virtcontainers

package
v0.0.0-...-c25372c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 25, 2024 License: Apache-2.0, Apache-2.0 Imports: 77 Imported by: 0

README

Table of Contents

What is it?

virtcontainers is a Go library that can be used to build hardware-virtualized container runtimes.

Background

The few existing VM-based container runtimes (Clear Containers, runV, rkt's KVM stage 1) all share the same hardware virtualization semantics but use different code bases to implement them. virtcontainers's goal is to factorize this code into a common Go library.

Ideally, VM-based container runtime implementations would become translation layers from the runtime specification they implement (e.g. the OCI runtime-spec or the Kubernetes CRI) to the virtcontainers API.

virtcontainers was used as a foundational package for the Clear Containers runtime implementation.

Out of scope

Implementing a container runtime is out of scope for this project. Any tools or executables in this repository are only provided for demonstration or testing purposes.

virtcontainers and Kubernetes CRI

virtcontainers's API is loosely inspired by the Kubernetes CRI because we believe it provides the right level of abstractions for containerized sandboxes. However, despite the API similarities between the two projects, the goal of virtcontainers is not to build a CRI implementation, but instead to provide a generic, runtime-specification agnostic, hardware-virtualized containers library that other projects could leverage to implement CRI themselves.

Design

Sandboxes

The virtcontainers execution unit is a sandbox, i.e. virtcontainers users start sandboxes where containers will be running.

virtcontainers creates a sandbox by starting a virtual machine and setting the sandbox up within that environment. Starting a sandbox means launching all containers with the VM sandbox runtime environment.

Hypervisors

The virtcontainers package relies on hypervisors to start and stop virtual machine where sandboxes will be running. An hypervisor is defined by an Hypervisor interface implementation, and the default implementation is the QEMU one.

Update cloud-hypervisor client code

See docs

Agents

During the lifecycle of a container, the runtime running on the host needs to interact with the virtual machine guest OS in order to start new commands to be executed as part of a given container workload, set new networking routes or interfaces, fetch a container standard or error output, and so on. There are many existing and potential solutions to resolve that problem and virtcontainers abstracts this through the Agent interface.

Shim

In some cases the runtime will need a translation shim between the higher level container stack (e.g. Docker) and the virtual machine holding the container workload. This is needed for container stacks that make strong assumptions on the nature of the container they're monitoring. In cases where they assume containers are simply regular host processes, a shim layer is needed to translate host specific semantics into e.g. agent controlled virtual machine ones.

Proxy

When hardware virtualized containers have limited I/O multiplexing capabilities, runtimes may decide to rely on an external host proxy to support cases where several runtime instances are talking to the same container.

API

The high level virtcontainers API is the following one:

Sandbox API

  • CreateSandbox(sandboxConfig SandboxConfig) creates a Sandbox. The virtual machine is started and the Sandbox is prepared.

  • DeleteSandbox(sandboxID string) deletes a Sandbox. The virtual machine is shut down and all information related to the Sandbox are removed. The function will fail if the Sandbox is running. In that case StopSandbox() has to be called first.

  • StartSandbox(sandboxID string) starts an already created Sandbox. The Sandbox and all its containers are started.

  • RunSandbox(sandboxConfig SandboxConfig) creates and starts a Sandbox. This performs CreateSandbox() + StartSandbox().

  • StopSandbox(sandboxID string) stops an already running Sandbox. The Sandbox and all its containers are stopped.

  • PauseSandbox(sandboxID string) pauses an existing Sandbox.

  • ResumeSandbox(sandboxID string) resume a paused Sandbox.

  • StatusSandbox(sandboxID string) returns a detailed Sandbox status.

  • ListSandbox() lists all Sandboxes on the host. It returns a detailed status for every Sandbox.

Container API

  • CreateContainer(sandboxID string, containerConfig ContainerConfig) creates a Container on an existing Sandbox.

  • DeleteContainer(sandboxID, containerID string) deletes a Container from a Sandbox. If the Container is running it has to be stopped first.

  • StartContainer(sandboxID, containerID string) starts an already created Container. The Sandbox has to be running.

  • StopContainer(sandboxID, containerID string) stops an already running Container.

  • EnterContainer(sandboxID, containerID string, cmd Cmd) enters an already running Container and runs a given command.

  • StatusContainer(sandboxID, containerID string) returns a detailed Container status.

  • KillContainer(sandboxID, containerID string, signal syscall.Signal, all bool) sends a signal to all or one container inside a Sandbox.

An example tool using the virtcontainers API is provided in the hack/virtc package.

For further details, see the API documentation.

Networking

virtcontainers supports the 2 major container networking models: the Container Network Model (CNM) and the Container Network Interface (CNI).

Typically the former is the Docker default networking model while the later is used on Kubernetes deployments.

CNM

High-level CNM Diagram

CNM lifecycle

  1. RequestPool

  2. CreateNetwork

  3. RequestAddress

  4. CreateEndPoint

  5. CreateContainer

  6. Create config.json

  7. Create PID and network namespace

  8. ProcessExternalKey

  9. JoinEndPoint

  10. LaunchContainer

  11. Launch

  12. Run container

Detailed CNM Diagram

Runtime network setup with CNM

  1. Read config.json

  2. Create the network namespace (code)

  3. Call the prestart hook (from inside the netns) (code)

  4. Scan network interfaces inside netns and get the name of the interface created by prestart hook (code)

  5. Create bridge, TAP, and link all together with network interface previously created (code)

  6. Start VM inside the netns and start the container (code)

Drawbacks of CNM

There are three drawbacks about using CNM instead of CNI:

  • The way we call into it is not very explicit: Have to re-exec dockerd binary so that it can accept parameters and execute the prestart hook related to network setup.
  • Implicit way to designate the network namespace: Instead of explicitly giving the netns to dockerd, we give it the PID of our runtime so that it can find the netns from this PID. This means we have to make sure being in the right netns while calling the hook, otherwise the VETH pair will be created with the wrong netns.
  • No results are back from the hook: We have to scan the network interfaces to discover which one has been created inside the netns. This introduces more latency in the code because it forces us to scan the network in the CreateSandbox path, which is critical for starting the VM as quick as possible.

Storage

Container workloads are shared with the virtualized environment through 9pfs. The devicemapper storage driver is a special case. The driver uses dedicated block devices rather than formatted filesystems, and operates at the block level rather than the file level. This knowledge has been used to directly use the underlying block device instead of the overlay file system for the container root file system. The block device maps to the top read-write layer for the overlay. This approach gives much better I/O performance compared to using 9pfs to share the container file system.

The approach above does introduce a limitation in terms of dynamic file copy in/out of the container via docker cp operations. The copy operation from host to container accesses the mounted file system on the host side. This is not expected to work and may lead to inconsistencies as the block device will be simultaneously written to, from two different mounts. The copy operation from container to host will work, provided the user calls sync(1) from within the container prior to the copy to make sure any outstanding cached data is written to the block device.

docker cp [OPTIONS] CONTAINER:SRC_PATH HOST:DEST_PATH
docker cp [OPTIONS] HOST:SRC_PATH CONTAINER:DEST_PATH

Ability to hotplug block devices has been added, which makes it possible to use block devices for containers started after the VM has been launched.

How to check if container uses devicemapper block device as its rootfs

Start a container. Call mount(8) within the container. You should see / mounted on /dev/vda device.

Devices

Support has been added to pass VFIO assigned devices on the docker command line with --device. Support for passing other devices including block devices with --device has not been added added yet.

How to pass a device using VFIO-passthrough

  1. Requirements

IOMMU group represents the smallest set of devices for which the IOMMU has visibility and which is isolated from other groups. VFIO uses this information to enforce safe ownership of devices for userspace.

You will need Intel VT-d capable hardware. Check if IOMMU is enabled in your host kernel by verifying CONFIG_VFIO_NOIOMMU is not in the kernel configuration. If it is set, you will need to rebuild your kernel.

The following kernel configuration options need to be enabled:

CONFIG_VFIO_IOMMU_TYPE1=m 
CONFIG_VFIO=m
CONFIG_VFIO_PCI=m

In addition, you need to pass intel_iommu=on on the kernel command line.

  1. Identify BDF(Bus-Device-Function) of the PCI device to be assigned.
$ lspci -D | grep -e Ethernet -e Network
0000:01:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01)

$ BDF=0000:01:00.0
  1. Find vendor and device id.
$ lspci -n -s $BDF
01:00.0 0200: 8086:1528 (rev 01)
  1. Find IOMMU group.
$ readlink /sys/bus/pci/devices/$BDF/iommu_group
../../../../kernel/iommu_groups/16
  1. Unbind the device from host driver.
$ echo $BDF | sudo tee /sys/bus/pci/devices/$BDF/driver/unbind
  1. Bind the device to vfio-pci.
$ sudo modprobe vfio-pci
$ echo 8086 1528 | sudo tee /sys/bus/pci/drivers/vfio-pci/new_id
$ echo $BDF | sudo tee --append /sys/bus/pci/drivers/vfio-pci/bind
  1. Check /dev/vfio
$ ls /dev/vfio
16 vfio
  1. Start a Clear Containers container passing the VFIO group on the docker command line.
docker run -it --device=/dev/vfio/16 centos/tools bash
  1. Running lspci within the container should show the device among the PCI devices. The driver for the device needs to be present within the Clear Containers kernel. If the driver is missing, you can add it to your custom container kernel using the osbuilder tooling.

Developers

For information on how to build, develop and test virtcontainers, see the developer documentation.

Persistent storage plugin support

See the persistent storage plugin documentation.

Experimental features

See the experimental features documentation.

Documentation

Overview

Package virtcontainers manages hardware virtualized containers. Each container belongs to a set of containers sharing the same networking namespace and storage, also known as a sandbox.

Virtcontainers sandboxes are hardware virtualized, i.e. they run on virtual machines. Virtcontainers will create one VM per sandbox, and containers will be created as processes within the sandbox VM.

The virtcontainers package manages both sandboxes and containers lifecycles.

Example (CreateAndStartSandbox)

This example creates and starts a single container sandbox, using qemu as the hypervisor and kata as the VM agent.

package main

import (
	"context"
	"fmt"
	"strings"

	vc "github.com/hfyeh/runtime/virtcontainers"
	"github.com/hfyeh/runtime/virtcontainers/types"
)

var containerRootfs = vc.RootFs{Target: "/var/lib/container/bundle/", Mounted: true}

// This example creates and starts a single container sandbox,
// using qemu as the hypervisor and kata as the VM agent.
func main() {
	envs := []types.EnvVar{
		{
			Var:   "PATH",
			Value: "/bin:/usr/bin:/sbin:/usr/sbin",
		},
	}

	cmd := types.Cmd{
		Args:    strings.Split("/bin/sh", " "),
		Envs:    envs,
		WorkDir: "/",
	}

	// Define the container command and bundle.
	container := vc.ContainerConfig{
		ID:     "1",
		RootFs: containerRootfs,
		Cmd:    cmd,
	}

	// Sets the hypervisor configuration.
	hypervisorConfig := vc.HypervisorConfig{
		KernelPath:     "/usr/share/kata-containers/vmlinux.container",
		ImagePath:      "/usr/share/kata-containers/kata-containers.img",
		HypervisorPath: "/usr/bin/qemu-system-x86_64",
		MemorySize:     1024,
	}

	// Use kata default values for the agent.
	agConfig := vc.KataAgentConfig{}

	// The sandbox configuration:
	// - One container
	// - Hypervisor is QEMU
	// - Agent is kata
	sandboxConfig := vc.SandboxConfig{
		HypervisorType:   vc.QemuHypervisor,
		HypervisorConfig: hypervisorConfig,

		AgentType:   vc.KataContainersAgent,
		AgentConfig: agConfig,

		Containers: []vc.ContainerConfig{container},
	}

	_, err := vc.RunSandbox(context.Background(), sandboxConfig, nil)
	if err != nil {
		fmt.Printf("Could not run sandbox: %s", err)
	}
}
Output:

Index

Examples

Constants

View Source
const (
	// NoopAgentType is the No-Op agent.
	NoopAgentType AgentType = "noop"

	// KataContainersAgent is the Kata Containers agent.
	KataContainersAgent AgentType = "kata"

	// SocketTypeVSOCK is a VSOCK socket type for talking to an agent.
	SocketTypeVSOCK = "vsock"

	// SocketTypeUNIX is a UNIX socket type for talking to an agent.
	// It typically means the agent is living behind a host proxy.
	SocketTypeUNIX = "unix"
)
View Source
const (
	// KataEphemeralDevType creates a tmpfs backed volume for sharing files between containers.
	KataEphemeralDevType = "ephemeral"

	// KataLocalDevType creates a local directory inside the VM for sharing files between
	// containers.
	KataLocalDevType = "local"
)
View Source
const (
	// QemuPCLite is the QEMU pc-lite machine type for amd64
	QemuPCLite = "pc-lite"

	// QemuPC is the QEMU pc machine type for amd64
	QemuPC = "pc"

	// QemuQ35 is the QEMU Q35 machine type for amd64
	QemuQ35 = "q35"

	// QemuMicrovm is the QEMU microvm machine type for amd64
	QemuMicrovm = "microvm"

	// QemuVirt is the QEMU virt machine type for aarch64 or amd64
	QemuVirt = "virt"

	// QemuPseries is a QEMU virt machine type for ppc64le
	QemuPseries = "pseries"

	// QemuCCWVirtio is a QEMU virt machine type for for s390x
	QemuCCWVirtio = "s390-ccw-virtio"
)
View Source
const (
	DefaultMonitorCheckInterval = 1 * time.Second
)
View Source
const DefaultShmSize = 65536 * 1024

DefaultShmSize is the default shm size to be used in case host IPC is used.

