runconfig/hostconfig.go - third_party/github.com/moby/moby - Git at Google

 package runconfig

 import (
 	"encoding/json"
 	"io"
 	"strings"

 	"github.com/docker/docker/pkg/nat"
 	"github.com/docker/docker/pkg/stringutils"
 	"github.com/docker/docker/pkg/ulimit"
 )

 // KeyValuePair is a structure that hold a value for a key.
 type KeyValuePair struct {
 	Key   string
 	Value string
 }

 // NetworkMode represents the container network stack.
 type NetworkMode string

 // IpcMode represents the container ipc stack.
 type IpcMode string

 // IsPrivate indicates whether the container uses it's private ipc stack.
 func (n IpcMode) IsPrivate() bool {
 	return !(n.IsHost() || n.IsContainer())
 }

 // IsHost indicates whether the container uses the host's ipc stack.
 func (n IpcMode) IsHost() bool {
 	return n == "host"
 }

 // IsContainer indicates whether the container uses a container's ipc stack.
 func (n IpcMode) IsContainer() bool {
 	parts := strings.SplitN(string(n), ":", 2)
 	return len(parts) > 1 && parts[0] == "container"
 }

 // Valid indicates whether the ipc stack is valid.
 func (n IpcMode) Valid() bool {
 	parts := strings.Split(string(n), ":")
 	switch mode := parts[0]; mode {
 	case "", "host":
 	case "container":
 		if len(parts) != 2 || parts[1] == "" {
 			return false
 		}
 	default:
 		return false
 	}
 	return true
 }

 // Container returns the name of the container ipc stack is going to be used.
 func (n IpcMode) Container() string {
 	parts := strings.SplitN(string(n), ":", 2)
 	if len(parts) > 1 {
 		return parts[1]
 	}
 	return ""
 }

 // UTSMode represents the UTS namespace of the container.
 type UTSMode string

 // IsPrivate indicates whether the container uses it's private UTS namespace.
 func (n UTSMode) IsPrivate() bool {
 	return !(n.IsHost())
 }

 // IsHost indicates whether the container uses the host's UTS namespace.
 func (n UTSMode) IsHost() bool {
 	return n == "host"
 }

 // Valid indicates whether the UTS namespace is valid.
 func (n UTSMode) Valid() bool {
 	parts := strings.Split(string(n), ":")
 	switch mode := parts[0]; mode {
 	case "", "host":
 	default:
 		return false
 	}
 	return true
 }

 // PidMode represents the pid stack of the container.
 type PidMode string

 // IsPrivate indicates whether the container uses it's private pid stack.
 func (n PidMode) IsPrivate() bool {
 	return !(n.IsHost())
 }

 // IsHost indicates whether the container uses the host's pid stack.
 func (n PidMode) IsHost() bool {
 	return n == "host"
 }

 // Valid indicates whether the pid stack is valid.
 func (n PidMode) Valid() bool {
 	parts := strings.Split(string(n), ":")
 	switch mode := parts[0]; mode {
 	case "", "host":
 	default:
 		return false
 	}
 	return true
 }

 // DeviceMapping represents the device mapping between the host and the container.
 type DeviceMapping struct {
 	PathOnHost        string
 	PathInContainer   string
 	CgroupPermissions string
 }

 // RestartPolicy represents the restart policies of the container.
 type RestartPolicy struct {
 	Name              string
 	MaximumRetryCount int
 }

 // IsNone indicates whether the container has the "no" restart policy.
 // This means the container will not automatically restart when exiting.
 func (rp *RestartPolicy) IsNone() bool {
 	return rp.Name == "no"
 }

 // IsAlways indicates whether the container has the "always" restart policy.
 // This means the container will automatically restart regardless of the exit status.
 func (rp *RestartPolicy) IsAlways() bool {
 	return rp.Name == "always"
 }

