Documentation ¶
Index ¶
- Constants
- Variables
- func IsValidHealthString(s string) bool
- func IsValidStateString(s string) bool
- func ReplaceOrAppendEnvValues(defaults, overrides []string) []string
- type Container
- func (container *Container) AddMountPointWithVolume(destination string, vol volume.Volume, rw bool)
- func (container *Container) BuildHostnameFile() error
- func (container *Container) CancelAttachContext()
- func (container *Container) CheckpointDir() string
- func (container *Container) CheckpointTo(store ViewDB) error
- func (container *Container) CloseStreams() error
- func (container *Container) ConfigFilePath(configRef swarmtypes.ConfigReference) (string, error)
- func (container *Container) ConfigPath() (string, error)
- func (container *Container) CopyImagePathContent(v volume.Volume, destination string) error
- func (container *Container) CreateDaemonEnvironment(tty bool, linkedEnv []string) []string
- func (container *Container) DetachAndUnmount(volumeEventLog func(name, action string, attributes map[string]string)) error
- func (container *Container) EnableServiceDiscoveryOnDefaultNetwork() bool
- func (container *Container) ExitOnNext()
- func (container *Container) FromDisk() error
- func (container *Container) FullHostname() string
- func (container *Container) GetExecIDs() []string
- func (container *Container) GetMountLabel() string
- func (container *Container) GetMountPoints() []types.MountPoint
- func (container *Container) GetProcessLabel() string
- func (container *Container) GetResourcePath(path string) (string, error)
- func (container *Container) GetRootResourcePath(path string) (string, error)
- func (container *Container) HasMountFor(path string) bool
- func (container *Container) HostConfigPath() (string, error)
- func (container *Container) InitAttachContext() context.Context
- func (container *Container) InitDNSHostConfig()
- func (container *Container) InitializeStdio(iop *cio.DirectIO) (cio.IO, error)
- func (container *Container) IpcMounts() []Mount
- func (container *Container) IsDestinationMounted(destination string) bool
- func (container *Container) MountsResourcePath(mount string) (string, error)
- func (container *Container) NetworkMounts() []Mount
- func (container *Container) Reset(lock bool)
- func (container *Container) ResetRestartManager(resetCount bool)
- func (container *Container) ResolvePath(path string) (resolvedPath, absPath string, err error)
- func (container *Container) RestartManager() restartmanager.RestartManager
- func (container *Container) SecretFilePath(secretRef swarmtypes.SecretReference) (string, error)
- func (container *Container) SecretMountPath() (string, error)
- func (container *Container) SecretMounts() ([]Mount, error)
- func (container *Container) SetupWorkingDirectory(rootIdentity idtools.Identity) error
- func (container *Container) ShmResourcePath() (string, error)
- func (container *Container) ShouldRestart() bool
- func (container *Container) StartLogger() (logger.Logger, error)
- func (container *Container) StatPath(resolvedPath, absPath string) (stat *types.ContainerPathStat, err error)
- func (container *Container) StderrPipe() io.ReadCloser
- func (container *Container) StdinPipe() io.WriteCloser
- func (container *Container) StdoutPipe() io.ReadCloser
- func (container *Container) StopSignal() int
- func (container *Container) StopTimeout() int
- func (container *Container) TmpfsMounts() ([]Mount, error)
- func (container *Container) TrySetNetworkMount(destination string, path string) bool
- func (container *Container) UnmountIpcMount() error
- func (container *Container) UnmountSecrets() error
- func (container *Container) UnmountVolumes(volumeEventLog func(name, action string, attributes map[string]string)) error
- func (container *Container) UpdateContainer(hostConfig *containertypes.HostConfig) error
- func (container *Container) UpdateMonitor(restartPolicy containertypes.RestartPolicy)
- func (container *Container) WriteHostConfig() (*containertypes.HostConfig, error)
- type ExitStatus
- type Health
- type History
- type Mount
- type NoSuchContainerError
- type Snapshot
- type State
- func (s *State) Err() error
- func (s *State) ExitCode() int
- func (s *State) GetPID() int
- func (s *State) IsDead() bool
- func (s *State) IsPaused() bool
- func (s *State) IsRemovalInProgress() bool
- func (s *State) IsRestarting() bool
- func (s *State) IsRunning() bool
- func (s *State) ResetRemovalInProgress()
- func (s *State) SetDead()
- func (s *State) SetError(err error)
- func (s *State) SetExitCode(ec int)
- func (s *State) SetRemovalError(err error)
- func (s *State) SetRemovalInProgress() bool
- func (s *State) SetRemoved()
- func (s *State) SetRestarting(exitStatus *ExitStatus)
- func (s *State) SetRunning(pid int, initial bool)
- func (s *State) SetStopped(exitStatus *ExitStatus)
- func (s *State) StateString() string
- func (s *State) String() string
- func (s *State) Wait(ctx context.Context, condition WaitCondition) <-chan StateStatus
- type StateStatus
- type Store
- type StoreFilter
- type StoreReducer
- type View
- type ViewDB
- type WaitCondition
Constants ¶
const ( // DefaultStopTimeout sets the default time, in seconds, to wait // for the graceful container stop before forcefully terminating it. DefaultStopTimeout = 10 )
Variables ¶
var ( // ErrNameReserved is an error which is returned when a name is requested to be reserved that already is reserved ErrNameReserved = errors.New("name is reserved") // ErrNameNotReserved is an error which is returned when trying to find a name that is not reserved ErrNameNotReserved = errors.New("name is not reserved") )
Functions ¶
func IsValidHealthString ¶
IsValidHealthString checks if the provided string is a valid container health status or not.
func IsValidStateString ¶
IsValidStateString checks if the provided string is a valid container state or not.
func ReplaceOrAppendEnvValues ¶
ReplaceOrAppendEnvValues returns the defaults with the overrides either replaced by env key or appended to the list
Types ¶
type Container ¶
type Container struct { StreamConfig *stream.Config // embed for Container to support states directly. *State `json:"State"` // Needed for Engine API version <= 1.11 Root string `json:"-"` // Path to the "home" of the container, including metadata. BaseFS containerfs.ContainerFS `json:"-"` // interface containing graphdriver mount RWLayer layer.RWLayer `json:"-"` ID string Created time.Time Managed bool Path string Args []string Config *containertypes.Config ImageID image.ID `json:"Image"` NetworkSettings *network.Settings LogPath string Name string Driver string OS string // MountLabel contains the options for the 'mount' command MountLabel string ProcessLabel string RestartCount int HasBeenStartedBefore bool HasBeenManuallyStopped bool // used for unless-stopped restart policy MountPoints map[string]*volumemounts.MountPoint HostConfig *containertypes.HostConfig `json:"-"` // do not serialize the host config in the json, otherwise we'll make the container unportable ExecCommands *exec.Store `json:"-"` DependencyStore agentexec.DependencyGetter `json:"-"` SecretReferences []*swarmtypes.SecretReference ConfigReferences []*swarmtypes.ConfigReference // logDriver for closing LogDriver logger.Logger `json:"-"` LogCopier *logger.Copier `json:"-"` // Fields here are specific to Unix platforms AppArmorProfile string HostnamePath string HostsPath string ShmPath string ResolvConfPath string SeccompProfile string NoNewPrivileges bool // Fields here are specific to Windows // contains filtered or unexported fields }
Container holds the structure defining a container object.
func NewBaseContainer ¶
NewBaseContainer creates a new container with its basic configuration.
func (*Container) AddMountPointWithVolume ¶
AddMountPointWithVolume adds a new mount point configured with a volume to the container.
func (*Container) BuildHostnameFile ¶
BuildHostnameFile writes the container's hostname file.
func (*Container) CancelAttachContext ¶
func (container *Container) CancelAttachContext()
CancelAttachContext cancels attach context. All attach calls should detach after this call.
func (*Container) CheckpointDir ¶
CheckpointDir returns the directory checkpoints are stored in
func (*Container) CheckpointTo ¶
CheckpointTo makes the Container's current state visible to queries, and persists state. Callers must hold a Container lock.
func (*Container) CloseStreams ¶
CloseStreams closes the container's stdio streams
func (*Container) ConfigFilePath ¶
func (container *Container) ConfigFilePath(configRef swarmtypes.ConfigReference) (string, error)
ConfigFilePath returns the path to the on-disk location of a config. On unix, configs are always considered secret
func (*Container) ConfigPath ¶
ConfigPath returns the path to the container's JSON config
func (*Container) CopyImagePathContent ¶
CopyImagePathContent copies files in destination to the volume.
func (*Container) CreateDaemonEnvironment ¶
CreateDaemonEnvironment creates a new environment variable slice for this container.
func (*Container) DetachAndUnmount ¶
func (container *Container) DetachAndUnmount(volumeEventLog func(name, action string, attributes map[string]string)) error
DetachAndUnmount uses a detached mount on all mount destinations, then unmounts each volume normally. This is used from daemon/archive for `docker cp`
func (*Container) EnableServiceDiscoveryOnDefaultNetwork ¶
EnableServiceDiscoveryOnDefaultNetwork Enable service discovery on default network
func (*Container) ExitOnNext ¶
func (container *Container) ExitOnNext()
ExitOnNext signals to the monitor that it should not restart the container after we send the kill signal.
func (*Container) FullHostname ¶
FullHostname returns hostname and optional domain appended to it.
func (*Container) GetExecIDs ¶
GetExecIDs returns the list of exec commands running on the container.
func (*Container) GetMountLabel ¶
GetMountLabel returns the mounting label for the container. This label is empty if the container is privileged.
func (*Container) GetMountPoints ¶
func (container *Container) GetMountPoints() []types.MountPoint
GetMountPoints gives a platform specific transformation to types.MountPoint. Callers must hold a Container lock.
func (*Container) GetProcessLabel ¶
GetProcessLabel returns the process label for the container.
func (*Container) GetResourcePath ¶
GetResourcePath evaluates `path` in the scope of the container's BaseFS, with proper path sanitisation. Symlinks are all scoped to the BaseFS of the container, as though the container's BaseFS was `/`.
The BaseFS of a container is the host-facing path which is bind-mounted as `/` inside the container. This method is essentially used to access a particular path inside the container as though you were a process in that container.
NOTE: The returned path is *only* safely scoped inside the container's BaseFS
if no component of the returned path changes (such as a component symlinking to a different path) between using this method and using the path. See symlink.FollowSymlinkInScope for more details.
func (*Container) GetRootResourcePath ¶
GetRootResourcePath evaluates `path` in the scope of the container's root, with proper path sanitisation. Symlinks are all scoped to the root of the container, as though the container's root was `/`.
The root of a container is the host-facing configuration metadata directory. Only use this method to safely access the container's `container.json` or other metadata files. If in doubt, use container.GetResourcePath.
NOTE: The returned path is *only* safely scoped inside the container's root
if no component of the returned path changes (such as a component symlinking to a different path) between using this method and using the path. See symlink.FollowSymlinkInScope for more details.
func (*Container) HasMountFor ¶
HasMountFor checks if path is a mountpoint
func (*Container) HostConfigPath ¶
HostConfigPath returns the path to the container's JSON hostconfig
func (*Container) InitAttachContext ¶
InitAttachContext initializes or returns existing context for attach calls to track container liveness.
func (*Container) InitDNSHostConfig ¶
func (container *Container) InitDNSHostConfig()
InitDNSHostConfig ensures that the dns fields are never nil. New containers don't ever have those fields nil, but pre created containers can still have those nil values. The non-recommended host configuration in the start api can make these fields nil again, this corrects that issue until we remove that behavior for good. See https://github.com/docker/docker/pull/17779 for a more detailed explanation on why we don't want that.
func (*Container) InitializeStdio ¶
InitializeStdio is called by libcontainerd to connect the stdio.
func (*Container) IsDestinationMounted ¶
IsDestinationMounted checks whether a path is mounted on the container or not.
func (*Container) MountsResourcePath ¶
MountsResourcePath returns the path where mounts are stored for the given mount
func (*Container) NetworkMounts ¶
NetworkMounts returns the list of network mounts.
func (*Container) ResetRestartManager ¶
ResetRestartManager initializes new restartmanager based on container config
func (*Container) ResolvePath ¶
ResolvePath resolves the given path in the container to a resource on the host. Returns a resolved path (absolute path to the resource on the host), the absolute path to the resource relative to the container's rootfs, and an error if the path points to outside the container's rootfs.
func (*Container) RestartManager ¶
func (container *Container) RestartManager() restartmanager.RestartManager
RestartManager returns the current restartmanager instance connected to container.
func (*Container) SecretFilePath ¶
func (container *Container) SecretFilePath(secretRef swarmtypes.SecretReference) (string, error)
SecretFilePath returns the path to the location of a secret on the host.
func (*Container) SecretMountPath ¶
SecretMountPath returns the path of the secret mount for the container
func (*Container) SecretMounts ¶
SecretMounts returns the mounts for the secret path.
func (*Container) SetupWorkingDirectory ¶
SetupWorkingDirectory sets up the container's working directory as set in container.Config.WorkingDir
func (*Container) ShmResourcePath ¶
ShmResourcePath returns path to shm
func (*Container) ShouldRestart ¶
ShouldRestart decides whether the daemon should restart the container or not. This is based on the container's restart policy.
func (*Container) StartLogger ¶
StartLogger starts a new logger driver for the container.
func (*Container) StatPath ¶
func (container *Container) StatPath(resolvedPath, absPath string) (stat *types.ContainerPathStat, err error)
StatPath is the unexported version of StatPath. Locks and mounts should be acquired before calling this method and the given path should be fully resolved to a path on the host corresponding to the given absolute path inside the container.
func (*Container) StderrPipe ¶
func (container *Container) StderrPipe() io.ReadCloser
StderrPipe gets the stderr stream of the container
func (*Container) StdinPipe ¶
func (container *Container) StdinPipe() io.WriteCloser
StdinPipe gets the stdin stream of the container
func (*Container) StdoutPipe ¶
func (container *Container) StdoutPipe() io.ReadCloser
StdoutPipe gets the stdout stream of the container
func (*Container) StopSignal ¶
StopSignal returns the signal used to stop the container.
func (*Container) StopTimeout ¶
StopTimeout returns the timeout (in seconds) used to stop the container.
func (*Container) TmpfsMounts ¶
TmpfsMounts returns the list of tmpfs mounts
func (*Container) TrySetNetworkMount ¶
TrySetNetworkMount attempts to set the network mounts given a provided destination and the path to use for it; return true if the given destination was a network mount file
func (*Container) UnmountIpcMount ¶
UnmountIpcMount unmounts shm if it was mounted
func (*Container) UnmountSecrets ¶
UnmountSecrets unmounts the local tmpfs for secrets
func (*Container) UnmountVolumes ¶
func (container *Container) UnmountVolumes(volumeEventLog func(name, action string, attributes map[string]string)) error
UnmountVolumes unmounts all volumes
func (*Container) UpdateContainer ¶
func (container *Container) UpdateContainer(hostConfig *containertypes.HostConfig) error
UpdateContainer updates configuration of a container. Callers must hold a Lock on the Container.
func (*Container) UpdateMonitor ¶
func (container *Container) UpdateMonitor(restartPolicy containertypes.RestartPolicy)
UpdateMonitor updates monitor configure for running container
func (*Container) WriteHostConfig ¶
func (container *Container) WriteHostConfig() (*containertypes.HostConfig, error)
WriteHostConfig saves the host configuration on disk for the container, and returns a deep copy of the saved object. Callers must hold a Container lock.
type ExitStatus ¶
type ExitStatus struct { // The exit code with which the container exited. ExitCode int // Whether the container encountered an OOM. OOMKilled bool // Time at which the container died ExitedAt time.Time }
ExitStatus provides exit reasons for a container.
type Health ¶
Health holds the current container health-check state
func (*Health) CloseMonitorChannel ¶
func (s *Health) CloseMonitorChannel()
CloseMonitorChannel closes any existing monitor channel.
func (*Health) OpenMonitorChannel ¶
func (s *Health) OpenMonitorChannel() chan struct{}
OpenMonitorChannel creates and returns a new monitor channel. If there already is one, it returns nil.
func (*Health) SetStatus ¶
SetStatus writes the current status to the underlying health structure, obeying the locking semantics.
Status may be set directly if another lock is used.
type History ¶
type History []*Container
History is a convenience type for storing a list of containers, sorted by creation date in descendant order.
type Mount ¶
type Mount struct { Source string `json:"source"` Destination string `json:"destination"` Writable bool `json:"writable"` Data string `json:"data"` Propagation string `json:"mountpropagation"` }
Mount contains information for a mount operation.
type NoSuchContainerError ¶
type NoSuchContainerError struct {
// contains filtered or unexported fields
}
NoSuchContainerError indicates that the container wasn't found in the database.
func (NoSuchContainerError) Error ¶
func (e NoSuchContainerError) Error() string
Error satisfies the error interface.
type Snapshot ¶
type Snapshot struct { types.Container // additional info queries need to filter on // preserve nanosec resolution for queries CreatedAt time.Time StartedAt time.Time Name string Pid int ExitCode int Running bool Paused bool Managed bool ExposedPorts nat.PortSet PortBindings nat.PortSet Health string HostConfig struct { Isolation string } }
Snapshot is a read only view for Containers. It holds all information necessary to serve container queries in a versioned ACID in-memory store.
type State ¶
type State struct { sync.Mutex // Note that `Running` and `Paused` are not mutually exclusive: // When pausing a container (on Linux), the cgroups freezer is used to suspend // all processes in the container. Freezing the process requires the process to // be running. As a result, paused containers are both `Running` _and_ `Paused`. Running bool Paused bool Restarting bool OOMKilled bool RemovalInProgress bool // Not need for this to be persistent on disk. Dead bool Pid int ExitCodeValue int `json:"ExitCode"` ErrorMsg string `json:"Error"` // contains last known error during container start, stop, or remove StartedAt time.Time FinishedAt time.Time Health *Health // contains filtered or unexported fields }
State holds the current container state, and has methods to get and set the state. Container has an embed, which allows all of the functions defined against State to run against Container.
func NewState ¶
func NewState() *State
NewState creates a default state object with a fresh channel for state changes.
func (*State) ExitCode ¶
ExitCode returns current exitcode for the state. Take lock before if state may be shared.
func (*State) IsDead ¶
IsDead returns whether the Dead flag is set. Used by Container to check whether a container is dead.
func (*State) IsRemovalInProgress ¶
IsRemovalInProgress returns whether the RemovalInProgress flag is set. Used by Container to check whether a container is being removed.
func (*State) IsRestarting ¶
IsRestarting returns whether the container is restarting or not.
func (*State) IsRunning ¶
IsRunning returns whether the running flag is set. Used by Container to check whether a container is running.
func (*State) ResetRemovalInProgress ¶
func (s *State) ResetRemovalInProgress()
ResetRemovalInProgress makes the RemovalInProgress state to false.
