singularity

package
v3.0.0-beta.1+incompat... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 25, 2018 License: BSD-3-Clause Imports: 40 Imported by: 0

Documentation

Index

Constants

View Source
const Name = "singularity"

Name is the name of the runtime.

Variables

This section is empty.

Functions

This section is empty.

Types

type EngineConfig

type EngineConfig struct {
	JSON      *JSONConfig      `json:"jsonConfig"`
	OciConfig *oci.Config      `json:"ociConfig"`
	File      *FileConfig      `json:"-"`
	Network   *network.Setup   `json:"-"`
	Cgroups   *cgroups.Manager `json:"-"`
}

EngineConfig stores both the JSONConfig and the FileConfig

func NewConfig

func NewConfig() *EngineConfig

NewConfig returns singularity.EngineConfig with a parsed FileConfig

func (*EngineConfig) GetAddCaps

func (e *EngineConfig) GetAddCaps() string

GetAddCaps retrieves bounding/effective/permitted/inheritable/ambient capabilities to add.

func (*EngineConfig) GetAllowSUID

func (e *EngineConfig) GetAllowSUID() bool

GetAllowSUID returns if allow-suid is set or not.

func (*EngineConfig) GetBindPath

func (e *EngineConfig) GetBindPath() []string

GetBindPath retrieves bind paths.

func (*EngineConfig) GetBootInstance

func (e *EngineConfig) GetBootInstance() bool

GetBootInstance returns if boot flag is set or not

func (*EngineConfig) GetCgroupsPath

func (e *EngineConfig) GetCgroupsPath() string

GetCgroupsPath returns path to cgroups profile

func (*EngineConfig) GetCommand

func (e *EngineConfig) GetCommand() string

GetCommand retrieves action command.

func (*EngineConfig) GetContain

func (e *EngineConfig) GetContain() bool

GetContain returns if contain flag is set or not.

func (*EngineConfig) GetCustomHome

func (e *EngineConfig) GetCustomHome() bool

GetCustomHome retrieves if home path is a custom path.

func (*EngineConfig) GetCwd

func (e *EngineConfig) GetCwd() string

GetCwd returns current working directory

func (*EngineConfig) GetDNS

func (e *EngineConfig) GetDNS() string

GetDNS retrieves list of DNS servers

func (*EngineConfig) GetDropCaps

func (e *EngineConfig) GetDropCaps() string

GetDropCaps retrieves bounding/effective/permitted/inheritable/ambient capabilities to drop.

func (*EngineConfig) GetHomeDest

func (e *EngineConfig) GetHomeDest() string

GetHomeDest retrieves the container home directory path.

func (*EngineConfig) GetHomeSource

func (e *EngineConfig) GetHomeSource() string

GetHomeSource retrieves the source home directory path.

func (*EngineConfig) GetHostname

func (e *EngineConfig) GetHostname() string

GetHostname retrieves hostname to use in containee.JSON.

func (*EngineConfig) GetImage

func (e *EngineConfig) GetImage() string

GetImage retrieves the container image path.

func (*EngineConfig) GetImageList

func (e *EngineConfig) GetImageList() []image.Image

GetImageList returns image list containing opened images

func (*EngineConfig) GetInstance

func (e *EngineConfig) GetInstance() bool

GetInstance returns if container run as instance or not.

func (*EngineConfig) GetInstanceJoin

func (e *EngineConfig) GetInstanceJoin() bool

GetInstanceJoin returns if process joins an instance or not.

func (*EngineConfig) GetKeepPrivs

func (e *EngineConfig) GetKeepPrivs() bool

GetKeepPrivs returns if keep-privs is set or not

func (*EngineConfig) GetNetwork

func (e *EngineConfig) GetNetwork() string

GetNetwork retrieves a list of commas separated networks configured in container

func (*EngineConfig) GetNetworkArgs

func (e *EngineConfig) GetNetworkArgs() []string

GetNetworkArgs retrieves network arguments passed to CNI plugins

func (*EngineConfig) GetNoHome

func (e *EngineConfig) GetNoHome() bool

GetNoHome returns if no-home flag is set or not

func (*EngineConfig) GetNoInit

func (e *EngineConfig) GetNoInit() bool

GetNoInit returns if noinit flag is set or not

func (*EngineConfig) GetNoPrivs

func (e *EngineConfig) GetNoPrivs() bool

GetNoPrivs returns if no-privs flag is set or not

func (*EngineConfig) GetNv

func (e *EngineConfig) GetNv() bool

GetNv returns if nv flag is set or not.

func (*EngineConfig) GetOpenFd

func (e *EngineConfig) GetOpenFd() []int

GetOpenFd returns the list of open file descriptor

func (*EngineConfig) GetOverlayImage

func (e *EngineConfig) GetOverlayImage() []string

GetOverlayImage retrieves the overlay image path.

func (*EngineConfig) GetScratchDir

func (e *EngineConfig) GetScratchDir() []string

GetScratchDir retrieves the scratch directory path.

func (*EngineConfig) GetSecurity

func (e *EngineConfig) GetSecurity() []string

GetSecurity returns security feature arguments

func (*EngineConfig) GetShell

func (e *EngineConfig) GetShell() string

GetShell retrieves shell for shell command.

func (*EngineConfig) GetTmpDir

func (e *EngineConfig) GetTmpDir() string

GetTmpDir retrieves temporary directory path.

func (*EngineConfig) GetWorkdir

func (e *EngineConfig) GetWorkdir() string

GetWorkdir retrieves the work directory path.

func (*EngineConfig) GetWritableImage

func (e *EngineConfig) GetWritableImage() bool

GetWritableImage returns if the container image is writable or not.

func (*EngineConfig) GetWritableTmpfs

func (e *EngineConfig) GetWritableTmpfs() bool

GetWritableTmpfs returns if writable tmpfs is set or no

func (*EngineConfig) SetAddCaps

func (e *EngineConfig) SetAddCaps(caps string)

SetAddCaps sets bounding/effective/permitted/inheritable/ambient capabilities to add.

func (*EngineConfig) SetAllowSUID

func (e *EngineConfig) SetAllowSUID(allow bool)

SetAllowSUID sets allow-suid flag to allow to run setuid binary inside containee.JSON.

func (*EngineConfig) SetBindPath

func (e *EngineConfig) SetBindPath(bindpath []string)

SetBindPath sets paths to bind into containee.JSON.

func (*EngineConfig) SetBootInstance

func (e *EngineConfig) SetBootInstance(boot bool)

SetBootInstance sets boot flag to execute /sbin/init as main instance process.

func (*EngineConfig) SetCgroupsPath

func (e *EngineConfig) SetCgroupsPath(path string)

SetCgroupsPath sets path to cgroups profile

func (*EngineConfig) SetCommand

func (e *EngineConfig) SetCommand(command string)

SetCommand sets action command to execute.

func (*EngineConfig) SetContain

func (e *EngineConfig) SetContain(contain bool)

SetContain sets contain flag.

func (*EngineConfig) SetCustomHome

func (e *EngineConfig) SetCustomHome(custom bool)

SetCustomHome sets if home path is a custom path or not.

func (*EngineConfig) SetCwd

func (e *EngineConfig) SetCwd(path string)

SetCwd sets current working directory

func (*EngineConfig) SetDNS

func (e *EngineConfig) SetDNS(dns string)

SetDNS sets a commas separated list of DNS servers to add in resolv.conf

func (*EngineConfig) SetDropCaps

func (e *EngineConfig) SetDropCaps(caps string)

SetDropCaps sets bounding/effective/permitted/inheritable/ambient capabilities to drop.

func (*EngineConfig) SetHomeDest

func (e *EngineConfig) SetHomeDest(dest string)

SetHomeDest sets the container home directory path.

func (*EngineConfig) SetHomeSource

func (e *EngineConfig) SetHomeSource(source string)

SetHomeSource sets the source home directory path.

func (*EngineConfig) SetHostname

func (e *EngineConfig) SetHostname(hostname string)

SetHostname sets hostname to use in containee.JSON.

func (*EngineConfig) SetImage

func (e *EngineConfig) SetImage(name string)

SetImage sets the container image path to be used by EngineConfig.JSON.

func (*EngineConfig) SetImageList

func (e *EngineConfig) SetImageList(list []image.Image)

SetImageList sets image list containing opened images

func (*EngineConfig) SetInstance

func (e *EngineConfig) SetInstance(instance bool)

SetInstance sets if container run as instance or not.

func (*EngineConfig) SetInstanceJoin

func (e *EngineConfig) SetInstanceJoin(join bool)

SetInstanceJoin sets if process joins an instance or not.

func (*EngineConfig) SetKeepPrivs

func (e *EngineConfig) SetKeepPrivs(keep bool)

SetKeepPrivs sets keep-privs flag to allow root to retain all privileges.

func (*EngineConfig) SetNetwork

func (e *EngineConfig) SetNetwork(network string)

SetNetwork sets a list of commas separated networks to configure inside container

func (*EngineConfig) SetNetworkArgs

func (e *EngineConfig) SetNetworkArgs(args []string)

SetNetworkArgs sets network arguments to pass to CNI plugins

func (*EngineConfig) SetNoHome

func (e *EngineConfig) SetNoHome(val bool)

SetNoHome set no-home flag to not mount home user home directory

func (*EngineConfig) SetNoInit

func (e *EngineConfig) SetNoInit(val bool)

SetNoInit set noinit flag to not start shim init process

func (*EngineConfig) SetNoPrivs

func (e *EngineConfig) SetNoPrivs(nopriv bool)

SetNoPrivs sets no-privs flag to force root user to lose all privileges.

func (*EngineConfig) SetNv

func (e *EngineConfig) SetNv(nv bool)

SetNv sets nv flag to bind cuda libraries into containee.JSON.

func (*EngineConfig) SetOpenFd

func (e *EngineConfig) SetOpenFd(fds []int)

SetOpenFd sets a list of open file descriptor

func (*EngineConfig) SetOverlayImage

func (e *EngineConfig) SetOverlayImage(paths []string)

SetOverlayImage sets the overlay image path to be used on top of container image.

func (*EngineConfig) SetScratchDir

func (e *EngineConfig) SetScratchDir(scratchdir []string)

SetScratchDir set a scratch directory path.

func (*EngineConfig) SetSecurity

func (e *EngineConfig) SetSecurity(security []string)

SetSecurity sets security feature arguments

func (*EngineConfig) SetShell

func (e *EngineConfig) SetShell(shell string)

SetShell sets shell to be used by shell command.

func (*EngineConfig) SetTmpDir

func (e *EngineConfig) SetTmpDir(name string)

SetTmpDir sets temporary directory path.

func (*EngineConfig) SetWorkdir

func (e *EngineConfig) SetWorkdir(name string)

SetWorkdir sets a work directory path.

func (*EngineConfig) SetWritableImage

func (e *EngineConfig) SetWritableImage(writable bool)

SetWritableImage defines the container image as writable or not.

func (*EngineConfig) SetWritableTmpfs

func (e *EngineConfig) SetWritableTmpfs(writable bool)

SetWritableTmpfs sets writable tmpfs flag

type EngineOperations

type EngineOperations struct {
	CommonConfig *config.Common `json:"-"`
	EngineConfig *EngineConfig  `json:"engineConfig"`
}

EngineOperations describes a runtime engine

func (*EngineOperations) CleanupContainer

func (engine *EngineOperations) CleanupContainer() error

CleanupContainer cleans up the container

func (*EngineOperations) Config

func (e *EngineOperations) Config() config.EngineConfig

Config returns a pointer to a singularity.EngineConfig literal as a config.EngineConfig interface. This pointer gets stored in the Engine.Common field.

func (*EngineOperations) CreateContainer

func (engine *EngineOperations) CreateContainer(pid int, rpcConn net.Conn) error

CreateContainer creates a container

func (*EngineOperations) InitConfig

func (e *EngineOperations) InitConfig(cfg *config.Common)

InitConfig stores the pointer to config.Common

func (*EngineOperations) MonitorContainer

func (engine *EngineOperations) MonitorContainer(pid int) (syscall.WaitStatus, error)

MonitorContainer monitors a container

func (*EngineOperations) PostStartProcess

func (engine *EngineOperations) PostStartProcess(pid int) error

PostStartProcess will execute code in smaster context after execution of container process, typically to write instance state/config files or execute post start OCI hook

func (*EngineOperations) PrepareConfig

func (e *EngineOperations) PrepareConfig(masterConn net.Conn, starterConfig *starter.Config) error