 // IsOnFailure indicates whether the container has the "on-failure" restart policy.
 // This means the contain will automatically restart of exiting with a non-zero exit status.
 func (rp *RestartPolicy) IsOnFailure() bool {
 	return rp.Name == "on-failure"
 }

 // IsUnlessStopped indicates whether the container has the
 // "unless-stopped" restart policy. This means the container will
 // automatically restart unless user has put it to stopped state.
 func (rp *RestartPolicy) IsUnlessStopped() bool {
 	return rp.Name == "unless-stopped"
 }

 // LogConfig represents the logging configuration of the container.
 type LogConfig struct {
 	Type   string
 	Config map[string]string
 }

 // LxcConfig represents the specific LXC configuration of the container.
 type LxcConfig struct {
 	values []KeyValuePair
 }

 // MarshalJSON marshals (or serializes) the LxcConfig into JSON.
 func (c *LxcConfig) MarshalJSON() ([]byte, error) {
 	if c == nil {
 		return []byte{}, nil
 	}
 	return json.Marshal(c.Slice())
 }

 // UnmarshalJSON unmarshals (or deserializes) the specified byte slices from JSON to
 // a LxcConfig.
 func (c *LxcConfig) UnmarshalJSON(b []byte) error {
 	if len(b) == 0 {
 		return nil
 	}

 	var kv []KeyValuePair
 	if err := json.Unmarshal(b, &kv); err != nil {
 		var h map[string]string
 		if err := json.Unmarshal(b, &h); err != nil {
 			return err
 		}
 		for k, v := range h {
 			kv = append(kv, KeyValuePair{k, v})
 		}
 	}
 	c.values = kv

 	return nil
 }

 // Len returns the number of specific lxc configuration.
 func (c *LxcConfig) Len() int {
 	if c == nil {
 		return 0
 	}
 	return len(c.values)
 }

 // Slice returns the specific lxc configuration into a slice of KeyValuePair.
 func (c *LxcConfig) Slice() []KeyValuePair {
 	if c == nil {
 		return nil
 	}
 	return c.values
 }

 // NewLxcConfig creates a LxcConfig from the specified slice of KeyValuePair.
 func NewLxcConfig(values []KeyValuePair) *LxcConfig {
 	return &LxcConfig{values}
 }

 // HostConfig the non-portable Config structure of a container.
 // Here, "non-portable" means "dependent of the host we are running on".
 // Portable information *should* appear in Config.
 type HostConfig struct {
 	Binds             []string              // List of volume bindings for this container
 	ContainerIDFile   string                // File (path) where the containerId is written
 	LxcConf           *LxcConfig            // Additional lxc configuration
 	Memory            int64                 // Memory limit (in bytes)
 	MemoryReservation int64                 // Memory soft limit (in bytes)
 	MemorySwap        int64                 // Total memory usage (memory + swap); set `-1` to disable swap
 	KernelMemory      int64                 // Kernel memory limit (in bytes)
 	CPUShares         int64                 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
 	CPUPeriod         int64                 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period
 	CpusetCpus        string                // CpusetCpus 0-2, 0,1
 	CpusetMems        string                // CpusetMems 0-2, 0,1
 	CPUQuota          int64                 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota
 	BlkioWeight       uint16                // Block IO weight (relative weight vs. other containers)
 	OomKillDisable    bool                  // Whether to disable OOM Killer or not
 	MemorySwappiness  *int64                // Tuning container memory swappiness behaviour
 	Privileged        bool                  // Is the container in privileged mode
 	PortBindings      nat.PortMap           // Port mapping between the exposed port (container) and the host
 	Links             []string              // List of links (in the name:alias form)
 	PublishAllPorts   bool                  // Should docker publish all exposed port for the container
 	DNS               []string              `json:"Dns"`        // List of DNS server to lookup
 	DNSOptions        []string              `json:"DnsOptions"` // List of DNSOption to look for
 	DNSSearch         []string              `json:"DnsSearch"`  // List of DNSSearch to look for
 	ExtraHosts        []string              // List of extra hosts
 	VolumesFrom       []string              // List of volumes to take from other container
 	Devices           []DeviceMapping       // List of devices to map inside the container
 	NetworkMode       NetworkMode           // Network namespace to use for the container
 	IpcMode           IpcMode               // IPC namespace to use for the container
 	PidMode           PidMode               // PID namespace to use for the container
 	UTSMode           UTSMode               // UTS namespace to use for the container
 	CapAdd            *stringutils.StrSlice // List of kernel capabilities to add to the container
 	CapDrop           *stringutils.StrSlice // List of kernel capabilities to remove from the container
 	GroupAdd          []string              // List of additional groups that the container process will run as
 	RestartPolicy     RestartPolicy         // Restart policy to be used for the container
 	SecurityOpt       []string              // List of string values to customize labels for MLS systems, such as SELinux.
 	ReadonlyRootfs    bool                  // Is the container root filesystem in read-only
 	Ulimits           []*ulimit.Ulimit      // List of ulimits to be set in the container
 	LogConfig         LogConfig             // Configuration of the logs for this container
 	CgroupParent      string                // Parent cgroup.
 	ConsoleSize       [2]int                // Initial console size on Windows
 	VolumeDriver      string                // Name of the volume driver used to mount volumes
 }

