github.com/jiasir/docker@v1.3.3-0.20170609024000-252e610103e7/api/types/container/host_config.go (about) 1 package container 2 3 import ( 4 "strings" 5 6 "github.com/docker/docker/api/types/blkiodev" 7 "github.com/docker/docker/api/types/mount" 8 "github.com/docker/docker/api/types/strslice" 9 "github.com/docker/go-connections/nat" 10 "github.com/docker/go-units" 11 ) 12 13 // Isolation represents the isolation technology of a container. The supported 14 // values are platform specific 15 type Isolation string 16 17 // IsDefault indicates the default isolation technology of a container. On Linux this 18 // is the native driver. On Windows, this is a Windows Server Container. 19 func (i Isolation) IsDefault() bool { 20 return strings.ToLower(string(i)) == "default" || string(i) == "" 21 } 22 23 // IpcMode represents the container ipc stack. 24 type IpcMode string 25 26 // IsPrivate indicates whether the container uses its private ipc stack. 27 func (n IpcMode) IsPrivate() bool { 28 return !(n.IsHost() || n.IsContainer()) 29 } 30 31 // IsHost indicates whether the container uses the host's ipc stack. 32 func (n IpcMode) IsHost() bool { 33 return n == "host" 34 } 35 36 // IsContainer indicates whether the container uses a container's ipc stack. 37 func (n IpcMode) IsContainer() bool { 38 parts := strings.SplitN(string(n), ":", 2) 39 return len(parts) > 1 && parts[0] == "container" 40 } 41 42 // Valid indicates whether the ipc stack is valid. 43 func (n IpcMode) Valid() bool { 44 parts := strings.Split(string(n), ":") 45 switch mode := parts[0]; mode { 46 case "", "host": 47 case "container": 48 if len(parts) != 2 || parts[1] == "" { 49 return false 50 } 51 default: 52 return false 53 } 54 return true 55 } 56 57 // Container returns the name of the container ipc stack is going to be used. 58 func (n IpcMode) Container() string { 59 parts := strings.SplitN(string(n), ":", 2) 60 if len(parts) > 1 { 61 return parts[1] 62 } 63 return "" 64 } 65 66 // NetworkMode represents the container network stack. 67 type NetworkMode string 68 69 // IsNone indicates whether container isn't using a network stack. 70 func (n NetworkMode) IsNone() bool { 71 return n == "none" 72 } 73 74 // IsDefault indicates whether container uses the default network stack. 75 func (n NetworkMode) IsDefault() bool { 76 return n == "default" 77 } 78 79 // IsPrivate indicates whether container uses its private network stack. 80 func (n NetworkMode) IsPrivate() bool { 81 return !(n.IsHost() || n.IsContainer()) 82 } 83 84 // IsContainer indicates whether container uses a container network stack. 85 func (n NetworkMode) IsContainer() bool { 86 parts := strings.SplitN(string(n), ":", 2) 87 return len(parts) > 1 && parts[0] == "container" 88 } 89 90 // ConnectedContainer is the id of the container which network this container is connected to. 91 func (n NetworkMode) ConnectedContainer() string { 92 parts := strings.SplitN(string(n), ":", 2) 93 if len(parts) > 1 { 94 return parts[1] 95 } 96 return "" 97 } 98 99 //UserDefined indicates user-created network 100 func (n NetworkMode) UserDefined() string { 101 if n.IsUserDefined() { 102 return string(n) 103 } 104 return "" 105 } 106 107 // UsernsMode represents userns mode in the container. 108 type UsernsMode string 109 110 // IsHost indicates whether the container uses the host's userns. 111 func (n UsernsMode) IsHost() bool { 112 return n == "host" 113 } 114 115 // IsPrivate indicates whether the container uses the a private userns. 116 func (n UsernsMode) IsPrivate() bool { 117 return !(n.IsHost()) 118 } 119 120 // Valid indicates whether the userns is valid. 121 func (n UsernsMode) Valid() bool { 122 parts := strings.Split(string(n), ":") 123 switch mode := parts[0]; mode { 124 case "", "host": 125 default: 126 return false 127 } 128 return true 129 } 130 131 // CgroupSpec represents the cgroup to use for the container. 132 type CgroupSpec string 133 134 // IsContainer indicates whether the container is using another container cgroup 135 func (c CgroupSpec) IsContainer() bool { 136 parts := strings.SplitN(string(c), ":", 2) 137 return len(parts) > 1 && parts[0] == "container" 138 } 139 140 // Valid indicates whether the cgroup spec is valid. 141 func (c CgroupSpec) Valid() bool { 142 return c.IsContainer() || c == "" 143 } 144 145 // Container returns the name of the container whose cgroup will be used. 146 func (c CgroupSpec) Container() string { 147 parts := strings.SplitN(string(c), ":", 2) 148 if len(parts) > 1 { 149 return parts[1] 150 } 151 return "" 152 } 153 154 // UTSMode represents the UTS namespace of the container. 155 type UTSMode string 156 157 // IsPrivate indicates whether the container uses its private UTS namespace. 158 func (n UTSMode) IsPrivate() bool { 159 return !(n.IsHost()) 160 } 161 162 // IsHost indicates whether the container uses the host's UTS namespace. 163 func (n UTSMode) IsHost() bool { 164 return n == "host" 165 } 166 167 // Valid indicates whether the UTS namespace is valid. 168 func (n UTSMode) Valid() bool { 169 parts := strings.Split(string(n), ":") 170 switch mode := parts[0]; mode { 171 case "", "host": 172 default: 173 return false 174 } 175 return true 176 } 177 178 // PidMode represents the pid namespace of the container. 179 type PidMode string 180 181 // IsPrivate indicates whether the container uses its own new pid namespace. 182 func (n PidMode) IsPrivate() bool { 183 return !(n.IsHost() || n.IsContainer()) 184 } 185 186 // IsHost indicates whether the container uses the host's pid namespace. 187 func (n PidMode) IsHost() bool { 188 return n == "host" 189 } 190 191 // IsContainer indicates whether the container uses a container's pid namespace. 192 func (n PidMode) IsContainer() bool { 193 parts := strings.SplitN(string(n), ":", 2) 194 return len(parts) > 1 && parts[0] == "container" 195 } 196 197 // Valid indicates whether the pid namespace is valid. 198 func (n PidMode) Valid() bool { 199 parts := strings.Split(string(n), ":") 200 switch mode := parts[0]; mode { 201 case "", "host": 202 case "container": 203 if len(parts) != 2 || parts[1] == "" { 204 return false 205 } 206 default: 207 return false 208 } 209 return true 210 } 211 212 // Container returns the name of the container whose pid namespace is going to be used. 213 func (n PidMode) Container() string { 214 parts := strings.SplitN(string(n), ":", 2) 215 if len(parts) > 1 { 216 return parts[1] 217 } 218 return "" 219 } 220 221 // DeviceMapping represents the device mapping between the host and the container. 222 type DeviceMapping struct { 223 PathOnHost string 224 PathInContainer string 225 CgroupPermissions string 226 } 227 228 // RestartPolicy represents the restart policies of the container. 229 type RestartPolicy struct { 230 Name string 231 MaximumRetryCount int 232 } 233 234 // IsNone indicates whether the container has the "no" restart policy. 235 // This means the container will not automatically restart when exiting. 236 func (rp *RestartPolicy) IsNone() bool { 237 return rp.Name == "no" || rp.Name == "" 238 } 239 240 // IsAlways indicates whether the container has the "always" restart policy. 241 // This means the container will automatically restart regardless of the exit status. 242 func (rp *RestartPolicy) IsAlways() bool { 243 return rp.Name == "always" 244 } 245 246 // IsOnFailure indicates whether the container has the "on-failure" restart policy. 247 // This means the container will automatically restart of exiting with a non-zero exit status. 248 func (rp *RestartPolicy) IsOnFailure() bool { 249 return rp.Name == "on-failure" 250 } 251 252 // IsUnlessStopped indicates whether the container has the 253 // "unless-stopped" restart policy. This means the container will 254 // automatically restart unless user has put it to stopped state. 255 func (rp *RestartPolicy) IsUnlessStopped() bool { 256 return rp.Name == "unless-stopped" 257 } 258 259 // IsSame compares two RestartPolicy to see if they are the same 260 func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool { 261 return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount 262 } 263 264 // LogMode is a type to define the available modes for logging 265 // These modes affect how logs are handled when log messages start piling up. 266 type LogMode string 267 268 // Available logging modes 269 const ( 270 LogModeUnset = "" 271 LogModeBlocking LogMode = "blocking" 272 LogModeNonBlock LogMode = "non-blocking" 273 ) 274 275 // LogConfig represents the logging configuration of the container. 276 type LogConfig struct { 277 Type string 278 Config map[string]string 279 } 280 281 // Resources contains container's resources (cgroups config, ulimits...) 282 type Resources struct { 283 // Applicable to all platforms 284 CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers) 285 Memory int64 // Memory limit (in bytes) 286 NanoCPUs int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs. 287 288 // Applicable to UNIX platforms 289 CgroupParent string // Parent cgroup. 290 BlkioWeight uint16 // Block IO weight (relative weight vs. other containers) 291 BlkioWeightDevice []*blkiodev.WeightDevice 292 BlkioDeviceReadBps []*blkiodev.ThrottleDevice 293 BlkioDeviceWriteBps []*blkiodev.ThrottleDevice 294 BlkioDeviceReadIOps []*blkiodev.ThrottleDevice 295 BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice 296 CPUPeriod int64 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period 297 CPUQuota int64 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota 298 CPURealtimePeriod int64 `json:"CpuRealtimePeriod"` // CPU real-time period 299 CPURealtimeRuntime int64 `json:"CpuRealtimeRuntime"` // CPU real-time runtime 300 CpusetCpus string // CpusetCpus 0-2, 0,1 301 CpusetMems string // CpusetMems 0-2, 0,1 302 Devices []DeviceMapping // List of devices to map inside the container 303 DeviceCgroupRules []string // List of rule to be added to the device cgroup 304 DiskQuota int64 // Disk limit (in bytes) 305 KernelMemory int64 // Kernel memory limit (in bytes) 306 MemoryReservation int64 // Memory soft limit (in bytes) 307 MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap 308 MemorySwappiness *int64 // Tuning container memory swappiness behaviour 309 OomKillDisable *bool // Whether to disable OOM Killer or not 310 PidsLimit int64 // Setting pids limit for a container 311 Ulimits []*units.Ulimit // List of ulimits to be set in the container 312 313 // Applicable to Windows 314 CPUCount int64 `json:"CpuCount"` // CPU count 315 CPUPercent int64 `json:"CpuPercent"` // CPU percent 316 IOMaximumIOps uint64 // Maximum IOps for the container system drive 317 IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive 318 } 319 320 // UpdateConfig holds the mutable attributes of a Container. 321 // Those attributes can be updated at runtime. 322 type UpdateConfig struct { 323 // Contains container's resources (cgroups, ulimits) 324 Resources 325 RestartPolicy RestartPolicy 326 } 327 328 // HostConfig the non-portable Config structure of a container. 329 // Here, "non-portable" means "dependent of the host we are running on". 330 // Portable information *should* appear in Config. 331 type HostConfig struct { 332 // Applicable to all platforms 333 Binds []string // List of volume bindings for this container 334 ContainerIDFile string // File (path) where the containerId is written 335 LogConfig LogConfig // Configuration of the logs for this container 336 NetworkMode NetworkMode // Network mode to use for the container 337 PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host 338 RestartPolicy RestartPolicy // Restart policy to be used for the container 339 AutoRemove bool // Automatically remove container when it exits 340 VolumeDriver string // Name of the volume driver used to mount volumes 341 VolumesFrom []string // List of volumes to take from other container 342 343 // Applicable to UNIX platforms 344 CapAdd strslice.StrSlice // List of kernel capabilities to add to the container 345 CapDrop strslice.StrSlice // List of kernel capabilities to remove from the container 346 DNS []string `json:"Dns"` // List of DNS server to lookup 347 DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for 348 DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for 349 ExtraHosts []string // List of extra hosts 350 GroupAdd []string // List of additional groups that the container process will run as 351 IpcMode IpcMode // IPC namespace to use for the container 352 Cgroup CgroupSpec // Cgroup to use for the container 353 Links []string // List of links (in the name:alias form) 354 OomScoreAdj int // Container preference for OOM-killing 355 PidMode PidMode // PID namespace to use for the container 356 Privileged bool // Is the container in privileged mode 357 PublishAllPorts bool // Should docker publish all exposed port for the container 358 ReadonlyRootfs bool // Is the container root filesystem in read-only 359 SecurityOpt []string // List of string values to customize labels for MLS systems, such as SELinux. 360 StorageOpt map[string]string `json:",omitempty"` // Storage driver options per container. 361 Tmpfs map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container 362 UTSMode UTSMode // UTS namespace to use for the container 363 UsernsMode UsernsMode // The user namespace to use for the container 364 ShmSize int64 // Total shm memory usage 365 Sysctls map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container 366 Runtime string `json:",omitempty"` // Runtime to use with this container 367 368 // Applicable to Windows 369 ConsoleSize [2]uint // Initial console size (height,width) 370 Isolation Isolation // Isolation technology of the container (e.g. default, hyperv) 371 372 // Contains container's resources (cgroups, ulimits) 373 Resources 374 375 // Mounts specs used by the container 376 Mounts []mount.Mount `json:",omitempty"` 377 378 // Run a custom init inside the container, if null, use the daemon's configured settings 379 Init *bool `json:",omitempty"` 380 }