sandbox

package
v1.31.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 3, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultShmSize = 64 * 1024 * 1024

DefaultShmSize is the default shm size.

View Source 
const DevShmPath = "/dev/shm"

DevShmPath is the default system wide shared memory path.

Variables

View Source 
var ErrIDEmpty = errors.New("PodSandboxId should not be empty")

ErrIDEmpty is the error returned when the id of the sandbox is empty.

Functions

This section is empty.

Types

type History 

type History []*Sandbox

History is a convenience type for storing a list of sandboxes, sorted by creation date in descendant order.

func (*History) Len 

func (history *History) Len() int

Len returns the number of sandboxes in the history.

func (*History) Less 

func (history *History) Less(i, j int) bool

Less compares two sandboxes and returns true if the second one was created before the first one.

func (*History) Swap 

func (history *History) Swap(i, j int)

Swap switches sandboxes i and j positions in the history.

type ManagedNamespace added in v1.17.0 

type ManagedNamespace struct {
	// contains filtered or unexported fields
}

ManagedNamespace is a structure that holds all the necessary information a caller would need for a sandbox managed namespace Where nsmgr.Namespace does hold similar information, ManagedNamespace exists to allow this library to not return data not necessarily in a Namespace (for instance, when a namespace is not managed by CRI-O, but instead is based off of the infra pid).

func (*ManagedNamespace) Path added in v1.17.0 

func (m *ManagedNamespace) Path() string

Type returns the namespace path.

func (*ManagedNamespace) Type added in v1.17.0 

func (m *ManagedNamespace) Type() nsmgr.NSType

Type returns the namespace type.

type Sandbox 

type Sandbox struct {
	// contains filtered or unexported fields
}

Sandbox contains data surrounding kubernetes sandboxes on the server.

func New 

func New(id, namespace, name, kubeName, logDir string, labels, annotations map[string]string, processLabel, mountLabel string, metadata *types.PodSandboxMetadata, shmPath, cgroupParent string, privileged bool, runtimeHandler, resolvPath, hostname string, portMappings []*hostport.PortMapping, hostNetwork bool, createdAt time.Time, usernsMode string, overhead, resources *types.LinuxContainerResources) (*Sandbox, error)

New creates and populates a new pod sandbox New sandboxes have no containers, no infra container, and no network namespaces associated with them An infra container must be attached before the sandbox is added to the state.

func (*Sandbox) AddContainer 

func (s *Sandbox) AddContainer(ctx context.Context, c *oci.Container)

AddContainer adds a container to the sandbox.

func (*Sandbox) AddHostnamePath 

func (s *Sandbox) AddHostnamePath(hostname string)

AddHostnamePath adds the hostname path to the sandbox.

func (*Sandbox) AddIPs 

func (s *Sandbox) AddIPs(ips []string)

AddIPs stores the ip in the sandbox.

func (*Sandbox) AddManagedNamespaces added in v1.21.0 

func (s *Sandbox) AddManagedNamespaces(namespaces []nsmgr.Namespace)

func (*Sandbox) Annotations 

func (s *Sandbox) Annotations() map[string]string

Annotations returns a list of annotations for the sandbox.

func (*Sandbox) CRISandbox added in v1.23.0 

func (s *Sandbox) CRISandbox() *types.PodSandbox

func (*Sandbox) CgroupParent 

func (s *Sandbox) CgroupParent() string

CgroupParent returns the cgroup parent of the sandbox.

func (*Sandbox) ContainerEnvPath added in v1.23.0 

func (s *Sandbox) ContainerEnvPath() string

ContainerEnvPath retrieves the .containerenv path from a sandbox.

func (*Sandbox) Containers 

func (s *Sandbox) Containers() oci.ContainerStorer

Containers returns the ContainerStorer that contains information on all of the containers in the sandbox.

func (*Sandbox) Created 

func (s *Sandbox) Created() bool

Created returns the created status of sandbox.

func (*Sandbox) CreatedAt added in v1.18.0 

func (s *Sandbox) CreatedAt() int64

func (*Sandbox) DNSConfig added in v1.25.0 

func (s *Sandbox) DNSConfig() *types.DNSConfig

DNSConfig returns the dnsConfig for the sandbox.

func (*Sandbox) GetContainer 

func (s *Sandbox) GetContainer(ctx context.Context, name string) *oci.Container

GetContainer retrieves a container from the sandbox.

func (*Sandbox) HostNetwork 

func (s *Sandbox) HostNetwork() bool

HostNetwork returns whether the sandbox runs in the host network namespace.

func (*Sandbox) Hostname 

func (s *Sandbox) Hostname() string

Hostname returns the hostname of the sandbox.

func (*Sandbox) HostnamePath 

func (s *Sandbox) HostnamePath() string

HostnamePath retrieves the hostname path from a sandbox.

func (*Sandbox) ID 

func (s *Sandbox) ID() string

ID returns the id of the sandbox.

func (*Sandbox) IPs 

func (s *Sandbox) IPs() []string

IPs returns the ip of the sandbox.

func (*Sandbox) InfraContainer 

func (s *Sandbox) InfraContainer() *oci.Container

InfraContainer returns the infrastructure container for the sandbox.

func (*Sandbox) IpcNsJoin added in v1.17.0 

func (s *Sandbox) IpcNsJoin(nspath string) error

IpcNsJoin attempts to join the sandbox to an existing IPC namespace This will fail if the sandbox is already part of a IPC namespace.

func (*Sandbox) IpcNsPath added in v1.17.0 

func (s *Sandbox) IpcNsPath() string

IpcNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

func (*Sandbox) KubeName 

func (s *Sandbox) KubeName() string

KubeName returns the kubernetes name for the sandbox.

func (*Sandbox) Labels 

func (s *Sandbox) Labels() fields.Set

Labels returns the labels associated with the sandbox.

func (*Sandbox) LogDir 

func (s *Sandbox) LogDir() string

LogDir returns the location of the logging directory for the sandbox.

func (*Sandbox) Metadata 

func (s *Sandbox) Metadata() *types.PodSandboxMetadata

Metadata returns a set of metadata about the sandbox.

func (*Sandbox) MountLabel 

func (s *Sandbox) MountLabel() string

MountLabel returns the mount label for the sandbox.

func (*Sandbox) Name 

func (s *Sandbox) Name() string

Name returns the name of the sandbox.

func (*Sandbox) Namespace 

func (s *Sandbox) Namespace() string

Namespace returns the namespace for the sandbox.

func (*Sandbox) NamespaceOptions 

func (s *Sandbox) NamespaceOptions() *types.NamespaceOption

NamespaceOptions returns the namespace options for the sandbox.

func (*Sandbox) NamespacePaths added in v1.17.0 

func (s *Sandbox) NamespacePaths() []*ManagedNamespace

NamespacePaths returns all the paths of the namespaces of the sandbox. If a namespace is not managed by the sandbox, the namespace of the infra container will be returned. It returns a slice of ManagedNamespaces.

func (*Sandbox) NeedsInfra added in v1.19.0 

func (s *Sandbox) NeedsInfra(serverDropsInfra bool) bool

NeedsInfra is a function that returns whether the sandbox will need an infra container. If the server manages the namespace lifecycles, and the Pid option on the sandbox is node or container level, the infra container is not needed.

func (*Sandbox) NetNsJoin 

func (s *Sandbox) NetNsJoin(nspath string) error

NetNsJoin attempts to join the sandbox to an existing network namespace This will fail if the sandbox is already part of a network namespace.

func (*Sandbox) NetNsPath 

func (s *Sandbox) NetNsPath() string

NetNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

func (*Sandbox) NetworkStopped added in v1.16.3 

func (s *Sandbox) NetworkStopped() bool

NetworkStopped returns whether the network has been stopped.

func (*Sandbox) PidNsPath added in v1.19.0 

func (s *Sandbox) PidNsPath() string

PidNsPath returns the path to the pid namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

func (*Sandbox) PodLinuxOverhead added in v1.28.0 

func (s *Sandbox) PodLinuxOverhead() *types.LinuxContainerResources

PodLinuxOverhead returns the overheads associated with this sandbox.

func (*Sandbox) PodLinuxResources added in v1.28.0 

func (s *Sandbox) PodLinuxResources() *types.LinuxContainerResources

PodLinuxResources returns the sum of container resources for this sandbox.

func (*Sandbox) PortMappings 

func (s *Sandbox) PortMappings() []*hostport.PortMapping

PortMappings returns a list of port mappings between the host and the sandbox.

func (*Sandbox) Privileged 

func (s *Sandbox) Privileged() bool

Privileged returns whether or not the containers in the sandbox are privileged containers.

func (*Sandbox) ProcessLabel 

func (s *Sandbox) ProcessLabel() string

ProcessLabel returns the process label for the sandbox.

func (*Sandbox) Ready added in v1.18.0 

func (s *Sandbox) Ready(takeLock bool) bool

Ready returns whether the sandbox should be marked as ready to the kubelet if there is no infra container, it is always considered ready. `takeLock` should be set if we need to take the lock to get the infra container's state. If there is no infra container, it is never considered ready. If the infra container is spoofed, the pod is considered ready when it has been created, but not stopped.

func (*Sandbox) RemoveContainer 

func (s *Sandbox) RemoveContainer(ctx context.Context, c *oci.Container)

RemoveContainer deletes a container from the sandbox.

func (*Sandbox) RemoveInfraContainer 

func (s *Sandbox) RemoveInfraContainer()

RemoveInfraContainer removes the infrastructure container of a sandbox.

func (*Sandbox) RemoveManagedNamespaces added in v1.17.0 

func (s *Sandbox) RemoveManagedNamespaces() error

RemoveManagedNamespaces removes the formerly mounted namespace. Must be stopped first or this will fail.

func (*Sandbox) ResolvPath 

func (s *Sandbox) ResolvPath() string

ResolvPath returns the resolv path for the sandbox.

func (*Sandbox) RestoreStopped added in v1.16.3 

func (s *Sandbox) RestoreStopped()

func (*Sandbox) RuntimeHandler 

func (s *Sandbox) RuntimeHandler() string

RuntimeHandler returns the name of the runtime handler that should be picked from the list of runtimes. The name must match the key from the map of runtimes.