func (*State) SetError ¶
SetError sets the container's error state. This is useful when we want to know the error that occurred when container transits to another state when inspecting it
func (*State) SetExitCode ¶
SetExitCode sets current exitcode for the state. Take lock before if state may be shared.
func (*State) SetRemovalError ¶
SetRemovalError is to be called in case a container remove failed. It sets an error and closes the internal waitRemove channel to unblock callers waiting for the container to be removed.
func (*State) SetRemovalInProgress ¶
SetRemovalInProgress sets the container state as being removed. It returns true if the container was already in that state.
func (*State) SetRemoved ¶
func (s *State) SetRemoved()
SetRemoved assumes this container is already in the "dead" state and closes the internal waitRemove channel to unblock callers waiting for a container to be removed.
func (*State) SetRestarting ¶
func (s *State) SetRestarting(exitStatus *ExitStatus)
SetRestarting sets the container state to "restarting" without locking. It also sets the container PID to 0.
func (*State) SetRunning ¶
SetRunning sets the state of the container to "running".
func (*State) SetStopped ¶
func (s *State) SetStopped(exitStatus *ExitStatus)
SetStopped sets the container state to "stopped" without locking.
func (*State) StateString ¶
StateString returns a single string to describe state
func (*State) Wait ¶
func (s *State) Wait(ctx context.Context, condition WaitCondition) <-chan StateStatus
Wait waits until the container is in a certain state indicated by the given condition. A context must be used for cancelling the request, controlling timeouts, and avoiding goroutine leaks. Wait must be called without holding the state lock. Returns a channel from which the caller will receive the result. If the container exited on its own, the result's Err() method will be nil and its ExitCode() method will return the container's exit code, otherwise, the results Err() method will return an error indicating why the wait operation failed.
type StateStatus ¶
type StateStatus struct {
// contains filtered or unexported fields
}
StateStatus is used to return container wait results. Implements exec.ExitCode interface. This type is needed as State include a sync.Mutex field which make copying it unsafe.
func (StateStatus) Err ¶
func (s StateStatus) Err() error
Err returns current error for the state. Returns nil if the container had exited on its own.
func (StateStatus) ExitCode ¶
func (s StateStatus) ExitCode() int
ExitCode returns current exitcode for the state.
type Store ¶
type Store interface { // Add appends a new container to the store. Add(string, *Container) // Get returns a container from the store by the identifier it was stored with. Get(string) *Container // Delete removes a container from the store by the identifier it was stored with. Delete(string) // List returns a list of containers from the store. List() []*Container // Size returns the number of containers in the store. Size() int // First returns the first container found in the store by a given filter. First(StoreFilter) *Container // ApplyAll calls the reducer function with every container in the store. ApplyAll(StoreReducer) }
Store defines an interface that any container store must implement.
type StoreFilter ¶
StoreFilter defines a function to filter container in the store.
type StoreReducer ¶
type StoreReducer func(*Container)
StoreReducer defines a function to manipulate containers in the store
type View ¶
type View interface { All() ([]Snapshot, error) Get(id string) (*Snapshot, error) GetID(name string) (string, error) GetAllNames() map[string][]string }
View can be used by readers to avoid locking
type ViewDB ¶
type ViewDB interface { Snapshot() View Save(*Container) error Delete(*Container) error ReserveName(name, containerID string) error ReleaseName(name string) error }
ViewDB provides an in-memory transactional (ACID) container Store
type WaitCondition ¶
type WaitCondition int
WaitCondition is an enum type for different states to wait for.
const ( WaitConditionNotRunning WaitCondition = iota WaitConditionNextExit WaitConditionRemoved )
Possible WaitCondition Values.
WaitConditionNotRunning (default) is used to wait for any of the non-running states: "created", "exited", "dead", "removing", or "removed".
WaitConditionNextExit is used to wait for the next time the state changes to a non-running state. If the state is currently "created" or "exited", this would cause Wait() to block until either the container runs and exits or is removed.
WaitConditionRemoved is used to wait for the container to be removed.