libpod

package
v0.0.0-...-09d12d9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2018 License: Apache-2.0 Imports: 69 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AttachPipeStdin  = 1
	AttachPipeStdout = 2
	AttachPipeStderr = 3
)

Sync with stdpipe_t in conmon.c

View Source 
const (
	// CgroupfsCgroupsManager represents cgroupfs native cgroup manager
	CgroupfsCgroupsManager = "cgroupfs"
	// SystemdCgroupsManager represents systemd native cgroup manager
	SystemdCgroupsManager = "systemd"

	// ContainerCreateTimeout represents the value of container creating timeout
	ContainerCreateTimeout = 240 * time.Second

	// DefaultShmSize is the default shm size
	DefaultShmSize = 64 * 1024 * 1024
	// NsRunDir is the default directory in which running network namespaces
	// are stored
	NsRunDir = "/var/run/netns"
)
View Source 
const (
	// IPCNamespace represents the IPC namespace
	IPCNamespace = "ipc"
	// MountNamespace represents the mount namespace
	MountNamespace = "mount"
	// NetNamespace represents the network namespace
	NetNamespace = "network"
	// PIDNamespace represents the PID namespace
	PIDNamespace = "pid"
	// UserNamespace represents the user namespace
	UserNamespace = "user"
	// UTSNamespace represents the UTS namespace
	UTSNamespace = "uts"
)
View Source 
const CtrRemoveTimeout = 10

CtrRemoveTimeout is the default number of seconds to wait after stopping a container before sending the kill signal

View Source 
const DBSchema = 5

DBSchema is the current DB schema version Increments every time a change is made to the database's tables

View Source 
const (
	// DefaultTransport is a prefix that we apply to an image name
	// to check docker hub first for the image
	DefaultTransport = "docker://"
)

Runtime API constants

Variables

View Source 
var (
	// ErrNoSuchCtr indicates the requested container does not exist
	ErrNoSuchCtr = errors.New("no such container")
	// ErrNoSuchPod indicates the requested pod does not exist
	ErrNoSuchPod = errors.New("no such pod")
	// ErrNoSuchImage indicates the requested image does not exist
	ErrNoSuchImage = errors.New("no such image")

	// ErrCtrExists indicates a container with the same name or ID already
	// exists
	ErrCtrExists = errors.New("container already exists")
	// ErrPodExists indicates a pod with the same name or ID already exists
	ErrPodExists = errors.New("pod already exists")
	// ErrImageExists indicated an image with the same ID already exists
	ErrImageExists = errors.New("image already exists")

	// ErrCtrStateInvalid indicates a container is in an improper state for
	// the requested operation
	ErrCtrStateInvalid = errors.New("container state improper")

	// ErrRuntimeFinalized indicates that the runtime has already been
	// created and cannot be modified
	ErrRuntimeFinalized = errors.New("runtime has been finalized")
	// ErrCtrFinalized indicates that the container has already been created
	// and cannot be modified
	ErrCtrFinalized = errors.New("container has been finalized")
	// ErrPodFinalized indicates that the pod has already been created and
	// cannot be modified
	ErrPodFinalized = errors.New("pod has been finalized")

	// ErrInvalidArg indicates that an invalid argument was passed
	ErrInvalidArg = errors.New("invalid argument")
	// ErrEmptyID indicates that an empty ID was passed
	ErrEmptyID = errors.New("name or ID cannot be empty")

	// ErrInternal indicates an internal library error
	ErrInternal = errors.New("internal libpod error")

	// ErrRuntimeStopped indicates that the runtime has already been shut
	// down and no further operations can be performed on it
	ErrRuntimeStopped = errors.New("runtime has already been stopped")
	// ErrCtrStopped indicates that the requested container is not running
	// and the requested operation cannot be performed until it is started
	ErrCtrStopped = errors.New("container is stopped")

	// ErrCtrRemoved indicates that the container has already been removed
	// and no further operations can be performed on it
	ErrCtrRemoved = errors.New("container has already been removed")
	// ErrPodRemoved indicates that the pod has already been removed and no
	// further operations can be performed on it
	ErrPodRemoved = errors.New("pod has already been removed")

	// ErrDBClosed indicates that the connection to the state database has
	// already been closed
	ErrDBClosed = errors.New("database connection already closed")
	// ErrDBBadConfig indicates that the database has a different schema or
	// was created by a libpod with a different config
	ErrDBBadConfig = errors.New("database configuration mismatch")

	// ErrNotImplemented indicates that the requested functionality is not
	// yet present
	ErrNotImplemented = errors.New("not yet implemented")
)
View Source 
var (
	// DockerArchive is the transport we prepend to an image name
	// when saving to docker-archive
	DockerArchive = dockerarchive.Transport.Name()
	// OCIArchive is the transport we prepend to an image name
	// when saving to oci-archive
	OCIArchive = ociarchive.Transport.Name()
	// DirTransport is the transport for pushing and pulling
	// images to and from a directory
	DirTransport = directory.Transport.Name()
	// TransportNames are the supported transports in string form
	TransportNames = [...]string{DefaultTransport, DockerArchive, OCIArchive, "ostree:", "dir:"}
	// TarballTransport is the transport for importing a tar archive
	// and creating a filesystem image
	TarballTransport = tarball.Transport.Name()
	// Docker is the transport for docker registries
	Docker = docker.Transport.Name()
	// Atomic is the transport for atomic registries
	Atomic = "atomic"
)
View Source 
var CGroupParent = "/libpod_parent"

CGroupParent is the prefix to a cgroup path in libpod

Functions

func CopyStringStringMap 

func CopyStringStringMap(m map[string]string) map[string]string

CopyStringStringMap deep copies a map[string]string and returns the result

func FuncTimer 

func FuncTimer(funcName string)

FuncTimer helps measure the execution time of a function For debug purposes, do not leave in code used like defer FuncTimer("foo")

func GetInsecureRegistries 

func GetInsecureRegistries() ([]string, error)

GetInsecureRegistries obtains the list of inseure registries from the global registration file.

func GetPolicyContext 

func GetPolicyContext(path string) (*signature.PolicyContext, error)

