diff options
| author | haircommander <pehunt@redhat.com> | 2018-07-27 13:58:50 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-08-23 18:16:28 +0000 |
| commit | d5e690914dc78eca8664442e7677eb5004522bfd (patch) | |
| tree | 3f7ed30e4302c871c16126a0032b8a3d51c46f98 /libpod/container.go | |
| parent | 63dd200e7e47261454c7e55fed2ad972144e147f (diff) | |
| download | podman-d5e690914dc78eca8664442e7677eb5004522bfd.tar.gz podman-d5e690914dc78eca8664442e7677eb5004522bfd.tar.bz2 podman-d5e690914dc78eca8664442e7677eb5004522bfd.zip | |
Added option to share kernel namespaces in libpod and podman
A pause container is added to the pod if the user opts in. The default pause image and command can be overridden. Pause containers are ignored in ps unless the -a option is present. Pod inspect and pod ps show shared namespaces and pause container. A pause container can't be removed with podman rm, and a pod can be removed if it only has a pause container.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1187
Approved by: mheon
Diffstat (limited to 'libpod/container.go')
| -rw-r--r-- | libpod/container.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/libpod/container.go b/libpod/container.go index b79258c43..2e2d29899 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -252,6 +252,19 @@ type ContainerConfig struct { UTSNsCtr string `json:"utsNsCtr,omitempty"` CgroupNsCtr string `json:"cgroupNsCtr,omitempty"` + // Whether container shares an NS with the pod + // NetNsPod conflicts with the CreateNetNS bool + // {namespace}NsPod conflicts with {namespace}NsCtr + // The pause container will be considered dependencies of the given container + // It must be started before the given container is started + IPCNsPod bool `json:"ipcNsPod,omitempty"` + MountNsPod bool `json:"mountNsPod,omitempty"` + NetNsPod bool `json:"netNsPod,omitempty"` + PIDNsPod bool `json:"pidNsPod,omitempty"` + UserNsPod bool `json:"userNsPod,omitempty"` + UTSNsPod bool `json:"utsNsPod,omitempty"` + CgroupNsPod bool `json:"cgroupNsPod,omitempty"` + // IDs of dependency containers. // These containers must be started before this container is started. Dependencies []string @@ -328,6 +341,10 @@ type ContainerConfig struct { // LocalVolumes are the built-in volumes we get from the --volumes-from flag // It picks up the built-in volumes of the container used by --volumes-from LocalVolumes []string + + // IsPause is a bool indicating whether this container is a pause container used for + // sharing kernel namespaces in a pod + IsPause bool `json:"pause"` } // ContainerStatus returns a string representation for users @@ -956,3 +973,8 @@ func (c *Container) RootGID() int { } return 0 } + +// IsPause returns whether the container is a pause container +func (c *Container) IsPause() bool { + return c.config.IsPause +} |