namespaces

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 26, 2014 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrUnkownNamespace = errors.New("Unknown namespace")
	ErrUnsupported     = errors.New("Unsupported method")
)

namespaceList is used to convert the libcontainer types into the names of the files located in /proc/<pid>/ns/* for each namespace

Functions

func DefaultCreateCommand 

func DefaultCreateCommand(container *libcontainer.Config, console, rootfs, dataPath, init string, pipe *os.File, args []string) *exec.Cmd

DefaultCreateCommand will return an exec.Cmd with the Cloneflags set to the proper namespaces defined on the container's configuration and use the current binary as the init with the args provided

console: the /dev/console to setup inside the container init: the program executed inside the namespaces root: the path to the container json file and information pipe: sync pipe to synchronize the parent and child processes args: the arguments to pass to the container to run as the user's program

func Exec 

func Exec(container *libcontainer.Config, term Terminal, rootfs, dataPath string, args []string, createCommand CreateCommand, startCallback func()) (int, error)

TODO(vishh): This is part of the libcontainer API and it does much more than just namespaces related work. Move this to libcontainer package. Exec performs setup outside of a namespace so that a container can be executed. Exec is a high level function for working with container namespaces.

func ExecIn 

func ExecIn(container *libcontainer.Config, state *libcontainer.State, args []string) error

ExecIn uses an existing pid and joins the pid's namespaces with the new command.

func FinalizeNamespace 

func FinalizeNamespace(container *libcontainer.Config) error

FinalizeNamespace drops the caps, sets the correct user and working dir, and closes any leaky file descriptors before execing the command inside the namespace

func GetNamespaceFlags 

func GetNamespaceFlags(namespaces map[string]bool) (flag int)

GetNamespaceFlags parses the container's Namespaces options to set the correct flags on clone, unshare, and setns

func Init 

func Init(container *libcontainer.Config, uncleanRootfs, consolePath string, syncPipe *SyncPipe, args []string) (err error)

TODO(vishh): This is part of the libcontainer API and it does much more than just namespaces related work. Move this to libcontainer package. Init is the init process that first runs inside a new namespace to setup mounts, users, networking, and other options required for the new container.

func InitializeNetworking 

func InitializeNetworking(container *libcontainer.Config, nspid int, pipe *SyncPipe, networkState *network.NetworkState) error

InitializeNetworking creates the container's network stack outside of the namespace and moves interfaces into the container's net namespaces if necessary

func LoadContainerEnvironment 

func LoadContainerEnvironment(container *libcontainer.Config) error

func NsEnter added in v1.0.0 

func NsEnter(container *libcontainer.Config, nspid int, args []string) error

NsEnter is run after entering the namespace.

func RestoreParentDeathSignal 

func RestoreParentDeathSignal(old int) error

RestoreParentDeathSignal sets the parent death signal to old.

func SetupCgroups 

func SetupCgroups(container *libcontainer.Config, nspid int) (cgroups.ActiveCgroup, error)

SetupCgroups applies the cgroup restrictions to the process running in the container based on the container's configuration

func SetupUser 

func SetupUser(u string) error

SetupUser changes the groups, gid, and uid for the user inside the container

Types

type CreateCommand 

type CreateCommand func(container *libcontainer.Config, console, rootfs, dataPath, init string, childPipe *os.File, args []string) *exec.Cmd

type Namespace 

type Namespace struct {
	Key   string `json:"key,omitempty"`
	Value int    `json:"value,omitempty"`
	File  string `json:"file,omitempty"`
}

func GetNamespace 

func GetNamespace(key string) *Namespace

func (*Namespace) String 

func (ns *Namespace) String() string

type Namespaces 

type Namespaces []*Namespace

func (Namespaces) Contains 

func (n Namespaces) Contains(ns string) bool

Contains returns true if the specified Namespace is in the slice

func (Namespaces) Get 

func (n Namespaces) Get(ns string) *Namespace

type StdTerminal added in v1.0.0 

type StdTerminal struct {
	// contains filtered or unexported fields
}

func (*StdTerminal) Attach added in v1.0.0 

func (s *StdTerminal) Attach(command *exec.Cmd) error

func (*StdTerminal) Close added in v1.0.0 

func (s *StdTerminal) Close() error

func (*StdTerminal) Resize added in v1.0.0 

func (s *StdTerminal) Resize(h, w int) error

func (*StdTerminal) SetMaster added in v1.0.0 

func (s *StdTerminal) SetMaster(*os.File)

type SyncPipe added in v1.0.0 

type SyncPipe struct {
	// contains filtered or unexported fields
}

SyncPipe allows communication to and from the child processes to it's parent and allows the two independent processes to syncronize their state.

func NewSyncPipe added in v1.0.0 

func NewSyncPipe() (s *SyncPipe, err error)

func NewSyncPipeFromFd added in v1.0.0 

func NewSyncPipeFromFd(parentFd, childFd uintptr) (*SyncPipe, error)

func (*SyncPipe) Child added in v1.0.0 

func (s *SyncPipe) Child() *os.File

func (*SyncPipe) Close added in v1.0.0 

func (s *SyncPipe) Close() error

func (*SyncPipe) CloseChild added in v1.1.0 

func (s *SyncPipe) CloseChild()

func (*SyncPipe) Parent added in v1.0.0 

func (s *SyncPipe) Parent() *os.File

func (*SyncPipe) ReadFromChild added in v1.1.0 

func (s *SyncPipe) ReadFromChild() error

func (*SyncPipe) ReadFromParent added in v1.0.0 

func (s *SyncPipe) ReadFromParent() (*network.NetworkState, error)

func (*SyncPipe) ReportChildError added in v1.1.0 

func (s *SyncPipe) ReportChildError(err error)

func (*SyncPipe) SendToChild added in v1.0.0 

func (s *SyncPipe) SendToChild(networkState *network.NetworkState) error

type Terminal added in v1.0.0 

type Terminal interface {
	io.Closer
	SetMaster(*os.File)
	Attach(*exec.Cmd) error
	Resize(h, w int) error
}

func NewTerminal added in v1.0.0 

func NewTerminal(stdin io.Reader, stdout, stderr io.Writer, tty bool) Terminal

type TtyTerminal added in v1.0.0 

type TtyTerminal struct {
	// contains filtered or unexported fields
}

func (*TtyTerminal) Attach added in v1.0.0 

func (t *TtyTerminal) Attach(command *exec.Cmd) error

func (*TtyTerminal) Close added in v1.0.0 

func (t *TtyTerminal) Close() error

func (*TtyTerminal) Resize added in v1.0.0 

func (t *TtyTerminal) Resize(h, w int) error

func (*TtyTerminal) SetMaster added in v1.0.0 

func (t *TtyTerminal) SetMaster(master *os.File)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.