github.com/shishir-a412ed/docker@v1.3.2-0.20180103180333-fda904911d87/api/types/container/host_config.go (about)

     1  package container
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/docker/docker/api/types/blkiodev"
     7  	"github.com/docker/docker/api/types/mount"
     8  	"github.com/docker/docker/api/types/strslice"
     9  	"github.com/docker/go-connections/nat"
    10  	"github.com/docker/go-units"
    11  )
    12  
    13  // Isolation represents the isolation technology of a container. The supported
    14  // values are platform specific
    15  type Isolation string
    16  
    17  // IsDefault indicates the default isolation technology of a container. On Linux this
    18  // is the native driver. On Windows, this is a Windows Server Container.
    19  func (i Isolation) IsDefault() bool {
    20  	return strings.ToLower(string(i)) == "default" || string(i) == ""
    21  }
    22  
    23  // IsHyperV indicates the use of a Hyper-V partition for isolation
    24  func (i Isolation) IsHyperV() bool {
    25  	return strings.ToLower(string(i)) == "hyperv"
    26  }
    27  
    28  // IsProcess indicates the use of process isolation
    29  func (i Isolation) IsProcess() bool {
    30  	return strings.ToLower(string(i)) == "process"
    31  }
    32  
    33  const (
    34  	// IsolationEmpty is unspecified (same behavior as default)
    35  	IsolationEmpty = Isolation("")
    36  	// IsolationDefault is the default isolation mode on current daemon
    37  	IsolationDefault = Isolation("default")
    38  	// IsolationProcess is process isolation mode
    39  	IsolationProcess = Isolation("process")
    40  	// IsolationHyperV is HyperV isolation mode
    41  	IsolationHyperV = Isolation("hyperv")
    42  )
    43  
    44  // IpcMode represents the container ipc stack.
    45  type IpcMode string
    46  
    47  // IsPrivate indicates whether the container uses its own private ipc namespace which can not be shared.
    48  func (n IpcMode) IsPrivate() bool {
    49  	return n == "private"
    50  }
    51  
    52  // IsHost indicates whether the container shares the host's ipc namespace.
    53  func (n IpcMode) IsHost() bool {
    54  	return n == "host"
    55  }
    56  
    57  // IsShareable indicates whether the container's ipc namespace can be shared with another container.
    58  func (n IpcMode) IsShareable() bool {
    59  	return n == "shareable"
    60  }
    61  
    62  // IsContainer indicates whether the container uses another container's ipc namespace.
    63  func (n IpcMode) IsContainer() bool {
    64  	parts := strings.SplitN(string(n), ":", 2)
    65  	return len(parts) > 1 && parts[0] == "container"
    66  }
    67  
    68  // IsNone indicates whether container IpcMode is set to "none".
    69  func (n IpcMode) IsNone() bool {
    70  	return n == "none"
    71  }
    72  
    73  // IsEmpty indicates whether container IpcMode is empty
    74  func (n IpcMode) IsEmpty() bool {
    75  	return n == ""
    76  }
    77  
    78  // Valid indicates whether the ipc mode is valid.
    79  func (n IpcMode) Valid() bool {
    80  	return n.IsEmpty() || n.IsNone() || n.IsPrivate() || n.IsHost() || n.IsShareable() || n.IsContainer()
    81  }
    82  
    83  // Container returns the name of the container ipc stack is going to be used.
    84  func (n IpcMode) Container() string {
    85  	parts := strings.SplitN(string(n), ":", 2)
    86  	if len(parts) > 1 && parts[0] == "container" {
    87  		return parts[1]
    88  	}
    89  	return ""
    90  }
    91  
    92  // NetworkMode represents the container network stack.
    93  type NetworkMode string
    94  
    95  // IsNone indicates whether container isn't using a network stack.
    96  func (n NetworkMode) IsNone() bool {
    97  	return n == "none"
    98  }
    99  
   100  // IsDefault indicates whether container uses the default network stack.
   101  func (n NetworkMode) IsDefault() bool {
   102  	return n == "default"
   103  }
   104  
   105  // IsPrivate indicates whether container uses its private network stack.
   106  func (n NetworkMode) IsPrivate() bool {
   107  	return !(n.IsHost() || n.IsContainer())
   108  }
   109  
   110  // IsContainer indicates whether container uses a container network stack.
