podman_rest_client/v5/models/inspect_container_host_config.rs
1use serde::{Deserialize, Serialize};
2#[derive(Default, Debug, Serialize, Deserialize)]
3/// InspectContainerHostConfig holds information used when the container was
4/// created.
5/// It's very much a Docker-specific struct, retained (mostly) as-is for
6/// compatibility. We fill individual fields as best as we can, inferring as much
7/// as possible from the spec and container config.
8/// Some things cannot be inferred. These will be populated by spec annotations
9/// (if available).
10/// nolint:revive,stylecheck // Field names are fixed for compatibility and cannot be changed.
11pub struct InspectContainerHostConfig {
12 /// Annotations are provided to the runtime when the container is
13 /// started.
14 #[serde(rename = "Annotations")]
15 pub annotations: Option<std::collections::HashMap<String, String>>,
16 /// AutoRemove is whether the container will be automatically removed on
17 /// exiting.
18 /// It is not handled directly within libpod and is stored in an
19 /// annotation.
20 #[serde(rename = "AutoRemove")]
21 pub auto_remove: Option<bool>,
22 /// Binds contains an array of user-added mounts.
23 /// Both volume mounts and named volumes are included.
24 /// Tmpfs mounts are NOT included.
25 /// In 'docker inspect' this is separated into 'Binds' and 'Mounts' based
26 /// on how a mount was added. We do not make this distinction and do not
27 /// include a Mounts field in inspect.
28 /// Format: <src>:<destination>[:<comma-separated options>]
29 #[serde(rename = "Binds")]
30 pub binds: Option<Vec<String>>,
31 /// BlkioDeviceReadBps is an array of I/O throttle parameters for
32 /// individual device nodes.
33 /// This specifically sets read rate cap in bytes per second for device
34 /// nodes.
35 /// As with BlkioWeightDevice, we pull the path from /sys/dev, and we
36 /// don't guarantee the path will be identical to the original (though
37 /// the node will be).
38 #[serde(rename = "BlkioDeviceReadBps")]
39 pub blkio_device_read_bps: Option<Vec<crate::v5::models::InspectBlkioThrottleDevice>>,
40 /// BlkioDeviceReadIOps is an array of I/O throttle parameters for
41 /// individual device nodes.
42 /// This specifically sets the read rate cap in iops per second for
43 /// device nodes.
44 /// As with BlkioWeightDevice, we pull the path from /sys/dev, and we
45 /// don't guarantee the path will be identical to the original (though
46 /// the node will be).
47 #[serde(rename = "BlkioDeviceReadIOps")]
48 pub blkio_device_read_i_ops: Option<Vec<crate::v5::models::InspectBlkioThrottleDevice>>,
49 /// BlkioDeviceWriteBps is an array of I/O throttle parameters for
50 /// individual device nodes.
51 /// this specifically sets write rate cap in bytes per second for device
52 /// nodes.
53 /// as with BlkioWeightDevice, we pull the path from /sys/dev, and we
54 /// don't guarantee the path will be identical to the original (though
55 /// the node will be).
56 #[serde(rename = "BlkioDeviceWriteBps")]
57 pub blkio_device_write_bps: Option<Vec<crate::v5::models::InspectBlkioThrottleDevice>>,
58 /// BlkioDeviceWriteIOps is an array of I/O throttle parameters for
59 /// individual device nodes.
60 /// This specifically sets the write rate cap in iops per second for
61 /// device nodes.
62 /// As with BlkioWeightDevice, we pull the path from /sys/dev, and we
63 /// don't guarantee the path will be identical to the original (though
64 /// the node will be).
65 #[serde(rename = "BlkioDeviceWriteIOps")]
66 pub blkio_device_write_i_ops: Option<Vec<crate::v5::models::InspectBlkioThrottleDevice>>,
67 /// BlkioWeight indicates the I/O resources allocated to the container.
68 /// It is a relative weight in the scheduler for assigning I/O time
69 /// versus other Cgroups.