PrepareConfig checks and prepares the runtime engine config

func (*EngineOperations) StartProcess

func (engine *EngineOperations) StartProcess(masterConn net.Conn) error

StartProcess starts the process

type FileConfig

type FileConfig struct {
	AllowSetuid             bool     `default:"yes" authorized:"yes,no" directive:"allow setuid"`
	MaxLoopDevices          uint     `default:"256" directive:"max loop devices"`
	AllowPidNs              bool     `default:"yes" authorized:"yes,no" directive:"allow pid ns"`
	ConfigPasswd            bool     `default:"yes" authorized:"yes,no" directive:"config passwd"`
	ConfigGroup             bool     `default:"yes" authorized:"yes,no" directive:"config group"`
	ConfigResolvConf        bool     `default:"yes" authorized:"yes,no" directive:"config resolv_conf"`
	MountProc               bool     `default:"yes" authorized:"yes,no" directive:"mount proc"`
	MountSys                bool     `default:"yes" authorized:"yes,no" directive:"mount sys"`
	MountDev                string   `default:"yes" authorized:"yes,no,minimal" directive:"mount dev"`
	MountDevPts             bool     `default:"yes" authorized:"yes,no" directive:"mount devpts"`
	MountHome               bool     `default:"yes" authorized:"yes,no" directive:"mount home"`
	MountTmp                bool     `default:"yes" authorized:"yes,no" directive:"mount tmp"`
	MountHostfs             bool     `default:"no" authorized:"yes,no" directive:"mount hostfs"`
	BindPath                []string `default:"/etc/localtime,/etc/hosts" directive:"bind path"`
	UserBindControl         bool     `default:"yes" authorized:"yes,no" directive:"user bind control"`
	EnableOverlay           string   `default:"try" authorized:"yes,no,try" directive:"enable overlay"`
	EnableUnderlay          bool     `default:"yes" authorized:"yes,no" directive:"enable underlay"`
	MountSlave              bool     `default:"yes" authorized:"yes,no" directive:"mount slave"`
	SessiondirMaxSize       uint     `default:"16" directive:"sessiondir max size"`
	LimitContainerOwners    []string `directive:"limit container owners"`
	LimitContainerGroups    []string `directive:"limit container groups"`
	LimitContainerPaths     []string `directive:"limit container paths"`
	AllowContainerSquashfs  bool     `default:"yes" authorized:"yes,no" directive:"allow container squashfs"`
	AllowContainerExtfs     bool     `default:"yes" authorized:"yes,no" directive:"allow container extfs"`
	AllowContainerDir       bool     `default:"yes" authorized:"yes,no" directive:"allow container dir"`
	AutofsBugPath           []string `directive:"autofs bug path"`
	AlwaysUseNv             bool     `default:"no" authorized:"yes,no" directive:"always use nv"`
	RootDefaultCapabilities string   `default:"full" authorized:"full,file,no" directive:"root default capabilities"`
	AllowRootCapabilities   bool     `default:"yes" authorized:"yes,no" directive:"allow root capabilities"`
	AllowUserCapabilities   bool     `default:"no" authorized:"yes,no" directive:"allow user capabilities"`
	MemoryFSType            string   `default:"tmpfs" authorized:"tmpfs,ramfs" directive:"memory fs type"`
	CniConfPath             string   `directive:"cni configuration path"`
	CniPluginPath           string   `directive:"cni plugin path"`
}

FileConfig describes the singularity.conf file options

type JSONConfig

type JSONConfig struct {
	Image         string        `json:"image"`
	WritableImage bool          `json:"writableImage,omitempty"`
	WritableTmpfs bool          `json:"writableTmpfs,omitempty"`
	OverlayImage  []string      `json:"overlayImage,omitempty"`
	Contain       bool          `json:"container,omitempty"`
	Nv            bool          `json:"nv,omitempty"`
	Workdir       string        `json:"workdir,omitempty"`
	ScratchDir    []string      `json:"scratchdir,omitempty"`
	HomeSource    string        `json:"homedir,omitempty"`
	HomeDest      string        `json:"homeDest,omitempty"`
	CustomHome    bool          `json:"customHome,omitempty"`
	BindPath      []string      `json:"bindpath,omitempty"`
	Command       string        `json:"command,omitempty"`
	Shell         string        `json:"shell,omitempty"`
	TmpDir        string        `json:"tmpdir,omitempty"`
	Instance      bool          `json:"instance,omitempty"`
	InstanceJoin  bool          `json:"instanceJoin,omitempty"`
	BootInstance  bool          `json:"bootInstance,omitempty"`
	RunPrivileged bool          `json:"runPrivileged,omitempty"`
	AddCaps       string        `json:"addCaps,omitempty"`
	DropCaps      string        `json:"dropCaps,omitempty"`
	Hostname      string        `json:"hostname,omitempty"`
	AllowSUID     bool          `json:"allowSUID,omitempty"`
	KeepPrivs     bool          `json:"keepPrivs,omitempty"`
	NoPrivs       bool          `json:"noPrivs,omitempty"`
	NoHome        bool          `json:"noHome,omitempty"`
	NoInit        bool          `json:"noInit,omitempty"`
	ImageList     []image.Image `json:"imageList,omitempty"`
	Network       string        `json:"network,omitempty"`
	NetworkArgs   []string      `json:"networkArgs,omitempty"`
	DNS           string        `json:"dns,omitempty"`
	Cwd           string        `json:"cwd,omitempty"`
	Security      []string      `json:"security,omitempty"`
	OpenFd        []int         `json:"openFd,omitempty"`
	CgroupsPath   string        `json:"cgroupsPath,omitempty"`
}

JSONConfig stores engine specific confguration that is allowed to be set by the user

Directories

Path Synopsis
rpc

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL