Documentation
¶
Overview ¶
Container jobs control container related actions on a server. Each request object has a default implementation on Linux via systemd, and a structured response if necessary. The Execute() method is separated so that client code and server code can share common sanity checks.
Index ¶
- Constants
- Variables
- func Clean()
- func InitializeData() error
- func NewContainerExtension() jobs.JobExtension
- type BuildImageRequest
- type ContainerLogRequest
- type ContainerPortsRequest
- type ContainerPortsResponse
- type ContainerStatusRequest
- type ContainerUnitResponse
- type ContainerUnitResponses
- type ContentRequest
- type DeleteContainerRequest
- type InstallContainerRequest
- func (req *InstallContainerRequest) Check() error
- func (req *InstallContainerRequest) Execute(resp jobs.Response)
- func (j *InstallContainerRequest) Join(job jobs.Job, complete <-chan bool) (joined bool, done <-chan bool, err error)
- func (j *InstallContainerRequest) PortMappingsFrom(pending map[string]interface{}) (port.PortPairs, bool)
- type LinkContainersRequest
- type ListBuildsRequest
- type ListBuildsResponse
- type ListContainersRequest
- type ListContainersResponse
- type ListImagesRequest
- type ListServerContainersResponse
- type PatchEnvironmentRequest
- type PurgeContainersRequest
- type PutEnvironmentRequest
- type RestartContainerRequest
- type RunContainerRequest
- type StartedContainerStateRequest
- type StoppedContainerStateRequest
- type UnitResponse
- type UnitResponses
Constants ¶
const ContentTypeEnvironment = "env"
const PendingPortMappingName = "PortMapping"
Variables ¶
var ( ErrContainerNotFound = jobs.SimpleError{jobs.ResponseNotFound, "The specified container does not exist."} ErrContainerAlreadyExists = jobs.SimpleError{jobs.ResponseAlreadyExists, "A container with this identifier already exists."} ErrContainerStartFailed = jobs.SimpleError{jobs.ResponseError, "Unable to start this container."} ErrContainerStopFailed = jobs.SimpleError{jobs.ResponseError, "Unable to stop this container."} ErrContainerRestartFailed = jobs.SimpleError{jobs.ResponseError, "Unable to restart this container."} ErrEnvironmentNotFound = jobs.SimpleError{jobs.ResponseNotFound, "Unable to find the requested environment."} ErrEnvironmentUpdateFailed = jobs.SimpleError{jobs.ResponseError, "Unable to update the specified environment."} ErrListImagesFailed = jobs.SimpleError{jobs.ResponseError, "Unable to list docker images."} ErrListContainersFailed = jobs.SimpleError{jobs.ResponseError, "Unable to list the installed containers."} ErrStartRequestThrottled = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to start."} ErrStopRequestThrottled = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to stop."} ErrRestartRequestThrottled = jobs.SimpleError{jobs.ResponseRateLimit, "It has been too soon since the last request to restart or the state is currently changing."} ErrLinkContainersFailed = jobs.SimpleError{jobs.ResponseError, "Not all links could be set."} ErrDeleteContainerFailed = jobs.SimpleError{jobs.ResponseError, "Unable to delete the container."} ErrContainerCreateFailed = jobs.SimpleError{jobs.ResponseError, "Unable to create container."} ErrContainerCreateFailedPortsReserved = jobs.SimpleError{jobs.ResponseError, "Unable to create container: some ports could not be reserved."} )
Functions ¶
func InitializeData ¶
func InitializeData() error
func NewContainerExtension ¶
func NewContainerExtension() jobs.JobExtension
Return a job extension that casts requests directly to jobs TODO: Move implementation out of request object and into a
specific package
Types ¶
type BuildImageRequest ¶
type BuildImageRequest struct { Name string Source string Tag string BaseImage string RuntimeImage string Clean bool Verbose bool CallbackUrl string }