func (*Sandbox) SeccompProfilePath 

func (s *Sandbox) SeccompProfilePath() string

SeccompProfilePath returns the seccomp profile path.

func (*Sandbox) SetContainerEnvFile added in v1.23.0 

func (s *Sandbox) SetContainerEnvFile(ctx context.Context) error

SetContainerEnvFile sets the container environment file.

func (*Sandbox) SetCreated 

func (s *Sandbox) SetCreated()

SetCreated sets the created status of sandbox to true.

func (*Sandbox) SetDNSConfig added in v1.25.0 

func (s *Sandbox) SetDNSConfig(dnsConfig *types.DNSConfig)

SetDNSConfig sets the DNSConfig.

func (*Sandbox) SetInfraContainer 

func (s *Sandbox) SetInfraContainer(infraCtr *oci.Container) error

SetInfraContainer sets the infrastructure container of a sandbox Attempts to set the infrastructure container after one is already present will throw an error.

func (*Sandbox) SetNamespaceOptions 

func (s *Sandbox) SetNamespaceOptions(nsOpts *types.NamespaceOption)

SetNamespaceOptions sets whether the pod is running using host network.

func (*Sandbox) SetNetworkStopped added in v1.16.3 

func (s *Sandbox) SetNetworkStopped(ctx context.Context, createFile bool) error

SetNetworkStopped sets the sandbox network state as stopped This should be set after a network stop operation succeeds, so we don't double stop the network if createFile is true, it creates a "network-stopped" file in the infra container's persistent dir this is used to track the network is stopped over reboots returns an error if an error occurred when creating the network-stopped file.

func (*Sandbox) SetSeccompProfilePath 

func (s *Sandbox) SetSeccompProfilePath(pp string)

SetSeccompProfilePath sets the seccomp profile path.

func (*Sandbox) SetStopped 

func (s *Sandbox) SetStopped(ctx context.Context, createFile bool)

SetStopped sets the sandbox state to stopped. This should be set after a stop operation succeeds so that subsequent stops can return fast. if createFile is true, it also creates a "stopped" file in the infra container's persistent dir this is used to track the sandbox is stopped over reboots.

func (*Sandbox) ShmPath 

func (s *Sandbox) ShmPath() string

ShmPath returns the shm path of the sandbox.

func (*Sandbox) State added in v1.23.0 

func (s *Sandbox) State() types.PodSandboxState

func (*Sandbox) StopMutex 

func (s *Sandbox) StopMutex() *sync.RWMutex

StopMutex returns the mutex to use when stopping the sandbox.

func (*Sandbox) Stopped 

func (s *Sandbox) Stopped() bool

Stopped returns whether the sandbox state has been set to stopped.

func (*Sandbox) UnmountShm added in v1.17.0 

func (s *Sandbox) UnmountShm(ctx context.Context) error

UnmountShm removes the shared memory mount for the sandbox and returns an error if any failure occurs.

func (*Sandbox) UserNsJoin added in v1.17.0 

func (s *Sandbox) UserNsJoin(nspath string) error

UserNsJoin attempts to join the sandbox to an existing User namespace This will fail if the sandbox is already part of a User namespace.

func (*Sandbox) UserNsPath 

func (s *Sandbox) UserNsPath() string

UserNsPath returns the path to the user namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

func (*Sandbox) UsernsMode added in v1.20.0 

func (s *Sandbox) UsernsMode() string

UsernsMode returns the mode for setting the user namespace, if any.

func (*Sandbox) UtsNsJoin added in v1.17.0 

func (s *Sandbox) UtsNsJoin(nspath string) error

UtsNsJoin attempts to join the sandbox to an existing UTS namespace This will fail if the sandbox is already part of a UTS namespace.

func (*Sandbox) UtsNsPath added in v1.17.0 

func (s *Sandbox) UtsNsPath() string

UtsNsPath returns the path to the network namespace of the sandbox. If the sandbox uses the host namespace, the empty string is returned.

type StoreFilter 

type StoreFilter func(*Sandbox) bool

StoreFilter defines a function to filter sandboxes in the store.

type StoreReducer 

type StoreReducer func(*Sandbox)

StoreReducer defines a function to manipulate sandboxes in the store.

type Storer 

type Storer interface {
	// Add appends a new sandbox to the store.
	Add(string, *Sandbox)
	// Get returns a sandbox from the store by the identifier it was stored with.
	Get(string) *Sandbox
	// Delete removes a sandbox from the store by the identifier it was stored with.
	Delete(string)
	// List returns a list of sandboxes from the store.
	List() []*Sandbox
	// Size returns the number of sandboxes in the store.
	Size() int
	// First returns the first sandbox found in the store by a given filter.
	First(StoreFilter) *Sandbox
	// ApplyAll calls the reducer function with every sandbox in the store.
	ApplyAll(StoreReducer)
}

Storer defines an interface that any container store must implement.

func NewMemoryStore 

func NewMemoryStore() Storer

NewMemoryStore initializes a new memory store.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.