types

package
v0.0.0-...-c3677c5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 10, 2023 License: Apache-2.0 Imports: 31 Imported by: 8

Documentation

Index

Constants

View Source 
const (

	// DefaultOciRuntime is the default oci-compliant runtime used to run system services
	DefaultOciRuntime = "runc"
	MainContainerName = "main"
)
View Source 
const (
	SidecarTitusContainer          = "titus-container"
	SidecarServiceAbMetrix         = "abmetrix"
	SidecarServiceLogViewer        = "logviewer"
	SidecarServiceMetatron         = "metatron"
	SidecarServiceServiceMesh      = "servicemesh"
	SidecarServiceSshd             = "sshd"
	SidecarServiceSpectatord       = "spectatord"
	SidecarServiceSystemDNS        = "systemdns"
	SidecarServiceTracingCollector = "tracing-collector"
	SidecarServiceAtlasTitusAgent  = "atlas-titus-agent"
	SidecarTitusStorage            = "titus-storage"
	SidecarSeccompAgent            = "seccomp-agent"
	SidecarServiceMetadataProxy    = "metadata-proxy"
	SidecarContainerTools          = "container-tools"
	SidecarTrafficSteering         = "traffic-steering"
)
View Source 
const (
	// TitusEnvironmentsDir is the directory we write Titus environment files and JSON configs to
	TitusEnvironmentsDir = "/var/lib/titus-environments"

	// TitusRuntimeEnvVariableName is used to pass the name of the oci-compliant runtime used to run a container.
	// This can be used to construct the root path for runc to use to run system services.
	TitusRuntimeEnvVariableName = "TITUS_OCI_RUNTIME"

	// VPCIPv4Label is the VPC address of the container.
	//
	// Deprecated: Titus does not support non-VPC addresses, so NetIPv4Label
	// should be used instead
	VPCIPv4Label = "titus.vpc.ipv4"
	// NetIPv4Label is the canonical network address of the container
	NetIPv4Label = "titus.net.ipv4"
	// HTBClassIDLabel is the HTB Class ID used by the container
	HTBClassIDLabel = "titus.net.htbclassid"

	// Make the linter happy
	True  = "true"
	False = "false"
)
View Source 
const (
	StatusUnknown = Status(iota)
	StatusRunning
	StatusFinished
	StatusFailed
)

Possible Container status

View Source 
const (
	ShmMountPath = "/dev/shm"
)

Variables

View Source 
var ErrMissingIAMRole = errors.New("IAM Role Missing")

ErrMissingIAMRole indicates that the Titus job was submitted without an IAM role This is a transition because previously the protobuf had this marked as an optional field and it's a temporary measure during protocol evolution.

Functions

func BoolPtr 

func BoolPtr(b bool) *bool

func ComputeHostname 

func ComputeHostname(c Container) (string, error)

ComputeHostname computes a hostname in the container using container ID or ec2 style depending on titusParameter.agent.hostnameStyle setting. Return error if style is unrecognized.

func ContainerTestArgs 

func ContainerTestArgs() (*corev1.Pod, *config.Config)

ContainerTestArgs generates test arguments appropriate for passing to NewPodContainer()

func GenerateSyntheticContainerInfoPass2 

func GenerateSyntheticContainerInfoPass2(c Container, startTime time.Time) (*titus.ContainerInfo, error)

Generates a synthetic ContainerInfo config suitable for writing out to disk so the metadata proxy can use it This is a "second pass" mutation of the containerinfo that comes in from the Container interface

func GenerateV1TestPod 

func GenerateV1TestPod(taskID string, resources *Resources, cfg *config.Config) *corev1.Pod

func GetHumanFriendlyNetworkMode 

func GetHumanFriendlyNetworkMode(mode string) string

GetHumanFriendlyNetworkMode uses the incoming network mode string and mutates it a bit to be a environment-variable safe string. In the unknown mode, however, we return an empty string for the caller to *not* set the variable

func NewExtraContainersFromPod 

func NewExtraContainersFromPod(pod corev1.Pod) ([]*ExtraContainer, []*ExtraContainer)

