Documentation
¶
Index ¶
- Constants
- Variables
- func ConfigDevices(ds []*Device) []*configs.Device
- type ActiveJob
- type AttachFlag
- type AttachReq
- type Command
- type ContainerConfig
- type Device
- type DiscoverdConfig
- type Event
- type HealthCheck
- type Host
- type HostStatus
- type Job
- type JobEventType
- type JobProfile
- type JobResources
- type JobStatus
- type LogBuffer
- type LogBuffers
- type Mount
- type Mountspec
- type MountspecType
- type NetworkConfig
- type Port
- type ResourceCheck
- type Service
- type VolumeBinding
Constants ¶
View Source
const ( AttachSuccess byte = iota AttachWaiting AttachError AttachData AttachSignal AttachExit AttachResize )
View Source
const DiffPath = "/.container-diff"
View Source
const TagPrefix = "tag:"
TagPrefix is the prefix added to tags in discoverd instance metadata
Variables ¶
View Source
var ( ErrJobNotRunning = errors.New("host: job not running") ErrAttached = errors.New("host: job is attached") )
View Source
var DefaultAllowedDevices = fromConfigDevices(configs.DefaultAllowedDevices)
DefaultAllowedDevices is the default list of devices containers are allowed to access
View Source
var DefaultAutoCreatedDevices = fromConfigDevices(configs.DefaultAllowedDevices)
DefaultAutoCreatedDevices is the default list of devices created inside containers
View Source
var DefaultCapabilities = []string{
"CAP_NET_RAW",
"CAP_NET_BIND_SERVICE",
"CAP_AUDIT_READ",
"CAP_AUDIT_WRITE",
"CAP_DAC_OVERRIDE",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_SETGID",
"CAP_SETUID",
"CAP_MKNOD",
"CAP_CHOWN",
"CAP_FOWNER",
"CAP_FSETID",
"CAP_KILL",
"CAP_SYS_CHROOT",
}
DefaultCapabilities is the default list of capabilities which are set inside a container, taken from: https://github.com/opencontainers/runc/blob/v1.0.0-rc8/libcontainer/SPEC.md#security
Functions ¶
func ConfigDevices ¶
Types ¶
type ActiveJob ¶
type ActiveJob struct {
Job *Job `json:"job,omitempty"`
HostID string `json:"host_id,omitempty"`
InternalIP string `json:"internal_ip,omitempty"`
PID *int `json:"pid,omitempty"`
ForceStop bool `json:"force_stop,omitempty"`
Status JobStatus `json:"status,omitempty"`
CreatedAt time.Time `json:"created_at,omitempty"`
StartedAt time.Time `json:"started_at,omitempty"`
EndedAt time.Time `json:"ended_at,omitempty"`
ExitStatus *int `json:"exit_status,omitempty"`
Error *string `json:"error,omitempty"`
}
type AttachFlag ¶
type AttachFlag uint8
const ( AttachFlagStdout AttachFlag = 1 << iota AttachFlagStderr AttachFlagStdin AttachFlagLogs AttachFlagStream AttachFlagInitLog )
type AttachReq ¶
type AttachReq struct {
JobID string `json:"job_id,omitempty"`
Flags AttachFlag `json:"flags,omitempty"`
Height uint16 `json:"height,omitempty"`
Width uint16 `json:"width,omitempty"`
}
type ContainerConfig ¶
type ContainerConfig struct {
Args []string `json:"args,omitempty"`
TTY bool `json:"tty,omitempty"`
Stdin bool `json:"stdin,omitempty"`
Data bool `json:"data,omitempty"`
Env map[string]string `json:"env,omitempty"`
Mounts []Mount `json:"mounts,omitempty"`
Volumes []VolumeBinding `json:"volumes,omitempty"`
Ports []Port `json:"ports,omitempty"`
WorkingDir string `json:"working_dir,omitempty"`
Uid *uint32 `json:"uid,omitempty"`
Gid *uint32 `json:"gid,omitempty"`
HostNetwork bool `json:"host_network,omitempty"`
HostPIDNamespace bool `json:"host_pid_namespace,omitempty"`
DisableLog bool `json:"disable_log,omitempty"`
LinuxCapabilities *[]string `json:"linux_capabilities,omitempty"`
AllowedDevices *[]*Device `json:"allowed_devices,omitempty"`
AutoCreatedDevices *[]*Device `json:"auto_created_devices,omitempty"`
WriteableCgroups bool `json:"writeable_cgroups,omitempty"`
}
func (ContainerConfig) Merge ¶
func (x ContainerConfig) Merge(y ContainerConfig) ContainerConfig
Apply 'y' to 'x', returning a new structure. 'y' trumps.
type Device ¶
type Device struct {
// Device type, block, char, etc.
Type rune `json:"type"`
// Path to the device.
Path string `json:"path"`
// Major is the device's major number.
Major int64 `json:"major"`
// Minor is the device's minor number.
Minor int64 `json:"minor"`
// Cgroup permissions format, rwm.
Permissions string `json:"permissions"`
// FileMode permission bits for the device.
FileMode os.FileMode `json:"file_mode"`
// Uid of the device.
Uid uint32 `json:"uid"`
// Gid of the device.
Gid uint32 `json:"gid"`
// Write the file to the allowed list
Allow bool `json:"allow"`
}
type DiscoverdConfig ¶
type Event ¶
type Event struct {
Event JobEventType `json:"event,omitempty"`
JobID string `json:"job_id,omitempty"`
Job *ActiveJob `json:"job,omitempty"`
}
type HealthCheck ¶
type HealthCheck struct {
// Type is one of tcp, http, https
Type string `json:"type,omitempty"`
// Interval is the time to wait between checks after the service has been
// marked as up. It defaults to two seconds.
Interval time.Duration `json:"interval,omitempty"`
// Threshold is the number of consecutive checks of the same status before
// a service will be marked as up or down after coming up for the first
// time. It defaults to 2.
Threshold int `json:"threshold,omitempty"`
// If KillDown is true, the job will be killed if the service goes down (or
// does not come up)
KillDown bool `json:"kill_down,omitempty"`
// StartTimeout is the maximum duration that a service can take to come up
// for the first time if KillDown is true. It defaults to ten seconds.
StartTimeout time.Duration `json:"start_timeout,omitempty"`
// Extra optional config fields for http/https checks
Path string `json:"path,omitempty"`
Host string `json:"host,omitempty"`
Match string `json:"match,omitempty"`
Status int `json:"status,omitempty"`
}
type HostStatus ¶
type HostStatus struct {
ID string `json:"id"`
Tags map[string]string `json:"tags,omitempty"`
PID int `json:"pid"`
URL string `json:"url"`
Discoverd *DiscoverdConfig `json:"discoverd,omitempty"`
Network *NetworkConfig `json:"network,omitempty"`
Version string `json:"version"`
Flags []string `json:"flags"`
}
type Job ¶
type Job struct {
ID string `json:"id,omitempty"`
Mountspecs []*Mountspec `json:"mountspecs,omitempty"`
Metadata map[string]string `json:"metadata,omitempty"`
Resources resource.Resources `json:"resources,omitempty"`
Partition string `json:"partition,omitempty"`
Config ContainerConfig `json:"config,omitempty"`
// If Resurrect is true, the host service will attempt to start the job when
// starting after stopping (via crash or shutdown) with the job running.
Resurrect bool `json:"resurrect,omitempty"`
Profiles []JobProfile `json:"profiles,omitempty"`
}
type JobEventType ¶
type JobEventType string
const ( JobEventCreate JobEventType = "create" JobEventStart JobEventType = "start" JobEventStop JobEventType = "stop" JobEventError JobEventType = "error" JobEventCleanup JobEventType = "cleanup" )
type JobProfile ¶
type JobProfile string
const ( JobProfileZFS JobProfile = "zfs" JobProfileKVM JobProfile = "kvm" JobProfileLoop JobProfile = "loop" )
type JobResources ¶
type JobResources struct {
Memory int `json:"memory,omitempty"` // in KiB
}
type LogBuffers ¶
type MountspecType ¶
type MountspecType string
const MountspecTypeSquashfs MountspecType = "squashfs"
type NetworkConfig ¶
type ResourceCheck ¶
type ResourceCheck struct {
Ports []Port `json:"ports,omitempty"`
}
type Service ¶
type Service struct {
Name string `json:"name,omitempty"`
// Create the service in service discovery
Create bool `json:"create,omitempty"`
Check *HealthCheck `json:"check,omitempty"`
}
type VolumeBinding ¶
type VolumeBinding struct {
// Target defines the filesystem path inside the container where the volume will be mounted.
Target string `json:"target"`
// VolumeID can be thought of as the source path if this were a simple bind-mount. It is resolved by a VolumeManager.
VolumeID string `json:"volume"`
Writeable bool `json:"writeable"`
DeleteOnStop bool `json:"delete_on_stop"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.