README
¶
hcsshim
This package supports launching Windows Server containers from Go. It is primarily used in the Docker Engine project, but it can be freely used by other projects as well.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Documentation
¶
Index ¶
- Constants
- Variables
- func ActivateLayer(info DriverInfo, id string) error
- func CreateComputeSystem(id string, configuration string) error
- func CreateLayer(info DriverInfo, id, parent string) error
- func CreateProcessInComputeSystem(id string, useStdin bool, useStdout bool, useStderr bool, ...) (_ uint32, _ io.WriteCloser, _ io.ReadCloser, _ io.ReadCloser, err error)
- func CreateSandboxLayer(info DriverInfo, layerId, parentId string, parentLayerPaths []string) error
- func DeactivateLayer(info DriverInfo, id string) error
- func DestroyLayer(info DriverInfo, id string) error
- func ExpandSandboxSize(info DriverInfo, layerId string, size uint64) error
- func ExportLayer(info DriverInfo, layerId string, exportFolderPath string, ...) error
- func GetLayerMountPath(info DriverInfo, id string) (string, error)
- func GetSharedBaseImages() (imageData string, err error)
- func ImportLayer(info DriverInfo, layerID string, importFolderPath string, ...) error
- func IsTP4() bool
- func LayerExists(info DriverInfo, id string) (bool, error)
- func PrepareLayer(info DriverInfo, layerId string, parentLayerPaths []string) error
- func ProcessBaseLayer(path string) error
- func ProcessUtilityVMImage(path string) error
- func ResizeConsoleInComputeSystem(id string, processid uint32, h, w int) error
- func ShutdownComputeSystem(id string, timeout uint32, context string) error
- func StartComputeSystem(id string) error
- func TerminateComputeSystem(id string, timeout uint32, context string) error
- func TerminateProcessInComputeSystem(id string, processid uint32) (err error)
- func UnprepareLayer(info DriverInfo, layerId string) error
- func WaitForProcessInComputeSystem(id string, processid uint32, timeout uint32) (int32, error)
- type ComputeSystemProperties
- type Container
- type ContainerConfig
- type ContainerError
- type CreateProcessParams
- type DriverInfo
- type FilterLayerReader
- type FilterLayerWriter
- func (w *FilterLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) error
- func (w *FilterLayerWriter) AddLink(name string, target string) error
- func (w *FilterLayerWriter) Close() (err error)
- func (w *FilterLayerWriter) Remove(name string) error
- func (w *FilterLayerWriter) Write(b []byte) (int, error)
- type GUID
- type HNSEndpoint
- type HNSNetwork
- type HcsError
- type HvRuntime
- type Layer
- type LayerReader
- type LayerWriter
- type MacPool
- type MappedDir
- type NatPolicy
- type Process
- type ProcessConfig
- type ProcessError
- type QosPolicy
- type Subnet
- type VlanPolicy
- type VsidPolicy
- type WC_LAYER_DESCRIPTOR
Constants ¶
Variables ¶
var ( // ErrHandleClose is an error returned when the handle generating the notification being waited on has been closed ErrHandleClose = errors.New("hcsshim: the handle generating this notification has been closed") // ErrInvalidNotificationType is an error encountered when an invalid notification type is used ErrInvalidNotificationType = errors.New("hcsshim: invalid notification type") // ErrInvalidProcessState is an error encountered when the process is not in a valid state for the requested operation ErrInvalidProcessState = errors.New("the process is in an invalid state for the attempted operation") // ErrTimeout is an error encountered when waiting on a notification times out ErrTimeout = errors.New("hcsshim: timeout waiting for notification") // ErrUnexpectedContainerExit is the error returned when a container exits while waiting for // a different expected notification ErrUnexpectedContainerExit = errors.New("unexpected container exit") // ErrUnexpectedProcessAbort is the error returned when communication with the compute service // is lost while waiting for a notification ErrUnexpectedProcessAbort = errors.New("lost communication with compute service") // ErrUnexpectedValue is an error returned when hcs returns an invalid value ErrUnexpectedValue = errors.New("unexpected value returned from hcs") // ErrVmcomputeAlreadyStopped is an error returned when a shutdown or terminate request is made on a stopped container ErrVmcomputeAlreadyStopped = syscall.Errno(0xc0370110) // ErrVmcomputeOperationPending is an error returned when the operation is being completed asynchronously ErrVmcomputeOperationPending = syscall.Errno(0xC0370103) )
Functions ¶
func ActivateLayer ¶
func ActivateLayer(info DriverInfo, id string) error
ActivateLayer will find the layer with the given id and mount it's filesystem. For a read/write layer, the mounted filesystem will appear as a volume on the host, while a read-only layer is generally expected to be a no-op. An activated layer must later be deactivated via DeactivateLayer.
func CreateComputeSystem ¶
CreateComputeSystem creates a container, initializing its configuration in the Host Compute Service such that it can be started by a call to the StartComputeSystem method.
func CreateLayer ¶
func CreateLayer(info DriverInfo, id, parent string) error
CreateLayer creates a new, empty, read-only layer on the filesystem based on the parent layer provided.
func CreateProcessInComputeSystem ¶
func CreateProcessInComputeSystem(id string, useStdin bool, useStdout bool, useStderr bool, params CreateProcessParams) (_ uint32, _ io.WriteCloser, _ io.ReadCloser, _ io.ReadCloser, err error)
CreateProcessInComputeSystem starts a process in a container. This is invoked, for example, as a result of docker run, docker exec, or RUN in Dockerfile. If successful, it returns the PID of the process.
func CreateSandboxLayer ¶
func CreateSandboxLayer(info DriverInfo, layerId, parentId string, parentLayerPaths []string) error
CreateSandboxLayer creates and populates new read-write layer for use by a container. This requires both the id of the direct parent layer, as well as the full list of paths to all parent layers up to the base (and including the direct parent whose id was provided).
func DeactivateLayer ¶
func DeactivateLayer(info DriverInfo, id string) error
DeactivateLayer will dismount a layer that was mounted via ActivateLayer.
func DestroyLayer ¶
func DestroyLayer(info DriverInfo, id string) error
DestroyLayer will remove the on-disk files representing the layer with the given id, including that layer's containing folder, if any.
func ExpandSandboxSize ¶ added in v0.3.2
func ExpandSandboxSize(info DriverInfo, layerId string, size uint64) error
ExpandSandboxSize expands the size of a layer to at least size bytes.
func ExportLayer ¶
func ExportLayer(info DriverInfo, layerId string, exportFolderPath string, parentLayerPaths []string) error
ExportLayer will create a folder at exportFolderPath and fill that folder with the transport format version of the layer identified by layerId. This transport format includes any metadata required for later importing the layer (using ImportLayer), and requires the full list of parent layer paths in order to perform the export.
func GetLayerMountPath ¶
func GetLayerMountPath(info DriverInfo, id string) (string, error)
GetLayerMountPath will look for a mounted layer with the given id and return the path at which that layer can be accessed. This path may be a volume path if the layer is a mounted read-write layer, otherwise it is expected to be the folder path at which the layer is stored.
func GetSharedBaseImages ¶
GetSharedBaseImages will enumerate the images stored in the common central image store and return descriptive info about those images for the purpose of registering them with the graphdriver, graph, and tagstore.
func ImportLayer ¶
func ImportLayer(info DriverInfo, layerID string, importFolderPath string, parentLayerPaths []string) error
ImportLayer will take the contents of the folder at importFolderPath and import that into a layer with the id layerId. Note that in order to correctly populate the layer and interperet the transport format, all parent layers must already be present on the system at the paths provided in parentLayerPaths.
func IsTP4 ¶
func IsTP4() bool
IsTP4 returns whether the currently running Windows build is at least TP4.
func LayerExists ¶
func LayerExists(info DriverInfo, id string) (bool, error)
LayerExists will return true if a layer with the given id exists and is known to the system.
func PrepareLayer ¶
func PrepareLayer(info DriverInfo, layerId string, parentLayerPaths []string) error
PrepareLayer finds a mounted read-write layer matching layerId and enables the the filesystem filter for use on that layer. This requires the paths to all parent layers, and is necessary in order to view or interact with the layer as an actual filesystem (reading and writing files, creating directories, etc). Disabling the filter must be done via UnprepareLayer.
func ProcessBaseLayer ¶
ProcessBaseLayer post-processes a base layer that has had its files extracted. The files should have been extracted to <path>\Files.
func ProcessUtilityVMImage ¶
ProcessUtilityVMImage post-processes a utility VM image that has had its files extracted. The files should have been extracted to <path>\Files.
func ResizeConsoleInComputeSystem ¶
ResizeConsoleInComputeSystem updates the height and width of the console session for the process with the given id in the container with the given id.
func ShutdownComputeSystem ¶
ShutdownComputeSystem shuts down a container by requesting a shutdown within the container operating system.
func StartComputeSystem ¶
StartComputeSystem starts a container that has previously been created via CreateComputeSystem.
func TerminateComputeSystem ¶
TerminateComputeSystem force terminates a container.
func TerminateProcessInComputeSystem ¶
TerminateProcessInComputeSystem kills a process in a running container.
func UnprepareLayer ¶
func UnprepareLayer(info DriverInfo, layerId string) error
UnprepareLayer disables the filesystem filter for the read-write layer with the given id.
Types ¶
type ComputeSystemProperties ¶ added in v0.2.2
ComputeSystemProperties is a struct describing the returned properties.
func GetComputeSystemProperties ¶ added in v0.2.2
func GetComputeSystemProperties(id string, flags uint32) (ComputeSystemProperties, error)
GetComputeSystemProperties gets the properties for the compute system with the given ID.
type Container ¶ added in v0.3.0
type Container interface {
// Start synchronously starts the container.
Start() error
// Shutdown requests a container shutdown, but it may not actually be shutdown until Wait() succeeds.
Shutdown() error
// Terminate requests a container terminate, but it may not actually be terminated until Wait() succeeds.
Terminate() error
// Waits synchronously waits for the container to shutdown or terminate.
Wait() error
// WaitTimeout synchronously waits for the container to terminate or the duration to elapse. It
// returns false if timeout occurs.
WaitTimeout(time.Duration) error
// Pause pauses the execution of a container.
Pause() error
// Resume resumes the execution of a container.
Resume() error
// HasPendingUpdates returns true if the container has updates pending to install.
HasPendingUpdates() (bool, error)
// CreateProcess launches a new process within the container.
CreateProcess(c *ProcessConfig) (Process, error)
// OpenProcess gets an interface to an existing process within the container.
OpenProcess(pid int) (Process, error)
// Close cleans up any state associated with the container but does not terminate or wait for it.
Close() error
}
Container represents a created (but not necessarily running) container.
func CreateContainer ¶ added in v0.3.0
func CreateContainer(id string, c *ContainerConfig) (Container, error)
CreateContainer creates a new container with the given configuration but does not start it.
func OpenContainer ¶ added in v0.3.0
OpenContainer opens an existing container by ID.
type ContainerConfig ¶ added in v0.3.0
type ContainerConfig struct {
SystemType string // HCS requires this to be hard-coded to "Container"
Name string // Name of the container. We use the docker ID.
Owner string // The management platform that created this container
IsDummy bool // Used for development purposes.
VolumePath string // Windows volume path for scratch space
IgnoreFlushesDuringBoot bool // Optimization hint for container startup in Windows
LayerFolderPath string // Where the layer folders are located
Layers []Layer // List of storage layers
Credentials string `json:",omitempty"` // Credentials information
ProcessorCount uint32 `json:",omitempty"` // Number of processors to assign to the container.
ProcessorWeight uint64 `json:",omitempty"` // CPU Shares 0..10000 on Windows; where 0 will be omitted and HCS will default.
ProcessorMaximum int64 `json:",omitempty"` // CPU maximum usage percent 1..100
StorageIOPSMaximum uint64 `json:",omitempty"` // Maximum Storage IOPS
StorageBandwidthMaximum uint64 `json:",omitempty"` // Maximum Storage Bandwidth in bytes per second
StorageSandboxSize uint64 `json:",omitempty"` // Size in bytes that the container system drive should be expanded to if smaller
MemoryMaximumInMB int64 `json:",omitempty"` // Maximum memory available to the container in Megabytes
HostName string // Hostname
MappedDirectories []MappedDir // List of mapped directories (volumes/mounts)
SandboxPath string // Location of unmounted sandbox (used for Hyper-V containers)
HvPartition bool // True if it a Hyper-V Container
EndpointList []string // List of networking endpoints to be attached to container
HvRuntime *HvRuntime // Hyper-V container settings
Servicing bool // True if this container is for servicing
}
ContainerConfig is used as both the input of CreateContainer and to convert the parameters to JSON for passing onto the HCS
type ContainerError ¶ added in v0.3.0
ContainerError is an error encountered in HCS during an operation on a Container object
func (*ContainerError) Error ¶ added in v0.3.0
func (e *ContainerError) Error() string
type CreateProcessParams ¶
type CreateProcessParams struct {
ApplicationName string
CommandLine string
WorkingDirectory string
Environment map[string]string
EmulateConsole bool
ConsoleSize [2]int
}
CreateProcessParams is used as both the input of CreateProcessInComputeSystem and to convert the parameters to JSON for passing onto the HCS
type DriverInfo ¶
To pass into syscall, we need a struct matching the following:
enum GraphDriverType
{
DiffDriver,
FilterDriver
};
struct DriverInfo {
GraphDriverType Flavour;
LPCWSTR HomeDir;
};
type FilterLayerReader ¶
type FilterLayerReader struct {
// contains filtered or unexported fields
}
FilterLayerReader provides an interface for extracting the contents of an on-disk layer.
func (*FilterLayerReader) Close ¶
func (r *FilterLayerReader) Close() (err error)
Close frees resources associated with the layer reader. It will return an error if there was an error while reading the layer or of the layer was not completely read.
func (*FilterLayerReader) Next ¶
func (r *FilterLayerReader) Next() (string, int64, *winio.FileBasicInfo, error)
Next reads the next available file from a layer, ensuring that parent directories are always read before child files and directories.
Next returns the file's relative path, size, and basic file metadata. Read() should be used to extract a Win32 backup stream with the remainder of the metadata and the data.
type FilterLayerWriter ¶
type FilterLayerWriter struct {
// contains filtered or unexported fields
}
FilterLayerWriter provides an interface to write the contents of a layer to the file system.
func (*FilterLayerWriter) Add ¶
func (w *FilterLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) error
Add adds a file or directory to the layer. The file's parent directory must have already been added.
name contains the file's relative path. fileInfo contains file times and file attributes; the rest of the file metadata and the file data must be written as a Win32 backup stream to the Write() method. winio.BackupStreamWriter can be used to facilitate this.
func (*FilterLayerWriter) AddLink ¶ added in v0.2.0
func (w *FilterLayerWriter) AddLink(name string, target string) error
AddLink adds a hard link to the layer. The target of the link must have already been added.
func (*FilterLayerWriter) Close ¶
func (w *FilterLayerWriter) Close() (err error)
Close completes the layer write operation. The error must be checked to ensure that the operation was successful.
func (*FilterLayerWriter) Remove ¶
func (w *FilterLayerWriter) Remove(name string) error
Remove removes a file from the layer. The file must have been present in the parent layer.
name contains the file's relative path.
type GUID ¶
type GUID [16]byte
func NameToGuid ¶
NameToGuid converts the given string into a GUID using the algorithm in the Host Compute Service, ensuring GUIDs generated with the same string are common across all clients.
type HNSEndpoint ¶
type HNSEndpoint struct {
Id string `json:",omitempty"`
Name string `json:",omitempty"`
VirtualNetwork string `json:",omitempty"`
VirtualNetworkName string `json:",omitempty"`
Policies []json.RawMessage `json:",omitempty"`
MacAddress string `json:",omitempty"`
IPAddress net.IP `json:",omitempty"`
DNSSuffix string `json:",omitempty"`
DNSServerList string `json:",omitempty"`
GatewayAddress string `json:",omitempty"`
PrefixLength uint8 `json:",omitempty"`
}
HNSEndpoint represents a network endpoint in HNS
func HNSEndpointRequest ¶
func HNSEndpointRequest(method, path, request string) (*HNSEndpoint, error)
HNSEndpointRequest makes a HNS call to modify/query a network endpoint
type HNSNetwork ¶
type HNSNetwork struct {
Id string `json:",omitempty"`
Name string `json:",omitempty"`
Type string `json:",omitempty"`
NetworkAdapterName string `json:",omitempty"`
SourceMac string `json:",omitempty"`
Policies []json.RawMessage `json:",omitempty"`
MacPools []MacPool `json:",omitempty"`
Subnets []Subnet `json:",omitempty"`
DNSSuffix string `json:",omitempty"`
DNSServerList string `json:",omitempty"`
}
HNSNetwork represents a network in HNS
func HNSListNetworkRequest ¶
func HNSListNetworkRequest(method, path, request string) ([]HNSNetwork, error)
HNSListNetworkRequest makes a HNS call to query the list of available networks
func HNSNetworkRequest ¶
func HNSNetworkRequest(method, path, request string) (*HNSNetwork, error)
HNSNetworkRequest makes a call into HNS to update/query a single network
type LayerReader ¶
type LayerReader interface {
Next() (string, int64, *winio.FileBasicInfo, error)
Read(b []byte) (int, error)
Close() error
}
func NewLayerReader ¶
func NewLayerReader(info DriverInfo, layerID string, parentLayerPaths []string) (LayerReader, error)
NewLayerReader returns a new layer reader for reading the contents of an on-disk layer. The caller must have taken the SeBackupPrivilege privilege to call this and any methods on the resulting LayerReader.
type LayerWriter ¶
type LayerWriter interface {
// Add adds a file to the layer with given metadata.
Add(name string, fileInfo *winio.FileBasicInfo) error
// AddLink adds a hard link to the layer. The target must already have been added.
AddLink(name string, target string) error
// Remove removes a file that was present in a parent layer from the layer.
Remove(name string) error
// Write writes data to the current file. The data must be in the format of a Win32
// backup stream.
Write(b []byte) (int, error)
// Close finishes the layer writing process and releases any resources.
Close() error
}
LayerWriter is an interface that supports writing a new container image layer.
func NewLayerWriter ¶
func NewLayerWriter(info DriverInfo, layerID string, parentLayerPaths []string) (LayerWriter, error)
NewLayerWriter returns a new layer writer for creating a layer on disk. The caller must have taken the SeBackupPrivilege and SeRestorePrivilege privileges to call this and any methods on the resulting LayerWriter.
type MacPool ¶
type MacPool struct {
StartMacAddress string `json:",omitempty"`
EndMacAddress string `json:",omitempty"`
}
MacPool is assoicated with a network and represents a list of macaddresses available to the network
type Process ¶ added in v0.3.0
type Process interface {
// Pid returns the process ID of the process within the container.
Pid() int
// Kill signals the process to terminate but does not wait for it to finish terminating.
Kill() error
// Wait waits for the process to exit.
Wait() error
// WaitTimeout waits for the process to exit or the duration to elapse. It returns
// false if timeout occurs.
WaitTimeout(time.Duration) error
// ExitCode returns the exit code of the process. The process must have
// already terminated.
ExitCode() (int, error)
// ResizeConsole resizes the console of the process.
ResizeConsole(width, height uint16) error
// Stdio returns the stdin, stdout, and stderr pipes, respectively. Closing
// these pipes does not close the underlying pipes; it should be possible to
// call this multiple times to get multiple interfaces.
Stdio() (io.WriteCloser, io.ReadCloser, io.ReadCloser, error)
// CloseStdin closes the write side of the stdin pipe so that the process is
// notified on the read side that there is no more data in stdin.
CloseStdin() error
// Close cleans up any state associated with the process but does not kill
// or wait on it.
Close() error
}
Process represents a running or exited process.
type ProcessConfig ¶ added in v0.3.0
type ProcessConfig struct {
ApplicationName string
CommandLine string
WorkingDirectory string
Environment map[string]string
EmulateConsole bool
CreateStdInPipe bool
CreateStdOutPipe bool
CreateStdErrPipe bool
ConsoleSize [2]int
}
ProcessConfig is used as both the input of Container.CreateProcess and to convert the parameters to JSON for passing onto the HCS
type ProcessError ¶ added in v0.3.0
ProcessError is an error encountered in HCS during an operation on a Process object
func (*ProcessError) Error ¶ added in v0.3.0
func (e *ProcessError) Error() string
type Subnet ¶
type Subnet struct {
AddressPrefix string `json:",omitempty"`
GatewayAddress string `json:",omitempty"`
}
Subnet is assoicated with a network and represents a list of subnets available to the network
type VlanPolicy ¶ added in v0.3.2
type VsidPolicy ¶ added in v0.3.2
type WC_LAYER_DESCRIPTOR ¶
To pass into syscall, we need a struct matching the following:
typedef struct _WC_LAYER_DESCRIPTOR {
//
// The ID of the layer
//
GUID LayerId;
//
// Additional flags
//
union {
struct {
ULONG Reserved : 31;
ULONG Dirty : 1; // Created from sandbox as a result of snapshot
};
ULONG Value;
} Flags;
//
// Path to the layer root directory, null-terminated
//
PCWSTR Path;
} WC_LAYER_DESCRIPTOR, *PWC_LAYER_DESCRIPTOR;
Source Files
¶
- activatelayer.go
- baselayer.go
- callback.go
- container.go
- createcomputesystem.go
- createlayer.go
- createprocess.go
- createsandboxlayer.go
- deactivatelayer.go
- destroylayer.go
- errors.go
- expandsandboxsize.go
- exportlayer.go
- getcomputesystemproperties.go
- getlayermountpath.go
- getsharedbaseimages.go
- guid.go
- hcsshim.go
- hnsfuncs.go
- importlayer.go
- interface.go
- layerexists.go
- layerutils.go
- legacy.go
- nametoguid.go
- preparelayer.go
- process.go
- processimage.go
- resizeconsole.go
- shutdownterminatecomputesystem.go
- startcomputesystem.go
- terminateprocess.go
- unpreparelayer.go
- utils.go
- version.go
- waithelper.go
- waitprocess.go
- zhcsshim.go
Directories