diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2018-07-25 08:47:35 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-07-25 08:47:35 -0400 |
commit | c90b7400a8b9ffc77de69ad3aae1754ac006ba21 (patch) | |
tree | 80f5a45ff74c22d8571710df1febd7b25f5b3aaa /libpod/options.go | |
parent | 32b690e90298f3c17e71c08d87e9727cfce8d3fb (diff) | |
parent | 1b51e88098e0c77cddd8de3484ef56965352bcf3 (diff) | |
download | podman-c90b7400a8b9ffc77de69ad3aae1754ac006ba21.tar.gz podman-c90b7400a8b9ffc77de69ad3aae1754ac006ba21.tar.bz2 podman-c90b7400a8b9ffc77de69ad3aae1754ac006ba21.zip |
Merge pull request #1116 from mheon/namespaces
Add Pod and Container namespaces
Diffstat (limited to 'libpod/options.go')
-rw-r--r-- | libpod/options.go | 61 |
1 files changed, 58 insertions, 3 deletions
diff --git a/libpod/options.go b/libpod/options.go index 718b44930..7bb4a3632 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -284,6 +284,26 @@ func WithCNIPluginDir(dir string) RuntimeOption { } } +// WithNamespace sets the namespace for libpod. +// Namespaces are used to create scopes to separate containers and pods +// in the state. +// When namespace is set, libpod will only view containers and pods in +// the same namespace. All containers and pods created will default to +// the namespace set here. +// A namespace of "", the empty string, is equivalent to no namespace, +// and all containers and pods will be visible. +func WithNamespace(ns string) RuntimeOption { + return func(rt *Runtime) error { + if rt.valid { + return ErrRuntimeFinalized + } + + rt.config.Namespace = ns + + return nil + } +} + // Container Creation Options // WithShmDir sets the directory that should be mounted on /dev/shm. @@ -388,8 +408,9 @@ func WithStdin() CtrCreateOption { } // WithPod adds the container to a pod. -// Containers which join a pod can only join the namespaces of other containers -// in the same pod. +// Containers which join a pod can only join the Linux namespaces of other +// containers in the same pod. +// Containers can only join pods in the same libpod namespace. func (r *Runtime) WithPod(pod *Pod) CtrCreateOption { return func(ctr *Container) error { if ctr.valid { @@ -944,7 +965,8 @@ func WithCommand(command []string) CtrCreateOption { } } -// WithRootFS sets the rootfs for the container +// WithRootFS sets the rootfs for the container. +// This creates a container from a directory on disk and not an image. func WithRootFS(rootfs string) CtrCreateOption { return func(ctr *Container) error { if ctr.valid { @@ -961,6 +983,22 @@ func WithRootFS(rootfs string) CtrCreateOption { } } +// WithCtrNamespace sets the namespace the container will be created in. +// Namespaces are used to create separate views of Podman's state - runtimes can +// join a specific namespace and see only containers and pods in that namespace. +// Empty string namespaces are allowed, and correspond to a lack of namespace. +func WithCtrNamespace(ns string) CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return ErrCtrFinalized + } + + ctr.config.Namespace = ns + + return nil + } +} + // Pod Creation Options // WithPodName sets the name of the pod. @@ -1025,3 +1063,20 @@ func WithPodCgroups() PodCreateOption { return nil } } + +// WithPodNamespace sets the namespace for the created pod. +// Namespaces are used to create separate views of Podman's state - runtimes can +// join a specific namespace and see only containers and pods in that namespace. +// Empty string namespaces are allowed, and correspond to a lack of namespace. +// Containers must belong to the same namespace as the pod they join. +func WithPodNamespace(ns string) PodCreateOption { + return func(pod *Pod) error { + if pod.valid { + return ErrPodFinalized + } + + pod.config.Namespace = ns + + return nil + } +} |