70 #[serde(rename = "BlkioWeight")]
71 pub blkio_weight: Option<u16>,
72 /// BlkioWeightDevice is an array of I/O resource priorities for
73 /// individual device nodes.
74 /// Unfortunately, the spec only stores the device's Major/Minor numbers
75 /// and not the path, which is used here.
76 /// Fortunately, the kernel provides an interface for retrieving the path
77 /// of a given node by major:minor at /sys/dev/. However, the exact path
78 /// in use may not be what was used in the original CLI invocation -
79 /// though it is guaranteed that the device node will be the same, and
80 /// using the given path will be functionally identical.
81 #[serde(rename = "BlkioWeightDevice")]
82 pub blkio_weight_device: Option<Vec<crate::v5::models::InspectBlkioWeightDevice>>,
83 /// CapAdd is a list of capabilities added to the container.
84 /// It is not directly stored by Libpod, and instead computed from the
85 /// capabilities listed in the container's spec, compared against a set
86 /// of default capabilities.
87 #[serde(rename = "CapAdd")]
88 pub cap_add: Option<Vec<String>>,
89 /// CapDrop is a list of capabilities removed from the container.
90 /// It is not directly stored by libpod, and instead computed from the
91 /// capabilities listed in the container's spec, compared against a set
92 /// of default capabilities.
93 #[serde(rename = "CapDrop")]
94 pub cap_drop: Option<Vec<String>>,
95 /// Cgroup contains the container's cgroup. It is presently not
96 /// populated.
97 /// TODO.
98 #[serde(rename = "Cgroup")]
99 pub cgroup: Option<String>,
100 /// CgroupConf is the configuration for cgroup v2.
101 #[serde(rename = "CgroupConf")]
102 pub cgroup_conf: Option<std::collections::HashMap<String, String>>,
103 /// CgroupManager is the cgroup manager used by the container.
104 /// At present, allowed values are either "cgroupfs" or "systemd".
105 #[serde(rename = "CgroupManager")]
106 pub cgroup_manager: Option<String>,
107 /// CgroupMode is the configuration of the container's cgroup namespace.
108 /// Populated as follows:
109 /// private - a cgroup namespace has been created
110 /// host - No cgroup namespace created
111 /// container:<id> - Using another container's cgroup namespace
112 /// ns:<path> - A path to a cgroup namespace has been specified
113 #[serde(rename = "CgroupMode")]
114 pub cgroup_mode: Option<String>,
115 /// CgroupParent is the Cgroup parent of the container.
116 /// Only set if not default.
117 #[serde(rename = "CgroupParent")]
118 pub cgroup_parent: Option<String>,
119 /// Cgroups contains the container's Cgroup mode.
120 /// Allowed values are "default" (container is creating Cgroups) and
121 /// "disabled" (container is not creating Cgroups).
122 /// This is Libpod-specific and not included in `docker inspect`.
123 #[serde(rename = "Cgroups")]
124 pub cgroups: Option<String>,
125 /// ConsoleSize is an array of 2 integers showing the size of the
126 /// container's console.
127 /// It is only set if the container is creating a terminal.
128 /// TODO.
129 #[serde(rename = "ConsoleSize")]
130 pub console_size: Option<Vec<u64>>,
131 /// ContainerIDFile is a file created during container creation to hold
132 /// the ID of the created container.
133 /// This is not handled within libpod and is stored in an annotation.
134 #[serde(rename = "ContainerIDFile")]
135 pub container_id_file: Option<String>,
136 /// CpuCount is Windows-only and not presently implemented.
137 #[serde(rename = "CpuCount")]
138 pub cpu_count: Option<u64>,
139 /// CpuPercent is Windows-only and not presently implemented.
140 #[serde(rename = "CpuPercent")]
141 pub cpu_percent: Option<u64>,
142 /// CpuPeriod is the length of a CPU period in microseconds.
143 /// It relates directly to CpuQuota.
144 #[serde(rename = "CpuPeriod")]
145 pub cpu_period: Option<u64>,
146 /// CpuPeriod is the amount of time (in microseconds) that a container
147 /// can use the CPU in every CpuPeriod.
148 #[serde(rename = "CpuQuota")]
149 pub cpu_quota: Option<i64>,
150 /// CpuRealtimePeriod is the length of time (in microseconds) of the CPU
151 /// realtime period. If set to 0, no time will be allocated to realtime
152 /// tasks.
153 #[serde(rename = "CpuRealtimePeriod")]
154 pub cpu_realtime_period: Option<u64>,
155 /// CpuRealtimeRuntime is the length of time (in microseconds) allocated
156 /// for realtime tasks within every CpuRealtimePeriod.
157 #[serde(rename = "CpuRealtimeRuntime")]
158 pub cpu_realtime_runtime: Option<i64>,
159 /// CpuShares indicates the CPU resources allocated to the container.
160 /// It is a relative weight in the scheduler for assigning CPU time
161 /// versus other Cgroups.
162 #[serde(rename = "CpuShares")]
163 pub cpu_shares: Option<u64>,
164 /// CpusetCpus is the set of CPUs that the container will execute on.
165 /// Formatted as `0-3` or `0,2`. Default (if unset) is all CPUs.
166 #[serde(rename = "CpusetCpus")]
167 pub cpuset_cpus: Option<String>,
168 /// CpusetMems is the set of memory nodes the container will use.
169 /// Formatted as `0-3` or `0,2`. Default (if unset) is all memory nodes.
170 #[serde(rename = "CpusetMems")]
171 pub cpuset_mems: Option<String>,
172 /// Devices is a list of device nodes that will be added to the
173 /// container.
174 /// These are stored in the OCI spec only as type, major, minor while we
175 /// display the host path. We convert this with /sys/dev, but we cannot
176 /// guarantee that the host path will be identical - only that the actual
177 /// device will be.
178 #[serde(rename = "Devices")]
179 pub devices: Option<Vec<crate::v5::models::InspectDevice>>,
180 /// DiskQuota is the maximum amount of disk space the container may use
181 /// (in bytes).
182 /// Presently not populated.
183 /// TODO.
184 #[serde(rename = "DiskQuota")]
185 pub disk_quota: Option<u64>,
186 /// Dns is a list of DNS nameservers that will be added to the
187 /// container's resolv.conf
188 #[serde(rename = "Dns")]
189 pub dns: Option<Vec<String>>,
190 /// DnsOptions is a list of DNS options that will be set in the
191 /// container's resolv.conf
192 #[serde(rename = "DnsOptions")]
193 pub dns_options: Option<Vec<String>>,
194 /// DnsSearch is a list of DNS search domains that will be set in the
195 /// container's resolv.conf
196 #[serde(rename = "DnsSearch")]
197 pub dns_search: Option<Vec<String>>,
198 /// ExtraHosts contains hosts that will be added to the container's
199 /// etc/hosts.
200 #[serde(rename = "ExtraHosts")]
201 pub extra_hosts: Option<Vec<String>>,
202 /// GroupAdd contains groups that the user inside the container will be
203 /// added to.
204 #[serde(rename = "GroupAdd")]
205 pub group_add: Option<Vec<String>>,
206 #[serde(rename = "IDMappings")]
207 pub id_mappings: Option<crate::v5::models::InspectIdMappings>,
208 /// IOMaximumBandwidth is Windows-only and not presently implemented.
209 #[serde(rename = "IOMaximumBandwidth")]
210 pub io_maximum_bandwidth: Option<u64>,
211 /// IOMaximumIOps is Windows-only and not presently implemented.
212 #[serde(rename = "IOMaximumIOps")]
213 pub io_maximum_i_ops: Option<u64>,
214 /// Init indicates whether the container has an init mounted into it.
215 #[serde(rename = "Init")]
216 pub init: Option<bool>,
217 /// IntelRdtClosID defines the Intel RDT CAT Class Of Service (COS) that
218 /// all processes of the container should run in.
219 #[serde(rename = "IntelRdtClosID")]
220 pub intel_rdt_clos_id: Option<String>,
221 /// IpcMode represents the configuration of the container's IPC
222 /// namespace.
223 /// Populated as follows:
224 /// "" (empty string) - Default, an IPC namespace will be created
225 /// host - No IPC namespace created
226 /// container:<id> - Using another container's IPC namespace
227 /// ns:<path> - A path to an IPC namespace has been specified
228 #[serde(rename = "IpcMode")]
229 pub ipc_mode: Option<String>,
230 /// Isolation is presently unused and provided solely for Docker
231 /// compatibility.
232 #[serde(rename = "Isolation")]
233 pub isolation: Option<String>,
234 /// KernelMemory is the maximum amount of memory the kernel will devote
235 /// to the container.
236 #[serde(rename = "KernelMemory")]
237 pub kernel_memory: Option<i64>,
238 /// Links is unused, and provided purely for Docker compatibility.
239 #[serde(rename = "Links")]
240 pub links: Option<Vec<String>>,
241 #[serde(rename = "LogConfig")]
242 pub log_config: Option<crate::v5::models::InspectLogConfig>,
243 /// Memory indicates the memory resources allocated to the container.
244 /// This is the limit (in bytes) of RAM the container may use.
245 #[serde(rename = "Memory")]
246 pub memory: Option<i64>,
247 /// MemoryReservation is the reservation (soft limit) of memory available
248 /// to the container. Soft limits are warnings only and can be exceeded.
249 #[serde(rename = "MemoryReservation")]
250 pub memory_reservation: Option<i64>,
251 /// MemorySwap is the total limit for all memory available to the
252 /// container, including swap. 0 indicates that there is no limit to the
253 /// amount of memory available.
254 #[serde(rename = "MemorySwap")]
255 pub memory_swap: Option<i64>,
256 /// MemorySwappiness is the willingness of the kernel to page container
257 /// memory to swap. It is an integer from 0 to 100, with low numbers
258 /// being more likely to be put into swap.
259 /// 1, the default, will not set swappiness and use the system defaults.
260 #[serde(rename = "MemorySwappiness")]
261 pub memory_swappiness: Option<i64>,
262 /// NanoCpus indicates number of CPUs allocated to the container.
263 /// It is an integer where one full CPU is indicated by 1000000000 (one
264 /// billion).
265 /// Thus, 2.5 CPUs (fractional portions of CPUs are allowed) would be
266 /// 2500000000 (2.5 billion).
267 /// In 'docker inspect' this is set exclusively of two further options in
268 /// the output (CpuPeriod and CpuQuota) which are both used to implement
269 /// this functionality.
270 /// We can't distinguish here, so if CpuQuota is set to the default of
271 /// 100000, we will set both CpuQuota, CpuPeriod, and NanoCpus. If
272 /// CpuQuota is not the default, we will not set NanoCpus.
273 #[serde(rename = "NanoCpus")]
274 pub nano_cpus: Option<i64>,
275 /// NetworkMode is the configuration of the container's network
276 /// namespace.
277 /// Populated as follows:
278 /// default - A network namespace is being created and configured via CNI
279 /// none - A network namespace is being created, not configured via CNI
280 /// host - No network namespace created
281 /// container:<id> - Using another container's network namespace
282 /// ns:<path> - A path to a network namespace has been specified
283 #[serde(rename = "NetworkMode")]
284 pub network_mode: Option<String>,
285 /// OomKillDisable indicates whether the kernel OOM killer is disabled
286 /// for the container.
287 #[serde(rename = "OomKillDisable")]
288 pub oom_kill_disable: Option<bool>,
289 /// OOMScoreAdj is an adjustment that will be made to the container's OOM
290 /// score.
291 #[serde(rename = "OomScoreAdj")]
292 pub oom_score_adj: Option<i64>,
293 /// PidMode represents the configuration of the container's PID
294 /// namespace.
295 /// Populated as follows:
296 /// "" (empty string) - Default, a PID namespace will be created
297 /// host - No PID namespace created
298 /// container:<id> - Using another container's PID namespace
299 /// ns:<path> - A path to a PID namespace has been specified
300 #[serde(rename = "PidMode")]
301 pub pid_mode: Option<String>,
302 /// PidsLimit is the maximum number of PIDs that may be created within
303 /// the container. 0, the default, indicates no limit.
304 #[serde(rename = "PidsLimit")]
305 pub pids_limit: Option<i64>,
306 /// PortBindings contains the container's port bindings.
307 /// It is formatted as map[string][]InspectHostPort.
308 /// The string key here is formatted as <integer port number>/<protocol>
309 /// and represents the container port. A single container port may be
310 /// bound to multiple host ports (on different IPs).
311 #[serde(rename = "PortBindings")]
312 pub port_bindings:
313 Option<std::collections::HashMap<String, Vec<crate::v5::models::InspectHostPort>>>,
314 /// Privileged indicates whether the container is running with elevated
315 /// privileges.
316 /// This has a very specific meaning in the Docker sense, so it's very
317 /// difficult to decode from the spec and config, and so is stored as an
318 /// annotation.
319 #[serde(rename = "Privileged")]
320 pub privileged: Option<bool>,
321 /// PublishAllPorts indicates whether image ports are being published.
322 /// This is not directly stored in libpod and is saved as an annotation.
323 #[serde(rename = "PublishAllPorts")]
324 pub publish_all_ports: Option<bool>,
325 /// ReadonlyRootfs is whether the container will be mounted read-only.
326 #[serde(rename = "ReadonlyRootfs")]
327 pub readonly_rootfs: Option<bool>,
328 #[serde(rename = "RestartPolicy")]
329 pub restart_policy: Option<crate::v5::models::InspectRestartPolicy>,
330 /// Runtime is provided purely for Docker compatibility.
331 /// It is set unconditionally to "oci" as Podman does not presently
332 /// support non-OCI runtimes.
333 #[serde(rename = "Runtime")]
334 pub runtime: Option<String>,
335 /// SecurityOpt is a list of security-related options that are set in the
336 /// container.
337 #[serde(rename = "SecurityOpt")]
338 pub security_opt: Option<Vec<String>>,
339 #[serde(rename = "ShmSize")]
340 pub shm_size: Option<i64>,
341 /// Tmpfs is a list of tmpfs filesystems that will be mounted into the
342 /// container.
343 /// It is a map of destination path to options for the mount.
344 #[serde(rename = "Tmpfs")]
345 pub tmpfs: Option<std::collections::HashMap<String, String>>,
346 /// UTSMode represents the configuration of the container's UID
347 /// namespace.
348 /// Populated as follows:
349 /// "" (empty string) - Default, a UTS namespace will be created
350 /// host - no UTS namespace created
351 /// container:<id> - Using another container's UTS namespace
352 /// ns:<path> - A path to a UTS namespace has been specified
353 #[serde(rename = "UTSMode")]
354 pub uts_mode: Option<String>,
355 /// Ulimits is a set of ulimits that will be set within the container.
356 #[serde(rename = "Ulimits")]
357 pub ulimits: Option<Vec<crate::v5::models::InspectUlimit>>,
358 /// UsernsMode represents the configuration of the container's user
359 /// namespace.
360 /// When running rootless, a user namespace is created outside of libpod
361 /// to allow some privileged operations. This will not be reflected here.
362 /// Populated as follows:
363 /// "" (empty string) - No user namespace will be created
364 /// private - The container will be run in a user namespace
365 /// container:<id> - Using another container's user namespace
366 /// ns:<path> - A path to a user namespace has been specified
367 /// TODO Rootless has an additional 'keep-id' option, presently not
368 /// reflected here.
369 #[serde(rename = "UsernsMode")]
370 pub userns_mode: Option<String>,
371 /// VolumeDriver is presently unused and is retained for Docker
372 /// compatibility.
373 #[serde(rename = "VolumeDriver")]
374 pub volume_driver: Option<String>,
375 /// VolumesFrom is a list of containers which this container uses volumes
376 /// from. This is not handled directly within libpod and is stored in an
377 /// annotation.
378 /// It is formatted as an array of container names and IDs.
379 #[serde(rename = "VolumesFrom")]
380 pub volumes_from: Option<Vec<String>>,
381}