Documentation ¶
Index ¶
- Constants
- Variables
- func AssetAnnotations() ([]string, error)
- type Asset
- type AssetType
- type Bridge
- type Capabilities
- func (caps *Capabilities) IsBlockDeviceHotplugSupported() bool
- func (caps *Capabilities) IsBlockDeviceSupported() bool
- func (caps *Capabilities) IsFsSharingSupported() bool
- func (caps *Capabilities) IsMultiQueueSupported() bool
- func (caps *Capabilities) IsNetworkDeviceHotplugSupported() bool
- func (caps *Capabilities) SetBlockDeviceHotplugSupport()
- func (caps *Capabilities) SetBlockDeviceSupport()
- func (caps *Capabilities) SetFsSharingSupport()
- func (caps *Capabilities) SetMultiQueueSupport()
- func (caps *Capabilities) SetNetworkDeviceHotplugSupported()
- type Cmd
- type ContainerState
- type DirectAssignedVolume
- type DmVerityInfo
- type EnvVar
- type FcConfig
- type HybridVSock
- type ImagePullVolume
- type KataVirtualVolume
- type MockHybridVSock
- type NydusImageVolume
- type PciPath
- type PciSlot
- type RemoteSock
- type Resources
- type SandboxState
- type Socket
- type Sockets
- type StateString
- type Type
- type VSock
- type Volume
- type Volumes
Constants ¶
const ( HybridVSockScheme = "hvsock" MockHybridVSockScheme = "mock" VSockScheme = "vsock" RemoteSockScheme = "remote" )
const ( KataVirtualVolumeDirectBlockType = "direct_block" KataVirtualVolumeImageRawBlockType = "image_raw_block" KataVirtualVolumeLayerRawBlockType = "layer_raw_block" KataVirtualVolumeImageNydusBlockType = "image_nydus_block" KataVirtualVolumeLayerNydusBlockType = "layer_nydus_block" KataVirtualVolumeImageNydusFsType = "image_nydus_fs" KataVirtualVolumeLayerNydusFsType = "layer_nydus_fs" KataVirtualVolumeImageGuestPullType = "image_guest_pull" )
const CCWBridgeMaxCapacity = 0xffff
const PCIBridgeMaxCapacity = 30
Variables ¶
var ( ErrNeedSandbox = errors.New("Sandbox must be specified") ErrNeedSandboxID = errors.New("Sandbox ID cannot be empty") ErrNeedContainerID = errors.New("Container ID cannot be empty") ErrNeedState = errors.New("State cannot be empty") ErrNoSuchContainer = errors.New("Container does not exist") ErrInvalidConfigType = errors.New("Invalid config type") )
common error objects used for argument checking
Functions ¶
func AssetAnnotations ¶
AssetAnnotations returns all annotations for all asset types.
Types ¶
type Asset ¶
type Asset struct {
// contains filtered or unexported fields
}
Asset represents a virtcontainers asset.
type AssetType ¶
type AssetType string
AssetType describe a type of assets.
const ( // KernelAsset is a kernel asset. KernelAsset AssetType = "kernel" // ImageAsset is an image asset. ImageAsset AssetType = "image" // InitrdAsset is an initrd asset. InitrdAsset AssetType = "initrd" // SecureBootAsset is a secure boot asset. // (IBM Z Secure Execution only) SecureBootAsset AssetType = "secure_boot" // HypervisorAsset is an hypervisor asset. HypervisorAsset AssetType = "hypervisor" // HypervisorCtlAsset is a hypervisor control asset. HypervisorCtlAsset AssetType = "hypervisorctl" // JailerAsset is a jailer asset. JailerAsset AssetType = "jailer" // FirmwareAsset is a firmware asset. FirmwareAsset AssetType = "firmware" FirmwareVolumeAsset AssetType = "firmware_volume" UnkownAsset AssetType = "unknown" )
func AssetTypes ¶
func AssetTypes() []AssetType
AssetTypes returns a list of all known asset types.
XXX: New asset types *MUST* be added here.
type Bridge ¶
type Bridge struct { // Devices contains information about devices plugged and its address in the bridge Devices map[uint32]string // ID is used to identify the bridge in the hypervisor ID string // Type is the type of the bridge (pci, pcie, etc) Type Type // Addr is the slot of the bridge Addr int // MaxCapacity is the max capacity of the bridge MaxCapacity uint32 }
func (*Bridge) AddressFormatCCW ¶
AddressFormatCCW returns the address format for the device number. The channel subsystem-ID 0xfe is reserved to the virtual channel and the address format is in the form fe.n.dddd, where n is subchannel set ID and ddd the device number. More details at https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ldva/ldva_t_configuringSCSIdevices.html
func (*Bridge) AddressFormatCCWForVirtServer ¶
AddressFormatCCWForVirtServer returns the address format for the virtual server. The address format is in the form of 0.n.dddd
func (*Bridge) RemoveDevice ¶
type Capabilities ¶
type Capabilities struct {
// contains filtered or unexported fields
}
Capabilities describe a virtcontainers hypervisor capabilities through a bit mask.
func (*Capabilities) IsBlockDeviceHotplugSupported ¶
func (caps *Capabilities) IsBlockDeviceHotplugSupported() bool
IsBlockDeviceHotplugSupported tells if an hypervisor supports hotplugging block devices.
func (*Capabilities) IsBlockDeviceSupported ¶
func (caps *Capabilities) IsBlockDeviceSupported() bool
IsBlockDeviceSupported tells if an hypervisor supports block devices.
func (*Capabilities) IsFsSharingSupported ¶
func (caps *Capabilities) IsFsSharingSupported() bool
IsFsSharingSupported tells if an hypervisor supports host filesystem sharing.
func (*Capabilities) IsMultiQueueSupported ¶
func (caps *Capabilities) IsMultiQueueSupported() bool
IsMultiQueueSupported tells if an hypervisor supports device multi queue support.
func (*Capabilities) IsNetworkDeviceHotplugSupported ¶
func (caps *Capabilities) IsNetworkDeviceHotplugSupported() bool
IsDeviceHotplugSupported tells if an hypervisor supports device hotplug.
func (*Capabilities) SetBlockDeviceHotplugSupport ¶
func (caps *Capabilities) SetBlockDeviceHotplugSupport()
SetBlockDeviceHotplugSupport sets the block device hotplugging capability to true.
func (*Capabilities) SetBlockDeviceSupport ¶
func (caps *Capabilities) SetBlockDeviceSupport()
SetBlockDeviceSupport sets the block device support capability to true.
func (*Capabilities) SetFsSharingSupport ¶
func (caps *Capabilities) SetFsSharingSupport()
SetFsSharingSupport sets the host filesystem sharing capability to true.
func (*Capabilities) SetMultiQueueSupport ¶
func (caps *Capabilities) SetMultiQueueSupport()
SetMultiQueueSupport sets the device multi queue capability to true.
func (*Capabilities) SetNetworkDeviceHotplugSupported ¶
func (caps *Capabilities) SetNetworkDeviceHotplugSupported()
SetDeviceHotplugSupported sets the host filesystem sharing capability to true.
type Cmd ¶
type Cmd struct { Capabilities *specs.LinuxCapabilities // Note that these fields *MUST* remain as strings. // // The reason being that we want runtimes to be able to support CLI // operations like "exec --user=". That option allows the // specification of a user (either as a string username or a numeric // UID), and may optionally also include a group (groupame or GID). // // Since this type is the interface to allow the runtime to specify // the user and group the workload can run as, these user and group // fields cannot be encoded as integer values since that would imply // the runtime itself would need to perform a UID/GID lookup on the // user-specified username/groupname. But that isn't practically // possible given that to do so would require the runtime to access // the image to allow it to interrogate the appropriate databases to // convert the username/groupnames to UID/GID values. // // Note that this argument applies solely to the _runtime_ supporting // a "--user=" option when running in a "standalone mode" - there is // no issue when the runtime is called by a container manager since // all the user and group mapping is handled by the container manager // and specified to the runtime in terms of UID/GID's in the // configuration file generated by the container manager. User string PrimaryGroup string WorkDir string Args []string Envs []EnvVar SupplementaryGroups []string Interactive bool Detach bool NoNewPrivileges bool }
Cmd represents a command to execute in a running container.
type ContainerState ¶
type ContainerState struct { State StateString `json:"state"` BlockDeviceID string // File system of the rootfs incase it is block device Fstype string `json:"fstype"` // CgroupPath is the cgroup hierarchy where sandbox's processes // including the hypervisor are placed. CgroupPath string `json:"cgroupPath,omitempty"` }
ContainerState is a sandbox state structure.
func (*ContainerState) Valid ¶
func (state *ContainerState) Valid() bool
Valid checks that the container state is valid.
func (*ContainerState) ValidTransition ¶
func (state *ContainerState) ValidTransition(oldState StateString, newState StateString) error
ValidTransition returns an error if we want to move to an unreachable state.
type DirectAssignedVolume ¶
DirectAssignedVolume contains meta information for a directly assigned volume.
func (*DirectAssignedVolume) IsValid ¶
func (d *DirectAssignedVolume) IsValid() bool
type DmVerityInfo ¶
type DmVerityInfo struct { HashType string `json:"hashtype"` Hash string `json:"hash"` BlockNum uint64 `json:"blocknum"` Blocksize uint64 `json:"blocksize"` Hashsize uint64 `json:"hashsize"` Offset uint64 `json:"offset"` }
DmVerityInfo contains configuration information for DmVerity device.
func ParseDmVerityInfo ¶
func ParseDmVerityInfo(option string) (*DmVerityInfo, error)
func (*DmVerityInfo) IsValid ¶
func (d *DmVerityInfo) IsValid() error
type FcConfig ¶
type FcConfig struct { BootSource *models.BootSource `json:"boot-source"` MachineConfig *models.MachineConfiguration `json:"machine-config"` Vsock *models.Vsock `json:"vsock,omitempty"` Logger *models.Logger `json:"logger,omitempty"` Metrics *models.Metrics `json:"metrics,omitempty"` Drives []*models.Drive `json:"drives,omitempty"` NetworkInterfaces []*models.NetworkInterface `json:"network-interfaces,omitempty"` }
type HybridVSock ¶
HybridVSock defines a hybrid vsocket to communicate between the host and any process inside the VM. This is a virtio-vsock implementation based on AF_VSOCK on the guest side and multiple AF_UNIX sockets on the host side. This kind of socket is not supported in all hypervisors. Firecracker supports it.
func (*HybridVSock) String ¶
func (s *HybridVSock) String() string
type ImagePullVolume ¶
ImagePullVolume contains meta information for pulling an image inside the guest.
func (*ImagePullVolume) IsValid ¶
func (i *ImagePullVolume) IsValid() bool
type KataVirtualVolume ¶
type KataVirtualVolume struct { VolumeType string `json:"volume_type"` Source string `json:"source,omitempty"` FSType string `json:"fs_type,omitempty"` Options []string `json:"options,omitempty"` DirectVolume *DirectAssignedVolume `json:"direct_volume,omitempty"` ImagePull *ImagePullVolume `json:"image_pull,omitempty"` NydusImage *NydusImageVolume `json:"nydus_image,omitempty"` DmVerity *DmVerityInfo `json:"dm_verity,omitempty"` }
KataVirtualVolume encapsulates information for extra mount options and direct volumes.
func ParseKataVirtualVolume ¶
func ParseKataVirtualVolume(option string) (*KataVirtualVolume, error)
func (*KataVirtualVolume) IsValid ¶
func (k *KataVirtualVolume) IsValid() bool
type MockHybridVSock ¶
type MockHybridVSock struct {
UdsPath string
}
MockHybridVSock defines a mock hybrid vsocket for tests only.
func (*MockHybridVSock) String ¶
func (s *MockHybridVSock) String() string
type NydusImageVolume ¶
type NydusImageVolume struct { Config string `json:"config"` SnapshotDir string `json:"snapshot_dir"` }
NydusImageVolume contains Nydus image volume information.
func (*NydusImageVolume) IsValid ¶
func (n *NydusImageVolume) IsValid() bool
type PciPath ¶
type PciPath struct {
// contains filtered or unexported fields
}
A PciPath describes where a PCI sits in a PCI hierarchy.
Consists of a list of PCI slots, giving the slot of each bridge that must be traversed from the PCI root to reach the device, followed by the slot of the device itself
When formatted into a string is written as "xx/.../yy/zz" Here, zz is the slot of the device on its PCI bridge, yy is the slot of the bridge on its parent bridge and so forth until xx is the slot of the "most upstream" bridge on the root bus. If a device is connected directly to the root bus, its PciPath is just "zz"
func PciPathFromSlots ¶
func PciPathFromString ¶
type PciSlot ¶
type PciSlot struct {
// contains filtered or unexported fields
}
A PciSlot describes where a PCI device sits on a single bus
This encapsulates the PCI slot number a.k.a device number, which is limited to a 5 bit value [0x00..0x1f] by the PCI specification
XXX In order to support multifunction device's we'll need to extend this to include the PCI 3-bit function number as well.
func PciSlotFromInt ¶
func PciSlotFromString ¶
type RemoteSock ¶
func (*RemoteSock) String ¶
func (s *RemoteSock) String() string
type Resources ¶
type Resources struct { // Memory is the amount of available memory in MiB. Memory uint MemorySlots uint8 }
Resources describes VM resources configuration.
type SandboxState ¶
type SandboxState struct { // Index map of the block device passed to hypervisor. BlockIndexMap map[int]struct{} `json:"blockIndexMap"` // Path to all the cgroups setup for a container. Key is cgroup subsystem name // with the value as the path. CgroupPaths map[string]string `json:"cgroupPaths"` State StateString `json:"state"` // SandboxCgroupPath is the cgroup path for all the sandbox processes, // when sandbox_cgroup_only is set. When it's not set, part of those // processes will be living under the overhead cgroup. SandboxCgroupPath string `json:"sandboxCgroupPath,omitempty"` // OverheadCgroupPath is the path to the optional overhead cgroup // path holding processes that should not be part of the sandbox // cgroup. OverheadCgroupPath string `json:"overheadCgroupPath,omitempty"` // PersistVersion indicates current storage api version. // It's also known as ABI version of kata-runtime. // Note: it won't be written to disk PersistVersion uint `json:"-"` // GuestMemoryBlockSizeMB is the size of memory block of guestos GuestMemoryBlockSizeMB uint32 `json:"guestMemoryBlockSize"` // GuestMemoryHotplugProbe determines whether guest kernel supports memory hotplug probe interface GuestMemoryHotplugProbe bool `json:"guestMemoryHotplugProbe"` }
SandboxState is a sandbox state structure
func (*SandboxState) Valid ¶
func (state *SandboxState) Valid() bool
Valid checks that the sandbox state is valid.
func (*SandboxState) ValidTransition ¶
func (state *SandboxState) ValidTransition(oldState StateString, newState StateString) error
ValidTransition returns an error if we want to move to an unreachable state.
type Socket ¶
Socket defines a socket to communicate between the host and any process inside the VM.
type Sockets ¶
type Sockets []Socket
Sockets is a Socket list.
type StateString ¶
type StateString string
StateString is a string representing a sandbox state.
const ( // StateReady represents a sandbox/container that's ready to be run StateReady StateString = "ready" // StateRunning represents a sandbox/container that's currently running. StateRunning StateString = "running" // StatePaused represents a sandbox/container that has been paused. StatePaused StateString = "paused" // StateStopped represents a sandbox/container that has been stopped. StateStopped StateString = "stopped" // StateCreating represents a sandbox/container that's in creating. StateCreating StateString = "creating" )
type VSock ¶
VSock defines a virtio-socket to communicate between the host and any process inside the VM. This kind of socket is not supported in all hypervisors.