From 24457873366bbd23d71b364a63037f34c652c04a Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 25 Jun 2018 10:35:15 -0400 Subject: Add container and pod namespaces to configs Libpod namespaces are a way to logically separate groups of pods and containers within the state. Signed-off-by: Matthew Heon --- libpod/container.go | 8 ++++++++ libpod/options.go | 41 ++++++++++++++++++++++++++++++++++++++--- libpod/pod.go | 8 ++++++++ 3 files changed, 54 insertions(+), 3 deletions(-) (limited to 'libpod') diff --git a/libpod/container.go b/libpod/container.go index b4a1eeb12..456fc412d 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -185,6 +185,8 @@ type ContainerConfig struct { Name string `json:"name"` // Full ID of the pood the container belongs to Pod string `json:"pod,omitempty"` + // Namespace the container is in + Namespace string `json:"namespace,omitempty"` // TODO consider breaking these subsections up into smaller structs @@ -372,6 +374,12 @@ func (c *Container) PodID() string { return c.config.Pod } +// Namespace returns the libpod namespace the container is in. +// Namespaces are used to logically separate containers and pods in the state. +func (c *Container) Namespace() string { + return c.config.Namespace +} + // Image returns the ID and name of the image used as the container's rootfs func (c *Container) Image() (string, string) { return c.config.RootfsImageID, c.config.RootfsImageName diff --git a/libpod/options.go b/libpod/options.go index 718b44930..fb07d1edf 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -388,8 +388,9 @@ func WithStdin() CtrCreateOption { } // WithPod adds the container to a pod. -// Containers which join a pod can only join the namespaces of other containers -// in the same pod. +// Containers which join a pod can only join the Linux namespaces of other +// containers in the same pod. +// Containers can only join pods in the same libpod namespace. func (r *Runtime) WithPod(pod *Pod) CtrCreateOption { return func(ctr *Container) error { if ctr.valid { @@ -944,7 +945,8 @@ func WithCommand(command []string) CtrCreateOption { } } -// WithRootFS sets the rootfs for the container +// WithRootFS sets the rootfs for the container. +// This creates a container from a directory on disk and not an image. func WithRootFS(rootfs string) CtrCreateOption { return func(ctr *Container) error { if ctr.valid { @@ -961,6 +963,22 @@ func WithRootFS(rootfs string) CtrCreateOption { } } +// WithNamespace sets the namespace the container will be created in. +// Namespaces are used to create separate views of Podman's state - runtimes can +// join a specific namespace and see only containers and pods in that namespace. +// Empty string namespaces are allowed, and correspond to a lack of namespace. +func WithNamespace(ns string) CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return ErrCtrFinalized + } + + ctr.config.Namespace = ns + + return nil + } +} + // Pod Creation Options // WithPodName sets the name of the pod. @@ -1025,3 +1043,20 @@ func WithPodCgroups() PodCreateOption { return nil } } + +// WithPodNamespace sets the namespace for the created pod. +// Namespaces are used to create separate views of Podman's state - runtimes can +// join a specific namespace and see only containers and pods in that namespace. +// Empty string namespaces are allowed, and correspond to a lack of namespace. +// Containers must belong to the same namespace as the pod they join. +func WithPodNamespace(ns string) PodCreateOption { + return func(pod *Pod) error { + if pod.valid { + return ErrPodFinalized + } + + pod.config.Namespace = ns + + return nil + } +} diff --git a/libpod/pod.go b/libpod/pod.go index fb69787ed..a5b87f8b5 100644 --- a/libpod/pod.go +++ b/libpod/pod.go @@ -27,6 +27,8 @@ type Pod struct { type PodConfig struct { ID string `json:"id"` Name string `json:"name"` + // Namespace the pod is in + Namespace string `json:"namespace,omitempty"` // Labels contains labels applied to the pod Labels map[string]string `json:"labels"` @@ -58,6 +60,12 @@ func (p *Pod) Name() string { return p.config.Name } +// Namespace returns the pod's libpod namespace. +// Namespaces are used to logically separate containers and pods in the state. +func (p *Pod) Namespace() string { + return p.config.Namespace +} + // Labels returns the pod's labels func (p *Pod) Labels() map[string]string { labels := make(map[string]string) -- cgit v1.2.3-54-g00ecf