github.com/shishir-a412ed/docker@v1.3.2-0.20180103180333-fda904911d87/api/types/container/host_config.go (about) 1 package container 2 3 import ( 4 "strings" 5 6 "github.com/docker/docker/api/types/blkiodev" 7 "github.com/docker/docker/api/types/mount" 8 "github.com/docker/docker/api/types/strslice" 9 "github.com/docker/go-connections/nat" 10 "github.com/docker/go-units" 11 ) 12 13 // Isolation represents the isolation technology of a container. The supported 14 // values are platform specific 15 type Isolation string 16 17 // IsDefault indicates the default isolation technology of a container. On Linux this 18 // is the native driver. On Windows, this is a Windows Server Container. 19 func (i Isolation) IsDefault() bool { 20 return strings.ToLower(string(i)) == "default" || string(i) == "" 21 } 22 23 // IsHyperV indicates the use of a Hyper-V partition for isolation 24 func (i Isolation) IsHyperV() bool { 25 return strings.ToLower(string(i)) == "hyperv" 26 } 27 28 // IsProcess indicates the use of process isolation 29 func (i Isolation) IsProcess() bool { 30 return strings.ToLower(string(i)) == "process" 31 } 32 33 const ( 34 // IsolationEmpty is unspecified (same behavior as default) 35 IsolationEmpty = Isolation("") 36 // IsolationDefault is the default isolation mode on current daemon 37 IsolationDefault = Isolation("default") 38 // IsolationProcess is process isolation mode 39 IsolationProcess = Isolation("process") 40 // IsolationHyperV is HyperV isolation mode 41 IsolationHyperV = Isolation("hyperv") 42 ) 43 44 // IpcMode represents the container ipc stack. 45 type IpcMode string 46 47 // IsPrivate indicates whether the container uses its own private ipc namespace which can not be shared. 48 func (n IpcMode) IsPrivate() bool { 49 return n == "private" 50 } 51 52 // IsHost indicates whether the container shares the host's ipc namespace. 53 func (n IpcMode) IsHost() bool { 54 return n == "host" 55 } 56 57 // IsShareable indicates whether the container's ipc namespace can be shared with another container. 58 func (n IpcMode) IsShareable() bool { 59 return n == "shareable" 60 } 61 62 // IsContainer indicates whether the container uses another container's ipc namespace. 63 func (n IpcMode) IsContainer() bool { 64 parts := strings.SplitN(string(n), ":", 2) 65 return len(parts) > 1 && parts[0] == "container" 66 } 67 68 // IsNone indicates whether container IpcMode is set to "none". 69 func (n IpcMode) IsNone() bool { 70 return n == "none" 71 } 72 73 // IsEmpty indicates whether container IpcMode is empty 74 func (n IpcMode) IsEmpty() bool { 75 return n == "" 76 } 77 78 // Valid indicates whether the ipc mode is valid. 79 func (n IpcMode) Valid() bool { 80 return n.IsEmpty() || n.IsNone() || n.IsPrivate() || n.IsHost() || n.IsShareable() || n.IsContainer() 81 } 82 83 // Container returns the name of the container ipc stack is going to be used. 84 func (n IpcMode) Container() string { 85 parts := strings.SplitN(string(n), ":", 2) 86 if len(parts) > 1 && parts[0] == "container" { 87 return parts[1] 88 } 89 return "" 90 } 91 92 // NetworkMode represents the container network stack. 93 type NetworkMode string 94 95 // IsNone indicates whether container isn't using a network stack. 96 func (n NetworkMode) IsNone() bool { 97 return n == "none" 98 } 99 100 // IsDefault indicates whether container uses the default network stack. 101 func (n NetworkMode) IsDefault() bool { 102 return n == "default" 103 } 104 105 // IsPrivate indicates whether container uses its private network stack. 106 func (n NetworkMode) IsPrivate() bool { 107 return !(n.IsHost() || n.IsContainer()) 108 } 109 110 // IsContainer indicates whether container uses a container network stack. 111 func (n NetworkMode) IsContainer() bool { 112 parts := strings.SplitN(string(n), ":", 2) 113 return len(parts) > 1 && parts[0] == "container" 114 } 115 116 // ConnectedContainer is the id of the container which network this container is connected to. 117 func (n NetworkMode) ConnectedContainer() string { 118 parts := strings.SplitN(string(n), ":", 2) 119 if len(parts) > 1 { 120 return parts[1] 121 } 122 return "" 123 } 124 125 //UserDefined indicates user-created network 126 func (n NetworkMode) UserDefined() string { 127 if n.IsUserDefined() { 128 return string(n) 129 } 130 return "" 131 } 132 133 // UsernsMode represents userns mode in the container. 134 type UsernsMode string 135 136 // IsHost indicates whether the container uses the host's userns. 137 func (n UsernsMode) IsHost() bool { 138 return n == "host" 139 } 140 141 // IsPrivate indicates whether the container uses the a private userns. 142 func (n UsernsMode) IsPrivate() bool { 143 return !(n.IsHost()) 144 } 145 146 // Valid indicates whether the userns is valid. 147 func (n UsernsMode) Valid() bool { 148 parts := strings.Split(string(n), ":") 149 switch mode := parts[0]; mode { 150 case "", "host": 151 default: 152 return false 153 } 154 return true 155 } 156 157 // CgroupSpec represents the cgroup to use for the container. 