container

package
v24.0.2+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 25, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const MinimumDuration = 1 * time.Millisecond

MinimumDuration puts a minimum on user configured duration. This is to prevent API error on time unit. For example, API may set 3 as healthcheck interval with intention of 3 seconds, but Docker interprets it as 3 nanoseconds.

Variables

This section is empty.

Functions

This section is empty.

Types

type CgroupSpec

type CgroupSpec string

CgroupSpec represents the cgroup to use for the container.

func (CgroupSpec) Container

func (c CgroupSpec) Container() (idOrName string)

Container returns the ID or name of the container whose cgroup will be used.

func (CgroupSpec) IsContainer

func (c CgroupSpec) IsContainer() bool

IsContainer indicates whether the container is using another container cgroup

func (CgroupSpec) Valid

func (c CgroupSpec) Valid() bool

Valid indicates whether the cgroup spec is valid.

type CgroupnsMode

type CgroupnsMode string

CgroupnsMode represents the cgroup namespace mode of the container

const (
	CgroupnsModeEmpty   CgroupnsMode = ""
	CgroupnsModePrivate CgroupnsMode = "private"
	CgroupnsModeHost    CgroupnsMode = "host"
)

cgroup namespace modes for containers

func (CgroupnsMode) IsEmpty

func (c CgroupnsMode) IsEmpty() bool

IsEmpty indicates whether the container cgroup namespace mode is unset

func (CgroupnsMode) IsHost

func (c CgroupnsMode) IsHost() bool

IsHost indicates whether the container shares the host's cgroup namespace

func (CgroupnsMode) IsPrivate

func (c CgroupnsMode) IsPrivate() bool

IsPrivate indicates whether the container uses its own private cgroup namespace

func (CgroupnsMode) Valid

func (c CgroupnsMode) Valid() bool

Valid indicates whether the cgroup namespace mode is valid

type ChangeType

type ChangeType uint8

ChangeType Kind of change

Can be one of:

- `0`: Modified ("C") - `1`: Added ("A") - `2`: Deleted ("D")

swagger:model ChangeType

const (
	// ChangeModify represents the modify operation.
	ChangeModify ChangeType = 0
	// ChangeAdd represents the add operation.
	ChangeAdd ChangeType = 1
	// ChangeDelete represents the delete operation.
	ChangeDelete ChangeType = 2
)

func (ChangeType) String

func (ct ChangeType) String() string

type Config

type Config struct {
	Hostname        string              // Hostname
	Domainname      string              // Domainname
	User            string              // User that will run the command(s) inside the container, also support user:group
	AttachStdin     bool                // Attach the standard input, makes possible user interaction
	AttachStdout    bool                // Attach the standard output
	AttachStderr    bool                // Attach the standard error
	ExposedPorts    nat.PortSet         `json:",omitempty"` // List of exposed ports
	Tty             bool                // Attach standard streams to a tty, including stdin if it is not closed.
	OpenStdin       bool                // Open stdin
	StdinOnce       bool                // If true, close stdin after the 1 attached client disconnects.
	Env             []string            // List of environment variable to set in the container
	Cmd             strslice.StrSlice   // Command to run when starting the container
	Healthcheck     *HealthConfig       `json:",omitempty"` // Healthcheck describes how to check the container is healthy
	ArgsEscaped     bool                `json:",omitempty"` // True if command is already escaped (meaning treat as a command line) (Windows specific).
	Image           string              // Name of the image as it was passed by the operator (e.g. could be symbolic)
	Volumes         map[string]struct{} // List of volumes (mounts) used for the container
	WorkingDir      string              // Current directory (PWD) in the command will be launched
	Entrypoint      strslice.StrSlice   // Entrypoint to run when starting the container
	NetworkDisabled bool                `json:",omitempty"` // Is network disabled
	MacAddress      string              `json:",omitempty"` // Mac Address of the container
	OnBuild         []string            // ONBUILD metadata that were defined on the image Dockerfile
	Labels          map[string]string   // List of labels set to this container
	StopSignal      string              `json:",omitempty"` // Signal to stop a container
	StopTimeout     *int                `json:",omitempty"` // Timeout (in seconds) to stop a container
	Shell           strslice.StrSlice   `json:",omitempty"` // Shell for shell-form of RUN, CMD, ENTRYPOINT
}

