Struct ContainerCreateOptsBuilder

pub struct ContainerCreateOptsBuilder { /* private fields */ }

A builder struct for ContainerCreateOpts.

Implementations

impl ContainerCreateOptsBuilder

pub fn build(self) -> ContainerCreateOpts

Finish building ContainerCreateOpts.

impl ContainerCreateOptsBuilder

pub fn annotations<K, V>( self, annotations: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

Annotations are key-value options passed into the container runtime that can be used to trigger special behavior.

pub fn apparmor_profile(self, apparmor_profile: impl Serialize) -> Self

ApparmorProfile is the name of the Apparmor profile the container will use.

pub fn add_capabilities<S>( self, add_capabilities: impl IntoIterator<Item = S>, ) -> Self

where S: Serialize,

Capabilities which will be added to the container. Conflicts with privileged.

pub fn drop_capabilities<S>( self, drop_capabilities: impl IntoIterator<Item = S>, ) -> Self

where S: Serialize,

Capabilities which will be removed from the container. Conflicts with privileged.

pub fn cgroup_parent(self, cgroup_parent: impl Serialize) -> Self

Set the container’s CGroup parent. If not set, the default for the current cgroup driver will be used.

pub fn cgroup_namespace(self, cgroup_namespace: Namespace) -> Self

Namespace to use for cgroups.

pub fn cgroup_mode(self, cgroup_mode: impl Serialize) -> Self

Sets a policy for how cgroups will be created in the container, including the ability to disable creation entirely.

pub fn chroot_directories<S>( self, chroot_directories: impl IntoIterator<Item = S>, ) -> Self

where S: Serialize,

Additional set of directories that need to be treated as root directories. Standard bind mounts will be mounted into paths relative to these directories.

pub fn command<S>(self, command: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

Command that the container should run. If not given and Image is specified, this will be populated by the image’s configuration.

pub fn common_pid_file(self, common_pid_file: impl Serialize) -> Self

A path at which a PID file for Conmon will be placed. If not given, a default location will be used.

pub fn create_command<S>( self, create_command: impl IntoIterator<Item = S>, ) -> Self

where S: Serialize,

The command that was used to create this container. This will be returned when inspecting the container.

pub fn cpu_period(self, cpu_period: u64) -> Self

CPU period of the cpuset

pub fn cpu_quota(self, cpu_quota: i64) -> Self

CPU quota of the cpuset

pub fn create_working_dir(self, create_working_dir: bool) -> Self

Create the working directory if it doesn’t exist. If unset, it doesn’t create it.

pub fn dependency_containers<S>( self, dependency_containers: impl IntoIterator<Item = S>, ) -> Self

where S: Serialize,

An array of containers this container depends on. Dependency containers must be started before this container. Dependencies can be specified by name or full/partial ID.

pub fn device_cgroup_rule( self, device_cgroup_rule: impl IntoIterator<Item = LinuxDeviceCgroup>, ) -> Self

DeviceCgroupRule are device cgroup rules that allow containers to use additional types of devices.

pub fn devices(self, devices: impl IntoIterator<Item = LinuxDevice>) -> Self

Devices are devices that will be added to the container.

pub fn devices_from<S>(self, devices_from: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A way to ensure your container inherits device specific information from another container.

pub fn dns_option<S>(self, dns_option: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A set of DNS options that will be used in the container’s resolv.conf, replacing the host’s DNS options which are used by default. Conflicts with use_image_resolv_conf.

pub fn dns_search<S>(self, dns_search: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A set of DNS search domains that will be used in the container’s resolv.conf, replacing the host’s DNS search domains which are used by default. Conflicts with use_image_resolv_conf.

pub fn dns_server<S>(self, dns_server: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A set of DNS servers that will be used in the container’s resolv.conf, replacing the host’s DNS Servers which are used by default. Conflicts with use_image_resolv_conf.

pub fn entrypoint<S>(self, entrypoint: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

Container’s entrypoint. If not given and Image is specified, this will be populated by the image’s configuration.

pub fn env<K, V>(self, env: impl IntoIterator<Item = (K, V)>) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of environment variables that will be set in the container.

pub fn env_host(self, env_host: bool) -> Self

Indicates that the host environment should be added to container.

pub fn envmerge<S>(self, envmerge: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

Takes the specified environment variables from image and preprocess them before injecting them into the container.

pub fn groups<S>(self, groups: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

Groups are a list of supplemental groups the container’s user will be granted access to.

pub fn health_check_on_failure_action( self, health_check_on_failure_action: i64, ) -> Self

Defines how Podman reacts when a container’s health status turns unhealthy.

pub fn health_config(self, health_config: Schema2HealthConfig) -> Self

Health config which holds configuration settings for the HEALTHCHECK feature, from docker/docker/api/types/container.

pub fn host_device_list( self, host_device_list: impl IntoIterator<Item = LinuxDevice>, ) -> Self

The bits have the same definition on all systems, so that information about files can be moved from one system to another portably. Not all bits apply to all systems. The only required bit is ModeDir for directories.

pub fn hosts_add<S>(self, hosts_add: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A set of hosts which will be added to the container’s etc/hosts file. Conflicts with use_image_hosts.

pub fn hostname(self, hostname: impl Serialize) -> Self

If not set, the hostname will not be modified (if UtsNS is not private) or will be set to the container ID (if UtsNS is private). Conflicts with UtsNS if UtsNS is not set to private.

pub fn hostusers<S>(self, hostusers: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

List of host usernames or UIDs to add to the container etc/passwd file.

pub fn http_proxy(self, http_proxy: bool) -> Self

Indicates that the http host proxy environment variables should be added to container.

pub fn id_mappings(self, id_mappings: IdMappingOptions) -> Self

Used for specifying how ID mapping should be set up for a layer or container.

pub fn image(self, image: impl Serialize) -> Self

Image is the image the container will be based on. The image will be used as the container’s root filesystem, and its environment vars, volumes, and other configuration will be applied to the container. Conflicts with rootfs.

At least one of image or rootfs must be specified.

pub fn image_arch(self, image_arch: impl Serialize) -> Self

User-specified image architecture

pub fn image_os(self, image_os: impl Serialize) -> Self

User-specified image OS

pub fn image_variant(self, image_variant: impl Serialize) -> Self

User-specified image variant

pub fn image_volume_mode(self, image_volume_mode: ImageVolumeMode) -> Self

Indicates how image volumes will be created. The default if unset is anonymous.

pub fn image_volumes( self, image_volumes: impl IntoIterator<Item = ImageVolume>, ) -> Self

Image volumes bind-mount a container-image mount into the container.

pub fn init(self, init: bool) -> Self

Specifies that an init binary will be mounted into the container, and will be used as PID1.

pub fn init_container_type(self, init_container_type: impl Serialize) -> Self

Describes if this container is an init container and if so, what type: always or once.

pub fn init_path(self, init_path: impl Serialize) -> Self

Specifies the path to the init binary that will be added if init is specified above. If not specified, the default set in the Libpod config will be used. Ignored if init is not set.

pub fn ipc_namespace(self, ipc_namespace: Namespace) -> Self

Namespace to use for IPC.

pub fn labels<K, V>(self, labels: impl IntoIterator<Item = (K, V)>) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of labels that will be assigned to the container.

pub fn log_configuration(self, log_configuration: LogConfig) -> Self

Logging configuration for the container.

pub fn manage_password(self, manage_password: bool) -> Self

Container run option that determines if we are validating users/groups before running the container.

pub fn mask<S>(self, mask: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

The path we want to mask in the container. This masks the paths given in addition to the default list.

pub fn mounts(self, mounts: impl IntoIterator<Item = ContainerMount>) -> Self

Mounts that will be added to the container. These will supersede image_volumes and volumes_from volumes where there are conflicts.

pub fn name(self, name: impl Serialize) -> Self

The name the container will be given. If no name is provided, one will be randomly generated.

pub fn namespace(self, namespace: impl Serialize) -> Self

The libpod namespace the container will be placed in.

pub fn net_namespace(self, net_namespace: Namespace) -> Self

Namespace to use for network.

pub fn network_options<K, V>( self, network_options: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

Additional options for each network.

pub fn networks<K, V>(self, networks: impl IntoIterator<Item = (K, V)>) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

Map of networks names or ids that the container should join. You can request additional settings for each network, you can set network aliases, static ips, static mac address and the network interface name for this container on the specific network. If the map is empty and the bridge network mode is set the container will be joined to the default network.

pub fn no_new_privilages(self, no_new_privilages: bool) -> Self

Whether the container will set the no new privileges flag on create, which disables gaining additional privileges (e.g. via setuid) in the container.