 // DecodeHostConfig creates a HostConfig based on the specified Reader.
 // It assumes the content of the reader will be JSON, and decodes it.
 func DecodeHostConfig(src io.Reader) (*HostConfig, error) {
 	decoder := json.NewDecoder(src)

 	var w ContainerConfigWrapper
 	if err := decoder.Decode(&w); err != nil {
 		return nil, err
 	}

 	hc := w.getHostConfig()
 	return hc, nil
 }

 // SetDefaultNetModeIfBlank changes the NetworkMode in a HostConfig structure
 // to default if it is not populated. This ensures backwards compatibility after
 // the validation of the network mode was moved from the docker CLI to the
 // docker daemon.
 func SetDefaultNetModeIfBlank(hc *HostConfig) *HostConfig {
 	if hc != nil {
 		if hc.NetworkMode == NetworkMode("") {
 			hc.NetworkMode = NetworkMode("default")
 		}
 	}
 	return hc
 }
	package runconfig

	import (
	"encoding/json"
	"io"
	"strings"

	"github.com/docker/docker/pkg/nat"
	"github.com/docker/docker/pkg/stringutils"
	"github.com/docker/docker/pkg/ulimit"
	)

	// KeyValuePair is a structure that hold a value for a key.
	type KeyValuePair struct {
	Key string
	Value string
	}

	// NetworkMode represents the container network stack.
	type NetworkMode string

	// IpcMode represents the container ipc stack.
	type IpcMode string

	// IsPrivate indicates whether the container uses it's private ipc stack.
	func (n IpcMode) IsPrivate() bool {
	return !(n.IsHost() \|\| n.IsContainer())
	}

	// IsHost indicates whether the container uses the host's ipc stack.
	func (n IpcMode) IsHost() bool {
	return n == "host"
	}

	// IsContainer indicates whether the container uses a container's ipc stack.
	func (n IpcMode) IsContainer() bool {
	parts := strings.SplitN(string(n), ":", 2)
	return len(parts) > 1 && parts[0] == "container"
	}

	// Valid indicates whether the ipc stack is valid.
	func (n IpcMode) Valid() bool {
	parts := strings.Split(string(n), ":")
	switch mode := parts[0]; mode {
	case "", "host":
	case "container":
	if len(parts) != 2 \|\| parts[1] == "" {
	return false
	}
	default:
	return false
	}
	return true
	}

	// Container returns the name of the container ipc stack is going to be used.
	func (n IpcMode) Container() string {
	parts := strings.SplitN(string(n), ":", 2)
	if len(parts) > 1 {
	return parts[1]
	}
	return ""
	}

	// UTSMode represents the UTS namespace of the container.
	type UTSMode string

	// IsPrivate indicates whether the container uses it's private UTS namespace.
	func (n UTSMode) IsPrivate() bool {
	return !(n.IsHost())
	}

	// IsHost indicates whether the container uses the host's UTS namespace.
	func (n UTSMode) IsHost() bool {
	return n == "host"
	}

	// Valid indicates whether the UTS namespace is valid.
	func (n UTSMode) Valid() bool {
	parts := strings.Split(string(n), ":")
	switch mode := parts[0]; mode {
	case "", "host":
	default:
	return false
	}
	return true
	}

	// PidMode represents the pid stack of the container.
	type PidMode string

	// IsPrivate indicates whether the container uses it's private pid stack.
	func (n PidMode) IsPrivate() bool {
	return !(n.IsHost())
	}

	// IsHost indicates whether the container uses the host's pid stack.
	func (n PidMode) IsHost() bool {
	return n == "host"
	}

	// Valid indicates whether the pid stack is valid.
	func (n PidMode) Valid() bool {
	parts := strings.Split(string(n), ":")
	switch mode := parts[0]; mode {
	case "", "host":
	default:
	return false
	}
	return true
	}

	// DeviceMapping represents the device mapping between the host and the container.
	type DeviceMapping struct {
	PathOnHost string
	PathInContainer string
	CgroupPermissions string
	}

	// RestartPolicy represents the restart policies of the container.
	type RestartPolicy struct {
	Name string
	MaximumRetryCount int
	}

	// IsNone indicates whether the container has the "no" restart policy.
	// This means the container will not automatically restart when exiting.
	func (rp *RestartPolicy) IsNone() bool {
	return rp.Name == "no"
	}

	// IsAlways indicates whether the container has the "always" restart policy.
	// This means the container will automatically restart regardless of the exit status.
	func (rp *RestartPolicy) IsAlways() bool {
	return rp.Name == "always"
	}

	// IsOnFailure indicates whether the container has the "on-failure" restart policy.
	// This means the contain will automatically restart of exiting with a non-zero exit status.
	func (rp *RestartPolicy) IsOnFailure() bool {
	return rp.Name == "on-failure"
	}

	// IsUnlessStopped indicates whether the container has the
	// "unless-stopped" restart policy. This means the container will
	// automatically restart unless user has put it to stopped state.
	func (rp *RestartPolicy) IsUnlessStopped() bool {
	return rp.Name == "unless-stopped"
	}

	// LogConfig represents the logging configuration of the container.
	type LogConfig struct {
	Type string
	Config map[string]string
	}

	// LxcConfig represents the specific LXC configuration of the container.
	type LxcConfig struct {
	values []KeyValuePair
	}

	// MarshalJSON marshals (or serializes) the LxcConfig into JSON.
	func (c *LxcConfig) MarshalJSON() ([]byte, error) {
	if c == nil {
	return []byte{}, nil
	}
	return json.Marshal(c.Slice())
	}

	// UnmarshalJSON unmarshals (or deserializes) the specified byte slices from JSON to
	// a LxcConfig.
	func (c *LxcConfig) UnmarshalJSON(b []byte) error {
	if len(b) == 0 {
	return nil
	}

	var kv []KeyValuePair
	if err := json.Unmarshal(b, &kv); err != nil {
	var h map[string]string
	if err := json.Unmarshal(b, &h); err != nil {
	return err
	}
	for k, v := range h {
	kv = append(kv, KeyValuePair{k, v})
	}
	}
	c.values = kv

	return nil
	}

	// Len returns the number of specific lxc configuration.
	func (c *LxcConfig) Len() int {
	if c == nil {
	return 0
	}
	return len(c.values)
	}

	// Slice returns the specific lxc configuration into a slice of KeyValuePair.
	func (c *LxcConfig) Slice() []KeyValuePair {
	if c == nil {
	return nil
	}
	return c.values
	}