Config contains the configuration data about a container. It should hold only portable information about the container. Here, "portable" means "independent from the host we are running on". Non-portable information *should* appear in HostConfig. All fields added to this struct must be marked `omitempty` to keep getting predictable hashes from the old `v1Compatibility` configuration.

type ContainerChangeResponseItem deprecated

type ContainerChangeResponseItem = FilesystemChange

ContainerChangeResponseItem change item in response to ContainerChanges operation

Deprecated: use FilesystemChange.

type ContainerTopOKBody

type ContainerTopOKBody struct {

	// Each process running in the container, where each is process
	// is an array of values corresponding to the titles.
	//
	// Required: true
	Processes [][]string `json:"Processes"`

	// The ps column titles
	// Required: true
	Titles []string `json:"Titles"`
}

ContainerTopOKBody OK response to ContainerTop operation swagger:model ContainerTopOKBody

type ContainerUpdateOKBody

type ContainerUpdateOKBody struct {

	// warnings
	// Required: true
	Warnings []string `json:"Warnings"`
}

ContainerUpdateOKBody OK response to ContainerUpdate operation swagger:model ContainerUpdateOKBody

type CreateResponse

type CreateResponse struct {

	// The ID of the created container
	// Required: true
	ID string `json:"Id"`

	// Warnings encountered when creating the container
	// Required: true
	Warnings []string `json:"Warnings"`
}

CreateResponse ContainerCreateResponse

OK response to ContainerCreate operation swagger:model CreateResponse

type DeviceMapping

type DeviceMapping struct {
	PathOnHost        string
	PathInContainer   string
	CgroupPermissions string
}

DeviceMapping represents the device mapping between the host and the container.

type DeviceRequest

type DeviceRequest struct {
	Driver       string            // Name of device driver
	Count        int               // Number of devices to request (-1 = All)
	DeviceIDs    []string          // List of device IDs as recognizable by the device driver
	Capabilities [][]string        // An OR list of AND lists of device capabilities (e.g. "gpu")
	Options      map[string]string // Options to pass onto the device driver
}

DeviceRequest represents a request for devices from a device driver. Used by GPU device drivers.

type ExecStartOptions

type ExecStartOptions struct {
	Stdin       io.Reader
	Stdout      io.Writer
	Stderr      io.Writer
	ConsoleSize *[2]uint `json:",omitempty"`
}

ExecStartOptions holds the options to start container's exec.

type FilesystemChange

type FilesystemChange struct {

	// kind
	// Required: true
	Kind ChangeType `json:"Kind"`

	// Path to file or directory that has changed.
	//
	// Required: true
	Path string `json:"Path"`
}

FilesystemChange Change in the container's filesystem.

swagger:model FilesystemChange

type HealthConfig

type HealthConfig struct {
	// Test is the test to perform to check that the container is healthy.
	// An empty slice means to inherit the default.
	// The options are:
	// {} : inherit healthcheck
	// {"NONE"} : disable healthcheck
	// {"CMD", args...} : exec arguments directly
	// {"CMD-SHELL", command} : run command with system's default shell
	Test []string `json:",omitempty"`

	// Zero means to inherit. Durations are expressed as integer nanoseconds.
	Interval    time.Duration `json:",omitempty"` // Interval is the time to wait between checks.
	Timeout     time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung.
	StartPeriod time.Duration `json:",omitempty"` // The start period for the container to initialize before the retries starts to count down.