View Source
const (

	// DirMode is the permission bits used for creating a directory
	DirMode = os.FileMode(0750) | os.ModeDir
)
View Source
const (
	// K8sEmptyDir is the k8s specific path for `empty-dir` volumes
	K8sEmptyDir = "kubernetes.io~empty-dir"
)
View Source
const UUIDBusy = 1

UUIDBusy marks a particular UUID as busy

View Source
const UUIDFree = 0

UUIDFree marks a particular UUID as free

View Source
const (
	UUIDPathSuffix = "uuid"
)

UUIDPathSuffix is the suffix used for uuid storage

View Source
const UmountNoFollow = 0x8

Sadly golang/sys doesn't have UmountNoFollow although it's there since Linux 2.6.34

Variables

View Source
var AcrnBlkDevPoolSz = 8

AcrnBlkDevPoolSz defines the number of dummy virtio-blk device that will be created for hot-plugging container rootfs. Since acrn doesn't support hot-plug, dummy virtio-blk devices are added and later replaced with container-rootfs.

View Source
var AcrnBlkdDevSlot = make([]int, AcrnBlkDevPoolSz+1)

AcrnBlkdDevSlot array provides translation between the vitio-blk device index and slot it is currently attached. Allocating extra 1 to accommodate for VM rootfs which is at driveIndex 0

View Source
var DefaultNetInterworkingModel = NetXConnectTCFilterModel

DefaultNetInterworkingModel is a package level default that determines how the VM should be connected to the the container network interface

View Source
var (
	GuestDNSFile = "/etc/resolv.conf"
)

Functions

func AddDevice

func AddDevice(ctx context.Context, sandboxID string, info deviceConfig.DeviceInfo) (deviceApi.Device, error)

AddDevice will add a device to sandbox

func AddInterface

func AddInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)

AddInterface is the virtcontainers add interface entry point.

func CleanupContainer

func CleanupContainer(ctx context.Context, sandboxID, containerID string, force bool) error

CleanupContaienr is used by shimv2 to stop and delete a container exclusively, once there is no container in the sandbox left, do stop the sandbox and delete it. Those serial operations will be done exclusively by locking the sandbox.

func CreateContainer

func CreateContainer(ctx context.Context, sandboxID string, containerConfig ContainerConfig) (VCSandbox, VCContainer, error)

CreateContainer is the virtcontainers container creation entry point. CreateContainer creates a container on a given sandbox.

func EnterContainer

func EnterContainer(ctx context.Context, sandboxID, containerID string, cmd types.Cmd) (VCSandbox, VCContainer, *Process, error)

EnterContainer is the virtcontainers container command execution entry point. EnterContainer enters an already running container and runs a given command.

func IsDockerVolume

func IsDockerVolume(path string) bool

IsDockerVolume returns true if the given source path is a docker volume. This uses a very specific path that is used by docker.

func IsEphemeralStorage

func IsEphemeralStorage(path string) bool

IsEphemeralStorage returns true if the given path to the storage belongs to kubernetes ephemeral storage

This method depends on a specific path used by k8s to detect if it's of type ephemeral. As of now, this is a very k8s specific solution that works but in future there should be a better way for this method to determine if the path is for ephemeral volume type

func Isk8sHostEmptyDir

func Isk8sHostEmptyDir(path string) bool

Isk8sHostEmptyDir returns true if the given path to the storage belongs to kubernetes empty-dir of medium "default" i.e volumes that are directories on the host.

func KataAgentSetDefaultTraceConfigOptions

func KataAgentSetDefaultTraceConfigOptions(config *KataAgentConfig) error

KataAgentSetDefaultTraceConfigOptions validates agent trace options and sets defaults.

func KillContainer

func KillContainer(ctx context.Context, sandboxID, containerID string, signal syscall.Signal, all bool) error

KillContainer is the virtcontainers entry point to send a signal to a container running inside a sandbox. If all is true, all processes in the container will be sent the signal.

func LaunchAcrn

func LaunchAcrn(config Config, logger *logrus.Entry) (int, string, error)

LaunchAcrn can be used to launch a new acrn instance.

The Config parameter contains a set of acrn parameters and settings.

This function writes its log output via logger parameter.

func LaunchCustomAcrn

func LaunchCustomAcrn(ctx context.Context, path string, params []string,
	logger *logrus.Entry) (int, string, error)

LaunchCustomAcrn can be used to launch a new acrn instance.

The path parameter is used to pass the acrn executable path.

params is a slice of options to pass to acrn-dm

This function writes its log output via logger parameter.

func ListInterfaces

func ListInterfaces(ctx context.Context, sandboxID string) ([]*vcTypes.Interface, error)

ListInterfaces is the virtcontainers list interfaces entry point.

func ListRoutes

func ListRoutes(ctx context.Context, sandboxID string) ([]*vcTypes.Route, error)

ListRoutes is the virtcontainers list routes entry point.

func MaxAcrnVCPUs

func MaxAcrnVCPUs() uint32

MaxAcrnVCPUs returns the maximum number of vCPUs supported

func MaxQemuVCPUs

func MaxQemuVCPUs() uint32

MaxQemuVCPUs returns the maximum number of vCPUs supported

func PauseContainer

func PauseContainer(ctx context.Context, sandboxID, containerID string) error

PauseContainer is the virtcontainers container pause entry point.

func RemoveInterface

func RemoveInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)

RemoveInterface is the virtcontainers remove interface entry point.

func ResumeContainer

func ResumeContainer(ctx context.Context, sandboxID, containerID string) error

ResumeContainer is the virtcontainers container resume entry point.

func RunningOnVMM

func RunningOnVMM(cpuInfoPath string) (bool, error)

RunningOnVMM checks if the system is running inside a VM.

func SerializeParams

func SerializeParams(params []Param, delim string) []string

SerializeParams converts []Param to []string

func SetLogger

func SetLogger(ctx context.Context, logger *logrus.Entry)

SetLogger sets the logger for virtcontainers package.

func StatsSandbox

func StatsSandbox(ctx context.Context, sandboxID string) (SandboxStats, []ContainerStats, error)

StatsSandbox is the virtcontainers sandbox stats entry point. StatsSandbox returns a detailed sandbox stats.

func UpdateContainer

func UpdateContainer(ctx context.Context, sandboxID, containerID string, resources specs.LinuxResources) error

UpdateContainer is the virtcontainers entry point to update container's resources.

func UpdateRoutes

func UpdateRoutes(ctx context.Context, sandboxID string, routes []*vcTypes.Route) ([]*vcTypes.Route, error)

UpdateRoutes is the virtcontainers update routes entry point.

func V1Constraints

func V1Constraints() ([]cgroups.Subsystem, error)

V1Constraints returns the cgroups that are compatible with the VC architecture and hypervisor, constraints can be applied to these cgroups.

func V1NoConstraints

func V1NoConstraints() ([]cgroups.Subsystem, error)

V1NoConstraints returns the cgroups that are *not* compatible with the VC architecture and hypervisor, constraints MUST NOT be applied to these cgroups.

Types

type Acrn

type Acrn struct {
	// contains filtered or unexported fields
}

Acrn is an Hypervisor interface implementation for the Linux acrn hypervisor.

func (*Acrn) GetACRNUUIDBytes

func (a *Acrn) GetACRNUUIDBytes(uid string) (uuid.UUID, error)

GetACRNUUIDBytes returns UUID bytes that is used for VM creation

func (*Acrn) GetMaxSupportedACRNVM

func (a *Acrn) GetMaxSupportedACRNVM() (uint8, error)

GetMaxSupportedACRNVM checks the max number of VMs that can be launched from kata-runtime.

func (*Acrn) GetNextAvailableUUID

func (a *Acrn) GetNextAvailableUUID() (string, error)

GetNextAvailableUUID returns next available UUID VM creation If no valid UUIDs are available it returns err.

func (*Acrn) Logger

func (a *Acrn) Logger() *logrus.Entry

Logger returns a logrus logger appropriate for logging acrn messages

type AcrnInfo

type AcrnInfo struct {
	UUIDAvailability [8]uint8
}

AcrnInfo keeps track of UUID availability

type AcrnState

type AcrnState struct {
	UUID string
	PID  int
}

AcrnState keeps track of VM UUID, PID.

type AgentType

type AgentType string

AgentType describes the type of guest agent a Sandbox should run.

func (*AgentType) Set

func (agentType *AgentType) Set(value string) error

Set sets an agent type based on the input string.

func (*AgentType) String

func (agentType *AgentType) String() string

String converts an agent type to a string.

type BEPortType

type BEPortType int

BEPortType marks the port as console port or virtio-serial port

const (
	// SerialBE marks the port as serial port
	SerialBE BEPortType = iota

	//ConsoleBE marks the port as console port (append @)
	ConsoleBE
)

type BlkioStatEntry

type BlkioStatEntry struct {
	Major uint64 `json:"major,omitempty"`
	Minor uint64 `json:"minor,omitempty"`
	Op    string `json:"op,omitempty"`
	Value uint64 `json:"value,omitempty"`
}

BlkioStatEntry gather date related to a block device

type BlkioStats

type BlkioStats struct {
	// number of bytes tranferred to and from the block device
	IoServiceBytesRecursive []BlkioStatEntry `json:"io_service_bytes_recursive,omitempty"`
	IoServicedRecursive     []BlkioStatEntry `json:"io_serviced_recursive,omitempty"`
	IoQueuedRecursive       []BlkioStatEntry `json:"io_queue_recursive,omitempty"`
	IoServiceTimeRecursive  []BlkioStatEntry `json:"io_service_time_recursive,omitempty"`
	IoWaitTimeRecursive     []BlkioStatEntry `json:"io_wait_time_recursive,omitempty"`
	IoMergedRecursive       []BlkioStatEntry `json:"io_merged_recursive,omitempty"`
	IoTimeRecursive         []BlkioStatEntry `json:"io_time_recursive,omitempty"`
	SectorsRecursive        []BlkioStatEntry `json:"sectors_recursive,omitempty"`
}

BlkioStats describes block io stats

type BlockDevice

type BlockDevice struct {

	// mem path to block device
	FilePath string

	//BlkIndex - Blk index corresponding to slot
	Index int
}

BlockDevice represents a acrn block device.

func (BlockDevice) AcrnParams

func (blkdev BlockDevice) AcrnParams(slot int, config *Config) []string

AcrnParams returns the acrn parameters built out of this block device.

func (BlockDevice) Valid

func (blkdev BlockDevice) Valid() bool

Valid returns true if the BlockDevice structure is valid and complete.

type BridgeDevice

type BridgeDevice struct {

	// Function is PCI function. Func can be from 0 to 7
	Function int

	// Emul is a string describing the type of PCI device e.g. virtio-net
	Emul string

	// Config is an optional string, depending on the device, that can be
	// used for configuration
	Config string
}

BridgeDevice represents a acrn bridge device like pci-bridge, pxb, etc.

func (BridgeDevice) AcrnParams

func (bridgeDev BridgeDevice) AcrnParams(slot int, config *Config) []string

AcrnParams returns the acrn parameters built out of this bridge device.

func (BridgeDevice) Valid

func (bridgeDev BridgeDevice) Valid() bool

Valid returns true if the BridgeDevice structure is valid and complete.

type BridgedMacvlanEndpoint

type BridgedMacvlanEndpoint struct {
	NetPair            NetworkInterfacePair
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

BridgedMacvlanEndpoint represents a macvlan endpoint that is bridged to the VM

func (*BridgedMacvlanEndpoint) Attach

func (endpoint *BridgedMacvlanEndpoint) Attach(s *Sandbox) error

Attach for virtual endpoint bridges the network pair and adds the tap interface of the network pair to the hypervisor.

func (*BridgedMacvlanEndpoint) Detach

func (endpoint *BridgedMacvlanEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for the virtual endpoint tears down the tap and bridge created for the veth interface.

