system

package
v0.0.0-...-4f3658d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2020 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultReporter = &StreamReporter{
	WriteStream: os.Stdout,
}

DefaultReporter is the default Reporter

View Source
var DefaultSysSpec = SysSpec{
	OS: "Linux",
	KernelSpec: KernelSpec{
		Versions: []string{`3\.[1-9][0-9].*`, `4\..*`},

		Required: []KernelConfig{
			{Name: "NAMESPACES"},
			{Name: "NET_NS"},
			{Name: "PID_NS"},
			{Name: "IPC_NS"},
			{Name: "UTS_NS"},
			{Name: "CGROUPS"},
			{Name: "CGROUP_CPUACCT"},
			{Name: "CGROUP_DEVICE"},
			{Name: "CGROUP_FREEZER"},
			{Name: "CGROUP_SCHED"},
			{Name: "CPUSETS"},
			{Name: "MEMCG"},
			{Name: "INET"},
			{Name: "EXT4_FS"},
			{Name: "PROC_FS"},
			{Name: "NETFILTER_XT_TARGET_REDIRECT", Aliases: []string{"IP_NF_TARGET_REDIRECT"}},
			{Name: "NETFILTER_XT_MATCH_COMMENT"},
		},
		Optional: []KernelConfig{
			{Name: "OVERLAY_FS", Aliases: []string{"OVERLAYFS_FS"}, Description: "Required for overlayfs."},
			{Name: "AUFS_FS", Description: "Required for aufs."},
			{Name: "BLK_DEV_DM", Description: "Required for devicemapper."},
		},
		Forbidden: []KernelConfig{},
	},
	Cgroups: []string{"cpu", "cpuacct", "cpuset", "devices", "freezer", "memory"},
	RuntimeSpec: RuntimeSpec{
		DockerSpec: &DockerSpec{
			Version: []string{`1\.(9|1[0-2])\..*`},

			GraphDriver: []string{"aufs", "overlay", "devicemapper"},
		},
	},
}

DefaultSysSpec is the default SysSpec.

Functions

func Validate

func Validate(spec SysSpec, validators []Validator) (error, error)

Validate uses validators to validate the system and returns a warning or error.

func ValidateDefault

func ValidateDefault(runtime string) (error, error)

ValidateDefault uses all default validators to validate the system and writes to stdout.

Types

type CgroupsValidator

type CgroupsValidator struct {
	Reporter Reporter
}

func (*CgroupsValidator) Name

func (c *CgroupsValidator) Name() string

func (*CgroupsValidator) Validate

func (c *CgroupsValidator) Validate(spec SysSpec) (error, error)

type DockerSpec

type DockerSpec struct {
	// Version is a group of regex matching supported docker versions.
	Version []string
	// GraphDriver is the graph drivers supported by kubelet.
	GraphDriver []string
}

DockerSpec defines the requirement configuration for docker. Currently, it only contains spec for graph driver.

type DockerValidator

type DockerValidator struct {
	Reporter Reporter
}

DockerValidator validates docker configuration.

func (*DockerValidator) Name

func (d *DockerValidator) Name() string

func (*DockerValidator) Validate

func (d *DockerValidator) Validate(spec SysSpec) (error, error)

TODO(random-liu): Add more validating items.

type KernelConfig

type KernelConfig struct {
	// Name is the general name of the kernel configuration. It is used to
	// match kernel configuration.
	Name string
	// Aliases are aliases of the kernel configuration. Some configuration
	// has different names in different kernel version. Names of different
	// versions will be treated as aliases.
	Aliases []string
	// Description is the description of the kernel configuration, for example:
	//  * What is it used for?
	//  * Why is it needed?
	//  * Who needs it?
	Description string
}

KernelConfig defines one kernel configration item.

type KernelSpec

type KernelSpec struct {
	// Versions define supported kernel version. It is a group of regexps.
	Versions []string
	// Required contains all kernel configurations required to be enabled
	// (built in or as module).
	Required []KernelConfig
	// Optional contains all kernel configurations are required for optional
	// features.
	Optional []KernelConfig
	// Forbidden contains all kernel configurations which areforbidden (disabled
	// or not set)
	Forbidden []KernelConfig
}

KernelSpec defines the specification for the kernel. Currently, it contains specification for:

  • Kernel Version
  • Kernel Configuration

type KernelValidator

type KernelValidator struct {
	Reporter Reporter
	// contains filtered or unexported fields
}

KernelValidator validates kernel. Currently only validate kernel version and kernel configuration.

func (*KernelValidator) Name

func (k *KernelValidator) Name() string

func (*KernelValidator) Validate

func (k *KernelValidator) Validate(spec SysSpec) (error, error)

type OSValidator

type OSValidator struct {
	Reporter Reporter
}

func (*OSValidator) Name

func (o *OSValidator) Name() string

func (*OSValidator) Validate

func (o *OSValidator) Validate(spec SysSpec) (error, error)

type Reporter

type Reporter interface {
	// Report reports the results of the system verification
	Report(string, string, ValidationResultType) error
}

Reporter is the interface for the reporters for the validators.

type RuntimeSpec

type RuntimeSpec struct {
	*DockerSpec
}

RuntimeSpec is the abstract layer for different runtimes. Different runtimes should put their spec inside the RuntimeSpec.

type StreamReporter

type StreamReporter struct {
	// The stream that this reporter is writing to
	WriteStream io.Writer
}

The default reporter for the system verification test

func (*StreamReporter) Report

func (dr *StreamReporter) Report(key, value string, resultType ValidationResultType) error

type SysSpec

type SysSpec struct {
	// OS is the operating system of the SysSpec.
	OS string
	// KernelConfig defines the spec for kernel.
	KernelSpec KernelSpec
	// Cgroups is the required cgroups.
	Cgroups []string
	// RuntimeSpec defines the spec for runtime.
	RuntimeSpec RuntimeSpec
}

SysSpec defines the requirement of supported system. Currently, it only contains spec for OS, Kernel and Cgroups.

type ValidationResultType

type ValidationResultType int32

ValidationResultType is type of the validation result. Different validation results corresponds to different colors.

type Validator

type Validator interface {
	// Name is the name of the validator.
	Name() string
	// Validate is the validate function.
	Validate(SysSpec) (error, error)
}

Validator is the interface for all validators.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL