rkt

package
v1.3.0-alpha.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2016 License: Apache-2.0 Imports: 47 Imported by: 0

Documentation

Overview

Package rkt contains the Containerruntime interface implementation for rkt.

This file contains all image related functions for rkt runtime.

Index

Constants

View Source 
const (
	CAP_CHOWN = iota
	CAP_DAC_OVERRIDE
	CAP_DAC_READ_SEARCH
	CAP_FOWNER
	CAP_FSETID
	CAP_KILL
	CAP_SETGID
	CAP_SETUID
	CAP_SETPCAP
	CAP_LINUX_IMMUTABLE
	CAP_NET_BIND_SERVICE
	CAP_NET_BROADCAST
	CAP_NET_ADMIN
	CAP_NET_RAW
	CAP_IPC_LOCK
	CAP_IPC_OWNER
	CAP_SYS_MODULE
	CAP_SYS_RAWIO
	CAP_SYS_CHROOT
	CAP_SYS_PTRACE
	CAP_SYS_PACCT
	CAP_SYS_ADMIN
	CAP_SYS_BOOT
	CAP_SYS_NICE
	CAP_SYS_RESOURCE
	CAP_SYS_TIME
	CAP_SYS_TTY_CONFIG
	CAP_MKNOD
	CAP_LEASE
	CAP_AUDIT_WRITE
	CAP_AUDIT_CONTROL
	CAP_SETFCAP
	CAP_MAC_OVERRIDE
	CAP_MAC_ADMIN
	CAP_SYSLOG
	CAP_WAKE_ALARM
	CAP_BLOCK_SUSPEND
	CAP_AUDIT_READ
)

TODO(yifan): Export this to higher level package.

View Source 
const (
	RktType                      = "rkt"
	DefaultRktAPIServiceEndpoint = "localhost:15441"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	// The absolute path to the binary, or leave empty to find it in $PATH.
	Path string
	// The rkt data directory.
	Dir string
	// The image to use as stage1.
	Stage1Image string
	// The debug flag for rkt.
	Debug bool
	// Comma-separated list of security features to disable.
	// Allowed values: "none", "image", "tls", "ondisk", "http", "all".
	InsecureOptions string
	// The local config directory.
	LocalConfigDir string
	// The user config directory.
	UserConfigDir string
	// The system config directory.
	SystemConfigDir string
}

Config stores the global configuration for the rkt runtime. Detailed documents can be found at: https://github.com/coreos/rkt/blob/master/Documentation/commands.md#global-options

type Runtime added in v1.2.0 

type Runtime struct {
	// contains filtered or unexported fields
}

Runtime implements the Containerruntime for rkt. The implementation uses systemd, so in order to run this runtime, systemd must be installed on the machine.

func New 

func New(
	apiEndpoint string,
	config *Config,
	runtimeHelper kubecontainer.RuntimeHelper,
	recorder record.EventRecorder,
	containerRefManager *kubecontainer.RefManager,
	podGetter podGetter,
	livenessManager proberesults.Manager,
	httpClient types.HttpGetter,
	networkPlugin network.NetworkPlugin,
	hairpinMode bool,
	execer utilexec.Interface,
	os kubecontainer.OSInterface,
	imageBackOff *flowcontrol.Backoff,
	serializeImagePulls bool,
) (*Runtime, error)

New creates the rkt container runtime which implements the container runtime interface. It will test if the rkt binary is in the $PATH, and whether we can get the version of it. If so, creates the rkt container runtime, otherwise returns an error.

func (*Runtime) APIVersion added in v1.2.0 

func (r *Runtime) APIVersion() (kubecontainer.Version, error)

func (*Runtime) AttachContainer added in v1.2.0 

func (r *Runtime) AttachContainer(containerID kubecontainer.ContainerID, stdin io.Reader, stdout, stderr io.WriteCloser, tty bool) error

func (*Runtime) ExecInContainer added in v1.2.0 

func (r *Runtime) ExecInContainer(containerID kubecontainer.ContainerID, cmd []string, stdin io.Reader, stdout, stderr io.WriteCloser, tty bool) error

Note: In rkt, the container ID is in the form of "UUID:appName", where UUID is the rkt UUID, and appName is the container name. TODO(yifan): If the rkt is using lkvm as the stage1 image, then this function will fail.

func (*Runtime) GarbageCollect added in v1.2.0 

func (r *Runtime) GarbageCollect(gcPolicy kubecontainer.ContainerGCPolicy) error

GarbageCollect collects the pods/containers. After one GC iteration:

  • The deleted pods will be removed.
  • If the number of containers exceeds gcPolicy.MaxContainers, then containers whose ages are older than gcPolicy.minAge will be removed.

func (*Runtime) GetContainerLogs added in v1.2.0 

func (r *Runtime) GetContainerLogs(pod *api.Pod, containerID kubecontainer.ContainerID, logOptions *api.PodLogOptions, stdout, stderr io.Writer) error

GetContainerLogs uses journalctl to get the logs of the container. By default, it returns a snapshot of the container log. Set |follow| to true to stream the log. Set |follow| to false and specify the number of lines (e.g. "100" or "all") to tail the log.

In rkt runtime's implementation, per container log is get via 'journalctl -m _MACHINE_ID=[MACHINE_ID] -u [APP_NAME]'. Where MACHINE_ID is the rkt id without dash. See https://github.com/coreos/rkt/blob/master/Documentation/commands.md#logging for more details.

TODO(yifan): If the rkt is using lkvm as the stage1 image, then this function will fail.

func (*Runtime) GetNetNS added in v1.3.0 

func (r *Runtime) GetNetNS(containerID kubecontainer.ContainerID) (string, error)

GetNetNS returns the network namespace path for the given container

func (*Runtime) GetPodStatus added in v1.2.0 

func (r *Runtime) GetPodStatus(uid kubetypes.UID, name, namespace string) (*kubecontainer.PodStatus, error)

GetPodStatus returns the status for a pod specified by a given UID, name, and namespace. It will attempt to find pod's information via a request to the rkt api server. An error will be returned if the api server returns an error. If the api server doesn't error, but doesn't provide meaningful information about the pod, a status with no information (other than the passed in arguments) is returned anyways.

func (*Runtime) GetPods added in v1.2.0 

func (r *Runtime) GetPods(all bool) ([]*kubecontainer.Pod, error)

GetPods runs 'systemctl list-unit' and 'rkt list' to get the list of rkt pods. Then it will use the result to construct a list of container runtime pods. If all is false, then only running pods will be returned, otherwise all pods will be returned.

func (*Runtime) ImageStats added in v1.3.0 

func (r *Runtime) ImageStats() (*kubecontainer.ImageStats, error)

ImageStats returns the image stat (total storage bytes).

func (*Runtime) IsImagePresent added in v1.2.0 

func (r *Runtime) IsImagePresent(image kubecontainer.ImageSpec) (bool, error)

func (*Runtime) KillPod added in v1.2.0 

func (r *Runtime) KillPod(pod *api.Pod, runningPod kubecontainer.Pod, gracePeriodOverride *int64) error

KillPod invokes 'systemctl kill' to kill the unit that runs the pod. TODO: add support for gracePeriodOverride which is used in eviction scenarios

func (*Runtime) ListImages added in v1.2.0 

func (r *Runtime) ListImages() ([]kubecontainer.Image, error)

ListImages lists all the available appc images on the machine by invoking 'rkt image list'.

func (*Runtime) PortForward added in v1.2.0 

func (r *Runtime) PortForward(pod *kubecontainer.Pod, port uint16, stream io.ReadWriteCloser) error

PortForward executes socat in the pod's network namespace and copies data between stream (representing the user's local connection on their computer) and the specified port in the container.

TODO:

  • match cgroups of container
  • should we support nsenter + socat on the host? (current impl)
  • should we support nsenter + socat in a container, running with elevated privs and --pid=host?

TODO(yifan): Merge with the same function in dockertools. TODO(yifan): If the rkt is using lkvm as the stage1 image, then this function will fail.

func (*Runtime) PullImage added in v1.2.0 

func (r *Runtime) PullImage(image kubecontainer.ImageSpec, pullSecrets []api.Secret) error

PullImage invokes 'rkt fetch' to download an aci. TODO(yifan): Now we only support docker images, this should be changed once the format of image is landed, see:

http://issue.k8s.io/7203

func (*Runtime) RemoveImage added in v1.2.0 

func (r *Runtime) RemoveImage(image kubecontainer.ImageSpec) error

RemoveImage removes an on-disk image using 'rkt image rm'.

func (*Runtime) RunCommand added in v1.3.0 

func (r *Runtime) RunCommand(config *Config, args ...string) ([]string, error)

RunCommand invokes rkt binary with arguments and returns the result from stdout in a list of strings. Each string in the list is a line. If config is non-nil, it will use the given config instead of the config inferred from rkt API service.

func (*Runtime) RunPod added in v1.2.0 

func (r *Runtime) RunPod(pod *api.Pod, pullSecrets []api.Secret) error

RunPod first creates the unit file for a pod, and then starts the unit over d-bus.

func (*Runtime) Status added in v1.2.0 

func (r *Runtime) Status() error

Status returns error if rkt is unhealthy, nil otherwise.

func (*Runtime) SyncPod added in v1.2.0 

func (r *Runtime) SyncPod(pod *api.Pod, podStatus api.PodStatus, internalPodStatus *kubecontainer.PodStatus, pullSecrets []api.Secret, backOff *flowcontrol.Backoff) (result kubecontainer.PodSyncResult)

SyncPod syncs the running pod to match the specified desired pod.

func (*Runtime) Type added in v1.2.0 

func (r *Runtime) Type() string

func (*Runtime) Version added in v1.2.0 

func (r *Runtime) Version() (kubecontainer.Version, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