README
¶
Garden-runC Release
A BOSH release for deploying Guardian.
Guardian is a simple single-host OCI container manager. It implements the Garden API which is used in Cloud Foundry.
Getting started
Clone it:
git clone https://github.com/cloudfoundry/garden-runc-release
cd garden-runc-release
git submodule update --init --recursive
Running
The easiest way to run Garden-runC is to deploy it with BOSH Lite, a VirtualBox development environment for BOSH. Once you have set up bosh-lite (follow the instructions in the bosh-lite docs), just deploy like any bosh release, e.g:
cd garden-runc-release # if you're not already there
./scripts/deploy-lite.sh
You can retrieve the address of the Garden-runC server by running bosh vms.
It will be 10.244.0.2 if using the provided deploy-lite script.
The server port defaults to 7777.
Usage
The easiest way to start creating containers is to use the
gaol command line client.
e.g. gaol -t 10.244.0.2:7777 create -n my-container
For more advanced use cases, you'll need to use the Garden client package for Golang.
Operating garden-runc
Rootless containers
Garden has experimental support for running containers without requiring root privileges. Take a look at the rootless-containers.md doc for further info.
If you would like to enable rootless containers please read this document.
Contributing
In order to help us extend Garden-runC, we recommend opening a Github issue to describe the proposed features or changes. We also welcome pull requests.
You can use other distributions or OS X for development since a good chunk of the unit tests work across alternative platforms, and you can run platform specific tests in a VM using Concourse CI.
In order to contribute to the project you may want some of the following installed:
- Git - Distributed version control system
- Go - The Go programming language
- Direnv - Environment management
- Gosub - Gosub is a submodule based dependency manager for Go
- Fly CLI - Concourse CLI
- Virtualbox - Virtualization box
- Vagrant - Portable dev environment
Garden-runC uses git submodules to maintain its dependencies and components. Some of Garden-runC's important components currently are:
- Garden found under
src/code.cloudfoundry.org/gardenis the API server and client. - Guardian found under
src/code.cloudfoundry.org/guardianis the Garden backend. - GrootFS found under
src/code.cloudfoundry.org/grootfsdownloads and manages root filesystems. - Garden Shed found under
src/code.cloudfoundry.org/garden-shedis the legacy rootfs management piece, superseded by GrootFS. - GATS
found under
src/code.cloudfoundry.org/garden-integration-testsare the cross-backend integration tests of Garden.
Set your $GOPATH to the checked out directory, or use Direnv to do this, as
below:
direnv allow
Running the tests
Concourse CI is used for running Garden-runC tests in a VM. It provides the Fly CLI for Linux and MacOSX. Instructions for deploying a single VM Concourse using BOSH can be found in the concourse-deployment repo
Once running, navigate to https://192.168.100.4:8080 in a web browser
and download the Fly CLI using the links found in
the bottom-right corner. Place the fly binary somewhere on your $PATH.
The tests use the Ginkgo BDD testing framework.
Assuming you have configured a Concourse and installed Ginkgo, you can run all
the tests by executing ./scripts/test from the top level garden-runc-release directory.
Note: The concourse-lite VM may need to be provisioned with more RAM If you start to see tests failing with 'out of disk' errors.
Integration tests
The integration tests can be executed in Concourse CI by using Fly CLI and
executing ./scripts/test.
To run individual tests, use./scripts/remote-fly:
# Running Guardian tests
./scripts/remote-fly ci/guardian.yml
# Running Garden tests
./scripts/remote-fly ci/garden.yml
# Running Garden integration tests in Concourse CI
./scripts/remote-fly ci/gdn-linux.yml
Running the tests locally
It is possible to run the integration tests locally on a Linux based OS like Ubuntu, but we don't recommend it due to the dependencies required, and the need for parts of the testing suite to run as a privileged user. If you'd like to run them locally, you will need at least:
The tests can be executed without Concourse CLI by running ginkgo -r
command for any of the components:
# Running Garden unit tests
cd src/code.cloudfoundry.org/garden
ginkgo -r
# Running Guardian unit tests
cd src/code.cloudfoundry.org/guardian
ginkgo -r
It should be possible to run the unit tests on any system that satisfies golang build constraints.
Committing code
Write code in a submodule:
cd src/code.cloudfoundry.org/guardian # for example
git checkout master
git pull
# test, code, test..
git commit
git push
Commit the changes, run the tests, and create a bump commit:
# from the garden-runc directory
./scripts/test-and-bump # or just ./scripts/bump if you've already run the tests
Execute command in container using runc
- Create a container with handle <handle>
- Log in to the host OS with root privileges
- Go to container depot directory
cd /var/vcap/data/garden/depot/<handle>
- Execute process in container
/var/vcap/packages/runc/bin/runc exec <handle> <command>
Troubleshooting
The garden-ordnance-survey tool can be used to gather information useful for debugging issues on garden-runc-release deployments. Run this command on the deployment VM as root:
curl bit.ly/garden-ordnance-survey -sSfL | bash
License
Apache License 2.0
Directories
¶
| Path | Synopsis |
|---|---|
|
src
|
|
|
github.com/docker/docker/api/client
Package client provides a command-line interface for Docker.
|
Package client provides a command-line interface for Docker. |
|
github.com/docker/docker/api/types
This package is used for API stability in the types and response to the consumers of the API stats endpoint.
|
This package is used for API stability in the types and response to the consumers of the API stats endpoint. |
|
github.com/docker/docker/autogen/dockerversion
AUTOGENERATED FILE; see ./hack/make/.go-autogen
|
AUTOGENERATED FILE; see ./hack/make/.go-autogen |
|
github.com/docker/docker/autogen/winresources
AUTOGENERATED FILE; see ./hack/make/.go-autogen
|
AUTOGENERATED FILE; see ./hack/make/.go-autogen |
|
github.com/docker/docker/builder
Package builder is the evaluation step in the Dockerfile parse/evaluate pipeline.
|
Package builder is the evaluation step in the Dockerfile parse/evaluate pipeline. |
|
github.com/docker/docker/builder/command
Package command contains the set of Dockerfile commands.
|
Package command contains the set of Dockerfile commands. |
|
github.com/docker/docker/builder/parser
Package parser implements a parser and parse tree dumper for Dockerfiles.
|
Package parser implements a parser and parse tree dumper for Dockerfiles. |
|
github.com/docker/docker/pkg/listenbuffer
Package listenbuffer uses the kernel's listening backlog functionality to queue connections, allowing applications to start listening immediately and handle connections later.
|
Package listenbuffer uses the kernel's listening backlog functionality to queue connections, allowing applications to start listening immediately and handle connections later. |
|
github.com/docker/docker/pkg/mflag
Package flag implements command-line flag parsing.
|
Package flag implements command-line flag parsing. |
|
github.com/docker/docker/pkg/pools
Package pools provides a collection of pools which provide various data types with buffers.
|
Package pools provides a collection of pools which provide various data types with buffers. |
|
github.com/docker/docker/pkg/tlsconfig
Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers.
|
Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. |
|
github.com/docker/docker/pkg/useragent
Package useragent provides helper functions to pack version information into a single User-Agent header.
|
Package useragent provides helper functions to pack version information into a single User-Agent header. |