6 "github.com/docker/docker/api/types/blkiodev"
7 "github.com/docker/docker/api/types/mount"
8 "github.com/docker/docker/api/types/strslice"
9 "github.com/docker/go-connections/nat"
10 "github.com/docker/go-units"
13 // Isolation represents the isolation technology of a container. The supported
14 // values are platform specific
17 // IsDefault indicates the default isolation technology of a container. On Linux this
18 // is the native driver. On Windows, this is a Windows Server Container.
19 func (i Isolation) IsDefault() bool {
20 return strings.ToLower(string(i)) == "default" || string(i) == ""
23 // IpcMode represents the container ipc stack.
26 // IsPrivate indicates whether the container uses its private ipc stack.
27 func (n IpcMode) IsPrivate() bool {
28 return !(n.IsHost() || n.IsContainer())
31 // IsHost indicates whether the container uses the host's ipc stack.
32 func (n IpcMode) IsHost() bool {
36 // IsContainer indicates whether the container uses a container's ipc stack.
37 func (n IpcMode) IsContainer() bool {
38 parts := strings.SplitN(string(n), ":", 2)
39 return len(parts) > 1 && parts[0] == "container"
42 // Valid indicates whether the ipc stack is valid.
43 func (n IpcMode) Valid() bool {
44 parts := strings.Split(string(n), ":")
45 switch mode := parts[0]; mode {
48 if len(parts) != 2 || parts[1] == "" {
57 // Container returns the name of the container ipc stack is going to be used.
58 func (n IpcMode) Container() string {
59 parts := strings.SplitN(string(n), ":", 2)
66 // NetworkMode represents the container network stack.
67 type NetworkMode string
69 // IsNone indicates whether container isn't using a network stack.
70 func (n NetworkMode) IsNone() bool {
74 // IsDefault indicates whether container uses the default network stack.
75 func (n NetworkMode) IsDefault() bool {
79 // IsPrivate indicates whether container uses its private network stack.
80 func (n NetworkMode) IsPrivate() bool {
81 return !(n.IsHost() || n.IsContainer())
84 // IsContainer indicates whether container uses a container network stack.
85 func (n NetworkMode) IsContainer() bool {
86 parts := strings.SplitN(string(n), ":", 2)
87 return len(parts) > 1 && parts[0] == "container"
90 // ConnectedContainer is the id of the container which network this container is connected to.
91 func (n NetworkMode) ConnectedContainer() string {
92 parts := strings.SplitN(string(n), ":", 2)
99 //UserDefined indicates user-created network
100 func (n NetworkMode) UserDefined() string {
101 if n.IsUserDefined() {
107 // UsernsMode represents userns mode in the container.
108 type UsernsMode string
110 // IsHost indicates whether the container uses the host's userns.
111 func (n UsernsMode) IsHost() bool {
115 // IsPrivate indicates whether the container uses the a private userns.
116 func (n UsernsMode) IsPrivate() bool {
120 // Valid indicates whether the userns is valid.
121 func (n UsernsMode) Valid() bool {
122 parts := strings.Split(string(n), ":")
123 switch mode := parts[0]; mode {
131 // CgroupSpec represents the cgroup to use for the container.
132 type CgroupSpec string
134 // IsContainer indicates whether the container is using another container cgroup
135 func (c CgroupSpec) IsContainer() bool {
136 parts := strings.SplitN(string(c), ":", 2)
137 return len(parts) > 1 && parts[0] == "container"
140 // Valid indicates whether the cgroup spec is valid.
141 func (c CgroupSpec) Valid() bool {
142 return c.IsContainer() || c == ""
145 // Container returns the name of the container whose cgroup will be used.
146 func (c CgroupSpec) Container() string {
147 parts := strings.SplitN(string(c), ":", 2)
154 // UTSMode represents the UTS namespace of the container.
157 // IsPrivate indicates whether the container uses its private UTS namespace.
158 func (n UTSMode) IsPrivate() bool {
162 // IsHost indicates whether the container uses the host's UTS namespace.