	// Retries is the number of consecutive failures needed to consider a container as unhealthy.
	// Zero means inherit.
	Retries int `json:",omitempty"`
}

HealthConfig holds configuration settings for the HEALTHCHECK feature.

type HostConfig

type HostConfig struct {
	// Applicable to all platforms
	Binds           []string          // List of volume bindings for this container
	ContainerIDFile string            // File (path) where the containerId is written
	LogConfig       LogConfig         // Configuration of the logs for this container
	NetworkMode     NetworkMode       // Network mode to use for the container
	PortBindings    nat.PortMap       // Port mapping between the exposed port (container) and the host
	RestartPolicy   RestartPolicy     // Restart policy to be used for the container
	AutoRemove      bool              // Automatically remove container when it exits
	VolumeDriver    string            // Name of the volume driver used to mount volumes
	VolumesFrom     []string          // List of volumes to take from other container
	ConsoleSize     [2]uint           // Initial console size (height,width)
	Annotations     map[string]string `json:",omitempty"` // Arbitrary non-identifying metadata attached to container and provided to the runtime

	// Applicable to UNIX platforms
	CapAdd          strslice.StrSlice // List of kernel capabilities to add to the container
	CapDrop         strslice.StrSlice // List of kernel capabilities to remove from the container
	CgroupnsMode    CgroupnsMode      // Cgroup namespace mode to use for the container
	DNS             []string          `json:"Dns"`        // List of DNS server to lookup
	DNSOptions      []string          `json:"DnsOptions"` // List of DNSOption to look for
	DNSSearch       []string          `json:"DnsSearch"`  // List of DNSSearch to look for
	ExtraHosts      []string          // List of extra hosts
	GroupAdd        []string          // List of additional groups that the container process will run as
	IpcMode         IpcMode           // IPC namespace to use for the container
	Cgroup          CgroupSpec        // Cgroup to use for the container
	Links           []string          // List of links (in the name:alias form)
	OomScoreAdj     int               // Container preference for OOM-killing
	PidMode         PidMode           // PID namespace to use for the container
	Privileged      bool              // Is the container in privileged mode
	PublishAllPorts bool              // Should docker publish all exposed port for the container
	ReadonlyRootfs  bool              // Is the container root filesystem in read-only
	SecurityOpt     []string          // List of string values to customize labels for MLS systems, such as SELinux.
	StorageOpt      map[string]string `json:",omitempty"` // Storage driver options per container.
	Tmpfs           map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container
	UTSMode         UTSMode           // UTS namespace to use for the container
	UsernsMode      UsernsMode        // The user namespace to use for the container
	ShmSize         int64             // Total shm memory usage
	Sysctls         map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
	Runtime         string            `json:",omitempty"` // Runtime to use with this container

	// Applicable to Windows
	Isolation Isolation // Isolation technology of the container (e.g. default, hyperv)

	// Contains container's resources (cgroups, ulimits)
	Resources

	// Mounts specs used by the container
	Mounts []mount.Mount `json:",omitempty"`

	// MaskedPaths is the list of paths to be masked inside the container (this overrides the default set of paths)
	MaskedPaths []string

	// ReadonlyPaths is the list of paths to be set as read-only inside the container (this overrides the default set of paths)
	ReadonlyPaths []string

	// Run a custom init inside the container, if null, use the daemon's configured settings
	Init *bool `json:",omitempty"`
}

HostConfig the non-portable Config structure of a container. Here, "non-portable" means "dependent of the host we are running on". Portable information *should* appear in Config.

type IpcMode

type IpcMode string

IpcMode represents the container ipc stack.

const (
	IPCModeNone      IpcMode = "none"
	IPCModeHost      IpcMode = "host"
	IPCModeContainer IpcMode = "container"
	IPCModePrivate   IpcMode = "private"
	IPCModeShareable IpcMode = "shareable"
)

IpcMode constants

func (IpcMode) Container

func (n IpcMode) Container() (idOrName string)