func (*BuildImageRequest) Check ¶
func (e *BuildImageRequest) Check() error
func (*BuildImageRequest) Execute ¶
func (j *BuildImageRequest) Execute(resp jobs.Response)
type ContainerLogRequest ¶
type ContainerLogRequest struct {
Id containers.Identifier
}
func (*ContainerLogRequest) Execute ¶
func (j *ContainerLogRequest) Execute(resp jobs.Response)
type ContainerPortsRequest ¶
type ContainerPortsRequest struct {
Id containers.Identifier
}
func (*ContainerPortsRequest) Execute ¶
func (j *ContainerPortsRequest) Execute(resp jobs.Response)
type ContainerPortsResponse ¶
type ContainerStatusRequest ¶
type ContainerStatusRequest struct {
Id containers.Identifier
}
func (*ContainerStatusRequest) Execute ¶
func (j *ContainerStatusRequest) Execute(resp jobs.Response)
type ContainerUnitResponse ¶
type ContainerUnitResponse struct { UnitResponse LoadState string JobType string `json:"JobType,omitempty"` // Used by consumers Server string `json:"Server,omitempty"` }
type ContainerUnitResponses ¶
type ContainerUnitResponses []ContainerUnitResponse
func (ContainerUnitResponses) Len ¶
func (c ContainerUnitResponses) Len() int
func (ContainerUnitResponses) Less ¶
func (c ContainerUnitResponses) Less(a, b int) bool
func (ContainerUnitResponses) Swap ¶
func (c ContainerUnitResponses) Swap(a, b int)
type ContentRequest ¶
func (*ContentRequest) Execute ¶
func (j *ContentRequest) Execute(resp jobs.Response)
func (*ContentRequest) Fast ¶
func (j *ContentRequest) Fast() bool
type DeleteContainerRequest ¶
type DeleteContainerRequest struct {
Id containers.Identifier
}
func (*DeleteContainerRequest) Execute ¶
func (j *DeleteContainerRequest) Execute(resp jobs.Response)
type InstallContainerRequest ¶
type InstallContainerRequest struct { jobs.RequestIdentifier `json:"-"` Id containers.Identifier Image string // A simple container is allowed to default to normal Docker // options like -P. If simple is true no user or home // directory is created and SSH is not available Simple bool // Should this container be run in an isolated fashion // (separate user, permission changes) Isolate bool // Should this container be run in a socket activated fashion // Implies Isolated (separate user, permission changes, // no port forwarding, socket activated). // If UseSocketProxy then socket files are proxies to the // appropriate port SocketActivation bool SkipSocketProxy bool Ports port.PortPairs Environment *containers.EnvironmentDescription NetworkLinks *containers.NetworkLinks // Should the container be started by default Started bool }
Installing a Container
This job will install a given container definition as a systemd service unit, or update the existing definition if one already exists.
There are a number of run modes for containers. Some options the caller must decide:
- Is the container transient? Should stop remove any data not in a volume - accomplished by running as a specific user, and by using 'docker run --rm' as ExecStart=
- Is the container isolated from the rest of the system? Some use cases involve the container having access to the host disk or sockets to perform system roles. Otherwise, where possible containers should be fully isolated from the host via SELinux, user namespaces, and capability dropping.
- Is the container hooked up to other containers? The defined unit should allow regular docker linking (name based pairing), the iptable-based SDN implemented here, and the propagation to the container environment of that configuration (whether as ENV vars or a file).
Isolated containers:
An isolated container runs in a way that protects it from other containers on the system. At a minimum today this means:
- Create a user to represent the container, and run the process in the container as that user. Avoids root compromise
- Assign a unique MCS category label to the container.
In the future the need for #1 is removed by user namespaces, although given the relative immaturity of that function in the kernel at the present time it is not considered sufficiently secure for production use.
func (*InstallContainerRequest) Check ¶
func (req *InstallContainerRequest) Check() error
func (*InstallContainerRequest) Execute ¶
func (req *InstallContainerRequest) Execute(resp jobs.Response)
func (*InstallContainerRequest) PortMappingsFrom ¶
func (j *InstallContainerRequest) PortMappingsFrom(pending map[string]interface{}) (port.PortPairs, bool)
type LinkContainersRequest ¶
type LinkContainersRequest struct {
*containers.ContainerLinks
}
func (*LinkContainersRequest) Execute ¶
func (j *LinkContainersRequest) Execute(resp jobs.Response)
type ListBuildsRequest ¶
type ListBuildsRequest struct{}
func (*ListBuildsRequest) Execute ¶
func (j *ListBuildsRequest) Execute(resp jobs.Response)
type ListBuildsResponse ¶
type ListBuildsResponse struct {
Builds UnitResponses
}
type ListContainersRequest ¶
type ListContainersRequest struct { }
func (*ListContainersRequest) Execute ¶
func (j *ListContainersRequest) Execute(resp jobs.Response)
type ListContainersResponse ¶
type ListContainersResponse struct {
Containers ContainerUnitResponses
}
func (*ListContainersResponse) Append ¶
func (r *ListContainersResponse) Append(other *ListContainersResponse)
func (*ListContainersResponse) Sort ¶
func (r *ListContainersResponse) Sort()
func (*ListContainersResponse) WriteTableTo ¶
func (l *ListContainersResponse) WriteTableTo(w io.Writer) error
type ListImagesRequest ¶
type ListImagesRequest struct {
DockerSocket string
}
func (*ListImagesRequest) Execute ¶
func (j *ListImagesRequest) Execute(resp jobs.Response)
type ListServerContainersResponse ¶
type ListServerContainersResponse struct {
ListContainersResponse
}
func (*ListServerContainersResponse) WriteTableTo ¶
func (l *ListServerContainersResponse) WriteTableTo(w io.Writer) error
type PatchEnvironmentRequest ¶
type PatchEnvironmentRequest struct {
containers.EnvironmentDescription
}
func (*PatchEnvironmentRequest) Execute ¶
func (j *PatchEnvironmentRequest) Execute(resp jobs.Response)
type PurgeContainersRequest ¶
type PurgeContainersRequest struct{}
func (*PurgeContainersRequest) Execute ¶
func (p *PurgeContainersRequest) Execute(res jobs.Response)
type PutEnvironmentRequest ¶
type PutEnvironmentRequest struct {
containers.EnvironmentDescription
}
func (*PutEnvironmentRequest) Execute ¶
func (j *PutEnvironmentRequest) Execute(resp jobs.Response)
type RestartContainerRequest ¶
type RestartContainerRequest struct {
Id containers.Identifier
}
func (*RestartContainerRequest) Execute ¶
func (j *RestartContainerRequest) Execute(resp jobs.Response)
type RunContainerRequest ¶
func (*RunContainerRequest) Check ¶
func (e *RunContainerRequest) Check() error
func (*RunContainerRequest) Execute ¶
func (j *RunContainerRequest) Execute(resp jobs.Response)
func (*RunContainerRequest) UnitCommand ¶
func (j *RunContainerRequest) UnitCommand() []string
type StartedContainerStateRequest ¶
type StartedContainerStateRequest struct {
Id containers.Identifier
}
func (*StartedContainerStateRequest) Execute ¶
func (j *StartedContainerStateRequest) Execute(resp jobs.Response)
type StoppedContainerStateRequest ¶
type StoppedContainerStateRequest struct {
Id containers.Identifier
}
func (*StoppedContainerStateRequest) Execute ¶
func (j *StoppedContainerStateRequest) Execute(resp jobs.Response)
type UnitResponse ¶
type UnitResponses ¶
type UnitResponses []UnitResponse
func (UnitResponses) Len ¶
func (c UnitResponses) Len() int
func (UnitResponses) Less ¶
func (c UnitResponses) Less(a, b int) bool
func (UnitResponses) Swap ¶
func (c UnitResponses) Swap(a, b int)