Documentation ¶
Index ¶
- Constants
- func GetConflictFreeLabels(labels []string) ([]string, error)
- func ModifiedDiscoverySettings(config *Config, backendType, advertise string, clusterOpts map[string]string) bool
- func ParseClusterAdvertiseSettings(clusterStore, clusterAdvertise string) (string, error)
- func ParseGenericResources(value []string) ([]swarm.GenericResource, error)
- func Reload(configFile string, flags *pflag.FlagSet, reload func(*Config)) error
- func Validate(config *Config) error
- func ValidateMaxDownloadAttempts(config *Config) error
- func ValidateMaxUploadAttempts(config *Config) error
- type BridgeConfig
- type BuilderConfig
- type BuilderEntitlements
- type BuilderGCConfig
- type BuilderGCFilter
- type BuilderGCRule
- type CommonConfig
- type CommonTLSOptions
- type CommonUnixConfig
- type Config
- func (conf *Config) GetAllRuntimes() map[string]types.Runtime
- func (conf *Config) GetDefaultRuntimeName() string
- func (conf *Config) GetExecRoot() string
- func (conf *Config) GetInitPath() string
- func (conf *Config) GetResolvConf() string
- func (conf *Config) GetRuntime(name string) *types.Runtime
- func (conf *Config) IsRootless() bool
- func (conf *Config) IsSwarmCompatible() error
- func (conf *Config) IsValueSet(name string) bool
- func (conf *Config) ValidatePlatformConfig() error
- type DNSConfig
- type LogConfig
- type NetworkConfig
Constants ¶
const ( // DefaultMaxConcurrentDownloads is the default value for // maximum number of downloads that // may take place at a time for each pull. DefaultMaxConcurrentDownloads = 3 // DefaultMaxConcurrentUploads is the default value for // maximum number of uploads that // may take place at a time for each push. DefaultMaxConcurrentUploads = 5 // DefaultDownloadAttempts is the default value for // maximum number of attempts that // may take place at a time for each pull when the connection is lost. DefaultDownloadAttempts = 5 // DefaultUploadAttempts is the default value for // maximum number of attempts that // may take place at a time for each push when the connection is lost. DefaultUploadAttempts = 5 // DefaultShmSize is the default value for container's shm size DefaultShmSize = int64(67108864) // DefaultNetworkMtu is the default value for network MTU DefaultNetworkMtu = 1500 // DisableNetworkBridge is the default value of the option to disable network bridge DisableNetworkBridge = "none" // DefaultInitBinary is the name of the default init binary DefaultInitBinary = "balena-engine-init" // StockRuntimeName is the reserved name/alias used to represent the // OCI runtime being shipped with the docker daemon package. StockRuntimeName = "runc" // LinuxV1RuntimeName is the runtime used to specify the containerd v1 shim with the runc binary // Note this is different than io.containerd.runc.v1 which would be the v1 shim using the v2 shim API. // This is specifically for the v1 shim using the v1 shim API. LinuxV1RuntimeName = "io.containerd.runtime.v1.linux" // LinuxV2RuntimeName is the runtime used to specify the containerd v2 runc shim LinuxV2RuntimeName = "io.containerd.runc.v2" )
const (
// DefaultIpcMode is default for container's IpcMode, if not set otherwise
DefaultIpcMode = "private"
)
Variables ¶
This section is empty.
Functions ¶
func GetConflictFreeLabels ¶
GetConflictFreeLabels validates Labels for conflict In swarm the duplicates for labels are removed so we only take same values here, no conflict values If the key-value is the same we will only take the last label
func ModifiedDiscoverySettings ¶
func ModifiedDiscoverySettings(config *Config, backendType, advertise string, clusterOpts map[string]string) bool
ModifiedDiscoverySettings returns whether the discovery configuration has been modified or not.
func ParseClusterAdvertiseSettings ¶
ParseClusterAdvertiseSettings parses the specified advertise settings
func ParseGenericResources ¶
func ParseGenericResources(value []string) ([]swarm.GenericResource, error)
ParseGenericResources parses and validates the specified string as a list of GenericResource
func Validate ¶
Validate validates some specific configs. such as config.DNS, config.Labels, config.DNSSearch, as well as config.MaxConcurrentDownloads, config.MaxConcurrentUploads and config.MaxDownloadAttempts.
func ValidateMaxDownloadAttempts ¶
ValidateMaxDownloadAttempts validates if the max-download-attempts is within the valid range
func ValidateMaxUploadAttempts ¶
ValidateMaxUploadAttempts validates if the max-upload-attempts is within the valid range
Types ¶
type BridgeConfig ¶
type BridgeConfig struct { // Fields below here are platform specific. EnableIPv6 bool `json:"ipv6,omitempty"` EnableIPTables bool `json:"iptables,omitempty"` EnableIP6Tables bool `json:"ip6tables,omitempty"` EnableIPForward bool `json:"ip-forward,omitempty"` EnableIPMasq bool `json:"ip-masq,omitempty"` EnableUserlandProxy bool `json:"userland-proxy,omitempty"` UserlandProxyPath string `json:"userland-proxy-path,omitempty"` FixedCIDRv6 string `json:"fixed-cidr-v6,omitempty"` // contains filtered or unexported fields }
BridgeConfig stores all the bridge driver specific configuration.
type BuilderConfig ¶
type BuilderConfig struct { GC BuilderGCConfig `json:",omitempty"` Entitlements BuilderEntitlements `json:",omitempty"` }
BuilderConfig contains config for the builder
type BuilderEntitlements ¶
type BuilderEntitlements struct { NetworkHost *bool `json:"network-host,omitempty"` SecurityInsecure *bool `json:"security-insecure,omitempty"` }
BuilderEntitlements contains settings to enable/disable entitlements
type BuilderGCConfig ¶
type BuilderGCConfig struct { Enabled bool `json:",omitempty"` Policy []BuilderGCRule `json:",omitempty"` DefaultKeepStorage string `json:",omitempty"` }
BuilderGCConfig contains GC config for a buildkit builder
type BuilderGCFilter ¶
BuilderGCFilter contains garbage-collection filter rules for a BuildKit builder
func (*BuilderGCFilter) MarshalJSON ¶
func (x *BuilderGCFilter) MarshalJSON() ([]byte, error)
MarshalJSON returns a JSON byte representation of the BuilderGCFilter
func (*BuilderGCFilter) UnmarshalJSON ¶
func (x *BuilderGCFilter) UnmarshalJSON(data []byte) error
UnmarshalJSON fills the BuilderGCFilter values structure from JSON input
type BuilderGCRule ¶
type BuilderGCRule struct { All bool `json:",omitempty"` Filter BuilderGCFilter `json:",omitempty"` KeepStorage string `json:",omitempty"` }
BuilderGCRule represents a GC rule for buildkit cache
type CommonConfig ¶
type CommonConfig struct { AuthzMiddleware *authorization.Middleware `json:"-"` AuthorizationPlugins []string `json:"authorization-plugins,omitempty"` // AuthorizationPlugins holds list of authorization plugins AutoRestart bool `json:"-"` Context map[string][]string `json:"-"` DisableBridge bool `json:"-"` ExecOptions []string `json:"exec-opts,omitempty"` GraphDriver string `json:"storage-driver,omitempty"` GraphOptions []string `json:"storage-opts,omitempty"` DeltaGraphDriver string `json:"delta-storage-driver,omitempty"` DeltaGraphOptions []string `json:"delta-storage-opts,omitempty"` Labels []string `json:"labels,omitempty"` Mtu int `json:"mtu,omitempty"` NetworkDiagnosticPort int `json:"network-diagnostic-port,omitempty"` Pidfile string `json:"pidfile,omitempty"` RawLogs bool `json:"raw-logs,omitempty"` RootDeprecated string `json:"graph,omitempty"` Root string `json:"data-root,omitempty"` DeltaRoot string `json:"delta-data-root,omitempty"` ExecRoot string `json:"exec-root,omitempty"` SocketGroup string `json:"group,omitempty"` CorsHeaders string `json:"api-cors-header,omitempty"` // TrustKeyPath is used to generate the daemon ID and for signing schema 1 manifests // when pushing to a registry which does not support schema 2. This field is marked as // deprecated because schema 1 manifests are deprecated in favor of schema 2 and the // daemon ID will use a dedicated identifier not shared with exported signatures. TrustKeyPath string `json:"deprecated-key-path,omitempty"` // LiveRestoreEnabled determines whether we should keep containers // alive upon daemon shutdown/start LiveRestoreEnabled bool `json:"live-restore,omitempty"` // ClusterStore is the storage backend used for the cluster information. It is used by both // multihost networking (to store networks and endpoints information) and by the node discovery // mechanism. // Deprecated: host-discovery and overlay networks with external k/v stores are deprecated ClusterStore string `json:"cluster-store,omitempty"` // ClusterOpts is used to pass options to the discovery package for tuning libkv settings, such // as TLS configuration settings. // Deprecated: host-discovery and overlay networks with external k/v stores are deprecated ClusterOpts map[string]string `json:"cluster-store-opts,omitempty"` // ClusterAdvertise is the network endpoint that the Engine advertises for the purpose of node // discovery. This should be a 'host:port' combination on which that daemon instance is // reachable by other hosts. // Deprecated: host-discovery and overlay networks with external k/v stores are deprecated ClusterAdvertise string `json:"cluster-advertise,omitempty"` // MaxConcurrentDownloads is the maximum number of downloads that // may take place at a time for each pull. MaxConcurrentDownloads *int `json:"max-concurrent-downloads,omitempty"` // MaxConcurrentUploads is the maximum number of uploads that // may take place at a time for each push. MaxConcurrentUploads *int `json:"max-concurrent-uploads,omitempty"` // MaxDownloadAttempts is the maximum number of attempts that // may take place at a time for each push. MaxDownloadAttempts *int `json:"max-download-attempts,omitempty"` // MaxUploadAttempts is the maximum number of attempts that // may take place at a time for each push. MaxUploadAttempts *int `json:"max-upload-attempts,omitempty"` // ShutdownTimeout is the timeout value (in seconds) the daemon will wait for the container // to stop when daemon is being shutdown ShutdownTimeout int `json:"shutdown-timeout,omitempty"` Debug bool `json:"debug,omitempty"` Hosts []string `json:"hosts,omitempty"` LogLevel string `json:"log-level,omitempty"` TLS *bool `json:"tls,omitempty"` TLSVerify *bool `json:"tlsverify,omitempty"` // Embedded structs that allow config // deserialization without the full struct. CommonTLSOptions // SwarmDefaultAdvertiseAddr is the default host/IP or network interface // to use if a wildcard address is specified in the ListenAddr value // given to the /swarm/init endpoint and no advertise address is // specified. SwarmDefaultAdvertiseAddr string `json:"swarm-default-advertise-addr"` // SwarmRaftHeartbeatTick is the number of ticks in time for swarm mode raft quorum heartbeat // Typical value is 1 SwarmRaftHeartbeatTick uint32 `json:"swarm-raft-heartbeat-tick"` // SwarmRaftElectionTick is the number of ticks to elapse before followers in the quorum can propose // a new round of leader election. Default, recommended value is at least 10X that of Heartbeat tick. // Higher values can make the quorum less sensitive to transient faults in the environment, but this also // means it takes longer for the managers to detect a down leader. SwarmRaftElectionTick uint32 `json:"swarm-raft-election-tick"` MetricsAddress string `json:"metrics-addr"` DNSConfig LogConfig BridgeConfig // bridgeConfig holds bridge network specific configuration. NetworkConfig registry.ServiceOptions sync.Mutex // FIXME(vdemeester) This part is not that clear and is mainly dependent on cli flags // It should probably be handled outside this package. ValuesSet map[string]interface{} `json:"-"` Experimental bool `json:"experimental"` // Experimental indicates whether experimental features should be exposed or not // Exposed node Generic Resources // e.g: ["orange=red", "orange=green", "orange=blue", "apple=3"] NodeGenericResources []string `json:"node-generic-resources,omitempty"` // ContainerAddr is the address used to connect to containerd if we're // not starting it ourselves ContainerdAddr string `json:"containerd,omitempty"` // CriContainerd determines whether a supervised containerd instance // should be configured with the CRI plugin enabled. This allows using // Docker's containerd instance directly with a Kubernetes kubelet. CriContainerd bool `json:"cri-containerd,omitempty"` // Features contains a list of feature key value pairs indicating what features are enabled or disabled. // If a certain feature doesn't appear in this list then it's unset (i.e. neither true nor false). Features map[string]bool `json:"features,omitempty"` Builder BuilderConfig `json:"builder,omitempty"` ContainerdNamespace string `json:"containerd-namespace,omitempty"` ContainerdPluginNamespace string `json:"containerd-plugin-namespace,omitempty"` }
CommonConfig defines the configuration of a docker daemon which is common across platforms. It includes json tags to deserialize configuration from a file using the same names that the flags in the command line use.
type CommonTLSOptions ¶
type CommonTLSOptions struct { CAFile string `json:"tlscacert,omitempty"` CertFile string `json:"tlscert,omitempty"` KeyFile string `json:"tlskey,omitempty"` }
CommonTLSOptions defines TLS configuration for the daemon server. It includes json tags to deserialize configuration from a file using the same names that the flags in the command line use.
type CommonUnixConfig ¶
type CommonUnixConfig struct { Runtimes map[string]types.Runtime `json:"runtimes,omitempty"` DefaultRuntime string `json:"default-runtime,omitempty"` DefaultInitBinary string `json:"default-init,omitempty"` }
CommonUnixConfig defines configuration of a docker daemon that is common across Unix platforms.
type Config ¶
type Config struct { CommonConfig // These fields are common to all unix platforms. CommonUnixConfig // Fields below here are platform specific. CgroupParent string `json:"cgroup-parent,omitempty"` EnableSelinuxSupport bool `json:"selinux-enabled,omitempty"` RemappedRoot string `json:"userns-remap,omitempty"` Ulimits map[string]*units.Ulimit `json:"default-ulimits,omitempty"` CPURealtimePeriod int64 `json:"cpu-rt-period,omitempty"` CPURealtimeRuntime int64 `json:"cpu-rt-runtime,omitempty"` OOMScoreAdjust int `json:"oom-score-adjust,omitempty"` Init bool `json:"init,omitempty"` InitPath string `json:"init-path,omitempty"` SeccompProfile string `json:"seccomp-profile,omitempty"` ShmSize opts.MemBytes `json:"default-shm-size,omitempty"` NoNewPrivileges bool `json:"no-new-privileges,omitempty"` IpcMode string `json:"default-ipc-mode,omitempty"` CgroupNamespaceMode string `json:"default-cgroupns-mode,omitempty"` // ResolvConf is the path to the configuration of the host resolver ResolvConf string `json:"resolv-conf,omitempty"` Rootless bool `json:"rootless,omitempty"` }
Config defines the configuration of a docker daemon. It includes json tags to deserialize configuration from a file using the same names that the flags in the command line uses.
func MergeDaemonConfigurations ¶
func MergeDaemonConfigurations(flagsConfig *Config, flags *pflag.FlagSet, configFile string) (*Config, error)
MergeDaemonConfigurations reads a configuration file, loads the file configuration in an isolated structure, and merges the configuration provided from flags on top if there are no conflicts.
func (*Config) GetAllRuntimes ¶
GetAllRuntimes returns a copy of the runtimes map
func (*Config) GetDefaultRuntimeName ¶
GetDefaultRuntimeName returns the current default runtime
func (*Config) GetExecRoot ¶
GetExecRoot returns the user configured Exec-root
func (*Config) GetInitPath ¶
GetInitPath returns the configured docker-init path
func (*Config) GetResolvConf ¶
GetResolvConf returns the appropriate resolv.conf Check setupResolvConf on how this is selected
func (*Config) GetRuntime ¶
GetRuntime returns the runtime path and arguments for a given runtime name
func (*Config) IsSwarmCompatible ¶
IsSwarmCompatible defines if swarm mode can be enabled in this config
func (*Config) IsValueSet ¶
IsValueSet returns true if a configuration value was explicitly set in the configuration file.
func (*Config) ValidatePlatformConfig ¶
ValidatePlatformConfig checks if any platform-specific configuration settings are invalid.
type DNSConfig ¶
type DNSConfig struct { DNS []string `json:"dns,omitempty"` DNSOptions []string `json:"dns-opts,omitempty"` DNSSearch []string `json:"dns-search,omitempty"` HostGatewayIP net.IP `json:"host-gateway-ip,omitempty"` }
DNSConfig defines the DNS configurations.
type LogConfig ¶
type LogConfig struct { Type string `json:"log-driver,omitempty"` Config map[string]string `json:"log-opts,omitempty"` }
LogConfig represents the default log configuration. It includes json tags to deserialize configuration from a file using the same names that the flags in the command line use.
type NetworkConfig ¶
type NetworkConfig struct { // Default address pools for docker networks DefaultAddressPools opts.PoolsOpt `json:"default-address-pools,omitempty"` // NetworkControlPlaneMTU allows to specify the control plane MTU, this will allow to optimize the network use in some components NetworkControlPlaneMTU int `json:"network-control-plane-mtu,omitempty"` }
NetworkConfig stores the daemon-wide networking configurations