container

package
v1.4.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 29, 2016 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrRunContainer     = errors.New("RunContainerError")
	ErrKillContainer    = errors.New("KillContainerError")
	ErrVerifyNonRoot    = errors.New("VerifyNonRootError")
	ErrRunInitContainer = errors.New("RunInitContainerError")
)
View Source
var (
	ErrSetupNetwork    = errors.New("SetupNetworkError")
	ErrTeardownNetwork = errors.New("TeardownNetworkError")
)
View Source
var (
	// ErrContainerNotFound returned when a container in the given pod with the
	// given container name was not found, amongst those managed by the kubelet.
	ErrContainerNotFound = errors.New("no matching container")
)
View Source
var ErrCrashLoopBackOff = errors.New("CrashLoopBackOff")

Container Terminated and Kubelet is backing off the restart

View Source
var ImplicitContainerPrefix string = "implicitly required container "

Functions

func BuildPodFullName

func BuildPodFullName(name, namespace string) string

Build the pod full name from pod name and namespace.

func EnvVarsToMap added in v0.18.0

func EnvVarsToMap(envs []EnvVar) map[string]string

EnvVarsToMap constructs a map of environment name to value from a slice of env vars.

func ExpandContainerCommandAndArgs added in v0.18.0

func ExpandContainerCommandAndArgs(container *api.Container, envs []EnvVar) (command []string, args []string)

func FilterEventRecorder added in v1.2.0

func FilterEventRecorder(recorder record.EventRecorder) record.EventRecorder

Create an event recorder to record object's event except implicitly required container's, like infra container.

func GenerateContainerRef added in v0.15.0

func GenerateContainerRef(pod *api.Pod, container *api.Container) (*api.ObjectReference, error)

GenerateContainerRef returns an *api.ObjectReference which references the given container within the given pod. Returns an error if the reference can't be constructed or the container doesn't actually belong to the pod.

This function will return an error if the provided Pod does not have a selfLink, but we expect selfLink to be populated at all call sites for the function.

func GetPodFullName

func GetPodFullName(pod *api.Pod) string

GetPodFullName returns a name that uniquely identifies a pod.

func HandleResizing

func HandleResizing(resize <-chan term.Size, resizeFunc func(size term.Size))

handleResizing spawns a goroutine that processes the resize channel, calling resizeFunc for each term.Size received from the channel. The resize channel must be closed elsewhere to stop the goroutine.

func HashContainer added in v0.18.0

func HashContainer(container *api.Container) uint64

HashContainer returns the hash of the container. It is used to compare the running container with its desired spec.

func IsHostNetworkPod added in v1.3.0

func IsHostNetworkPod(pod *api.Pod) bool

Pod must not be nil.

func ParsePodFullName

func ParsePodFullName(podFullName string) (string, string, error)

Parse the pod full name.

func ShouldContainerBeRestarted added in v0.17.0

func ShouldContainerBeRestarted(container *api.Container, pod *api.Pod, podStatus *PodStatus) bool

ShouldContainerBeRestarted checks whether a container needs to be restarted. TODO(yifan): Think about how to refactor this.

func StartPty added in v0.17.0

func StartPty(c *exec.Cmd) (*os.File, error)

Types

type AuthConfig

type AuthConfig struct {
	Username      string
	Password      string
	Auth          string
	ServerAddress string
	// IdentityToken is used to authenticate the user and get
	// an access token for the registry.
	IdentityToken string
	// RegistryToken is a bearer token to be sent to a registry
	RegistryToken string
}

AuthConfig contains authorization information for connecting to a registry. TODO: This is copied from docker's Authconfig. We should re-evaluate to support other registries.

type Cache added in v1.2.0

type Cache interface {
	Get(types.UID) (*PodStatus, error)
	Set(types.UID, *PodStatus, error, time.Time)
	// GetNewerThan is a blocking call that only returns the status
	// when it is newer than the given time.
	GetNewerThan(types.UID, time.Time) (*PodStatus, error)
	Delete(types.UID)
	UpdateTime(time.Time)
}

Cache stores the PodStatus for the pods. It represents *all* the visible pods/containers in the container runtime. All cache entries are at least as new or newer than the global timestamp (set by UpdateTime()), while individual entries may be slightly newer than the global timestamp. If a pod has no states known by the runtime, Cache returns an empty PodStatus object with ID populated.

Cache provides two methods to retrive the PodStatus: the non-blocking Get() and the blocking GetNewerThan() method. The component responsible for populating the cache is expected to call Delete() to explicitly free the cache entries.

func NewCache added in v1.2.0

func NewCache() Cache

NewCache creates a pod cache.

type Container

type Container struct {
	// The ID of the container, used by the container runtime to identify
	// a container.
	ID ContainerID
	// The name of the container, which should be the same as specified by
	// api.Container.
	Name string
	// The image name of the container, this also includes the tag of the image,
	// the expected form is "NAME:TAG".
	Image string
	// The id of the image used by the container.
	ImageID string
	// Hash of the container, used for comparison. Optional for containers
	// not managed by kubelet.
	Hash uint64
	// State is the state of the container.
	State ContainerState
}

Container provides the runtime information for a container, such as ID, hash, state of the container.

type ContainerAttacher added in v1.1.0

type ContainerAttacher interface {
	AttachContainer(id ContainerID, stdin io.Reader, stdout, stderr io.WriteCloser, tty bool, resize <-chan term.Size) (err error)
}

type ContainerCommandRunner added in v0.17.0

type ContainerCommandRunner interface {
	// Runs the command in the container of the specified pod using nsenter.
	// Attaches the processes stdin, stdout, and stderr. Optionally uses a
	// tty.
	ExecInContainer(containerID ContainerID, cmd []string, stdin io.Reader, stdout, stderr io.WriteCloser, tty bool, resize <-chan term.Size) error
	// Forward the specified port from the specified pod to the stream.
	PortForward(pod *Pod, port uint16, stream io.ReadWriteCloser) error
}