163 func (n UTSMode) IsHost() bool {
167 // Valid indicates whether the UTS namespace is valid.
168 func (n UTSMode) Valid() bool {
169 parts := strings.Split(string(n), ":")
170 switch mode := parts[0]; mode {
178 // PidMode represents the pid namespace of the container.
181 // IsPrivate indicates whether the container uses its own new pid namespace.
182 func (n PidMode) IsPrivate() bool {
183 return !(n.IsHost() || n.IsContainer())
186 // IsHost indicates whether the container uses the host's pid namespace.
187 func (n PidMode) IsHost() bool {
191 // IsContainer indicates whether the container uses a container's pid namespace.
192 func (n PidMode) IsContainer() bool {
193 parts := strings.SplitN(string(n), ":", 2)
194 return len(parts) > 1 && parts[0] == "container"
197 // Valid indicates whether the pid namespace is valid.
198 func (n PidMode) Valid() bool {
199 parts := strings.Split(string(n), ":")
200 switch mode := parts[0]; mode {
203 if len(parts) != 2 || parts[1] == "" {
212 // Container returns the name of the container whose pid namespace is going to be used.
213 func (n PidMode) Container() string {
214 parts := strings.SplitN(string(n), ":", 2)
221 // DeviceMapping represents the device mapping between the host and the container.
222 type DeviceMapping struct {
224 PathInContainer string
225 CgroupPermissions string
228 // RestartPolicy represents the restart policies of the container.
229 type RestartPolicy struct {
231 MaximumRetryCount int
234 // IsNone indicates whether the container has the "no" restart policy.
235 // This means the container will not automatically restart when exiting.
236 func (rp *RestartPolicy) IsNone() bool {
237 return rp.Name == "no" || rp.Name == ""
240 // IsAlways indicates whether the container has the "always" restart policy.
241 // This means the container will automatically restart regardless of the exit status.
242 func (rp *RestartPolicy) IsAlways() bool {
243 return rp.Name == "always"
246 // IsOnFailure indicates whether the container has the "on-failure" restart policy.
247 // This means the container will automatically restart of exiting with a non-zero exit status.
248 func (rp *RestartPolicy) IsOnFailure() bool {
249 return rp.Name == "on-failure"
252 // IsUnlessStopped indicates whether the container has the
253 // "unless-stopped" restart policy. This means the container will
254 // automatically restart unless user has put it to stopped state.
255 func (rp *RestartPolicy) IsUnlessStopped() bool {
256 return rp.Name == "unless-stopped"
259 // IsSame compares two RestartPolicy to see if they are the same
260 func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool {
261 return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount
264 // LogMode is a type to define the available modes for logging
265 // These modes affect how logs are handled when log messages start piling up.
268 // Available logging modes
271 LogModeBlocking LogMode = "blocking"
272 LogModeNonBlock LogMode = "non-blocking"
275 // LogConfig represents the logging configuration of the container.
276 type LogConfig struct {
278 Config map[string]string
281 // Resources contains container's resources (cgroups config, ulimits...)
