-
Notifications
You must be signed in to change notification settings - Fork 57
/
client.go
198 lines (168 loc) · 8.07 KB
/
client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
package garden
import "time"
//go:generate counterfeiter . Client
type Client interface {
// Pings the garden server. Checks connectivity to the server. The server may, optionally, respond with specific
// errors indicating health issues.
//
// Errors:
// * garden.UnrecoverableError indicates that the garden server has entered an error state from which it cannot recover
Ping() error
// Capacity returns the physical capacity of the server's machine.
//
// Errors:
// * None.
Capacity() (Capacity, error)
// Create creates a new container.
//
// Errors:
// * When the handle, if specified, is already taken.
// * When one of the bind_mount paths does not exist.
// * When resource allocations fail (subnet, user ID, etc).
Create(ContainerSpec) (Container, error)
// Destroy destroys a container.
//
// When a container is destroyed, its resource allocations are released,
// its filesystem is removed, and all references to its handle are removed.
//
// All resources that have been acquired during the lifetime of the container are released.
// Examples of these resources are its subnet, its UID, and ports that were redirected to the container.
//
// TODO: list the resources that can be acquired during the lifetime of a container.
//
// Errors:
// * TODO.
Destroy(handle string) error
// Containers lists all containers filtered by Properties (which are ANDed together).
//
// Errors:
// * None.
Containers(Properties) ([]Container, error)
// BulkInfo returns info or error for a list of containers.
BulkInfo(handles []string) (map[string]ContainerInfoEntry, error)
// BulkMetrics returns metrics or error for a list of containers.
BulkMetrics(handles []string) (map[string]ContainerMetricsEntry, error)
// Lookup returns the container with the specified handle.
//
// Errors:
// * Container not found.
Lookup(handle string) (Container, error)
}
// ContainerSpec specifies the parameters for creating a container. All parameters are optional.
type ContainerSpec struct {
// Handle, if specified, is used to refer to the
// container in future requests. If it is not specified,
// garden uses its internal container ID as the container handle.
Handle string `json:"handle,omitempty"`
// GraceTime can be used to specify how long a container can go
// unreferenced by any client connection. After this time, the container will
// automatically be destroyed. If not specified, the container will be
// subject to the globally configured grace time.
GraceTime time.Duration `json:"grace_time,omitempty"`
// RootFSPath is a URI referring to the root file system for the container.
// The URI scheme must either be the empty string or "docker".
//
// A URI with an empty scheme determines the path of a root file system.
// If this path is empty, a default root file system is used.
// Other parts of the URI are ignored.
//
// A URI with scheme "docker" refers to a Docker image. The path in the URI
// (without the leading /) identifies a Docker image as the repository name
// in the default Docker registry. If a fragment is specified in the URI, this
// determines the tag associated with the image.
// If a host is specified in the URI, this determines the Docker registry to use.
// If no host is specified in the URI, a default Docker registry is used.
// Other parts of the URI are ignored.
//
// Examples:
// * "/some/path"
// * "docker:///onsi/grace-busybox"
// * "docker://index.docker.io/busybox"
RootFSPath string `json:"rootfs,omitempty"`
// * bind_mounts: a list of mount point descriptions which will result in corresponding mount
// points being created in the container's file system.
//
// An error is returned if:
// * one or more of the mount points has a non-existent source directory, or
// * one or more of the mount points cannot be created.
BindMounts []BindMount `json:"bind_mounts,omitempty"`
// Network determines the subnet and IP address of a container.
//
// If not specified, a /30 subnet is allocated from a default network pool.
//
// If specified, it takes the form a.b.c.d/n where a.b.c.d is an IP address and n is the number of
// bits in the network prefix. a.b.c.d masked by the first n bits is the network address of a subnet
// called the subnet address. If the remaining bits are zero (i.e. a.b.c.d *is* the subnet address),
// the container is allocated an unused IP address from the subnet. Otherwise, the container is given
// the IP address a.b.c.d.
//
// The container IP address cannot be the subnet address or the broadcast address of the subnet
// (all non prefix bits set) or the address one less than the broadcast address (which is reserved).
//
// Multiple containers may share a subnet by passing the same subnet address on the corresponding
// create calls. Containers on the same subnet can communicate with each other over IP
// without restriction. In particular, they are not affected by packet filtering.
//
// Note that a container can use TCP, UDP, and ICMP, although its external access is governed
// by filters (see Container.NetOut()) and by any implementation-specific filters.
//
// An error is returned if:
// * the IP address cannot be allocated or is already in use,
// * the subnet specified overlaps the default network pool, or
// * the subnet specified overlaps (but does not equal) a subnet that has
// already had a container allocated from it.
Network string `json:"network,omitempty"`
// Properties is a sequence of string key/value pairs providing arbitrary
// data about the container. The keys are assumed to be unique but this is not
// enforced via the protocol.
Properties Properties `json:"properties,omitempty"`
// TODO
Env []string `json:"env,omitempty"`
// If Privileged is true the container does not have a user namespace and the root user in the container
// is the same as the root user in the host. Otherwise, the container has a user namespace and the root
// user in the container is mapped to a non-root user in the host. Defaults to false.
Privileged bool `json:"privileged,omitempty"`
// Limits to be applied to the newly created container.
Limits Limits `json:"limits,omitempty"`
}
type Limits struct {
Bandwidth BandwidthLimits `json:"bandwidth_limits,omitempty"`
CPU CPULimits `json:"cpu_limits,omitempty"`
Disk DiskLimits `json:"disk_limits,omitempty"`
Memory MemoryLimits `json:"memory_limits,omitempty"`
Pid PidLimits `json:"pid_limits,omitempty"`
}
// BindMount specifies parameters for a single mount point.
//
// Each mount point is mounted (with the bind option) into the container's file system.
// The effective permissions of the mount point are the permissions of the source directory if the mode
// is read-write and the permissions of the source directory with the write bits turned off if the mode
// of the mount point is read-only.
type BindMount struct {
// SrcPath contains the path of the directory to be mounted.
SrcPath string `json:"src_path,omitempty"`
// DstPath contains the path of the mount point in the container. If the
// directory does not exist, it is created.
DstPath string `json:"dst_path,omitempty"`
// Mode must be either "RO" or "RW". Alternatively, mode may be omitted and defaults to RO.
// If mode is "RO", a read-only mount point is created.
// If mode is "RW", a read-write mount point is created.
Mode BindMountMode `json:"mode,omitempty"`
// BindMountOrigin must be either "Host" or "Container". Alternatively, origin may be omitted and
// defaults to "Host".
// If origin is "Host", src_path denotes a path in the host.
// If origin is "Container", src_path denotes a path in the container.
Origin BindMountOrigin `json:"origin,omitempty"`
}
type Capacity struct {
MemoryInBytes uint64 `json:"memory_in_bytes,omitempty"`
DiskInBytes uint64 `json:"disk_in_bytes,omitempty"`
MaxContainers uint64 `json:"max_containers,omitempty"`
}
type Properties map[string]string
type BindMountMode uint8
const BindMountModeRO BindMountMode = 0
const BindMountModeRW BindMountMode = 1
type BindMountOrigin uint8
const BindMountOriginHost BindMountOrigin = 0
const BindMountOriginContainer BindMountOrigin = 1