Container returns the name of the container ipc stack is going to be used.

func (IpcMode) IsContainer

func (n IpcMode) IsContainer() bool

IsContainer indicates whether the container uses another container's ipc namespace.

func (IpcMode) IsEmpty

func (n IpcMode) IsEmpty() bool

IsEmpty indicates whether container IpcMode is empty

func (IpcMode) IsHost

func (n IpcMode) IsHost() bool

IsHost indicates whether the container shares the host's ipc namespace.

func (IpcMode) IsNone

func (n IpcMode) IsNone() bool

IsNone indicates whether container IpcMode is set to "none".

func (IpcMode) IsPrivate

func (n IpcMode) IsPrivate() bool

IsPrivate indicates whether the container uses its own private ipc namespace which can not be shared.

func (IpcMode) IsShareable

func (n IpcMode) IsShareable() bool

IsShareable indicates whether the container's ipc namespace can be shared with another container.

func (IpcMode) Valid

func (n IpcMode) Valid() bool

Valid indicates whether the ipc mode is valid.

type Isolation

type Isolation string

Isolation represents the isolation technology of a container. The supported values are platform specific

const (
	IsolationEmpty   Isolation = ""        // IsolationEmpty is unspecified (same behavior as default)
	IsolationDefault Isolation = "default" // IsolationDefault is the default isolation mode on current daemon
	IsolationProcess Isolation = "process" // IsolationProcess is process isolation mode
	IsolationHyperV  Isolation = "hyperv"  // IsolationHyperV is HyperV isolation mode
)

Isolation modes for containers

func (Isolation) IsDefault

func (i Isolation) IsDefault() bool

IsDefault indicates the default isolation technology of a container. On Linux this is the native driver. On Windows, this is a Windows Server Container.

func (Isolation) IsHyperV

func (i Isolation) IsHyperV() bool

IsHyperV indicates the use of a Hyper-V partition for isolation

func (Isolation) IsProcess

func (i Isolation) IsProcess() bool

IsProcess indicates the use of process isolation

func (Isolation) IsValid

func (i Isolation) IsValid() bool

IsValid indicates if an isolation technology is valid

type LogConfig

type LogConfig struct {
	Type   string
	Config map[string]string
}

LogConfig represents the logging configuration of the container.

type LogMode

type LogMode string

LogMode is a type to define the available modes for logging These modes affect how logs are handled when log messages start piling up.

const (
	LogModeUnset    LogMode = ""
	LogModeBlocking LogMode = "blocking"
	LogModeNonBlock LogMode = "non-blocking"
)

Available logging modes

type NetworkMode

type NetworkMode string

NetworkMode represents the container network stack.

func (NetworkMode) ConnectedContainer

func (n NetworkMode) ConnectedContainer() (idOrName string)

ConnectedContainer is the id of the container which network this container is connected to.

func (NetworkMode) IsBridge

func (n NetworkMode) IsBridge() bool

IsBridge indicates whether container uses the bridge network stack

func (NetworkMode) IsContainer

func (n NetworkMode) IsContainer() bool

IsContainer indicates whether container uses a container network stack.

func (NetworkMode) IsDefault

func (n NetworkMode) IsDefault() bool

IsDefault indicates whether container uses the default network stack.

func (NetworkMode) IsHost

func (n NetworkMode) IsHost() bool

IsHost indicates whether container uses the host network stack.

func (NetworkMode) IsNone

func (n NetworkMode) IsNone() bool

IsNone indicates whether container isn't using a network stack.

func (NetworkMode) IsPrivate

func (n NetworkMode) IsPrivate() bool

IsPrivate indicates whether container uses its private network stack.

func (NetworkMode) IsUserDefined

func (n NetworkMode) IsUserDefined() bool

IsUserDefined indicates user-created network

func (NetworkMode) NetworkName

func (n NetworkMode) NetworkName() string

NetworkName returns the name of the network stack.