CommandRunner encapsulates the command runner interfaces for testability.

type ContainerConfig

type ContainerConfig struct {
	// Name of the container. The string should conform to [a-zA-Z0-9_-]+.
	Name string
	// Image to use.
	Image ImageSpec
	// Command to execute (i.e., entrypoint for docker)
	Command []string
	// Args for the Command (i.e., command for docker)
	Args []string
	// Current working directory of the command.
	WorkingDir string
	// List of environment variable to set in the container
	Env []KeyValue
	// Mounts specifies mounts for the container
	Mounts []Mount
	// Labels are key value pairs that may be used to scope and select individual resources.
	Labels Labels
	// Annotations is an unstructured key value map that may be set by external
	// tools to store and retrieve arbitrary metadata.
	Annotations map[string]string
	// Privileged runs the container in the privileged mode.
	Privileged bool
	// ReadOnlyRootFS sets the root filesystem of the container to be
	// read-only.
	ReadOnlyRootFS bool
	// Path relative to PodSandboxConfig.LogDirectory for container to store
	// the log (STDOUT and STDERR) on the host.
	// E.g.,
	//     PodSandboxConfig.LogDirectory = `/var/log/pods/<podUID>/`
	//     ContainerConfig.LogPath = `containerName_Instance#.log`
	//
	// WARNING: Log managment and how kubelet should interface with the
	// container logs are under active discussion in
	// https://issues.k8s.io/24677. There *may* be future change of direction
	// for logging as the discussion carries on.
	LogPath string

	// Variables for interactive containers, these have very specialized
	// use-cases (e.g. debugging).
	// TODO: Determine if we need to continue supporting these fields that are
	// part of Kubernetes's Container Spec.
	STDIN     bool
	STDINONCE bool
	TTY       bool

	// Linux contains configuration specific to Linux containers.
	Linux *LinuxContainerConfig
}

type ContainerFilter

type ContainerFilter struct {
	// Name of the container.
	Name *string
	// ID of the container.
	ID *RawContainerID
	// State of the contianer.
	State *ContainerState
	// ID of the PodSandbox.
	PodSandboxID *PodSandboxID
	// LabelSelector to select matches.
	// Only api.MatchLabels is supported for now and the requirements
	// are ANDed. MatchExpressions is not supported yet.
	LabelSelector unversioned.LabelSelector
}

ContainerFilter is used to filter containers.

type ContainerGC added in v1.2.0

type ContainerGC interface {
	// Garbage collect containers.
	GarbageCollect(allSourcesReady bool) error
}

Manages garbage collection of dead containers.

Implementation is thread-compatible.

func NewContainerGC added in v1.2.0

func NewContainerGC(runtime Runtime, policy ContainerGCPolicy) (ContainerGC, error)

New ContainerGC instance with the specified policy.

type ContainerGCPolicy added in v1.2.0

type ContainerGCPolicy struct {
	// Minimum age at which a container can be garbage collected, zero for no limit.
	MinAge time.Duration

	// Max number of dead containers any single pod (UID, container name) pair is
	// allowed to have, less than zero for no limit.
	MaxPerPodContainer int

	// Max number of total dead containers, less than zero for no limit.
	MaxContainers int
}

Specified a policy for garbage collecting containers.

type ContainerID added in v0.16.0

type ContainerID struct {
	// The type of the container runtime. e.g. 'docker', 'rkt'.
	Type string
	// The identification of the container, this is comsumable by
	// the underlying container runtime. (Note that the container
	// runtime interface still takes the whole struct as input).
	ID string
}

ContainerID is a type that identifies a container.

func BuildContainerID added in v0.16.0

func BuildContainerID(typ, ID string) ContainerID

func ParseContainerID added in v1.2.0

func ParseContainerID(containerID string) ContainerID

Convenience method for creating a ContainerID from an ID string.

func (*ContainerID) IsEmpty added in v1.2.0

func (c *ContainerID) IsEmpty() bool

func (*ContainerID) MarshalJSON added in v0.16.0

func (c *ContainerID) MarshalJSON() ([]byte, error)

func (*ContainerID) ParseString added in v0.16.0

func (c *ContainerID) ParseString(data string) error

func (*ContainerID) String added in v0.16.0

func (c *ContainerID) String() string

func (*ContainerID) UnmarshalJSON added in v0.16.0

func (c *ContainerID) UnmarshalJSON(data []byte) error

type ContainerListItem

type ContainerListItem struct {
	// The ID of the container, used by the container runtime to identify
	// a container.
	ID ContainerID
	// The name of the container, which should be the same as specified by
	// api.Container.
	Name string
	// Reference to the image in use. For most runtimes, this should be an
	// image ID.
	ImageRef string
	// State is the state of the container.
	State ContainerState
	// Labels are key value pairs that may be used to scope and select individual resources.
	Labels Labels
}

ContainerListItem provides the runtime information for a container returned by List().

type ContainerRuntime

type ContainerRuntime interface {
	// Create creates a container in the sandbox, and returns the ID
	// of the created container.
	Create(config *ContainerConfig, sandboxConfig *PodSandboxConfig, sandboxID PodSandboxID) (RawContainerID, error)
	// Start starts a created container.
	Start(id RawContainerID) error
	// Stop stops a running container with a grace period (i.e., timeout).
	Stop(id RawContainerID, timeout int) error
	// Remove removes the container.
	Remove(id RawContainerID) error
	// List lists the existing containers that match the ContainerFilter.
	// The returned list should only include containers previously created
	// by this ContainerRuntime.
	List(filter ContainerFilter) ([]ContainerListItem, error)
	// Status returns the status of the container.
	Status(id RawContainerID) (RawContainerStatus, error)
	// Exec executes a command in the container.
	Exec(id RawContainerID, cmd []string, streamOpts StreamOptions) error
}

ContainerRuntime provides methods for container lifecycle operations, as well as listing or inspecting existing containers. These methods should either return an error or block until the operation succeeds.

type ContainerState added in v1.2.0

type ContainerState string
const (
	ContainerStateRunning ContainerState = "running"
	ContainerStateExited  ContainerState = "exited"
	// This unknown encompasses all the states that we currently don't care.
	ContainerStateUnknown ContainerState = "unknown"
	// Not in use yet.
	ContainerStateCreated ContainerState = "created"
)

type ContainerStatus added in v1.2.0

type ContainerStatus struct {
	// ID of the container.
	ID ContainerID
	// Name of the container.
	Name string
	// Status of the container.
	State ContainerState
	// Creation time of the container.
	CreatedAt time.Time
	// Start time of the container.
	StartedAt time.Time
	// Finish time of the container.
	FinishedAt time.Time
	// Exit code of the container.
	ExitCode int
	// Name of the image, this also includes the tag of the image,
	// the expected form is "NAME:TAG".
	Image string
	// ID of the image.
	ImageID string
	// Hash of the container, used for comparison.
	Hash uint64
	// Number of times that the container has been restarted.
	RestartCount int
	// A string explains why container is in such a status.
	Reason string
	// Message written by the container before exiting (stored in
	// TerminationMessagePath).
	Message string
}

ContainerStatus represents the status of a container.

type DNSOptions

type DNSOptions struct {
	// Servers is a list of DNS servers of the cluster.
	Servers []string
	// Searches is a list of DNS search domains of the cluster.
	Searches []string
}

DNSOptions specifies the DNS servers and search domains.

type DockerID added in v1.2.0

type DockerID string

DockerID is an ID of docker container. It is a type to make it clear when we're working with docker container Ids

func (DockerID) ContainerID added in v1.2.0

func (id DockerID) ContainerID() ContainerID

type EnvVar added in v0.18.0

type EnvVar struct {
	Name  string
	Value string
}

type HandlerRunner added in v0.16.0

type HandlerRunner interface {
	Run(containerID ContainerID, pod *api.Pod, container *api.Container, handler *api.Handler) (string, error)
}

HandlerRunner runs a lifecycle handler for a container.

type Image added in v0.17.0

type Image struct {
	// ID of the image.
	ID string
	// Other names by which this image is known.
	RepoTags []string
	// Digests by which this image is known.
	RepoDigests []string
	// The size of the image in bytes.
	Size int64
}

Basic information about a container image.

type ImageManagerService

type ImageManagerService interface {
	// ListImages lists the existing images.
	ListImages(filter *runtimeApi.ImageFilter) ([]*runtimeApi.Image, error)
	// ImageStatus returns the status of the image.
	ImageStatus(image *runtimeApi.ImageSpec) (*runtimeApi.Image, error)
	// PullImage pulls an image with the authentication config.
	PullImage(image *runtimeApi.ImageSpec, auth *runtimeApi.AuthConfig) error
	// RemoveImage removes the image.
	RemoveImage(image *runtimeApi.ImageSpec) error
}

ImageManagerService interface should be implemented by a container image manager. The methods should be thread-safe.

type ImageService

type ImageService interface {
	// List lists the existing images.
	List() ([]Image, error)
	// Pull pulls an image with authentication config. The PodSandboxConfig is
	// passed so that the image service can charge the resources used for
	// pulling to a sepcific pod.
	Pull(image ImageSpec, auth AuthConfig, sandboxConfig *PodSandboxConfig) error
	// Remove removes an image.
	Remove(image ImageSpec) error
	// Status returns the status of an image.
	Status(image ImageSpec) (Image, error)
}

ImageService offers basic image operations.

type ImageSpec added in v0.17.0

type ImageSpec struct {
	Image string
}

ImageSpec is an internal representation of an image. Currently, it wraps the value of a Container's Image field, but in the future it will include more detailed information about the different image types.

type ImageStats added in v1.3.0

type ImageStats struct {
	// Total amount of storage consumed by existing images.
	TotalStorageBytes uint64
}

ImageStats contains statistics about all the images currently available.

type KeyValue

type KeyValue struct {
	Key   string
	Value string
}

KeyValue represents a key-value pair.

type Labels

type Labels map[string]string

Labels are key value pairs that may be used to scope and select individual resources. Label keys are of the form:

label-key ::= prefixed-name | name
prefixed-name ::= prefix '/' name
prefix ::= DNS_SUBDOMAIN
name ::= DNS_LABEL

type LinuxContainerConfig

type LinuxContainerConfig struct {
	// Resources specification for the container.
	Resources *LinuxContainerResources
	// Capabilities to add or drop.
	Capabilities *api.Capabilities
	// SELinux is the SELinux context to be applied.
	SELinux *api.SELinuxOptions
}

LinuxContainerConfig contains platform-specific configuration for Linux-based containers.

type LinuxContainerResources

type LinuxContainerResources struct {
	// CPU CFS (Completely Fair Scheduler) period
	CPUPeriod *int64
	// CPU CFS (Completely Fair Scheduler) quota
	CPUQuota *int64
	// CPU shares (relative weight vs. other containers)
	CPUShares *int64
	// Memory limit in bytes
	MemoryLimitInBytes *int64
	// OOMScoreAdj adjusts the oom-killer score.
	OOMScoreAdj *int64
}

LinuxContainerResources specifies Linux specific configuration for resources. TODO: Consider using Resources from opencontainers/runtime-spec/specs-go directly.

type LinuxPodSandboxConfig

type LinuxPodSandboxConfig struct {
	// CgroupParent is the parent cgroup of the sandbox. The cgroupfs style
	// syntax will be used, but the container runtime can convert it to systemd
	// semantices if needed.
	CgroupParent string
	// NamespaceOptions contains configurations for the sandbox's namespaces.
	// This will be used only if the PodSandbox uses namespace for isolation.
	NamespaceOptions NamespaceOptions
}

LinuxPodSandboxConfig holds platform-specific configuraions for Linux host platforms and Linux-based containers.

type LinuxPodSandboxStatus

type LinuxPodSandboxStatus struct {
	// Namespaces contains paths to the sandbox's namespaces.
	Namespaces *Namespaces
}

LinuxSandBoxStatus contains status specific to Linux sandboxes.

type Mount added in v0.18.0

type Mount struct {
	// Name of the volume mount.
	Name string
	// Path of the mount within the container.
	ContainerPath string
	// Path of the mount on the host.
	HostPath string
	// Whether the mount is read-only.
	ReadOnly bool
	// Whether the mount needs SELinux relabeling
	SELinuxRelabel bool
}

type NamespaceOptions

type NamespaceOptions struct {
	// HostNetwork uses the host's network namespace.
	HostNetwork bool
	// HostPID uses the host's pid namesapce.
	HostPID bool
	// HostIPC uses the host's ipc namespace.
	HostIPC bool
}

NamespaceOptions provides options for Linux namespaces.

type Namespaces

type Namespaces struct {
	// Network is the path to the network namespace.
	Network string
}

Namespaces contains paths to the namespaces.

type OSInterface added in v0.16.0

type OSInterface interface {
	MkdirAll(path string, perm os.FileMode) error
	Symlink(oldname string, newname string) error
	Stat(path string) (os.FileInfo, error)
	Remove(path string) error
	Create(path string) (*os.File, error)
	Hostname() (name string, err error)
	Chtimes(path string, atime time.Time, mtime time.Time) error
	Pipe() (r *os.File, w *os.File, err error)
	ReadDir(dirname string) ([]os.FileInfo, error)
}

OSInterface collects system level operations that need to be mocked out during tests.

type Option added in v1.2.0

type Option func(Runtime)

Option is a functional option type for Runtime, useful for completely optional settings.

type Pod

type Pod struct {
	// The ID of the pod, which can be used to retrieve a particular pod
	// from the pod list returned by GetPods().
	ID types.UID
	// The name and namespace of the pod, which is readable by human.
	Name      string
	Namespace string
	// List of containers that belongs to this pod. It may contain only
	// running containers, or mixed with dead ones (when GetPods(true)).
	Containers []*Container
}

Pod is a group of containers.

func ConvertPodStatusToRunningPod added in v1.2.0

func ConvertPodStatusToRunningPod(podStatus *PodStatus) Pod

TODO(random-liu): Convert PodStatus to running Pod, should be deprecated soon

func (*Pod) FindContainerByID added in v1.2.0

func (p *Pod) FindContainerByID(id ContainerID) *Container

func (*Pod) FindContainerByName

func (p *Pod) FindContainerByName(containerName string) *Container

FindContainerByName returns a container in the pod with the given name. When there are multiple containers with the same name, the first match will be returned.

func (*Pod) IsEmpty added in v0.20.0

func (p *Pod) IsEmpty() bool

IsEmpty returns true if the pod is empty.

func (*Pod) ToAPIPod added in v0.21.0

func (p *Pod) ToAPIPod() *api.Pod

ToAPIPod converts Pod to api.Pod. Note that if a field in api.Pod has no corresponding field in Pod, the field would not be populated.

type PodPair added in v1.2.0

type PodPair struct {
	// APIPod is the api.Pod
	APIPod *api.Pod
	// RunningPod is the pod defined defined in pkg/kubelet/container/runtime#Pod
	RunningPod *Pod
}

PodPair contains both runtime#Pod and api#Pod

type PodSandboxConfig

type PodSandboxConfig struct {
	// Name is the name of the sandbox. The string should conform to
	// [a-zA-Z0-9_-]+.
	Name string
	// Hostname is the hostname of the sandbox.
	Hostname string
	// DNSOptions sets the DNS options for the sandbox.
	DNSOptions DNSOptions
	// PortMappings lists the port mappings for the sandbox.
	PortMappings []PortMapping
	// Resources specifies the resource limits for the sandbox (i.e., the
	// aggregate cpu/memory resources limits of all containers).
	// Note: On a Linux host, kubelet will create a pod-level cgroup and pass
	// it as the cgroup parent for the PodSandbox. For some runtimes, this is
	// sufficent. For others, e.g., hypervisor-based runtimes, explicit
	// resource limits for the sandbox are needed at creation time.
	Resources PodSandboxResources
	// Path to the directory on the host in which container log files are
	// stored.
	// By default the Log of a container going into the LogDirectory will be
	// hooked up to STDOUT and STDERR. However, the LogDirectory may contain
	// binary log files with structured logging data from the individual
	// containers. For example the files might be newline seperated JSON
	// structured logs, systemd-journald journal files, gRPC trace files, etc.
	// E.g.,
	//     PodSandboxConfig.LogDirectory = `/var/log/pods/<podUID>/`
	//     ContainerConfig.LogPath = `containerName_Instance#.log`
	//
	// WARNING: Log managment and how kubelet should interface with the
	// container logs are under active discussion in
	// https://issues.k8s.io/24677. There *may* be future change of direction
	// for logging as the discussion carries on.
	LogDirectory string
	// Labels are key value pairs that may be used to scope and select
	// individual resources.
	Labels Labels
	// Annotations is an unstructured key value map that may be set by external
	// tools to store and retrieve arbitrary metadata.
	Annotations map[string]string

	// Linux contains configurations specific to Linux hosts.
	Linux *LinuxPodSandboxConfig
}

PodSandboxConfig holds all the required and optional fields for creating a sandbox.

type PodSandboxFilter

type PodSandboxFilter struct {
	// Name of the sandbox.
	Name *string
	// ID of the sandbox.
	ID *PodSandboxID
	// State of the sandbox.
	State *PodSandboxState
	// LabelSelector to select matches.
	// Only api.MatchLabels is supported for now and the requirements
	// are ANDed. MatchExpressions is not supported yet.
	LabelSelector unversioned.LabelSelector
}

PodSandboxFilter is used to filter a list of PodSandboxes.

type PodSandboxID

type PodSandboxID string

type PodSandboxListItem

type PodSandboxListItem struct {
	ID    PodSandboxID
	State PodSandboxState
	// Labels are key value pairs that may be used to scope and select individual resources.
	Labels Labels
}

PodSandboxListItem contains minimal information about a sandbox.

type PodSandboxManager

type PodSandboxManager interface {
	// Create creates a sandbox based on the given config, and returns the
	// the new sandbox.
	Create(config *PodSandboxConfig) (PodSandboxID, error)
	// Stop stops the sandbox by its ID. If there are any running
	// containers in the sandbox, they will be terminated as a side-effect.
	Stop(id PodSandboxID) error
	// Delete deletes the sandbox by its ID. If there are any running
	// containers in the sandbox, they will be deleted as a side-effect.
	Delete(id PodSandboxID) error
	// List lists existing sandboxes, filtered by the given PodSandboxFilter.
	List(filter PodSandboxFilter) ([]PodSandboxListItem, error)
	// Status gets the status of the sandbox by ID.
	Status(id PodSandboxID) (PodSandboxStatus, error)
}

PodSandboxManager provides basic operations to create/delete and examine the PodSandboxes. These methods should either return an error or block until the operation succeeds.

type PodSandboxNetworkStatus

type PodSandboxNetworkStatus struct {
	IPs []string
}

PodSandboxNetworkStatus is the status of the network for a PodSandbox.

type PodSandboxResources

type PodSandboxResources struct {
	// CPU resource requirement.
	CPU resource.Quantity
	// Memory resource requirement.
	Memory resource.Quantity
}

PodSandboxResources contains the CPU/memory resource requirements.

type PodSandboxState

type PodSandboxState string
const (
	// PodSandboxReady means the sandbox is functioning properly.
	PodSandboxReady PodSandboxState = "Ready"
	// PodSandboxInNotReady means the sandbox is not functioning properly.
	PodSandboxNotReady PodSandboxState = "NotReady"
)

type PodSandboxStatus

type PodSandboxStatus struct {
	// ID of the sandbox.
	ID PodSandboxID
	// State of the sandbox.
	State PodSandboxState
	// Network contains network status if network is handled by the runtime.
	Network *PodSandboxNetworkStatus
	// Status specific to a Linux sandbox.
	Linux *LinuxPodSandboxStatus
	// Labels are key value pairs that may be used to scope and select individual resources.
	Labels Labels
	// Annotations is an unstructured key value map.
	Annotations map[string]string
}

PodSandboxStatus contains the status of the PodSandbox.

type PodStatus added in v1.2.0

type PodStatus struct {
	// ID of the pod.
	ID types.UID
	// Name of the pod.
	Name string
	// Namspace of the pod.
	Namespace string
	// IP of the pod.
	IP string
	// Status of containers in the pod.
	ContainerStatuses []*ContainerStatus
}

PodStatus represents the status of the pod and its containers. api.PodStatus can be derived from examining PodStatus and api.Pod.

func (*PodStatus) FindContainerStatusByName added in v1.2.0

func (podStatus *PodStatus) FindContainerStatusByName(containerName string) *ContainerStatus

FindContainerStatusByName returns container status in the pod status with the given name. When there are multiple containers' statuses with the same name, the first match will be returned.

func (*PodStatus) GetRunningContainerStatuses added in v1.2.0

func (podStatus *PodStatus) GetRunningContainerStatuses() []*ContainerStatus

Get container status of all the running containers in a pod

type PodSyncResult added in v1.2.0

type PodSyncResult struct {
	// Result of different sync actions
	SyncResults []*SyncResult
	// Error encountered in SyncPod() and KillPod() that is not already included in SyncResults
	SyncError error
}

PodSyncResult is the summary result of SyncPod() and KillPod()

func (*PodSyncResult) AddPodSyncResult added in v1.2.0

func (p *PodSyncResult) AddPodSyncResult(result PodSyncResult)

AddPodSyncResult merges a PodSyncResult to current one

func (*PodSyncResult) AddSyncResult added in v1.2.0

func (p *PodSyncResult) AddSyncResult(result ...*SyncResult)

AddSyncResult adds multiple SyncResult to current PodSyncResult

func (*PodSyncResult) Error added in v1.2.0

func (p *PodSyncResult) Error() error

Error returns an error summarizing all the errors in PodSyncResult

func (*PodSyncResult) Fail added in v1.2.0

func (p *PodSyncResult) Fail(err error)

Fail fails the PodSyncResult with an error occurred in SyncPod() and KillPod() itself

type Pods

type Pods []*Pod

func (Pods) FindPod added in v0.15.0

func (p Pods) FindPod(podFullName string, podUID types.UID) Pod

FindPod combines FindPodByID and FindPodByFullName, it finds and returns a pod in the pod list either by the full name or the pod ID. It will return an empty pod if not found.

func (Pods) FindPodByFullName added in v0.15.0

func (p Pods) FindPodByFullName(podFullName string) Pod

FindPodByFullName finds and returns a pod in the pod list by the full name. It will return an empty pod if not found.

func (Pods) FindPodByID

func (p Pods) FindPodByID(podUID types.UID) Pod

FindPodByID finds and returns a pod in the pod list by UID. It will return an empty pod if not found.

type PortMapping added in v0.18.0

type PortMapping struct {
	// Name of the port mapping
	Name string
	// Protocol of the port mapping.
	Protocol api.Protocol
	// The port number within the container.
	ContainerPort int
	// The port number on the host.
	HostPort int
	// The host IP.
	HostIP string
}

type RawContainerID

type RawContainerID string

This is to distinguish with existing ContainerID type, which includes a runtime type prefix (e.g., docker://). We may rename this later.

type RawContainerStatus

type RawContainerStatus struct {
	// ID of the container.
	ID ContainerID
	// Name of the container.
	Name string
	// Status of the container.
	State ContainerState
	// Creation time of the container.
	CreatedAt unversioned.Time
	// Start time of the container.
	StartedAt unversioned.Time
	// Finish time of the container.
	FinishedAt unversioned.Time
	// Exit code of the container.
	ExitCode int
	// Reference to the image in use. For most runtimes, this should be an
	// image ID.
	ImageRef string
	// Labels are key value pairs that may be used to scope and select individual resources.
	Labels Labels
	// Annotations is an unstructured key value map.
	Annotations map[string]string
	// A brief CamelCase string explains why container is in such a status.
	Reason string
}

RawContainerStatus represents the status of a container.

type RealOS added in v0.16.0

type RealOS struct{}

RealOS is used to dispatch the real system level operations.

func (RealOS) Chtimes added in v1.3.0

func (RealOS) Chtimes(path string, atime time.Time, mtime time.Time) error

Chtimes will call os.Chtimes to change the atime and mtime of the path

func (RealOS) Create added in v1.3.0

func (RealOS) Create(path string) (*os.File, error)

Create will call os.Create to create and return a file at path.

func (RealOS) Hostname added in v1.3.0

func (RealOS) Hostname() (name string, err error)

Hostname will call os.Hostname to return the hostname.

func (RealOS) MkdirAll added in v1.3.0

func (RealOS) MkdirAll(path string, perm os.FileMode) error

MkDir will will call os.Mkdir to create a directory.

func (RealOS) Pipe added in v1.3.0

func (RealOS) Pipe() (r *os.File, w *os.File, err error)

Pipe will call os.Pipe to return a connected pair of pipe.

func (RealOS) ReadDir added in v1.3.0

func (RealOS) ReadDir(dirname string) ([]os.FileInfo, error)

ReadDir will call ioutil.ReadDir to return the files under the directory.

func (RealOS) Remove added in v1.3.0

func (RealOS) Remove(path string) error

Remove will call os.Remove to remove the path.

func (RealOS) Stat added in v1.3.0

func (RealOS) Stat(path string) (os.FileInfo, error)

Stat will call os.Stat to get the FileInfo for a given path

func (RealOS) Symlink(oldname string, newname string) error

Symlink will call os.Symlink to create a symbolic link.

type RefManager

type RefManager struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

RefManager manages the references for the containers. The references are used for reporting events such as creation, failure, etc. This manager is thread-safe, no locks are necessary for the caller.

func NewRefManager

func NewRefManager() *RefManager

NewRefManager creates and returns a container reference manager with empty contents.

func (*RefManager) ClearRef

func (c *RefManager) ClearRef(id ContainerID)

ClearRef forgets the given container id and its associated container reference.

func (*RefManager) GetRef

func (c *RefManager) GetRef(id ContainerID) (ref *api.ObjectReference, ok bool)

GetRef returns the container reference of the given ID, or (nil, false) if none is stored.

func (*RefManager) SetRef

func (c *RefManager) SetRef(id ContainerID, ref *api.ObjectReference)

SetRef stores a reference to a pod's container, associating it with the given container ID.

type RunContainerOptions

type RunContainerOptions struct {
	// The environment variables list.
	Envs []EnvVar
	// The mounts for the containers.
	Mounts []Mount
	// The host devices mapped into the containers.
	Devices []string
	// The port mappings for the containers.
	PortMappings []PortMapping
	// If the container has specified the TerminationMessagePath, then
	// this directory will be used to create and mount the log file to
	// container.TerminationMessagePath
	PodContainerDir string
	// The list of DNS servers for the container to use.
	DNS []string
	// The list of DNS search domains.
	DNSSearch []string
	// The parent cgroup to pass to Docker
	CgroupParent string
	// The type of container rootfs
	ReadOnly bool
	// hostname for pod containers
	Hostname string
}

RunContainerOptions specify the options which are necessary for running containers

type Runtime

type Runtime interface {
	// Type returns the type of the container runtime.
	Type() string

	// Version returns the version information of the container runtime.
	Version() (Version, error)

	// APIVersion returns the cached API version information of the container
	// runtime. Implementation is expected to update this cache periodically.
	// This may be different from the runtime engine's version.
	// TODO(random-liu): We should fold this into Version()
	APIVersion() (Version, error)
	// Status returns error if the runtime is unhealthy; nil otherwise.
	Status() error
	// GetPods returns a list of containers grouped by pods. The boolean parameter
	// specifies whether the runtime returns all containers including those already
	// exited and dead containers (used for garbage collection).
	GetPods(all bool) ([]*Pod, error)
	// GarbageCollect removes dead containers using the specified container gc policy
	// If allSourcesReady is not true, it means that kubelet doesn't have the
	// complete list of pods from all avialble sources (e.g., apiserver, http,
	// file). In this case, garbage collector should refrain itself from aggressive
	// behavior such as removing all containers of unrecognized pods (yet).
	// TODO: Revisit this method and make it cleaner.
	GarbageCollect(gcPolicy ContainerGCPolicy, allSourcesReady bool) error
	// Syncs the running pod into the desired pod.
	SyncPod(pod *api.Pod, apiPodStatus api.PodStatus, podStatus *PodStatus, pullSecrets []api.Secret, backOff *flowcontrol.Backoff) PodSyncResult
	// KillPod kills all the containers of a pod. Pod may be nil, running pod must not be.
	// TODO(random-liu): Return PodSyncResult in KillPod.
	// gracePeriodOverride if specified allows the caller to override the pod default grace period.
	// only hard kill paths are allowed to specify a gracePeriodOverride in the kubelet in order to not corrupt user data.
	// it is useful when doing SIGKILL for hard eviction scenarios, or max grace period during soft eviction scenarios.
	KillPod(pod *api.Pod, runningPod Pod, gracePeriodOverride *int64) error
	// GetPodStatus retrieves the status of the pod, including the
	// information of all containers in the pod that are visble in Runtime.
	GetPodStatus(uid types.UID, name, namespace string) (*PodStatus, error)
	// PullImage pulls an image from the network to local storage using the supplied
	// secrets if necessary.
	PullImage(image ImageSpec, pullSecrets []api.Secret) error
	// IsImagePresent checks whether the container image is already in the local storage.
	IsImagePresent(image ImageSpec) (bool, error)
	// Gets all images currently on the machine.
	ListImages() ([]Image, error)
	// Removes the specified image.
	RemoveImage(image ImageSpec) error
	// Returns Image statistics.
	ImageStats() (*ImageStats, error)
	// Returns the filesystem path of the pod's network namespace; if the
	// runtime does not handle namespace creation itself, or cannot return
	// the network namespace path, it should return an error.
	// TODO: Change ContainerID to a Pod ID since the namespace is shared
	// by all containers in the pod.
	GetNetNS(containerID ContainerID) (string, error)
	// Returns the container ID that represents the Pod, as passed to network
	// plugins. For example if the runtime uses an infra container, returns
	// the infra container's ContainerID.
	// TODO: Change ContainerID to a Pod ID, see GetNetNS()
	GetPodContainerID(*Pod) (ContainerID, error)
	// TODO(vmarmol): Unify pod and containerID args.
	// GetContainerLogs returns logs of a specific container. By
	// default, it returns a snapshot of the container log. Set 'follow' to true to
	// stream the log. Set 'follow' to false and specify the number of lines (e.g.
	// "100" or "all") to tail the log.
	GetContainerLogs(pod *api.Pod, containerID ContainerID, logOptions *api.PodLogOptions, stdout, stderr io.Writer) (err error)
	// Delete a container. If the container is still running, an error is returned.
	DeleteContainer(containerID ContainerID) error
	// ContainerCommandRunner encapsulates the command runner interfaces for testability.
	ContainerCommandRunner
	// ContainerAttach encapsulates the attaching to containers for testability
	ContainerAttacher
}

Runtime interface defines the interfaces that should be implemented by a container runtime. Thread safety is required from implementations of this interface.

type RuntimeCache

type RuntimeCache interface {
	GetPods() ([]*Pod, error)
	ForceUpdateIfOlder(time.Time) error
}

func NewRuntimeCache

func NewRuntimeCache(getter podsGetter) (RuntimeCache, error)

NewRuntimeCache creates a container runtime cache.

type RuntimeHelper added in v1.2.0

type RuntimeHelper interface {
	GenerateRunContainerOptions(pod *api.Pod, container *api.Container, podIP string) (*RunContainerOptions, error)
	GetClusterDNS(pod *api.Pod) (dnsServers []string, dnsSearches []string, err error)
	GetPodDir(podUID types.UID) string
	GeneratePodHostNameAndDomain(pod *api.Pod) (hostname string, hostDomain string, err error)
	// GetExtraSupplementalGroupsForPod returns a list of the extra
	// supplemental groups for the Pod. These extra supplemental groups come
	// from annotations on persistent volumes that the pod depends on.
	GetExtraSupplementalGroupsForPod(pod *api.Pod) []int64
}

RuntimeHelper wraps kubelet to make container runtime able to get necessary informations like the RunContainerOptions, DNS settings.

type RuntimeService

type RuntimeService interface {
	// Version returns the runtime name, runtime version and runtime API version
	Version(apiVersion string) (*runtimeApi.VersionResponse, error)
	// CreatePodSandbox creates a pod-level sandbox.
	// The definition of PodSandbox is at https://github.com/kubernetes/kubernetes/pull/25899
	CreatePodSandbox(config *runtimeApi.PodSandboxConfig) (string, error)
	// StopPodSandbox stops the sandbox. If there are any running containers in the
	// sandbox, they should be force terminated.
	StopPodSandbox(podSandboxID string) error
	// DeletePodSandbox deletes the sandbox. If there are running containers in the
	// sandbox, they should be forcibly deleted.
	DeletePodSandbox(podSandboxID string) error
	// PodSandboxStatus returns the Status of the PodSandbox.
	PodSandboxStatus(podSandboxID string) (*runtimeApi.PodSandboxStatus, error)
	// ListPodSandbox returns a list of Sandbox.
	ListPodSandbox(filter *runtimeApi.PodSandboxFilter) ([]*runtimeApi.PodSandbox, error)
	// CreateContainer creates a new container in specified PodSandbox.
	CreateContainer(podSandboxID string, config *runtimeApi.ContainerConfig, sandboxConfig *runtimeApi.PodSandboxConfig) (string, error)
	// StartContainer starts the container.
	StartContainer(rawContainerID string) error
	// StopContainer stops a running container with a grace period (i.e., timeout).
	StopContainer(rawContainerID string, timeout int64) error
	// RemoveContainer removes the container.
	RemoveContainer(rawContainerID string) error
	// ListContainers lists all containers by filters.
	ListContainers(filter *runtimeApi.ContainerFilter) ([]*runtimeApi.Container, error)
	// ContainerStatus returns the status of the container.
	ContainerStatus(rawContainerID string) (*runtimeApi.ContainerStatus, error)
	// Exec executes a command in the container.
	Exec(rawContainerID string, cmd []string, tty bool, stdin io.Reader, stdout, stderr io.WriteCloser) error
}

RuntimeService interface should be implemented by a container runtime. The methods should be thread-safe.

type SortContainerStatusesByCreationTime added in v1.2.0

type SortContainerStatusesByCreationTime []*ContainerStatus

Sort the container statuses by creation time.

func (SortContainerStatusesByCreationTime) Len added in v1.2.0

func (SortContainerStatusesByCreationTime) Less added in v1.2.0

func (SortContainerStatusesByCreationTime) Swap added in v1.2.0

type StreamOptions

type StreamOptions struct {
	TTY          bool
	InputStream  io.Reader
	OutputStream io.Writer
	ErrorStream  io.Writer
}

type SyncAction added in v1.2.0

type SyncAction string

SyncAction indicates different kind of actions in SyncPod() and KillPod(). Now there are only actions about start/kill container and setup/teardown network.

const (
	StartContainer  SyncAction = "StartContainer"
	KillContainer   SyncAction = "KillContainer"
	SetupNetwork    SyncAction = "SetupNetwork"
	TeardownNetwork SyncAction = "TeardownNetwork"
	InitContainer   SyncAction = "InitContainer"
)

type SyncResult added in v1.2.0

type SyncResult struct {
	// The associated action of the result
	Action SyncAction
	// The target of the action, now the target can only be:
	//  * Container: Target should be container name
	//  * Network: Target is useless now, we just set it as pod full name now
	Target interface{}
	// Brief error reason
	Error error
	// Human readable error reason
	Message string
}

SyncResult is the result of sync action.

func NewSyncResult added in v1.2.0

func NewSyncResult(action SyncAction, target interface{}) *SyncResult

NewSyncResult generates new SyncResult with specific Action and Target

func (*SyncResult) Fail added in v1.2.0

func (r *SyncResult) Fail(err error, msg string)

Fail fails the SyncResult with specific error and message

type TestRuntimeCache added in v1.3.0

type TestRuntimeCache struct {
	// contains filtered or unexported fields
}

TestRunTimeCache embeds runtimeCache with some additional methods for testing. It must be declared in the container package to have visibility to runtimeCache. It cannot be in a "..._test.go" file in order for runtime_cache_test.go to have cross-package visibility to it. (cross-package declarations in test files cannot be used from dot imports if this package is vendored)

func NewTestRuntimeCache added in v1.3.0

func NewTestRuntimeCache(getter podsGetter) *TestRuntimeCache

func (*TestRuntimeCache) ForceUpdateIfOlder added in v1.3.0

func (r *TestRuntimeCache) ForceUpdateIfOlder(minExpectedCacheTime time.Time) error

func (*TestRuntimeCache) GetCachedPods added in v1.3.0

func (r *TestRuntimeCache) GetCachedPods() []*Pod

func (*TestRuntimeCache) GetPods added in v1.3.0

func (r *TestRuntimeCache) GetPods() ([]*Pod, error)

GetPods returns the cached pods if they are not outdated; otherwise, it retrieves the latest pods and return them.

func (*TestRuntimeCache) UpdateCacheWithLock added in v1.3.0

func (r *TestRuntimeCache) UpdateCacheWithLock() error

type Version added in v0.16.0

type Version interface {
	// Compare compares two versions of the runtime. On success it returns -1
	// if the version is less than the other, 1 if it is greater than the other,
	// or 0 if they are equal.
	Compare(other string) (int, error)
	// String returns a string that represents the version.
	String() string
}

type VolumeInfo added in v1.2.0

type VolumeInfo struct {
	// Mounter is the volume's mounter
	Mounter volume.Mounter
	// SELinuxLabeled indicates whether this volume has had the
	// pod's SELinux label applied to it or not
	SELinuxLabeled bool
}

VolumeInfo contains information about the volume.

type VolumeMap added in v0.17.0

type VolumeMap map[string]VolumeInfo

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL