package opts

import "github.com/containerd/containerd/pkg/cri/opts"

Index

Constants 

const DefaultSandboxCPUshares = 2

DefaultSandboxCPUshares is default cpu shares for sandbox container. TODO(windows): Revisit cpu shares for windows (https://github.com/containerd/cri/issues/1297)

Functions

func GetIPCNamespace 

func GetIPCNamespace(pid uint32) string

GetIPCNamespace returns the ipc namespace of a process.

func GetNetworkNamespace 

func GetNetworkNamespace(pid uint32) string

GetNetworkNamespace returns the network namespace of a process.

func GetPIDNamespace 

func GetPIDNamespace(pid uint32) string

GetPIDNamespace returns the pid namespace of a process.

func GetUTSNamespace 

func GetUTSNamespace(pid uint32) string

GetUTSNamespace returns the uts namespace of a process.

func GetUserNamespace 

func GetUserNamespace(pid uint32) string

GetUserNamespace returns the user namespace of a process.

func SwapControllerAvailable 

func SwapControllerAvailable() bool

func WithAdditionalGIDs 

func WithAdditionalGIDs(userstr string) oci.SpecOpts

WithAdditionalGIDs adds any additional groups listed for a particular user in the /etc/groups file of the image's root filesystem to the OCI spec's additionalGids array.

func WithAnnotation 

func WithAnnotation(k, v string) oci.SpecOpts

WithAnnotation sets the provided annotation

func WithCDI 

func WithCDI(_ map[string]string) oci.SpecOpts

WithCDI does nothing on non Linux platforms.

func WithCapabilities 

func WithCapabilities(sc *runtime.LinuxContainerSecurityContext, allCaps []string) oci.SpecOpts

WithCapabilities sets the provided capabilities from the security context

func WithContainerdShimCgroup 

func WithContainerdShimCgroup(path string) containerd.NewTaskOpts

WithContainerdShimCgroup returns function that sets the containerd shim cgroup path

func WithDarwinMounts 

func WithDarwinMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*runtime.Mount) oci.SpecOpts

WithDarwinMounts adds mounts from CRI's container config + extra mounts.

func WithDefaultSandboxShares 

func WithDefaultSandboxShares(ctx context.Context, client oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithDefaultSandboxShares sets the default sandbox CPU shares

func WithDevices 

func WithDevices(osi osinterface.OS, config *runtime.ContainerConfig, enableDeviceOwnershipFromSecurityContext bool) oci.SpecOpts

WithDevices sets the provided devices onto the container spec

func WithDisabledCgroups 

func WithDisabledCgroups(_ context.Context, _ oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithDisabledCgroups clears the Cgroups Path from the spec

func WithMounts 

func WithMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*runtime.Mount, mountLabel string) oci.SpecOpts

WithMounts sorts and adds runtime and CRI mounts to the spec

func WithNewSnapshot 

func WithNewSnapshot(id string, i containerd.Image, opts ...snapshots.Opt) containerd.NewContainerOpts

WithNewSnapshot wraps `containerd.WithNewSnapshot` so that if creating the snapshot fails we make sure the image is actually unpacked and retry.

func WithOOMScoreAdj 

func WithOOMScoreAdj(config *runtime.ContainerConfig, restrict bool) oci.SpecOpts

WithOOMScoreAdj sets the oom score

func WithPodNamespaces 

func WithPodNamespaces(config *runtime.LinuxContainerSecurityContext, sandboxPid uint32, targetPid uint32, uids, gids []runtimespec.LinuxIDMapping) oci.SpecOpts

WithPodNamespaces sets the pod namespaces for the container

func WithPodOOMScoreAdj 

func WithPodOOMScoreAdj(adj int, restrict bool) oci.SpecOpts

WithPodOOMScoreAdj sets the oom score for the pod sandbox

func WithProcessArgs 

func WithProcessArgs(config *runtime.ContainerConfig, image *imagespec.ImageConfig) oci.SpecOpts

WithProcessArgs sets the process args on the spec based on the image and runtime config

func WithProcessCommandLineOrArgsForWindows 

func WithProcessCommandLineOrArgsForWindows(config *runtime.ContainerConfig, image *imagespec.ImageConfig) oci.SpecOpts

WithProcessCommandLineOrArgsForWindows sets the process command line or process args on the spec based on the image and runtime config If image.ArgsEscaped field is set, this function sets the process command line and if not, it sets the process args field

func WithRelativeRoot 

func WithRelativeRoot(root string) oci.SpecOpts

WithRelativeRoot sets the root for the container

func WithResources 

func WithResources(resources *runtime.LinuxContainerResources, tolerateMissingHugetlbController, disableHugetlbController bool) oci.SpecOpts

WithResources sets the provided resource restrictions

func WithSelinuxLabels 

func WithSelinuxLabels(process, mount string) oci.SpecOpts

WithSelinuxLabels sets the mount and process labels

func WithSupplementalGroups 

func WithSupplementalGroups(groups []int64) oci.SpecOpts

WithSupplementalGroups sets the supplemental groups for the process

func WithSysctls 

func WithSysctls(sysctls map[string]string) oci.SpecOpts

WithSysctls sets the provided sysctls onto the spec

func WithVolumes 

func WithVolumes(volumeMounts map[string]string) containerd.NewContainerOpts

WithVolumes copies ownership of volume in rootfs to its corresponding host path. It doesn't update runtime spec. The passed in map is a host path to container path map for all volumes.

func WithWindowsCredentialSpec 

func WithWindowsCredentialSpec(credentialSpec string) oci.SpecOpts

WithWindowsCredentialSpec assigns `credentialSpec` to the `runtime.Spec.Windows.CredentialSpec` field.

func WithWindowsDefaultSandboxShares 

func WithWindowsDefaultSandboxShares(ctx context.Context, client oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithWindowsDefaultSandboxShares sets the default sandbox CPU shares

func WithWindowsDevices 

func WithWindowsDevices(config *runtime.ContainerConfig) oci.SpecOpts

WithWindowsDevices sets the provided devices onto the container spec

func WithWindowsMounts 

func WithWindowsMounts(osi osinterface.OS, config *runtime.ContainerConfig, extra []*runtime.Mount) oci.SpecOpts

WithWindowsMounts sorts and adds runtime and CRI mounts to the spec for windows container.

func WithWindowsResources 

func WithWindowsResources(resources *runtime.WindowsContainerResources) oci.SpecOpts

WithWindowsResources sets the provided resource restrictions for windows.

func WithoutAmbientCaps 

func WithoutAmbientCaps(_ context.Context, _ oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithoutAmbientCaps removes the ambient caps from the spec

func WithoutDefaultSecuritySettings 

func WithoutDefaultSecuritySettings(_ context.Context, _ oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithoutDefaultSecuritySettings removes the default security settings generated on a spec

func WithoutNamespace 

func WithoutNamespace(t runtimespec.LinuxNamespaceType) oci.SpecOpts

WithoutNamespace removes the provided namespace

func WithoutRoot 

func WithoutRoot(ctx context.Context, client oci.Client, c *containers.Container, s *runtimespec.Spec) error

WithoutRoot sets the root to nil for the container.

Source Files

container.go spec_darwin_opts.go spec_linux_opts.go spec_nonlinux.go spec_opts.go spec_windows.go spec_windows_opts.go task.go

Version
v1.7.9
Published
Nov 16, 2023
Platform
windows/amd64
Imports
26 packages
Last checked
1 day ago

Tools for package owners.