func (*BridgedMacvlanEndpoint) HardwareAddr

func (endpoint *BridgedMacvlanEndpoint) HardwareAddr() string

HardwareAddr returns the mac address that is assigned to the tap interface in th network pair.

func (*BridgedMacvlanEndpoint) HotAttach

func (endpoint *BridgedMacvlanEndpoint) HotAttach(h hypervisor) error

HotAttach for physical endpoint not supported yet

func (*BridgedMacvlanEndpoint) HotDetach

func (endpoint *BridgedMacvlanEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for physical endpoint not supported yet

func (*BridgedMacvlanEndpoint) Name

func (endpoint *BridgedMacvlanEndpoint) Name() string

Name returns name of the veth interface in the network pair.

func (*BridgedMacvlanEndpoint) NetworkPair

func (endpoint *BridgedMacvlanEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*BridgedMacvlanEndpoint) PciAddr

func (endpoint *BridgedMacvlanEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*BridgedMacvlanEndpoint) Properties

func (endpoint *BridgedMacvlanEndpoint) Properties() NetworkInfo

Properties returns properties of the interface.

func (*BridgedMacvlanEndpoint) SetPciAddr

func (endpoint *BridgedMacvlanEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*BridgedMacvlanEndpoint) SetProperties

func (endpoint *BridgedMacvlanEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties for the endpoint.

func (*BridgedMacvlanEndpoint) Type

func (endpoint *BridgedMacvlanEndpoint) Type() EndpointType

Type identifies the endpoint as a virtual endpoint.

type CPUDevice

type CPUDevice struct {
	// ID is used to identify this CPU in the hypervisor options.
	ID string
}

CPUDevice represents a CPU device which was hot-added in a running VM

type CPUStats

type CPUStats struct {
	CPUUsage       CPUUsage       `json:"cpu_usage,omitempty"`
	ThrottlingData ThrottlingData `json:"throttling_data,omitempty"`
}

CPUStats describes the cpu stats

type CPUUsage

type CPUUsage struct {
	// Total CPU time consumed.
	// Units: nanoseconds.
	TotalUsage uint64 `json:"total_usage,omitempty"`
	// Total CPU time consumed per core.
	// Units: nanoseconds.
	PercpuUsage []uint64 `json:"percpu_usage,omitempty"`
	// Time spent by tasks of the cgroup in kernel mode.
	// Units: nanoseconds.
	UsageInKernelmode uint64 `json:"usage_in_kernelmode"`
	// Time spent by tasks of the cgroup in user mode.
	// Units: nanoseconds.
	UsageInUsermode uint64 `json:"usage_in_usermode"`
}

CPUUsage denotes the usage of a CPU. All CPU stats are aggregate since container inception.

type CgroupStats

type CgroupStats struct {
	CPUStats    CPUStats    `json:"cpu_stats,omitempty"`
	MemoryStats MemoryStats `json:"memory_stats,omitempty"`
	PidsStats   PidsStats   `json:"pids_stats,omitempty"`
	BlkioStats  BlkioStats  `json:"blkio_stats,omitempty"`
	// the map is in the format "size of hugepage: stats of the hugepage"
	HugetlbStats map[string]HugetlbStats `json:"hugetlb_stats,omitempty"`
}

CgroupStats describes all cgroup subsystem stats

type CloudHypervisorState

type CloudHypervisorState struct {
	PID          int
	VirtiofsdPID int
	// contains filtered or unexported fields
}

Cloud hypervisor state

type CloudHypervisorVersion

type CloudHypervisorVersion struct {
	Major    int
	Minor    int
	Revision int
}

type Config

type Config struct {

	// Path is the acrn binary path.
	Path string

	// Path is the acrn binary path.
	CtlPath string

	// Name is the acrn guest name
	Name string

	// UUID is the acrn process UUID.
	UUID string

	// Devices is a list of devices for acrn to create and drive.
	Devices []Device

	// Kernel is the guest kernel configuration.
	Kernel Kernel

	// Memory is the guest memory configuration.
	Memory Memory

	// ACPI virtualization support
	ACPIVirt bool
	// contains filtered or unexported fields
}

Config is the acrn configuration structure. It allows for passing custom settings and parameters to the acrn-dm API.

type ConsoleDevice

type ConsoleDevice struct {
	// Name of the socket
	Name string

	//Backend device used for virtio-console
	Backend ConsoleDeviceBackend

	// PortType marks the port as serial or console port (@)
	PortType BEPortType

	//Path to virtio-console backend (can be omitted for pty, tty, stdio)
	Path string
}

ConsoleDevice represents a acrn console device.

func (ConsoleDevice) AcrnParams

func (cdev ConsoleDevice) AcrnParams(slot int, config *Config) []string

AcrnParams returns the acrn parameters built out of this console device.

func (ConsoleDevice) Valid

func (cdev ConsoleDevice) Valid() bool

Valid returns true if the CharDevice structure is valid and complete.

type ConsoleDeviceBackend

type ConsoleDeviceBackend string

ConsoleDeviceBackend is the character device backend for acrn

const (

	// Socket creates a 2 way stream socket (TCP or Unix).
	Socket ConsoleDeviceBackend = "socket"

	// Stdio sends traffic from the guest to acrn's standard output.
	Stdio ConsoleDeviceBackend = "console"

	// File backend only supports console output to a file (no input).
	File ConsoleDeviceBackend = "file"

	// TTY is an alias for Serial.
	TTY ConsoleDeviceBackend = "tty"

	// PTY creates a new pseudo-terminal on the host and connect to it.
	PTY ConsoleDeviceBackend = "pty"
)

type Container

type Container struct {
	// contains filtered or unexported fields
}

Container is composed of a set of containers and a runtime environment. A Container can be created, deleted, started, stopped, listed, entered, paused and restored.

func (*Container) GetAnnotations

func (c *Container) GetAnnotations() map[string]string

GetAnnotations returns container's annotations

func (*Container) GetPatchedOCISpec

func (c *Container) GetPatchedOCISpec() *specs.Spec

GetPatchedOCISpec returns container's OCI specification This OCI specification was patched when the sandbox was created by containerCapabilities(), SetEphemeralStorageType() and others in order to support: * capabilities * Ephemeral storage * k8s empty dir If you need the original (vanilla) OCI spec, use compatoci.GetContainerSpec() instead.

func (*Container) GetPid

func (c *Container) GetPid() int

GetPid returns the pid related to this container's process.

func (*Container) GetToken

func (c *Container) GetToken() string

GetToken returns the token related to this container's process.

func (*Container) ID

func (c *Container) ID() string

ID returns the container identifier string.

func (*Container) Logger

func (c *Container) Logger() *logrus.Entry

Logger returns a logrus logger appropriate for logging Container messages

func (*Container) Process

func (c *Container) Process() Process

Process returns the container process.

func (*Container) Restore

func (c *Container) Restore() error

Restore will restore container data from persist file on disk

func (*Container) Sandbox

func (c *Container) Sandbox() VCSandbox

Sandbox returns the sandbox handler related to this container.

type ContainerConfig

type ContainerConfig struct {
	ID string

	// RootFs is the container workload image on the host.
	RootFs RootFs

	// ReadOnlyRootfs indicates if the rootfs should be mounted readonly
	ReadonlyRootfs bool

	// Cmd specifies the command to run on a container
	Cmd types.Cmd

	// Annotations allow clients to store arbitrary values,
	// for example to add additional status values required
	// to support particular specifications.
	Annotations map[string]string

	Mounts []Mount

	// Device configuration for devices that must be available within the container.
	DeviceInfos []config.DeviceInfo

	// Resources container resources
	Resources specs.LinuxResources

	// Raw OCI specification, it won't be saved to disk.
	CustomSpec *specs.Spec `json:"-"`
}

ContainerConfig describes one container runtime configuration.

type ContainerDevice

type ContainerDevice struct {
	// ID is device id referencing the device from sandbox's device manager
	ID string

	// ContainerPath is device path displayed in container
	ContainerPath string

	// FileMode permission bits for the device.
	FileMode os.FileMode

	// UID is user ID in the container namespace
	UID uint32

	// GID is group ID in the container namespace
	GID uint32
}

ContainerDevice describes a device associated with container

type ContainerResources

type ContainerResources struct {
	// VCPUs are the number of vCPUs that are being used by the container
	VCPUs uint32

	// Mem is the memory that is being used by the container
	MemByte int64
}

ContainerResources describes container resources

type ContainerStats

type ContainerStats struct {
	CgroupStats  *CgroupStats
	NetworkStats []*NetworkStats
}

ContainerStats describes a container stats.

func StatsContainer

func StatsContainer(ctx context.Context, sandboxID, containerID string) (ContainerStats, error)

StatsContainer is the virtcontainers container stats entry point. StatsContainer returns a detailed container stats.

type ContainerStatus

type ContainerStatus struct {
	ID        string
	State     types.ContainerState
	PID       int
	StartTime time.Time
	RootFs    string
	Spec      *specs.Spec

	// Annotations allow clients to store arbitrary values,
	// for example to add additional status values required
	// to support particular specifications.
	Annotations map[string]string
}

ContainerStatus describes a container status.

func StatusContainer

func StatusContainer(ctx context.Context, sandboxID, containerID string) (ContainerStatus, error)

StatusContainer is the virtcontainers container status entry point. StatusContainer returns a detailed container status.

type ContainerType

type ContainerType string

ContainerType defines a type of container.

const (
	PodContainer         ContainerType = "pod_container"
	PodSandbox           ContainerType = "pod_sandbox"
	UnknownContainerType ContainerType = "unknown_container_type"
)

List different types of containers

func (ContainerType) IsSandbox

func (cType ContainerType) IsSandbox() bool

IsSandbox determines if the container type can be considered as a sandbox. We can consider a sandbox in case we have a PodSandbox or a RegularContainer.

type DNSInfo

type DNSInfo struct {
	Servers  []string
	Domain   string
	Searches []string
	Options  []string
}

DNSInfo describes the DNS setup related to a network interface.

type Device

type Device interface {
	Valid() bool
	AcrnParams(slot int, config *Config) []string
}

Device is the acrn device interface.

type Endpoint

type Endpoint interface {
	Properties() NetworkInfo
	Name() string
	HardwareAddr() string
	Type() EndpointType
	PciAddr() string
	NetworkPair() *NetworkInterfacePair

	SetProperties(NetworkInfo)
	SetPciAddr(string)
	Attach(*Sandbox) error
	Detach(netNsCreated bool, netNsPath string) error
	HotAttach(h hypervisor) error
	HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error
	// contains filtered or unexported methods
}

Endpoint represents a physical or virtual network interface.

type EndpointType

type EndpointType string

EndpointType identifies the type of the network endpoint.

const (
	// PhysicalEndpointType is the physical network interface.
	PhysicalEndpointType EndpointType = "physical"

	// VethEndpointType is the virtual network interface.
	VethEndpointType EndpointType = "virtual"

	// VhostUserEndpointType is the vhostuser network interface.
	VhostUserEndpointType EndpointType = "vhost-user"

	// BridgedMacvlanEndpointType is macvlan network interface.
	BridgedMacvlanEndpointType EndpointType = "macvlan"

	// MacvtapEndpointType is macvtap network interface.
	MacvtapEndpointType EndpointType = "macvtap"

	// TapEndpointType is tap network interface.
	TapEndpointType EndpointType = "tap"

	// TuntapEndpointType is a tap network interface.
	TuntapEndpointType EndpointType = "tuntap"

	// IPVlanEndpointType is ipvlan network interface.
	IPVlanEndpointType EndpointType = "ipvlan"
)

func (*EndpointType) Set

func (endpointType *EndpointType) Set(value string) error

Set sets an endpoint type based on the input string.

func (*EndpointType) String

func (endpointType *EndpointType) String() string

String converts an endpoint type to a string.

type Factory

type Factory interface {
	// Config returns base factory config.
	Config() VMConfig

	// GetVMStatus returns the status of the paused VM created by the base factory.
	GetVMStatus() []*pb.GrpcVMStatus

	// GetVM gets a new VM from the factory.
	GetVM(ctx context.Context, config VMConfig) (*VM, error)

	// GetBaseVM returns a paused VM created by the base factory.
	GetBaseVM(ctx context.Context, config VMConfig) (*VM, error)

	// CloseFactory closes and cleans up the factory.
	CloseFactory(ctx context.Context)
}

Factory controls how a new VM is created.

type FirecrackerInfo

type FirecrackerInfo struct {
	PID     int
	Version string
}

FirecrackerInfo contains information related to the hypervisor that we want to store on disk

type HugetlbStats

type HugetlbStats struct {
	// current res_counter usage for hugetlb
	Usage uint64 `json:"usage,omitempty"`
	// maximum usage ever recorded.
	MaxUsage uint64 `json:"max_usage,omitempty"`
	// number of times hugetlb usage allocation failure.
	Failcnt uint64 `json:"failcnt"`
}