func (NetworkMode) UserDefined

func (n NetworkMode) UserDefined() string

UserDefined indicates user-created network

type PidMode

type PidMode string

PidMode represents the pid namespace of the container.

func (PidMode) Container

func (n PidMode) Container() (idOrName string)

Container returns the name of the container whose pid namespace is going to be used.

func (PidMode) IsContainer

func (n PidMode) IsContainer() bool

IsContainer indicates whether the container uses a container's pid namespace.

func (PidMode) IsHost

func (n PidMode) IsHost() bool

IsHost indicates whether the container uses the host's pid namespace.

func (PidMode) IsPrivate

func (n PidMode) IsPrivate() bool

IsPrivate indicates whether the container uses its own new pid namespace.

func (PidMode) Valid

func (n PidMode) Valid() bool

Valid indicates whether the pid namespace is valid.

type Resources

type Resources struct {
	// Applicable to all platforms
	CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
	Memory    int64 // Memory limit (in bytes)
	NanoCPUs  int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs.

	// Applicable to UNIX platforms
	CgroupParent         string // Parent cgroup.
	BlkioWeight          uint16 // Block IO weight (relative weight vs. other containers)
	BlkioWeightDevice    []*blkiodev.WeightDevice
	BlkioDeviceReadBps   []*blkiodev.ThrottleDevice
	BlkioDeviceWriteBps  []*blkiodev.ThrottleDevice
	BlkioDeviceReadIOps  []*blkiodev.ThrottleDevice
	BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice
	CPUPeriod            int64           `json:"CpuPeriod"`          // CPU CFS (Completely Fair Scheduler) period
	CPUQuota             int64           `json:"CpuQuota"`           // CPU CFS (Completely Fair Scheduler) quota
	CPURealtimePeriod    int64           `json:"CpuRealtimePeriod"`  // CPU real-time period
	CPURealtimeRuntime   int64           `json:"CpuRealtimeRuntime"` // CPU real-time runtime
	CpusetCpus           string          // CpusetCpus 0-2, 0,1
	CpusetMems           string          // CpusetMems 0-2, 0,1
	Devices              []DeviceMapping // List of devices to map inside the container
	DeviceCgroupRules    []string        // List of rule to be added to the device cgroup
	DeviceRequests       []DeviceRequest // List of device requests for device drivers

	// KernelMemory specifies the kernel memory limit (in bytes) for the container.
	// Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes.
	KernelMemory      int64           `json:",omitempty"`
	KernelMemoryTCP   int64           `json:",omitempty"` // Hard limit for kernel TCP buffer memory (in bytes)
	MemoryReservation int64           // Memory soft limit (in bytes)
	MemorySwap        int64           // Total memory usage (memory + swap); set `-1` to enable unlimited swap
	MemorySwappiness  *int64          // Tuning container memory swappiness behaviour
	OomKillDisable    *bool           // Whether to disable OOM Killer or not
	PidsLimit         *int64          // Setting PIDs limit for a container; Set `0` or `-1` for unlimited, or `null` to not change.
	Ulimits           []*units.Ulimit // List of ulimits to be set in the container

	// Applicable to Windows
	CPUCount           int64  `json:"CpuCount"`   // CPU count
	CPUPercent         int64  `json:"CpuPercent"` // CPU percent
	IOMaximumIOps      uint64 // Maximum IOps for the container system drive
	IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive
}

Resources contains container's resources (cgroups config, ulimits...)

type RestartPolicy

type RestartPolicy struct {
	Name              string
	MaximumRetryCount int
}

RestartPolicy represents the restart policies of the container.

func (*RestartPolicy) IsAlways

func (rp *RestartPolicy) IsAlways() bool

IsAlways indicates whether the container has the "always" restart policy. This means the container will automatically restart regardless of the exit status.

func (*RestartPolicy) IsNone

func (rp *RestartPolicy) IsNone() bool

IsNone indicates whether the container has the "no" restart policy. This means the container will not automatically restart when exiting.

