apptainerconf

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: BSD-3-Clause Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const TemplateAsset = `` /* 20727-byte string literal not displayed */

Variables

This section is empty.

Functions

func ApplyBuildConfig added in v1.1.0 

func ApplyBuildConfig(config *File)

GetBuildConfig returns the configuration to be used for building containers

func Generate 

func Generate(out io.Writer, tmplPath string, config *File) error

Generate executes the default template asset on File object if no custom template path is provided otherwise it uses the template found in the path.

func HasDirective 

func HasDirective(directive string) bool

HasDirective returns if the directive is present or not.

func SetBinaryPath added in v1.1.0 

func SetBinaryPath(libexecDir string, nonSuid bool)

SetBinaryPath sets the value of the binary path, substituting the user's $PATH plus ":" for "$PATH:" in BinaryPath. If nonSuid is true, then SuidBinaryPath gets the same value as BinaryPath, otherwise SuidBinaryPath gets the value of the binary path with with "$PATH:" replaced with nothing. libexecdir + "apptainer/bin" is always included either at the beginning of $PATH if present, or the very beginning.

func SetCurrentConfig 

func SetCurrentConfig(config *File)

SetCurrentConfig sets the provided configuration as the current configuration.

Types

type Directives 

type Directives map[string][]string

Directives represents the configuration directives type holding directives mapped to their respective values.

func GetDirectives 

func GetDirectives(reader io.Reader) (Directives, error)

GetDirectives parses configuration directives from reader and returns a directive map with associated values.

type File 

type File struct {
	AllowSetuid               bool     `default:"yes" authorized:"yes,no" directive:"allow setuid"`
	AllowPidNs                bool     `default:"yes" authorized:"yes,no" directive:"allow pid ns"`
	ConfigPasswd              bool     `default:"yes" authorized:"yes,no" directive:"config passwd"`
	ConfigGroup               bool     `default:"yes" authorized:"yes,no" directive:"config group"`
	ConfigResolvConf          bool     `default:"yes" authorized:"yes,no" directive:"config resolv_conf"`
	MountProc                 bool     `default:"yes" authorized:"yes,no" directive:"mount proc"`
	MountSys                  bool     `default:"yes" authorized:"yes,no" directive:"mount sys"`
	MountDevPts               bool     `default:"yes" authorized:"yes,no" directive:"mount devpts"`
	MountHome                 bool     `default:"yes" authorized:"yes,no" directive:"mount home"`
	MountTmp                  bool     `default:"yes" authorized:"yes,no" directive:"mount tmp"`
	MountHostfs               bool     `default:"no" authorized:"yes,no" directive:"mount hostfs"`
	UserBindControl           bool     `default:"yes" authorized:"yes,no" directive:"user bind control"`
	EnableFusemount           bool     `default:"yes" authorized:"yes,no" directive:"enable fusemount"`
	EnableUnderlay            string   `default:"yes" authorized:"yes,no,preferred" directive:"enable underlay"`
	MountSlave                bool     `default:"yes" authorized:"yes,no" directive:"mount slave"`
	AllowContainerSIF         bool     `default:"yes" authorized:"yes,no" directive:"allow container sif"`
	AllowContainerEncrypted   bool     `default:"yes" authorized:"yes,no" directive:"allow container encrypted"`
	AllowContainerSquashfs    bool     `default:"yes" authorized:"yes,no" directive:"allow container squashfs"`
	AllowContainerExtfs       bool     `default:"yes" authorized:"yes,no" directive:"allow container extfs"`
	AllowContainerDir         bool     `default:"yes" authorized:"yes,no" directive:"allow container dir"`
	AllowSetuidMountEncrypted bool     `default:"yes" authorized:"yes,no" directive:"allow setuid-mount encrypted"`
	AllowSetuidMountSquashfs  string   `default:"iflimited" authorized:"yes,no,iflimited" directive:"allow setuid-mount squashfs"`
	AllowSetuidMountExtfs     bool     `default:"no" authorized:"yes,no" directive:"allow setuid-mount extfs"`
	AlwaysUseNv               bool     `default:"no" authorized:"yes,no" directive:"always use nv"`
	UseNvCCLI                 bool     `default:"no" authorized:"yes,no" directive:"use nvidia-container-cli"`
	AlwaysUseRocm             bool     `default:"no" authorized:"yes,no" directive:"always use rocm"`
	SharedLoopDevices         bool     `default:"no" authorized:"yes,no" directive:"shared loop devices"`
	MaxLoopDevices            uint     `default:"256" directive:"max loop devices"`
	SessiondirMaxSize         uint     `default:"64" directive:"sessiondir max size"`
	MountDev                  string   `default:"yes" authorized:"yes,no,minimal" directive:"mount dev"`
	EnableOverlay             string   `default:"yes" authorized:"yes,no,try,driver" directive:"enable overlay"`
	BindPath                  []string `default:"/etc/localtime,/etc/hosts" directive:"bind path"`
	LimitContainerOwners      []string `directive:"limit container owners"`
	LimitContainerGroups      []string `directive:"limit container groups"`
	LimitContainerPaths       []string `directive:"limit container paths"`
	AllowNetUsers             []string `directive:"allow net users"`
	AllowNetGroups            []string `directive:"allow net groups"`
	AllowNetNetworks          []string `directive:"allow net networks"`
	RootDefaultCapabilities   string   `default:"full" authorized:"full,file,no" directive:"root default capabilities"`
	MemoryFSType              string   `default:"tmpfs" authorized:"tmpfs,ramfs" directive:"memory fs type"`
	CniConfPath               string   `directive:"cni configuration path"`
	CniPluginPath             string   `directive:"cni plugin path"`
	BinaryPath                string   `default:"$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" directive:"binary path"`
	// SuidBinaryPath is hidden; it is not referenced below, and overwritten
	SuidBinaryPath      string `directive:"suidbinary path"`
	MksquashfsProcs     uint   `default:"0" directive:"mksquashfs procs"`
	MksquashfsMem       string `directive:"mksquashfs mem"`
	ImageDriver         string `directive:"image driver"`
	DownloadConcurrency uint   `default:"3" directive:"download concurrency"`
	DownloadPartSize    uint   `default:"5242880" directive:"download part size"`
	DownloadBufferSize  uint   `default:"32768" directive:"download buffer size"`
	SystemdCgroups      bool   `default:"yes" authorized:"yes,no" directive:"systemd cgroups"`
	// apptheus unix socket
	ApptheusSocketPath string `default:"/run/apptheus/gateway.sock" directive:"apptheus communication socket path"`
	// Allow monitoring by apptheus, default is `no` because it requires an additional tool, i.e. apptheus
	AllowMonitoring bool `default:"no" authorized:"yes,no" directive:"allow monitoring"`
}

File describes the apptainer.conf file options

func GetConfig 

func GetConfig(directives Directives) (*File, error)

GetConfig sets the corresponding interface fields associated with directives.

func GetCurrentConfig 

func GetCurrentConfig() *File

GetCurrentConfig returns the current configuration if any.

func Parse 

func Parse(filepath string) (*File, error)

Parse parses configuration file with the specified path.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.