HugetlbStats describes hugetable memory stats

type HypervisorConfig

type HypervisorConfig struct {
	// NumVCPUs specifies default number of vCPUs for the VM.
	NumVCPUs uint32

	//DefaultMaxVCPUs specifies the maximum number of vCPUs for the VM.
	DefaultMaxVCPUs uint32

	// DefaultMem specifies default memory size in MiB for the VM.
	MemorySize uint32

	// DefaultBridges specifies default number of bridges for the VM.
	// Bridges can be used to hot plug devices
	DefaultBridges uint32

	// Msize9p is used as the msize for 9p shares
	Msize9p uint32

	// MemSlots specifies default memory slots the VM.
	MemSlots uint32

	// MemOffset specifies memory space for nvdimm device
	MemOffset uint32

	// VirtioFSCacheSize is the DAX cache size in MiB
	VirtioFSCacheSize uint32

	// KernelParams are additional guest kernel parameters.
	KernelParams []Param

	// HypervisorParams are additional hypervisor parameters.
	HypervisorParams []Param

	// KernelPath is the guest kernel host path.
	KernelPath string

	// ImagePath is the guest image host path.
	ImagePath string

	// InitrdPath is the guest initrd image host path.
	// ImagePath and InitrdPath cannot be set at the same time.
	InitrdPath string

	// FirmwarePath is the bios host path
	FirmwarePath string

	// MachineAccelerators are machine specific accelerators
	MachineAccelerators string

	// CPUFeatures are cpu specific features
	CPUFeatures string

	// HypervisorPath is the hypervisor executable host path.
	HypervisorPath string

	// HypervisorPathList is the list of hypervisor paths names allowed in annotations
	HypervisorPathList []string

	// HypervisorCtlPathList is the list of hypervisor control paths names allowed in annotations
	HypervisorCtlPathList []string

	// HypervisorCtlPath is the hypervisor ctl executable host path.
	HypervisorCtlPath string

	// JailerPath is the jailer executable host path.
	JailerPath string

	// JailerPathList is the list of jailer paths names allowed in annotations
	JailerPathList []string

	// BlockDeviceDriver specifies the driver to be used for block device
	// either VirtioSCSI or VirtioBlock with the default driver being defaultBlockDriver
	BlockDeviceDriver string

	// HypervisorMachineType specifies the type of machine being
	// emulated.
	HypervisorMachineType string

	// MemoryPath is the memory file path of VM memory. Used when either BootToBeTemplate or
	// BootFromTemplate is true.
	MemoryPath string

	// DevicesStatePath is the VM device state file path. Used when either BootToBeTemplate or
	// BootFromTemplate is true.
	DevicesStatePath string

	// EntropySource is the path to a host source of
	// entropy (/dev/random, /dev/urandom or real hardware RNG device)
	EntropySource string

	// Shared file system type:
	//   - virtio-9p (default)
	//   - virtio-fs
	SharedFS string

	// VirtioFSDaemon is the virtio-fs vhost-user daemon path
	VirtioFSDaemon string

	// VirtioFSDaemonList is the list of valid virtiofs names for annotations
	VirtioFSDaemonList []string

	// VirtioFSCache cache mode for fs version cache or "none"
	VirtioFSCache string

	// VirtioFSExtraArgs passes options to virtiofsd daemon
	VirtioFSExtraArgs []string

	// File based memory backend root directory
	FileBackedMemRootDir string

	// FileBackedMemRootList is the list of valid root directories values for annotations
	FileBackedMemRootList []string

	// BlockDeviceCacheSet specifies cache-related options will be set to block devices or not.
	BlockDeviceCacheSet bool

	// BlockDeviceCacheDirect specifies cache-related options for block devices.
	// Denotes whether use of O_DIRECT (bypass the host page cache) is enabled.
	BlockDeviceCacheDirect bool

	// BlockDeviceCacheNoflush specifies cache-related options for block devices.
	// Denotes whether flush requests for the device are ignored.
	BlockDeviceCacheNoflush bool

	// DisableBlockDeviceUse disallows a block device from being used.
	DisableBlockDeviceUse bool

	// EnableIOThreads enables IO to be processed in a separate thread.
	// Supported currently for virtio-scsi driver.
	EnableIOThreads bool

	// Debug changes the default hypervisor and kernel parameters to
	// enable debug output where available.
	Debug bool

	// MemPrealloc specifies if the memory should be pre-allocated
	MemPrealloc bool

	// HugePages specifies if the memory should be pre-allocated from huge pages
	HugePages bool

	// VirtioMem is used to enable/disable virtio-mem
	VirtioMem bool

	// IOMMU specifies if the VM should have a vIOMMU
	IOMMU bool

	// IOMMUPlatform is used to indicate if IOMMU_PLATFORM is enabled for supported devices
	IOMMUPlatform bool

	// Realtime Used to enable/disable realtime
	Realtime bool

	// Mlock is used to control memory locking when Realtime is enabled
	// Realtime=true and Mlock=false, allows for swapping out of VM memory
	// enabling higher density
	Mlock bool

	// DisableNestingChecks is used to override customizations performed
	// when running on top of another VMM.
	DisableNestingChecks bool

	// UseVSock use a vsock for agent communication
	UseVSock bool

	// DisableImageNvdimm is used to disable guest rootfs image nvdimm devices
	DisableImageNvdimm bool

	// HotplugVFIOOnRootBus is used to indicate if devices need to be hotplugged on the
	// root bus instead of a bridge.
	HotplugVFIOOnRootBus bool

	// PCIeRootPort is used to indicate the number of PCIe Root Port devices
	// The PCIe Root Port device is used to hot-plug the PCIe device
	PCIeRootPort uint32

	// BootToBeTemplate used to indicate if the VM is created to be a template VM
	BootToBeTemplate bool

	// BootFromTemplate used to indicate if the VM should be created from a template VM
	BootFromTemplate bool

	// DisableVhostNet is used to indicate if host supports vhost_net
	DisableVhostNet bool

	// EnableVhostUserStore is used to indicate if host supports vhost-user-blk/scsi
	EnableVhostUserStore bool

	// VhostUserStorePath is the directory path where vhost-user devices
	// related folders, sockets and device nodes should be.
	VhostUserStorePath string

	// VhostUserStorePathList is the list of valid values for vhost-user paths
	VhostUserStorePathList []string

	// GuestHookPath is the path within the VM that will be used for 'drop-in' hooks
	GuestHookPath string

	// VMid is the id of the VM that create the hypervisor if the VM is created by the factory.
	// VMid is "" if the hypervisor is not created by the factory.
	VMid string

	// SELinux label for the VM
	SELinuxProcessLabel string

	// Enable annotations by name
	EnableAnnotations []string
	// contains filtered or unexported fields
}

HypervisorConfig is the hypervisor configuration.

func (*HypervisorConfig) AddKernelParam

func (conf *HypervisorConfig) AddKernelParam(p Param) error

AddKernelParam allows the addition of new kernel parameters to an existing hypervisor configuration.

func (*HypervisorConfig) CustomHypervisorAsset

func (conf *HypervisorConfig) CustomHypervisorAsset() bool

CustomHypervisorAsset returns true if the hypervisor asset is a custom one, false otherwise.

func (*HypervisorConfig) CustomImageAsset

func (conf *HypervisorConfig) CustomImageAsset() bool

CustomImageAsset returns true if the image asset is a custom one, false otherwise.

func (*HypervisorConfig) CustomInitrdAsset

func (conf *HypervisorConfig) CustomInitrdAsset() bool

CustomInitrdAsset returns true if the initrd asset is a custom one, false otherwise.

func (*HypervisorConfig) CustomKernelAsset

func (conf *HypervisorConfig) CustomKernelAsset() bool

CustomKernelAsset returns true if the kernel asset is a custom one, false otherwise.

func (*HypervisorConfig) FirmwareAssetPath

func (conf *HypervisorConfig) FirmwareAssetPath() (string, error)

FirmwareAssetPath returns the guest firmware path

func (*HypervisorConfig) HypervisorAssetPath

func (conf *HypervisorConfig) HypervisorAssetPath() (string, error)

HypervisorAssetPath returns the VM hypervisor path

func (*HypervisorConfig) HypervisorCtlAssetPath

func (conf *HypervisorConfig) HypervisorCtlAssetPath() (string, error)

HypervisorCtlAssetPath returns the VM hypervisor ctl path

func (*HypervisorConfig) ImageAssetPath

func (conf *HypervisorConfig) ImageAssetPath() (string, error)

ImageAssetPath returns the guest image path

func (*HypervisorConfig) InitrdAssetPath

func (conf *HypervisorConfig) InitrdAssetPath() (string, error)

InitrdAssetPath returns the guest initrd path

func (*HypervisorConfig) KernelAssetPath

func (conf *HypervisorConfig) KernelAssetPath() (string, error)

KernelAssetPath returns the guest kernel path

type HypervisorType

type HypervisorType string

HypervisorType describes an hypervisor type.

const (
	// FirecrackerHypervisor is the FC hypervisor.
	FirecrackerHypervisor HypervisorType = "firecracker"

	// QemuHypervisor is the QEMU hypervisor.
	QemuHypervisor HypervisorType = "qemu"

	// AcrnHypervisor is the ACRN hypervisor.
	AcrnHypervisor HypervisorType = "acrn"

	// ClhHypervisor is the ICH hypervisor.
	ClhHypervisor HypervisorType = "clh"

	// MockHypervisor is a mock hypervisor for testing purposes
	MockHypervisor HypervisorType = "mock"
)

func (*HypervisorType) Set

func (hType *HypervisorType) Set(value string) error

Set sets an hypervisor type based on the input string.

func (*HypervisorType) String

func (hType *HypervisorType) String() string

String converts an hypervisor type to a string.

type IPVlanEndpoint

type IPVlanEndpoint struct {
	NetPair            NetworkInterfacePair
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

IPVlanEndpoint represents a ipvlan endpoint that is bridged to the VM

func (*IPVlanEndpoint) Attach

func (endpoint *IPVlanEndpoint) Attach(s *Sandbox) error

Attach for virtual endpoint bridges the network pair and adds the tap interface of the network pair to the hypervisor.

func (*IPVlanEndpoint) Detach

func (endpoint *IPVlanEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for the virtual endpoint tears down the tap and bridge created for the veth interface.

func (*IPVlanEndpoint) HardwareAddr

func (endpoint *IPVlanEndpoint) HardwareAddr() string

HardwareAddr returns the mac address that is assigned to the tap interface in th network pair.

func (*IPVlanEndpoint) HotAttach

func (endpoint *IPVlanEndpoint) HotAttach(h hypervisor) error

HotAttach for physical endpoint not supported yet

func (*IPVlanEndpoint) HotDetach

func (endpoint *IPVlanEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for physical endpoint not supported yet

func (*IPVlanEndpoint) Name

func (endpoint *IPVlanEndpoint) Name() string

Name returns name of the veth interface in the network pair.

func (*IPVlanEndpoint) NetworkPair

func (endpoint *IPVlanEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*IPVlanEndpoint) PciAddr

func (endpoint *IPVlanEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*IPVlanEndpoint) Properties

func (endpoint *IPVlanEndpoint) Properties() NetworkInfo

Properties returns properties of the interface.

func (*IPVlanEndpoint) SetPciAddr

func (endpoint *IPVlanEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*IPVlanEndpoint) SetProperties

func (endpoint *IPVlanEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties for the endpoint.

func (*IPVlanEndpoint) Type

func (endpoint *IPVlanEndpoint) Type() EndpointType

Type identifies the endpoint as a virtual endpoint.

type KataAgentConfig

type KataAgentConfig struct {
	LongLiveConn      bool
	UseVSock          bool
	Debug             bool
	Trace             bool
	ContainerPipeSize uint32
	TraceMode         string
	TraceType         string
	KernelModules     []string
}

KataAgentConfig is a structure storing information needed to reach the Kata Containers agent.

type KataAgentState

type KataAgentState struct {
	ProxyPid int
	URL      string
}

KataAgentState is the structure describing the data stored from this agent implementation.

type Kernel

type Kernel struct {
	// Path is the guest kernel path on the host filesystem.
	Path string

	// InitrdPath is the guest initrd path on the host filesystem.
	ImagePath string

	// Params is the kernel parameters string.
	Params string
}

Kernel is the guest kernel configuration structure.

type LPCDevice

type LPCDevice struct {

	// Function is PCI function. Func can be from 0 to 7
	Function int

	// Emul is a string describing the type of PCI device e.g. virtio-net
	Emul string
}

LPCDevice represents a acrn LPC device

func (LPCDevice) AcrnParams

func (lpcDev LPCDevice) AcrnParams(slot int, config *Config) []string

AcrnParams returns the acrn parameters built out of this bridge device.

func (LPCDevice) Valid

func (lpcDev LPCDevice) Valid() bool

Valid returns true if the BridgeDevice structure is valid and complete.

type MacvtapEndpoint

type MacvtapEndpoint struct {
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	VMFds              []*os.File
	VhostFds           []*os.File
	PCIAddr            string
}

MacvtapEndpoint represents a macvtap endpoint

func (*MacvtapEndpoint) Attach

func (endpoint *MacvtapEndpoint) Attach(s *Sandbox) error

Attach for macvtap endpoint passes macvtap device to the hypervisor.

func (*MacvtapEndpoint) Detach

func (endpoint *MacvtapEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for macvtap endpoint does nothing.

func (*MacvtapEndpoint) HardwareAddr

func (endpoint *MacvtapEndpoint) HardwareAddr() string

HardwareAddr returns the mac address of the macvtap network interface.

func (*MacvtapEndpoint) HotAttach

func (endpoint *MacvtapEndpoint) HotAttach(h hypervisor) error

HotAttach for macvtap endpoint not supported yet

func (*MacvtapEndpoint) HotDetach

func (endpoint *MacvtapEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for macvtap endpoint not supported yet

func (*MacvtapEndpoint) Name

func (endpoint *MacvtapEndpoint) Name() string

Name returns name of the macvtap interface.

func (*MacvtapEndpoint) NetworkPair

func (endpoint *MacvtapEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*MacvtapEndpoint) PciAddr

func (endpoint *MacvtapEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*MacvtapEndpoint) Properties

func (endpoint *MacvtapEndpoint) Properties() NetworkInfo

Properties returns the properties of the macvtap interface.

func (*MacvtapEndpoint) SetPciAddr

func (endpoint *MacvtapEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*MacvtapEndpoint) SetProperties

func (endpoint *MacvtapEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties of the macvtap endpoint.

func (*MacvtapEndpoint) Type

func (endpoint *MacvtapEndpoint) Type() EndpointType

Type indentifies the endpoint as a macvtap endpoint.

type Memory

type Memory struct {
	// Size is the amount of memory made available to the guest.
	// It should be suffixed with M or G for sizes in megabytes or
	// gigabytes respectively.
	Size string
}

Memory is the guest memory configuration structure.

type MemoryData

type MemoryData struct {
	Usage    uint64 `json:"usage,omitempty"`
	MaxUsage uint64 `json:"max_usage,omitempty"`
	Failcnt  uint64 `json:"failcnt"`
	Limit    uint64 `json:"limit"`
}

MemoryData gather the data related to memory

type MemoryStats

type MemoryStats struct {
	// memory used for cache
	Cache uint64 `json:"cache,omitempty"`
	// usage of memory
	Usage MemoryData `json:"usage,omitempty"`
	// usage of memory  swap
	SwapUsage MemoryData `json:"swap_usage,omitempty"`
	// usage of kernel memory
	KernelUsage MemoryData `json:"kernel_usage,omitempty"`
	// usage of kernel TCP memory
	KernelTCPUsage MemoryData `json:"kernel_tcp_usage,omitempty"`
	// if true, memory usage is accounted for throughout a hierarchy of cgroups.
	UseHierarchy bool `json:"use_hierarchy"`

	Stats map[string]uint64 `json:"stats,omitempty"`
}

MemoryStats describes the memory stats

type Mount

type Mount struct {
	Source      string
	Destination string

	// Type specifies the type of filesystem to mount.
	Type string

	// Options list all the mount options of the filesystem.
	Options []string

	// HostPath used to store host side bind mount path
	HostPath string

	// ReadOnly specifies if the mount should be read only or not
	ReadOnly bool

	// BlockDeviceID represents block device that is attached to the
	// VM in case this mount is a block device file or a directory
	// backed by a block device.
	BlockDeviceID string
}

Mount describes a container mount.

type NetDevice

type NetDevice struct {
	// Type is the netdev type (e.g. tap).
	Type NetDeviceType

	// IfName is the interface name
	IFName string

	//MACAddress is the networking device interface MAC address
	MACAddress string
}

NetDevice represents a guest networking device

func (NetDevice) AcrnNetdevParam

func (netdev NetDevice) AcrnNetdevParam() []string

AcrnNetdevParam converts to the acrn type to string

func (NetDevice) AcrnParams

func (netdev NetDevice) AcrnParams(slot int, config *Config) []string

AcrnParams returns the acrn parameters built out of this network device.

func (NetDevice) Valid

func (netdev NetDevice) Valid() bool

Valid returns true if the NetDevice structure is valid and complete.

type NetDeviceType

type NetDeviceType string

NetDeviceType is a acrn networking device type.

const (
	// TAP is a TAP networking device type.
	TAP NetDeviceType = "tap"

	// MACVTAP is a macvtap networking device type.
	MACVTAP NetDeviceType = "macvtap"
)

type NetInterworkingModel

type NetInterworkingModel int

NetInterworkingModel defines the network model connecting the network interface to the virtual machine.

const (
	// NetXConnectDefaultModel Ask to use DefaultNetInterworkingModel
	NetXConnectDefaultModel NetInterworkingModel = iota

	// NetXConnectMacVtapModel can be used when the Container network
	// interface can be bridged using macvtap
	NetXConnectMacVtapModel

	// NetXConnectTCFilterModel redirects traffic from the network interface
	// provided by the network plugin to a tap interface.
	// This works for ipvlan and macvlan as well.
	NetXConnectTCFilterModel

	// NetXConnectNoneModel can be used when the VM is in the host network namespace
	NetXConnectNoneModel

	// NetXConnectInvalidModel is the last item to check valid values by IsValid()
	NetXConnectInvalidModel
)

func (NetInterworkingModel) IsValid

func (n NetInterworkingModel) IsValid() bool

IsValid checks if a model is valid

func (*NetInterworkingModel) SetModel

func (n *NetInterworkingModel) SetModel(modelName string) error

SetModel change the model string value

type NetlinkIface

type NetlinkIface struct {
	netlink.LinkAttrs
	Type string
}

NetlinkIface describes fully a network interface.

type NetmonConfig

type NetmonConfig struct {
	Path   string
	Debug  bool
	Enable bool
}

NetmonConfig is the structure providing specific configuration for the network monitor.

type Network

type Network struct {
}

Network is the virtcontainer network structure

func (*Network) Add

func (n *Network) Add(ctx context.Context, config *NetworkConfig, s *Sandbox, hotplug bool) ([]Endpoint, error)

Add adds all needed interfaces inside the network namespace.

func (*Network) PostAdd

func (n *Network) PostAdd(ctx context.Context, ns *NetworkNamespace, hotplug bool) error

func (*Network) Remove

func (n *Network) Remove(ctx context.Context, ns *NetworkNamespace, hypervisor hypervisor) error

Remove network endpoints in the network namespace. It also deletes the network namespace in case the namespace has been created by us.

func (*Network) Run

func (n *Network) Run(networkNSPath string, cb func() error) error

Run runs a callback in the specified network namespace.

type NetworkConfig

type NetworkConfig struct {
	NetNSPath         string
	NetNsCreated      bool
	DisableNewNetNs   bool
	NetmonConfig      NetmonConfig
	InterworkingModel NetInterworkingModel
}

NetworkConfig is the network configuration related to a network.

type NetworkInfo

type NetworkInfo struct {
	Iface     NetlinkIface
	Addrs     []netlink.Addr
	Routes    []netlink.Route
	DNS       DNSInfo
	Neighbors []netlink.Neigh
}

NetworkInfo gathers all information related to a network interface. It can be used to store the description of the underlying network.

type NetworkInterface

type NetworkInterface struct {
	Name     string
	HardAddr string
	Addrs    []netlink.Addr
}

NetworkInterface defines a network interface.

type NetworkInterfacePair

type NetworkInterfacePair struct {
	TapInterface
	VirtIface NetworkInterface
	NetInterworkingModel
}

NetworkInterfacePair defines a pair between VM and virtual network interfaces.

type NetworkNamespace

type NetworkNamespace struct {
	NetNsPath    string
	NetNsCreated bool
	Endpoints    []Endpoint
	NetmonPID    int
}

NetworkNamespace contains all data related to its network namespace.

func (NetworkNamespace) MarshalJSON

func (n NetworkNamespace) MarshalJSON() ([]byte, error)

MarshalJSON is the custom NetworkNamespace JSON marshalling routine. This is needed to properly marshall Endpoints array.

func (*NetworkNamespace) UnmarshalJSON

func (n *NetworkNamespace) UnmarshalJSON(b []byte) error

UnmarshalJSON is the custom NetworkNamespace unmarshalling routine. This is needed for unmarshalling the Endpoints interfaces array.

type NetworkStats

type NetworkStats struct {
	// Name is the name of the network interface.
	Name string `json:"name,omitempty"`

	RxBytes   uint64 `json:"rx_bytes,omitempty"`
	RxPackets uint64 `json:"rx_packets,omitempty"`
	RxErrors  uint64 `json:"rx_errors,omitempty"`
	RxDropped uint64 `json:"rx_dropped,omitempty"`
	TxBytes   uint64 `json:"tx_bytes,omitempty"`
	TxPackets uint64 `json:"tx_packets,omitempty"`
	TxErrors  uint64 `json:"tx_errors,omitempty"`
	TxDropped uint64 `json:"tx_dropped,omitempty"`
}

NetworkStats describe all network stats.

type Param

type Param struct {
	Key   string
	Value string
}

Param is a key/value representation for hypervisor and kernel parameters.

func DeserializeParams

func DeserializeParams(parameters []string) []Param

DeserializeParams converts []string to []Param

func KataAgentKernelParams

func KataAgentKernelParams(config KataAgentConfig) []Param

KataAgentKernelParams returns a list of Kata Agent specific kernel parameters.

type PhysicalEndpoint

type PhysicalEndpoint struct {
	IfaceName          string
	HardAddr           string
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	BDF                string
	Driver             string
	VendorDeviceID     string
	PCIAddr            string
}

PhysicalEndpoint gathers a physical network interface and its properties

func (*PhysicalEndpoint) Attach

func (endpoint *PhysicalEndpoint) Attach(s *Sandbox) error

Attach for physical endpoint binds the physical network interface to vfio-pci and adds device to the hypervisor with vfio-passthrough.

func (*PhysicalEndpoint) Detach

func (endpoint *PhysicalEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for physical endpoint unbinds the physical network interface from vfio-pci and binds it back to the saved host driver.

func (*PhysicalEndpoint) HardwareAddr

func (endpoint *PhysicalEndpoint) HardwareAddr() string

HardwareAddr returns the mac address of the physical network interface.

func (*PhysicalEndpoint) HotAttach

func (endpoint *PhysicalEndpoint) HotAttach(h hypervisor) error

HotAttach for physical endpoint not supported yet

func (*PhysicalEndpoint) HotDetach

func (endpoint *PhysicalEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for physical endpoint not supported yet

func (*PhysicalEndpoint) Name

func (endpoint *PhysicalEndpoint) Name() string

Name returns name of the physical interface.

func (*PhysicalEndpoint) NetworkPair

func (endpoint *PhysicalEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*PhysicalEndpoint) PciAddr

func (endpoint *PhysicalEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*PhysicalEndpoint) Properties

func (endpoint *PhysicalEndpoint) Properties() NetworkInfo

Properties returns the properties of the physical interface.

func (*PhysicalEndpoint) SetPciAddr

func (endpoint *PhysicalEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*PhysicalEndpoint) SetProperties

func (endpoint *PhysicalEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties of the physical endpoint.

func (*PhysicalEndpoint) Type

func (endpoint *PhysicalEndpoint) Type() EndpointType

Type indentifies the endpoint as a physical endpoint.

type PidsStats

type PidsStats struct {
	// number of pids in the cgroup
	Current uint64 `json:"current,omitempty"`
	// active pids hard limit
	Limit uint64 `json:"limit,omitempty"`
}

PidsStats describes the pids stats

type Process

type Process struct {
	// Token is the process execution context ID. It must be
	// unique per sandbox.
	// Token is used to manipulate processes for containers
	// that have not started yet, and later identify them
	// uniquely within a sandbox.
	Token string

	// Pid is the process ID as seen by the host software
	// stack, e.g. CRI-O, containerd. This is typically the
	// shim PID.
	Pid int

	StartTime time.Time
}

Process gathers data related to a container process.

type ProcessList

type ProcessList []byte

ProcessList represents the list of running processes inside the container

func ProcessListContainer

func ProcessListContainer(ctx context.Context, sandboxID, containerID string, options ProcessListOptions) (ProcessList, error)

ProcessListContainer is the virtcontainers entry point to list processes running inside a container

type ProcessListOptions

type ProcessListOptions struct {
	// Format describes the output format to list the running processes.
	// Formats are unrelated to ps(1) formats, only two formats can be specified:
	// "json" and "table"
	Format string

	// Args contains the list of arguments to run ps(1) command.
	// If Args is empty the agent will use "-ef" as options to ps(1).
	Args []string
}

ProcessListOptions contains the options used to list running processes inside the container

type ProxyConfig

type ProxyConfig struct {
	Path  string
	Debug bool
}

ProxyConfig is a structure storing information needed from any proxy in order to be properly initialized.

type ProxyType

type ProxyType string

ProxyType describes a proxy type.

const (
	// NoopProxyType is the noopProxy.
	NoopProxyType ProxyType = "noopProxy"

	// NoProxyType is the noProxy.
	NoProxyType ProxyType = "noProxy"

	// KataProxyType is the kataProxy.
	KataProxyType ProxyType = "kataProxy"

	// KataBuiltInProxyType is the kataBuiltInProxy.
	KataBuiltInProxyType ProxyType = "kataBuiltInProxy"
)

func (*ProxyType) Set

func (pType *ProxyType) Set(value string) error

Set sets a proxy type based on the input string.

func (*ProxyType) String

func (pType *ProxyType) String() string

String converts a proxy type to a string.

type QemuState

type QemuState struct {
	Bridges []types.Bridge
	// HotpluggedCPUs is the list of CPUs that were hot-added
	HotpluggedVCPUs      []CPUDevice
	HotpluggedMemory     int
	UUID                 string
	HotplugVFIOOnRootBus bool
	VirtiofsdPid         int
	PCIeRootPort         int
}

QemuState keeps Qemu's state

type RootFs

type RootFs struct {
	// Source specifies the BlockDevice path
	Source string
	// Target specify where the rootfs is mounted if it has been mounted
	Target string
	// Type specifies the type of filesystem to mount.
	Type string
	// Options specifies zero or more fstab style mount options.
	Options []string
	// Mounted specifies whether the rootfs has be mounted or not
	Mounted bool
}

RootFs describes the container's rootfs.

type Sandbox

type Sandbox struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Sandbox is composed of a set of containers and a runtime environment. A Sandbox can be created, deleted, started, paused, stopped, listed, entered, and restored.

func (*Sandbox) AddDevice

func (s *Sandbox) AddDevice(info config.DeviceInfo) (api.Device, error)

AddDevice will add a device to sandbox

func (*Sandbox) AddInterface

func (s *Sandbox) AddInterface(inf *vcTypes.Interface) (*vcTypes.Interface, error)

AddInterface adds new nic to the sandbox.

func (*Sandbox) Annotations

func (s *Sandbox) Annotations(key string) (string, error)

Annotations returns any annotation that a user could have stored through the sandbox.

func (*Sandbox) AppendDevice

func (s *Sandbox) AppendDevice(device api.Device) error

AppendDevice can only handle vhost user device currently, it adds a vhost user device to sandbox Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) CreateContainer

func (s *Sandbox) CreateContainer(contConfig ContainerConfig) (VCContainer, error)

CreateContainer creates a new container in the sandbox This should be called only when the sandbox is already created. It will add new container config to sandbox.config.Containers

func (*Sandbox) Delete

func (s *Sandbox) Delete() error

Delete deletes an already created sandbox. The VM in which the sandbox is running will be shut down.

func (*Sandbox) DeleteContainer

func (s *Sandbox) DeleteContainer(containerID string) (VCContainer, error)

DeleteContainer deletes a container from the sandbox

func (*Sandbox) EnterContainer

func (s *Sandbox) EnterContainer(containerID string, cmd types.Cmd) (VCContainer, *Process, error)

EnterContainer is the virtcontainers container command execution entry point. EnterContainer enters an already running container and runs a given command.

func (*Sandbox) GetAllContainers

func (s *Sandbox) GetAllContainers() []VCContainer

GetAllContainers returns all containers.

func (*Sandbox) GetAndSetSandboxBlockIndex

func (s *Sandbox) GetAndSetSandboxBlockIndex() (int, error)

GetAndSetSandboxBlockIndex is used for getting and setting virtio-block indexes Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) GetAnnotations

func (s *Sandbox) GetAnnotations() map[string]string

GetAnnotations returns sandbox's annotations

func (*Sandbox) GetContainer

func (s *Sandbox) GetContainer(containerID string) VCContainer

GetContainer returns the container named by the containerID.

func (*Sandbox) GetHypervisorType

func (s *Sandbox) GetHypervisorType() string

GetHypervisorType is used for getting Hypervisor name currently used. Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) GetNetNs

func (s *Sandbox) GetNetNs() string

GetNetNs returns the network namespace of the current sandbox.

func (*Sandbox) GetOOMEvent

func (s *Sandbox) GetOOMEvent() (string, error)

func (*Sandbox) GetPatchedOCISpec

func (s *Sandbox) GetPatchedOCISpec() *specs.Spec

GetPatchedOCISpec returns sandbox's OCI specification This OCI specification was patched when the sandbox was created by containerCapabilities(), SetEphemeralStorageType() and others in order to support: * capabilities * Ephemeral storage * k8s empty dir If you need the original (vanilla) OCI spec, use compatoci.GetContainerSpec() instead.

func (*Sandbox) HotplugAddDevice

func (s *Sandbox) HotplugAddDevice(device api.Device, devType config.DeviceType) error

HotplugAddDevice is used for add a device to sandbox Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) HotplugRemoveDevice

func (s *Sandbox) HotplugRemoveDevice(device api.Device, devType config.DeviceType) error

HotplugRemoveDevice is used for removing a device from sandbox Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) ID

func (s *Sandbox) ID() string

ID returns the sandbox identifier string.

func (*Sandbox) IOStream

func (s *Sandbox) IOStream(containerID, processID string) (io.WriteCloser, io.Reader, io.Reader, error)

IOStream returns stdin writer, stdout reader and stderr reader of a process

func (*Sandbox) KillContainer

func (s *Sandbox) KillContainer(containerID string, signal syscall.Signal, all bool) error

KillContainer signals a container in the sandbox

func (*Sandbox) ListInterfaces

func (s *Sandbox) ListInterfaces() ([]*vcTypes.Interface, error)

ListInterfaces lists all nics and their configurations in the sandbox.

func (*Sandbox) ListRoutes

func (s *Sandbox) ListRoutes() ([]*vcTypes.Route, error)

ListRoutes lists all routes and their configurations in the sandbox.

func (*Sandbox) Logger

func (s *Sandbox) Logger() *logrus.Entry

Logger returns a logrus logger appropriate for logging Sandbox messages

func (*Sandbox) Monitor

func (s *Sandbox) Monitor() (chan error, error)

Monitor returns a error channel for watcher to watch at

func (*Sandbox) PauseContainer

func (s *Sandbox) PauseContainer(containerID string) error

PauseContainer pauses a running container.

func (*Sandbox) ProcessListContainer

func (s *Sandbox) ProcessListContainer(containerID string, options ProcessListOptions) (ProcessList, error)

ProcessListContainer lists every process running inside a specific container in the sandbox.

func (*Sandbox) Release

func (s *Sandbox) Release() error

Release closes the agent connection and removes sandbox from internal list.

func (*Sandbox) RemoveInterface

func (s *Sandbox) RemoveInterface(inf *vcTypes.Interface) (*vcTypes.Interface, error)

RemoveInterface removes a nic of the sandbox.

func (*Sandbox) Restore

func (s *Sandbox) Restore() error

Restore will restore sandbox data from persist file on disk

func (*Sandbox) ResumeContainer

func (s *Sandbox) ResumeContainer(containerID string) error

ResumeContainer resumes a paused container.

func (*Sandbox) Save

func (s *Sandbox) Save() error

func (*Sandbox) SetAnnotations

func (s *Sandbox) SetAnnotations(annotations map[string]string) error

SetAnnotations sets or adds an annotations

func (*Sandbox) SignalProcess

func (s *Sandbox) SignalProcess(containerID, processID string, signal syscall.Signal, all bool) error

SignalProcess sends a signal to a process of a container when all is false. When all is true, it sends the signal to all processes of a container.

func (*Sandbox) Start

func (s *Sandbox) Start() error

Start starts a sandbox. The containers that are making the sandbox will be started.

func (*Sandbox) StartContainer

func (s *Sandbox) StartContainer(containerID string) (VCContainer, error)

StartContainer starts a container in the sandbox

func (*Sandbox) Stats

func (s *Sandbox) Stats() (SandboxStats, error)

Stats returns the stats of a running sandbox

func (*Sandbox) StatsContainer

func (s *Sandbox) StatsContainer(containerID string) (ContainerStats, error)

StatsContainer return the stats of a running container

func (*Sandbox) Status

func (s *Sandbox) Status() SandboxStatus

Status gets the status of the sandbox TODO: update container status properly, see kata-containers/runtime#253

func (*Sandbox) StatusContainer

func (s *Sandbox) StatusContainer(containerID string) (ContainerStatus, error)

StatusContainer gets the status of a container TODO: update container status properly, see kata-containers/runtime#253

func (*Sandbox) Stop

func (s *Sandbox) Stop(force bool) error

Stop stops a sandbox. The containers that are making the sandbox will be destroyed. When force is true, ignore guest related stop failures.

func (*Sandbox) StopContainer

func (s *Sandbox) StopContainer(containerID string, force bool) (VCContainer, error)

StopContainer stops a container in the sandbox

func (*Sandbox) UnsetSandboxBlockIndex

func (s *Sandbox) UnsetSandboxBlockIndex(index int) error

UnsetSandboxBlockIndex unsets block indexes Sandbox implement DeviceReceiver interface from device/api/interface.go

func (*Sandbox) UpdateContainer

func (s *Sandbox) UpdateContainer(containerID string, resources specs.LinuxResources) error

UpdateContainer update a running container.

func (*Sandbox) UpdateRoutes

func (s *Sandbox) UpdateRoutes(routes []*vcTypes.Route) ([]*vcTypes.Route, error)

UpdateRoutes updates the sandbox route table (e.g. for portmapping support).

func (*Sandbox) WaitProcess

func (s *Sandbox) WaitProcess(containerID, processID string) (int32, error)

WaitProcess waits on a container process and return its exit code

func (*Sandbox) WinsizeProcess

func (s *Sandbox) WinsizeProcess(containerID, processID string, height, width uint32) error

WinsizeProcess resizes the tty window of a process

type SandboxConfig

type SandboxConfig struct {
	ID string

	Hostname string

	HypervisorType   HypervisorType
	HypervisorConfig HypervisorConfig

	AgentType   AgentType
	AgentConfig interface{}

	ProxyType   ProxyType
	ProxyConfig ProxyConfig

	ShimType   ShimType
	ShimConfig interface{}

	NetworkConfig NetworkConfig

	// Volumes is a list of shared volumes between the host and the Sandbox.
	Volumes []types.Volume

	// Containers describe the list of containers within a Sandbox.
	// This list can be empty and populated by adding containers
	// to the Sandbox a posteriori.
	//TODO: this should be a map to avoid duplicated containers
	Containers []ContainerConfig

	// Annotations keys must be unique strings and must be name-spaced
	// with e.g. reverse domain notation (org.clearlinux.key).
	Annotations map[string]string

	ShmSize uint64

	// SharePidNs sets all containers to share the same sandbox level pid namespace.
	SharePidNs bool

	// types.Stateful keeps sandbox resources in memory across APIs. Users will be responsible
	// for calling Release() to release the memory resources.
	Stateful bool

	// SystemdCgroup enables systemd cgroup support
	SystemdCgroup bool

	// SandboxCgroupOnly enables cgroup only at podlevel in the host
	SandboxCgroupOnly bool

	// EnableAgentPidNs allows containers to share pid namespace with the agent
	EnableAgentPidNs bool

	DisableGuestSeccomp bool

	// Experimental features enabled
	Experimental []exp.Feature

	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
	// placed into to limit the resources the container has available
	Cgroups *configs.Cgroup
}

SandboxConfig is a Sandbox configuration.

type SandboxStats

type SandboxStats struct {
	CgroupStats CgroupStats
	Cpus        int
}

SandboxStats describes a sandbox's stats

type SandboxStatus

type SandboxStatus struct {
	ID               string
	State            types.SandboxState
	Hypervisor       HypervisorType
	HypervisorConfig HypervisorConfig
	Agent            AgentType
	ContainersStatus []ContainerStatus

	// Annotations allow clients to store arbitrary values,
	// for example to add additional status values required
	// to support particular specifications.
	Annotations map[string]string
}

SandboxStatus describes a sandbox status.

func ListSandbox

func ListSandbox(ctx context.Context) ([]SandboxStatus, error)

ListSandbox is the virtcontainers sandbox listing entry point.

func StatusSandbox

func StatusSandbox(ctx context.Context, sandboxID string) (SandboxStatus, error)

StatusSandbox is the virtcontainers sandbox status entry point.

type ShimConfig

type ShimConfig struct {
	Path  string
	Debug bool
	Trace bool
}

ShimConfig is the structure providing specific configuration for shim implementations.

type ShimParams

type ShimParams struct {
	Container  string
	Token      string
	URL        string
	Console    string
	ConsoleURL string
	Terminal   bool
	Detach     bool
	PID        int
	CreateNS   []ns.NSType
	EnterNS    []ns.Namespace
}

ShimParams is the structure providing specific parameters needed for the execution of the shim binary.

type ShimType

type ShimType string

ShimType describes a shim type.

const (
	// NoopShimType is the noopShim.
	NoopShimType ShimType = "noopShim"

	// KataShimType is the Kata Containers shim type.
	KataShimType ShimType = "kataShim"

	// KataBuiltInShimType is the Kata Containers builtin shim type.
	KataBuiltInShimType ShimType = "kataBuiltInShim"
)

func (*ShimType) Set

func (pType *ShimType) Set(value string) error

Set sets a shim type based on the input string.

func (*ShimType) String

func (pType *ShimType) String() string

String converts a shim type to a string.

type SystemMountsInfo

type SystemMountsInfo struct {
	// Indicates if /dev has been passed as a bind mount for the host /dev
	BindMountDev bool

	// Size of /dev/shm assigned on the host.
	DevShmSize uint
}

SystemMountsInfo describes additional information for system mounts that the agent needs to handle

type TapEndpoint

type TapEndpoint struct {
	TapInterface       TapInterface
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

TapEndpoint represents just a tap endpoint

func (*TapEndpoint) Attach

func (endpoint *TapEndpoint) Attach(s *Sandbox) error

Attach for tap endpoint adds the tap interface to the hypervisor.

func (*TapEndpoint) Detach

func (endpoint *TapEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for the tap endpoint tears down the tap

func (*TapEndpoint) HardwareAddr

func (endpoint *TapEndpoint) HardwareAddr() string

HardwareAddr returns the mac address that is assigned to the tap interface

func (*TapEndpoint) HotAttach

func (endpoint *TapEndpoint) HotAttach(h hypervisor) error

HotAttach for the tap endpoint uses hot plug device

func (*TapEndpoint) HotDetach

func (endpoint *TapEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for the tap endpoint uses hot pull device

func (*TapEndpoint) Name

func (endpoint *TapEndpoint) Name() string

Name returns name of the tap interface in the network pair.

func (*TapEndpoint) NetworkPair

func (endpoint *TapEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*TapEndpoint) PciAddr

func (endpoint *TapEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*TapEndpoint) Properties

func (endpoint *TapEndpoint) Properties() NetworkInfo

Properties returns the properties of the tap interface.

func (*TapEndpoint) SetPciAddr

func (endpoint *TapEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*TapEndpoint) SetProperties

func (endpoint *TapEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties for the endpoint.

func (*TapEndpoint) Type

func (endpoint *TapEndpoint) Type() EndpointType

Type identifies the endpoint as a tap endpoint.

type TapInterface

type TapInterface struct {
	ID       string
	Name     string
	TAPIface NetworkInterface
	VMFds    []*os.File
	VhostFds []*os.File
}

TapInterface defines a tap interface

type ThrottlingData

type ThrottlingData struct {
	// Number of periods with throttling active
	Periods uint64 `json:"periods,omitempty"`
	// Number of periods when the container hit its throttling limit.
	ThrottledPeriods uint64 `json:"throttled_periods,omitempty"`
	// Aggregate time the container was throttled for in nanoseconds.
	ThrottledTime uint64 `json:"throttled_time,omitempty"`
}

ThrottlingData gather the date related to container cpu throttling.

type TuntapEndpoint

type TuntapEndpoint struct {
	NetPair            NetworkInterfacePair
	TuntapInterface    TuntapInterface
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

TuntapEndpoint represents just a tap endpoint

func (*TuntapEndpoint) Attach

func (endpoint *TuntapEndpoint) Attach(s *Sandbox) error

Attach for tap endpoint adds the tap interface to the hypervisor.

func (*TuntapEndpoint) Detach

func (endpoint *TuntapEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for the tap endpoint tears down the tap

func (*TuntapEndpoint) HardwareAddr

func (endpoint *TuntapEndpoint) HardwareAddr() string

HardwareAddr returns the mac address that is assigned to the tap interface

func (*TuntapEndpoint) HotAttach

func (endpoint *TuntapEndpoint) HotAttach(h hypervisor) error

HotAttach for the tap endpoint uses hot plug device

func (*TuntapEndpoint) HotDetach

func (endpoint *TuntapEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for the tap endpoint uses hot pull device

func (*TuntapEndpoint) Name

func (endpoint *TuntapEndpoint) Name() string

Name returns name of the tap interface in the network pair.

func (*TuntapEndpoint) NetworkPair

func (endpoint *TuntapEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*TuntapEndpoint) PciAddr

func (endpoint *TuntapEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*TuntapEndpoint) Properties

func (endpoint *TuntapEndpoint) Properties() NetworkInfo

Properties returns the properties of the tap interface.

func (*TuntapEndpoint) SetPciAddr

func (endpoint *TuntapEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*TuntapEndpoint) SetProperties

func (endpoint *TuntapEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties for the endpoint.

func (*TuntapEndpoint) Type

func (endpoint *TuntapEndpoint) Type() EndpointType

Type identifies the endpoint as a tap endpoint.

type TuntapInterface

type TuntapInterface struct {
	Name     string
	TAPIface NetworkInterface
}

TuntapInterface defines a tap interface

type TypedJSONEndpoint

type TypedJSONEndpoint struct {
	Type EndpointType
	Data json.RawMessage
}

TypedJSONEndpoint is used as an intermediate representation for marshalling and unmarshalling Endpoint objects.

type VC

type VC interface {
	SetLogger(ctx context.Context, logger *logrus.Entry)
	SetFactory(ctx context.Context, factory Factory)

	CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error)
	DeleteSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)
	FetchSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)
	ListSandbox(ctx context.Context) ([]SandboxStatus, error)
	RunSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error)
	StartSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)
	StatusSandbox(ctx context.Context, sandboxID string) (SandboxStatus, error)
	StopSandbox(ctx context.Context, sandboxID string, force bool) (VCSandbox, error)

	CreateContainer(ctx context.Context, sandboxID string, containerConfig ContainerConfig) (VCSandbox, VCContainer, error)
	DeleteContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)
	EnterContainer(ctx context.Context, sandboxID, containerID string, cmd types.Cmd) (VCSandbox, VCContainer, *Process, error)
	KillContainer(ctx context.Context, sandboxID, containerID string, signal syscall.Signal, all bool) error
	StartContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)
	StatusContainer(ctx context.Context, sandboxID, containerID string) (ContainerStatus, error)
	StatsContainer(ctx context.Context, sandboxID, containerID string) (ContainerStats, error)
	StatsSandbox(ctx context.Context, sandboxID string) (SandboxStats, []ContainerStats, error)
	StopContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)
	ProcessListContainer(ctx context.Context, sandboxID, containerID string, options ProcessListOptions) (ProcessList, error)
	UpdateContainer(ctx context.Context, sandboxID, containerID string, resources specs.LinuxResources) error
	PauseContainer(ctx context.Context, sandboxID, containerID string) error
	ResumeContainer(ctx context.Context, sandboxID, containerID string) error

	AddDevice(ctx context.Context, sandboxID string, info config.DeviceInfo) (api.Device, error)

	AddInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)
	RemoveInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)
	ListInterfaces(ctx context.Context, sandboxID string) ([]*vcTypes.Interface, error)
	UpdateRoutes(ctx context.Context, sandboxID string, routes []*vcTypes.Route) ([]*vcTypes.Route, error)
	ListRoutes(ctx context.Context, sandboxID string) ([]*vcTypes.Route, error)

	CleanupContainer(ctx context.Context, sandboxID, containerID string, force bool) error
}

VC is the Virtcontainers interface

type VCContainer

type VCContainer interface {
	GetAnnotations() map[string]string
	GetPid() int
	GetToken() string
	ID() string
	Sandbox() VCSandbox
	Process() Process
}

VCContainer is the Container interface (required since virtcontainers.Container only contains private fields)

func DeleteContainer

func DeleteContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

DeleteContainer is the virtcontainers container deletion entry point. DeleteContainer deletes a Container from a Sandbox. If the container is running, it needs to be stopped first.

func StartContainer

func StartContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

StartContainer is the virtcontainers container starting entry point. StartContainer starts an already created container.

func StopContainer

func StopContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

StopContainer is the virtcontainers container stopping entry point. StopContainer stops an already running container.

type VCImpl

type VCImpl struct {
	// contains filtered or unexported fields
}

VCImpl is the official virtcontainers function of the same name.

func (*VCImpl) AddDevice

func (impl *VCImpl) AddDevice(ctx context.Context, sandboxID string, info config.DeviceInfo) (api.Device, error)

AddDevice will add a device to sandbox

func (*VCImpl) AddInterface

func (impl *VCImpl) AddInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)

AddInterface implements the VC function of the same name.

func (*VCImpl) CleanupContainer

func (impl *VCImpl) CleanupContainer(ctx context.Context, sandboxID, containerID string, force bool) error

CleanupContaienr is used by shimv2 to stop and delete a container exclusively, once there is no container in the sandbox left, do stop the sandbox and delete it. Those serial operations will be done exclusively by locking the sandbox.

func (*VCImpl) CreateContainer

func (impl *VCImpl) CreateContainer(ctx context.Context, sandboxID string, containerConfig ContainerConfig) (VCSandbox, VCContainer, error)

CreateContainer implements the VC function of the same name.

func (*VCImpl) CreateSandbox

func (impl *VCImpl) CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error)

CreateSandbox implements the VC function of the same name.

func (*VCImpl) DeleteContainer

func (impl *VCImpl) DeleteContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

DeleteContainer implements the VC function of the same name.

func (*VCImpl) DeleteSandbox

func (impl *VCImpl) DeleteSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

DeleteSandbox implements the VC function of the same name.

func (*VCImpl) EnterContainer

func (impl *VCImpl) EnterContainer(ctx context.Context, sandboxID, containerID string, cmd types.Cmd) (VCSandbox, VCContainer, *Process, error)

EnterContainer implements the VC function of the same name.

func (*VCImpl) FetchSandbox

func (impl *VCImpl) FetchSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

FetchSandbox will find out and connect to an existing sandbox and return the sandbox structure.

func (*VCImpl) KillContainer

func (impl *VCImpl) KillContainer(ctx context.Context, sandboxID, containerID string, signal syscall.Signal, all bool) error

KillContainer implements the VC function of the same name.

func (*VCImpl) ListInterfaces

func (impl *VCImpl) ListInterfaces(ctx context.Context, sandboxID string) ([]*vcTypes.Interface, error)

ListInterfaces implements the VC function of the same name.

func (*VCImpl) ListRoutes

func (impl *VCImpl) ListRoutes(ctx context.Context, sandboxID string) ([]*vcTypes.Route, error)

ListRoutes implements the VC function of the same name.

func (*VCImpl) ListSandbox

func (impl *VCImpl) ListSandbox(ctx context.Context) ([]SandboxStatus, error)

ListSandbox implements the VC function of the same name.

func (*VCImpl) PauseContainer

func (impl *VCImpl) PauseContainer(ctx context.Context, sandboxID, containerID string) error

PauseContainer implements the VC function of the same name.

func (*VCImpl) ProcessListContainer

func (impl *VCImpl) ProcessListContainer(ctx context.Context, sandboxID, containerID string, options ProcessListOptions) (ProcessList, error)

ProcessListContainer implements the VC function of the same name.

func (*VCImpl) RemoveInterface

func (impl *VCImpl) RemoveInterface(ctx context.Context, sandboxID string, inf *vcTypes.Interface) (*vcTypes.Interface, error)

RemoveInterface implements the VC function of the same name.

func (*VCImpl) ResumeContainer

func (impl *VCImpl) ResumeContainer(ctx context.Context, sandboxID, containerID string) error

ResumeContainer implements the VC function of the same name.

func (*VCImpl) RunSandbox

func (impl *VCImpl) RunSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error)

RunSandbox implements the VC function of the same name.

func (*VCImpl) SetFactory

func (impl *VCImpl) SetFactory(ctx context.Context, factory Factory)

SetFactory implements the VC function of the same name.

func (*VCImpl) SetLogger

func (impl *VCImpl) SetLogger(ctx context.Context, logger *logrus.Entry)

SetLogger implements the VC function of the same name.

func (*VCImpl) StartContainer

func (impl *VCImpl) StartContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

