when running numerous commands on the same container Note that the container passed into the Batch function cannot be removed during batched operations. runtime.RemoveContainer can only be called outside of Batch Any error returned by the given batch function will be returned unmodified by Batch As Batch normally disables updating the current state of the container, the Sync() function is provided to enable container state to be updated and checked within Batch.
func (*Container) BindMounts ¶ added in v0.3.2
BindMounts retrieves bind mounts that were created by libpod and will be added to the container All these mounts except /dev/shm are ignored if a mount in the given spec has the same destination These mounts include /etc/resolv.conf, /etc/hosts, and /etc/hostname The return is formatted as a map from destination (mountpoint in the container) to source (path of the file that will be mounted into the container) If the container has not been started yet, an empty map will be returned, as the files in question are only created when the container is started.
func (*Container) CGroupPath ¶
CGroupPath returns a cgroups "path" for a given container.
func (*Container) CgroupParent ¶ added in v0.2.2
CgroupParent gets the container's CGroup parent
func (*Container) Checkpoint ¶ added in v0.10.1
func (c *Container) Checkpoint(ctx context.Context, options ContainerCheckpointOptions) error
Checkpoint checkpoints a container
func (*Container) CheckpointPath ¶ added in v0.10.1
CheckpointPath returns the path to the directory containing the checkpoint
func (*Container) Cleanup ¶
Cleanup unmounts all mount points in container and cleans up container storage It also cleans up the network stack
func (*Container) Command ¶ added in v0.5.1
Command is the container's command This is not added to the spec, but is instead used during image commit
func (*Container) Commit ¶
func (c *Container) Commit(ctx context.Context, destImage string, options ContainerCommitOptions) (*image.Image, error)
Commit commits the changes between a container and its image, creating a new image
func (*Container) Config ¶
func (c *Container) Config() *ContainerConfig
Config returns the configuration used to create the container
func (*Container) ConmonPID ¶ added in v1.5.0
ConmonPID Returns the PID of the container's conmon process. If the container is not running, a PID of 0 will be returned. No error will occur.
func (*Container) ContainerState ¶ added in v1.1.0
func (c *Container) ContainerState() (*ContainerState, error)
ContainerState returns containerstate struct
func (*Container) ControlSocketPath ¶ added in v0.5.4
ControlSocketPath returns the path to the containers control socket for things like tty resizing
func (*Container) CreatedTime ¶ added in v0.2.2
CreatedTime gets the time when the container was created
func (*Container) DNSOption ¶ added in v0.2.2
DNSOption returns the DNS options that will be used in the container's resolv.conf If empty, options from the host's resolv.conf will be used instead
func (*Container) DNSSearch ¶ added in v0.2.2
DNSSearch returns the DNS search domains that will be used in the container's resolv.conf If empty, DNS Search domains from the host's resolv.conf will be used instead
func (*Container) DNSServers ¶ added in v0.2.2
DNSServers returns DNS servers that will be used in the container's resolv.conf If empty, DNS server from the host's resolv.conf will be used instead
func (*Container) Dependencies ¶
Dependencies gets the containers this container depends upon
func (*Container) Entrypoint ¶ added in v0.5.1
Entrypoint is the container's entrypoint. This is not added to the spec, but is instead used during image commit.
func (*Container) Exec ¶
func (c *Container) Exec(tty, privileged bool, env map[string]string, cmd []string, user, workDir string, streams *AttachStreams, preserveFDs uint, resize chan remotecommand.TerminalSize, detachKeys string) (int, error)
Exec starts a new process inside the container Returns an exit code and an error. If Exec was not able to exec in the container before a failure, an exit code of define.ExecErrorCodeCannotInvoke is returned. If another generic error happens, an exit code of define.ExecErrorCodeGeneric is returned. Sometimes, the $RUNTIME exec call errors, and if that is the case, the exit code is the exit code of the call. Otherwise, the exit code will be the exit code of the executed call inside of the container. TODO investigate allowing exec without attaching
func (*Container) ExecSession ¶ added in v0.3.1
func (c *Container) ExecSession(id string) (*ExecSession, error)
ExecSession retrieves detailed information on a single active exec session in a container
func (*Container) ExecSessions ¶ added in v0.3.1
ExecSessions retrieves active exec sessions running in the container
func (*Container) ExitCode ¶
ExitCode returns the exit code of the container as an int32, and whether the container has exited. If the container has not exited, exit code will always be 0. If the container restarts, the exit code is reset to 0.
func (*Container) Export ¶
Export exports a container's root filesystem as a tar archive The archive will be saved as a file at the given path
func (*Container) FinishedTime ¶
FinishedTime is the time the container was stopped
func (*Container) GenerateForKube ¶ added in v1.0.0
GenerateForKube takes a slice of libpod containers and generates one v1.Pod description that includes just a single container.
func (*Container) GetArtifact ¶
GetArtifact reads the specified artifact file from the container
func (*Container) GetContainerPidInformation ¶
GetContainerPidInformation returns process-related data of all processes in the container. The output data can be controlled via the `descriptors` argument which expects format descriptors and supports all AIXformat descriptors of ps (1) plus some additional ones to for instance inspect the set of effective capabilities. Each element in the returned string slice is a tab-separated string.
For more details, please refer to github.com/containers/psgo.
func (*Container) GetContainerStats ¶
func (c *Container) GetContainerStats(previousStats *ContainerStats) (*ContainerStats, error)
GetContainerStats gets the running stats for a given container
func (*Container) GetHealthCheckLog ¶ added in v1.2.0
func (c *Container) GetHealthCheckLog() (HealthCheckResults, error)
GetHealthCheckLog returns HealthCheck results by reading the container's health check log file. If the health check log file does not exist, then an empty healthcheck struct is returned
func (*Container) HasHealthCheck ¶ added in v1.2.0
HasHealthCheck returns bool as to whether there is a health check defined for the container
func (*Container) HealthCheckConfig ¶ added in v1.2.0
func (c *Container) HealthCheckConfig() *manifest.Schema2HealthConfig
HealthCheckConfig returns the command and timing attributes of the health check
func (*Container) HealthCheckStatus ¶ added in v1.2.0
HealthCheckStatus returns the current state of a container with a healthcheck
func (*Container) HostsAdd ¶ added in v0.2.2
HostsAdd returns hosts that will be added to the container's hosts file The host system's hosts file is used as a base, and these are appended to it
func (*Container) IDMappings ¶ added in v0.5.2
func (c *Container) IDMappings() (storage.IDMappingOptions, error)
IDMappings returns the UID/GID mapping used for the container
func (*Container) IPs ¶ added in v0.3.1
IPs retrieves a container's IP address(es) This will only be populated if the container is configured to created a new network namespace, and that namespace is presently active
func (*Container) Image ¶ added in v0.2.2
Image returns the ID and name of the image used as the container's rootfs
func (*Container) ImageVolumes ¶ added in v0.2.2
ImageVolumes returns whether the container is configured to create persistent volumes requested by the image
func (*Container) Inspect ¶
func (c *Container) Inspect(size bool) (*InspectContainerData, error)
Inspect a container for low-level information
func (*Container) IsInfra ¶ added in v0.8.4
IsInfra returns whether the container is an infra container
func (*Container) IsReadOnly ¶ added in v0.9.3
IsReadOnly returns whether the container is running in read only mode
func (*Container) LogPath ¶
LogPath returns the path to the container's log file This file will only be present after Init() is called to create the container in the runtime
func (*Container) Mount ¶
Mount mounts a container's filesystem on the host The path where the container has been mounted is returned
func (*Container) MountLabel ¶ added in v0.2.2
MountLabel returns the SELinux mount label of the container
func (*Container) Mounted ¶
Mounted returns whether the container is mounted and the path it is mounted at (if it is mounted). If the container is not mounted, no error is returned, and the mountpoint will be set to "".
func (*Container) NamedVolumes ¶ added in v1.3.0
func (c *Container) NamedVolumes() []*ContainerNamedVolume
NamedVolumes returns the container's named volumes. The name of each is guaranteed to point to a valid libpod Volume present in the state.
func (*Container) Namespace ¶ added in v0.7.4
Namespace returns the libpod namespace the container is in. Namespaces are used to logically separate containers and pods in the state.
func (*Container) NamespacePath ¶
NamespacePath returns the path of one of the container's namespaces If the container is not running, an error will be returned
func (*Container) NetworkDisabled ¶ added in v0.12.1
NetworkDisabled returns whether the container is running with a disabled network
func (*Container) NewNetNS ¶ added in v0.2.2
NewNetNS returns whether the container will create a new network namespace
func (*Container) OOMKilled ¶ added in v0.2.2
OOMKilled returns whether the container was killed by an OOM condition
func (*Container) PID ¶
PID returns the PID of the container. If the container is not running, a pid of 0 will be returned. No error will occur.
func (*Container) PodID ¶
PodID returns the full ID of the pod the container belongs to, or "" if it does not belong to a pod
func (*Container) PortMappings ¶ added in v0.2.2
func (c *Container) PortMappings() ([]ocicni.PortMapping, error)
PortMappings returns the ports that will be mapped into a container if a new network namespace is created If NewNetNS() is false, this value is unused
func (*Container) Privileged ¶ added in v0.2.2
Privileged returns whether the container is privileged
func (*Container) ProcessLabel ¶
ProcessLabel returns the selinux ProcessLabel of the container
func (*Container) ReadLog ¶ added in v1.2.0
ReadLog reads a containers log based on the input options and returns loglines over a channel
func (*Container) Refresh ¶ added in v0.6.4
Refresh refreshes a container's state in the database, restarting the container if it is running
func (*Container) RemoveArtifact ¶
RemoveArtifact deletes the specified artifacts file
func (*Container) RestartPolicy ¶ added in v1.3.0
RestartPolicy returns the container's restart policy.
func (*Container) RestartRetries ¶ added in v1.3.0
RestartRetries returns the number of retries that will be attempted when using the "on-failure" restart policy
func (*Container) RestartWithTimeout ¶ added in v0.5.1
RestartWithTimeout restarts a running container and takes a given timeout in uint
func (*Container) Restore ¶ added in v0.10.1
func (c *Container) Restore(ctx context.Context, options ContainerCheckpointOptions) (err error)
Restore restores a container
func (*Container) RootFsSize ¶
RootFsSize returns the root FS size of the container
func (*Container) Routes ¶ added in v0.3.1
Routes retrieves a container's routes This will only be populated if the container is configured to created a new network namespace, and that namespace is presently active
func (*Container) RuntimeName ¶
RuntimeName returns the name of the runtime
func (*Container) ShmSize ¶ added in v0.2.2
ShmSize returns the size of SHM device to be mounted into the container
func (*Container) Spec ¶
Spec returns the container's OCI runtime spec The spec returned is the one used to create the container. The running spec may differ slightly as mounts are added based on the image
func (*Container) Start ¶
Start starts a container. Start can start configured, created or stopped containers. For configured containers, the container will be initialized first, then started. Stopped containers will be deleted and re-created in runc, undergoing a fresh Init(). If recursive is set, Start will also start all containers this container depends on.
func (*Container) StartAndAttach ¶ added in v0.3.3
func (c *Container) StartAndAttach(ctx context.Context, streams *AttachStreams, keys string, resize <-chan remotecommand.TerminalSize, recursive bool) (attachResChan <-chan error, err error)
StartAndAttach starts a container and attaches to it. StartAndAttach can start configured, created or stopped containers. For configured containers, the container will be initialized first, then started. Stopped containers will be deleted and re-created in runc, undergoing a fresh Init(). If successful, an error channel will be returned containing the result of the attach call. The channel will be closed automatically after the result of attach has been sent. If recursive is set, StartAndAttach will also start all containers this container depends on.
func (*Container) StartedTime ¶
StartedTime is the time the container was started
func (*Container) State ¶
func (c *Container) State() (define.ContainerStatus, error)
State returns the current state of the container
func (*Container) StaticDir ¶ added in v0.2.2
StaticDir returns the directory used to store persistent container files
func (*Container) Stdin ¶ added in v0.2.2
Stdin returns whether STDIN on the container will be kept open
func (*Container) Stop ¶
Stop uses the container's stop signal (or SIGTERM if no signal was specified) to stop the container, and if it has not stopped after container's stop timeout, SIGKILL is used to attempt to forcibly stop the container Default stop timeout is 10 seconds, but can be overridden when the container is created
func (*Container) StopSignal ¶ added in v0.2.2
StopSignal is the signal that will be used to stop the container If it fails to stop the container, SIGKILL will be used after a timeout If StopSignal is 0, the default signal of SIGTERM will be used
func (*Container) StopTimeout ¶
StopTimeout returns the container's stop timeout If the container's default stop signal fails to kill the container, SIGKILL will be used after this timeout
func (*Container) StopWithTimeout ¶
StopWithTimeout is a version of Stop that allows a timeout to be specified manually. If timeout is 0, SIGKILL will be used immediately to kill the container.
func (*Container) StoppedByUser ¶ added in v1.3.0
StoppedByUser returns whether the container was last stopped by an explicit call to the Stop() API, or whether it exited naturally.
func (*Container) Sync ¶
Sync updates the status of a container by querying the OCI runtime. If the container has not been created inside the OCI runtime, nothing will be done. Most of the time, Podman does not explicitly query the OCI runtime for container status, and instead relies upon exit files created by conmon. This can cause a disconnect between running state and what Podman sees in cases where Conmon was killed unexpected, or runc was upgraded. Running a manual Sync() ensures that container state will be correct in such situations.
func (*Container) Top ¶ added in v1.3.0
Top gathers statistics about the running processes in a container. It returns a []string for output
func (*Container) UserVolumes ¶ added in v0.5.1
UserVolumes returns user-added volume mounts in the container. These are not added to the spec, but are used during image commit and to trigger some OCI hooks.
func (*Container) WaitWithInterval ¶ added in v0.9.3
WaitWithInterval blocks until the container to exit and returns its exit code. The argument is the interval at which checks the container's status.
func (*Container) WorkingDir ¶ added in v0.11.1
WorkingDir returns the containers working dir
type ContainerCheckpointOptions ¶ added in v0.12.1
type ContainerCheckpointOptions struct { // Keep tells the API to not delete checkpoint artifacts Keep bool // KeepRunning tells the API to keep the container running // after writing the checkpoint to disk KeepRunning bool // TCPEstablished tells the API to checkpoint a container // even if it contains established TCP connections TCPEstablished bool // TargetFile tells the API to read (or write) the checkpoint image // from (or to) the filename set in TargetFile TargetFile string // Name tells the API that during restore from an exported // checkpoint archive a new name should be used for the // restored container Name string // IgnoreRootfs tells the API to not export changes to // the container's root file-system (or to not import) IgnoreRootfs bool // IgnoreStaticIP tells the API to ignore the IP set // during 'podman run' with '--ip'. This is especially // important to be able to restore a container multiple // times with '--import --name'. IgnoreStaticIP bool }
ContainerCheckpointOptions is a struct used to pass the parameters for checkpointing (and restoring) to the corresponding functions
type ContainerCommitOptions ¶ added in v0.4.2
type ContainerCommitOptions struct { buildah.CommitOptions Pause bool IncludeVolumes bool Author string Message string Changes []string }
ContainerCommitOptions is a struct used to commit a container to an image It uses buildah's CommitOptions as a base. Long-term we might wish to add these to the buildah struct once buildah is more integrated with libpod
type ContainerConfig ¶
type ContainerConfig struct { Spec *spec.Spec `json:"spec"` ID string `json:"id"` Name string `json:"name"` // Full ID of the pood the container belongs to Pod string `json:"pod,omitempty"` // Namespace the container is in Namespace string `json:"namespace,omitempty"` // ID of this container's lock LockID uint32 `json:"lockID"` // UID/GID mappings used by the storage IDMappings storage.IDMappingOptions `json:"idMappingsOptions,omitempty"` // Information on the image used for the root filesystem/ RootfsImageID string `json:"rootfsImageID,omitempty"` RootfsImageName string `json:"rootfsImageName,omitempty"` // Rootfs to use for the container, this conflicts with RootfsImageID Rootfs string `json:"rootfs,omitempty"` // Whether to mount volumes specified in the image. ImageVolumes bool `json:"imageVolumes"` // Src path to be mounted on /dev/shm in container. ShmDir string `json:"ShmDir,omitempty"` // Size of the container's SHM. ShmSize int64 `json:"shmSize"` // Static directory for container content that will persist across // reboot. StaticDir string `json:"staticDir"` // Mounts list contains all additional mounts into the container rootfs. // These include the SHM mount. // These must be unmounted before the container's rootfs is unmounted. Mounts []string `json:"mounts,omitempty"` // NamedVolumes lists the named volumes to mount into the container. NamedVolumes []*ContainerNamedVolume `json:"namedVolumes,omitempty"` // Whether the container is privileged Privileged bool `json:"privileged"` // SELinux process label for container ProcessLabel string `json:"ProcessLabel,omitempty"` // SELinux mount label for root filesystem MountLabel string `json:"MountLabel,omitempty"` // LabelOpts are options passed in by the user to setup SELinux labels LabelOpts []string `json:"labelopts,omitempty"` // User and group to use in the container // Can be specified by name or UID/GID User string `json:"user,omitempty"` // Additional groups to add Groups []string `json:"groups,omitempty"` // Namespace Config // IDs of container to share namespaces with // NetNsCtr conflicts with the CreateNetNS bool // These containers are considered dependencies of the given container // They must be started before the given container is started IPCNsCtr string `json:"ipcNsCtr,omitempty"` MountNsCtr string `json:"mountNsCtr,omitempty"` NetNsCtr string `json:"netNsCtr,omitempty"` PIDNsCtr string `json:"pidNsCtr,omitempty"` UserNsCtr string `json:"userNsCtr,omitempty"` UTSNsCtr string `json:"utsNsCtr,omitempty"` CgroupNsCtr string `json:"cgroupNsCtr,omitempty"` // IDs of dependency containers. // These containers must be started before this container is started. Dependencies []string // CreateNetNS indicates that libpod should create and configure a new // network namespace for the container. // This cannot be set if NetNsCtr is also set. CreateNetNS bool `json:"createNetNS"` // StaticIP is a static IP to request for the container. // This cannot be set unless CreateNetNS is set. // If not set, the container will be dynamically assigned an IP by CNI. StaticIP net.IP `json:"staticIP"` // PortMappings are the ports forwarded to the container's network // namespace // These are not used unless CreateNetNS is true PortMappings []ocicni.PortMapping `json:"portMappings,omitempty"` // UseImageResolvConf indicates that resolv.conf should not be // bind-mounted inside the container. // Conflicts with DNSServer, DNSSearch, DNSOption. UseImageResolvConf bool // DNS servers to use in container resolv.conf // Will override servers in host resolv if set DNSServer []net.IP `json:"dnsServer,omitempty"` // DNS Search domains to use in container resolv.conf // Will override search domains in host resolv if set DNSSearch []string `json:"dnsSearch,omitempty"` // DNS options to be set in container resolv.conf // With override options in host resolv if set DNSOption []string `json:"dnsOption,omitempty"` // UseImageHosts indicates that /etc/hosts should not be // bind-mounted inside the container. // Conflicts with HostAdd. UseImageHosts bool // Hosts to add in container // Will be appended to host's host file HostAdd []string `json:"hostsAdd,omitempty"` // Network names (CNI) to add container to. Empty to use default network. Networks []string `json:"networks,omitempty"` // Network mode specified for the default network. NetMode namespaces.NetworkMode `json:"networkMode,omitempty"` // UserVolumes contains user-added volume mounts in the container. // These will not be added to the container's spec, as it is assumed // they are already present in the spec given to Libpod. Instead, it is // used when committing containers to generate the VOLUMES field of the // image that is created, and for triggering some OCI hooks which do not // fire unless user-added volume mounts are present. UserVolumes []string `json:"userVolumes,omitempty"` // Entrypoint is the container's entrypoint. // It is not used in spec generation, but will be used when the // container is committed to populate the entrypoint of the new image. Entrypoint []string `json:"entrypoint,omitempty"` // Command is the container's command. // It is not used in spec generation, but will be used when the // container is committed to populate the command of the new image. Command []string `json:"command,omitempty"` // Whether to keep container STDIN open Stdin bool `json:"stdin,omitempty"` // Labels is a set of key-value pairs providing additional information // about a container Labels map[string]string `json:"labels,omitempty"` // StopSignal is the signal that will be used to stop the container StopSignal uint `json:"stopSignal,omitempty"` // StopTimeout is the signal that will be used to stop the container StopTimeout uint `json:"stopTimeout,omitempty"` // Time container was created CreatedTime time.Time `json:"createdTime"` // NoCgroups indicates that the container will not create CGroups. It is // incompatible with CgroupParent. NoCgroups bool `json:"noCgroups,omitempty"` // Cgroup parent of the container CgroupParent string `json:"cgroupParent"` // LogPath log location LogPath string `json:"logPath"` // LogDriver driver for logs LogDriver string `json:"logDriver"` // File containing the conmon PID ConmonPidFile string `json:"conmonPidFile,omitempty"` // RestartPolicy indicates what action the container will take upon // exiting naturally. // Allowed options are "no" (take no action), "on-failure" (restart on // non-zero exit code, up an a maximum of RestartRetries times), // and "always" (always restart the container on any exit code). // The empty string is treated as the default ("no") RestartPolicy string `json:"restart_policy,omitempty"` // RestartRetries indicates the number of attempts that will be made to // restart the container. Used only if RestartPolicy is set to // "on-failure". RestartRetries uint `json:"restart_retries,omitempty"` // PostConfigureNetNS needed when a user namespace is created by an OCI runtime // if the network namespace is created before the user namespace it will be // owned by the wrong user namespace. PostConfigureNetNS bool `json:"postConfigureNetNS"` // OCIRuntime used to create the container OCIRuntime string `json:"runtime,omitempty"` // ExitCommand is the container's exit command. // This Command will be executed when the container exits ExitCommand []string `json:"exitCommand,omitempty"` // IsInfra is a bool indicating whether this container is an infra container used for // sharing kernel namespaces in a pod IsInfra bool `json:"pause"` // Systemd tells libpod to setup the container in systemd mode Systemd bool `json:"systemd"` // HealthCheckConfig has the health check command and related timings HealthCheckConfig *manifest.Schema2HealthConfig `json:"healthcheck"` }
ContainerConfig contains all information that was used to create the container. It may not be changed once created. It is stored, read-only, on disk
type ContainerFilter ¶
ContainerFilter is a function to determine whether a container is included in command output. Containers to be outputted are tested using the function. A true return will include the container, a false return will exclude it.
type ContainerGraph ¶ added in v1.6.0
type ContainerGraph struct {
// contains filtered or unexported fields
}
ContainerGraph is a dependency graph based on a set of containers.
func BuildContainerGraph ¶ added in v1.6.0
func BuildContainerGraph(ctrs []*Container) (*ContainerGraph, error)
BuildContainerGraph builds a dependency graph based on the container slice.
func (*ContainerGraph) DependencyMap ¶ added in v1.6.0
func (cg *ContainerGraph) DependencyMap() (dependencies map[*Container][]*Container)
DependencyMap returns the dependency graph as map with the key being a container and the value being the containers the key depends on.
type ContainerInfo ¶
type ContainerInfo struct { Dir string RunDir string Config *v1.Image ProcessLabel string MountLabel string }
ContainerInfo wraps a subset of information about a container: the locations of its nonvolatile and volatile per-container directories, along with a copy of the configuration blob from the image that was used to create the container, if the image had a configuration. It also returns the ProcessLabel and MountLabel selected for the container
type ContainerNamedVolume ¶ added in v1.3.0
type ContainerNamedVolume struct { // Name is the name of the volume to mount in. // Must resolve to a valid volume present in this Podman. Name string `json:"volumeName"` // Dest is the mount's destination Dest string `json:"dest"` // Options are fstab style mount options Options []string `json:"options,omitempty"` }
ContainerNamedVolume is a named volume that will be mounted into the container. Each named volume is a libpod Volume present in the state.
type ContainerState ¶ added in v1.1.0
type ContainerState struct { // The current state of the running container State define.ContainerStatus `json:"state"` // The path to the JSON OCI runtime spec for this container ConfigPath string `json:"configPath,omitempty"` // RunDir is a per-boot directory for container content RunDir string `json:"runDir,omitempty"` // Mounted indicates whether the container's storage has been mounted // for use Mounted bool `json:"mounted,omitempty"` // Mountpoint contains the path to the container's mounted storage as given // by containers/storage. Mountpoint string `json:"mountPoint,omitempty"` // StartedTime is the time the container was started StartedTime time.Time `json:"startedTime,omitempty"` // FinishedTime is the time the container finished executing FinishedTime time.Time `json:"finishedTime,omitempty"` // ExitCode is the exit code returned when the container stopped ExitCode int32 `json:"exitCode,omitempty"` // Exited is whether the container has exited Exited bool `json:"exited,omitempty"` // OOMKilled indicates that the container was killed as it ran out of // memory OOMKilled bool `json:"oomKilled,omitempty"` // PID is the PID of a running container PID int `json:"pid,omitempty"` // ConmonPID is the PID of the container's conmon ConmonPID int `json:"conmonPid,omitempty"` // ExecSessions contains active exec sessions for container // Exec session ID is mapped to PID of exec process ExecSessions map[string]*ExecSession `json:"execSessions,omitempty"` // NetworkStatus contains the configuration results for all networks // the pod is attached to. Only populated if we created a network // namespace for the container, and the network namespace is currently // active NetworkStatus []*cnitypes.Result `json:"networkResults,omitempty"` // BindMounts contains files that will be bind-mounted into the // container when it is mounted. // These include /etc/hosts and /etc/resolv.conf // This maps the path the file will be mounted to in the container to // the path of the file on disk outside the container BindMounts map[string]string `json:"bindMounts,omitempty"` // StoppedByUser indicates whether the container was stopped by an // explicit call to the Stop() API. StoppedByUser bool `json:"stoppedByUser,omitempty"` // RestartPolicyMatch indicates whether the conditions for restart // policy have been met. RestartPolicyMatch bool `json:"restartPolicyMatch,omitempty"` // RestartCount is how many times the container was restarted by its // restart policy. This is NOT incremented by normal container restarts // (only by restart policy). RestartCount uint `json:"restartCount,omitempty"` // ExtensionStageHooks holds hooks which will be executed by libpod // and not delegated to the OCI runtime. ExtensionStageHooks map[string][]spec.Hook `json:"extensionStageHooks,omitempty"` // contains filtered or unexported fields }
ContainerState contains the current state of the container It is stored on disk in a tmpfs and recreated on reboot
type ContainerStats ¶
type ContainerStats struct { ContainerID string Name string CPU float64 CPUNano uint64 SystemNano uint64 MemUsage uint64 MemLimit uint64 MemPerc float64 NetInput uint64 NetOutput uint64 BlockInput uint64 BlockOutput uint64 PIDs uint64 }
ContainerStats contains the statistics information for a running container
type CtrCreateOption ¶
A CtrCreateOption is a functional option which alters the Container created by NewContainer
func WithCgroupNSFrom ¶
func WithCgroupNSFrom(nsCtr *Container) CtrCreateOption
WithCgroupNSFrom indicates the the container should join the CGroup namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithCgroupParent ¶
func WithCgroupParent(parent string) CtrCreateOption
WithCgroupParent sets the Cgroup Parent of the new container.
func WithCommand ¶ added in v0.5.1
func WithCommand(command []string) CtrCreateOption
WithCommand sets the command of the container. This is not used to change the container's spec, but will instead be used during commit to populate the command of the new image. If not explicitly set it will default to the image's command. A nil command is allowed, and will clear command on the created image.
func WithConmonPidFile ¶ added in v0.3.5
func WithConmonPidFile(path string) CtrCreateOption
WithConmonPidFile specifies the path to the file that receives the pid of conmon.
func WithCtrNamespace ¶ added in v0.7.4
func WithCtrNamespace(ns string) CtrCreateOption
WithCtrNamespace sets the namespace the container will be created in. Namespaces are used to create separate views of Podman's state - runtimes can join a specific namespace and see only containers and pods in that namespace. Empty string namespaces are allowed, and correspond to a lack of namespace.
func WithDNS ¶
func WithDNS(dnsServers []string) CtrCreateOption
WithDNS sets additional name servers for the container.
func WithDNSOption ¶
func WithDNSOption(dnsOptions []string) CtrCreateOption
WithDNSOption sets addition dns options for the container.
func WithDNSSearch ¶
func WithDNSSearch(searchDomains []string) CtrCreateOption
WithDNSSearch sets the additional search domains of a container.
func WithDependencyCtrs ¶ added in v0.4.1
func WithDependencyCtrs(ctrs []*Container) CtrCreateOption
WithDependencyCtrs sets dependency containers of the given container. Dependency containers must be running before this container is started.
func WithEntrypoint ¶ added in v0.5.1
func WithEntrypoint(entrypoint []string) CtrCreateOption
WithEntrypoint sets the entrypoint of the container. This is not used to change the container's spec, but will instead be used during commit to populate the entrypoint of the new image. If not explicitly set it will default to the image's entrypoint. A nil entrypoint is allowed, and will clear entrypoint on the created image.
func WithExitCommand ¶ added in v0.6.5
func WithExitCommand(exitCommand []string) CtrCreateOption
WithExitCommand sets the ExitCommand for the container, appending on the ctr.ID() to the end
func WithGroups ¶ added in v0.4.2
func WithGroups(groups []string) CtrCreateOption
WithGroups sets additional groups for the container, which are defined by the user.
func WithHealthCheck ¶ added in v1.2.0
func WithHealthCheck(healthCheck *manifest.Schema2HealthConfig) CtrCreateOption
WithHealthCheck adds the healthcheck to the container config
func WithHosts ¶
func WithHosts(hosts []string) CtrCreateOption
WithHosts sets additional host:IP for the hosts file.
func WithIDMappings ¶ added in v0.5.2
func WithIDMappings(idmappings storage.IDMappingOptions) CtrCreateOption
WithIDMappings sets the idmappsings for the container
func WithIPCNSFrom ¶
func WithIPCNSFrom(nsCtr *Container) CtrCreateOption
WithIPCNSFrom indicates the the container should join the IPC namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithLabels ¶
func WithLabels(labels map[string]string) CtrCreateOption
WithLabels adds labels to the container.
func WithLogDriver ¶ added in v1.4.0
func WithLogDriver(driver string) CtrCreateOption
WithLogDriver sets the log driver for the container
func WithLogPath ¶
func WithLogPath(path string) CtrCreateOption
WithLogPath sets the path to the log file.
func WithMountNSFrom ¶
func WithMountNSFrom(nsCtr *Container) CtrCreateOption
WithMountNSFrom indicates the the container should join the mount namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithNamedVolumes ¶ added in v1.3.0
func WithNamedVolumes(volumes []*ContainerNamedVolume) CtrCreateOption
WithNamedVolumes adds the given named volumes to the container.
func WithNetNS ¶
func WithNetNS(portMappings []ocicni.PortMapping, postConfigureNetNS bool, netmode string, networks []string) CtrCreateOption
WithNetNS indicates that the container should be given a new network namespace with a minimal configuration. An optional array of port mappings can be provided. Conflicts with WithNetNSFrom().
func WithNetNSFrom ¶
func WithNetNSFrom(nsCtr *Container) CtrCreateOption
WithNetNSFrom indicates the the container should join the network namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithNoCgroups ¶ added in v1.6.0
func WithNoCgroups() CtrCreateOption
WithNoCgroups disables the creation of CGroups for the new container.
func WithPIDNSFrom ¶
func WithPIDNSFrom(nsCtr *Container) CtrCreateOption
WithPIDNSFrom indicates the the container should join the PID namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithPrivileged ¶
func WithPrivileged(privileged bool) CtrCreateOption
WithPrivileged sets the privileged flag in the container runtime.
func WithRestartPolicy ¶ added in v1.3.0
func WithRestartPolicy(policy string) CtrCreateOption
WithRestartPolicy sets the container's restart policy. Valid values are "no", "on-failure", and "always". The empty string is allowed, and will be equivalent to "no".
func WithRestartRetries ¶ added in v1.3.0
func WithRestartRetries(tries uint) CtrCreateOption
WithRestartRetries sets the number of retries to use when restarting a container with the "on-failure" restart policy. 0 is an allowed value, and indicates infinite retries.
func WithRootFS ¶ added in v0.6.3
func WithRootFS(rootfs string) CtrCreateOption
WithRootFS sets the rootfs for the container. This creates a container from a directory on disk and not an image.
func WithRootFSFromImage ¶
func WithRootFSFromImage(imageID string, imageName string, useImageVolumes bool) CtrCreateOption
WithRootFSFromImage sets up a fresh root filesystem using the given image. If useImageConfig is specified, image volumes, environment variables, and other configuration from the image will be added to the config. TODO: Replace image name and ID with a libpod.Image struct when that is finished.
func WithSecLabels ¶ added in v0.9.3
func WithSecLabels(labelOpts []string) CtrCreateOption
WithSecLabels sets the labels for SELinux.
func WithShmDir ¶
func WithShmDir(dir string) CtrCreateOption
WithShmDir sets the directory that should be mounted on /dev/shm.
func WithShmSize ¶
func WithShmSize(size int64) CtrCreateOption
WithShmSize sets the size of /dev/shm tmpfs mount.
func WithStaticIP ¶ added in v0.10.1
func WithStaticIP(ip net.IP) CtrCreateOption
WithStaticIP indicates that the container should request a static IP from the CNI plugins. It cannot be set unless WithNetNS has already been passed. Further, it cannot be set if additional CNI networks to join have been specified.
func WithStdin ¶
func WithStdin() CtrCreateOption
WithStdin keeps stdin on the container open to allow interaction.
func WithStopSignal ¶
func WithStopSignal(signal syscall.Signal) CtrCreateOption
WithStopSignal sets the signal that will be sent to stop the container.
func WithStopTimeout ¶
func WithStopTimeout(timeout uint) CtrCreateOption
WithStopTimeout sets the time to after initial stop signal is sent to the container, before sending the kill signal.
func WithSystemd ¶ added in v0.11.1
func WithSystemd() CtrCreateOption
WithSystemd turns on systemd mode in the container
func WithUTSNSFrom ¶
func WithUTSNSFrom(nsCtr *Container) CtrCreateOption
WithUTSNSFrom indicates the the container should join the UTS namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithUTSNSFromPod ¶ added in v0.8.4
func WithUTSNSFromPod(p *Pod) CtrCreateOption
WithUTSNSFromPod indicates the the container should join the UTS namespace of its pod
func WithUseImageHosts ¶ added in v1.2.0
func WithUseImageHosts() CtrCreateOption
WithUseImageHosts tells the container not to bind-mount /etc/hosts in. This conflicts with WithHosts().
func WithUseImageResolvConf ¶ added in v1.2.0
func WithUseImageResolvConf() CtrCreateOption
WithUseImageResolvConf tells the container not to bind-mount resolv.conf in. This conflicts with other DNS-related options.
func WithUser ¶
func WithUser(user string) CtrCreateOption
WithUser sets the user identity field in configutation. Valid uses [user | user:group | uid | uid:gid | user:gid | uid:group ].
func WithUserNSFrom ¶
func WithUserNSFrom(nsCtr *Container) CtrCreateOption
WithUserNSFrom indicates the the container should join the user namespace of the given container. If the container has joined a pod, it can only join the namespaces of containers in the same pod.
func WithUserVolumes ¶ added in v0.5.1
func WithUserVolumes(volumes []string) CtrCreateOption
WithUserVolumes sets the user-added volumes of the container. These are not added to the container's spec, but will instead be used during commit to populate the volumes of the new image, and to trigger some OCI hooks that are only added if volume mounts are present. Furthermore, they are used in the output of inspect, to filter volumes - only volumes included in this list will be included in the output. Unless explicitly set, committed images will have no volumes. The given volumes slice must not be nil.
type ExecOptions ¶ added in v1.6.2
type ExecOptions struct { // Cmd is the command to execute. Cmd []string // CapAdd is a set of capabilities to add to the executed command. CapAdd []string // Env is a set of environment variables to add to the container. Env map[string]string // Terminal is whether to create a new TTY for the exec session. Terminal bool // Cwd is the working directory for the executed command. If unset, the // working directory of the container will be used. Cwd string // User is the user the command will be executed as. If unset, the user // the container was run as will be used. User string // Streams are the streams that will be attached to the container. Streams *AttachStreams // PreserveFDs is a number of additional file descriptors (in addition // to 0, 1, 2) that will be passed to the executed process. The total FDs // passed will be 3 + PreserveFDs. PreserveFDs uint // Resize is a channel where terminal resize events are sent to be // handled. Resize chan remotecommand.TerminalSize // DetachKeys is a set of keys that, when pressed in sequence, will // detach from the container. DetachKeys string }
ExecOptions are options passed into ExecContainer. They control the command that will be executed and how the exec will proceed.
type ExecSession ¶ added in v0.3.1
type ExecSession struct { ID string `json:"id"` Command []string `json:"command"` PID int `json:"pid"` }
ExecSession contains information on an active exec session
type HealthCheckLog ¶ added in v1.4.1
type HealthCheckLog struct { // Start time as string Start string `json:"Start"` // End time as a string End string `json:"End"` // Exitcode is 0 or 1 ExitCode int `json:"ExitCode"` // Output is the stdout/stderr from the healthcheck command Output string `json:"Output"` }
HealthCheckLog describes the results of a single healthcheck
type HealthCheckResults ¶ added in v1.4.1
type HealthCheckResults struct { // Status healthy or unhealthy Status string `json:"Status"` // FailingStreak is the number of consecutive failed healthchecks FailingStreak int `json:"FailingStreak"` // Log describes healthcheck attempts and results Log []HealthCheckLog `json:"Log"` }
HealthCheckResults describes the results/logs from a healthcheck
type HealthCheckStatus ¶ added in v1.2.0
type HealthCheckStatus int
HealthCheckStatus represents the current state of a container
type InMemoryState ¶
type InMemoryState struct {
// contains filtered or unexported fields
}
An InMemoryState is a purely in-memory state store
func (*InMemoryState) AddContainer ¶
func (s *InMemoryState) AddContainer(ctr *Container) error
AddContainer adds a container to the state Containers in a pod cannot be added to the state
func (*InMemoryState) AddContainerToPod ¶
func (s *InMemoryState) AddContainerToPod(pod *Pod, ctr *Container) error
AddContainerToPod adds a container to the given pod, also adding it to the state
func (*InMemoryState) AddPod ¶
func (s *InMemoryState) AddPod(pod *Pod) error
AddPod adds a given pod to the state
func (*InMemoryState) AddVolume ¶ added in v0.12.1
func (s *InMemoryState) AddVolume(volume *Volume) error
AddVolume adds a volume to the state
func (*InMemoryState) AllContainers ¶
func (s *InMemoryState) AllContainers() ([]*Container, error)
AllContainers retrieves all containers from the state
func (*InMemoryState) AllPods ¶
func (s *InMemoryState) AllPods() ([]*Pod, error)
AllPods retrieves all pods currently in the state
func (*InMemoryState) AllVolumes ¶ added in v0.12.1
func (s *InMemoryState) AllVolumes() ([]*Volume, error)
AllVolumes returns all volumes that exist in the state
func (*InMemoryState) Close ¶
func (s *InMemoryState) Close() error
Close the state before shutdown This is a no-op as we have no backing disk
func (*InMemoryState) Container ¶
func (s *InMemoryState) Container(id string) (*Container, error)
Container retrieves a container from its full ID
func (*InMemoryState) ContainerInUse ¶
func (s *InMemoryState) ContainerInUse(ctr *Container) ([]string, error)
ContainerInUse checks if the given container is being used by other containers
func (*InMemoryState) GetContainerConfig ¶ added in v1.6.2
func (s *InMemoryState) GetContainerConfig(id string) (*ContainerConfig, error)
GetContainerConfig returns a container config from the database by full ID
func (*InMemoryState) GetDBConfig ¶ added in v0.12.1
func (s *InMemoryState) GetDBConfig() (*config.DBConfig, error)
GetDBConfig is not implemented for in-memory state. As we do not store a config, return an empty one.
func (*InMemoryState) HasContainer ¶
func (s *InMemoryState) HasContainer(id string) (bool, error)
HasContainer checks if a container with the given ID is present in the state
func (*InMemoryState) HasPod ¶
func (s *InMemoryState) HasPod(id string) (bool, error)
HasPod checks if a pod with the given ID is present in the state
func (*InMemoryState) HasVolume ¶ added in v0.12.1
func (s *InMemoryState) HasVolume(name string) (bool, error)
HasVolume checks if a volume with the given name is present in the state
func (*InMemoryState) LookupContainer ¶
func (s *InMemoryState) LookupContainer(idOrName string) (*Container, error)
LookupContainer retrieves a container by full ID, unique partial ID, or name
func (*InMemoryState) LookupContainerID ¶ added in v1.6.2
func (s *InMemoryState) LookupContainerID(idOrName string) (string, error)
LookupContainerID retrieves a container ID by full ID, unique partial ID, or name
func (*InMemoryState) LookupPod ¶
func (s *InMemoryState) LookupPod(idOrName string) (*Pod, error)
LookupPod retrieves a pod from the state from a full or unique partial ID or a full name
func (*InMemoryState) LookupVolume ¶ added in v1.6.0
func (s *InMemoryState) LookupVolume(name string) (*Volume, error)
LookupVolume finds a volume from an unambiguous partial ID.
func (*InMemoryState) Pod ¶
func (s *InMemoryState) Pod(id string) (*Pod, error)
Pod retrieves a pod from the state from its full ID
func (*InMemoryState) PodContainers ¶
func (s *InMemoryState) PodContainers(pod *Pod) ([]*Container, error)
PodContainers retrieves the containers from a pod
func (*InMemoryState) PodContainersByID ¶
func (s *InMemoryState) PodContainersByID(pod *Pod) ([]string, error)
PodContainersByID returns the IDs of all containers in the given pod
func (*InMemoryState) PodHasContainer ¶
func (s *InMemoryState) PodHasContainer(pod *Pod, ctrID string) (bool, error)
PodHasContainer checks if the given pod has a container with the given ID
func (*InMemoryState) Refresh ¶
func (s *InMemoryState) Refresh() error
Refresh clears container and pod stats after a reboot In-memory state won't survive a reboot so this is a no-op
func (*InMemoryState) RemoveContainer ¶
func (s *InMemoryState) RemoveContainer(ctr *Container) error
RemoveContainer removes a container from the state The container will only be removed from the state, not from the pod the container belongs to
func (*InMemoryState) RemoveContainerFromPod ¶
func (s *InMemoryState) RemoveContainerFromPod(pod *Pod, ctr *Container) error
RemoveContainerFromPod removes the given container from the given pod The container is also removed from the state
func (*InMemoryState) RemovePod ¶
func (s *InMemoryState) RemovePod(pod *Pod) error
RemovePod removes a given pod from the state Only empty pods can be removed
func (*InMemoryState) RemovePodContainers ¶
func (s *InMemoryState) RemovePodContainers(pod *Pod) error
RemovePodContainers removes all containers from a pod This is used to simultaneously remove a number of containers with many interdependencies Will only remove containers if no dependencies outside of the pod are present
func (*InMemoryState) RemoveVolume ¶ added in v0.12.1
func (s *InMemoryState) RemoveVolume(volume *Volume) error
RemoveVolume removes a volume from the state
func (*InMemoryState) RewriteContainerConfig ¶ added in v1.1.0
func (s *InMemoryState) RewriteContainerConfig(ctr *Container, newCfg *ContainerConfig) error
RewriteContainerConfig rewrites a container's configuration. This function is DANGEROUS, even with an in-memory state. Please read the full comment on it in state.go before using it.
func (*InMemoryState) RewritePodConfig ¶ added in v1.1.0
func (s *InMemoryState) RewritePodConfig(pod *Pod, newCfg *PodConfig) error
RewritePodConfig rewrites a pod's configuration. This function is DANGEROUS, even with in-memory state. Please read the full comment on it in state.go before using it.
func (*InMemoryState) RewriteVolumeConfig ¶ added in v1.6.0
func (s *InMemoryState) RewriteVolumeConfig(volume *Volume, newCfg *VolumeConfig) error
RewriteVolumeConfig rewrites a volume's configuration. This function is DANGEROUS, even with in-memory state. Please read the full comment in state.go before using it.
func (*InMemoryState) SaveContainer ¶
func (s *InMemoryState) SaveContainer(ctr *Container) error
SaveContainer saves a container's state As all state is in-memory, any changes are always reflected as soon as they are made As such this is a no-op
func (*InMemoryState) SavePod ¶ added in v0.5.3
func (s *InMemoryState) SavePod(pod *Pod) error
SavePod updates a pod in the state This is a no-op at there is no backing store
func (*InMemoryState) SaveVolume ¶ added in v1.6.0
func (s *InMemoryState) SaveVolume(volume *Volume) error
SaveVolume saves a volume's state to the database. For the in-memory state, this is a no-op.
func (*InMemoryState) SetNamespace ¶ added in v0.7.4
func (s *InMemoryState) SetNamespace(ns string) error
SetNamespace sets the namespace for container and pod retrieval.
func (*InMemoryState) UpdateContainer ¶
func (s *InMemoryState) UpdateContainer(ctr *Container) error
UpdateContainer updates a container's state As all state is in-memory, no update will be required As such this is a no-op
func (*InMemoryState) UpdatePod ¶ added in v0.5.3
func (s *InMemoryState) UpdatePod(pod *Pod) error
UpdatePod updates a pod in the state This is a no-op as there is no backing store
func (*InMemoryState) UpdateVolume ¶ added in v1.6.0
func (s *InMemoryState) UpdateVolume(volume *Volume) error
UpdateVolume updates a volume from the database. For the in-memory state, this is a no-op.
func (*InMemoryState) ValidateDBConfig ¶ added in v0.12.1
func (s *InMemoryState) ValidateDBConfig(runtime *Runtime) error
ValidateDBConfig is not implemented for the in-memory state. Since we do nothing just return no error.
func (*InMemoryState) Volume ¶ added in v0.12.1
func (s *InMemoryState) Volume(name string) (*Volume, error)
Volume retrieves a volume from its full name
func (*InMemoryState) VolumeInUse ¶ added in v0.12.1
func (s *InMemoryState) VolumeInUse(volume *Volume) ([]string, error)
VolumeInUse checks if the given volume is being used by at least one container
type InfraContainerConfig ¶ added in v0.8.4
type InfraContainerConfig struct { HasInfraContainer bool `json:"makeInfraContainer"` PortBindings []ocicni.PortMapping `json:"infraPortBindings"` }
InfraContainerConfig is the configuration for the pod's infra container
type InspectBlkioThrottleDevice ¶ added in v1.5.0
type InspectBlkioThrottleDevice struct { // Path is the path to the device this applies to. Path string `json:"Path"` // Rate is the maximum rate. It is in either bytes per second or iops // per second, determined by where it is used - documentation will // indicate which is appropriate. Rate uint64 `json:"Rate"` }
InspectBlkioThrottleDevice holds information about a speed cap for a device node. This cap applies to a specific operation (read, write, etc) on the given node.
type InspectBlkioWeightDevice ¶ added in v1.5.0
type InspectBlkioWeightDevice struct { // Path is the path to the device this applies to. Path string `json:"Path"` // Weight is the relative weight the scheduler will use when scheduling // I/O. Weight uint16 `json:"Weight"` }
InspectBlkioWeightDevice holds information about the relative weight of an individual device node. Weights are used in the I/O scheduler to give relative priority to some accesses.
type InspectContainerConfig ¶ added in v1.4.2
type InspectContainerConfig struct { // Container hostname Hostname string `json:"Hostname"` // Container domain name - unused at present DomainName string `json:"Domainname"` // User the container was launched with User string `json:"User"` // Unused, at present AttachStdin bool `json:"AttachStdin"` // Unused, at present AttachStdout bool `json:"AttachStdout"` // Unused, at present AttachStderr bool `json:"AttachStderr"` // Whether the container creates a TTY Tty bool `json:"Tty"` // Whether the container leaves STDIN open OpenStdin bool `json:"OpenStdin"` // Whether STDIN is only left open once. // Presently not supported by Podman, unused. StdinOnce bool `json:"StdinOnce"` // Container environment variables Env []string `json:"Env"` // Container command Cmd []string `json:"Cmd"` // Container image Image string `json:"Image"` // Unused, at present. I've never seen this field populated. Volumes map[string]struct{} `json:"Volumes"` // Container working directory WorkingDir string `json:"WorkingDir"` // Container entrypoint Entrypoint string `json:"Entrypoint"` // On-build arguments - presently unused. More of Buildah's domain. OnBuild *string `json:"OnBuild"` // Container labels Labels map[string]string `json:"Labels"` // Container annotations Annotations map[string]string `json:"Annotations"` // Container stop signal StopSignal uint `json:"StopSignal"` // Configured healthcheck for the container Healthcheck *manifest.Schema2HealthConfig `json:"Healthcheck,omitempty"` }
InspectContainerConfig holds further data about how a container was initially configured.
type InspectContainerData ¶ added in v1.4.1
type InspectContainerData struct { ID string `json:"Id"` Created time.Time `json:"Created"` Path string `json:"Path"` Args []string `json:"Args"` State *InspectContainerState `json:"State"` Image string `json:"Image"` ImageName string `json:"ImageName"` Rootfs string `json:"Rootfs"` Pod string `json:"Pod"` ResolvConfPath string `json:"ResolvConfPath"` HostnamePath string `json:"HostnamePath"` HostsPath string `json:"HostsPath"` StaticDir string `json:"StaticDir"` OCIConfigPath string `json:"OCIConfigPath,omitempty"` OCIRuntime string `json:"OCIRuntime,omitempty"` LogPath string `json:"LogPath"` ConmonPidFile string `json:"ConmonPidFile"` Name string `json:"Name"` RestartCount int32 `json:"RestartCount"` Driver string `json:"Driver"` MountLabel string `json:"MountLabel"` ProcessLabel string `json:"ProcessLabel"` AppArmorProfile string `json:"AppArmorProfile"` EffectiveCaps []string `json:"EffectiveCaps"` BoundingCaps []string `json:"BoundingCaps"` ExecIDs []string `json:"ExecIDs"` GraphDriver *driver.Data `json:"GraphDriver"` SizeRw int64 `json:"SizeRw,omitempty"` SizeRootFs int64 `json:"SizeRootFs,omitempty"` Mounts []InspectMount `json:"Mounts"` Dependencies []string `json:"Dependencies"` NetworkSettings *InspectNetworkSettings `json:"NetworkSettings"` //TODO ExitCommand []string `json:"ExitCommand"` Namespace string `json:"Namespace"` IsInfra bool `json:"IsInfra"` Config *InspectContainerConfig `json:"Config"` HostConfig *InspectContainerHostConfig `json:"HostConfig"` }
InspectContainerData provides a detailed record of a container's configuration and state as viewed by Libpod. Large portions of this structure are defined such that the output is compatible with `docker inspect` JSON, but additional fields have been added as required to share information not in the original output.
type InspectContainerHostConfig ¶ added in v1.5.0
type InspectContainerHostConfig struct { // Binds contains an array of user-added mounts. // Both volume mounts and named volumes are included. // Tmpfs mounts are NOT included. // In 'docker inspect' this is separated into 'Binds' and 'Mounts' based // on how a mount was added. We do not make this distinction and do not // include a Mounts field in inspect. // Format: <src>:<destination>[:<comma-separated options>] Binds []string `json:"Binds"` // ContainerIDFile is a file created during container creation to hold // the ID of the created container. // This is not handled within libpod and is stored in an annotation. ContainerIDFile string `json:"ContainerIDFile"` // LogConfig contains information on the container's logging backend LogConfig *InspectLogConfig `json:"LogConfig"` // NetworkMode is the configuration of the container's network // namespace. // Populated as follows: // default - A network namespace is being created and configured via CNI // none - A network namespace is being created, not configured via CNI // host - No network namespace created // container:<id> - Using another container's network namespace // ns:<path> - A path to a network namespace has been specified NetworkMode string `json:"NetworkMode"` // PortBindings contains the container's port bindings. // It is formatted as map[string][]InspectHostPort. // The string key here is formatted as <integer port number>/<protocol> // and represents the container port. A single container port may be // bound to multiple host ports (on different IPs). PortBindings map[string][]InspectHostPort `json:"PortBindings"` // RestartPolicy contains the container's restart policy. RestartPolicy *InspectRestartPolicy `json:"RestartPolicy"` // AutoRemove is whether the container will be automatically removed on // exiting. // It is not handled directly within libpod and is stored in an // annotation. AutoRemove bool `json:"AutoRemove"` // VolumeDriver is presently unused and is retained for Docker // compatibility. VolumeDriver string `json:"VolumeDriver"` // VolumesFrom is a list of containers which this container uses volumes // from. This is not handled directly within libpod and is stored in an // annotation. // It is formatted as an array of container names and IDs. VolumesFrom []string `json:"VolumesFrom"` // CapAdd is a list of capabilities added to the container. // It is not directly stored by Libpod, and instead computed from the // capabilities listed in the container's spec, compared against a set // of default capabilities. CapAdd []string `json:"CapAdd"` // CapDrop is a list of capabilities removed from the container. // It is not directly stored by libpod, and instead computed from the // capabilities listed in the container's spec, compared against a set // of default capabilities. CapDrop []string `json:"CapDrop"` // Dns is a list of DNS nameservers that will be added to the // container's resolv.conf Dns []string `json:"Dns"` // DnsOptions is a list of DNS options that will be set in the // container's resolv.conf DnsOptions []string `json:"DnsOptions"` // DnsSearch is a list of DNS search domains that will be set in the // container's resolv.conf DnsSearch []string `json:"DnsSearch"` // ExtraHosts contains hosts that will be aded to the container's // /etc/hosts. ExtraHosts []string `json:"ExtraHosts"` // GroupAdd contains groups that the user inside the container will be // added to. GroupAdd []string `json:"GroupAdd"` // IpcMode represents the configuration of the container's IPC // namespace. // Populated as follows: // "" (empty string) - Default, an IPC namespace will be created // host - No IPC namespace created // container:<id> - Using another container's IPC namespace // ns:<path> - A path to an IPC namespace has been specified IpcMode string `json:"IpcMode"` // Cgroup contains the container's cgroup. It is presently not // populated. // TODO. Cgroup string `json:"Cgroup"` // Cgroups contains the container's CGroup mode. // Allowed values are "default" (container is creating CGroups) and // "disabled" (container is not creating CGroups). // This is Libpod-specific and not included in `docker inspect`. Cgroups string `json:"Cgroups"` // Links is unused, and provided purely for Docker compatibility. Links []string `json:"Links"` // OOMScoreAdj is an adjustment that will be made to the container's OOM // score. OomScoreAdj int `json:"OomScoreAdj"` // PidMode represents the configuration of the container's PID // namespace. // Populated as follows: // "" (empty string) - Default, a PID namespace will be created // host - No PID namespace created // container:<id> - Using another container's PID namespace // ns:<path> - A path to a PID namespace has been specified PidMode string `json:"PidMode"` // Privileged indicates whether the container is running with elevated // privileges. // This has a very specific meaning in the Docker sense, so it's very // difficult to decode from the spec and config, and so is stored as an // annotation. Privileged bool `json:"Privileged"` // PublishAllPorts indicates whether image ports are being published. // This is not directly stored in libpod and is saved as an annotation. PublishAllPorts bool `json:"PublishAllPorts"` // ReadonlyRootfs is whether the container will be mounted read-only. ReadonlyRootfs bool `json:"ReadonlyRootfs"` // SecurityOpt is a list of security-related options that are set in the // container. SecurityOpt []string `json:"SecurityOpt"` // Tmpfs is a list of tmpfs filesystems that will be mounted into the // container. // It is a map of destination path to options for the mount. Tmpfs map[string]string `json:"Tmpfs"` // UTSMode represents the configuration of the container's UID // namespace. // Populated as follows: // "" (empty string) - Default, a UTS namespace will be created // host - no UTS namespace created // container:<id> - Using another container's UTS namespace // ns:<path> - A path to a UTS namespace has been specified UTSMode string `json:"UTSMode"` // UsernsMode represents the configuration of the container's user // namespace. // When running rootless, a user namespace is created outside of libpod // to allow some privileged operations. This will not be reflected here. // Populated as follows: // "" (empty string) - No user namespace will be created // private - The container will be run in a user namespace // container:<id> - Using another container's user namespace // ns:<path> - A path to a user namespace has been specified // TODO Rootless has an additional 'keep-id' option, presently not // reflected here. UsernsMode string `json:"UsernsMode"` // ShmSize is the size of the container's SHM device. ShmSize int64 `json:"ShmSize"` // Runtime is provided purely for Docker compatibility. // It is set unconditionally to "oci" as Podman does not presently // support non-OCI runtimes. Runtime string `json:"Runtime"` // ConsoleSize is an array of 2 integers showing the size of the // container's console. // It is only set if the container is creating a terminal. // TODO. ConsoleSize []uint `json:"ConsoleSize"` // Isolation is presently unused and provided solely for Docker // compatibility. Isolation string `json:"Isolation"` // It is a relative weight in the scheduler for assigning CPU time // versus other CGroups. CpuShares uint64 `json:"CpuShares"` // Memory indicates the memory resources allocated to the container. // This is the limit (in bytes) of RAM the container may use. Memory int64 `json:"Memory"` // NanoCpus indicates number of CPUs allocated to the container. // It is an integer where one full CPU is indicated by 1000000000 (one // billion). // Thus, 2.5 CPUs (fractional portions of CPUs are allowed) would be // 2500000000 (2.5 billion). // In 'docker inspect' this is set exclusively of two further options in // the output (CpuPeriod and CpuQuota) which are both used to implement // this functionality. // We can't distinguish here, so if CpuQuota is set to the default of // 100000, we will set both CpuQuota, CpuPeriod, and NanoCpus. If // CpuQuota is not the default, we will not set NanoCpus. NanoCpus int64 `json:"NanoCpus"` // CgroupParent is the CGroup parent of the container. // Only set if not default. CgroupParent string `json:"CgroupParent"` // BlkioWeight indicates the I/O resources allocated to the container. // It is a relative weight in the scheduler for assigning I/O time // versus other CGroups. BlkioWeight uint16 `json:"BlkioWeight"` // BlkioWeightDevice is an array of I/O resource priorities for // individual device nodes. // Unfortunately, the spec only stores the device's Major/Minor numbers // and not the path, which is used here. // Fortunately, the kernel provides an interface for retrieving the path // of a given node by major:minor at /sys/dev/. However, the exact path // in use may not be what was used in the original CLI invocation - // though it is guaranteed that the device node will be the same, and // using the given path will be functionally identical. BlkioWeightDevice []InspectBlkioWeightDevice `json:"BlkioWeightDevice"` // BlkioDeviceReadBps is an array of I/O throttle parameters for // individual device nodes. // This specifically sets read rate cap in bytes per second for device // nodes. // As with BlkioWeightDevice, we pull the path from /sys/dev, and we // don't guarantee the path will be identical to the original (though // the node will be). BlkioDeviceReadBps []InspectBlkioThrottleDevice `json:"BlkioDeviceReadBps"` // BlkioDeviceWriteBps is an array of I/O throttle parameters for // individual device nodes. // this specifically sets write rate cap in bytes per second for device // nodes. // as with BlkioWeightDevice, we pull the path from /sys/dev, and we // don't guarantee the path will be identical to the original (though // the node will be). BlkioDeviceWriteBps []InspectBlkioThrottleDevice `json:"BlkioDeviceWriteBps"` // BlkioDeviceReadIOps is an array of I/O throttle parameters for // individual device nodes. // This specifically sets the read rate cap in iops per second for // device nodes. // As with BlkioWeightDevice, we pull the path from /sys/dev, and we // don't guarantee the path will be identical to the original (though // the node will be). BlkioDeviceReadIOps []InspectBlkioThrottleDevice `json:"BlkioDeviceReadIOps"` // BlkioDeviceWriteIOps is an array of I/O throttle parameters for // individual device nodes. // This specifically sets the write rate cap in iops per second for // device nodes. // As with BlkioWeightDevice, we pull the path from /sys/dev, and we // don't guarantee the path will be identical to the original (though // the node will be). BlkioDeviceWriteIOps []InspectBlkioThrottleDevice `json:"BlkioDeviceWriteIOps"` // CpuPeriod is the length of a CPU period in microseconds. // It relates directly to CpuQuota. CpuPeriod uint64 `json:"CpuPeriod"` // CpuPeriod is the amount of time (in microseconds) that a container // can use the CPU in every CpuPeriod. CpuQuota int64 `json:"CpuQuota"` // CpuRealtimePeriod is the length of time (in microseconds) of the CPU // realtime period. If set to 0, no time will be allocated to realtime // tasks. CpuRealtimePeriod uint64 `json:"CpuRealtimePeriod"` // CpuRealtimeRuntime is the length of time (in microseconds) allocated // for realtime tasks within every CpuRealtimePeriod. CpuRealtimeRuntime int64 `json:"CpuRealtimeRuntime"` // CpusetCpus is the is the set of CPUs that the container will execute // on. Formatted as `0-3` or `0,2`. Default (if unset) is all CPUs. CpusetCpus string `json:"CpusetCpus"` // CpusetMems is the set of memory nodes the container will use. // Formatted as `0-3` or `0,2`. Default (if unset) is all memory nodes. CpusetMems string `json:"CpusetMems"` // Devices is a list of device nodes that will be added to the // container. // These are stored in the OCI spec only as type, major, minor while we // display the host path. We convert this with /sys/dev, but we cannot // guarantee that the host path will be identical - only that the actual // device will be. Devices []InspectDevice `json:"Devices"` // DiskQuota is the maximum amount of disk space the container may use // (in bytes). // Presently not populated. // TODO. DiskQuota uint64 `json:"DiskQuota"` // KernelMemory is the maximum amount of memory the kernel will devote // to the container. KernelMemory int64 `json:"KernelMemory"` // MemoryReservation is the reservation (soft limit) of memory available // to the container. Soft limits are warnings only and can be exceeded. MemoryReservation int64 `json:"MemoryReservation"` // MemorySwap is the total limit for all memory available to the // container, including swap. 0 indicates that there is no limit to the // amount of memory available. MemorySwap int64 `json:"MemorySwap"` // MemorySwappiness is the willingness of the kernel to page container // memory to swap. It is an integer from 0 to 100, with low numbers // being more likely to be put into swap. // -1, the default, will not set swappiness and use the system defaults. MemorySwappiness int64 `json:"MemorySwappiness"` // OomKillDisable indicates whether the kernel OOM killer is disabled // for the container. OomKillDisable bool `json:"OomKillDisable"` // Init indicates whether the container has an init mounted into it. Init bool `json:"Init,omitempty"` // PidsLimit is the maximum number of PIDs what may be created within // the container. 0, the default, indicates no limit. PidsLimit int64 `json:"PidsLimit"` // Ulimits is a set of ulimits that will be set within the container. Ulimits []InspectUlimit `json:"Ulimits"` // CpuCount is Windows-only and not presently implemented. CpuCount uint64 `json:"CpuCount"` // CpuPercent is Windows-only and not presently implemented. CpuPercent uint64 `json:"CpuPercent"` // IOMaximumIOps is Windows-only and not presently implemented. IOMaximumIOps uint64 `json:"IOMaximumIOps"` // IOMaximumBandwidth is Windows-only and not presently implemented. IOMaximumBandwidth uint64 `json:"IOMaximumBandwidth"` }
InspectContainerHostConfig holds information used when the container was created. It's very much a Docker-specific struct, retained (mostly) as-is for compatibility. We fill individual fields as best as we can, inferring as much as possible from the spec and container config. Some things cannot be inferred. These will be populated by spec annotations (if available). Field names are fixed for compatibility and cannot be changed. As such, silence lint warnings about them. nolint
type InspectContainerState ¶ added in v1.4.1
type InspectContainerState struct { OciVersion string `json:"OciVersion"` Status string `json:"Status"` Running bool `json:"Running"` Paused bool `json:"Paused"` Restarting bool `json:"Restarting"` // TODO OOMKilled bool `json:"OOMKilled"` Dead bool `json:"Dead"` Pid int `json:"Pid"` ConmonPid int `json:"ConmonPid,omitempty"` ExitCode int32 `json:"ExitCode"` Error string `json:"Error"` // TODO StartedAt time.Time `json:"StartedAt"` FinishedAt time.Time `json:"FinishedAt"` Healthcheck HealthCheckResults `json:"Healthcheck,omitempty"` }
InspectContainerState provides a detailed record of a container's current state. It is returned as part of InspectContainerData. As with InspectContainerData, many portions of this struct are matched to Docker, but here we see more fields that are unused (nonsensical in the context of Libpod).
type InspectDevice ¶ added in v1.5.0
type InspectDevice struct { // PathOnHost is the path of the device on the host. PathOnHost string `json:"PathOnHost"` // PathInContainer is the path of the device within the container. PathInContainer string `json:"PathInContainer"` // CgroupPermissions is the permissions of the mounted device. // Presently not populated. // TODO. CgroupPermissions string `json:"CgroupPermissions"` }
InspectDevice is a single device that will be mounted into the container.
type InspectHostPort ¶ added in v1.5.0
type InspectHostPort struct { // IP on the host we are bound to. "" if not specified (binding to all // IPs). HostIP string `json:"HostIp"` // Port on the host we are bound to. No special formatting - just an // integer stuffed into a string. HostPort string `json:"HostPort"` }
InspectHostPort provides information on a port on the host that a container's port is bound to.
type InspectLogConfig ¶ added in v1.5.0
type InspectLogConfig struct { Type string `json:"Type"` Config map[string]string `json:"Config"` //idk type, TODO }
InspectLogConfig holds information about a container's configured log driver and is presently unused. It is retained for Docker compatibility.
type InspectMount ¶ added in v1.4.1
type InspectMount struct { // Whether the mount is a volume or bind mount. Allowed values are // "volume" and "bind". Type string `json:"Type"` // The name of the volume. Empty for bind mounts. Name string `json:"Name,omptempty"` // The source directory for the volume. Source string `json:"Source"` // The destination directory for the volume. Specified as a path within // the container, as it would be passed into the OCI runtime. Destination string `json:"Destination"` // The driver used for the named volume. Empty for bind mounts. Driver string `json:"Driver"` // Contains SELinux :z/:Z mount options. Unclear what, if anything, else // goes in here. Mode string `json:"Mode"` // All remaining mount options. Additional data, not present in the // original output. Options []string `json:"Options"` // Whether the volume is read-write RW bool `json:"RW"` // Mount propagation for the mount. Can be empty if not specified, but // is always printed - no omitempty. Propagation string `json:"Propagation"` }
InspectMount provides a record of a single mount in a container. It contains fields for both named and normal volumes. Only user-specified volumes will be included, and tmpfs volumes are not included even if the user specified them.
type InspectNetworkSettings ¶ added in v1.4.1
type InspectNetworkSettings struct { Bridge string `json:"Bridge"` SandboxID string `json:"SandboxID"` HairpinMode bool `json:"HairpinMode"` LinkLocalIPv6Address string `json:"LinkLocalIPv6Address"` LinkLocalIPv6PrefixLen int `json:"LinkLocalIPv6PrefixLen"` Ports []ocicni.PortMapping `json:"Ports"` SandboxKey string `json:"SandboxKey"` SecondaryIPAddresses []string `json:"SecondaryIPAddresses"` SecondaryIPv6Addresses []string `json:"SecondaryIPv6Addresses"` EndpointID string `json:"EndpointID"` Gateway string `json:"Gateway"` GlobalIPv6Address string `json:"GlobalIPv6Address"` GlobalIPv6PrefixLen int `json:"GlobalIPv6PrefixLen"` IPAddress string `json:"IPAddress"` IPPrefixLen int `json:"IPPrefixLen"` IPv6Gateway string `json:"IPv6Gateway"` MacAddress string `json:"MacAddress"` }
InspectNetworkSettings holds information about the network settings of the container. Many fields are maintained only for compatibility with `docker inspect` and are unused within Libpod.
type InspectRestartPolicy ¶ added in v1.5.0
type InspectRestartPolicy struct { // Name contains the container's restart policy. // Allowable values are "no" or "" (take no action), // "on-failure" (restart on non-zero exit code, with an optional max // retry count), and "always" (always restart on container stop, unless // explicitly requested by API). // Note that this is NOT actually a name of any sort - the poor naming // is for Docker compatibility. Name string `json:"Name"` // MaximumRetryCount is the maximum number of retries allowed if the // "on-failure" restart policy is in use. Not used if "on-failure" is // not set. MaximumRetryCount uint `json:"MaximumRetryCount"` }
InspectRestartPolicy holds information about the container's restart policy.
type InspectUlimit ¶ added in v1.5.0
type InspectUlimit struct { // Name is the name (type) of the ulimit. Name string `json:"Name"` // Soft is the soft limit that will be applied. Soft uint64 `json:"Soft"` // Hard is the hard limit that will be applied. Hard uint64 `json:"Hard"` }
InspectUlimit is a ulimit that will be applied to the container.
type InspectVolumeData ¶ added in v1.6.0
type InspectVolumeData struct { // Name is the name of the volume. Name string `json:"Name"` // Driver is the driver used to create the volume. // This will be properly implemented in a future version. Driver string `json:"Driver"` // Mountpoint is the path on the host where the volume is mounted. Mountpoint string `json:"Mountpoint"` // CreatedAt is the date and time the volume was created at. This is not // stored for older Libpod volumes; if so, it will be omitted. CreatedAt time.Time `json:"CreatedAt,omitempty"` // Status is presently unused and provided only for Docker compatibility. // In the future it will be used to return information on the volume's // current state. Status map[string]string `json:"Status,omitempty"` // Labels includes the volume's configured labels, key:value pairs that // can be passed during volume creation to provide information for third // party tools. Labels map[string]string `json:"Labels"` // Scope is unused and provided solely for Docker compatibility. It is // unconditionally set to "local". Scope string `json:"Scope"` // Options is a set of options that were used when creating the volume. // It is presently not used. Options map[string]string `json:"Options"` // UID is the UID that the volume was created with. UID int `json:"UID,omitempty"` // GID is the GID that the volume was created with. GID int `json:"GID,omitempty"` // ContainerSpecific indicates that the volume was created as part of a // specific container, and will be removed when that container is // removed. ContainerSpecific bool `json:"ContainerSpecific,omitempty"` }
InspectVolumeData is the output of Inspect() on a volume. It is matched to the format of 'docker volume inspect'.
type LinuxNS ¶
type LinuxNS int
LinuxNS represents a Linux namespace
const ( // InvalidNS is an invalid namespace InvalidNS LinuxNS = iota // IPCNS is the IPC namespace IPCNS LinuxNS = iota // MountNS is the mount namespace MountNS LinuxNS = iota // NetNS is the network namespace NetNS LinuxNS = iota // PIDNS is the PID namespace PIDNS LinuxNS = iota // UserNS is the user namespace UserNS LinuxNS = iota // UTSNS is the UTS namespace UTSNS LinuxNS = iota // CgroupNS is the CGroup namespace CgroupNS LinuxNS = iota )
type MissingRuntime ¶ added in v1.6.2
type MissingRuntime struct {
// contains filtered or unexported fields
}
MissingRuntime is used when the OCI runtime requested by the container is missing (not installed or not in the configuration file).
func (*MissingRuntime) AttachSocketPath ¶ added in v1.6.2
func (r *MissingRuntime) AttachSocketPath(ctr *Container) (string, error)
AttachSocketPath does not work as there is no runtime to attach to. (Theoretically we could follow ExitFilePath but there is no guarantee the container is running and thus has an attach socket...)
func (*MissingRuntime) CheckpointContainer ¶ added in v1.6.2
func (r *MissingRuntime) CheckpointContainer(ctr *Container, options ContainerCheckpointOptions) error
CheckpointContainer is not available as the runtime is missing
func (*MissingRuntime) CreateContainer ¶ added in v1.6.2
func (r *MissingRuntime) CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) error
CreateContainer is not available as the runtime is missing
func (*MissingRuntime) DeleteContainer ¶ added in v1.6.2
func (r *MissingRuntime) DeleteContainer(ctr *Container) error
DeleteContainer is not available as the runtime is missing
func (*MissingRuntime) ExecAttachSocketPath ¶ added in v1.6.2
func (r *MissingRuntime) ExecAttachSocketPath(ctr *Container, sessionID string) (string, error)
ExecAttachSocketPath does not work as there is no runtime to attach to. (Again, we could follow ExitFilePath, but no guarantee there is an existing and running exec session)
func (*MissingRuntime) ExecContainer ¶ added in v1.6.2
func (r *MissingRuntime) ExecContainer(ctr *Container, sessionID string, options *ExecOptions) (int, chan error, error)
ExecContainer is not available as the runtime is missing
func (*MissingRuntime) ExecContainerCleanup ¶ added in v1.6.2
func (r *MissingRuntime) ExecContainerCleanup(ctr *Container, sessionID string) error
ExecContainerCleanup is not available as the runtime is missing
func (*MissingRuntime) ExecStopContainer ¶ added in v1.6.2
func (r *MissingRuntime) ExecStopContainer(ctr *Container, sessionID string, timeout uint) error
ExecStopContainer is not available as the runtime is missing. TODO: We can also investigate using unix.Kill() on the PID of the exec session here if we want to make stopping containers possible. Won't be perfect, though.
func (*MissingRuntime) ExitFilePath ¶ added in v1.6.2
func (r *MissingRuntime) ExitFilePath(ctr *Container) (string, error)
ExitFilePath returns the exit file path for containers. Here, we mimic what ConmonOCIRuntime does, because there is a chance that the container in question is still running happily (config file modified to remove a runtime, for example). We can't find the runtime to do anything to the container, but Conmon should still place an exit file for it.
func (*MissingRuntime) KillContainer ¶ added in v1.6.2
func (r *MissingRuntime) KillContainer(ctr *Container, signal uint, all bool) error
KillContainer is not available as the runtime is missing TODO: We could attempt to unix.Kill() the PID as recorded in the state if we really want to smooth things out? Won't be perfect, but if the container has a PID namespace it could be enough?
func (*MissingRuntime) Name ¶ added in v1.6.2
func (r *MissingRuntime) Name() string
Name is the name of the missing runtime
func (*MissingRuntime) Path ¶ added in v1.6.2
func (r *MissingRuntime) Path() string
Path is not available as the runtime is missing
func (*MissingRuntime) PauseContainer ¶ added in v1.6.2
func (r *MissingRuntime) PauseContainer(ctr *Container) error
PauseContainer is not available as the runtime is missing
func (*MissingRuntime) RuntimeInfo ¶ added in v1.6.2
func (r *MissingRuntime) RuntimeInfo() (map[string]interface{}, error)
RuntimeInfo returns information on the missing runtime
func (*MissingRuntime) StartContainer ¶ added in v1.6.2
func (r *MissingRuntime) StartContainer(ctr *Container) error
StartContainer is not available as the runtime is missing
func (*MissingRuntime) StopContainer ¶ added in v1.6.2
func (r *MissingRuntime) StopContainer(ctr *Container, timeout uint, all bool) error
StopContainer is not available as the runtime is missing
func (*MissingRuntime) SupportsCheckpoint ¶ added in v1.6.2
func (r *MissingRuntime) SupportsCheckpoint() bool
SupportsCheckpoint returns false as checkpointing requires a working runtime
func (*MissingRuntime) SupportsJSONErrors ¶ added in v1.6.2
func (r *MissingRuntime) SupportsJSONErrors() bool
SupportsJSONErrors returns false as there is no runtime to give errors
func (*MissingRuntime) SupportsNoCgroups ¶ added in v1.6.2
func (r *MissingRuntime) SupportsNoCgroups() bool
SupportsNoCgroups returns false as there is no runtime to create containers
func (*MissingRuntime) UnpauseContainer ¶ added in v1.6.2
func (r *MissingRuntime) UnpauseContainer(ctr *Container) error
UnpauseContainer is not available as the runtime is missing
func (*MissingRuntime) UpdateContainerStatus ¶ added in v1.6.2
func (r *MissingRuntime) UpdateContainerStatus(ctr *Container) error
UpdateContainerStatus is not available as the runtime is missing
type OCIRuntime ¶
type OCIRuntime interface { // Name returns the name of the runtime. Name() string // Path returns the path to the runtime executable. Path() string // CreateContainer creates the container in the OCI runtime. CreateContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) error // UpdateContainerStatus updates the status of the given container. // It includes a switch for whether to perform a hard query of the // runtime. If unset, the exit file (if supported by the implementation) // will be used. UpdateContainerStatus(ctr *Container) error // StartContainer starts the given container. StartContainer(ctr *Container) error // KillContainer sends the given signal to the given container. // If all is set, all processes in the container will be signalled; // otherwise, only init will be signalled. KillContainer(ctr *Container, signal uint, all bool) error // StopContainer stops the given container. // The container's stop signal (or SIGTERM if unspecified) will be sent // first. // After the given timeout, SIGKILL will be sent. // If the given timeout is 0, SIGKILL will be sent immediately, and the // stop signal will be omitted. // If all is set, we will attempt to use the --all flag will `kill` in // the OCI runtime to kill all processes in the container, including // exec sessions. This is only supported if the container has cgroups. StopContainer(ctr *Container, timeout uint, all bool) error // DeleteContainer deletes the given container from the OCI runtime. DeleteContainer(ctr *Container) error // PauseContainer pauses the given container. PauseContainer(ctr *Container) error // UnpauseContainer unpauses the given container. UnpauseContainer(ctr *Container) error // ExecContainer executes a command in a running container. // Returns an int (exit code), error channel (errors from attach), and // error (errors that occurred attempting to start the exec session). ExecContainer(ctr *Container, sessionID string, options *ExecOptions) (int, chan error, error) // ExecStopContainer stops a given exec session in a running container. // SIGTERM with be sent initially, then SIGKILL after the given timeout. // If timeout is 0, SIGKILL will be sent immediately, and SIGTERM will // be omitted. ExecStopContainer(ctr *Container, sessionID string, timeout uint) error // ExecContainerCleanup cleans up after an exec session exits. // It removes any files left by the exec session that are no longer // needed, including the attach socket. ExecContainerCleanup(ctr *Container, sessionID string) error // CheckpointContainer checkpoints the given container. // Some OCI runtimes may not support this - if SupportsCheckpoint() // returns false, this is not implemented, and will always return an // error. CheckpointContainer(ctr *Container, options ContainerCheckpointOptions) error // SupportsCheckpoint returns whether this OCI runtime // implementation supports the CheckpointContainer() operation. SupportsCheckpoint() bool // SupportsJSONErrors is whether the runtime can return JSON-formatted // error messages. SupportsJSONErrors() bool // SupportsNoCgroups is whether the runtime supports running containers // without cgroups. SupportsNoCgroups() bool // AttachSocketPath is the path to the socket to attach to a given // container. // TODO: If we move Attach code in here, this should be made internal. // We don't want to force all runtimes to share the same attach // implementation. AttachSocketPath(ctr *Container) (string, error) // ExecAttachSocketPath is the path to the socket to attach to a given // exec session in the given container. // TODO: Probably should be made internal. ExecAttachSocketPath(ctr *Container, sessionID string) (string, error) // ExitFilePath is the path to a container's exit file. // All runtime implementations must create an exit file when containers // exit, containing the exit code of the container (as a string). // This is the path to that file for a given container. ExitFilePath(ctr *Container) (string, error) // RuntimeInfo returns verbose information about the runtime. RuntimeInfo() (map[string]interface{}, error) }
OCIRuntime is an implementation of an OCI runtime. The OCI runtime implementation is expected to be a fairly thin wrapper around the actual runtime, and is not expected to include things like state management logic - e.g., we do not expect it to determine on its own that calling 'UnpauseContainer()' on a container that is not paused is an error. The code calling the OCIRuntime will manage this. TODO: May want to move the Attach() code under this umbrella. It's highly OCI runtime dependent. TODO: May want to move the conmon cleanup code here too - it depends on Conmon being in use.
type Pod ¶
type Pod struct {
// contains filtered or unexported fields
}
Pod represents a group of containers that are managed together. Any operations on a Pod that access state must begin with a call to updatePod(). There is no guarantee that state exists in a readable state before this call, and even if it does its contents will be out of date and must be refreshed from the database. Generally, this requirement applies only to top-level functions; helpers can assume their callers handled this requirement. Generally speaking, if a function takes the pod lock and accesses any part of state, it should updatePod() immediately after locking. Pod represents a group of containers that may share namespaces
func (*Pod) AllContainers ¶
AllContainers retrieves the containers in the pod
func (*Pod) AllContainersByID ¶
AllContainersByID returns the container IDs of all the containers in the pod
func (*Pod) CgroupParent ¶ added in v0.5.3
CgroupParent returns the pod's CGroup parent
func (*Pod) CgroupPath ¶ added in v0.5.3
CgroupPath returns the path to the pod's CGroup
func (*Pod) CreatedTime ¶ added in v0.7.2
CreatedTime gets the time when the pod was created
func (*Pod) GenerateForKube ¶ added in v1.0.0
GenerateForKube takes a slice of libpod containers and generates one v1.Pod description
func (*Pod) GetPodPidInformation ¶ added in v0.8.4
GetPodPidInformation returns process-related data of all processes in the pod. The output data can be controlled via the `descriptors` argument which expects format descriptors and supports all AIXformat descriptors of ps (1) plus some additional ones to for instance inspect the set of effective capabilities. Eeach element in the returned string slice is a tab-separated string.
For more details, please refer to github.com/containers/psgo.
func (*Pod) GetPodStats ¶ added in v0.8.3
func (p *Pod) GetPodStats(previousContainerStats map[string]*ContainerStats) (map[string]*ContainerStats, error)
GetPodStats returns the stats for each of its containers
func (*Pod) HasContainer ¶
HasContainer checks if a container is present in the pod
func (*Pod) HasInfraContainer ¶ added in v0.8.4
HasInfraContainer returns whether the pod will create an infra container
func (*Pod) InfraContainerID ¶ added in v0.8.4
InfraContainerID returns the infra container ID for a pod. If the container returned is "", the pod has no infra container.
func (*Pod) Inspect ¶ added in v0.8.2
func (p *Pod) Inspect() (*PodInspect, error)
Inspect returns a PodInspect struct to describe the pod
func (*Pod) Kill ¶
Kill sends a signal to all running containers within a pod Signals will only be sent to running containers. Containers that are not running will be ignored. All signals are sent independently, and sending will continue even if some containers encounter errors. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were signalled If map is not nil, an error was encountered when signalling one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were signalled successfully
func (*Pod) Namespace ¶ added in v0.7.4
Namespace returns the pod's libpod namespace. Namespaces are used to logically separate containers and pods in the state.
func (*Pod) Pause ¶ added in v0.7.4
Pause pauses all containers within a pod that are running. Only running containers will be paused. Paused, stopped, or created containers will be ignored. All containers are paused independently. An error pausing one container will not prevent other containers being paused. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were paused If map is not nil, an error was encountered when pausing one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were paused without error
func (*Pod) Restart ¶ added in v0.7.4
Restart restarts all containers within a pod that are not paused or in an error state. It combines the effects of Stop() and Start() on a container Each container will use its own stop timeout. All containers are started independently, in order dictated by their dependencies. An error restarting one container will not prevent other containers being restarted. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were restarted If map is not nil, an error was encountered when restarting one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were restarted without error
func (*Pod) SharesCgroup ¶ added in v0.8.4
SharesCgroup returns whether containers in the pod will default to this pod's cgroup instead of the default libpod parent
func (*Pod) SharesIPC ¶ added in v0.8.4
SharesIPC returns whether containers in pod default to use IPC namespace of first container in pod
func (*Pod) SharesMount ¶ added in v0.8.4
SharesMount returns whether containers in pod default to use PID namespace of first container in pod
func (*Pod) SharesNamespaces ¶ added in v0.8.4
SharesNamespaces checks if the pod has any kernel namespaces set as shared. An infra container will not be created if no kernel namespaces are shared.
func (*Pod) SharesNet ¶ added in v0.8.4
SharesNet returns whether containers in pod default to use network namespace of first container in pod
func (*Pod) SharesPID ¶ added in v0.8.4
SharesPID returns whether containers in pod default to use PID namespace of first container in pod
func (*Pod) SharesUTS ¶ added in v0.8.4
SharesUTS returns whether containers in pod default to use UTS namespace of first container in pod
func (*Pod) SharesUser ¶ added in v0.8.4
SharesUser returns whether containers in pod default to use user namespace of first container in pod
func (*Pod) Start ¶
Start starts all containers within a pod It combines the effects of Init() and Start() on a container If a container has already been initialized it will be started, otherwise it will be initialized then started. Containers that are already running or have been paused are ignored All containers are started independently, in order dictated by their dependencies. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were started If map is not nil, an error was encountered when starting one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were started successfully
func (*Pod) Status ¶
func (p *Pod) Status() (map[string]define.ContainerStatus, error)
Status gets the status of all containers in the pod Returns a map of Container ID to Container Status
func (*Pod) Stop ¶
Stop stops all containers within a pod without a timeout. It assumes -1 for a timeout.
func (*Pod) StopWithTimeout ¶ added in v1.0.0
func (p *Pod) StopWithTimeout(ctx context.Context, cleanup bool, timeout int) (map[string]error, error)
StopWithTimeout stops all containers within a pod that are not already stopped Each container will use its own stop timeout Only running containers will be stopped. Paused, stopped, or created containers will be ignored. If cleanup is true, mounts and network namespaces will be cleaned up after the container is stopped. All containers are stopped independently. An error stopping one container will not prevent other containers being stopped. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were stopped If map is not nil, an error was encountered when stopping one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were stopped without error
func (*Pod) Unpause ¶ added in v0.7.4
Unpause unpauses all containers within a pod that are running. Only paused containers will be unpaused. Running, stopped, or created containers will be ignored. All containers are unpaused independently. An error unpausing one container will not prevent other containers being unpaused. An error and a map[string]error are returned If the error is not nil and the map is nil, an error was encountered before any containers were unpaused If map is not nil, an error was encountered when unpausing one or more containers. The container ID is mapped to the error encountered. The error is set to ErrCtrExists If both error and the map are nil, all containers were unpaused without error
type PodConfig ¶
type PodConfig struct { ID string `json:"id"` Name string `json:"name"` // Namespace the pod is in Namespace string `json:"namespace,omitempty"` Hostname string `json:"hostname,omitempty"` // Labels contains labels applied to the pod Labels map[string]string `json:"labels"` // CgroupParent contains the pod's CGroup parent CgroupParent string `json:"cgroupParent"` // UsePodCgroup indicates whether the pod will create its own CGroup and // join containers to it. // If true, all containers joined to the pod will use the pod cgroup as // their cgroup parent, and cannot set a different cgroup parent UsePodCgroup bool `json:"sharesCgroup,omitempty"` // The following UsePod{kernelNamespace} indicate whether the containers // in the pod will inherit the namespace from the first container in the pod. UsePodPID bool `json:"sharesPid,omitempty"` UsePodIPC bool `json:"sharesIpc,omitempty"` UsePodNet bool `json:"sharesNet,omitempty"` UsePodMount bool `json:"sharesMnt,omitempty"` UsePodUser bool `json:"sharesUser,omitempty"` UsePodUTS bool `json:"sharesUts,omitempty"` InfraContainer *InfraContainerConfig `json:"infraConfig"` // Time pod was created CreatedTime time.Time `json:"created"` // ID of the pod's lock LockID uint32 `json:"lockID"` }
PodConfig represents a pod's static configuration
type PodContainerInfo ¶ added in v0.8.2
PodContainerInfo keeps information on a container in a pod
type PodContainerStats ¶ added in v0.8.3
type PodContainerStats struct { Pod *Pod ContainerStats map[string]*ContainerStats }
PodContainerStats is an organization struct for pods and their containers
type PodCreateOption ¶
A PodCreateOption is a functional option which alters the Pod created by NewPod
func WithInfraContainer ¶ added in v0.8.4
func WithInfraContainer() PodCreateOption
WithInfraContainer tells the pod to create a pause container
func WithInfraContainerPorts ¶ added in v0.12.1
func WithInfraContainerPorts(bindings []ocicni.PortMapping) PodCreateOption
WithInfraContainerPorts tells the pod to add port bindings to the pause container
func WithPodCgroupParent ¶ added in v0.5.3
func WithPodCgroupParent(path string) PodCreateOption
WithPodCgroupParent sets the Cgroup Parent of the pod.
func WithPodCgroups ¶ added in v0.5.3
func WithPodCgroups() PodCreateOption
WithPodCgroups tells containers in this pod to use the cgroup created for this pod. This can still be overridden at the container level by explicitly specifying a CGroup parent.
func WithPodHostname ¶ added in v1.6.0
func WithPodHostname(hostname string) PodCreateOption
WithPodHostname sets the hostname of the pod.
func WithPodIPC ¶ added in v0.8.4
func WithPodIPC() PodCreateOption
WithPodIPC tells containers in this pod to use the ipc namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added.
func WithPodLabels ¶
func WithPodLabels(labels map[string]string) PodCreateOption
WithPodLabels sets the labels of a pod.
func WithPodMount ¶ added in v0.8.4
func WithPodMount() PodCreateOption
WithPodMount tells containers in this pod to use the mount namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added. TODO implement WithMountNSFrom, so WithMountNsFromPod functions properly Then this option can be added on the pod level
func WithPodName ¶
func WithPodName(name string) PodCreateOption
WithPodName sets the name of the pod.
func WithPodNamespace ¶ added in v0.7.4
func WithPodNamespace(ns string) PodCreateOption
WithPodNamespace sets the namespace for the created pod. Namespaces are used to create separate views of Podman's state - runtimes can join a specific namespace and see only containers and pods in that namespace. Empty string namespaces are allowed, and correspond to a lack of namespace. Containers must belong to the same namespace as the pod they join.
func WithPodNet ¶ added in v0.8.4
func WithPodNet() PodCreateOption
WithPodNet tells containers in this pod to use the network namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added.
func WithPodPID ¶ added in v0.8.4
func WithPodPID() PodCreateOption
WithPodPID tells containers in this pod to use the pid namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added.
func WithPodUTS ¶ added in v0.8.4
func WithPodUTS() PodCreateOption
WithPodUTS tells containers in this pod to use the uts namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added.
func WithPodUser ¶ added in v0.8.4
func WithPodUser() PodCreateOption
WithPodUser tells containers in this pod to use the user namespace created for this pod. Containers in a pod will inherit the kernel namespaces from the first container added. TODO implement WithUserNSFrom, so WithUserNsFromPod functions properly Then this option can be added on the pod level
type PodFilter ¶
PodFilter is a function to determine whether a pod is included in command output. Pods to be outputted are tested using the function. A true return will include the pod, a false return will exclude it.
type PodInspect ¶ added in v0.8.2
type PodInspect struct { Config *PodConfig State *PodInspectState Containers []PodContainerInfo }
PodInspect represents the data we want to display for podman pod inspect
type PodInspectState ¶ added in v0.8.3
type PodInspectState struct { CgroupPath string `json:"cgroupPath"` InfraContainerID string `json:"infraContainerID"` }
PodInspectState contains inspect data on the pod's state
type Runtime ¶
type Runtime struct {
// contains filtered or unexported fields
}
Runtime is the core libpod runtime
func NewRuntime ¶
func NewRuntime(ctx context.Context, options ...RuntimeOption) (runtime *Runtime, err error)
NewRuntime creates a new container runtime Options can be passed to override the default configuration for the runtime
func NewRuntimeFromConfig ¶ added in v0.3.2
func NewRuntimeFromConfig(ctx context.Context, userConfigPath string, options ...RuntimeOption) (runtime *Runtime, err error)
NewRuntimeFromConfig creates a new container runtime using the given configuration file for its default configuration. Passed RuntimeOption functions can be used to mutate this configuration further. An error will be returned if the configuration file at the given path does not exist or cannot be loaded
func (*Runtime) ApplyDiffTarStream ¶ added in v1.5.0
ApplyDiffTarStream applies the changes stored in 'diff' to the layer 'to'
func (*Runtime) Build ¶ added in v0.4.4
func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions, dockerfiles ...string) error
Build adds the runtime to the imagebuildah call
func (*Runtime) DeferredShutdown ¶ added in v1.5.0
DeferredShutdown shuts down the runtime without exposing any errors. This is only meant to be used when the runtime is being shutdown within a defer statement; else use Shutdown
func (*Runtime) Events ¶ added in v1.2.0
func (r *Runtime) Events(options events.ReadOptions) error
Events is a wrapper function for everyone to begin tailing the events log with options
func (*Runtime) EvictContainer ¶ added in v1.6.2
func (r *Runtime) EvictContainer(ctx context.Context, idOrName string, removeVolume bool) (string, error)
EvictContainer removes the given container partial or full ID or name, and returns the full ID of the evicted container and any error encountered. It should be used to remove a container when obtaining a Container struct pointer has failed. Running container will not be stopped. If removeVolume is specified, named volumes used by the container will be removed also if and only if the container is the sole user.
func (*Runtime) GetAllContainers ¶
GetAllContainers is a helper function for GetContainers
func (*Runtime) GetAllPods ¶ added in v0.7.2
GetAllPods retrieves all pods
func (*Runtime) GetAllVolumes ¶ added in v0.12.1
GetAllVolumes retrieves all the volumes
func (*Runtime) GetContainer ¶
GetContainer retrieves a container by its ID
func (*Runtime) GetContainers ¶
func (r *Runtime) GetContainers(filters ...ContainerFilter) ([]*Container, error)
GetContainers retrieves all containers from the state Filters can be provided which will determine what containers are included in the output. Multiple filters are handled by ANDing their output, so only containers matching all filters are returned
func (*Runtime) GetContainersByList ¶
GetContainersByList is a helper function for GetContainers which takes a []string of container IDs or names
func (*Runtime) GetDiff ¶
GetDiff returns the differences between the two images, layers, or containers
func (*Runtime) GetDiffTarStream ¶ added in v1.5.0
func (r *Runtime) GetDiffTarStream(from, to string) (io.ReadCloser, error)
GetDiffTarStream returns the differences between the two images, layers, or containers. It is the same functionality as GetDiff() except that it returns a tarstream
func (*Runtime) GetEvents ¶ added in v1.5.0
GetEvents reads the event log and returns events based on input filters
func (*Runtime) GetHostDistributionInfo ¶ added in v0.10.1
GetHostDistributionInfo returns a map containing the host's distribution and version
func (*Runtime) GetLastContainerEvent ¶ added in v1.5.0
func (r *Runtime) GetLastContainerEvent(nameOrID string, containerEvent events.Status) (*events.Event, error)
GetLastContainerEvent takes a container name or ID and an event status and returns the last occurrence of the container event
func (*Runtime) GetLatestContainer ¶
GetLatestContainer returns a container object of the latest created container.
func (*Runtime) GetLatestPod ¶ added in v0.7.2
GetLatestPod returns a pod object of the latest created pod.
func (*Runtime) GetOCIRuntimePath ¶ added in v1.0.0
GetOCIRuntimePath retrieves the path of the default OCI runtime.
func (*Runtime) GetRunningContainers ¶
GetRunningContainers is a helper function for GetContainers
func (*Runtime) GetRunningPods ¶ added in v0.8.3
GetRunningPods returns an array of running pods
func (*Runtime) HasContainer ¶
HasContainer checks if a container with the given ID is present
func (*Runtime) HasVolume ¶ added in v0.12.1
HasVolume checks to see if a volume with the given name exists
func (*Runtime) HealthCheck ¶ added in v1.2.0
func (r *Runtime) HealthCheck(name string) (HealthCheckStatus, error)
HealthCheck verifies the state and validity of the healthcheck configuration on the container and then executes the healthcheck
func (*Runtime) ImageRuntime ¶ added in v0.3.4
ImageRuntime returns the imageruntime for image operations. If WithNoStore() was used, no image runtime will be available, and this function will return nil.
func (*Runtime) Import ¶ added in v1.1.0
func (r *Runtime) Import(ctx context.Context, source string, reference string, changes []string, history string, quiet bool) (string, error)
Import is called as an intermediary to the image library Import
func (*Runtime) ListStorageContainers ¶ added in v1.0.4
func (r *Runtime) ListStorageContainers() ([]*StorageContainer, error)
ListStorageContainers lists all containers visible to c/storage.
func (*Runtime) LoadImage ¶ added in v1.1.0
func (r *Runtime) LoadImage(ctx context.Context, name, inputFile string, writer io.Writer, signaturePolicy string) (string, error)
LoadImage loads a container image into local storage
func (*Runtime) Log ¶ added in v1.2.0
func (r *Runtime) Log(containers []*Container, options *logs.LogOptions, logChannel chan *logs.LogLine) error
Log is a runtime function that can read one or more container logs.
func (*Runtime) LookupContainer ¶
LookupContainer looks up a container by its name or a partial ID If a partial ID is not unique, an error will be returned
func (*Runtime) LookupPod ¶
LookupPod retrieves a pod by its name or a partial ID If a partial ID is not unique, an error will be returned
func (*Runtime) LookupVolume ¶ added in v1.6.0
LookupVolume retrieves a volume by unambigious partial name.
func (*Runtime) NewContainer ¶
func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options ...CtrCreateOption) (c *Container, err error)
NewContainer creates a new container from a given OCI config.
func (*Runtime) Pods ¶
Pods retrieves all pods Filters can be provided which will determine which pods are included in the output. Multiple filters are handled by ANDing their output, so only pods matching all filters are returned
func (*Runtime) PruneVolumes ¶ added in v1.1.0
PruneVolumes removes unused volumes from the system
func (*Runtime) RemoveContainer ¶
func (r *Runtime) RemoveContainer(ctx context.Context, c *Container, force bool, removeVolume bool) error
RemoveContainer removes the given container If force is specified, the container will be stopped first If removeVolume is specified, named volumes used by the container will be removed also if and only if the container is the sole user Otherwise, RemoveContainer will return an error if the container is running
func (*Runtime) RemoveImage ¶
RemoveImage deletes an image from local storage Images being used by running containers can only be removed if force=true
func (*Runtime) RemovePod ¶
RemovePod removes a pod If removeCtrs is specified, containers will be removed Otherwise, a pod that is not empty will return an error and not be removed If force is specified with removeCtrs, all containers will be stopped before being removed Otherwise, the pod will not be removed if any containers are running
func (*Runtime) RemoveStorageContainer ¶ added in v1.0.4
RemoveStorageContainer removes a container from c/storage. The container WILL NOT be removed if it exists in libpod. Accepts ID or full name of container. If force is set, the container will be unmounted first to ensure removal.
func (*Runtime) RemoveVolume ¶ added in v0.12.1
RemoveVolume removes a volumes
func (*Runtime) RestoreContainer ¶ added in v1.4.0
func (r *Runtime) RestoreContainer(ctx context.Context, rSpec *spec.Spec, config *ContainerConfig) (c *Container, err error)
RestoreContainer re-creates a container from an imported checkpoint
func (*Runtime) Shutdown ¶
Shutdown shuts down the runtime and associated containers and storage If force is true, containers and mounted storage will be shut down before cleaning up; if force is false, an error will be returned if there are still containers running or mounted
func (*Runtime) SystemContext ¶ added in v1.0.0
func (r *Runtime) SystemContext() *types.SystemContext
SystemContext returns the imagecontext
func (*Runtime) Volumes ¶ added in v0.12.1
func (r *Runtime) Volumes(filters ...VolumeFilter) ([]*Volume, error)
Volumes retrieves all volumes Filters can be provided which will determine which volumes are included in the output. Multiple filters are handled by ANDing their output, so only volumes matching all filters are returned
func (*Runtime) WithPod ¶
func (r *Runtime) WithPod(pod *Pod) CtrCreateOption
WithPod adds the container to a pod. Containers which join a pod can only join the Linux namespaces of other containers in the same pod. Containers can only join pods in the same libpod namespace.
type RuntimeContainerMetadata ¶
type RuntimeContainerMetadata struct { // The provided name and the ID of the image that was used to // instantiate the container. ImageName string `json:"image-name"` // Applicable to both PodSandboxes and Containers ImageID string `json:"image-id"` // Applicable to both PodSandboxes and Containers // The container's name, which for an infrastructure container is usually PodName + "-infra". ContainerName string `json:"name"` // Applicable to both PodSandboxes and Containers, mandatory CreatedAt int64 `json:"created-at"` // Applicable to both PodSandboxes and Containers MountLabel string `json:"mountlabel,omitempty"` // Applicable to both PodSandboxes and Containers }
RuntimeContainerMetadata is the structure that we encode as JSON and store in the metadata field of storage.Container objects. It is used for specifying attributes containers when they are being created, and allows a container's MountLabel, and possibly other values, to be modified in one read/write cycle via calls to storageService.ContainerMetadata, RuntimeContainerMetadata.SetMountLabel, and storageService.SetContainerMetadata.
func (*RuntimeContainerMetadata) SetMountLabel ¶
func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string)
SetMountLabel updates the mount label held by a RuntimeContainerMetadata object.
type RuntimeOption ¶
A RuntimeOption is a functional option which alters the Runtime created by NewRuntime
func WithCNIConfigDir ¶
func WithCNIConfigDir(dir string) RuntimeOption
WithCNIConfigDir sets the CNI configuration directory.
func WithCNIPluginDir ¶
func WithCNIPluginDir(dir string) RuntimeOption
WithCNIPluginDir sets the CNI plugins directory.
func WithCgroupManager ¶
func WithCgroupManager(manager string) RuntimeOption
WithCgroupManager specifies the manager implementation name which is used to handle cgroups for containers. Current valid values are "cgroupfs" and "systemd".
func WithConmonEnv ¶
func WithConmonEnv(environment []string) RuntimeOption
WithConmonEnv specifies the environment variable list for the conmon process.
func WithConmonPath ¶
func WithConmonPath(path string) RuntimeOption
WithConmonPath specifies the path to the conmon binary which manages the runtime.
func WithDefaultInfraCommand ¶ added in v0.8.4
func WithDefaultInfraCommand(cmd string) RuntimeOption
WithDefaultInfraCommand sets the command to run on pause container start up.
func WithDefaultInfraImage ¶ added in v0.8.4
func WithDefaultInfraImage(img string) RuntimeOption
WithDefaultInfraImage sets the infra image for libpod. An infra image is used for inter-container kernel namespace sharing within a pod. Typically, an infra container is lightweight and is there to reap zombie processes within its pid namespace.
func WithDefaultMountsFile ¶ added in v0.4.4
func WithDefaultMountsFile(mountsFile string) RuntimeOption
WithDefaultMountsFile sets the file to look at for default mounts (mainly secrets). Note we are not saving this in the database as it is for testing purposes only.
func WithDefaultTransport ¶ added in v0.2.2
func WithDefaultTransport(defaultTransport string) RuntimeOption
WithDefaultTransport sets the default transport for retrieving images.
func WithEnableSDNotify ¶ added in v1.6.0
func WithEnableSDNotify() RuntimeOption
WithEnableSDNotify sets a runtime option so we know whether to disable socket/FD listening
func WithEventsLogger ¶ added in v1.5.0
func WithEventsLogger(logger string) RuntimeOption
WithEventsLogger sets the events backend to use. Currently supported values are "file" for file backend and "journald" for journald backend.
func WithHooksDir ¶ added in v0.4.1
func WithHooksDir(hooksDirs ...string) RuntimeOption
WithHooksDir sets the directories to look for OCI runtime hook configuration.
func WithMaxLogSize ¶
func WithMaxLogSize(limit int64) RuntimeOption
WithMaxLogSize sets the maximum size of container logs. Positive sizes are limits in bytes, -1 is unlimited.
func WithMigrate ¶ added in v1.3.0
func WithMigrate() RuntimeOption
WithMigrate instructs libpod to migrate container configurations to account for changes between Libpod versions. All running containers will be stopped during a migration, then restarted after the migration is complete.
func WithMigrateRuntime ¶ added in v1.6.2
func WithMigrateRuntime(requestedRuntime string) RuntimeOption
WithMigrateRuntime instructs Libpod to change the default OCI runtime on all containers during a migration. This is not used if `MigrateRuntime()` is not also passed. Libpod makes no promises that your containers continue to work with the new runtime - migrations between dissimilar runtimes may well break things. Use with caution.
func WithNamespace ¶ added in v0.7.4
func WithNamespace(ns string) RuntimeOption
WithNamespace sets the namespace for libpod. Namespaces are used to create scopes to separate containers and pods in the state. When namespace is set, libpod will only view containers and pods in the same namespace. All containers and pods created will default to the namespace set here. A namespace of "", the empty string, is equivalent to no namespace, and all containers and pods will be visible.
func WithNetworkCmdPath ¶ added in v1.2.0
func WithNetworkCmdPath(path string) RuntimeOption
WithNetworkCmdPath specifies the path to the slirp4netns binary which manages the runtime.
func WithNoPivotRoot ¶
func WithNoPivotRoot() RuntimeOption
WithNoPivotRoot sets the runtime to use MS_MOVE instead of PIVOT_ROOT when starting containers.
func WithNoStore ¶ added in v1.5.0
func WithNoStore() RuntimeOption
WithNoStore sets a bool on the runtime that we do not need any containers storage.
func WithOCIRuntime ¶
func WithOCIRuntime(runtime string) RuntimeOption
WithOCIRuntime specifies an OCI runtime to use for running containers.
func WithRenumber ¶ added in v1.1.0
func WithRenumber() RuntimeOption
WithRenumber instructs libpod to perform a lock renumbering while initializing. This will handle migrations from early versions of libpod with file locks to newer versions with SHM locking, as well as changes in the number of configured locks.
func WithSignaturePolicy ¶
func WithSignaturePolicy(path string) RuntimeOption
WithSignaturePolicy specifies the path of a file which decides how trust is managed for images we've pulled. If this is not specified, the system default configuration will be used instead.
func WithStateType ¶
func WithStateType(storeType define.RuntimeStateStore) RuntimeOption
WithStateType sets the backing state implementation for libpod. Please note that information is not portable between backing states. As such, if this differs between two libpods running on the same system, they will not share containers, and unspecified behavior may occur.
func WithStaticDir ¶
func WithStaticDir(dir string) RuntimeOption
WithStaticDir sets the directory that static runtime files which persist across reboots will be stored.
func WithStorageConfig ¶
func WithStorageConfig(config storage.StoreOptions) RuntimeOption
WithStorageConfig uses the given configuration to set up container storage. If this is not specified, the system default configuration will be used instead.
func WithTmpDir ¶
func WithTmpDir(dir string) RuntimeOption
WithTmpDir sets the directory that temporary runtime files which are not expected to survive across reboots will be stored. This should be located on a tmpfs mount (/tmp or /var/run for example).
func WithVolumePath ¶ added in v0.12.1
func WithVolumePath(volPath string) RuntimeOption
WithVolumePath sets the path under which all named volumes should be created. The path changes based on whethe rthe user is running as root or not.
type State ¶
type State interface { // Close performs any pre-exit cleanup (e.g. closing database // connections) that may be required Close() error // Refresh clears container and pod states after a reboot Refresh() error // GetDBConfig retrieves several paths configured within the database // when it was created - namely, Libpod root and tmp dirs, c/storage // root and tmp dirs, and c/storage graph driver. // This is not implemented by the in-memory state, as it has no need to // validate runtime configuration. GetDBConfig() (*config.DBConfig, error) // ValidateDBConfig validates the config in the given Runtime struct // against paths stored in the configured database. // Libpod root and tmp dirs and c/storage root and tmp dirs and graph // driver are validated. // This is not implemented by the in-memory state, as it has no need to // validate runtime configuration that may change over multiple runs of // the program. ValidateDBConfig(runtime *Runtime) error // SetNamespace() sets the namespace for the store, and will determine // what containers are retrieved with container and pod retrieval calls. // A namespace of "", the empty string, acts as no namespace, and // containers and pods in all namespaces will be returned. SetNamespace(ns string) error // Return a container from the database from its full ID. // If the container is not in the set namespace, an error will be // returned. Container(id string) (*Container, error) // Return a container ID from the database by full or partial ID or full // name. LookupContainerID(idOrName string) (string, error) // Return a container from the database by full or partial ID or full // name. // Containers not in the set namespace will be ignored. LookupContainer(idOrName string) (*Container, error) // Check if a container with the given full ID exists in the database. // If the container exists but is not in the set namespace, false will // be returned. HasContainer(id string) (bool, error) // Adds container to state. // The container cannot be part of a pod. // The container must have globally unique name and ID - pod names and // IDs also conflict with container names and IDs. // The container must be in the set namespace if a namespace has been // set. // All containers this container depends on must be part of the same // namespace and must not be joined to a pod. AddContainer(ctr *Container) error // Removes container from state. // Containers that are part of pods must use RemoveContainerFromPod. // The container must be part of the set namespace. RemoveContainer(ctr *Container) error // UpdateContainer updates a container's state from the backing store. // The container must be part of the set namespace. UpdateContainer(ctr *Container) error // SaveContainer saves a container's current state to the backing store. // The container must be part of the set namespace. SaveContainer(ctr *Container) error // ContainerInUse checks if other containers depend upon a given // container. // It returns a slice of the IDs of containers which depend on the given // container. If the slice is empty, no container depend on the given // container. // A container cannot be removed if other containers depend on it. // The container being checked must be part of the set namespace. ContainerInUse(ctr *Container) ([]string, error) // Retrieves all containers presently in state. // If a namespace is set, only containers within the namespace will be // returned. AllContainers() ([]*Container, error) // Return a container config from the database by full ID GetContainerConfig(id string) (*ContainerConfig, error) // PLEASE READ FULL DESCRIPTION BEFORE USING. // Rewrite a container's configuration. // This function breaks libpod's normal prohibition on a read-only // configuration, and as such should be used EXTREMELY SPARINGLY and // only in very specific circumstances. // Specifically, it is ONLY safe to use thing function to make changes // that result in a functionally identical configuration (migrating to // newer, but identical, configuration fields), or during libpod init // WHILE HOLDING THE ALIVE LOCK (to prevent other libpod instances from // being initialized). // Most things in config can be changed by this, but container ID and // name ABSOLUTELY CANNOT BE ALTERED. If you do so, there is a high // potential for database corruption. // There are a lot of capital letters and conditions here, but the short // answer is this: use this only very sparingly, and only if you really // know what you're doing. RewriteContainerConfig(ctr *Container, newCfg *ContainerConfig) error // PLEASE READ THE DESCRIPTION FOR RewriteContainerConfig BEFORE USING. // This function is identical to RewriteContainerConfig, save for the // fact that it is used with pods instead. // It is subject to the same conditions as RewriteContainerConfig. // Please do not use this unless you know what you're doing. RewritePodConfig(pod *Pod, newCfg *PodConfig) error // PLEASE READ THE DESCRIPTION FOR RewriteContainerConfig BEFORE USING. // This function is identical to RewriteContainerConfig, save for the // fact that it is used with volumes instead. // It is subject to the same conditions as RewriteContainerConfig. // The exception is that volumes do not have IDs, so only volume name // cannot be altered. // Please do not use this unless you know what you're doing. RewriteVolumeConfig(volume *Volume, newCfg *VolumeConfig) error // Accepts full ID of pod. // If the pod given is not in the set namespace, an error will be // returned. Pod(id string) (*Pod, error) // Accepts full or partial IDs (as long as they are unique) and names. // Pods not in the set namespace are ignored. LookupPod(idOrName string) (*Pod, error) // Checks if a pod with the given ID is present in the state. // If the given pod is not in the set namespace, false is returned. HasPod(id string) (bool, error) // Check if a pod has a container with the given ID. // The pod must be part of the set namespace. PodHasContainer(pod *Pod, ctrID string) (bool, error) // Get the IDs of all containers in a pod. // The pod must be part of the set namespace. PodContainersByID(pod *Pod) ([]string, error) // Get all the containers in a pod. // The pod must be part of the set namespace. PodContainers(pod *Pod) ([]*Container, error) // Adds pod to state. // The pod must be part of the set namespace. // The pod's name and ID must be globally unique. AddPod(pod *Pod) error // Removes pod from state. // Only empty pods can be removed from the state. // The pod must be part of the set namespace. RemovePod(pod *Pod) error // Remove all containers from a pod. // Used to simultaneously remove containers that might otherwise have // dependency issues. // Will fail if a dependency outside the pod is encountered. // The pod must be part of the set namespace. RemovePodContainers(pod *Pod) error // AddContainerToPod adds a container to an existing pod. // The container given will be added to the state and the pod. // The container and its dependencies must be part of the given pod, // and the given pod's namespace. // The pod must be part of the set namespace. // The pod must already exist in the state. // The container's name and ID must be globally unique. AddContainerToPod(pod *Pod, ctr *Container) error // RemoveContainerFromPod removes a container from an existing pod. // The container will also be removed from the state. // The container must be in the given pod, and the pod must be in the // set namespace. RemoveContainerFromPod(pod *Pod, ctr *Container) error // UpdatePod updates a pod's state from the database. // The pod must be in the set namespace. UpdatePod(pod *Pod) error // SavePod saves a pod's state to the database. // The pod must be in the set namespace. SavePod(pod *Pod) error // Retrieves all pods presently in state. // If a namespace has been set, only pods in that namespace will be // returned. AllPods() ([]*Pod, error) // Volume accepts full name of volume // If the volume doesn't exist, an error will be returned Volume(volName string) (*Volume, error) // LookupVolume accepts an unambiguous partial name or full name of a // volume. Ambiguous names will result in an error. LookupVolume(name string) (*Volume, error) // HasVolume returns true if volName exists in the state, // otherwise it returns false HasVolume(volName string) (bool, error) // VolumeInUse goes through the container dependencies of a volume // and checks if the volume is being used by any container. If it is // a slice of container IDs using the volume is returned VolumeInUse(volume *Volume) ([]string, error) // AddVolume adds the specified volume to state. The volume's name // must be unique within the list of existing volumes AddVolume(volume *Volume) error // RemoveVolume removes the specified volume. // Only volumes that have no container dependencies can be removed RemoveVolume(volume *Volume) error // UpdateVolume updates the volume's state from the database. UpdateVolume(volume *Volume) error // SaveVolume saves a volume's state to the database. SaveVolume(volume *Volume) error // AllVolumes returns all the volumes available in the state AllVolumes() ([]*Volume, error) }
State is a storage backend for libpod's current state. A State is only initialized once per instance of libpod. As such, initialization methods for State implementations may safely assume they will be run as a singleton. For all container and pod retrieval methods, a State must retrieve the Configuration struct of the container or pod and include it in the returned struct. The State of the container or pod may optionally be included as well, but this is not a requirement. As such, all containers and pods must be synced with the database via the UpdateContainer and UpdatePod calls before any state-specific information is retrieved after they are pulled from the database. Generally speaking, the syncContainer() call should be run at the beginning of all API operations, which will silently handle this.
func NewBoltState ¶
NewBoltState creates a new bolt-backed state database
func NewInMemoryState ¶
NewInMemoryState initializes a new, empty in-memory state
type StorageContainer ¶ added in v1.0.4
type StorageContainer struct { ID string Names []string Image string CreateTime time.Time PresentInLibpod bool }
StorageContainer represents a container present in c/storage but not in libpod.
type Volume ¶ added in v0.12.1
type Volume struct {
// contains filtered or unexported fields
}
Volume is a libpod named volume. Named volumes may be shared by multiple containers, and may be created using more complex options than normal bind mounts. They may be backed by a mounted filesystem on the host.
func (*Volume) CreatedTime ¶ added in v1.6.0
CreatedTime returns the time the volume was created at. It was not tracked for some time, so older volumes may not contain one.
func (*Volume) Inspect ¶ added in v1.6.0
func (v *Volume) Inspect() (*InspectVolumeData, error)
Inspect provides detailed information about the configuration of the given volume.
func (*Volume) IsCtrSpecific ¶ added in v1.1.0
IsCtrSpecific returns whether this volume was created specifically for a given container. Images with this set to true will be removed when the container is removed with the Volumes parameter set to true.
func (*Volume) MountPoint ¶ added in v0.12.1
MountPoint returns the volume's mountpoint on the host
type VolumeConfig ¶ added in v0.12.1
type VolumeConfig struct { // Name of the volume. Name string `json:"name"` // ID of the volume's lock. LockID uint32 `json:"lockID"` // Labels for the volume. Labels map[string]string `json:"labels"` // The volume driver. Empty string or local does not activate a volume // driver, all other volumes will. Driver string `json:"volumeDriver"` // The location the volume is mounted at. MountPoint string `json:"mountPoint"` // Time the volume was created. CreatedTime time.Time `json:"createdAt,omitempty"` // Options to pass to the volume driver. For the local driver, this is // a list of mount options. For other drivers, they are passed to the // volume driver handling the volume. Options map[string]string `json:"volumeOptions,omitempty"` // Whether this volume was created for a specific container and will be // removed with it. IsCtrSpecific bool `json:"ctrSpecific"` // UID the volume will be created as. UID int `json:"uid"` // GID the volume will be created as. GID int `json:"gid"` }
VolumeConfig holds the volume's immutable configuration.
type VolumeCreateOption ¶ added in v0.12.1
A VolumeCreateOption is a functional option which alters the Volume created by NewVolume
func WithVolumeDriver ¶ added in v0.12.1
func WithVolumeDriver(driver string) VolumeCreateOption
WithVolumeDriver sets the volume's driver. It is presently not implemented, but will be supported in a future Podman release.
func WithVolumeGID ¶ added in v1.2.0
func WithVolumeGID(gid int) VolumeCreateOption
WithVolumeGID sets the GID that the volume will be created as.
func WithVolumeLabels ¶ added in v0.12.1
func WithVolumeLabels(labels map[string]string) VolumeCreateOption
WithVolumeLabels sets the labels of the volume.
func WithVolumeName ¶ added in v0.12.1
func WithVolumeName(name string) VolumeCreateOption
WithVolumeName sets the name of the volume.
func WithVolumeOptions ¶ added in v0.12.1
func WithVolumeOptions(options map[string]string) VolumeCreateOption
WithVolumeOptions sets the options of the volume. If the "local" driver has been selected, options will be validated. There are currently 3 valid options for the "local" driver - o, type, and device.
func WithVolumeUID ¶ added in v1.2.0
func WithVolumeUID(uid int) VolumeCreateOption
WithVolumeUID sets the UID that the volume will be created as.
type VolumeFilter ¶ added in v0.12.1
VolumeFilter is a function to determine whether a volume is included in command output. Volumes to be outputted are tested using the function. a true return will include the volume, a false return will exclude it.
type VolumeState ¶ added in v1.6.0
type VolumeState struct { // MountCount is the number of times this volume has been requested to // be mounted. // It is incremented on mount() and decremented on unmount(). // On incrementing from 0, the volume will be mounted on the host. // On decrementing to 0, the volume will be unmounted on the host. MountCount uint `json:"mountCount"` // NeedsCopyUp indicates that the next time the volume is mounted into // a container, the container will "copy up" the contents of the // mountpoint into the volume. // This should only be done once. As such, this is set at container // create time, then cleared after the copy up is done and never set // again. NeedsCopyUp bool `json:"notYetMounted,omitempty"` }
VolumeState holds the volume's mutable state. Volumes are not guaranteed to have a state. Only volumes using the Local driver that have mount options set will create a state.
Source Files ¶
- boltdb_state.go
- boltdb_state_internal.go
- boltdb_state_linux.go
- container.go
- container.log.go
- container_api.go
- container_commit.go
- container_graph.go
- container_inspect.go
- container_internal.go
- container_internal_linux.go
- container_linux.go
- container_log_unsupported.go
- container_top_linux.go
- diff.go
- events.go
- healthcheck.go
- healthcheck_linux.go
- in_memory_state.go
- info.go
- kube.go
- mounts_linux.go
- networking_linux.go
- oci.go
- oci_attach_linux.go
- oci_attach_linux_cgo.go
- oci_conmon_linux.go
- oci_missing.go
- oci_util.go
- options.go
- pod.go
- pod_api.go
- pod_internal.go
- pod_top_linux.go
- runtime.go
- runtime_cstorage.go
- runtime_ctr.go
- runtime_img.go
- runtime_migrate.go
- runtime_pod.go
- runtime_pod_infra_linux.go
- runtime_pod_linux.go
- runtime_renumber.go
- runtime_volume.go
- runtime_volume_linux.go
- state.go
- stats.go
- stats_config.go
- storage.go
- util.go
- util_linux.go
- volume.go
- volume_inspect.go
- volume_internal.go
- volume_internal_linux.go