containerutil

package
v2.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 8, 2025 License: Apache-2.0 Imports: 55 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	UtsNamespaceHost = "host"
)

Variables

View Source 
var (
	// Generic and system errors
	ErrFilesystem             = errors.New("filesystem error") // lstat hard errors, etc
	ErrContainerVanished      = errors.New("the container you are trying to copy to/from has been deleted")
	ErrRootlessCannotCp       = errors.New("cannot use cp with stopped containers in rootless mode") // rootless cp with a stopped container
	ErrFailedMountingSnapshot = errors.New("failed mounting snapshot")                               // failure to mount a stopped container snapshot

	// CP specific errors
	ErrTargetIsReadOnly           = errors.New("cannot copy into read-only location")                            // ...
	ErrSourceIsNotADir            = errors.New("source is not a directory")                                      // cp SOMEFILE/ foo:/
	ErrDestinationIsNotADir       = errors.New("destination is not a directory")                                 // * cp ./ foo:/etc/issue/bah
	ErrSourceDoesNotExist         = errors.New("source does not exist")                                          // cp NONEXISTENT foo:/
	ErrDestinationParentMustExist = errors.New("destination parent does not exist")                              // nerdctl cp VALID_PATH foo:/NONEXISTENT/NONEXISTENT
	ErrDestinationDirMustExist    = errors.New("the destination directory must exist to be able to copy a file") // * cp SOMEFILE foo:/NONEXISTENT/
	ErrCannotCopyDirToFile        = errors.New("cannot copy a directory to a file")                              // cp SOMEDIR foo:/etc/issue
)

Functions

func ContainerNetNSPath 

func ContainerNetNSPath(ctx context.Context, c containerd.Container) (string, error)

ContainerNetNSPath returns the netns path of a container.

func ContainerStateDirPath 

func ContainerStateDirPath(ns, dataStore, id string) (string, error)

ContainerStateDirPath returns the path to the Nerdctl-managed state directory for the container with the given ID.

func ContainerStatus 

func ContainerStatus(ctx context.Context, c containerd.Container) (containerd.Status, error)

ContainerStatus returns the container's status from its task.

func CopyFiles 

func CopyFiles(ctx context.Context, client *containerd.Client, container containerd.Container, options types.ContainerCpOptions) (err error)

CopyFiles implements `nerdctl cp` It currently depends on the following assumptions: - linux only - tar binary exists on the system - nsenter binary exists on the system - if rootless, the container is running (aka: /proc/pid/root)

func DecodeContainerRmOptLabel 

func DecodeContainerRmOptLabel(rmOptLabel string) (bool, error)

DecodeContainerRmOptLabel decodes bool value for the --rm option from string value for a label.

func EncodeContainerRmOptLabel 

func EncodeContainerRmOptLabel(rmOpt bool) string

EncodeContainerRmOptLabel encodes bool value for the --rm option into string value for a label.

func GenerateSharingPIDOpts 

func GenerateSharingPIDOpts(ctx context.Context, targetCon containerd.Container) ([]oci.SpecOpts, error)

GenerateSharingPIDOpts returns the oci.SpecOpts that shares the host linux namespace from `targetCon` If `targetCon` doesn't have a `PIDNamespace`, a new one is generated from its `Pid`.

func GetContainerName 

func GetContainerName(containerLabels map[string]string) string

func Lock 

func Lock(stateDir string) (store.Store, error)

func NetworkOptionsFromSpec 

func NetworkOptionsFromSpec(spec *specs.Spec) (types.NetworkOptions, error)

NetworkOptionsFromSpec Returns the NetworkOptions used in a container's creation from its spec.Annotations.

func ParseExtraHosts added in v2.0.3 

func ParseExtraHosts(extraHosts []string, hostGatewayIP, separator string) ([]string, error)

ParseExtraHosts takes an array of host-to-IP mapping strings, e.g. "localhost:127.0.0.1", and a hostGatewayIP for resolving mappings to "host-gateway".

Returns a map of host-to-IPs or errors if any mapping strings are not correctly formatted.

func Pause 

func Pause(ctx context.Context, client *containerd.Client, id string) error

Pause pauses a container by its id.

func PrintHostPort 

func PrintHostPort(ctx context.Context, writer io.Writer, container containerd.Container, containerPort int, proto string, ports []cni.PortMapping) error

PrintHostPort writes to `writer` the public (HostIP:HostPort) of a given `containerPort/protocol` in a container. if `containerPort < 0`, it writes all public ports of the container.

func ReconfigIPCContainer 

func ReconfigIPCContainer(ctx context.Context, c containerd.Container, client *containerd.Client, lab map[string]string) error

ReconfigIPCContainer reconfigures the container's spec options for sharing IPC namespace and volumns.

func ReconfigNetContainer 

func ReconfigNetContainer(ctx context.Context, c containerd.Container, client *containerd.Client, lab map[string]string) error

ReconfigNetContainer reconfigures the container's network namespace path.

func ReconfigPIDContainer 

func ReconfigPIDContainer(ctx context.Context, c containerd.Container, client *containerd.Client, lab map[string]string) error

ReconfigPIDContainer reconfigures the container's spec options for sharing PID namespace.

func Start 

func Start(ctx context.Context, container containerd.Container, isAttach bool, isInteractive bool, client *containerd.Client, detachKeys string) (err error)

Start starts `container` with `attach` flag. If `attach` is true, it will attach to the container's stdio.

func Stop 

func Stop(ctx context.Context, container containerd.Container, timeout *time.Duration, signalValue string) (err error)

Stop stops `container` by sending SIGTERM. If the container is not stopped after `timeout`, it sends a SIGKILL.

func Unpause 

func Unpause(ctx context.Context, client *containerd.Client, id string) error

Unpause unpauses a container by its id.

func UpdateErrorLabel 

func UpdateErrorLabel(ctx context.Context, container containerd.Container, err error) error

UpdateErrorLabel updates the "nerdctl/error" label of the container according to the container error.

func UpdateExplicitlyStoppedLabel 

func UpdateExplicitlyStoppedLabel(ctx context.Context, container containerd.Container, explicitlyStopped bool) error

UpdateExplicitlyStoppedLabel updates the "containerd.io/restart.explicitly-stopped" label of the container according to the value of explicitlyStopped.

func UpdateStatusLabel 

func UpdateStatusLabel(ctx context.Context, container containerd.Container, status containerd.ProcessStatus) error

UpdateStatusLabel updates the "containerd.io/restart.status" label of the container according to the value of restart desired status.

func WithBindMountHostProcfs 

func WithBindMountHostProcfs(_ context.Context, _ oci.Client, _ *containers.Container, s *oci.Spec) error

WithBindMountHostProcfs replaces procfs mount with rbind. Required for --pid=host on rootless.

https://github.com/moby/moby/pull/41893/files https://github.com/containers/podman/blob/v3.0.0-rc1/pkg/specgen/generate/oci.go#L248-L257

Types

type ContainerVolume 

type ContainerVolume struct {
	Type        string
	Name        string
	Source      string
	Destination string
	Mode        string
	RW          bool
	Propagation string
}

ContainerVolume is a struct representing a volume in a container.

func GetContainerVolumes 

func GetContainerVolumes(containerLabels map[string]string) []*ContainerVolume

GetContainerVolumes is a function that returns a slice of containerVolume pointers. It accepts a map of container labels as input, where key is the label name and value is its associated value. The function iterates over the predefined volume labels (AnonymousVolumes and Mounts) and for each, it checks if the labels exists in the provided container labels. If yes, it decodes the label value from JSON format and appends the volumes to the result. In case of error during decoding, it logs the error and continues to the next label.

type NetworkOptionsManager 

type NetworkOptionsManager interface {
	// NetworkOptions Returns a copy of the internal types.NetworkOptions.
	NetworkOptions() types.NetworkOptions

	// VerifyNetworkOptions Verifies that the internal network settings are correct.
	VerifyNetworkOptions(context.Context) error

	// SetupNetworking Performs setup actions required for the container with the given ID.
	SetupNetworking(context.Context, string) error

	// CleanupNetworking Performs any required cleanup actions for the given container.
	// Should only be called to revert any setup steps performed in SetupNetworking.
	CleanupNetworking(context.Context, containerd.Container) error

	// InternalNetworkingOptionLabels Returns the set of NetworkingOptions which should be set as labels on the container.
	//
	// These options can potentially differ from the actual networking options
	// that the NetworkOptionsManager was initially instantiated with.
	// E.g: in container networking mode, the label will be normalized to an ID:
	// `--net=container:myContainer` => `--net=container:<ID of myContainer>`.
	InternalNetworkingOptionLabels(context.Context) (types.NetworkOptions, error)

	// ContainerNetworkingOpts Returns a slice of `oci.SpecOpts` and `containerd.NewContainerOpts` which represent
	// the network specs which need to be applied to the container with the given ID.
	ContainerNetworkingOpts(context.Context, string) ([]oci.SpecOpts, []containerd.NewContainerOpts, error)
}

NetworkOptionsManager types.NetworkOptionsManager is an interface for reading/setting networking options for containers based on the provided command flags.

func NewNetworkingOptionsManager 

func NewNetworkingOptionsManager(globalOptions types.GlobalCommandOptions, netOpts types.NetworkOptions, client *containerd.Client) (NetworkOptionsManager, error)

NewNetworkingOptionsManager Returns a types.NetworkOptionsManager based on the provided command's flags.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.