singularity

package
v3.1.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 2, 2019 License: BSD-3-Clause Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const Name = "singularity"

Name is the name of the runtime.

Variables

This section is empty.

Functions

This section is empty.

Types

type EngineConfig 

type EngineConfig struct {
	JSON      *JSONConfig      `json:"jsonConfig"`
	OciConfig *oci.Config      `json:"ociConfig"`
	File      *FileConfig      `json:"-"`
	Network   *network.Setup   `json:"-"`
	Cgroups   *cgroups.Manager `json:"-"`
}

EngineConfig stores both the JSONConfig and the FileConfig

func NewConfig 

func NewConfig() *EngineConfig

NewConfig returns singularity.EngineConfig with a parsed FileConfig

func (*EngineConfig) GetAddCaps 

func (e *EngineConfig) GetAddCaps() string

GetAddCaps retrieves bounding/effective/permitted/inheritable/ambient capabilities to add.

func (*EngineConfig) GetAllowSUID 

func (e *EngineConfig) GetAllowSUID() bool

GetAllowSUID returns true if allow-suid is set and false if not.

func (*EngineConfig) GetBindPath 

func (e *EngineConfig) GetBindPath() []string

GetBindPath retrieves bind paths.

func (*EngineConfig) GetBootInstance 

func (e *EngineConfig) GetBootInstance() bool

GetBootInstance returns if boot flag is set or not

func (*EngineConfig) GetCgroupsPath 

func (e *EngineConfig) GetCgroupsPath() string

GetCgroupsPath returns path to cgroups profile

func (*EngineConfig) GetCommand 

func (e *EngineConfig) GetCommand() string

GetCommand retrieves action command.

func (*EngineConfig) GetContain 

func (e *EngineConfig) GetContain() bool

GetContain returns if contain flag is set or not.

func (*EngineConfig) GetCustomHome 

func (e *EngineConfig) GetCustomHome() bool

GetCustomHome retrieves if home path is a custom path.

func (*EngineConfig) GetCwd 

func (e *EngineConfig) GetCwd() string

GetCwd returns current working directory

func (*EngineConfig) GetDNS 

func (e *EngineConfig) GetDNS() string

GetDNS retrieves list of DNS servers

func (*EngineConfig) GetDeleteImage 

func (e *EngineConfig) GetDeleteImage() bool

GetDeleteImage returns if container image must be deleted after use

func (*EngineConfig) GetDropCaps 

func (e *EngineConfig) GetDropCaps() string

GetDropCaps retrieves bounding/effective/permitted/inheritable/ambient capabilities to drop.

func (*EngineConfig) GetHomeDest 

func (e *EngineConfig) GetHomeDest() string

GetHomeDest retrieves the container home directory path.

func (*EngineConfig) GetHomeSource 

func (e *EngineConfig) GetHomeSource() string

GetHomeSource retrieves the source home directory path.

func (*EngineConfig) GetHostname 

func (e *EngineConfig) GetHostname() string

GetHostname retrieves hostname to use in containee.JSON.

func (*EngineConfig) GetImage 

func (e *EngineConfig) GetImage() string

GetImage retrieves the container image path.

func (*EngineConfig) GetImageList 

func (e *EngineConfig) GetImageList() []image.Image

GetImageList returns image list containing opened images

func (*EngineConfig) GetInstance 

func (e *EngineConfig) GetInstance() bool

GetInstance returns if container run as instance or not.

func (*EngineConfig) GetInstanceJoin 

func (e *EngineConfig) GetInstanceJoin() bool

GetInstanceJoin returns if process joins an instance or not.

func (*EngineConfig) GetKeepPrivs 

func (e *EngineConfig) GetKeepPrivs() bool

GetKeepPrivs returns if keep-privs is set or not

func (*EngineConfig) GetLibrariesPath 

func (e *EngineConfig) GetLibrariesPath() []string

GetLibrariesPath returns libraries to bind in container /.singularity.d/libs directory

func (*EngineConfig) GetNetwork 

func (e *EngineConfig) GetNetwork() string

GetNetwork retrieves a list of commas separated networks configured in container

func (*EngineConfig) GetNetworkArgs 

func (e *EngineConfig) GetNetworkArgs() []string

GetNetworkArgs retrieves network arguments passed to CNI plugins

func (*EngineConfig) GetNoHome 

func (e *EngineConfig) GetNoHome() bool

GetNoHome returns if no-home flag is set or not

func (*EngineConfig) GetNoInit 

func (e *EngineConfig) GetNoInit() bool

GetNoInit returns if noinit flag is set or not

func (*EngineConfig) GetNoPrivs 

func (e *EngineConfig) GetNoPrivs() bool

GetNoPrivs returns if no-privs flag is set or not

func (*EngineConfig) GetNv 

func (e *EngineConfig) GetNv() bool

GetNv returns if nv flag is set or not.

