Documentation ¶
Overview ¶
Package sandbox creates and manipulates sandboxes.
Index ¶
- type Args
- type Sandbox
- func (s *Sandbox) BlockProfile(f *os.File, duration time.Duration) error
- func (s *Sandbox) CPUProfile(f *os.File, duration time.Duration) error
- func (s *Sandbox) ChangeLogging(args control.LoggingArgs) error
- func (s *Sandbox) Checkpoint(cid string, f *os.File) error
- func (s *Sandbox) CreateContainer(cid string, tty *os.File) error
- func (s *Sandbox) DestroyContainer(cid string) error
- func (s *Sandbox) Event(cid string) (*boot.Event, error)
- func (s *Sandbox) Execute(args *control.ExecArgs) (int32, error)
- func (s *Sandbox) HeapProfile(f *os.File, delay time.Duration) error
- func (s *Sandbox) IsRootContainer(cid string) bool
- func (s *Sandbox) IsRunning() bool
- func (s *Sandbox) MutexProfile(f *os.File, duration time.Duration) error
- func (s *Sandbox) Pause(cid string) error
- func (s *Sandbox) Processes(cid string) ([]*control.Process, error)
- func (s *Sandbox) Restore(cid string, spec *specs.Spec, conf *config.Config, filename string) error
- func (s *Sandbox) Resume(cid string) error
- func (s *Sandbox) SignalContainer(cid string, sig syscall.Signal, all bool) error
- func (s *Sandbox) SignalProcess(cid string, pid int32, sig syscall.Signal, fgProcess bool) error
- func (s *Sandbox) Stacks() (string, error)
- func (s *Sandbox) StartContainer(spec *specs.Spec, conf *config.Config, cid string, ...) error
- func (s *Sandbox) StartRoot(spec *specs.Spec, conf *config.Config) error
- func (s *Sandbox) Trace(f *os.File, duration time.Duration) error
- func (s *Sandbox) Wait(cid string) (syscall.WaitStatus, error)
- func (s *Sandbox) WaitPID(cid string, pid int32) (syscall.WaitStatus, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Args ¶
type Args struct { // ID is the sandbox unique identifier. ID string // Spec is the OCI spec that describes the container. Spec *specs.Spec // BundleDir is the directory containing the container bundle. BundleDir string // ConsoleSocket is the path to a unix domain socket that will receive // the console FD. It may be empty. ConsoleSocket string // UserLog is the filename to send user-visible logs to. It may be empty. UserLog string // IOFiles is the list of files that connect to a 9P endpoint for the mounts // points using Gofers. They must be in the same order as mounts appear in // the spec. IOFiles []*os.File // MountsFile is a file container mount information from the spec. It's // equivalent to the mounts from the spec, except that all paths have been // resolved to their final absolute location. MountsFile *os.File // Gcgroup is the cgroup that the sandbox is part of. Cgroup *cgroup.Cgroup // Attached indicates that the sandbox lifecycle is attached with the caller. // If the caller exits, the sandbox should exit too. Attached bool }
Args is used to configure a new sandbox.
type Sandbox ¶
type Sandbox struct { // ID is the id of the sandbox (immutable). By convention, this is the same // ID as the first container run in the sandbox. ID string `json:"id"` // Pid is the pid of the running sandbox (immutable). May be 0 if the sandbox // is not running. Pid int `json:"pid"` // Cgroup has the cgroup configuration for the sandbox. Cgroup *cgroup.Cgroup `json:"cgroup"` // OriginalOOMScoreAdj stores the value of oom_score_adj when the sandbox // started, before it may be modified. OriginalOOMScoreAdj int `json:"originalOomScoreAdj"` // contains filtered or unexported fields }
Sandbox wraps a sandbox process.
It is used to start/stop sandbox process (and associated processes like gofers), as well as for running and manipulating containers inside a running sandbox.
Note: Sandbox must be immutable because a copy of it is saved for each container and changes would not be synchronized to all of them.
func (*Sandbox) BlockProfile ¶
BlockProfile writes a block profile to the given file.
func (*Sandbox) CPUProfile ¶
CPUProfile collects a CPU profile.
func (*Sandbox) ChangeLogging ¶
func (s *Sandbox) ChangeLogging(args control.LoggingArgs) error
ChangeLogging changes logging options.
func (*Sandbox) Checkpoint ¶
Checkpoint sends the checkpoint call for a container in the sandbox. The statefile will be written to f.
func (*Sandbox) CreateContainer ¶
CreateContainer creates a non-root container inside the sandbox.
func (*Sandbox) DestroyContainer ¶
DestroyContainer destroys the given container. If it is the root container, then the entire sandbox is destroyed.
func (*Sandbox) Execute ¶
Execute runs the specified command in the container. It returns the PID of the newly created process.
func (*Sandbox) HeapProfile ¶
HeapProfile writes a heap profile to the given file.
func (*Sandbox) IsRootContainer ¶
IsRootContainer returns true if the specified container ID belongs to the root container.
func (*Sandbox) MutexProfile ¶
MutexProfile writes a mutex profile to the given file.
func (*Sandbox) Processes ¶
Processes retrieves the list of processes and associated metadata for a given container in this sandbox.
func (*Sandbox) SignalContainer ¶
SignalContainer sends the signal to a container in the sandbox. If all is true and signal is SIGKILL, then waits for all processes to exit before returning.
func (*Sandbox) SignalProcess ¶
SignalProcess sends the signal to a particular process in the container. If fgProcess is true, then the signal is sent to the foreground process group in the same session that PID belongs to. This is only valid if the process is attached to a host TTY.
func (*Sandbox) StartContainer ¶
func (s *Sandbox) StartContainer(spec *specs.Spec, conf *config.Config, cid string, stdios, goferFiles []*os.File) error
StartContainer starts running a non-root container inside the sandbox.