func (*RestartPolicy) IsOnFailure

func (rp *RestartPolicy) IsOnFailure() bool

IsOnFailure indicates whether the container has the "on-failure" restart policy. This means the container will automatically restart of exiting with a non-zero exit status.

func (*RestartPolicy) IsSame

func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool

IsSame compares two RestartPolicy to see if they are the same

func (*RestartPolicy) IsUnlessStopped

func (rp *RestartPolicy) IsUnlessStopped() bool

IsUnlessStopped indicates whether the container has the "unless-stopped" restart policy. This means the container will automatically restart unless user has put it to stopped state.

type StopOptions

type StopOptions struct {
	// Signal (optional) is the signal to send to the container to (gracefully)
	// stop it before forcibly terminating the container with SIGKILL after the
	// timeout expires. If not value is set, the default (SIGTERM) is used.
	Signal string `json:",omitempty"`

	// Timeout (optional) is the timeout (in seconds) to wait for the container
	// to stop gracefully before forcibly terminating it with SIGKILL.
	//
	// - Use nil to use the default timeout (10 seconds).
	// - Use '-1' to wait indefinitely.
	// - Use '0' to not wait for the container to exit gracefully, and
	//   immediately proceeds to forcibly terminating the container.
	// - Other positive values are used as timeout (in seconds).
	Timeout *int `json:",omitempty"`
}

StopOptions holds the options to stop or restart a container.

type UTSMode

type UTSMode string

UTSMode represents the UTS namespace of the container.

func (UTSMode) IsHost

func (n UTSMode) IsHost() bool

IsHost indicates whether the container uses the host's UTS namespace.

func (UTSMode) IsPrivate

func (n UTSMode) IsPrivate() bool

IsPrivate indicates whether the container uses its private UTS namespace.

func (UTSMode) Valid

func (n UTSMode) Valid() bool

Valid indicates whether the UTS namespace is valid.

type UpdateConfig

type UpdateConfig struct {
	// Contains container's resources (cgroups, ulimits)
	Resources
	RestartPolicy RestartPolicy
}

UpdateConfig holds the mutable attributes of a Container. Those attributes can be updated at runtime.

type UsernsMode

type UsernsMode string

UsernsMode represents userns mode in the container.

func (UsernsMode) IsHost

func (n UsernsMode) IsHost() bool

IsHost indicates whether the container uses the host's userns.

func (UsernsMode) IsPrivate

func (n UsernsMode) IsPrivate() bool

IsPrivate indicates whether the container uses the a private userns.

func (UsernsMode) Valid

func (n UsernsMode) Valid() bool

Valid indicates whether the userns is valid.

type WaitCondition

type WaitCondition string

WaitCondition is a type used to specify a container state for which to wait.

const (
	WaitConditionNotRunning WaitCondition = "not-running"
	WaitConditionNextExit   WaitCondition = "next-exit"
	WaitConditionRemoved    WaitCondition = "removed"
)

Possible WaitCondition Values.

WaitConditionNotRunning (default) is used to wait for any of the non-running states: "created", "exited", "dead", "removing", or "removed".

WaitConditionNextExit is used to wait for the next time the state changes to a non-running state. If the state is currently "created" or "exited", this would cause Wait() to block until either the container runs and exits or is removed.

WaitConditionRemoved is used to wait for the container to be removed.

type WaitExitError

type WaitExitError struct {

	// Details of an error
	Message string `json:"Message,omitempty"`
}

WaitExitError container waiting error, if any swagger:model WaitExitError

type WaitResponse

type WaitResponse struct {

	// error
	Error *WaitExitError `json:"Error,omitempty"`

	// Exit code of the container
	// Required: true
	StatusCode int64 `json:"StatusCode"`
}

WaitResponse ContainerWaitResponse

OK response to ContainerWait operation swagger:model WaitResponse

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL