Documentation ¶
Index ¶
- func DefaultCreateCommand(container *libcontainer.Container, console, rootfs, dataPath, init string, ...) *exec.Cmd
- func DeletePid(path string) error
- func Exec(container *libcontainer.Container, term Terminal, rootfs, dataPath string, ...) (int, error)
- func ExecIn(container *libcontainer.Container, nspid int, args []string) error
- func FinalizeNamespace(container *libcontainer.Container) error
- func GetNamespaceFlags(namespaces map[string]bool) (flag int)
- func Init(container *libcontainer.Container, uncleanRootfs, consolePath string, ...) error
- func InitializeNetworking(container *libcontainer.Container, nspid int, pipe *SyncPipe) error
- func LoadContainerEnvironment(container *libcontainer.Container) error
- func NsEnter(container *libcontainer.Container, nspid int, args []string) error
- func RestoreParentDeathSignal(old int) error
- func SetupCgroups(container *libcontainer.Container, nspid int) (cgroups.ActiveCgroup, error)
- func SetupUser(u string) error
- func WritePid(path string, pid int, startTime string) error
- type CreateCommand
- type StdTerminal
- type SyncPipe
- type Terminal
- type TtyTerminal
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultCreateCommand ¶
func DefaultCreateCommand(container *libcontainer.Container, console, rootfs, dataPath, init string, pipe *os.File, args []string) *exec.Cmd
DefaultCreateCommand will return an exec.Cmd with the Cloneflags set to the proper namespaces defined on the container's configuration and use the current binary as the init with the args provided
console: the /dev/console to setup inside the container init: the progam executed inside the namespaces root: the path to the container json file and information pipe: sync pipe to syncronize the parent and child processes args: the arguemnts to pass to the container to run as the user's program
func DeletePid ¶
DeletePid removes the pid and started file from disk when the container's process dies and the container is cleanly removed
func Exec ¶
func Exec(container *libcontainer.Container, term Terminal, rootfs, dataPath string, args []string, createCommand CreateCommand, startCallback func()) (int, error)
Exec performes setup outside of a namespace so that a container can be executed. Exec is a high level function for working with container namespaces.
func ExecIn ¶
func ExecIn(container *libcontainer.Container, nspid int, args []string) error
ExecIn uses an existing pid and joins the pid's namespaces with the new command.
func FinalizeNamespace ¶
func FinalizeNamespace(container *libcontainer.Container) error
FinalizeNamespace drops the caps, sets the correct user and working dir, and closes any leaky file descriptors before execing the command inside the namespace
func GetNamespaceFlags ¶
GetNamespaceFlags parses the container's Namespaces options to set the correct flags on clone, unshare, and setns
func Init ¶
func Init(container *libcontainer.Container, uncleanRootfs, consolePath string, syncPipe *SyncPipe, args []string) error
Init is the init process that first runs inside a new namespace to setup mounts, users, networking, and other options required for the new container.
func InitializeNetworking ¶
func InitializeNetworking(container *libcontainer.Container, nspid int, pipe *SyncPipe) error
InitializeNetworking creates the container's network stack outside of the namespace and moves interfaces into the container's net namespaces if necessary
func LoadContainerEnvironment ¶
func LoadContainerEnvironment(container *libcontainer.Container) error
func NsEnter ¶
func NsEnter(container *libcontainer.Container, nspid int, args []string) error
NsEnter is run after entering the namespace.
func RestoreParentDeathSignal ¶
RestoreParentDeathSignal sets the parent death signal to old.
func SetupCgroups ¶
func SetupCgroups(container *libcontainer.Container, nspid int) (cgroups.ActiveCgroup, error)
SetupCgroups applies the cgroup restrictions to the process running in the contaienr based on the container's configuration
Types ¶
type CreateCommand ¶
type StdTerminal ¶
type StdTerminal struct {
// contains filtered or unexported fields
}
func (*StdTerminal) Close ¶
func (s *StdTerminal) Close() error
func (*StdTerminal) Resize ¶
func (s *StdTerminal) Resize(h, w int) error
func (*StdTerminal) SetMaster ¶
func (s *StdTerminal) SetMaster(*os.File)
type SyncPipe ¶
type SyncPipe struct {
// contains filtered or unexported fields
}
SyncPipe allows communication to and from the child processes to it's parent and allows the two independent processes to syncronize their state.
func NewSyncPipe ¶
func NewSyncPipeFromFd ¶
func (*SyncPipe) ReadFromParent ¶
func (s *SyncPipe) ReadFromParent() (libcontainer.Context, error)
func (*SyncPipe) SendToChild ¶
func (s *SyncPipe) SendToChild(context libcontainer.Context) error
type Terminal ¶
type TtyTerminal ¶
type TtyTerminal struct {
// contains filtered or unexported fields
}
func (*TtyTerminal) Close ¶
func (t *TtyTerminal) Close() error
func (*TtyTerminal) Resize ¶
func (t *TtyTerminal) Resize(h, w int) error
func (*TtyTerminal) SetMaster ¶
func (t *TtyTerminal) SetMaster(master *os.File)