NewExtraContainersFromPod extracts any other containers >1 (if any) and returns 2 populated arrays []ExtraContainer for the executor to use without parsing the pod object later. These are the extra user containers, and the extra platform containers

func PodContainerTestArgs 

func PodContainerTestArgs() (*corev1.Pod, *config.Config, error)

PodContainerTestArgs returns a pod and config that a test can call NewPodContainer() with

func ResourcesToPodResourceRequirements 

func ResourcesToPodResourceRequirements(resources *Resources) corev1.ResourceRequirements

func ShouldStartSystemDNS 

func ShouldStartSystemDNS(cfg *config.Config, c Container) bool

Types

type BadEntryPointError 

type BadEntryPointError struct {
	Reason error
}

BadEntryPointError represents an error where the provided entrypoint is not valid.

func (*BadEntryPointError) Error 

func (e *BadEntryPointError) Error() string

Error returns a string describing an error

type Container 

type Container interface {
	AllowCPUBursting() bool
	AllowNetworkBursting() bool
	AppArmorProfile() *string
	AppName() string
	IngressBandwidthLimitBps() *int64
	BatchPriority() *string
	Capabilities() *corev1.Capabilities
	ContainerCapabilities(containerName string) ([]titus.ContainerCapability, error)
	CombinedAppStackDetails() string
	SyntheticContainerInfo() (*titus.ContainerInfo, error)
	EBSInfo() EBSInfo
	Env() map[string]string
	EnvOverrides() map[string]string
	ElasticIPPool() *string
	ElasticIPs() *string
	ExtraUserContainers() []*ExtraContainer
	ExtraPlatformContainers() []*ExtraContainer
	ExtraContainerEnv(c *ExtraContainer) map[string]string
	GetPlaformContainerNames() []string
	GetUserContainerNames() []string
	GPUInfo() GPUContainer
	HostnameStyle() *string
	IamRole() *string
	ID() string
	ImageDigest() *string
	ImageName() *string
	ImageVersion() *string
	ImageTagForMetrics() map[string]string
	IPv4Address() *string
	IPv6Address() *string
	IsSystemD() bool
	JobGroupDetail() string
	JobGroupStack() string
	JobGroupSequence() string
	JobID() *string
	JobType() *string
	KillWaitSeconds() *uint32
	KvmEnabled() bool
	Labels() map[string]string
	LogKeepLocalFileAfterUpload() bool
	LogStdioCheckInterval() *time.Duration
	LogUploadCheckInterval() *time.Duration
	LogUploaderConfig() *uploader.Config
	LogUploadRegexp() *regexp.Regexp
	LogUploadThresholdTime() *time.Duration
	MetatronCreds() *titus.ContainerInfo_MetatronCreds
	EffectiveNetworkMode() string
	NormalizedENIIndex() *int
	OomScoreAdj() *int32
	OrderSortedContainerNames() []string
	OwnerEmail() *string
	Pod() (*v1.Pod, *sync.Mutex)
	Process() ([]string, []string)
	QualifiedImageName() string
	Resources() *Resources
	RequireIMDSToken() *string
	Runtime() string
	SeccompAgentEnabledForPerfSyscalls() bool
	SecurityGroupIDs() *[]string
	ServiceMeshEnabled() bool
	SetEnv(string, string)
	SetEnvs(env map[string]string)
	SetGPUInfo(GPUContainer)
	SetID(string)
	SetSystemD(bool)
	SetVPCAllocation(*vpcapi.Assignment)
	ShmSizeMiB() *uint32
	SystemServices() ([]*ServiceOpts, error)
	SignedAddressAllocationUUID() *string
	SortedEnvArray() []string
	SortedEnvArrayExtraContainer(c *ExtraContainer) []string
	SubnetIDs() *[]string
	TaskID() string
	TTYEnabled() bool
	UploadDir(string) string
	UseJumboFrames() bool
	VPCAllocation() *vpcapi.Assignment
	VPCAccountID() *string
	TrafficSteeringEnabled() bool
	HTBClassID() *uint32
}

Container contains config state for a container. It should be Read Only. It should only be initialized via a constructor, and not directly.

type ContainerRuntimeProvider 

type ContainerRuntimeProvider func(ctx context.Context, c Container, startTime time.Time) (Runtime, error)

type Details 

type Details struct {
	ComponentVersions    map[string]string
	NetworkConfiguration *NetworkConfigurationDetails
}

Details contains additional details about a container that are not returned by normal container start calls.

func (Details) RenderVersionDetailsCSV 

func (d Details) RenderVersionDetailsCSV() string

type EBSInfo 

type EBSInfo struct {
	VolumeID  string
	MountPath string
	MountPerm string
	FSType    string
}

type ExtraContainer 

type ExtraContainer struct {
	Name         string                    // Name of the container from the pod spec
	V1Container  corev1.Container          // The k8s definition of the container from the pod object
	Status       corev1.ContainerStatus    // Status of the container, shows up in podstatus
	ImageInspect *dockerTypes.ImageInspect // Inspect of the image that the extra container will run
}

ExtraContainer stores data about the other containers running alongside the main container in the C&W implementation of pods

type GPUContainer 

type GPUContainer interface {
	Devices() []string
	// Deallocate GPU Container. Must be idempotent.
	Deallocate() int
	Runtime() string
	// Env returns any GPU specific environment overrides required
	Env() map[string]string
}

GPUContainer manages the GPUs for a container, and frees them

type GPUManager 

type GPUManager interface {
	AllocDevices(ctx context.Context, n int) (GPUContainer, error)
}

type InvalidConfigurationError 

type InvalidConfigurationError struct {
	Reason error
}

InvalidConfigurationError represents invalid configuration that results in a task startup being aborted

func (*InvalidConfigurationError) Error 

func (e *InvalidConfigurationError) Error() string

Error returns a string describing an error

type InvalidSecurityGroupError 

type InvalidSecurityGroupError struct {
	Reason error
}

InvalidSecurityGroupError represents an error where the provided security group is not valid.

func (*InvalidSecurityGroupError) Error 

func (e *InvalidSecurityGroupError) Error() string

Error returns a string describing an error

type NFSMount 

type NFSMount struct {
	Server     string
	ServerPath string
	ReadOnly   bool
	MountPoint string
}

type NetworkConfigurationDetails 

type NetworkConfigurationDetails struct {
	IsRoutableIP        bool
	ElasticIPAddress    string
	EniIPv4Address      string
	EniIPv6Address      string
	NetworkMode         string
	EniID               string
	ResourceID          string
	TransitionIPAddress string
}

NetworkConfigurationDetails used to pass results back to master

func (*NetworkConfigurationDetails) PickPrimaryIP 

func (n *NetworkConfigurationDetails) PickPrimaryIP() string

PickPrimaryIP applies a series of heuristics to pick the "best" IP that should describe the task. This IP is what ends up show in spinnaker or what gets sshd to, among other things.

func (*NetworkConfigurationDetails) ToAnnotationMap 

func (n *NetworkConfigurationDetails) ToAnnotationMap() map[string]string

ToAnnotationMap builds up a map of annotations that are a computed reflection of the NetworkConfigurationDetails struct, using the newer style pod annotation conventions from titus-kube-common

type PodContainer 

type PodContainer struct {
	// contains filtered or unexported fields
}

PodContainer is an implementation of Container backed only by a kubernetes pod.

func NewPodContainer 

func NewPodContainer(pod *corev1.Pod, podLock *sync.Mutex, cfg config.Config) (*PodContainer, error)

func (*PodContainer) AllowCPUBursting 

func (c *PodContainer) AllowCPUBursting() bool

func (*PodContainer) AllowNetworkBursting 

func (c *PodContainer) AllowNetworkBursting() bool

func (*PodContainer) AppArmorProfile 

func (c *PodContainer) AppArmorProfile() *string

func (*PodContainer) AppName 

func (c *PodContainer) AppName() string

func (*PodContainer) AssignIPv6Address 

func (c *PodContainer) AssignIPv6Address() bool

func (*PodContainer) BatchPriority 

func (c *PodContainer) BatchPriority() *string

func (*PodContainer) Capabilities 

func (c *PodContainer) Capabilities() *corev1.Capabilities

func (*PodContainer) CombinedAppStackDetails 

func (c *PodContainer) CombinedAppStackDetails() string

func (*PodContainer) ContainerCapabilities 

func (c *PodContainer) ContainerCapabilities(containerName string) ([]titusAPI.ContainerCapability, error)

func (*PodContainer) EBSInfo 

func (c *PodContainer) EBSInfo() EBSInfo

func (*PodContainer) EffectiveNetworkMode 

func (c *PodContainer) EffectiveNetworkMode() string

func (*PodContainer) ElasticIPPool 

func (c *PodContainer) ElasticIPPool() *string

func (*PodContainer) ElasticIPs 

func (c *PodContainer) ElasticIPs() *string

func (*PodContainer) Env 

func (c *PodContainer) Env() map[string]string

func (*PodContainer) EnvOverrides 

func (c *PodContainer) EnvOverrides() map[string]string

func (*PodContainer) ExtraContainerEnv 

func (c *PodContainer) ExtraContainerEnv(e *ExtraContainer) map[string]string

func (*PodContainer) ExtraPlatformContainers 

func (c *PodContainer) ExtraPlatformContainers() []*ExtraContainer

func (*PodContainer) ExtraUserContainers 

func (c *PodContainer) ExtraUserContainers() []*ExtraContainer

func (*PodContainer) GPUInfo 

func (c *PodContainer) GPUInfo() GPUContainer

func (*PodContainer) GetPlaformContainerNames 

func (c *PodContainer) GetPlaformContainerNames() []string

func (*PodContainer) GetUserContainerNames 

func (c *PodContainer) GetUserContainerNames() []string

func (*PodContainer) HTBClassID 

func (c *PodContainer) HTBClassID() *uint32

func (*PodContainer) HostnameStyle 

func (c *PodContainer) HostnameStyle() *string

func (*PodContainer) ID 

func (c *PodContainer) ID() string

func (*PodContainer) IPv4Address 

func (c *PodContainer) IPv4Address() *string

func (*PodContainer) IPv6Address 

func (c *PodContainer) IPv6Address() *string

func (*PodContainer) IamRole 

func (c *PodContainer) IamRole() *string

func (*PodContainer) ImageDigest 

func (c *PodContainer) ImageDigest() *string

func (*PodContainer) ImageName 

func (c *PodContainer) ImageName() *string

func (*PodContainer) ImageTagForMetrics 

func (c *PodContainer) ImageTagForMetrics() map[string]string

func (*PodContainer) ImageVersion 

func (c *PodContainer) ImageVersion() *string

func (*PodContainer) IngressBandwidthLimitBps 

func (c *PodContainer) IngressBandwidthLimitBps() *int64

func (*PodContainer) IsSystemD 

func (c *PodContainer) IsSystemD() bool

func (*PodContainer) JobGroupDetail 

func (c *PodContainer) JobGroupDetail() string

func (*PodContainer) JobGroupSequence 

func (c *PodContainer) JobGroupSequence() string

func (*PodContainer) JobGroupStack 

func (c *PodContainer) JobGroupStack() string

func (*PodContainer) JobID 

func (c *PodContainer) JobID() *string

func (*PodContainer) JobType 

func (c *PodContainer) JobType() *string

func (*PodContainer) KillWaitSeconds 

func (c *PodContainer) KillWaitSeconds() *uint32

func (*PodContainer) KvmEnabled 

func (c *PodContainer) KvmEnabled() bool

func (*PodContainer) Labels 

func (c *PodContainer) Labels() map[string]string

func (*PodContainer) LogKeepLocalFileAfterUpload 

func (c *PodContainer) LogKeepLocalFileAfterUpload() bool

func (*PodContainer) LogStdioCheckInterval 

func (c *PodContainer) LogStdioCheckInterval() *time.Duration

func (*PodContainer) LogUploadCheckInterval 

func (c *PodContainer) LogUploadCheckInterval() *time.Duration

func (*PodContainer) LogUploadRegexp 

func (c *PodContainer) LogUploadRegexp() *regexp.Regexp

func (*PodContainer) LogUploadThresholdTime 

func (c *PodContainer) LogUploadThresholdTime() *time.Duration

func (*PodContainer) LogUploaderConfig 

func (c *PodContainer) LogUploaderConfig() *uploader.Config

func (*PodContainer) MetatronCreds 

func (c *PodContainer) MetatronCreds() *titus.ContainerInfo_MetatronCreds

func (*PodContainer) NormalizedENIIndex 

func (c *PodContainer) NormalizedENIIndex() *int

func (*PodContainer) OomScoreAdj 

func (c *PodContainer) OomScoreAdj() *int32

func (*PodContainer) OrderSortedContainerNames 

func (c *PodContainer) OrderSortedContainerNames() []string

func (*PodContainer) OwnerEmail 

func (c *PodContainer) OwnerEmail() *string

func (*PodContainer) Pod 

func (c *PodContainer) Pod() (*v1.Pod, *sync.Mutex)

func (*PodContainer) Process 

func (c *PodContainer) Process() ([]string, []string)

func (*PodContainer) QualifiedImageName 

func (c *PodContainer) QualifiedImageName() string

func (*PodContainer) RequireIMDSToken 

func (c *PodContainer) RequireIMDSToken() *string

func (*PodContainer) Resources 

func (c *PodContainer) Resources() *Resources

func (*PodContainer) Runtime 

func (c *PodContainer) Runtime() string

func (*PodContainer) SeccompAgentEnabledForPerfSyscalls 

func (c *PodContainer) SeccompAgentEnabledForPerfSyscalls() bool

func (*PodContainer) SecurityGroupIDs 

func (c *PodContainer) SecurityGroupIDs() *[]string

func (*PodContainer) ServiceMeshEnabled 

func (c *PodContainer) ServiceMeshEnabled() bool

func (*PodContainer) SetEnv 

func (c *PodContainer) SetEnv(key, value string)

func (*PodContainer) SetEnvs 

func (c *PodContainer) SetEnvs(env map[string]string)

func (*PodContainer) SetGPUInfo 

func (c *PodContainer) SetGPUInfo(gpuInfo GPUContainer)

func (*PodContainer) SetID 

func (c *PodContainer) SetID(id string)

func (*PodContainer) SetSystemD 

func (c *PodContainer) SetSystemD(isSystemD bool)

func (*PodContainer) SetVPCAllocation 

func (c *PodContainer) SetVPCAllocation(allocation *vpcapi.Assignment)

func (*PodContainer) ShmSizeMiB 

func (c *PodContainer) ShmSizeMiB() *uint32

func (*PodContainer) SignedAddressAllocationUUID 

func (c *PodContainer) SignedAddressAllocationUUID() *string

func (*PodContainer) SortedEnvArray 

func (c *PodContainer) SortedEnvArray() []string

func (*PodContainer) SortedEnvArrayExtraContainer 

func (c *PodContainer) SortedEnvArrayExtraContainer(e *ExtraContainer) []string

func (*PodContainer) SubnetIDs 

func (c *PodContainer) SubnetIDs() *[]string

func (*PodContainer) SyntheticContainerInfo 

func (c *PodContainer) SyntheticContainerInfo() (*titus.ContainerInfo, error)

SyntheticContainerInfo returns an older style proto ContainerInfo object, for backwards compatibility for the titus-imds, which uses it to serve the task-identity document.

func (*PodContainer) SystemServices 

func (c *PodContainer) SystemServices() ([]*ServiceOpts, error)

func (*PodContainer) TTYEnabled 

func (c *PodContainer) TTYEnabled() bool

func (*PodContainer) TaskID 

func (c *PodContainer) TaskID() string

func (*PodContainer) TrafficSteeringEnabled 

func (c *PodContainer) TrafficSteeringEnabled() bool

func (*PodContainer) UploadDir 

func (c *PodContainer) UploadDir(namespace string) string

func (*PodContainer) UseJumboFrames 

func (c *PodContainer) UseJumboFrames() bool

func (*PodContainer) VPCAccountID 

func (c *PodContainer) VPCAccountID() *string

func (*PodContainer) VPCAllocation 

func (c *PodContainer) VPCAllocation() *vpcapi.Assignment

type RegistryImageNotFoundError 

type RegistryImageNotFoundError struct {
	Reason error
}

RegistryImageNotFoundError represents an error where an image did not exist in the registry

func (*RegistryImageNotFoundError) Error 

func (e *RegistryImageNotFoundError) Error() string

Error return a string describing the error

type Resources 

type Resources struct {
	Mem     int64 // in MiB
	CPU     int64
	GPU     int64
	Disk    int64
	Network int64
}

Resources specify constraints to be applied to a Container

type Runtime 

type Runtime interface {
	// Prepare the host to run a Container: download images, prepare filesystems, etc.
	// Implementations must set *Container.ID to a runtime specific identifier.
	// bindMounts are strings in the Docker format "src:dst:mode"
	// TODO(fabio): better (non-Docker specific) abstraction for binds
	// The context passed to the Prepare, and Start function is valid over the lifetime of the container,
	// NOT per-operation
	Prepare(containerCtx context.Context) error
	// Start a container -- Returns an optional Log Directory if an external Logger is desired
	Start(containerCtx context.Context) (string, *Details, <-chan StatusMessage, error)
	// Kill a container. MUST be idempotent.
	Kill(ctx context.Context, wasKilled bool) error
	// Cleanup can be called to tear down resources after a container has been Killed or has naturally
	// stopped. Must always be called.
	Cleanup(ctx context.Context) error
}

Runtime is the containerization engine

type ServiceOpts 

type ServiceOpts struct {
	ServiceName   string              // A human-friendly name for the system sidecar
	UnitName      string              // The systemd unit filename
	InitCommand   string              // Optional command to run first before starting, outside the systemd unit
	Required      bool                // If true, the startup of a task will fail, otherwise will just log
	EnabledCheck  serviceEnabledFunc  // A function the returns a bool representing if titus-executor should run this sidecar or not
	Target        bool                // If true, treat this as a systemd target, not a service
	Image         string              // If set, represents a docker image for the code representing this sidecar. This is populated at runtime.
	Volumes       map[string]struct{} // Volumes to map in from the docker image into the main container, usually /titus/$servicename
	ContainerName string              // A mutable string that is dynamically configured to be compatible with docker ps, calculated at runtime
	Version       string              // A mutable string that represents the version of the system service, as specified by the image
}

func GetSidecarConfig 

func GetSidecarConfig(sidecars []*ServiceOpts, sidecarName string) *ServiceOpts

GetSidecarConfig is a helper to get a particular sidecar config out by name returns nil if you get the name wrong. Use the types Consts when possible.

type SidecarContainerConfig 

type SidecarContainerConfig struct {
	ServiceName string
	Image       string
	Volumes     map[string]struct{}
}

type Status 

type Status int

Status represent a containers state

type StatusMessage 

type StatusMessage struct {
	Status Status
	Msg    string
}

StatusMessage encapsulated the message code + string to send back to the master

type WorkloadType 

type WorkloadType string

WorkloadType classifies isolation behaviors on resources (e.g. CPU). The exact implementation details of the isolation mechanism are determine by an isolation service (e.g. titus-isolate). 

const (
	StaticWorkloadType WorkloadType = "static"
	BurstWorkloadType  WorkloadType = "burst"
)

Regardless of isolation mechanism: 

"static" workloads are provided resources which to the greatest degree possible are isolated from other workloads
on a given host.  In return they opt out of the opportunity to consume unused resources opportunistically.

"burst" workloads opt in to consumption of unused resources on a host at the cost of accepting the possibility of
more resource interference from other workloads.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.