StartContainer implements the VC function of the same name.

func (*VCImpl) StartSandbox

func (impl *VCImpl) StartSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

StartSandbox implements the VC function of the same name.

func (*VCImpl) StatsContainer

func (impl *VCImpl) StatsContainer(ctx context.Context, sandboxID, containerID string) (ContainerStats, error)

StatsContainer implements the VC function of the same name.

func (*VCImpl) StatsSandbox

func (impl *VCImpl) StatsSandbox(ctx context.Context, sandboxID string) (SandboxStats, []ContainerStats, error)

StatsSandbox implements the VC function of the same name.

func (*VCImpl) StatusContainer

func (impl *VCImpl) StatusContainer(ctx context.Context, sandboxID, containerID string) (ContainerStatus, error)

StatusContainer implements the VC function of the same name.

func (*VCImpl) StatusSandbox

func (impl *VCImpl) StatusSandbox(ctx context.Context, sandboxID string) (SandboxStatus, error)

StatusSandbox implements the VC function of the same name.

func (*VCImpl) StopContainer

func (impl *VCImpl) StopContainer(ctx context.Context, sandboxID, containerID string) (VCContainer, error)

StopContainer implements the VC function of the same name.

func (*VCImpl) StopSandbox

func (impl *VCImpl) StopSandbox(ctx context.Context, sandboxID string, force bool) (VCSandbox, error)

StopSandbox implements the VC function of the same name.

func (*VCImpl) UpdateContainer

func (impl *VCImpl) UpdateContainer(ctx context.Context, sandboxID, containerID string, resources specs.LinuxResources) error

UpdateContainer implements the VC function of the same name.

func (*VCImpl) UpdateRoutes

func (impl *VCImpl) UpdateRoutes(ctx context.Context, sandboxID string, routes []*vcTypes.Route) ([]*vcTypes.Route, error)

UpdateRoutes implements the VC function of the same name.

type VCSandbox

type VCSandbox interface {
	Annotations(key string) (string, error)
	GetNetNs() string
	GetAllContainers() []VCContainer
	GetAnnotations() map[string]string
	GetContainer(containerID string) VCContainer
	ID() string
	SetAnnotations(annotations map[string]string) error

	Start() error
	Stop(force bool) error
	Release() error
	Monitor() (chan error, error)
	Delete() error
	Status() SandboxStatus
	CreateContainer(contConfig ContainerConfig) (VCContainer, error)
	DeleteContainer(contID string) (VCContainer, error)
	StartContainer(containerID string) (VCContainer, error)
	StopContainer(containerID string, force bool) (VCContainer, error)
	KillContainer(containerID string, signal syscall.Signal, all bool) error
	StatusContainer(containerID string) (ContainerStatus, error)
	StatsContainer(containerID string) (ContainerStats, error)
	PauseContainer(containerID string) error
	ResumeContainer(containerID string) error
	EnterContainer(containerID string, cmd types.Cmd) (VCContainer, *Process, error)
	UpdateContainer(containerID string, resources specs.LinuxResources) error
	ProcessListContainer(containerID string, options ProcessListOptions) (ProcessList, error)
	WaitProcess(containerID, processID string) (int32, error)
	SignalProcess(containerID, processID string, signal syscall.Signal, all bool) error
	WinsizeProcess(containerID, processID string, height, width uint32) error
	IOStream(containerID, processID string) (io.WriteCloser, io.Reader, io.Reader, error)

	AddDevice(info config.DeviceInfo) (api.Device, error)

	AddInterface(inf *vcTypes.Interface) (*vcTypes.Interface, error)
	RemoveInterface(inf *vcTypes.Interface) (*vcTypes.Interface, error)
	ListInterfaces() ([]*vcTypes.Interface, error)
	UpdateRoutes(routes []*vcTypes.Route) ([]*vcTypes.Route, error)
	ListRoutes() ([]*vcTypes.Route, error)

	GetOOMEvent() (string, error)
}

VCSandbox is the Sandbox interface (required since virtcontainers.Sandbox only contains private fields)

func CreateSandbox

func CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig, factory Factory) (VCSandbox, error)

CreateSandbox is the virtcontainers sandbox creation entry point. CreateSandbox creates a sandbox and its containers. It does not start them.

func DeleteSandbox

func DeleteSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

DeleteSandbox is the virtcontainers sandbox deletion entry point. DeleteSandbox will stop an already running container and then delete it.

func FetchSandbox

func FetchSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

FetchSandbox is the virtcontainers sandbox fetching entry point. FetchSandbox will find out and connect to an existing sandbox and return the sandbox structure. The caller is responsible of calling VCSandbox.Release() after done with it.

func RunSandbox

func RunSandbox(ctx context.Context, sandboxConfig SandboxConfig, factory Factory) (VCSandbox, error)

RunSandbox is the virtcontainers sandbox running entry point. RunSandbox creates a sandbox and its containers and then it starts them.

func StartSandbox

func StartSandbox(ctx context.Context, sandboxID string) (VCSandbox, error)

StartSandbox is the virtcontainers sandbox starting entry point. StartSandbox will talk to the given hypervisor to start an existing sandbox and all its containers. It returns the sandbox ID.

func StopSandbox

func StopSandbox(ctx context.Context, sandboxID string, force bool) (VCSandbox, error)

StopSandbox is the virtcontainers sandbox stopping entry point. StopSandbox will talk to the given agent to stop an existing sandbox and destroy all containers within that sandbox.

type VM

type VM struct {
	// contains filtered or unexported fields
}

VM is abstraction of a virtual machine.

func NewVM

func NewVM(ctx context.Context, config VMConfig) (*VM, error)

NewVM creates a new VM based on provided VMConfig.

func NewVMFromGrpc

func NewVMFromGrpc(ctx context.Context, v *pb.GrpcVM, config VMConfig) (*VM, error)

NewVMFromGrpc creates a new VM based on provided pb.GrpcVM and VMConfig.

func (*VM) AddCPUs

func (v *VM) AddCPUs(num uint32) error

AddCPUs adds num of CPUs to the VM.

func (*VM) AddMemory

func (v *VM) AddMemory(numMB uint32) error

AddMemory adds numMB of memory to the VM.

func (*VM) Disconnect

func (v *VM) Disconnect() error

Disconnect agent and proxy connections to a VM

func (*VM) GetVMStatus

func (v *VM) GetVMStatus() *pb.GrpcVMStatus

func (*VM) OnlineCPUMemory

func (v *VM) OnlineCPUMemory() error

OnlineCPUMemory puts the hotplugged CPU and memory online.

func (*VM) Pause

func (v *VM) Pause() error

Pause pauses a VM.

func (*VM) ReseedRNG

func (v *VM) ReseedRNG() error

ReseedRNG adds random entropy to guest random number generator and reseeds it.

func (*VM) Resume

func (v *VM) Resume() error

Resume resumes a paused VM.

func (*VM) Save

func (v *VM) Save() error

Save saves a VM to persistent disk.

func (*VM) Start

func (v *VM) Start() error

Start kicks off a configured VM.

func (*VM) Stop

func (v *VM) Stop() error

Stop stops a VM process.

func (*VM) SyncTime

func (v *VM) SyncTime() error

SyncTime syncs guest time with host time.

func (*VM) ToGrpc

func (v *VM) ToGrpc(config VMConfig) (*pb.GrpcVM, error)

ToGrpc convert VM struct to Grpc format pb.GrpcVM.

type VMConfig

type VMConfig struct {
	HypervisorType   HypervisorType
	HypervisorConfig HypervisorConfig

	AgentType   AgentType
	AgentConfig interface{}

	ProxyType   ProxyType
	ProxyConfig ProxyConfig
}

VMConfig is a collection of all info that a new blackbox VM needs.

func GrpcToVMConfig

func GrpcToVMConfig(j *pb.GrpcVMConfig) (*VMConfig, error)

GrpcToVMConfig convert grpc format pb.GrpcVMConfig to VMConfig struct.

func (*VMConfig) ToGrpc

func (c *VMConfig) ToGrpc() (*pb.GrpcVMConfig, error)

ToGrpc convert VMConfig struct to grpc format pb.GrpcVMConfig.

func (*VMConfig) Valid

func (c *VMConfig) Valid() error

Valid check VMConfig validity.

type VethEndpoint

type VethEndpoint struct {
	NetPair            NetworkInterfacePair
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

VethEndpoint gathers a network pair and its properties.

func (*VethEndpoint) Attach

func (endpoint *VethEndpoint) Attach(s *Sandbox) error

Attach for veth endpoint bridges the network pair and adds the tap interface of the network pair to the hypervisor.

func (*VethEndpoint) Detach

func (endpoint *VethEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for the veth endpoint tears down the tap and bridge created for the veth interface.

func (*VethEndpoint) HardwareAddr

func (endpoint *VethEndpoint) HardwareAddr() string

HardwareAddr returns the mac address that is assigned to the tap interface in th network pair.

func (*VethEndpoint) HotAttach

func (endpoint *VethEndpoint) HotAttach(h hypervisor) error

HotAttach for the veth endpoint uses hot plug device

func (*VethEndpoint) HotDetach

func (endpoint *VethEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for the veth endpoint uses hot pull device

func (*VethEndpoint) Name

func (endpoint *VethEndpoint) Name() string

Name returns name of the veth interface in the network pair.

func (*VethEndpoint) NetworkPair

func (endpoint *VethEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*VethEndpoint) PciAddr

func (endpoint *VethEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*VethEndpoint) Properties

func (endpoint *VethEndpoint) Properties() NetworkInfo

Properties returns properties for the veth interface in the network pair.

func (*VethEndpoint) SetPciAddr

func (endpoint *VethEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*VethEndpoint) SetProperties

func (endpoint *VethEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties for the endpoint.

func (*VethEndpoint) Type

func (endpoint *VethEndpoint) Type() EndpointType

Type identifies the endpoint as a veth endpoint.

type VhostUserEndpoint

type VhostUserEndpoint struct {
	// Path to the vhost-user socket on the host system
	SocketPath string
	// MAC address of the interface
	HardAddr           string
	IfaceName          string
	EndpointProperties NetworkInfo
	EndpointType       EndpointType
	PCIAddr            string
}

VhostUserEndpoint represents a vhost-user socket based network interface

func (*VhostUserEndpoint) Attach

func (endpoint *VhostUserEndpoint) Attach(s *Sandbox) error

Attach for vhostuser endpoint

func (*VhostUserEndpoint) Detach

func (endpoint *VhostUserEndpoint) Detach(netNsCreated bool, netNsPath string) error

Detach for vhostuser endpoint

func (*VhostUserEndpoint) HardwareAddr

func (endpoint *VhostUserEndpoint) HardwareAddr() string

HardwareAddr returns the mac address of the vhostuser network interface

func (*VhostUserEndpoint) HotAttach

func (endpoint *VhostUserEndpoint) HotAttach(h hypervisor) error

HotAttach for vhostuser endpoint not supported yet

func (*VhostUserEndpoint) HotDetach

func (endpoint *VhostUserEndpoint) HotDetach(h hypervisor, netNsCreated bool, netNsPath string) error

HotDetach for vhostuser endpoint not supported yet

func (*VhostUserEndpoint) Name

func (endpoint *VhostUserEndpoint) Name() string

Name returns name of the interface.

func (*VhostUserEndpoint) NetworkPair

func (endpoint *VhostUserEndpoint) NetworkPair() *NetworkInterfacePair

NetworkPair returns the network pair of the endpoint.

func (*VhostUserEndpoint) PciAddr

func (endpoint *VhostUserEndpoint) PciAddr() string

PciAddr returns the PCI address of the endpoint.

func (*VhostUserEndpoint) Properties

func (endpoint *VhostUserEndpoint) Properties() NetworkInfo

Properties returns the properties of the interface.

func (*VhostUserEndpoint) SetPciAddr

func (endpoint *VhostUserEndpoint) SetPciAddr(pciAddr string)

SetPciAddr sets the PCI address of the endpoint.

func (*VhostUserEndpoint) SetProperties

func (endpoint *VhostUserEndpoint) SetProperties(properties NetworkInfo)

SetProperties sets the properties of the endpoint.

func (*VhostUserEndpoint) Type

func (endpoint *VhostUserEndpoint) Type() EndpointType

Type indentifies the endpoint as a vhostuser endpoint.

type Virtiofsd

type Virtiofsd interface {
	// Start virtiofsd, return pid of virtiofsd process
	Start(context.Context) (pid int, err error)
	// Stop virtiofsd process
	Stop() error
}

Directories

Path Synopsis
device
api
hook
api
fs
pkg
oci
uuid
Package uuid can be used to generate 128 bit UUIDs compatible with rfc4122.
Package uuid can be used to generate 128 bit UUIDs compatible with rfc4122.
shim

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL