Structs§
- Container
- Container runtime that orchestrates all isolation mechanisms
- Container
Config - Container configuration
- Container
Lifecycle - Container lifecycle operations (stop, kill, delete)
- Container
State - Container state tracking information
- Container
State Manager - Container state manager
- Container
State Params - Parameters for creating a new
ContainerState. - Created
Container - Handle returned by
Container::create()representing a container whose child process has been forked and is blocked on the exec FIFO, waiting forstart()to release it. - Health
Check - Health check configuration for long-running services.
- Process
Identity - Runtime identity for the workload process inside the container.
- Secret
Mount - Secrets configuration for mounting secret files into the container.
- Volume
Mount - Volume configuration for mounting persistent or ephemeral storage.
Enums§
- Kernel
Lockdown Mode - Required host kernel lockdown mode, when asserted by the runtime.
- Network
Mode Arg - CLI-level network mode selection.
- OciStatus
- OCI-compliant container status
- Readiness
Probe - Readiness probe configuration.
- Runtime
Selection - CLI-level runtime selection.
- Seccomp
Mode - Seccomp operating mode.
- Service
Mode - Service mode for the container.
- Trust
Level - Trust level for a container workload.
- Volume
Source - Source backing for a volume mount.
Functions§
- generate_
container_ id - Generate a unique 32-hex-char container ID (128-bit) using /dev/urandom.
- parse_
signal - Parse a signal name or number string into a Signal
- validate_
container_ name - Validate a container name for safe use.
- validate_
hostname - Validate a hostname according to RFC 1123.