nsinit

package
v0.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 8, 2014 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultCreateCommand added in v0.11.0

func DefaultCreateCommand(container *libcontainer.Container, console, rootfs, dataPath, init string, pipe *os.File, args []string) *exec.Cmd

DefaultCreateCommand will return an exec.Cmd with the Cloneflags set to the proper namespaces defined on the container's configuration and use the current binary as the init with the args provided

console: the /dev/console to setup inside the container init: the progam executed inside the namespaces root: the path to the container json file and information pipe: sync pipe to syncronize the parent and child processes args: the arguemnts to pass to the container to run as the user's program

func DeletePid added in v0.11.0

func DeletePid(path string) error

DeletePid removes the pid and started file from disk when the container's process dies and the container is cleanly removed

func Exec added in v0.11.0

func Exec(container *libcontainer.Container, term Terminal, rootfs, dataPath string, args []string, createCommand CreateCommand, startCallback func()) (int, error)

Exec performes setup outside of a namespace so that a container can be executed. Exec is a high level function for working with container namespaces.

func ExecIn added in v0.11.0

func ExecIn(container *libcontainer.Container, nspid int, args []string) (int, error)

ExecIn uses an existing pid and joins the pid's namespaces with the new command.

func FinalizeNamespace added in v0.11.0

func FinalizeNamespace(container *libcontainer.Container) error

FinalizeNamespace drops the caps, sets the correct user and working dir, and closes any leaky file descriptors before execing the command inside the namespace

func GetNamespaceFlags

func GetNamespaceFlags(namespaces map[string]bool) (flag int)

GetNamespaceFlags parses the container's Namespaces options to set the correct flags on clone, unshare, and setns

func Init added in v0.11.0

func Init(container *libcontainer.Container, uncleanRootfs, consolePath string, syncPipe *SyncPipe, args []string) error

Init is the init process that first runs inside a new namespace to setup mounts, users, networking, and other options required for the new container.

func InitializeNetworking added in v0.11.0

func InitializeNetworking(container *libcontainer.Container, nspid int, pipe *SyncPipe) error

InitializeNetworking creates the container's network stack outside of the namespace and moves interfaces into the container's net namespaces if necessary

func LoadContainerEnvironment added in v0.11.0

func LoadContainerEnvironment(container *libcontainer.Container) error

func SetupCgroups added in v0.11.0

func SetupCgroups(container *libcontainer.Container, nspid int) (cgroups.ActiveCgroup, error)

SetupCgroups applies the cgroup restrictions to the process running in the contaienr based on the container's configuration

func SetupUser added in v0.11.0

func SetupUser(u string) error

SetupUser changes the groups, gid, and uid for the user inside the container

func WritePid added in v0.11.0

func WritePid(path string, pid int, startTime string) error

WritePid writes the namespaced processes pid to pid and it's start time to the path specified

Types

type CreateCommand added in v0.11.0

type CreateCommand func(container *libcontainer.Container, console, rootfs, dataPath, init string, childPipe *os.File, args []string) *exec.Cmd

type StdTerminal

type StdTerminal struct {
	// contains filtered or unexported fields
}

func (*StdTerminal) Attach

func (s *StdTerminal) Attach(command *exec.Cmd) error

func (*StdTerminal) Close

func (s *StdTerminal) Close() error

func (*StdTerminal) Resize

func (s *StdTerminal) Resize(h, w int) error

func (*StdTerminal) SetMaster

func (s *StdTerminal) SetMaster(*os.File)

type SyncPipe

type SyncPipe struct {
	// contains filtered or unexported fields
}

SyncPipe allows communication to and from the child processes to it's parent and allows the two independent processes to syncronize their state.

func NewSyncPipe

func NewSyncPipe() (s *SyncPipe, err error)

func NewSyncPipeFromFd

func NewSyncPipeFromFd(parendFd, childFd uintptr) (*SyncPipe, error)

func (*SyncPipe) Child added in v0.11.0

func (s *SyncPipe) Child() *os.File

func (*SyncPipe) Close

func (s *SyncPipe) Close() error

func (*SyncPipe) Parent added in v0.11.0

func (s *SyncPipe) Parent() *os.File

func (*SyncPipe) ReadFromParent

func (s *SyncPipe) ReadFromParent() (libcontainer.Context, error)

func (*SyncPipe) SendToChild

func (s *SyncPipe) SendToChild(context libcontainer.Context) error

type Terminal

type Terminal interface {
	io.Closer
	SetMaster(*os.File)
	Attach(*exec.Cmd) error
	Resize(h, w int) error
}

func NewTerminal

func NewTerminal(stdin io.Reader, stdout, stderr io.Writer, tty bool) Terminal

type TtyTerminal

type TtyTerminal struct {
	// contains filtered or unexported fields
}

func (*TtyTerminal) Attach

func (t *TtyTerminal) Attach(command *exec.Cmd) error

func (*TtyTerminal) Close

func (t *TtyTerminal) Close() error

func (*TtyTerminal) Resize

func (t *TtyTerminal) Resize(h, w int) error

func (*TtyTerminal) SetMaster

func (t *TtyTerminal) SetMaster(master *os.File)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL