Struct Ec2Runtime 

pub struct Ec2Runtime { /* private fields */ }

Implementations

impl Ec2Runtime

pub fn new() -> Option<Self>

Construct the Docker/Podman backend. Returns None when no container CLI is available — callers then run in metadata-only mode.

pub async fn new_k8s(server_port: u16) -> Result<Self, BackendInitError>

Construct the Kubernetes backend. server_port is fakecloud’s bound port (used when FAKECLOUD_K8S_SELF_URL omits one). Fails fast on misconfiguration — never silently degrades to Docker.

pub fn firewall(&self) -> &FirewallEnforcer

The firewall enforcer, so the control plane can skip building the model when enforcement is disabled and report the mode for introspection.

pub async fn reconcile_firewall(&self, subnets: Vec<SubnetFirewall>)

Re-render and atomically apply the security-group/NACL ruleset for the given per-subnet model. No-op (cheap) when enforcement is disabled. Serialized against other reconciles (finding 4.3).

pub fn network_isolation_enforced(&self) -> bool

Whether this runtime backs network isolation with real enforcement — host nftables (Docker, opt-in) or k8s NetworkPolicy. Lets the control plane skip building the firewall model entirely when neither applies.

pub fn is_k8s(&self) -> bool

True for the Kubernetes backend (isolation via NetworkPolicy).

pub async fn reconcile_network_policies(&self, rules: Vec<InstanceRules>)

Apply one NetworkPolicy per instance for the k8s backend. No-op on the Docker backend (which uses nftables instead). Serialized against other reconciles so a concurrent apply+prune can’t delete a just-applied policy (finding 4.3).

pub fn network_isolation_summary(&self) -> NetworkIsolationSummary

A snapshot of how this runtime isolates instance traffic, for the /_fakecloud/ec2/instance-networks introspection endpoint (#1745 ph5).

pub fn cli_name(&self) -> &str

Name of the active backend, for logging.

pub async fn run_instance( &self, instance_id: &str, user_data: Option<&str>, tags: &BTreeMap<String, String>, network: Option<&InstanceNetwork>, ) -> Result<RunningInstance, RuntimeError>

Boot a container for an instance. user_data is the base64-encoded user-data as received on the wire (RunInstances UserData), run at boot the way cloud-init would, if present.

pub async fn stop_instance(&self, instance_id: &str)

Stop an instance’s backing container (maps to StopInstances). Docker stops the container in place; k8s deletes the Pod (recreated on the next Start).

pub async fn start_instance(&self, instance_id: &str) -> Option<RunningInstance>

Start a previously-stopped instance (maps to StartInstances). Returns the running container’s (possibly new) handle and private IP. Docker starts the existing container; k8s recreates the Pod under a new unique name, so the handle changes — callers should persist it.

pub async fn reboot_instance( &self, instance_id: &str, ) -> Option<RunningInstance>

Restart an instance’s backing container (maps to RebootInstances). Docker restarts in place; k8s deletes and recreates the Pod under a new name. Returns the running container’s handle + IP when it changed (k8s), so callers can persist the new handle; None when nothing to update.

pub async fn terminate_instance(&self, instance_id: &str)

Remove an instance’s backing container (maps to TerminateInstances).

pub async fn stop_all(&self)

Tear down every container this runtime spawned (used on reset and shutdown). The Docker backend leans on the shared reaper for any container it loses track of.

pub async fn reap_stale(&self)

Sweep instance Pods orphaned by a previous fakecloud process (k8s only; the Docker backend relies on the shared reaper).

pub async fn console_output(&self, instance_id: &str) -> Option<Vec<u8>>

The backing container’s console log — its combined stdout/stderr, which includes anything user-data printed at boot (maps to GetConsoleOutput). None for an unbacked instance or when logs can’t be read.

Trait Implementations

impl Clone for Ec2Runtime

fn clone(&self) -> Ec2Runtime

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Ec2Runtime

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.