func (*EngineConfig) GetOpenFd 

func (e *EngineConfig) GetOpenFd() []int

GetOpenFd returns the list of open file descriptor

func (*EngineConfig) GetOverlayImage 

func (e *EngineConfig) GetOverlayImage() []string

GetOverlayImage retrieves the overlay image path.

func (*EngineConfig) GetScratchDir 

func (e *EngineConfig) GetScratchDir() []string

GetScratchDir retrieves the scratch directory path.

func (*EngineConfig) GetSecurity 

func (e *EngineConfig) GetSecurity() []string

GetSecurity returns security feature arguments

func (*EngineConfig) GetShell 

func (e *EngineConfig) GetShell() string

GetShell retrieves shell for shell command.

func (*EngineConfig) GetTargetGID 

func (e *EngineConfig) GetTargetGID() []int

GetTargetGID returns the target GIDs

func (*EngineConfig) GetTargetUID 

func (e *EngineConfig) GetTargetUID() int

GetTargetUID returns the target UID

func (*EngineConfig) GetTmpDir 

func (e *EngineConfig) GetTmpDir() string

GetTmpDir retrieves temporary directory path.

func (*EngineConfig) GetWorkdir 

func (e *EngineConfig) GetWorkdir() string

GetWorkdir retrieves the work directory path.

func (*EngineConfig) GetWritableImage 

func (e *EngineConfig) GetWritableImage() bool

GetWritableImage returns if the container image is writable or not.

func (*EngineConfig) GetWritableTmpfs 

func (e *EngineConfig) GetWritableTmpfs() bool

GetWritableTmpfs returns if writable tmpfs is set or no

func (*EngineConfig) SetAddCaps 

func (e *EngineConfig) SetAddCaps(caps string)

SetAddCaps sets bounding/effective/permitted/inheritable/ambient capabilities to add.

func (*EngineConfig) SetAllowSUID 

func (e *EngineConfig) SetAllowSUID(allow bool)

SetAllowSUID sets allow-suid flag to allow to run setuid binary inside containee.JSON.

func (*EngineConfig) SetBindPath 

func (e *EngineConfig) SetBindPath(bindpath []string)

SetBindPath sets paths to bind into containee.JSON.

func (*EngineConfig) SetBootInstance 

func (e *EngineConfig) SetBootInstance(boot bool)

SetBootInstance sets boot flag to execute /sbin/init as main instance process.

func (*EngineConfig) SetCgroupsPath 

func (e *EngineConfig) SetCgroupsPath(path string)

SetCgroupsPath sets path to cgroups profile

func (*EngineConfig) SetCommand 

func (e *EngineConfig) SetCommand(command string)

SetCommand sets action command to execute.

func (*EngineConfig) SetContain 

func (e *EngineConfig) SetContain(contain bool)

SetContain sets contain flag.

func (*EngineConfig) SetCustomHome 

func (e *EngineConfig) SetCustomHome(custom bool)

SetCustomHome sets if home path is a custom path or not.

func (*EngineConfig) SetCwd 

func (e *EngineConfig) SetCwd(path string)

SetCwd sets current working directory

func (*EngineConfig) SetDNS 

func (e *EngineConfig) SetDNS(dns string)

SetDNS sets a commas separated list of DNS servers to add in resolv.conf

func (*EngineConfig) SetDeleteImage 

func (e *EngineConfig) SetDeleteImage(delete bool)

SetDeleteImage sets if container image must be deleted after use

func (*EngineConfig) SetDropCaps 

func (e *EngineConfig) SetDropCaps(caps string)

SetDropCaps sets bounding/effective/permitted/inheritable/ambient capabilities to drop.

func (*EngineConfig) SetHomeDest 

func (e *EngineConfig) SetHomeDest(dest string)

SetHomeDest sets the container home directory path.

func (*EngineConfig) SetHomeSource 

func (e *EngineConfig) SetHomeSource(source string)

SetHomeSource sets the source home directory path.

func (*EngineConfig) SetHostname 

func (e *EngineConfig) SetHostname(hostname string)

SetHostname sets hostname to use in containee.JSON.

func (*EngineConfig) SetImage 

func (e *EngineConfig) SetImage(name string)

SetImage sets the container image path to be used by EngineConfig.JSON.

func (*EngineConfig) SetImageList 

func (e *EngineConfig) SetImageList(list []image.Image)