GetPolicyContext creates a signature policy context for the given signature policy path

func GetRegistries 

func GetRegistries() ([]string, error)

GetRegistries gets the searchable registries from the global registration file.

func MatchesID 

func MatchesID(id, argID string) bool

MatchesID returns true if argID is a full or partial match for id

func MatchesReference 

func MatchesReference(name, argName string) bool

MatchesReference returns true if argName is a full or partial match for name Partial matches will register only if they match the most specific part of the name available For example, take the image docker.io/library/redis:latest redis, library/redis, docker.io/library/redis, redis:latest, etc. will match But redis:alpine, ry/redis, library, and io/library/redis will not

func ParseImageNames 

func ParseImageNames(names []string) (tags, digests []string, err error)

ParseImageNames parses the names we've stored with an image into a list of tagged references and a list of references which contain digests.

func RemoveScientificNotationFromFloat 

func RemoveScientificNotationFromFloat(x float64) (float64, error)

RemoveScientificNotationFromFloat returns a float without any scientific notation if the number has any. golang does not handle conversion of float64s that have scientific notation in them and otherwise stinks. please replace this if you have a better implementation.

func StringInSlice 

func StringInSlice(s string, sl []string) bool

StringInSlice determines if a string is in a string slice, returns bool

func WriteFile 

func WriteFile(content string, path string) error

WriteFile writes a provided string to a provided path

Types

type Container 

type Container struct {
	// contains filtered or unexported fields
}

Container is a single OCI container

func (*Container) AddArtifact 

func (c *Container) AddArtifact(name string, data []byte) error

AddArtifact creates and writes to an artifact file for the container

func (*Container) Attach 

func (c *Container) Attach(noStdin bool, keys string, attached chan<- bool) error

Attach attaches to a container Returns fully qualified URL of streaming server for the container

func (*Container) CGroupPath 

func (c *Container) CGroupPath() cgroups.Path

CGroupPath returns a cgroups "path" for a given container.

func (*Container) CleanupStorage 

func (c *Container) CleanupStorage() error

CleanupStorage unmounts all mount points in container and cleans up container storage

func (*Container) Commit 

func (c *Container) Commit(pause bool, options CopyOptions) error

Commit commits the changes between a container and its image, creating a new image

func (*Container) Config 

func (c *Container) Config() *ContainerConfig

Config returns the configuration used to create the container

func (*Container) Exec 

func (c *Container) Exec(tty, privileged bool, env, cmd []string, user string) error

Exec starts a new process inside the container

func (*Container) ExitCode 

func (c *Container) ExitCode() (int32, error)

ExitCode returns the exit code of the container as an int32

func (*Container) Export 

func (c *Container) Export(path string) error

Export exports a container's root filesystem as a tar archive The archive will be saved as a file at the given path

func (*Container) FinishedTime 

func (c *Container) FinishedTime() (time.Time, error)

FinishedTime is the time the container was stopped

func (*Container) GetArtifact 

func (c *Container) GetArtifact(name string) ([]byte, error)

GetArtifact reads the specified artifact file from the container

func (*Container) GetContainerPidInformation 

func (c *Container) GetContainerPidInformation(args []string) ([]string, error)

GetContainerPidInformation calls ps with the appropriate options and returns the results as a string

func (*Container) GetContainerPids 

func (c *Container) GetContainerPids() ([]string, error)

GetContainerPids reads sysfs to obtain the pids associated with the container's cgroup and uses locking

func (*Container) GetContainerStats 

func (c *Container) GetContainerStats(previousStats *ContainerStats) (*ContainerStats, error)

GetContainerStats gets the running stats for a given container

func (*Container) ID 

func (c *Container) ID() string

ID returns the container's ID

func (*Container) Init 

func (c *Container) Init() (err error)

Init creates a container in the OCI runtime

func (*Container) Inspect 

func (c *Container) Inspect(size bool) (*ContainerInspectData, error)

Inspect a container for low-level information

func (*Container) Kill 

func (c *Container) Kill(signal uint) error

Kill sends a signal to a container

func (*Container) Labels 

func (c *Container) Labels() map[string]string

Labels returns the container's labels

func (*Container) LogPath 

func (c *Container) LogPath() string

LogPath returns the path to the container's log file This file will only be present after Init() is called to create the container in runc

func (*Container) Mount 

func (c *Container) Mount(label string) (string, error)

Mount mounts a container's filesystem on the host The path where the container has been mounted is returned

func (*Container) MountPoint 

func (c *Container) MountPoint() (string, error)

MountPoint returns the mount point of the continer

func (*Container) Mounted 

func (c *Container) Mounted() (bool, error)

Mounted returns a bool as to if the container's storage is mounted

func (*Container) Mountpoint 

func (c *Container) Mountpoint() (string, error)

Mountpoint returns the path to the container's mounted storage as a string

func (*Container) Name 

func (c *Container) Name() string

Name returns the container's name

func (*Container) PID 

func (c *Container) PID() (int, error)

PID returns the PID of the container An error is returned if the container is not running

func (*Container) Pause 

func (c *Container) Pause() error

Pause pauses a container

func (*Container) ProcessLabel 

func (c *Container) ProcessLabel() string

ProcessLabel returns the selinux ProcessLabel of the container

func (*Container) RemoveArtifact 

func (c *Container) RemoveArtifact(name string) error

RemoveArtifact deletes the specified artifacts file

func (*Container) RuntimeName 

func (c *Container) RuntimeName() string

RuntimeName returns the name of the runtime

func (*Container) ShmDir 

func (c *Container) ShmDir() string

ShmDir returns the sources path to be mounted on /dev/shm in container

func (*Container) Spec 

func (c *Container) Spec() *spec.Spec

Spec returns the container's OCI runtime spec The spec returned is the one used to create the container. The running spec may differ slightly as mounts are added based on the image

func (*Container) Start 

func (c *Container) Start() error

Start starts a container

func (*Container) StartedTime 

func (c *Container) StartedTime() (time.Time, error)

StartedTime is the time the container was started

func (*Container) State 

func (c *Container) State() (ContainerState, error)

State returns the current state of the container

func (*Container) Stop 

func (c *Container) Stop(timeout uint) error

Stop uses the container's stop signal (or SIGTERM if no signal was specified) to stop the container, and if it has not stopped after the given timeout (in seconds), uses SIGKILL to attempt to forcibly stop the container. If timeout is 0, SIGKILL will be used immediately

func (*Container) StopTimeout 

func (c *Container) StopTimeout() uint

StopTimeout returns a stop timeout field for this container

func (*Container) Unmount 

func (c *Container) Unmount() error

Unmount unmounts a container's filesystem on the host

func (*Container) Unpause 

func (c *Container) Unpause() error

Unpause unpauses a container

func (*Container) Wait 

func (c *Container) Wait() (int32, error)

Wait blocks on a container to exit and returns its exit code

type ContainerConfig 

type ContainerConfig struct {
	Spec *spec.Spec `json:"spec"`
	ID   string     `json:"id"`
	Name string     `json:"name"`
	// Information on the image used for the root filesystem
	RootfsImageID   string `json:"rootfsImageID,omitempty"`
	RootfsImageName string `json:"rootfsImageName,omitempty"`
	UseImageConfig  bool   `json:"useImageConfig"`
	// SELinux process label for container
	ProcessLabel string `json:"ProcessLabel,omitempty"`
	// SELinux mount label for root filesystem
	MountLabel string `json:"MountLabel,omitempty"`
	// Src path to be mounted on /dev/shm in container
	ShmDir string `json:"ShmDir,omitempty"`
	// CreateNetNS indicates that libpod should create and configure a new
	// network namespace for the container
	CreateNetNS bool `json:"createNetNS"`
	// PortMappings are the ports forwarded to the container's network
	// namespace
	// These are not used unless CreateNetNS is true
	PortMappings []ocicni.PortMapping
	// Static directory for container content that will persist across
	// reboot
	StaticDir string `json:"staticDir"`
	// Whether to keep container STDIN open
	Stdin bool `json:"stdin,omitempty"`
	// Pod the container belongs to
	Pod string `json:"pod,omitempty"`
	// Labels is a set of key-value pairs providing additional information
	// about a container
	Labels map[string]string `json:"labels,omitempty"`
	// Mounts list contains all additional mounts by the container runtime.
	Mounts []string `json:"mounts,omitempty"`
	// StopSignal is the signal that will be used to stop the container
	StopSignal uint `json:"stopSignal,omitempty"`
	// StopTimeout is the signal that will be used to stop the container
	StopTimeout uint `json:"stopTimeout,omitempty"`
	// Shared namespaces with container
	SharedNamespaceCtr *string           `json:"shareNamespacesWith,omitempty"`
	SharedNamespaceMap map[string]string `json:"sharedNamespaces"`
	// Time container was created
	CreatedTime time.Time `json:"createdTime"`
	// User/GID to use within the container
	User string `json:"user"`
}

ContainerConfig contains all information that was used to create the container. It may not be changed once created. It is stored, read-only, on disk

type ContainerFilter 

type ContainerFilter func(*Container) bool

ContainerFilter is a function to determine whether a container is included in command output. Containers to be outputted are tested using the function. A true return will include the container, a false return will exclude it.

type ContainerInfo 

type ContainerInfo struct {
	Dir    string
	RunDir string
	Config *v1.Image
}

ContainerInfo wraps a subset of information about a container: the locations of its nonvolatile and volatile per-container directories, along with a copy of the configuration blob from the image that was used to create the container, if the image had a configuration.

type ContainerInspectData 

type ContainerInspectData struct {
	ID              string                 `json:"ID"`
	Created         time.Time              `json:"Created"`
	Path            string                 `json:"Path"`
	Args            []string               `json:"Args"`
	State           *ContainerInspectState `json:"State"`
	ImageID         string                 `json:"Image"`
	ImageName       string                 `json:"ImageName"`
	ResolvConfPath  string                 `json:"ResolvConfPath"`
	HostnamePath    string                 `json:"HostnamePath"` //TODO
	HostsPath       string                 `json:"HostsPath"`    //TODO
	StaticDir       string                 `json:"StaticDir"`
	LogPath         string                 `json:"LogPath"`
	Name            string                 `json:"Name"`
	RestartCount    int32                  `json:"RestartCount"` //TODO
	Driver          string                 `json:"Driver"`
	MountLabel      string                 `json:"MountLabel"`
	ProcessLabel    string                 `json:"ProcessLabel"`
	AppArmorProfile string                 `json:"AppArmorProfile"`
	ExecIDs         []string               `json:"ExecIDs"` //TODO
	GraphDriver     *driver.Data           `json:"GraphDriver"`
	SizeRw          int64                  `json:"SizeRw,omitempty"`
	SizeRootFs      int64                  `json:"SizeRootFs,omitempty"`
	Mounts          []specs.Mount          `json:"Mounts"`
	NetworkSettings *NetworkSettings       `json:"NetworkSettings"` //TODO
}

ContainerInspectData handles the data used when inspecting a container

type ContainerInspectState 

type ContainerInspectState struct {
	OciVersion string    `json:"OciVersion"`
	Status     string    `json:"Status"`
	Running    bool      `json:"Running"`
	Paused     bool      `json:"Paused"`
	Restarting bool      `json:"Restarting"` // TODO
	OOMKilled  bool      `json:"OOMKilled"`
	Dead       bool      `json:"Dead"`
	Pid        int       `json:"Pid"`
	ExitCode   int32     `json:"ExitCode"`
	Error      string    `json:"Error"` // TODO
	StartedAt  time.Time `json:"StartedAt"`
	FinishedAt time.Time `json:"FinishedAt"`
}

ContainerInspectState represents the state of a container.

type ContainerState 

type ContainerState int

ContainerState represents the current state of a container 

const (
	// ContainerStateUnknown indicates that the container is in an error
	// state where information about it cannot be retrieved
	ContainerStateUnknown ContainerState = iota
	// ContainerStateConfigured indicates that the container has had its
	// storage configured but it has not been created in the OCI runtime
	ContainerStateConfigured ContainerState = iota
	// ContainerStateCreated indicates the container has been created in
	// the OCI runtime but not started
	ContainerStateCreated ContainerState = iota
	// ContainerStateRunning indicates the container is currently executing
	ContainerStateRunning ContainerState = iota
	// ContainerStateStopped indicates that the container was running but has
	// exited
	ContainerStateStopped ContainerState = iota
	// ContainerStatePaused indicates that the container has been paused
	ContainerStatePaused ContainerState = iota
)

func (ContainerState) String 

func (t ContainerState) String() string

ContainerStater returns a string representation for users of a container state

type ContainerStats 

type ContainerStats struct {
	ContainerID string
	CPU         float64
	CPUNano     uint64
	SystemNano  uint64
	MemUsage    uint64
	MemLimit    uint64
	MemPerc     float64
	NetInput    uint64
	NetOutput   uint64
	BlockInput  uint64
	BlockOutput uint64
	PIDs        uint64
}

ContainerStats contains the statistics information for a running container

type CopyOptions 

type CopyOptions struct {
	// Compression specifies the type of compression which is applied to
	// layer blobs.  The default is to not use compression, but
	// archive.Gzip is recommended.
	Compression archive.Compression
	// DockerRegistryOptions encapsulates settings that affect how we
	// connect or authenticate to a remote registry to which we want to
	// push the image.
	common.DockerRegistryOptions
	// SigningOptions encapsulates settings that control whether or not we
	// strip or add signatures to the image when pushing (uploading) the
	// image to a registry.
	common.SigningOptions

	// SigningPolicyPath this points to a alternative signature policy file, used mainly for testing
	SignaturePolicyPath string
	// AuthFile is the path of the cached credentials file defined by the user
	AuthFile string
	// Writer is the reportWriter for the output
	Writer io.Writer
	// Reference is the name for the image created when a tar archive is imported
	Reference string
	// ImageConfig is the Image spec for the image created when a tar archive is imported
	ImageConfig ociv1.Image
	// ManifestMIMEType is the manifest type of the image when saving to a directory
	ManifestMIMEType string
	// ForceCompress compresses the image layers when saving to a directory using the dir transport if true
	ForceCompress bool
}

CopyOptions contains the options given when pushing or pulling images

type CtrCreateOption 

type CtrCreateOption func(*Container) error

A CtrCreateOption is a functional option which alters the Container created by NewContainer

func WithLabels 

func WithLabels(labels map[string]string) CtrCreateOption

WithLabels adds labels to the container

func WithName 

func WithName(name string) CtrCreateOption

WithName sets the container's name

func WithNetNS 

func WithNetNS(portMappings []ocicni.PortMapping) CtrCreateOption

WithNetNS indicates that the container should be given a new network namespace with a minimal configuration An optional array of port mappings can be provided

func WithRootFSFromImage 

func WithRootFSFromImage(imageID string, imageName string, useImageConfig bool) CtrCreateOption

WithRootFSFromImage sets up a fresh root filesystem using the given image If useImageConfig is specified, image volumes, environment variables, and other configuration from the image will be added to the config TODO: Replace image name and ID with a libpod.Image struct when that is finished

func WithSELinuxLabels 

func WithSELinuxLabels(processLabel, mountLabel string) CtrCreateOption

WithSELinuxLabels sets the mount label for SELinux

func WithSharedNamespaces 

func WithSharedNamespaces(from *Container, namespaces map[string]string) CtrCreateOption

WithSharedNamespaces sets a container to share namespaces with another container. If the from container belongs to a pod, the new container will be added to the pod. By default no namespaces are shared. To share a namespace, add the Namespace string constant to the map as a key

func WithShmDir 

func WithShmDir(dir string) CtrCreateOption

WithShmDir sets the directory that should be mounted on /dev/shm

func WithStdin 

func WithStdin() CtrCreateOption

WithStdin keeps stdin on the container open to allow interaction

func WithStopSignal 

func WithStopSignal(signal syscall.Signal) CtrCreateOption

WithStopSignal sets the signal that will be sent to stop the container

func WithStopTimeout 

func WithStopTimeout(timeout uint) CtrCreateOption

WithStopTimeout sets the time to after initial stop signal is sent to container, before sending the kill signal

func WithUser 

func WithUser(user string) CtrCreateOption

WithUser sets the user identity field in configutation Valid uses [user | user:group | uid | uid:gid | user:gid | uid:group ]

type Image 

type Image struct {
	Name string
	ID   string

	Registry    string
	ImageName   string
	Tag         string
	HasRegistry bool
	Transport   string

	PullName  string
	LocalName string
	// contains filtered or unexported fields
}

Image describes basic attributes of an image

func (*Image) Decompose 

func (k *Image) Decompose() error

Decompose breaks up an image name into its parts

func (*Image) GetFQName 

func (k *Image) GetFQName() (string, error)

GetFQName returns the fully qualified image name if it can be determined

func (*Image) GetImageID 

func (k *Image) GetImageID() (string, error)

GetImageID returns the image ID of the image

func (*Image) GetLocalImageName 

func (k *Image) GetLocalImageName() (string, error)

GetLocalImageName returns the name of the image if it is local. It will return an empty string and error if not found.

func (*Image) GetManifest 

func (k *Image) GetManifest() error

GetManifest tries to GET an images manifest, returns nil on success and err on failure

func (*Image) GetNameByID 

func (k *Image) GetNameByID() (string, error)

GetNameByID returns the name of the image when supplied the full or partion ID

func (*Image) HasLatest 

func (k *Image) HasLatest() (bool, error)

HasLatest determines if we have the latest image local

func (*Image) Pull 

func (k *Image) Pull(writer io.Writer) error

Pull is a wrapper function to pull and image

type ImageData 

type ImageData struct {
	ID           string            `json:"ID"`
	Digest       digest.Digest     `json:"Digest"`
	RepoTags     []string          `json:"RepoTags"`
	RepoDigests  []string          `json:"RepoDigests"`
	Parent       string            `json:"Parent"`
	Comment      string            `json:"Comment"`
	Created      *time.Time        `json:"Created"`
	Config       *v1.ImageConfig   `json:"Config"`
	Version      string            `json:"Version"`
	Author       string            `json:"Author"`
	Architecture string            `json:"Architecture"`
	Os           string            `json:"Os"`
	Size         int64             `json:"Size"`
	VirtualSize  int64             `json:"VirtualSize"`
	GraphDriver  *driver.Data      `json:"GraphDriver"`
	RootFS       *RootFS           `json:"RootFS"`
	Labels       map[string]string `json:"Labels"`
	Annotations  map[string]string `json:"Annotations"`
}

ImageData holds the inspect information of an image

type ImageFilter 

type ImageFilter func(*storage.Image, *ImageData) bool

ImageFilter is a function to determine whether an image is included in command output. Images to be outputted are tested using the function. A true return will include the image, a false return will exclude it.

type ImageFilterParams 

type ImageFilterParams struct {
	Dangling         string
	Label            string
	BeforeImage      time.Time
	SinceImage       time.Time
	ReferencePattern string
	ImageName        string
	ImageInput       string
}

ImageFilterParams contains the filter options that may be given when outputting images

type InMemoryState 

type InMemoryState struct {
	// contains filtered or unexported fields
}

An InMemoryState is a purely in-memory state store

func (*InMemoryState) AddContainer 

func (s *InMemoryState) AddContainer(ctr *Container) error

AddContainer adds a container to the state If the container belongs to a pod, the pod must already be present when the container is added, and the container must be present in the pod

func (*InMemoryState) AddPod 

func (s *InMemoryState) AddPod(pod *Pod) error

AddPod adds a given pod to the state Only empty pods can be added to the state

func (*InMemoryState) AllContainers 

func (s *InMemoryState) AllContainers() ([]*Container, error)

AllContainers retrieves all containers from the state

func (*InMemoryState) AllPods 

func (s *InMemoryState) AllPods() ([]*Pod, error)

AllPods retrieves all pods currently in the state

func (*InMemoryState) Close 

func (s *InMemoryState) Close() error

Close the state before shutdown This is a no-op as we have no backing disk

func (*InMemoryState) Container 

func (s *InMemoryState) Container(id string) (*Container, error)

Container retrieves a container from its full ID

func (*InMemoryState) HasContainer 

func (s *InMemoryState) HasContainer(id string) (bool, error)

HasContainer checks if a container with the given ID is present in the state

func (*InMemoryState) HasPod 

func (s *InMemoryState) HasPod(id string) (bool, error)

HasPod checks if a pod with the given ID is present in the state

func (*InMemoryState) LookupContainer 

func (s *InMemoryState) LookupContainer(idOrName string) (*Container, error)

LookupContainer retrieves a container by full ID, unique partial ID, or name

func (*InMemoryState) LookupPod 

func (s *InMemoryState) LookupPod(idOrName string) (*Pod, error)

LookupPod retrieves a pod from the state from a full or unique partial ID or a full name

func (*InMemoryState) Pod 

func (s *InMemoryState) Pod(id string) (*Pod, error)

Pod retrieves a pod from the state from its full ID

func (*InMemoryState) Refresh 

func (s *InMemoryState) Refresh() error

Refresh clears container and pod stats after a reboot In-memory state won't survive a reboot so this is a no-op

func (*InMemoryState) RemoveContainer 

func (s *InMemoryState) RemoveContainer(ctr *Container) error

RemoveContainer removes a container from the state The container will only be removed from the state, not from the pod the container belongs to

func (*InMemoryState) RemovePod 

func (s *InMemoryState) RemovePod(pod *Pod) error

RemovePod removes a given pod from the state Containers within the pod will not be removed or changed

func (*InMemoryState) SaveContainer 

func (s *InMemoryState) SaveContainer(ctr *Container) error

SaveContainer saves a container's state As all state is in-memory, any changes are always reflected as soon as they are made As such this is a no-op

func (*InMemoryState) UpdateContainer 

func (s *InMemoryState) UpdateContainer(ctr *Container) error

UpdateContainer updates a container's state As all state is in-memory, no update will be required As such this is a no-op

type InfoData 

type InfoData struct {
	Type string
	Data map[string]interface{}
}

InfoData holds the info type, i.e store, host etc and the data for each type

type NetworkSettings 

type NetworkSettings struct {
	Bridge                 string              `json:"Bridge"`
	SandboxID              string              `json:"SandboxID"`
	HairpinMode            bool                `json:"HairpinMode"`
	LinkLocalIPv6Address   string              `json:"LinkLocalIPv6Address"`
	LinkLocalIPv6PrefixLen int                 `json:"LinkLocalIPv6PrefixLen"`
	Ports                  map[string]struct{} `json:"Ports"`
	SandboxKey             string              `json:"SandboxKey"`
	SecondaryIPAddresses   string              `json:"SecondaryIPAddresses"`   //idk type
	SecondaryIPv6Addresses string              `json:"SecondaryIPv6Addresses"` //idk type
	EndpointID             string              `json:"EndpointID"`
	Gateway                string              `json:"Gateway"`
	GlobalIPv6Addresses    string              `json:"GlobalIPv6Addresses"`
	GlobalIPv6PrefixLen    int                 `json:"GlobalIPv6PrefixLen"`
	IPAddress              string              `json:"IPAddress"`
	IPPrefixLen            int                 `json:"IPPrefixLen"`
	IPv6Gateway            string              `json:"IPv6Gateway"`
	MacAddress             string              `json:"MacAddress"`
}

NetworkSettings holds information about the newtwork settings of the container

type OCIRuntime 

type OCIRuntime struct {
	// contains filtered or unexported fields
}

OCIRuntime represents an OCI-compatible runtime that libpod can call into to perform container operations

func (*OCIRuntime) RuncExec 

func (r *OCIRuntime) RuncExec(container *Container, command []string, globalOpts runcGlobalOptions, execOpts runcExecOptions) error

RuncExec executes 'runc --options exec --options cmd'

type Pod 

type Pod struct {
	// contains filtered or unexported fields
}

Pod represents a group of containers that may share namespaces

func (*Pod) GetContainers 

func (p *Pod) GetContainers() ([]*Container, error)

GetContainers retrieves the containers in the pod

func (*Pod) HasContainer 

func (p *Pod) HasContainer(id string) (bool, error)

HasContainer checks if a container is present in the pod

func (*Pod) ID 

func (p *Pod) ID() string

ID retrieves the pod's ID

func (*Pod) Kill 

func (p *Pod) Kill(signal uint) error

Kill sends a signal to all running containers within a pod

func (*Pod) Labels 

func (p *Pod) Labels() map[string]string

Labels returns the pod's labels

func (*Pod) Name 

func (p *Pod) Name() string

Name retrieves the pod's name

func (*Pod) Start 

func (p *Pod) Start() error

Start starts all containers within a pod that are not already running

func (*Pod) Status 

func (p *Pod) Status() error

Status gets the status of all containers in the pod TODO This should return a summary of the states of all containers in the pod

func (*Pod) Stop 

func (p *Pod) Stop() error

Stop stops all containers within a pod that are not already stopped

type PodCreateOption 

type PodCreateOption func(*Pod) error

A PodCreateOption is a functional option which alters the Pod created by NewPod

func WithPodLabels 

func WithPodLabels(labels map[string]string) PodCreateOption

WithPodLabels sets the labels of a pod

func WithPodName 

func WithPodName(name string) PodCreateOption

WithPodName sets the name of the pod

type PodFilter 

type PodFilter func(*Pod) bool

PodFilter is a function to determine whether a pod is included in command output. Pods to be outputted are tested using the function. A true return will include the pod, a false return will exclude it.

type RootFS 

type RootFS struct {
	Type   string          `json:"Type"`
	Layers []digest.Digest `json:"Layers"`
}

RootFS holds the root fs information of an image

type Runtime 

type Runtime struct {
	// contains filtered or unexported fields
}

Runtime is the core libpod runtime

func NewRuntime 

func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error)

NewRuntime creates a new container runtime Options can be passed to override the default configuration for the runtime

func (*Runtime) GetAllContainers 

func (r *Runtime) GetAllContainers() ([]*Container, error)

GetAllContainers is a helper function for GetContainers

func (*Runtime) GetConfig 

func (r *Runtime) GetConfig() *RuntimeConfig

GetConfig returns a copy of the configuration used by the runtime

func (*Runtime) GetContainer 

func (r *Runtime) GetContainer(id string) (*Container, error)

GetContainer retrieves a container by its ID

func (*Runtime) GetContainers 

func (r *Runtime) GetContainers(filters ...ContainerFilter) ([]*Container, error)

GetContainers retrieves all containers from the state Filters can be provided which will determine what containers are included in the output. Multiple filters are handled by ANDing their output, so only containers matching all filters are returned

func (*Runtime) GetContainersByList 

func (r *Runtime) GetContainersByList(containers []string) ([]*Container, error)

GetContainersByList is a helper function for GetContainers which takes a []string of container IDs or names

func (*Runtime) GetDiff 

func (r *Runtime) GetDiff(from, to string) ([]archive.Change, error)

GetDiff returns the differences between the two images, layers, or containers

func (*Runtime) GetHistory 

func (r *Runtime) GetHistory(image string) ([]ociv1.History, []types.BlobInfo, string, error)

GetHistory gets the history of an image and information about its layers

func (*Runtime) GetImage 

func (r *Runtime) GetImage(image string) (*storage.Image, error)

GetImage retrieves an image matching the given name or hash from system storage If no matching image can be found, an error is returned

func (*Runtime) GetImageInspectInfo 

func (r *Runtime) GetImageInspectInfo(image storage.Image) (*ImageData, error)

GetImageInspectInfo returns the inspect information of an image

func (*Runtime) GetImageRef 

func (r *Runtime) GetImageRef(image string) (types.Image, error)

GetImageRef searches for and returns a new types.Image matching the given name or ID in the given store.

func (*Runtime) GetImages 

func (r *Runtime) GetImages(params *ImageFilterParams, filters ...ImageFilter) ([]*storage.Image, error)

GetImages retrieves all images present in storage Filters can be provided which will determine which images are included in the output. Multiple filters are handled by ANDing their output, so only images matching all filters are included

func (*Runtime) GetPod 

func (r *Runtime) GetPod(id string) (*Pod, error)

GetPod retrieves a pod by its ID

func (*Runtime) GetRunningContainers 

func (r *Runtime) GetRunningContainers() ([]*Container, error)

GetRunningContainers is a helper function for GetContainers

func (*Runtime) HasContainer 

func (r *Runtime) HasContainer(id string) (bool, error)

HasContainer checks if a container with the given ID is present

func (*Runtime) HasPod 

func (r *Runtime) HasPod(id string) (bool, error)

HasPod checks to see if a pod with the given ID exists

func (*Runtime) ImportImage 

func (r *Runtime) ImportImage(path string, options CopyOptions) error

ImportImage imports an OCI format image archive into storage as an image

func (*Runtime) Info 

func (r *Runtime) Info() ([]InfoData, error)

Info returns the store and host information

func (*Runtime) IsImageID 

func (r *Runtime) IsImageID(input string) (bool, error)

IsImageID determines if the input is a valid image ID. The input can be a full or partial image ID

func (*Runtime) LookupContainer 

func (r *Runtime) LookupContainer(idOrName string) (*Container, error)

LookupContainer looks up a container by its name or a partial ID If a partial ID is not unique, an error will be returned

func (*Runtime) LookupPod 

func (r *Runtime) LookupPod(idOrName string) (*Pod, error)

LookupPod retrieves a pod by its name or a partial ID If a partial ID is not unique, an error will be returned

func (*Runtime) NewContainer 

func (r *Runtime) NewContainer(rSpec *spec.Spec, options ...CtrCreateOption) (c *Container, err error)

NewContainer creates a new container from a given OCI config

func (*Runtime) NewImage 

func (r *Runtime) NewImage(name string) Image

NewImage creates a new image object based on its name

func (*Runtime) NewPod 

func (r *Runtime) NewPod(options ...PodCreateOption) (*Pod, error)

NewPod makes a new, empty pod

func (*Runtime) ParseImageFilter 

func (r *Runtime) ParseImageFilter(imageInput, filter string) (*ImageFilterParams, error)

ParseImageFilter takes a set of images and a filter string as input, and returns the libpod.ImageFilterParams struct

func (*Runtime) Pods 

func (r *Runtime) Pods(filters ...PodFilter) ([]*Pod, error)

Pods retrieves all pods Filters can be provided which will determine which pods are included in the output. Multiple filters are handled by ANDing their output, so only pods matching all filters are returned

func (*Runtime) PullImage 

func (r *Runtime) PullImage(imgName string, options CopyOptions) (string, error)

PullImage pulls an image from configured registries By default, only the latest tag (or a specific tag if requested) will be pulled. If allTags is true, all tags for the requested image will be pulled. Signature validation will be performed if the Runtime has been appropriately configured

func (*Runtime) PushImage 

func (r *Runtime) PushImage(source string, destination string, options CopyOptions) error

PushImage pushes the given image to a location described by the given path

func (*Runtime) RemoveContainer 

func (r *Runtime) RemoveContainer(c *Container, force bool) error

RemoveContainer removes the given container If force is specified, the container will be stopped first Otherwise, RemoveContainer will return an error if the container is running

func (*Runtime) RemoveImage 

func (r *Runtime) RemoveImage(image *storage.Image, force bool) (string, error)

RemoveImage deletes an image from local storage Images being used by running containers can only be removed if force=true

func (*Runtime) RemovePod 

func (r *Runtime) RemovePod(p *Pod, force bool) error

RemovePod removes a pod and all containers in it If force is specified, all containers in the pod will be stopped first Otherwise, RemovePod will return an error if any container in the pod is running Remove acts atomically, removing all containers or no containers

func (*Runtime) Shutdown 

func (r *Runtime) Shutdown(force bool) error

Shutdown shuts down the runtime and associated containers and storage If force is true, containers and mounted storage will be shut down before cleaning up; if force is false, an error will be returned if there are still containers running or mounted

func (*Runtime) TagImage 

func (r *Runtime) TagImage(image *storage.Image, tag string) error

TagImage adds a tag to the given image

func (*Runtime) UntagImage 

func (r *Runtime) UntagImage(image *storage.Image, tag string) (string, error)

UntagImage removes a tag from the given image

func (*Runtime) WithPod 

func (r *Runtime) WithPod(pod *Pod) CtrCreateOption

WithPod adds the container to a pod

type RuntimeConfig 

type RuntimeConfig struct {
	StorageConfig         storage.StoreOptions
	ImageDefaultTransport string
	InsecureRegistries    []string
	Registries            []string
	SignaturePolicyPath   string
	InMemoryState         bool
	RuntimePath           string
	ConmonPath            string
	ConmonEnvVars         []string
	CgroupManager         string
	StaticDir             string
	TmpDir                string
	SelinuxEnabled        bool
	PidsLimit             int64
	MaxLogSize            int64
	NoPivotRoot           bool
	CNIConfigDir          string
	CNIPluginDir          string
}

RuntimeConfig contains configuration options used to set up the runtime

type RuntimeContainerMetadata 

type RuntimeContainerMetadata struct {
	// The provided name and the ID of the image that was used to
	// instantiate the container.
	ImageName string `json:"image-name"` // Applicable to both PodSandboxes and Containers
	ImageID   string `json:"image-id"`   // Applicable to both PodSandboxes and Containers
	// The container's name, which for an infrastructure container is usually PodName + "-infra".
	ContainerName string `json:"name"`                 // Applicable to both PodSandboxes and Containers, mandatory
	CreatedAt     int64  `json:"created-at"`           // Applicable to both PodSandboxes and Containers
	MountLabel    string `json:"mountlabel,omitempty"` // Applicable to both PodSandboxes and Containers
}

RuntimeContainerMetadata is the structure that we encode as JSON and store in the metadata field of storage.Container objects. It is used for specifying attributes containers when they are being created, and allows a container's MountLabel, and possibly other values, to be modified in one read/write cycle via calls to storageService.ContainerMetadata, RuntimeContainerMetadata.SetMountLabel, and storageService.SetContainerMetadata.

func (*RuntimeContainerMetadata) SetMountLabel 

func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string)

SetMountLabel updates the mount label held by a RuntimeContainerMetadata object.

type RuntimeOption 

type RuntimeOption func(*Runtime) error

A RuntimeOption is a functional option which alters the Runtime created by NewRuntime

func WithCNIConfigDir 

func WithCNIConfigDir(dir string) RuntimeOption

WithCNIConfigDir sets the CNI configuration directory

func WithCNIPluginDir 

func WithCNIPluginDir(dir string) RuntimeOption

WithCNIPluginDir sets the CNI plugins directory

func WithCgroupManager 

func WithCgroupManager(manager string) RuntimeOption

WithCgroupManager specifies the manager implementation name which is used to handle cgroups for containers Current valid values are "cgroupfs" and "systemd"

func WithConmonEnv 

func WithConmonEnv(environment []string) RuntimeOption

WithConmonEnv specifies the environment variable list for the conmon process

func WithConmonPath 

func WithConmonPath(path string) RuntimeOption

WithConmonPath specifies the path to the conmon binary which manages the runtime

func WithImageConfig 

func WithImageConfig(defaultTransport string, insecureRegistries, registries []string) RuntimeOption

WithImageConfig uses the given configuration to set up image handling If this is not specified, the system default configuration will be used instead

func WithInMemoryState 

func WithInMemoryState() RuntimeOption

WithInMemoryState specifies that the runtime will be backed by an in-memory state only, and state will not persist after the runtime is shut down

func WithMaxLogSize 

func WithMaxLogSize(limit int64) RuntimeOption

WithMaxLogSize sets the maximum size of container logs Positive sizes are limits in bytes, -1 is unlimited

func WithNoPivotRoot 

func WithNoPivotRoot(noPivot bool) RuntimeOption

WithNoPivotRoot sets the runtime to use MS_MOVE instead of PIVOT_ROOT when starting containers

func WithOCIRuntime 

func WithOCIRuntime(runtimePath string) RuntimeOption

WithOCIRuntime specifies an OCI runtime to use for running containers

func WithPidsLimit 

func WithPidsLimit(limit int64) RuntimeOption

WithPidsLimit specifies the maximum number of processes each container is restricted to

func WithSELinux 

func WithSELinux() RuntimeOption

WithSELinux enables SELinux on the container server

func WithSignaturePolicy 

func WithSignaturePolicy(path string) RuntimeOption

WithSignaturePolicy specifies the path of a file which decides how trust is managed for images we've pulled. If this is not specified, the system default configuration will be used instead

func WithStaticDir 

func WithStaticDir(dir string) RuntimeOption

WithStaticDir sets the directory that static runtime files which persist across reboots will be stored

func WithStorageConfig 

func WithStorageConfig(config storage.StoreOptions) RuntimeOption

WithStorageConfig uses the given configuration to set up container storage If this is not specified, the system default configuration will be used instead

func WithTmpDir 

func WithTmpDir(dir string) RuntimeOption

WithTmpDir sets the directory that temporary runtime files which are not expected to survive across reboots will be stored This should be located on a tmpfs mount (/tmp or /var/run for example)

type SQLState 

type SQLState struct {
	// contains filtered or unexported fields
}

SQLState is a state implementation backed by a persistent SQLite3 database

func (*SQLState) AddContainer 

func (s *SQLState) AddContainer(ctr *Container) (err error)

AddContainer adds the given container to the state If the container belongs to a pod, that pod must already be present in the state, and the container will be added to the pod

func (*SQLState) AddPod 

func (s *SQLState) AddPod(pod *Pod) error

AddPod adds a pod to the state Only empty pods can be added to the state

func (*SQLState) AllContainers 

func (s *SQLState) AllContainers() ([]*Container, error)

AllContainers retrieves all the containers presently in the state

func (*SQLState) AllPods 

func (s *SQLState) AllPods() ([]*Pod, error)

AllPods retrieves all pods presently in the state

func (*SQLState) Close 

func (s *SQLState) Close() error

Close the state's database connection

func (*SQLState) Container 

func (s *SQLState) Container(id string) (*Container, error)

Container retrieves a container from its full ID

func (*SQLState) HasContainer 

func (s *SQLState) HasContainer(id string) (bool, error)

HasContainer checks if the given container is present in the state It accepts a full ID

func (*SQLState) HasPod 

func (s *SQLState) HasPod(id string) (bool, error)

HasPod checks if a pod exists given its full ID

func (*SQLState) LookupContainer 

func (s *SQLState) LookupContainer(idOrName string) (*Container, error)

LookupContainer retrieves a container by full or unique partial ID or name

func (*SQLState) LookupPod 

func (s *SQLState) LookupPod(idOrName string) (*Pod, error)

LookupPod retrieves a pot by full or unique partial ID or name

func (*SQLState) Pod 

func (s *SQLState) Pod(id string) (*Pod, error)

Pod retrieves a pod by its full ID

func (*SQLState) Refresh 

func (s *SQLState) Refresh() (err error)

Refresh clears the state after a reboot Resets mountpoint, PID, state, netns path for all containers

func (*SQLState) RemoveContainer 

func (s *SQLState) RemoveContainer(ctr *Container) error

RemoveContainer removes the container from the state

func (*SQLState) RemovePod 

func (s *SQLState) RemovePod(pod *Pod) error

RemovePod removes a pod from the state Only empty pods can be removed

func (*SQLState) SaveContainer 

func (s *SQLState) SaveContainer(ctr *Container) error

SaveContainer updates a container's state in the database

func (*SQLState) UpdateContainer 

func (s *SQLState) UpdateContainer(ctr *Container) error

UpdateContainer updates a container's state from the database

type State 

type State interface {
	// Close performs any pre-exit cleanup (e.g. closing database
	// connections) that may be required
	Close() error

	// Refresh clears container and pod states after a reboot
	Refresh() error

	// Accepts full ID of container
	Container(id string) (*Container, error)
	// Accepts full or partial IDs (as long as they are unique) and names
	LookupContainer(idOrName string) (*Container, error)
	// Checks if a container with the given ID is present in the state
	HasContainer(id string) (bool, error)
	// Adds container to state
	// If the container belongs to a pod, that pod must already be present
	// in the state when the container is added, and the container must be
	// present in the pod
	AddContainer(ctr *Container) error
	// Removes container from state
	// The container will only be removed from the state, not from the pod
	// which the container belongs to
	RemoveContainer(ctr *Container) error
	// UpdateContainer updates a container's state from the backing store
	UpdateContainer(ctr *Container) error
	// SaveContainer saves a container's current state to the backing store
	SaveContainer(ctr *Container) error
	// Retrieves all containers presently in state
	AllContainers() ([]*Container, error)

	// Accepts full ID of pod
	Pod(id string) (*Pod, error)
	// Accepts full or partial IDs (as long as they are unique) and names
	LookupPod(idOrName string) (*Pod, error)
	// Checks if a pod with the given ID is present in the state
	HasPod(id string) (bool, error)
	// Adds pod to state
	// Only empty pods can be added to the state
	AddPod(pod *Pod) error
	// Removes pod from state
	// Containers within a pod will not be removed from the state, and will
	// not be changed to remove them from the now-removed pod
	RemovePod(pod *Pod) error
	// Retrieves all pods presently in state
	AllPods() ([]*Pod, error)
}

State is a storage backend for libpod's current state

func NewInMemoryState 

func NewInMemoryState() (State, error)

NewInMemoryState initializes a new, empty in-memory state

func NewSQLState 

func NewSQLState(dbPath, specsDir, lockDir string, runtime *Runtime) (State, error)

NewSQLState initializes a SQL-backed state, created the database if necessary

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.