Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConfigureGeneratorGivenNamespacePaths ¶
func ConfigureGeneratorGivenNamespacePaths(managedNamespaces []*sandbox.ManagedNamespace, g *generate.Generator) error
ConfigureGeneratorGivenNamespacePaths takes a map of nsType -> nsPath. It configures the generator to add or replace the defaults to these paths
Types ¶
type Container ¶
type Container interface {
// SetConfig sets the configuration to the container and validates it
SetConfig(*types.ContainerConfig, *types.PodSandboxConfig) error
// SetNameAndID sets a container name and ID
// It can either generate a new ID or use an existing ID
// if specified as parameter (for container restore)
SetNameAndID(string) error
// Config returns the container CRI configuration
Config() *types.ContainerConfig
// SandboxConfig returns the sandbox CRI configuration
SandboxConfig() *types.PodSandboxConfig
// ID returns the container ID
ID() string
// Name returns the container name
Name() string
// SetPrivileged sets the privileged bool for the container
SetPrivileged() error
// Privileged returns whether this container is privileged
Privileged() bool
// LogPath returns the log path for the container
// It takes as input the LogDir of the sandbox, which is used
// if there is no LogDir configured in the sandbox CRI config
LogPath(string) (string, error)
// DisableFips returns whether the container should disable fips mode
DisableFips() bool
// UserRequestedImage returns the image specified in the container spec, or an error
UserRequestedImage() (string, error)
// ReadOnly returns whether the rootfs should be readonly
// it takes a bool as to whether crio was configured to
// be readonly, which it defaults to if the container wasn't
// specifically asked to be read only
ReadOnly(bool) bool
// SelinuxLabel returns the container's SelinuxLabel
// it takes the sandbox's label, which it falls back upon
SelinuxLabel(string) ([]string, error)
// SetRestore marks the container as being restored from a checkpoint
SetRestore(bool)
// Restore returns if the container is marked as being
// restored from a checkpoint
Restore() bool
// returns the spec
Spec() *generate.Generator
// SpecAddMount adds a mount to the container's spec
// it takes the rspec mount object
// if there is already a mount at the path specified, it removes it.
SpecAddMount(rspec.Mount)
// SpecAddAnnotations adds annotations to the spec.
SpecAddAnnotations(ctx context.Context, sandbox *sandbox.Sandbox, containerVolume []oci.ContainerVolume, mountPoint, configStopSignal string, imageResult *storage.ImageResult, isSystemd bool, seccompRef, platformRuntimePath string) error
// SpecAddDevices adds devices from the server config, and container CRI config
SpecAddDevices([]device.Device, []device.Device, bool, bool) error
// AddUnifiedResourcesFromAnnotations adds the cgroup-v2 resources specified in the io.kubernetes.cri-o.UnifiedCgroup annotation
AddUnifiedResourcesFromAnnotations(annotationsMap map[string]string) error
// SpecSetProcessArgs sets the process args in the spec,
// given the image information and passed-in container config
SpecSetProcessArgs(imageOCIConfig *v1.Image) error
// SpecAddNamespaces sets the container's namespaces.
SpecAddNamespaces(*sandbox.Sandbox, *oci.Container, *config.Config) error
// SpecSetupCapabilities sets up the container's capabilities
SpecSetupCapabilities(*types.Capability, capabilities.Capabilities, bool) error
// PidNamespace returns the pid namespace created by SpecAddNamespaces.
PidNamespace() nsmgr.Namespace
// WillRunSystemd checks whether the process args
// are configured to be run as a systemd instance.
WillRunSystemd() bool
}
Container is the main public container interface
Source Files
Click to show internal directories.
Click to hide internal directories.