BuildContainerGraph builds a dependency graph based on the container slice.

ConvertV1PodToYAMLPod takes k8s API core Pod and returns a pointer to YAMLPod.

DefaultSeccompPath returns the path to the default seccomp.json file if it exists, first it checks OverrideSeccomp and then default.

DownloadFromFile reads all of the content from the reader and temporarily saves in it $TMPDIR/importxyz, which is deleted after the image is imported.

FuncTimer helps measure the execution time of a function For debug purposes, do not leave in code used like defer FuncTimer("foo").

GenerateForKube takes a slice of libpod containers and generates one v1.Pod description that includes just a single container.

GenerateForKubeDeployment returns a YAMLDeployment from a YAMLPod that is then used to create a kubernetes Deployment kind YAML.

GenerateKubeServiceFromV1Pod creates a v1 service object from a v1 pod object.

GetLimits converts spec resource limits to cgroup consumable limits.

GetOnlineCPUs returns the number of online CPUs as set in the container cpu-set using sched_getaffinity.

JSONDeepCopy performs a deep copy by performing a JSON encode/decode of the given structures.

LabelVolumePath takes a mount path for a volume and gives it an selinux label of either shared or not.

MountExists returns true if dest exists in the list of mounts.

NewBoltState creates a new bolt-backed state database.

NewRuntime creates a new container runtime Options can be passed to override the default configuration for the runtime.

NewRuntimeFromConfig creates a new container runtime using the given configuration file for its default configuration.

NewSqliteState creates a new SQLite-backed state database.

SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set.

Unmount umounts a target directory.

WithAddCurrentUserPasswdEntry indicates that container should add current user entry to /etc/passwd, since the UID will be mapped into the container, via user namespace.

WithCDI sets the devices to check for CDI configuration.

WithCgroupManager specifies the manager implementation name which is used to handle cgroups for containers.

WithCgroupNSFrom indicates that the container should join the Cgroup namespace of the given container.

WithCgroupParent sets the Cgroup Parent of the new container.

WithCgroupsMode disables the creation of Cgroups for the conmon process.

WithChrootDirs is an additional set of directories that need to be treated as root directories.

WithCNIPluginDir sets the CNI plugins directory.

WithCommand sets the command of the container.

WithConmonEnv specifies the environment variable list for the conmon process.

WithConmonPath specifies the path to the conmon binary which manages the runtime.

WithConmonPidFile specifies the path to the file that receives the pid of conmon.

WithCreateCommand adds the full command plus arguments of the current process to the container config.

WithCreateWorkingDir tells Podman to create the container's working directory if it does not exist.

WithCtrNamespace sets the namespace the container will be created in.

WithCtrOCIRuntime specifies an OCI runtime in container's config.

WithDatabaseBackend configures the runtime's database backend.

WithDefaultInfraCommand sets the command to run on pause container start up.

WithDefaultMountsFile sets the file to look at for default mounts (mainly secrets).

WithDependencyCtrs sets dependency containers of the given container.

WithDNS sets additional name servers for the container.

WithDNSOption sets additional dns options for the container.

WithDNSSearch sets the additional search domains of a container.

WithEnableSDNotify sets a runtime option so we know whether to disable socket/FD listening.

WithEntrypoint sets the entrypoint of the container.

WithSecrets adds environment variable secrets to the container.

WithEventsLogger sets the events backend to use.

WithGroupEntry sets the entry to write to the /etc/group file.

WithGroups sets additional groups for the container, which are defined by the user.

WithHealthCheck adds the healthcheck to the container config.

WithHealthCheckOnFailureAction adds an on-failure action to health-check config.

WithHooksDir sets the directories to look for OCI runtime hook configuration.

WithHostDevice adds the original host src to the config.

WithHosts sets additional host:IP for the hosts file.

WithHostUsers indicates host users to add to /etc/passwd.

WithIDMappings sets the idmappings for the container.

WithImageVolumes adds the given image volumes to the container.

WithInfraConfig allows for inheritance of compatible config entities from the infra container.

WithInfraConmonPidFile sets the path to a custom conmon PID file for the infra container.

WithInfraContainer tells the pod to create a pause container.

WithInitCtrType indicates the container is an initcontainer.

WithIPCNSFrom indicates that the container should join the IPC namespace of the given container.

WithIsService allows us to differentiate between service containers and other container within the container config.

WithLabelNested sets the LabelNested flag allowing label separation within container.

WithLabels adds labels to the container.

WithLogDriver sets the log driver for the container.

WithLogPath sets the path to the log file.

WithLogTag sets the tag to the log file.

WithMaxLogSize sets the maximum size of container logs.

WithMountAllDevices sets the option to mount all of a privileged container's host devices.

WithMountNSFrom indicates that the container should join the mount namespace of the given container.

WithName sets the container's name.

WithNamedVolumes adds the given named volumes to the container.

WithNamespace sets the namespace for libpod.

WithNetNS indicates that the container should be given a new network namespace with a minimal configuration.

WithNetNSFrom indicates that the container should join the network namespace of the given container.

WithNetworkBackend specifies the name of the network backend.

WithNetworkCmdPath specifies the path to the slirp4netns binary which manages the runtime.

WithNetworkConfigDir sets the network configuration directory.

WithNetworkOptions sets additional options for the networks.

WithNoPivotRoot sets the runtime to use MS_MOVE instead of PIVOT_ROOT when starting containers.

WithNOShmMount tells libpod whether to mount /dev/shm.

WithNoShmShare tells libpod whether to share containers /dev/shm with other containers.

WithNoStore sets a bool on the runtime that we do not need any containers storage.

WithOCIRuntime specifies an OCI runtime to use for running containers.

WithOverlayVolumes adds the given overlay volumes to the container.

WithPasswdEntry sets the entry to write to the /etc/passwd file.

WithPidFile adds pidFile to the container.

WithPIDNSFrom indicates that the container should join the PID namespace of the given container.

WithPodCgroup tells containers in this pod to use the cgroup namespace created for this pod.

WithPodCgroupParent sets the Cgroup Parent of the pod.

WithPodCreateCommand adds the full command plus arguments of the current process to the pod config.

WithPodExitPolicy sets the exit policy of the pod.

WithPodHostname sets the hostname of the pod.

WithPodIPC tells containers in this pod to use the ipc namespace created for this pod.

WithPodLabels sets the labels of a pod.

WithPodMount tells containers in this pod to use the mount namespace created for this pod.

WithPodName sets the name of the pod.

WithPodNamespace sets the namespace for the created pod.

WithPodNet tells containers in this pod to use the network namespace created for this pod.

WithPodCgroups tells containers in this pod to use the cgroup created for this pod.

WithPodPID tells containers in this pod to use the pid namespace created for this pod.

WithPodResources sets resource limits to be applied to the pod's cgroup these will be inherited by all containers unless overridden.

WithPodRestartPolicy sets the restart policy of the pod.

WithPodRestartRetries sets the number of retries to use when restarting a container with the "on-failure" restart policy.

WithPodUser tells containers in this pod to use the user namespace created for this pod.

WithPodUTS tells containers in this pod to use the uts namespace created for this pod.

WithPreserveFDs forwards from the process running Libpod into the container the given number of extra FDs (starting after the standard streams) to the created container.

WithPrivileged sets the privileged flag in the container runtime.

WithReadWriteTmpfs sets up read-write tmpfs flag in the container runtime.

WithRegistriesConf configures the runtime to always use specified registries.conf for image processing.

WithRenumber tells Libpod that the runtime will be used to perform a system renumber.

WithReset tells Libpod that the runtime will be used to perform a system reset.

WithRestartPolicy sets the container's restart policy.

WithRestartRetries sets the number of retries to use when restarting a container with the "on-failure" restart policy.

WithRootFS sets the rootfs for the container.

WithRootFSFromImage sets up a fresh root filesystem using the given image.

WithRuntimeFlags adds the global runtime flags to the container config.

WithSdNotifyMode sets the sd-notify method.

WithSdNotifySocket sets the sd-notify of the container.

WithSecLabels sets the labels for SELinux.

WithSecrets adds secrets to the container.

WithSelectedPasswordManagement makes it so that the container either does or does not set up /etc/passwd or /etc/group.

WithServiceContainer associates the specified service container ID with the pod.

WithShmDir sets the directory that should be mounted on /dev/shm.

WithShmSize sets the size of /dev/shm tmpfs mount.

WithShmSizeSystemd sets the size of systemd-specific mounts: /run /run/lock /var/log/journal /tmp.

WithSignaturePolicy specifies the path of a file which decides how trust is managed for images we've pulled.

WithStartupHealthcheck sets a startup healthcheck for the container.

WithStaticDir sets the directory that static runtime files which persist across reboots will be stored.

WithStdin keeps stdin on the container open to allow interaction.

WithStopSignal sets the signal that will be sent to stop the container.

WithStopTimeout sets the time to after initial stop signal is sent to the container, before sending the kill signal.

WithStorageConfig uses the given configuration to set up container storage.

WithStorageOpts sets the devices to check for CDI configuration.

WithSyslog sets a runtime option so we know that we have to log to the syslog as well.

WithSystemd turns on systemd mode in the container.

WithTimeout sets the maximum time a container is allowed to run".

WithTimezone sets the timezone in the container.

WithTmpDir sets the directory that temporary runtime files which are not expected to survive across reboots will be stored.

WithUmask sets the umask in the container.

WithUseImageHosts tells the container not to bind-mount /etc/hosts in.

WithUseImageResolvConf tells the container not to bind-mount resolv.conf in.

WithUser sets the user identity field in configuration.

WithUserNSFrom indicates that the container should join the user namespace of the given container.

WithUserVolumes sets the user-added volumes of the container.

WithUTSNSFrom indicates that the container should join the UTS namespace of the given container.

WithUTSNSFromPod indicates that the container should join the UTS namespace of its pod.

WithVolatile sets the volatile flag for the container storage.

WithVolumeDisableQuota prevents the volume from being assigned a quota.

WithVolumeDriver sets the volume's driver.

WithVolumeDriverTimeout sets the volume creation timeout period.

WithVolumeGID sets the GID that the volume will be created as.

WithVolumeInodes sets the maximum inodes of the volume.

WithVolumeLabels sets the labels of the volume.

WithVolumeMountLabel sets the MountLabel of the volume.

WithVolumeName sets the name of the volume.

WithVolumeNoChown prevents the volume from being chowned to the process uid at first use.

WithVolumeOptions sets the options of the volume.

WithVolumePath sets the path under which all named volumes should be created.

WithVolumeSize sets the maximum size of the volume.

WithVolumeUID sets the UID that the volume will be created as.

Sync with stdpipe_t in conmon.c */.

Sync with stdpipe_t in conmon.c */.

Sync with stdpipe_t in conmon.c */.

CgroupfsDefaultCgroupParent is the cgroup parent for CgroupFS in libpod.

CgroupNS is the Cgroup namespace.

DefaultWaitInterval is the default interval between container status checks while waiting.

InvalidNS is an invalid namespace.

IPCNS is the IPC namespace.

MaxHealthCheckLogLength in characters.

MaxHealthCheckNumberLogs is the maximum number of attempts we keep in the healthcheck history file.

MountNS is the mount namespace.

MountPrivate represents the private mount option.

MountRPrivate represents the rprivate mount option.

MountRShared represents the rshared mount option.

MountRSlave represents the rslave mount option.

MountShared represents the shared mount option.

MountSlave represents the slave mount option.

NetNS is the network namespace.

PIDNS is the PID namespace.

SystemdDefaultCgroupParent is the cgroup parent for the systemd cgroup manager in libpod.

SystemdDefaultRootlessCgroupParent is the cgroup parent for the systemd cgroup manager in libpod when running as rootless.

UserNS is the user namespace.

UTSNS is the UTS namespace.

AttachOptions are options used when attached to a container or an exec session.

BoltState is a state implementation backed by a Bolt DB.

ConmonOCIRuntime is an OCI runtime managed by Conmon.

Container is a single OCI container.

ContainerCheckpointOptions is a struct used to pass the parameters for checkpointing (and restoring) to the corresponding functions.

ContainerCommitOptions is a struct used to commit a container to an image It uses buildah's CommitOptions as a base.

ContainerConfig contains all information that was used to create the container.

ContainerGraph is a dependency graph based on a set of containers.

ContainerImageConfig is an embedded sub-config providing image configuration to the container.

ContainerImageVolume is a volume based on a container image.

ContainerInfo wraps a subset of information about a container: the locations of its nonvolatile and volatile per-container directories, along with a copy of the configuration blob from the image that was used to create the container, if the image had a configuration.

ContainerMiscConfig is an embedded sub-config providing misc configuration to the container.

ContainerNamedVolume is a named volume that will be mounted into the container.

ContainerNameSpaceConfig is an embedded sub-config providing namespace configuration to the container.

ContainerNetworkConfig is an embedded sub-config providing network configuration to the container.

ContainerOverlayVolume is an overlay volume that will be mounted into the container.

ContainerRootFSConfig is an embedded sub-config providing config info about the container's root fs.

ContainerSecret is a secret that is mounted in a container.

ContainerSecurityConfig is an embedded sub-config providing security configuration to the container.

ContainerState contains the current state of the container It is stored on disk in a tmpfs and recreated on reboot.

DBConfig is a set of Libpod runtime configuration settings that are saved in a State when it is first created, and can subsequently be retrieved.

ExecConfig contains the configuration of an exec session.

ExecOptions are options passed into ExecContainer.

ExecSession contains information on a single exec session attached to a given container.

HTTPAttachStreams informs the HTTPAttach endpoint which of the container's standard streams should be streamed to the client.

InfraInherit contains the compatible options inheritable from the infra container.

MissingRuntime is used when the OCI runtime requested by the container is missing (not installed or not in the configuration file).

Pod represents a group of containers that are managed together.

PodConfig represents a pod's static configuration.

PodContainerStats is an organization struct for pods and their containers.

Runtime is the core libpod runtime.

RuntimeContainerMetadata is the structure that we encode as JSON and store in the metadata field of storage.Container objects.

A service consists of one or more pods.

SQLiteState is a state implementation backed by a SQLite database.

StorageContainer represents a container present in c/storage but not in libpod.

Volume is a libpod named volume.

VolumeConfig holds the volume's immutable configuration.

VolumeState holds the volume's mutable state.

YAMLContainer represents the same k8s API core Container struct with a small change and that is having Resources as a pointer to k8s API core ResourceRequirements.

YAMLDaemonSet represents the same k8s API core DaemonSet with a small change and that is having Spec as a pointer to YAMLDaemonSetSpec and Status as a pointer to k8s API core DaemonSetStatus.

YAMLDaemonSetSpec represents the same k8s API core DeploymentSpec with a small change and that is having Template as a pointer to YAMLPodTemplateSpec and Strategy as a pointer to k8s API core DaemonSetStrategy.

YAMLDeployment represents the same k8s API core Deployment with a small change and that is having Spec as a pointer to YAMLDeploymentSpec and Status as a pointer to k8s API core DeploymentStatus.

YAMLDeploymentSpec represents the same k8s API core DeploymentSpec with a small change and that is having Template as a pointer to YAMLPodTemplateSpec and Strategy as a pointer to k8s API core DeploymentStrategy.

YAMLPod represents the same k8s API core Pod struct with a small change and that is having Spec as a pointer to YAMLPodSpec and Status as a pointer to k8s API core PodStatus.

YAMLPodSpec represents the same k8s API core PodSpec struct with a small change and that is having Containers as a pointer to YAMLContainer.

YAMLPodTemplateSpec represents the same k8s API core PodTemplateStruct with a small change and that is having Spec as a pointer to YAMLPodSpec.

YAMLService represents the same k8s API core Service struct with a small change and that is having Status as a pointer to k8s API core ServiceStatus.

OCIRuntime is an implementation of an OCI runtime.

State is a storage backend for libpod's current state.

ContainerFilter is a function to determine whether a container is included in command output.

ContainerNetworkDescriptions describes the relationship between the CNI network and the ethN where N is an integer.

A CtrCreateOption is a functional option which alters the Container created by NewContainer.

LinuxNS represents a Linux namespace.

A PodCreateOption is a functional option which alters the Pod created by NewPod.

PodFilter is a function to determine whether a pod is included in command output.

A RuntimeOption is a functional option which alters the Runtime created by NewRuntime.

A VolumeCreateOption is a functional option which alters the Volume created by NewVolume.

VolumeFilter is a function to determine whether a volume is included in command output.