   111  func (n NetworkMode) IsContainer() bool {
   112  	parts := strings.SplitN(string(n), ":", 2)
   113  	return len(parts) > 1 && parts[0] == "container"
   114  }
   115  
   116  // ConnectedContainer is the id of the container which network this container is connected to.
   117  func (n NetworkMode) ConnectedContainer() string {
   118  	parts := strings.SplitN(string(n), ":", 2)
   119  	if len(parts) > 1 {
   120  		return parts[1]
   121  	}
   122  	return ""
   123  }
   124  
   125  //UserDefined indicates user-created network
   126  func (n NetworkMode) UserDefined() string {
   127  	if n.IsUserDefined() {
   128  		return string(n)
   129  	}
   130  	return ""
   131  }
   132  
   133  // UsernsMode represents userns mode in the container.
   134  type UsernsMode string
   135  
   136  // IsHost indicates whether the container uses the host's userns.
   137  func (n UsernsMode) IsHost() bool {
   138  	return n == "host"
   139  }
   140  
   141  // IsPrivate indicates whether the container uses the a private userns.
   142  func (n UsernsMode) IsPrivate() bool {
   143  	return !(n.IsHost())
   144  }
   145  
   146  // Valid indicates whether the userns is valid.
   147  func (n UsernsMode) Valid() bool {
   148  	parts := strings.Split(string(n), ":")
   149  	switch mode := parts[0]; mode {
   150  	case "", "host":
   151  	default:
   152  		return false
   153  	}
   154  	return true
   155  }
   156  
   157  // CgroupSpec represents the cgroup to use for the container.
   158  type CgroupSpec string
   159  
   160  // IsContainer indicates whether the container is using another container cgroup
   161  func (c CgroupSpec) IsContainer() bool {
   162  	parts := strings.SplitN(string(c), ":", 2)
   163  	return len(parts) > 1 && parts[0] == "container"
   164  }
   165  
   166  // Valid indicates whether the cgroup spec is valid.
   167  func (c CgroupSpec) Valid() bool {
   168  	return c.IsContainer() || c == ""
   169  }
   170  
   171  // Container returns the name of the container whose cgroup will be used.
   172  func (c CgroupSpec) Container() string {
   173  	parts := strings.SplitN(string(c), ":", 2)
   174  	if len(parts) > 1 {
   175  		return parts[1]
   176  	}
   177  	return ""
   178  }
   179  
   180  // UTSMode represents the UTS namespace of the container.
   181  type UTSMode string
   182  
   183  // IsPrivate indicates whether the container uses its private UTS namespace.
   184  func (n UTSMode) IsPrivate() bool {
   185  	return !(n.IsHost())
   186  }
   187  
   188  // IsHost indicates whether the container uses the host's UTS namespace.
   189  func (n UTSMode) IsHost() bool {
   190  	return n == "host"
   191  }
   192  
   193  // Valid indicates whether the UTS namespace is valid.
   194  func (n UTSMode) Valid() bool {
   195  	parts := strings.Split(string(n), ":")
   196  	switch mode := parts[0]; mode {
   197  	case "", "host":
   198  	default:
   199  		return false
   200  	}
   201  	return true
   202  }
   203  
   204  // PidMode represents the pid namespace of the container.
   205  type PidMode string
   206  
   207  // IsPrivate indicates whether the container uses its own new pid namespace.
   208  func (n PidMode) IsPrivate() bool {
   209  	return !(n.IsHost() || n.IsContainer())
   210  }
   211  
   212  // IsHost indicates whether the container uses the host's pid namespace.
   213  func (n PidMode) IsHost() bool {
   214  	return n == "host"
   215  }
   216  
   217  // IsContainer indicates whether the container uses a container's pid namespace.
   218  func (n PidMode) IsContainer() bool {
   219  	parts := strings.SplitN(string(n), ":", 2)
   220  	return len(parts) > 1 && parts[0] == "container"
   221  }
   222  
   223  // Valid indicates whether the pid namespace is valid.
   224  func (n PidMode) Valid() bool {
   225  	parts := strings.Split(string(n), ":")
   226  	switch mode := parts[0]; mode {
   227  	case "", "host":
   228  	case "container":
   229  		if len(parts) != 2 || parts[1] == "" {
   230  			return false
   231  		}
   232  	default:
   233  		return false
   234  	}
   235  	return true
   236  }
   237  
   238  // Container returns the name of the container whose pid namespace is going to be used.
   239  func (n PidMode) Container() string {
   240  	parts := strings.SplitN(string(n), ":", 2)
   241  	if len(parts) > 1 {
   242  		return parts[1]
   243  	}
   244  	return ""
   245  }
   246  
   247  // DeviceMapping represents the device mapping between the host and the container.
   248  type DeviceMapping struct {
   249  	PathOnHost        string
   250  	PathInContainer   string
   251  	CgroupPermissions string
   252  }
   253  
   254  // RestartPolicy represents the restart policies of the container.
   255  type RestartPolicy struct {
   256  	Name              string
   257  	MaximumRetryCount int
   258  }
   259  
   260  // IsNone indicates whether the container has the "no" restart policy.
   261  // This means the container will not automatically restart when exiting.
   262  func (rp *RestartPolicy) IsNone() bool {
   263  	return rp.Name == "no" || rp.Name == ""
   264  }
   265  
   266  // IsAlways indicates whether the container has the "always" restart policy.
   267  // This means the container will automatically restart regardless of the exit status.
   268  func (rp *RestartPolicy) IsAlways() bool {
   269  	return rp.Name == "always"
   270  }
   271  
   272  // IsOnFailure indicates whether the container has the "on-failure" restart policy.
   273  // This means the container will automatically restart of exiting with a non-zero exit status.
   274  func (rp *RestartPolicy) IsOnFailure() bool {
   275  	return rp.Name == "on-failure"
   276  }
   277  
   278  // IsUnlessStopped indicates whether the container has the
   279  // "unless-stopped" restart policy. This means the container will
   280  // automatically restart unless user has put it to stopped state.
   281  func (rp *RestartPolicy) IsUnlessStopped() bool {
   282  	return rp.Name == "unless-stopped"
   283  }
   284  
   285  // IsSame compares two RestartPolicy to see if they are the same
   286  func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool {
   287  	return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount
   288  }
   289  
   290  // LogMode is a type to define the available modes for logging
   291  // These modes affect how logs are handled when log messages start piling up.
   292  type LogMode string
   293  
   294  // Available logging modes
   295  const (
   296  	LogModeUnset            = ""
   297  	LogModeBlocking LogMode = "blocking"
   298  	LogModeNonBlock LogMode = "non-blocking"
   299  )
   300  
   301  // LogConfig represents the logging configuration of the container.
   302  type LogConfig struct {
   303  	Type   string
   304  	Config map[string]string
   305  }
   306  
   307  // Resources contains container's resources (cgroups config, ulimits...)
   308  type Resources struct {
   309  	// Applicable to all platforms
   310  	CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
   311  	Memory    int64 // Memory limit (in bytes)
   312  	NanoCPUs  int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs.
   313  
   314  	// Applicable to UNIX platforms
   315  	CgroupParent         string // Parent cgroup.
   316  	BlkioWeight          uint16 // Block IO weight (relative weight vs. other containers)
   317  	BlkioWeightDevice    []*blkiodev.WeightDevice
   318  	BlkioDeviceReadBps   []*blkiodev.ThrottleDevice
   319  	BlkioDeviceWriteBps  []*blkiodev.ThrottleDevice
   320  	BlkioDeviceReadIOps  []*blkiodev.ThrottleDevice
   321  	BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice
   322  	CPUPeriod            int64           `json:"CpuPeriod"`          // CPU CFS (Completely Fair Scheduler) period
   323  	CPUQuota             int64           `json:"CpuQuota"`           // CPU CFS (Completely Fair Scheduler) quota
   324  	CPURealtimePeriod    int64           `json:"CpuRealtimePeriod"`  // CPU real-time period
   325  	CPURealtimeRuntime   int64           `json:"CpuRealtimeRuntime"` // CPU real-time runtime
   326  	CpusetCpus           string          // CpusetCpus 0-2, 0,1
   327  	CpusetMems           string          // CpusetMems 0-2, 0,1
   328  	Devices              []DeviceMapping // List of devices to map inside the container
   329  	DeviceCgroupRules    []string        // List of rule to be added to the device cgroup
   330  	DiskQuota            int64           // Disk limit (in bytes)
   331  	KernelMemory         int64           // Kernel memory limit (in bytes)
   332  	MemoryReservation    int64           // Memory soft limit (in bytes)
   333  	MemorySwap           int64           // Total memory usage (memory + swap); set `-1` to enable unlimited swap
   334  	MemorySwappiness     *int64          // Tuning container memory swappiness behaviour
   335  	OomKillDisable       *bool           // Whether to disable OOM Killer or not
   336  	PidsLimit            int64           // Setting pids limit for a container
   337  	Ulimits              []*units.Ulimit // List of ulimits to be set in the container
   338  
   339  	// Applicable to Windows
   340  	CPUCount           int64  `json:"CpuCount"`   // CPU count
   341  	CPUPercent         int64  `json:"CpuPercent"` // CPU percent
   342  	IOMaximumIOps      uint64 // Maximum IOps for the container system drive
   343  	IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive
   344  }
   345  
   346  // UpdateConfig holds the mutable attributes of a Container.
   347  // Those attributes can be updated at runtime.
   348  type UpdateConfig struct {
   349  	// Contains container's resources (cgroups, ulimits)
   350  	Resources
   351  	RestartPolicy RestartPolicy
   352  }
   353  
   354  // HostConfig the non-portable Config structure of a container.
   355  // Here, "non-portable" means "dependent of the host we are running on".
   356  // Portable information *should* appear in Config.
   357  type HostConfig struct {
   358  	// Applicable to all platforms
   359  	Binds           []string      // List of volume bindings for this container
   360  	ContainerIDFile string        // File (path) where the containerId is written
   361  	LogConfig       LogConfig     // Configuration of the logs for this container
   362  	NetworkMode     NetworkMode   // Network mode to use for the container
   363  	PortBindings    nat.PortMap   // Port mapping between the exposed port (container) and the host
   364  	RestartPolicy   RestartPolicy // Restart policy to be used for the container
   365  	AutoRemove      bool          // Automatically remove container when it exits
   366  	VolumeDriver    string        // Name of the volume driver used to mount volumes
   367  	VolumesFrom     []string      // List of volumes to take from other container
   368  
   369  	// Applicable to UNIX platforms
   370  	CapAdd          strslice.StrSlice // List of kernel capabilities to add to the container
   371  	CapDrop         strslice.StrSlice // List of kernel capabilities to remove from the container
   372  	DNS             []string          `json:"Dns"`        // List of DNS server to lookup
   373  	DNSOptions      []string          `json:"DnsOptions"` // List of DNSOption to look for
   374  	DNSSearch       []string          `json:"DnsSearch"`  // List of DNSSearch to look for
   375  	ExtraHosts      []string          // List of extra hosts
   376  	GroupAdd        []string          // List of additional groups that the container process will run as
   377  	IpcMode         IpcMode           // IPC namespace to use for the container
   378  	Cgroup          CgroupSpec        // Cgroup to use for the container
   379  	Links           []string          // List of links (in the name:alias form)
   380  	OomScoreAdj     int               // Container preference for OOM-killing
   381  	PidMode         PidMode           // PID namespace to use for the container
   382  	Privileged      bool              // Is the container in privileged mode
   383  	PublishAllPorts bool              // Should docker publish all exposed port for the container
   384  	ReadonlyRootfs  bool              // Is the container root filesystem in read-only
   385  	SecurityOpt     []string          // List of string values to customize labels for MLS systems, such as SELinux.
   386  	StorageOpt      map[string]string `json:",omitempty"` // Storage driver options per container.
   387  	Tmpfs           map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container
   388  	UTSMode         UTSMode           // UTS namespace to use for the container
   389  	UsernsMode      UsernsMode        // The user namespace to use for the container
   390  	ShmSize         int64             // Total shm memory usage
   391  	Sysctls         map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
   392  	Runtime         string            `json:",omitempty"` // Runtime to use with this container
   393  
   394  	// Applicable to Windows
   395  	ConsoleSize [2]uint   // Initial console size (height,width)
   396  	Isolation   Isolation // Isolation technology of the container (e.g. default, hyperv)
   397  
   398  	// Contains container's resources (cgroups, ulimits)
   399  	Resources
   400  
   401  	// Mounts specs used by the container
   402  	Mounts []mount.Mount `json:",omitempty"`
   403  
   404  	// Run a custom init inside the container, if null, use the daemon's configured settings
   405  	Init *bool `json:",omitempty"`
   406  }