282 type Resources struct {
283 // Applicable to all platforms
284 CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
285 Memory int64 // Memory limit (in bytes)
286 NanoCPUs int64 `json:"NanoCpus"` // CPU quota in units of 10<sup>-9</sup> CPUs.
288 // Applicable to UNIX platforms
289 CgroupParent string // Parent cgroup.
290 BlkioWeight uint16 // Block IO weight (relative weight vs. other containers)
291 BlkioWeightDevice []*blkiodev.WeightDevice
292 BlkioDeviceReadBps []*blkiodev.ThrottleDevice
293 BlkioDeviceWriteBps []*blkiodev.ThrottleDevice
294 BlkioDeviceReadIOps []*blkiodev.ThrottleDevice
295 BlkioDeviceWriteIOps []*blkiodev.ThrottleDevice
296 CPUPeriod int64 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period
297 CPUQuota int64 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota
298 CPURealtimePeriod int64 `json:"CpuRealtimePeriod"` // CPU real-time period
299 CPURealtimeRuntime int64 `json:"CpuRealtimeRuntime"` // CPU real-time runtime
300 CpusetCpus string // CpusetCpus 0-2, 0,1
301 CpusetMems string // CpusetMems 0-2, 0,1
302 Devices []DeviceMapping // List of devices to map inside the container
303 DeviceCgroupRules []string // List of rule to be added to the device cgroup
304 DiskQuota int64 // Disk limit (in bytes)
305 KernelMemory int64 // Kernel memory limit (in bytes)
306 MemoryReservation int64 // Memory soft limit (in bytes)
307 MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap
308 MemorySwappiness *int64 // Tuning container memory swappiness behaviour
309 OomKillDisable *bool // Whether to disable OOM Killer or not
310 PidsLimit int64 // Setting pids limit for a container
311 Ulimits []*units.Ulimit // List of ulimits to be set in the container
313 // Applicable to Windows
314 CPUCount int64 `json:"CpuCount"` // CPU count
315 CPUPercent int64 `json:"CpuPercent"` // CPU percent
316 IOMaximumIOps uint64 // Maximum IOps for the container system drive
317 IOMaximumBandwidth uint64 // Maximum IO in bytes per second for the container system drive
320 // UpdateConfig holds the mutable attributes of a Container.
321 // Those attributes can be updated at runtime.
322 type UpdateConfig struct {
323 // Contains container's resources (cgroups, ulimits)
325 RestartPolicy RestartPolicy
328 // HostConfig the non-portable Config structure of a container.
329 // Here, "non-portable" means "dependent of the host we are running on".
330 // Portable information *should* appear in Config.
331 type HostConfig struct {
332 // Applicable to all platforms
333 Binds []string // List of volume bindings for this container
334 ContainerIDFile string // File (path) where the containerId is written
335 LogConfig LogConfig // Configuration of the logs for this container
336 NetworkMode NetworkMode // Network mode to use for the container
337 PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host
338 RestartPolicy RestartPolicy // Restart policy to be used for the container
339 AutoRemove bool // Automatically remove container when it exits
340 VolumeDriver string // Name of the volume driver used to mount volumes
341 VolumesFrom []string // List of volumes to take from other container
343 // Applicable to UNIX platforms
344 CapAdd strslice.StrSlice // List of kernel capabilities to add to the container
345 CapDrop strslice.StrSlice // List of kernel capabilities to remove from the container
346 DNS []string `json:"Dns"` // List of DNS server to lookup
347 DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for
348 DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for
349 ExtraHosts []string // List of extra hosts
350 GroupAdd []string // List of additional groups that the container process will run as
351 IpcMode IpcMode // IPC namespace to use for the container
352 Cgroup CgroupSpec // Cgroup to use for the container
353 Links []string // List of links (in the name:alias form)
354 OomScoreAdj int // Container preference for OOM-killing
355 PidMode PidMode // PID namespace to use for the container
356 Privileged bool // Is the container in privileged mode
357 PublishAllPorts bool // Should docker publish all exposed port for the container
358 ReadonlyRootfs bool // Is the container root filesystem in read-only
359 SecurityOpt []string // List of string values to customize labels for MLS systems, such as SELinux.
360 StorageOpt map[string]string `json:",omitempty"` // Storage driver options per container.
361 Tmpfs map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container
362 UTSMode UTSMode // UTS namespace to use for the container
363 UsernsMode UsernsMode // The user namespace to use for the container
364 ShmSize int64 // Total shm memory usage
365 Sysctls map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
366 Runtime string `json:",omitempty"` // Runtime to use with this container
368 // Applicable to Windows
369 ConsoleSize [2]uint // Initial console size (height,width)
370 Isolation Isolation // Isolation technology of the container (e.g. default, hyperv)
372 // Contains container's resources (cgroups, ulimits)
375 // Mounts specs used by the container
376 Mounts []mount.Mount `json:",omitempty"`
378 // Run a custom init inside the container, if null, use the daemon's configured settings
379 Init *bool `json:",omitempty"`