158 type CgroupSpec string 159 160 // IsContainer indicates whether the container is using another container cgroup 161 func (c CgroupSpec) IsContainer() bool { 162 parts := strings.SplitN(string(c), ":", 2) 163 return len(parts) > 1 && parts[0] == "container" 164 } 165 166 // Valid indicates whether the cgroup spec is valid. 167 func (c CgroupSpec) Valid() bool { 168 return c.IsContainer() || c == "" 169 } 170 171 // Container returns the name of the container whose cgroup will be used. 172 func (c CgroupSpec) Container() string { 173 parts := strings.SplitN(string(c), ":", 2) 174 if len(parts) > 1 { 175 return parts[1] 176 } 177 return "" 178 } 179 180 // UTSMode represents the UTS namespace of the container. 181 type UTSMode string 182 183 // IsPrivate indicates whether the container uses its private UTS namespace. 184 func (n UTSMode) IsPrivate() bool { 185 return !(n.IsHost()) 186 } 187 188 // IsHost indicates whether the container uses the host's UTS namespace. 189 func (n UTSMode) IsHost() bool { 190 return n == "host" 191 } 192 193 // Valid indicates whether the UTS namespace is valid. 194 func (n UTSMode) Valid() bool { 195 parts := strings.Split(string(n), ":") 196 switch mode := parts[0]; mode { 197 case "", "host": 198 default: 199 return false 200 } 201 return true 202 } 203 204 // PidMode represents the pid namespace of the container. 205 type PidMode string 206 207 // IsPrivate indicates whether the container uses its own new pid namespace. 208 func (n PidMode) IsPrivate() bool { 209 return !(n.IsHost() || n.IsContainer()) 210 } 211 212 // IsHost indicates whether the container uses the host's pid namespace. 213 func (n PidMode) IsHost() bool { 214 return n == "host" 215 } 216 217 // IsContainer indicates whether the container uses a container's pid namespace. 218 func (n PidMode) IsContainer() bool { 219 parts := strings.SplitN(string(n), ":", 2) 220 return len(parts) > 1 && parts[0] == "container" 221 } 222 223 // Valid indicates whether the pid namespace is valid. 224 func (n PidMode) Valid() bool { 225 parts := strings.Split(string(n), ":") 226 switch mode := parts[0]; mode { 227 case "", "host": 228 case "container": 229 if len(parts) != 2 || parts[1] == "" { 230 return false 231 } 232 default: 233 return false 234 } 235 return true 236 } 237 238 // Container returns the name of the container whose pid namespace is going to be used. 239 func (n PidMode) Container() string { 240 parts := strings.SplitN(string(n), ":", 2) 241 if len(parts) > 1 { 242 return parts[1] 243 } 244 return "" 245 } 246 247 // DeviceMapping represents the device mapping between the host and the container. 248 type DeviceMapping struct { 249 PathOnHost string 250 PathInContainer string 251 CgroupPermissions string 252 } 253 254 // RestartPolicy represents the restart policies of the container. 255 type RestartPolicy struct { 256 Name string 257 MaximumRetryCount int 258 } 259 260 // IsNone indicates whether the container has the "no" restart policy. 261 // This means the container will not automatically restart when exiting. 262 func (rp *RestartPolicy) IsNone() bool { 263 return rp.Name == "no" || rp.Name == "" 264 } 265 266 // IsAlways indicates whether the container has the "always" restart policy. 267 // This means the container will automatically restart regardless of the exit status. 268 func (rp *RestartPolicy) IsAlways() bool { 269 return rp.Name == "always" 270 } 271 272 // IsOnFailure indicates whether the container has the "on-failure" restart policy. 273 // This means the container will automatically restart of exiting with a non-zero exit status. 274 func (rp *RestartPolicy) IsOnFailure() bool { 275 return rp.Name == "on-failure" 276 } 277 278 // IsUnlessStopped indicates whether the container has the 279 // "unless-stopped" restart policy. This means the container will 280 // automatically restart unless user has put it to stopped state. 281 func (rp *RestartPolicy) IsUnlessStopped() bool { 282 return rp.Name == "unless-stopped" 283 } 284 285 // IsSame compares two RestartPolicy to see if they are the same 286 func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool { 287 return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount 288 } 289 290 // LogMode is a type to define the available modes for logging 291 // These modes affect how logs are handled when log messages start piling up. 292 type LogMode string 293 294 // Available logging modes 295 const ( 296 LogModeUnset = "" 297 LogModeBlocking LogMode = "blocking" 298 LogModeNonBlock LogMode = "non-blocking" 299 ) 300 301 // LogConfig represents the logging configuration of the container. 302 type LogConfig struct { 303 Type string 304 Config map[string]string 305 } 306 307 // Resources contains container's resources (cgroups config, ulimits...) 308 type Resources struct { 309 // Applicable to all platforms 310 CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers) 311 Memory int64 // Memory limit (in bytes) 312 NanoCPUs int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs. 313 314 // Applicable to UNIX platforms 315 CgroupParent string // Parent cgroup. 316 BlkioWeight uint16 // Block IO weight (relative weight vs. other containers) 317 BlkioWeightDevice []*blkiodev.WeightDevice 318 BlkioDeviceReadBps []*blkiodev.ThrottleDevice 319 BlkioDeviceWriteBps []*blkiodev.ThrottleDevice 320 BlkioDeviceReadIOps []*blkiodev.ThrottleDevice 321 BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice 322 CPUPeriod int64 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period 323 CPUQuota int64 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota 324 CPURealtimePeriod int64 `json:"CpuRealtimePeriod"` // CPU real-time period 325 CPURealtimeRuntime int64 `json:"CpuRealtimeRuntime"` // CPU real-time runtime 326 CpusetCpus string // CpusetCpus 0-2, 0,1 327 CpusetMems string // CpusetMems 0-2, 0,1 328 Devices []DeviceMapping // List of devices to map inside the container 329 DeviceCgroupRules []string // List of rule to be added to the device cgroup 330 DiskQuota int64 // Disk limit (in bytes) 331 KernelMemory int64 // Kernel memory limit (in bytes) 332 MemoryReservation int64 // Memory soft limit (in bytes) 333 MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap 334 MemorySwappiness *int64 // Tuning container memory swappiness behaviour 335 OomKillDisable *bool // Whether to disable OOM Killer or not 336 PidsLimit int64 // Setting pids limit for a container 337 Ulimits []*units.Ulimit // List of ulimits to be set in the container 338 339 // Applicable to Windows 340 CPUCount int64 `json:"CpuCount"` // CPU count 341 CPUPercent int64 `json:"CpuPercent"` // CPU percent 342 IOMaximumIOps uint64 // Maximum IOps for the container system drive 343 IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive 344 } 345 346 // UpdateConfig holds the mutable attributes of a Container. 347 // Those attributes can be updated at runtime. 348 type UpdateConfig struct { 349 // Contains container's resources (cgroups, ulimits) 350 Resources 351 RestartPolicy RestartPolicy 352 } 353 354 // HostConfig the non-portable Config structure of a container. 355 // Here, "non-portable" means "dependent of the host we are running on". 356 // Portable information *should* appear in Config. 357 type HostConfig struct { 358 // Applicable to all platforms 359 Binds []string // List of volume bindings for this container 360 ContainerIDFile string // File (path) where the containerId is written 361 LogConfig LogConfig // Configuration of the logs for this container 362 NetworkMode NetworkMode // Network mode to use for the container 363 PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host 364 RestartPolicy RestartPolicy // Restart policy to be used for the container 365 AutoRemove bool // Automatically remove container when it exits 366 VolumeDriver string // Name of the volume driver used to mount volumes 367 VolumesFrom []string // List of volumes to take from other container 368 369 // Applicable to UNIX platforms 370 CapAdd strslice.StrSlice // List of kernel capabilities to add to the container 371 CapDrop strslice.StrSlice // List of kernel capabilities to remove from the container 372 DNS []string `json:"Dns"` // List of DNS server to lookup 373 DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for 374 DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for 375 ExtraHosts []string // List of extra hosts 376 GroupAdd []string // List of additional groups that the container process will run as 377 IpcMode IpcMode // IPC namespace to use for the container 378 Cgroup CgroupSpec // Cgroup to use for the container 379 Links []string // List of links (in the name:alias form) 380 OomScoreAdj int // Container preference for OOM-killing 381 PidMode PidMode // PID namespace to use for the container 382 Privileged bool // Is the container in privileged mode 383 PublishAllPorts bool // Should docker publish all exposed port for the container 384 ReadonlyRootfs bool // Is the container root filesystem in read-only 385 SecurityOpt []string // List of string values to customize labels for MLS systems, such as SELinux. 386 StorageOpt map[string]string `json:",omitempty"` // Storage driver options per container. 387 Tmpfs map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container 388 UTSMode UTSMode // UTS namespace to use for the container 389 UsernsMode UsernsMode // The user namespace to use for the container 390 ShmSize int64 // Total shm memory usage 391 Sysctls map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container 392 Runtime string `json:",omitempty"` // Runtime to use with this container 393 394 // Applicable to Windows 395 ConsoleSize [2]uint // Initial console size (height,width) 396 Isolation Isolation // Isolation technology of the container (e.g. default, hyperv) 397 398 // Contains container's resources (cgroups, ulimits) 399 Resources 400 401 // Mounts specs used by the container 402 Mounts []mount.Mount `json:",omitempty"` 403 404 // Run a custom init inside the container, if null, use the daemon's configured settings 405 Init *bool `json:",omitempty"` 406 }