pub fn oci_runtime(self, oci_runtime: impl Serialize) -> Self

The name of the OCI runtime that will be used to create the container. If not specified, the default will be used.

pub fn oom_score_adj(self, oom_score_adj: i64) -> Self

Adjusts the score used by the OOM killer to determine processes to kill for the container’s process.

pub fn overlay_volumes( self, overlay_volumes: impl IntoIterator<Item = OverlayVolume>, ) -> Self

Overlay volumes are named volumes that will be added to the container.

pub fn passwd_entry(self, passwd_entry: impl Serialize) -> Self

Specifies arbitrary data to append to a file.

pub fn personality(self, personality: LinuxPersonality) -> Self

Specify the Linux personality syscall input.

pub fn pid_namespace(self, pid_namespace: Namespace) -> Self

Namespace to use for pids.

pub fn pod(self, pod: impl Serialize) -> Self

ID of the pod the container should join.

pub fn portmappings( self, portmappings: impl IntoIterator<Item = PortMapping>, ) -> Self

Set of ports to map into the container. Only available if NetNS is set to bridge or slirp.

pub fn privileged(self, privileged: bool) -> Self

Whether the container is privileged. Privileged does the following: Adds all devices on the system to the container. Adds all capabilities to the container. Disables Seccomp, SELinux, and Apparmor confinement. (Though SELinux can be manually re-enabled).

pub fn procfs_opts<S>(self, procfs_opts: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

The options used for the proc mount.

pub fn publish_image_ports(self, publish_image_ports: bool) -> Self

If set to true the ports specified in the image will be published to random unused ports (guaranteed to be above 1024) on the host. This is based on ports set in Expose below, and any ports specified by the Image (if one is given). Only available if net_namespace is set to Bridge or Slirp.

pub fn r_limits(self, r_limits: impl IntoIterator<Item = PosixRlimit>) -> Self

Rlimits are POSIX rlimits to apply to the container. Optional.

pub fn raw_image_name(self, raw_image_name: impl Serialize) -> Self

The user-specified and unprocessed input referring to a local or a remote image.

pub fn read_only_fs(self, read_only_fs: bool) -> Self

If set to true everything will be mounted as read-only.

pub fn remove(self, remove: bool) -> Self

If set to true the container will be removed upon exitting.

pub fn resource_limits(self, resource_limits: LinuxResources) -> Self

Set the container runtime resource contstraints.

pub fn restart_policy(self, restart_policy: ContainerRestartPolicy) -> Self

An action which will be taken when the container exits. If not given, the default policy, which does nothing, will be used.

pub fn restart_tries(self, restart_tries: u64) -> Self

The number of attempts that will be made to restart the container. Only available when restart_policy is set to on-failure.

pub fn rootfs(self, rootfs: impl Serialize) -> Self

The path to a directory that will be used as the container’s root filesystem. No modification will be made to the directory, it will be directly mounted into the container as root. Conflicts with image.

At least one of image or rootfs must be specified.

pub fn rootfs_overlay(self, rootfs_overlay: bool) -> Self

Tells if rootfs is actuall an overlay on top of base path.

pub fn rootfs_propagation(self, rootfs_propagation: impl Serialize) -> Self

The rootfs propagation mode for the container. If not set, the default of rslave will be used.

pub fn sdnotify_mode(self, sdnotify_mode: SocketNotifyMode) -> Self

Determine how to handle NOTIFY_SOCKET.

pub fn seccomp_policy(self, seccomp_policy: SeccompPolicy) -> Self

Determines which seccomp profile gets applied the container.

pub fn seccomp_profile_path(self, seccomp_profile_path: impl Serialize) -> Self

The path to a JSON file containing the container’s Seccomp profile. If not specified, no Seccomp profile will be used.

pub fn secret_env<K, V>( self, secret_env: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of secrets that will be set as environment variables.

pub fn secrets(self, secrets: impl IntoIterator<Item = Secret>) -> Self

Secrets are the secrets that will be added to the container.

pub fn selinux_opts<S>(self, selinux_opts: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

The process label the container will use. if SELinux is enabled and this is not specified, a label will be automatically generated if not specified.

pub fn shm_size(self, shm_size: i64) -> Self

The size of the tmpfs to mount in at /dev/shm, in bytes.

pub fn stdin(self, stdin: bool) -> Self

Whether the container should keep it’s STDIN open.

pub fn stop_signal(self, stop_signal: i64) -> Self

A number describing a process signal.

pub fn stop_timeout(self, stop_timeout: u64) -> Self

A timeout between the container’s stop signal being sent and SIGKILL being sent. If not provided, the default will be used. If 0 is used, stop signal will not be sent, and SIGKILL will be sent instead.

pub fn storage_opts<K, V>( self, storage_opts: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of container’s storage options.

pub fn sysctl<K, V>(self, sysctl: impl IntoIterator<Item = (K, V)>) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of kernel parameters to set in the container.

pub fn systemd(self, systemd: SystemdEnabled) -> Self

pub fn terminal(self, terminal: bool) -> Self

Whether the container will create a PTY.

pub fn throttle_read_bps_device<K, V>( self, throttle_read_bps_device: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

IO read rate limit per cgroup per device, bytes per second

pub fn throttle_read_iops_device<K, V>( self, throttle_read_iops_device: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

IO read rate limit per cgroup per device, IO per second

pub fn throttle_write_bps_device<K, V>( self, throttle_write_bps_device: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

IO write rate limit per cgroup per device, bytes per second

pub fn throttle_write_iops_device<K, V>( self, throttle_write_iops_device: impl IntoIterator<Item = (K, V)>, ) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

IO write rate limit per cgroup per device, IO per second

pub fn timeout(self, timeout: u64) -> Self

A maximum time in seconds the container will run before main process is sent SIGKILL. If 0 is used, signal will not be sent.

pub fn timezone(self, timezone: impl Serialize) -> Self

The timezone inside the container. Local means it has the same timezone as the host machine.

pub fn umask(self, umask: impl Serialize) -> Self

The umask the init process of the container will be run with.

pub fn unified<K, V>(self, unified: impl IntoIterator<Item = (K, V)>) -> Self

where K: Serialize + Eq + Hash, V: Serialize,

A list of key-value options passed into the container runtime that are used to configure cgroup v2.

pub fn unmask<S>(self, unmask: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

The path we want to unmask in the container. To override all the default paths that are masked, set unmask=ALL.

pub fn unset_env<S>(self, unset_env: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

A list of environment variables to unset if specified in the image or from buildin or containers.conf

pub fn unset_env_all(self, unset_env_all: bool) -> Self

If true all environment variables from the image or from buldin or containers.conf will get unset.

pub fn use_image_hosts(self, use_image_hosts: bool) -> Self

Indicates that /etc/hosts should not be managed by Podman, and instead sourced from the image. Conflicts with hosts_add.

pub fn use_image_resolv_conf(self, use_image_resolv_conf: bool) -> Self

Indicates that /etc/hosts should not be managed by Podman, and instead sourced from the image. Conflicts with dns_server, dns_search, dns_option.

pub fn user(self, user: impl Serialize) -> Self

The user the container will be run as. Can be given as a UID or a username; if a username, it will be resolved within the container, using the container’s /etc/passwd. If unset, the container will be run as root.

pub fn user_namespace(self, user_namespace: Namespace) -> Self

Namespace to use for users.

pub fn uts_namespace(self, uts_namespace: Namespace) -> Self

Namespace to use for uts.

pub fn volatile(self, volatile: bool) -> Self

Specifies whether the container storage can be optimized at the cost of not syncing all the dirty files in memory.

pub fn volumes(self, volumes: impl IntoIterator<Item = NamedVolume>) -> Self

Specifies the container volume to use with this container.

pub fn volumes_from<S>(self, volumes_from: impl IntoIterator<Item = S>) -> Self

where S: Serialize,

Set of containers whose volumes will be added to this container. The name or ID of the container must be provided, and may optionally be followed by a : and then one or more comma-separated options. Valid options are ‘ro’, ‘rw’, and ‘z’. Options will be used for all volumes sourced from the container.

pub fn weight_device(self, weight_device: LinuxWeightDevice) -> Self

Weight per cgroup per device.

pub fn work_dir(self, work_dir: impl Serialize) -> Self

Override the container’s working directory. If unset, the default, /, will be used.

Trait Implementations

impl Clone for ContainerCreateOptsBuilder

fn clone(&self) -> ContainerCreateOptsBuilder

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ContainerCreateOptsBuilder

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for ContainerCreateOptsBuilder

fn default() -> ContainerCreateOptsBuilder

Returns the “default value” for a type.