github.com/a4a881d4/docker@v1.9.0-rc2/runconfig/hostconfig.go (about) 1 package runconfig 2 3 import ( 4 "encoding/json" 5 "io" 6 "strings" 7 8 "github.com/docker/docker/pkg/nat" 9 "github.com/docker/docker/pkg/stringutils" 10 "github.com/docker/docker/pkg/ulimit" 11 ) 12 13 // KeyValuePair is a structure that hold a value for a key. 14 type KeyValuePair struct { 15 Key string 16 Value string 17 } 18 19 // NetworkMode represents the container network stack. 20 type NetworkMode string 21 22 // IpcMode represents the container ipc stack. 23 type IpcMode string 24 25 // IsPrivate indicates whether the container uses it's private ipc stack. 26 func (n IpcMode) IsPrivate() bool { 27 return !(n.IsHost() || n.IsContainer()) 28 } 29 30 // IsHost indicates whether the container uses the host's ipc stack. 31 func (n IpcMode) IsHost() bool { 32 return n == "host" 33 } 34 35 // IsContainer indicates whether the container uses a container's ipc stack. 36 func (n IpcMode) IsContainer() bool { 37 parts := strings.SplitN(string(n), ":", 2) 38 return len(parts) > 1 && parts[0] == "container" 39 } 40 41 // Valid indicates whether the ipc stack is valid. 42 func (n IpcMode) Valid() bool { 43 parts := strings.Split(string(n), ":") 44 switch mode := parts[0]; mode { 45 case "", "host": 46 case "container": 47 if len(parts) != 2 || parts[1] == "" { 48 return false 49 } 50 default: 51 return false 52 } 53 return true 54 } 55 56 // Container returns the name of the container ipc stack is going to be used. 57 func (n IpcMode) Container() string { 58 parts := strings.SplitN(string(n), ":", 2) 59 if len(parts) > 1 { 60 return parts[1] 61 } 62 return "" 63 } 64 65 // UTSMode represents the UTS namespace of the container. 66 type UTSMode string 67 68 // IsPrivate indicates whether the container uses it's private UTS namespace. 69 func (n UTSMode) IsPrivate() bool { 70 return !(n.IsHost()) 71 } 72 73 // IsHost indicates whether the container uses the host's UTS namespace. 74 func (n UTSMode) IsHost() bool { 75 return n == "host" 76 } 77 78 // Valid indicates whether the UTS namespace is valid. 79 func (n UTSMode) Valid() bool { 80 parts := strings.Split(string(n), ":") 81 switch mode := parts[0]; mode { 82 case "", "host": 83 default: 84 return false 85 } 86 return true 87 } 88 89 // PidMode represents the pid stack of the container. 90 type PidMode string 91 92 // IsPrivate indicates whether the container uses it's private pid stack. 93 func (n PidMode) IsPrivate() bool { 94 return !(n.IsHost()) 95 } 96 97 // IsHost indicates whether the container uses the host's pid stack. 98 func (n PidMode) IsHost() bool { 99 return n == "host" 100 } 101 102 // Valid indicates whether the pid stack is valid. 103 func (n PidMode) Valid() bool { 104 parts := strings.Split(string(n), ":") 105 switch mode := parts[0]; mode { 106 case "", "host": 107 default: 108 return false 109 } 110 return true 111 } 112 113 // DeviceMapping represents the device mapping between the host and the container. 114 type DeviceMapping struct { 115 PathOnHost string 116 PathInContainer string 117 CgroupPermissions string 118 } 119 120 // RestartPolicy represents the restart policies of the container. 121 type RestartPolicy struct { 122 Name string 123 MaximumRetryCount int 124 } 125 126 // IsNone indicates whether the container has the "no" restart policy. 127 // This means the container will not automatically restart when exiting. 128 func (rp *RestartPolicy) IsNone() bool { 129 return rp.Name == "no" 130 } 131 132 // IsAlways indicates whether the container has the "always" restart policy. 133 // This means the container will automatically restart regardless of the exit status. 134 func (rp *RestartPolicy) IsAlways() bool { 135 return rp.Name == "always" 136 } 137 138 // IsOnFailure indicates whether the container has the "on-failure" restart policy. 139 // This means the contain will automatically restart of exiting with a non-zero exit status. 140 func (rp *RestartPolicy) IsOnFailure() bool { 141 return rp.Name == "on-failure" 142 } 143 144 // IsUnlessStopped indicates whether the container has the 145 // "unless-stopped" restart policy. This means the container will 146 // automatically restart unless user has put it to stopped state. 147 func (rp *RestartPolicy) IsUnlessStopped() bool { 148 return rp.Name == "unless-stopped" 149 } 150 151 // LogConfig represents the logging configuration of the container. 152 type LogConfig struct { 153 Type string 154 Config map[string]string 155 } 156 157 // LxcConfig represents the specific LXC configuration of the container. 158 type LxcConfig struct { 159 values []KeyValuePair 160 } 161 162 // MarshalJSON marshals (or serializes) the LxcConfig into JSON. 163 func (c *LxcConfig) MarshalJSON() ([]byte, error) { 164 if c == nil { 165 return []byte{}, nil 166 } 167 return json.Marshal(c.Slice()) 168 } 169 170 // UnmarshalJSON unmarshals (or deserializes) the specified byte slices from JSON to 171 // a LxcConfig. 172 func (c *LxcConfig) UnmarshalJSON(b []byte) error { 173 if len(b) == 0 { 174 return nil 175 } 176 177 var kv []KeyValuePair 178 if err := json.Unmarshal(b, &kv); err != nil { 179 var h map[string]string 180 if err := json.Unmarshal(b, &h); err != nil { 181 return err 182 } 183 for k, v := range h { 184 kv = append(kv, KeyValuePair{k, v}) 185 } 186 } 187 c.values = kv 188 189 return nil 190 } 191 192 // Len returns the number of specific lxc configuration. 193 func (c *LxcConfig) Len() int { 194 if c == nil { 195 return 0 196 } 197 return len(c.values) 198 } 199 200 // Slice returns the specific lxc configuration into a slice of KeyValuePair. 201 func (c *LxcConfig) Slice() []KeyValuePair { 202 if c == nil { 203 return nil 204 } 205 return c.values 206 } 207 208 // NewLxcConfig creates a LxcConfig from the specified slice of KeyValuePair. 209 func NewLxcConfig(values []KeyValuePair) *LxcConfig { 210 return &LxcConfig{values} 211 } 212 213 // HostConfig the non-portable Config structure of a container. 214 // Here, "non-portable" means "dependent of the host we are running on". 215 // Portable information *should* appear in Config. 216 type HostConfig struct { 217 Binds []string // List of volume bindings for this container 218 ContainerIDFile string // File (path) where the containerId is written 219 LxcConf *LxcConfig // Additional lxc configuration 220 Memory int64 // Memory limit (in bytes) 221 MemoryReservation int64 // Memory soft limit (in bytes) 222 MemorySwap int64 // Total memory usage (memory + swap); set `-1` to disable swap 223 KernelMemory int64 // Kernel memory limit (in bytes) 224 CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers) 225 CPUPeriod int64 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period 226 CpusetCpus string // CpusetCpus 0-2, 0,1 227 CpusetMems string // CpusetMems 0-2, 0,1 228 CPUQuota int64 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota 229 BlkioWeight uint16 // Block IO weight (relative weight vs. other containers) 230 OomKillDisable bool // Whether to disable OOM Killer or not 231 MemorySwappiness *int64 // Tuning container memory swappiness behaviour 232 Privileged bool // Is the container in privileged mode 233 PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host 234 Links []string // List of links (in the name:alias form) 235 PublishAllPorts bool // Should docker publish all exposed port for the container 236 DNS []string `json:"Dns"` // List of DNS server to lookup 237 DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for 238 DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for 239 ExtraHosts []string // List of extra hosts 240 VolumesFrom []string // List of volumes to take from other container 241 Devices []DeviceMapping // List of devices to map inside the container 242 NetworkMode NetworkMode // Network namespace to use for the container 243 IpcMode IpcMode // IPC namespace to use for the container 244 PidMode PidMode // PID namespace to use for the container 245 UTSMode UTSMode // UTS namespace to use for the container 246 CapAdd *stringutils.StrSlice // List of kernel capabilities to add to the container 247 CapDrop *stringutils.StrSlice // List of kernel capabilities to remove from the container 248 GroupAdd []string // List of additional groups that the container process will run as 249 RestartPolicy RestartPolicy // Restart policy to be used for the container 250 SecurityOpt []string // List of string values to customize labels for MLS systems, such as SELinux. 251 ReadonlyRootfs bool // Is the container root filesystem in read-only 252 Ulimits []*ulimit.Ulimit // List of ulimits to be set in the container 253 LogConfig LogConfig // Configuration of the logs for this container 254 CgroupParent string // Parent cgroup. 255 ConsoleSize [2]int // Initial console size on Windows 256 VolumeDriver string // Name of the volume driver used to mount volumes 257 } 258 259 // DecodeHostConfig creates a HostConfig based on the specified Reader. 260 // It assumes the content of the reader will be JSON, and decodes it. 261 func DecodeHostConfig(src io.Reader) (*HostConfig, error) { 262 decoder := json.NewDecoder(src) 263 264 var w ContainerConfigWrapper 265 if err := decoder.Decode(&w); err != nil { 266 return nil, err 267 } 268 269 hc := w.getHostConfig() 270 return hc, nil 271 } 272 273 // SetDefaultNetModeIfBlank changes the NetworkMode in a HostConfig structure 274 // to default if it is not populated. This ensures backwards compatibility after 275 // the validation of the network mode was moved from the docker CLI to the 276 // docker daemon. 277 func SetDefaultNetModeIfBlank(hc *HostConfig) *HostConfig { 278 if hc != nil { 279 if hc.NetworkMode == NetworkMode("") { 280 hc.NetworkMode = NetworkMode("default") 281 } 282 } 283 return hc 284 }