SetImageList sets image list containing opened images

func (*EngineConfig) SetInstance 

func (e *EngineConfig) SetInstance(instance bool)

SetInstance sets if container run as instance or not.

func (*EngineConfig) SetInstanceJoin 

func (e *EngineConfig) SetInstanceJoin(join bool)

SetInstanceJoin sets if process joins an instance or not.

func (*EngineConfig) SetKeepPrivs 

func (e *EngineConfig) SetKeepPrivs(keep bool)

SetKeepPrivs sets keep-privs flag to allow root to retain all privileges.

func (*EngineConfig) SetLibrariesPath 

func (e *EngineConfig) SetLibrariesPath(libraries []string)

SetLibrariesPath sets libraries to bind in container /.singularity.d/libs directory

func (*EngineConfig) SetNetwork 

func (e *EngineConfig) SetNetwork(network string)

SetNetwork sets a list of commas separated networks to configure inside container

func (*EngineConfig) SetNetworkArgs 

func (e *EngineConfig) SetNetworkArgs(args []string)

SetNetworkArgs sets network arguments to pass to CNI plugins

func (*EngineConfig) SetNoHome 

func (e *EngineConfig) SetNoHome(val bool)

SetNoHome set no-home flag to not mount home user home directory

func (*EngineConfig) SetNoInit 

func (e *EngineConfig) SetNoInit(val bool)

SetNoInit set noinit flag to not start shim init process

func (*EngineConfig) SetNoPrivs 

func (e *EngineConfig) SetNoPrivs(nopriv bool)

SetNoPrivs sets no-privs flag to force root user to lose all privileges.

func (*EngineConfig) SetNv 

func (e *EngineConfig) SetNv(nv bool)

SetNv sets nv flag to bind cuda libraries into containee.JSON.

func (*EngineConfig) SetOpenFd 

func (e *EngineConfig) SetOpenFd(fds []int)

SetOpenFd sets a list of open file descriptor

func (*EngineConfig) SetOverlayImage 

func (e *EngineConfig) SetOverlayImage(paths []string)

SetOverlayImage sets the overlay image path to be used on top of container image.

func (*EngineConfig) SetScratchDir 

func (e *EngineConfig) SetScratchDir(scratchdir []string)

SetScratchDir set a scratch directory path.

func (*EngineConfig) SetSecurity 

func (e *EngineConfig) SetSecurity(security []string)

SetSecurity sets security feature arguments

func (*EngineConfig) SetShell 

func (e *EngineConfig) SetShell(shell string)

SetShell sets shell to be used by shell command.

func (*EngineConfig) SetTargetGID 

func (e *EngineConfig) SetTargetGID(gid []int)

SetTargetGID sets target GIDs to execute container process as group IDs

func (*EngineConfig) SetTargetUID 

func (e *EngineConfig) SetTargetUID(uid int)

SetTargetUID sets target UID to execute the container process as user ID

func (*EngineConfig) SetTmpDir 

func (e *EngineConfig) SetTmpDir(name string)

SetTmpDir sets temporary directory path.

func (*EngineConfig) SetWorkdir 

func (e *EngineConfig) SetWorkdir(name string)

SetWorkdir sets a work directory path.

func (*EngineConfig) SetWritableImage 

func (e *EngineConfig) SetWritableImage(writable bool)

SetWritableImage defines the container image as writable or not.

func (*EngineConfig) SetWritableTmpfs 

func (e *EngineConfig) SetWritableTmpfs(writable bool)

SetWritableTmpfs sets writable tmpfs flag

type FileConfig 

type FileConfig struct {
	AllowSetuid             bool     `default:"yes" authorized:"yes,no" directive:"allow setuid"`
	MaxLoopDevices          uint     `default:"256" directive:"max loop devices"`
	AllowPidNs              bool     `default:"yes" authorized:"yes,no" directive:"allow pid ns"`
	ConfigPasswd            bool     `default:"yes" authorized:"yes,no" directive:"config passwd"`
	ConfigGroup             bool     `default:"yes" authorized:"yes,no" directive:"config group"`
	ConfigResolvConf        bool     `default:"yes" authorized:"yes,no" directive:"config resolv_conf"`
	MountProc               bool     `default:"yes" authorized:"yes,no" directive:"mount proc"`
	MountSys                bool     `default:"yes" authorized:"yes,no" directive:"mount sys"`
	MountDev                string   `default:"yes" authorized:"yes,no,minimal" directive:"mount dev"`
	MountDevPts             bool     `default:"yes" authorized:"yes,no" directive:"mount devpts"`
	MountHome               bool     `default:"yes" authorized:"yes,no" directive:"mount home"`
	MountTmp                bool     `default:"yes" authorized:"yes,no" directive:"mount tmp"`
	MountHostfs             bool     `default:"no" authorized:"yes,no" directive:"mount hostfs"`
	BindPath                []string `default:"/etc/localtime,/etc/hosts" directive:"bind path"`
	UserBindControl         bool     `default:"yes" authorized:"yes,no" directive:"user bind control"`
	EnableOverlay           string   `default:"try" authorized:"yes,no,try" directive:"enable overlay"`
	EnableUnderlay          bool     `default:"yes" authorized:"yes,no" directive:"enable underlay"`
	MountSlave              bool     `default:"yes" authorized:"yes,no" directive:"mount slave"`
	SessiondirMaxSize       uint     `default:"16" directive:"sessiondir max size"`
	LimitContainerOwners    []string `directive:"limit container owners"`
	LimitContainerGroups    []string `directive:"limit container groups"`
	LimitContainerPaths     []string `directive:"limit container paths"`
	AllowContainerSquashfs  bool     `default:"yes" authorized:"yes,no" directive:"allow container squashfs"`
	AllowContainerExtfs     bool     `default:"yes" authorized:"yes,no" directive:"allow container extfs"`
	AllowContainerDir       bool     `default:"yes" authorized:"yes,no" directive:"allow container dir"`
	AutofsBugPath           []string `directive:"autofs bug path"`
	AlwaysUseNv             bool     `default:"no" authorized:"yes,no" directive:"always use nv"`
	RootDefaultCapabilities string   `default:"full" authorized:"full,file,no" directive:"root default capabilities"`
	MemoryFSType            string   `default:"tmpfs" authorized:"tmpfs,ramfs" directive:"memory fs type"`
	CniConfPath             string   `directive:"cni configuration path"`
	CniPluginPath           string   `directive:"cni plugin path"`
	MksquashfsPath          string   `directive:"mksquashfs path"`
	SharedLoopDevices       bool     `default:"no" authorized:"yes,no" directive:"shared loop devices"`
}

FileConfig describes the singularity.conf file options

type JSONConfig 

type JSONConfig struct {
	Image         string        `json:"image"`
	WritableImage bool          `json:"writableImage,omitempty"`
	WritableTmpfs bool          `json:"writableTmpfs,omitempty"`
	OverlayImage  []string      `json:"overlayImage,omitempty"`
	Contain       bool          `json:"container,omitempty"`
	Nv            bool          `json:"nv,omitempty"`
	Workdir       string        `json:"workdir,omitempty"`
	ScratchDir    []string      `json:"scratchdir,omitempty"`
	HomeSource    string        `json:"homedir,omitempty"`
	HomeDest      string        `json:"homeDest,omitempty"`
	CustomHome    bool          `json:"customHome,omitempty"`
	BindPath      []string      `json:"bindpath,omitempty"`
	Command       string        `json:"command,omitempty"`
	Shell         string        `json:"shell,omitempty"`
	TmpDir        string        `json:"tmpdir,omitempty"`
	Instance      bool          `json:"instance,omitempty"`
	InstanceJoin  bool          `json:"instanceJoin,omitempty"`
	BootInstance  bool          `json:"bootInstance,omitempty"`
	RunPrivileged bool          `json:"runPrivileged,omitempty"`
	AddCaps       string        `json:"addCaps,omitempty"`
	DropCaps      string        `json:"dropCaps,omitempty"`
	Hostname      string        `json:"hostname,omitempty"`
	AllowSUID     bool          `json:"allowSUID,omitempty"`
	KeepPrivs     bool          `json:"keepPrivs,omitempty"`
	NoPrivs       bool          `json:"noPrivs,omitempty"`
	NoHome        bool          `json:"noHome,omitempty"`
	NoInit        bool          `json:"noInit,omitempty"`
	ImageList     []image.Image `json:"imageList,omitempty"`
	Network       string        `json:"network,omitempty"`
	NetworkArgs   []string      `json:"networkArgs,omitempty"`
	DNS           string        `json:"dns,omitempty"`
	Cwd           string        `json:"cwd,omitempty"`
	Security      []string      `json:"security,omitempty"`
	OpenFd        []int         `json:"openFd,omitempty"`
	CgroupsPath   string        `json:"cgroupsPath,omitempty"`
	TargetUID     int           `json:"targetUID,omitempty"`
	TargetGID     []int         `json:"targetGID,omitempty"`
	LibrariesPath []string      `json:"librariesPath,omitempty"`
	DeleteImage   bool          `json:"deleteImage,omitempty"`
}

JSONConfig stores engine specific confguration that is allowed to be set by the user

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.