zhouyuhuan
/
Cloudpods


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171
							// Copyright 2019 Yunion
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package compute

import (
	"time"

	"yunion.io/x/onecloud/pkg/httperrors"
)

const (
	POD_STATUS_CREATING_CONTAINER      = "creating_container"
	POD_STATUS_CREATE_CONTAINER_FAILED = "create_container_failed"
	POD_STATUS_STARTING_CONTAINER      = "starting_container"
	POD_STATUS_START_CONTAINER_FAILED  = "start_container_failed"
	POD_STATUS_STOPPING_CONTAINER      = "stopping_container"
	POD_STATUS_STOP_CONTAINER_FAILED   = "stop_container_failed"
	POD_STATUS_DELETING_CONTAINER      = "deleting_container"
	POD_STATUS_DELETE_CONTAINER_FAILED = "delete_container_failed"
	POD_STATUS_UPLOADING_STATUS        = "uploading_status"
	POD_STATUS_UPLOADING_STATUS_FAILED = "upload_status_failed"
	POD_STATUS_CRASH_LOOP_BACK_OFF     = "crash_loop_back_off"
	POD_STATUS_CONTAINER_EXITED        = "container_exited"
)

const (
	POD_METADATA_CRI_ID                   = "cri_id"
	POD_METADATA_CRI_CONFIG               = "cri_config"
	POD_METADATA_PORT_MAPPINGS            = "port_mappings"
	POD_METADATA_POST_STOP_CLEANUP_CONFIG = "post_stop_cleanup_config"
)

type PodContainerCreateInput struct {
	// Container name
	Name string `json:"name"`
	ContainerSpec
}

type PodPortMappingProtocol string

const (
	PodPortMappingProtocolTCP = "tcp"
	PodPortMappingProtocolUDP = "udp"
	//PodPortMappingProtocolSCTP = "sctp"
)

const (
	POD_PORT_MAPPING_RANGE_START = 20000
	POD_PORT_MAPPING_RANGE_END   = 25000
)

type PodPortMappingPortRange struct {
	Start int `json:"start"`
	End   int `json:"end"`
}

type PodPortMapping struct {
	Protocol      PodPortMappingProtocol   `json:"protocol"`
	ContainerPort int                      `json:"container_port"`
	HostPort      *int                     `json:"host_port,omitempty"`
	HostIp        string                   `json:"host_ip"`
	HostPortRange *PodPortMappingPortRange `json:"host_port_range,omitempty"`
}

type PodSecurityContext struct {
	RunAsUser  *int64 `json:"run_as_user,omitempty"`
	RunAsGroup *int64 `json:"run_as_group,omitempty"`
}

type PodCreateInput struct {
	Containers []*PodContainerCreateInput `json:"containers"`
	HostIPC    bool                       `json:"host_ipc"`
	//PortMappings    []*PodPortMapping          `json:"port_mappings"`
	SecurityContext *PodSecurityContext `json:"security_context,omitempty"`
}

type PodStartResponse struct {
	CRIId     string `json:"cri_id"`
	IsRunning bool   `json:"is_running"`
}

type PodMetadataPortMapping struct {
	Protocol      PodPortMappingProtocol `json:"protocol"`
	ContainerPort int32                  `json:"container_port"`
	HostPort      int32                  `json:"host_port,omitempty"`
	HostIp        string                 `json:"host_ip"`
}

type GuestSetPortMappingsInput struct {
	PortMappings []*PodPortMapping `json:"port_mappings"`
}

type PodLogOptions struct {
	// The container for which to stream logs. Defaults to only container if there is one container in the pod.
	// +optional
	Container string `json:"container,omitempty"`
	// Follow the log stream of the pod. Defaults to false.
	// +optional
	Follow bool `json:"follow,omitempty"`
	// Return previous terminated container logs. Defaults to false.
	// +optional
	Previous bool `json:"previous,omitempty"`
	// A relative time in seconds before the current time from which to show logs. If this value
	// precedes the time a pod was started, only logs since the pod start will be returned.
	// If this value is in the future, no logs will be returned.
	// Only one of sinceSeconds or sinceTime may be specified.
	// +optional
	SinceSeconds *int64 `json:"sinceSeconds,omitempty"`
	// An RFC3339 timestamp from which to show logs. If this value
	// precedes the time a pod was started, only logs since the pod start will be returned.
	// If this value is in the future, no logs will be returned.
	// Only one of sinceSeconds or sinceTime may be specified.
	// +optional
	SinceTime *time.Time `json:"sinceTime,omitempty"`
	// If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line
	// of log output. Defaults to false.
	// +optional
	Timestamps bool `json:"timestamps,omitempty"`
	// If set, the number of lines from the end of the logs to show. If not specified,
	// logs are shown from the creation of the container or sinceSeconds or sinceTime
	// +optional
	TailLines *int64 `json:"tailLines,omitempty"`
	// If set, the number of bytes to read from the server before terminating the
	// log output. This may not display a complete final line of logging, and may return
	// slightly more or slightly less than the specified limit.
	// +optional
	LimitBytes *int64 `json:"limitBytes,omitempty"`

	// insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the
	// serving certificate of the backend it is connecting to.  This will make the HTTPS connection between the apiserver
	// and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real
	// kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the
	// connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept
	// the actual log data coming from the real kubelet).
	// +optional
	InsecureSkipTLSVerifyBackend bool `json:"insecureSkipTLSVerifyBackend,omitempty"`
}

func ValidatePodLogOptions(opts *PodLogOptions) error {
	if opts.TailLines != nil && *opts.TailLines < 0 {
		return httperrors.NewInputParameterError("negative tail lines")
	}
	if opts.LimitBytes != nil && *opts.LimitBytes < 1 {
		return httperrors.NewInputParameterError("limit_bytes must be greater than zero")
	}
	if opts.SinceSeconds != nil && opts.SinceTime != nil {
		return httperrors.NewInputParameterError("at most one of since_time or since_seconds must be specified")
	}
	if opts.SinceSeconds != nil {
		if *opts.SinceSeconds < 1 {
			return httperrors.NewInputParameterError("since_seconds must be greater than zero")
		}
	}
	return nil
}

type PodPostStopCleanupConfig struct {
	Dirs []string `json:"dirs"`
}