 Documentation
      ¶
      Documentation
      ¶
    
    
  
    
      Index ¶
- Variables
- func Validate(spec SysSpec, validators []Validator) (error, error)
- func ValidateSpec(spec SysSpec, runtime string) (error, error)
- type CgroupsValidator
- type DockerSpec
- type DockerValidator
- type KernelConfig
- type KernelSpec
- type KernelValidator
- type KernelValidatorHelper
- type KernelValidatorHelperImpl
- type OSValidator
- type PackageSpec
- type PackageSpecOverride
- type Reporter
- type RuntimeSpec
- type StreamReporter
- type SysSpec
- type ValidationResultType
- type Validator
Constants ¶
This section is empty.
Variables ¶
var DefaultReporter = &StreamReporter{ WriteStream: os.Stdout, }
DefaultReporter is the default Reporter
var DefaultSysSpec = SysSpec{ OS: "Linux", KernelSpec: KernelSpec{ Versions: []string{`3\.[1-9][0-9].*`, `4\..*`}, Required: []KernelConfig{ {Name: "NAMESPACES"}, {Name: "NET_NS"}, {Name: "PID_NS"}, {Name: "IPC_NS"}, {Name: "UTS_NS"}, {Name: "CGROUPS"}, {Name: "CGROUP_CPUACCT"}, {Name: "CGROUP_DEVICE"}, {Name: "CGROUP_FREEZER"}, {Name: "CGROUP_SCHED"}, {Name: "CPUSETS"}, {Name: "MEMCG"}, {Name: "INET"}, {Name: "EXT4_FS"}, {Name: "PROC_FS"}, {Name: "NETFILTER_XT_TARGET_REDIRECT", Aliases: []string{"IP_NF_TARGET_REDIRECT"}}, {Name: "NETFILTER_XT_MATCH_COMMENT"}, }, Optional: []KernelConfig{ {Name: "OVERLAY_FS", Aliases: []string{"OVERLAYFS_FS"}, Description: "Required for overlayfs."}, {Name: "AUFS_FS", Description: "Required for aufs."}, {Name: "BLK_DEV_DM", Description: "Required for devicemapper."}, }, Forbidden: []KernelConfig{}, }, Cgroups: []string{"cpu", "cpuacct", "cpuset", "devices", "freezer", "memory"}, RuntimeSpec: RuntimeSpec{ DockerSpec: &DockerSpec{ Version: []string{`1\.1[1-3]\..*`, `17\.03\..*`}, GraphDriver: []string{"aufs", "overlay", "overlay2", "devicemapper"}, }, }, }
DefaultSysSpec is the default SysSpec for Linux
Functions ¶
Types ¶
type CgroupsValidator ¶
type CgroupsValidator struct {
	Reporter Reporter
}
    func (*CgroupsValidator) Name ¶
func (c *CgroupsValidator) Name() string
type DockerSpec ¶
type DockerSpec struct {
	// Version is a group of regex matching supported docker versions.
	Version []string `json:"version,omitempty"`
	// GraphDriver is the graph drivers supported by kubelet.
	GraphDriver []string `json:"graphDriver,omitempty"`
}
    DockerSpec defines the requirement configuration for docker. Currently, it only contains spec for graph driver.
type DockerValidator ¶
type DockerValidator struct {
	Reporter Reporter
}
    DockerValidator validates docker configuration.
func (*DockerValidator) Name ¶
func (d *DockerValidator) Name() string
type KernelConfig ¶
type KernelConfig struct {
	// Name is the general name of the kernel configuration. It is used to
	// match kernel configuration.
	Name string `json:"name,omitempty"`
	// TODO(yguo0905): Support the "or" operation, which will be the same
	// as the "aliases".
	//
	// Aliases are aliases of the kernel configuration. Some configuration
	// has different names in different kernel version. Names of different
	// versions will be treated as aliases.
	Aliases []string `json:"aliases,omitempty"`
	// Description is the description of the kernel configuration, for example:
	//  * What is it used for?
	//  * Why is it needed?
	//  * Who needs it?
	Description string `json:"description,omitempty"`
}
    KernelConfig defines one kernel configration item.
type KernelSpec ¶
type KernelSpec struct {
	// Versions define supported kernel version. It is a group of regexps.
	Versions []string `json:"versions,omitempty"`
	// Required contains all kernel configurations required to be enabled
	// (built in or as module).
	Required []KernelConfig `json:"required,omitempty"`
	// Optional contains all kernel configurations are required for optional
	// features.
	Optional []KernelConfig `json:"optional,omitempty"`
	// Forbidden contains all kernel configurations which areforbidden (disabled
	// or not set)
	Forbidden []KernelConfig `json:"forbidden,omitempty"`
}
    KernelSpec defines the specification for the kernel. Currently, it contains specification for:
- Kernel Version
- Kernel Configuration
type KernelValidator ¶
type KernelValidator struct {
	Reporter Reporter
	// contains filtered or unexported fields
}
    KernelValidator validates kernel. Currently only validate kernel version and kernel configuration.
func (*KernelValidator) Name ¶
func (k *KernelValidator) Name() string
type KernelValidatorHelper ¶ added in v1.9.0
type KernelValidatorHelper interface {
	// GetKernelReleaseVersion gets the current kernel release version of the system
	GetKernelReleaseVersion() (string, error)
}
    KernelValidatorHelper is an interface intended to help with os specific kernel validation
type KernelValidatorHelperImpl ¶ added in v1.9.0
type KernelValidatorHelperImpl struct{}
    KernelValidatorHelperImpl is the 'linux' implementation of KernelValidatorHelper
func (*KernelValidatorHelperImpl) GetKernelReleaseVersion ¶ added in v1.9.0
func (o *KernelValidatorHelperImpl) GetKernelReleaseVersion() (string, error)
GetKernelReleaseVersion returns the kernel release version (ex. 4.4.0-96-generic) as a string
type OSValidator ¶
type OSValidator struct {
	Reporter Reporter
}
    func (*OSValidator) Name ¶
func (o *OSValidator) Name() string
type PackageSpec ¶ added in v1.6.8
type PackageSpec struct {
	// Name is the name of the package to be checked.
	Name string `json:"name,omitempty"`
	// VersionRange represents a range of versions that the package must
	// satisfy. Note that the version requirement will not be enforced if
	// the version range is empty. For example,
	// - "" would match any versions but the package must be installed.
	// - ">=1" would match "1.0.0", "1.0.1", "1.1.0", and "2.0".
	// - ">1.0 <2.0" would match between both ranges, so "1.1.1" and "1.8.7"
	//   but not "1.0.0" or "2.0.0".
	// - "<2.0.0 || >=3.0.0" would match "1.0.0" and "3.0.0" but not "2.0.0".
	VersionRange string `json:"versionRange,omitempty"`
	// Description explains the reason behind this package requirements.
	//
	// TODO(yguo0905): Print the description where necessary.
	Description string `json:"description,omitempty"`
}
    PackageSpec defines the required packages and their versions. PackageSpec is only supported on OS distro with Debian package manager.
TODO(yguo0905): Support operator OR of multiple packages for the case where either "foo (>=1.0)" or "bar (>=2.0)" is required.
type PackageSpecOverride ¶ added in v1.6.8
type PackageSpecOverride struct {
	// OSDistro identifies to which OS distro this override applies.
	// Must be "ubuntu", "cos" or "coreos".
	OSDistro string `json:"osDistro,omitempty"`
	// Subtractions is a list of package names that are excluded from the
	// package spec.
	Subtractions []PackageSpec `json:"subtractions,omitempty"`
	// Additions is a list of additional package requirements included the
	// package spec.
	Additions []PackageSpec `json:"additions,omitempty"`
}
    PackageSpecOverride defines the overrides on the PackageSpec for an OS distro.
type Reporter ¶ added in v1.6.0
type Reporter interface {
	// Report reports the results of the system verification
	Report(string, string, ValidationResultType) error
}
    Reporter is the interface for the reporters for the validators.
type RuntimeSpec ¶
type RuntimeSpec struct {
	*DockerSpec `json:",inline"`
}
    RuntimeSpec is the abstract layer for different runtimes. Different runtimes should put their spec inside the RuntimeSpec.
type StreamReporter ¶ added in v1.6.0
The default reporter for the system verification test
func (*StreamReporter) Report ¶ added in v1.6.0
func (dr *StreamReporter) Report(key, value string, resultType ValidationResultType) error
type SysSpec ¶
type SysSpec struct {
	// OS is the operating system of the SysSpec.
	OS string `json:"os,omitempty"`
	// KernelConfig defines the spec for kernel.
	KernelSpec KernelSpec `json:"kernelSpec,omitempty"`
	// Cgroups is the required cgroups.
	Cgroups []string `json:"cgroups,omitempty"`
	// RuntimeSpec defines the spec for runtime.
	RuntimeSpec RuntimeSpec `json:"runtimeSpec,omitempty"`
	// PackageSpec defines the required packages and their versions.
	PackageSpecs []PackageSpec `json:"packageSpecs,omitempty"`
	// PackageSpec defines the overrides of the required packages and their
	// versions for an OS distro.
	PackageSpecOverrides []PackageSpecOverride `json:"packageSpecOverrides,omitempty"`
}
    SysSpec defines the requirement of supported system. Currently, it only contains spec for OS, Kernel and Cgroups.
type ValidationResultType ¶ added in v1.6.0
type ValidationResultType int32
ValidationResultType is type of the validation result. Different validation results corresponds to different colors.