containerd_shimkit/sandbox/mod.rs
1//! This module provides abstractions for managing WebAssembly containers in a sandboxed environment.
2//!
3//! This module gives you complete control over the container lifecycle and sandboxing,
4//! compared to the higher-level container module. It's useful when you need:
5//!
6//! - Custom sandboxing requirements
7//! - Direct control over container lifecycle
8//! - Support MacOS or Windows
9//!
10//! There are also some downsides to using this module:
11//!
12//! - No precompilation out-of-the-box
13//! - Does not support for native Linux containers out-of-the-box
14//! - Requires manual handling of cgroup setup
15//!
16//! ## Key Components
17//!
18//! - [`Instance`]: Core trait for implementing container lifecycle management
19//! - [`cli`]: Command line interface for the containerd shim
20//!
21//! ## Example Usage
22//!
23//! ```rust,no_run
24//! use containerd_shimkit::sandbox::{Instance, InstanceConfig, Error};
25//! use chrono::{DateTime, Utc};
26//! use std::time::Duration;
27//! use anyhow::Result;
28//!
29//! #[derive(Clone, Default)]
30//! struct MyInstance;
31//!
32//! impl Instance for MyInstance {
33//! async fn new(id: String, cfg: &InstanceConfig) -> Result<Self, Error> {
34//! Ok(MyInstance)
35//! }
36//!
37//! async fn start(&self) -> Result<u32, Error> {
38//! Ok(1)
39//! }
40//!
41//! async fn kill(&self, signal: u32) -> Result<(), Error> {
42//! Ok(())
43//! }
44//!
45//! async fn delete(&self) -> Result<(), Error> {
46//! Ok(())
47//! }
48//!
49//! async fn wait(&self) -> (u32, DateTime<Utc>) {
50//! (0, Utc::now())
51//! }
52//! }
53//! ```
54
55pub mod cli;
56pub mod error;
57pub mod instance;
58pub mod shim;
59pub mod sync;
60
61pub use error::{Error, Result};
62pub use instance::{Instance, InstanceConfig};
63pub use shim::Config;
64pub(crate) use shim::Shim;
65
66pub(crate) mod instance_utils;
67pub(crate) mod oci;
68
69pub(crate) mod async_utils;