	// NewLxcConfig creates a LxcConfig from the specified slice of KeyValuePair.
	func NewLxcConfig(values []KeyValuePair) *LxcConfig {
	return &LxcConfig{values}
	}

	// HostConfig the non-portable Config structure of a container.
	// Here, "non-portable" means "dependent of the host we are running on".
	// Portable information should appear in Config.
	type HostConfig struct {
	Binds []string // List of volume bindings for this container
	ContainerIDFile string // File (path) where the containerId is written
	LxcConf *LxcConfig // Additional lxc configuration
	Memory int64 // Memory limit (in bytes)
	MemoryReservation int64 // Memory soft limit (in bytes)
	MemorySwap int64 // Total memory usage (memory + swap); set `-1` to disable swap
	KernelMemory int64 // Kernel memory limit (in bytes)
	CPUShares int64 `json:"CpuShares"` // CPU shares (relative weight vs. other containers)
	CPUPeriod int64 `json:"CpuPeriod"` // CPU CFS (Completely Fair Scheduler) period
	CpusetCpus string // CpusetCpus 0-2, 0,1
	CpusetMems string // CpusetMems 0-2, 0,1
	CPUQuota int64 `json:"CpuQuota"` // CPU CFS (Completely Fair Scheduler) quota
	BlkioWeight uint16 // Block IO weight (relative weight vs. other containers)
	OomKillDisable bool // Whether to disable OOM Killer or not
	MemorySwappiness *int64 // Tuning container memory swappiness behaviour
	Privileged bool // Is the container in privileged mode
	PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host
	Links []string // List of links (in the name:alias form)
	PublishAllPorts bool // Should docker publish all exposed port for the container
	DNS []string `json:"Dns"` // List of DNS server to lookup
	DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for
	DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for
	ExtraHosts []string // List of extra hosts
	VolumesFrom []string // List of volumes to take from other container
	Devices []DeviceMapping // List of devices to map inside the container
	NetworkMode NetworkMode // Network namespace to use for the container
	IpcMode IpcMode // IPC namespace to use for the container
	PidMode PidMode // PID namespace to use for the container
	UTSMode UTSMode // UTS namespace to use for the container
	CapAdd *stringutils.StrSlice // List of kernel capabilities to add to the container
	CapDrop *stringutils.StrSlice // List of kernel capabilities to remove from the container
	GroupAdd []string // List of additional groups that the container process will run as
	RestartPolicy RestartPolicy // Restart policy to be used for the container
	SecurityOpt []string // List of string values to customize labels for MLS systems, such as SELinux.
	ReadonlyRootfs bool // Is the container root filesystem in read-only
	Ulimits []*ulimit.Ulimit // List of ulimits to be set in the container
	LogConfig LogConfig // Configuration of the logs for this container
	CgroupParent string // Parent cgroup.
	ConsoleSize [2]int // Initial console size on Windows
	VolumeDriver string // Name of the volume driver used to mount volumes
	}

	// DecodeHostConfig creates a HostConfig based on the specified Reader.
	// It assumes the content of the reader will be JSON, and decodes it.
	func DecodeHostConfig(src io.Reader) (*HostConfig, error) {
	decoder := json.NewDecoder(src)

	var w ContainerConfigWrapper
	if err := decoder.Decode(&w); err != nil {
	return nil, err
	}

	hc := w.getHostConfig()
	return hc, nil
	}

	// SetDefaultNetModeIfBlank changes the NetworkMode in a HostConfig structure
	// to default if it is not populated. This ensures backwards compatibility after
	// the validation of the network mode was moved from the docker CLI to the
	// docker daemon.
	func SetDefaultNetModeIfBlank(hc HostConfig) HostConfig {
	if hc != nil {
	if hc.NetworkMode == NetworkMode("") {
	hc.NetworkMode = NetworkMode("default")
	}
	}
	return hc
	}