github.com/zhuohuang-hust/src-cbuild@v0.0.0-20230105071821-c7aab3e7c840/api/types/container/host_config.go (about)

     1  package container
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/docker/docker/api/types/blkiodev"
     7  	"github.com/docker/docker/api/types/mount"
     8  	"github.com/docker/docker/api/types/strslice"
     9  	"github.com/docker/go-connections/nat"
    10  	"github.com/docker/go-units"
    11  )
    12  
    13  // NetworkMode represents the container network stack.
    14  type NetworkMode string
    15  
    16  // Isolation represents the isolation technology of a container. The supported
    17  // values are platform specific
    18  type Isolation string
    19  
    20  // IsDefault indicates the default isolation technology of a container. On Linux this
    21  // is the native driver. On Windows, this is a Windows Server Container.
    22  func (i Isolation) IsDefault() bool {
    23  	return strings.ToLower(string(i)) == "default" || string(i) == ""
    24  }
    25  
    26  // IpcMode represents the container ipc stack.
    27  type IpcMode string
    28  
    29  // IsPrivate indicates whether the container uses its private ipc stack.
    30  func (n IpcMode) IsPrivate() bool {
    31  	return !(n.IsHost() || n.IsContainer())
    32  }
    33  
    34  // IsHost indicates whether the container uses the host's ipc stack.
    35  func (n IpcMode) IsHost() bool {
    36  	return n == "host"
    37  }
    38  
    39  // IsContainer indicates whether the container uses a container's ipc stack.
    40  func (n IpcMode) IsContainer() bool {
    41  	parts := strings.SplitN(string(n), ":", 2)
    42  	return len(parts) > 1 && parts[0] == "container"
    43  }
    44  
    45  // Valid indicates whether the ipc stack is valid.
    46  func (n IpcMode) Valid() bool {
    47  	parts := strings.Split(string(n), ":")
    48  	switch mode := parts[0]; mode {
    49  	case "", "host":
    50  	case "container":
    51  		if len(parts) != 2 || parts[1] == "" {
    52  			return false
    53  		}
    54  	default:
    55  		return false
    56  	}
    57  	return true
    58  }
    59  
    60  // Container returns the name of the container ipc stack is going to be used.
    61  func (n IpcMode) Container() string {
    62  	parts := strings.SplitN(string(n), ":", 2)
    63  	if len(parts) > 1 {
    64  		return parts[1]
    65  	}
    66  	return ""
    67  }
    68  
    69  // UsernsMode represents userns mode in the container.
    70  type UsernsMode string
    71  
    72  // IsHost indicates whether the container uses the host's userns.
    73  func (n UsernsMode) IsHost() bool {
    74  	return n == "host"
    75  }
    76  
    77  // IsPrivate indicates whether the container uses the a private userns.
    78  func (n UsernsMode) IsPrivate() bool {
    79  	return !(n.IsHost())
    80  }
    81  
    82  // Valid indicates whether the userns is valid.
    83  func (n UsernsMode) Valid() bool {
    84  	parts := strings.Split(string(n), ":")
    85  	switch mode := parts[0]; mode {
    86  	case "", "host":
    87  	default:
    88  		return false
    89  	}
    90  	return true
    91  }
    92  
    93  // CgroupSpec represents the cgroup to use for the container.
    94  type CgroupSpec string
    95  
    96  // IsContainer indicates whether the container is using another container cgroup
    97  func (c CgroupSpec) IsContainer() bool {
    98  	parts := strings.SplitN(string(c), ":", 2)
    99  	return len(parts) > 1 && parts[0] == "container"
   100  }
   101  
   102  // Valid indicates whether the cgroup spec is valid.
   103  func (c CgroupSpec) Valid() bool {
   104  	return c.IsContainer() || c == ""
   105  }
   106  
   107  // Container returns the name of the container whose cgroup will be used.
   108  func (c CgroupSpec) Container() string {
   109  	parts := strings.SplitN(string(c), ":", 2)
   110  	if len(parts) > 1 {
   111  		return parts[1]
   112  	}
   113  	return ""
   114  }
   115  
   116  // UTSMode represents the UTS namespace of the container.
   117  type UTSMode string
   118  
   119  // IsPrivate indicates whether the container uses its private UTS namespace.
   120  func (n UTSMode) IsPrivate() bool {
   121  	return !(n.IsHost())
   122  }
   123  
   124  // IsHost indicates whether the container uses the host's UTS namespace.
   125  func (n UTSMode) IsHost() bool {
   126  	return n == "host"
   127  }
   128  
   129  // Valid indicates whether the UTS namespace is valid.
   130  func (n UTSMode) Valid() bool {
   131  	parts := strings.Split(string(n), ":")
   132  	switch mode := parts[0]; mode {
   133  	case "", "host":
   134  	default:
   135  		return false
   136  	}
   137  	return true
   138  }
   139  
   140  // PidMode represents the pid namespace of the container.
   141  type PidMode string
   142  
   143  // IsPrivate indicates whether the container uses its own new pid namespace.
   144  func (n PidMode) IsPrivate() bool {
   145  	return !(n.IsHost() || n.IsContainer())
   146  }
   147  
   148  // IsHost indicates whether the container uses the host's pid namespace.
   149  func (n PidMode) IsHost() bool {
   150  	return n == "host"
   151  }
   152  
   153  // IsContainer indicates whether the container uses a container's pid namespace.
   154  func (n PidMode) IsContainer() bool {
   155  	parts := strings.SplitN(string(n), ":", 2)
   156  	return len(parts) > 1 && parts[0] == "container"
   157  }
   158  
   159  // Valid indicates whether the pid namespace is valid.
   160  func (n PidMode) Valid() bool {
   161  	parts := strings.Split(string(n), ":")
   162  	switch mode := parts[0]; mode {
   163  	case "", "host":
   164  	case "container":
   165  		if len(parts) != 2 || parts[1] == "" {
   166  			return false
   167  		}
   168  	default:
   169  		return false
   170  	}
   171  	return true
   172  }
   173  
   174  // Container returns the name of the container whose pid namespace is going to be used.
   175  func (n PidMode) Container() string {
   176  	parts := strings.SplitN(string(n), ":", 2)
   177  	if len(parts) > 1 {
   178  		return parts[1]
   179  	}
   180  	return ""
   181  }
   182  
   183  // DeviceMapping represents the device mapping between the host and the container.
   184  type DeviceMapping struct {
   185  	PathOnHost        string
   186  	PathInContainer   string
   187  	CgroupPermissions string
   188  }
   189  
   190  // RestartPolicy represents the restart policies of the container.
   191  type RestartPolicy struct {
   192  	Name              string
   193  	MaximumRetryCount int
   194  }
   195  
   196  // IsNone indicates whether the container has the "no" restart policy.
   197  // This means the container will not automatically restart when exiting.
   198  func (rp *RestartPolicy) IsNone() bool {
   199  	return rp.Name == "no" || rp.Name == ""
   200  }
   201  
   202  // IsAlways indicates whether the container has the "always" restart policy.
   203  // This means the container will automatically restart regardless of the exit status.
   204  func (rp *RestartPolicy) IsAlways() bool {
   205  	return rp.Name == "always"
   206  }
   207  
   208  // IsOnFailure indicates whether the container has the "on-failure" restart policy.
   209  // This means the container will automatically restart of exiting with a non-zero exit status.
   210  func (rp *RestartPolicy) IsOnFailure() bool {
   211  	return rp.Name == "on-failure"
   212  }
   213  
   214  // IsUnlessStopped indicates whether the container has the
   215  // "unless-stopped" restart policy. This means the container will
   216  // automatically restart unless user has put it to stopped state.
   217  func (rp *RestartPolicy) IsUnlessStopped() bool {
   218  	return rp.Name == "unless-stopped"
   219  }
   220  
   221  // IsSame compares two RestartPolicy to see if they are the same
   222  func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool {
   223  	return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount
   224  }
   225  
   226  // LogConfig represents the logging configuration of the container.
   227  type LogConfig struct {
   228  	Type   string
   229  	Config map[string]string
   230  }
   231  
   232  // Resources contains container's resources (cgroups config, ulimits...)
   233  type Resources struct {
   234  	// Applicable to all platforms
   235  	CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
   236  	Memory    int64 // Memory limit (in bytes)
   237  	NanoCPUs  int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs.
   238  
   239  	// Applicable to UNIX platforms
   240  	CgroupParent         string // Parent cgroup.
   241  	BlkioWeight          uint16 // Block IO weight (relative weight vs. other containers)
   242  	BlkioWeightDevice    []*blkiodev.WeightDevice
   243  	BlkioDeviceReadBps   []*blkiodev.ThrottleDevice
   244  	BlkioDeviceWriteBps  []*blkiodev.ThrottleDevice
   245  	BlkioDeviceReadIOps  []*blkiodev.ThrottleDevice
   246  	BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice
   247  	CPUPeriod            int64           `json:"CpuPeriod"`          // CPU CFS (Completely Fair Scheduler) period
   248  	CPUQuota             int64           `json:"CpuQuota"`           // CPU CFS (Completely Fair Scheduler) quota
   249  	CPURealtimePeriod    int64           `json:"CpuRealtimePeriod"`  // CPU real-time period
   250  	CPURealtimeRuntime   int64           `json:"CpuRealtimeRuntime"` // CPU real-time runtime
   251  	CpusetCpus           string          // CpusetCpus 0-2, 0,1
   252  	CpusetMems           string          // CpusetMems 0-2, 0,1
   253  	Devices              []DeviceMapping // List of devices to map inside the container
   254  	DiskQuota            int64           // Disk limit (in bytes)
   255  	KernelMemory         int64           // Kernel memory limit (in bytes)
   256  	MemoryReservation    int64           // Memory soft limit (in bytes)
   257  	MemorySwap           int64           // Total memory usage (memory + swap); set `-1` to enable unlimited swap
   258  	MemorySwappiness     *int64          // Tuning container memory swappiness behaviour
   259  	OomKillDisable       *bool           // Whether to disable OOM Killer or not
   260  	PidsLimit            int64           // Setting pids limit for a container
   261  	Ulimits              []*units.Ulimit // List of ulimits to be set in the container
   262  
   263  	// Applicable to Windows
   264  	CPUCount           int64  `json:"CpuCount"`   // CPU count
   265  	CPUPercent         int64  `json:"CpuPercent"` // CPU percent
   266  	IOMaximumIOps      uint64 // Maximum IOps for the container system drive
   267  	IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive
   268  }
   269  
   270  // UpdateConfig holds the mutable attributes of a Container.
   271  // Those attributes can be updated at runtime.
   272  type UpdateConfig struct {
   273  	// Contains container's resources (cgroups, ulimits)
   274  	Resources
   275  	RestartPolicy RestartPolicy
   276  }
   277  
   278  // HostConfig the non-portable Config structure of a container.
   279  // Here, "non-portable" means "dependent of the host we are running on".
   280  // Portable information *should* appear in Config.
   281  type HostConfig struct {
   282  	// Applicable to all platforms
   283  	Binds           []string      // List of volume bindings for this container
   284  	ContainerIDFile string        // File (path) where the containerId is written
   285  	LogConfig       LogConfig     // Configuration of the logs for this container
   286  	NetworkMode     NetworkMode   // Network mode to use for the container
   287  	PortBindings    nat.PortMap   // Port mapping between the exposed port (container) and the host
   288  	RestartPolicy   RestartPolicy // Restart policy to be used for the container
   289  	AutoRemove      bool          // Automatically remove container when it exits
   290  	VolumeDriver    string        // Name of the volume driver used to mount volumes
   291  	VolumesFrom     []string      // List of volumes to take from other container
   292  
   293  	// Applicable to UNIX platforms
   294  	CapAdd          strslice.StrSlice // List of kernel capabilities to add to the container
   295  	CapDrop         strslice.StrSlice // List of kernel capabilities to remove from the container
   296  	DNS             []string          `json:"Dns"`        // List of DNS server to lookup
   297  	DNSOptions      []string          `json:"DnsOptions"` // List of DNSOption to look for
   298  	DNSSearch       []string          `json:"DnsSearch"`  // List of DNSSearch to look for
   299  	ExtraHosts      []string          // List of extra hosts
   300  	GroupAdd        []string          // List of additional groups that the container process will run as
   301  	IpcMode         IpcMode           // IPC namespace to use for the container
   302  	Cgroup          CgroupSpec        // Cgroup to use for the container
   303  	Links           []string          // List of links (in the name:alias form)
   304  	OomScoreAdj     int               // Container preference for OOM-killing
   305  	PidMode         PidMode           // PID namespace to use for the container
   306  	Privileged      bool              // Is the container in privileged mode
   307  	PublishAllPorts bool              // Should docker publish all exposed port for the container
   308  	ReadonlyRootfs  bool              // Is the container root filesystem in read-only
   309  	SecurityOpt     []string          // List of string values to customize labels for MLS systems, such as SELinux.
   310  	StorageOpt      map[string]string `json:",omitempty"` // Storage driver options per container.
   311  	Tmpfs           map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container
   312  	UTSMode         UTSMode           // UTS namespace to use for the container
   313  	UsernsMode      UsernsMode        // The user namespace to use for the container
   314  	ShmSize         int64             // Total shm memory usage
   315  	Sysctls         map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
   316  	Runtime         string            `json:",omitempty"` // Runtime to use with this container
   317  
   318  	// Applicable to Windows
   319  	ConsoleSize [2]uint   // Initial console size (height,width)
   320  	Isolation   Isolation // Isolation technology of the container (eg default, hyperv)
   321  
   322  	// Contains container's resources (cgroups, ulimits)
   323  	Resources
   324  
   325  	// Mounts specs used by the container
   326  	Mounts []mount.Mount `json:",omitempty"`
   327  
   328  	// Run a custom init inside the container, if null, use the daemon's configured settings
   329  	Init *bool `json:",omitempty"`
   330  
   331  	// Custom init path
   332  	InitPath string `json:",omitempty"`
   333  }