// RunController creates a new replication controller named 'name' which creates 'replicas' pods running 'image'.
func RunController(ctx api.Context, image, name string, replicas int, client client.Interface, portSpec string, servicePort int) error {
// TODO replace ctx with a namespace string
if servicePort > 0 && !util.IsDNSLabel(name) {
return fmt.Errorf("service creation requested, but an invalid name for a service was provided (%s). Service names must be valid DNS labels.", name)
}
ports, err := portsFromString(portSpec)
if err != nil {
return err
}
controller := &api.ReplicationController{
ObjectMeta: api.ObjectMeta{
Name: name,
},
Spec: api.ReplicationControllerSpec{
Replicas: replicas,
Selector: map[string]string{
"name": name,
},
Template: &api.PodTemplateSpec{
ObjectMeta: api.ObjectMeta{
Labels: map[string]string{
"name": name,
},
},
Spec: api.PodSpec{
Containers: []api.Container{
{
Name: strings.ToLower(name),
Image: image,
Ports: ports,
},
},
},
},
},
}
controllerOut, err := client.ReplicationControllers(api.Namespace(ctx)).Create(controller)
if err != nil {
return err
}
data, err := yaml.Marshal(controllerOut)
if err != nil {
return err
}
fmt.Print(string(data))
if servicePort > 0 {
svc, err := createService(ctx, name, servicePort, client)
if err != nil {
return err
}
data, err = yaml.Marshal(svc)
if err != nil {
return err
}
fmt.Printf(string(data))
}
return nil
}
func readSimpleService(filename string) SimpleService {
inData, err := ReadConfigData(filename)
checkErr(err)
simpleService := SimpleService{}
err = yaml.Unmarshal(inData, &simpleService)
checkErr(err)
if simpleService.Name == "" {
_, simpleService.Name = ParseDockerImage(simpleService.Image)
// TODO: encode/scrub the name
}
simpleService.Name = strings.ToLower(simpleService.Name)
// TODO: Validate the image name and extract exposed ports
// TODO: Do more validation
if !util.IsDNSLabel(simpleService.Name) {
checkErr(fmt.Errorf("name (%s) is not a valid DNS label", simpleService.Name))
}
if simpleService.Replicas == 0 {
simpleService.Replicas = 1
}
return simpleService
}
func validateVolumes(volumes []api.Volume) (util.StringSet, errs.ValidationErrorList) {
allErrs := errs.ValidationErrorList{}
allNames := util.StringSet{}
for i := range volumes {
vol := &volumes[i] // so we can set default values
el := errs.ValidationErrorList{}
if vol.Source == nil {
// TODO: Enforce that a source is set once we deprecate the implied form.
vol.Source = &api.VolumeSource{
EmptyDir: &api.EmptyDir{},
}
}
el = validateSource(vol.Source).Prefix("source")
if len(vol.Name) == 0 {
el = append(el, errs.NewFieldRequired("name", vol.Name))
} else if !util.IsDNSLabel(vol.Name) {
el = append(el, errs.NewFieldInvalid("name", vol.Name, ""))
} else if allNames.Has(vol.Name) {
el = append(el, errs.NewFieldDuplicate("name", vol.Name))
}
if len(el) == 0 {
allNames.Insert(vol.Name)
} else {
allErrs = append(allErrs, el.PrefixIndex(i)...)
}
}
return allNames, allErrs
}
func validatePorts(ports []Port) errorList {
allErrs := errorList{}
allNames := util.StringSet{}
for i := range ports {
port := &ports[i] // so we can set default values
if len(port.Name) > 0 {
if len(port.Name) > 63 || !util.IsDNSLabel(port.Name) {
allErrs.Append(makeInvalidError("Port.Name", port.Name))
} else if allNames.Has(port.Name) {
allErrs.Append(makeDuplicateError("Port.name", port.Name))
} else {
allNames.Insert(port.Name)
}
}
if !util.IsValidPortNum(port.ContainerPort) {
allErrs.Append(makeInvalidError("Port.ContainerPort", port.ContainerPort))
}
if port.HostPort == 0 {
port.HostPort = port.ContainerPort
} else if !util.IsValidPortNum(port.HostPort) {
allErrs.Append(makeInvalidError("Port.HostPort", port.HostPort))
}
if len(port.Protocol) == 0 {
port.Protocol = "TCP"
} else if !supportedPortProtocols.Has(strings.ToUpper(port.Protocol)) {
allErrs.Append(makeNotSupportedError("Port.Protocol", port.Protocol))
}
}
return allErrs
}
func validateContainers(containers []Container, volumes util.StringSet) errorList {
allErrs := errorList{}
allNames := util.StringSet{}
for i := range containers {
ctr := &containers[i] // so we can set default values
if !util.IsDNSLabel(ctr.Name) {
allErrs.Append(makeInvalidError("Container.Name", ctr.Name))
} else if allNames.Has(ctr.Name) {
allErrs.Append(makeDuplicateError("Container.Name", ctr.Name))
} else {
allNames.Insert(ctr.Name)
}
if len(ctr.Image) == 0 {
allErrs.Append(makeInvalidError("Container.Image", ctr.Name))
}
allErrs.Append(validatePorts(ctr.Ports)...)
allErrs.Append(validateEnv(ctr.Env)...)
allErrs.Append(validateVolumeMounts(ctr.VolumeMounts, volumes)...)
}
// Check for colliding ports across all containers.
// TODO(thockin): This really is dependent on the network config of the host (IP per pod?)
// and the config of the new manifest. But we have not specced that out yet, so we'll just
// make some assumptions for now. As of now, pods share a network namespace, which means that
// every Port.HostPort across the whole pod must be unique.
allErrs.Append(checkHostPortConflicts(containers)...)
return allErrs
}
func validateVolumes(volumes []Volume) (util.StringSet, errs.ErrorList) {
allErrs := errs.ErrorList{}
allNames := util.StringSet{}
for i := range volumes {
vol := &volumes[i] // so we can set default values
el := errs.ErrorList{}
// TODO(thockin) enforce that a source is set once we deprecate the implied form.
if vol.Source != nil {
el = validateSource(vol.Source).Prefix("source")
}
if len(vol.Name) == 0 {
el = append(el, errs.NewRequired("name", vol.Name))
} else if !util.IsDNSLabel(vol.Name) {
el = append(el, errs.NewInvalid("name", vol.Name))
} else if allNames.Has(vol.Name) {
el = append(el, errs.NewDuplicate("name", vol.Name))
}
if len(el) == 0 {
allNames.Insert(vol.Name)
} else {
allErrs = append(allErrs, el.PrefixIndex(i)...)
}
}
return allNames, allErrs
}
func validatePorts(ports []api.Port) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
allNames := util.StringSet{}
for i := range ports {
pErrs := errs.ValidationErrorList{}
port := &ports[i] // so we can set default values
if len(port.Name) > 0 {
if len(port.Name) > 63 || !util.IsDNSLabel(port.Name) {
pErrs = append(pErrs, errs.NewFieldInvalid("name", port.Name, ""))
} else if allNames.Has(port.Name) {
pErrs = append(pErrs, errs.NewFieldDuplicate("name", port.Name))
} else {
allNames.Insert(port.Name)
}
}
if port.ContainerPort == 0 {
pErrs = append(pErrs, errs.NewFieldRequired("containerPort", port.ContainerPort))
} else if !util.IsValidPortNum(port.ContainerPort) {
pErrs = append(pErrs, errs.NewFieldInvalid("containerPort", port.ContainerPort, ""))
}
if port.HostPort != 0 && !util.IsValidPortNum(port.HostPort) {
pErrs = append(pErrs, errs.NewFieldInvalid("hostPort", port.HostPort, ""))
}
if len(port.Protocol) == 0 {
port.Protocol = "TCP"
} else if !supportedPortProtocols.Has(strings.ToUpper(string(port.Protocol))) {
pErrs = append(pErrs, errs.NewFieldNotSupported("protocol", port.Protocol))
}
allErrs = append(allErrs, pErrs.PrefixIndex(i)...)
}
return allErrs
}
func validatePorts(ports []api.Port) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
allNames := util.StringSet{}
for i, port := range ports {
pErrs := errs.ValidationErrorList{}
if len(port.Name) > 0 {
if len(port.Name) > util.DNS1123LabelMaxLength || !util.IsDNSLabel(port.Name) {
pErrs = append(pErrs, errs.NewFieldInvalid("name", port.Name, dnsLabelErrorMsg))
} else if allNames.Has(port.Name) {
pErrs = append(pErrs, errs.NewFieldDuplicate("name", port.Name))
} else {
allNames.Insert(port.Name)
}
}
if port.ContainerPort == 0 {
pErrs = append(pErrs, errs.NewFieldInvalid("containerPort", port.ContainerPort, portRangeErrorMsg))
} else if !util.IsValidPortNum(port.ContainerPort) {
pErrs = append(pErrs, errs.NewFieldInvalid("containerPort", port.ContainerPort, portRangeErrorMsg))
}
if port.HostPort != 0 && !util.IsValidPortNum(port.HostPort) {
pErrs = append(pErrs, errs.NewFieldInvalid("hostPort", port.HostPort, portRangeErrorMsg))
}
if len(port.Protocol) == 0 {
pErrs = append(pErrs, errs.NewFieldRequired("protocol", port.Protocol))
} else if !supportedPortProtocols.Has(strings.ToUpper(string(port.Protocol))) {
pErrs = append(pErrs, errs.NewFieldNotSupported("protocol", port.Protocol))
}
allErrs = append(allErrs, pErrs.PrefixIndex(i)...)
}
return allErrs
}
// SaveNamespaceInfo saves a NamespaceInfo object at the specified file path.
func SaveNamespaceInfo(path string, ns *NamespaceInfo) error {
if !util.IsDNSLabel(ns.Namespace) {
return fmt.Errorf("namespace %s is not a valid DNS Label", ns.Namespace)
}
data, err := json.Marshal(ns)
err = ioutil.WriteFile(path, data, 0600)
return err
}
// RunController creates a new replication controller named 'name' which creates 'replicas' pods running 'image'.
func RunController(image, name string, replicas int, client client.Interface, portSpec string, servicePort int) error {
if servicePort > 0 && !util.IsDNSLabel(name) {
return fmt.Errorf("Service creation requested, but an invalid name for a service was provided (%s). Service names must be valid DNS labels.", name)
}
controller := &api.ReplicationController{
JSONBase: api.JSONBase{
ID: name,
},
DesiredState: api.ReplicationControllerState{
Replicas: replicas,
ReplicaSelector: map[string]string{
"replicationController": name,
},
PodTemplate: api.PodTemplate{
DesiredState: api.PodState{
Manifest: api.ContainerManifest{
Version: "v1beta2",
Containers: []api.Container{
{
Name: strings.ToLower(name),
Image: image,
Ports: portsFromString(portSpec),
},
},
},
},
Labels: map[string]string{
"replicationController": name,
},
},
},
}
controllerOut, err := client.CreateReplicationController(controller)
if err != nil {
return err
}
data, err := yaml.Marshal(controllerOut)
if err != nil {
return err
}
fmt.Print(string(data))
if servicePort > 0 {
svc, err := createService(name, servicePort, client)
if err != nil {
return err
}
data, err = yaml.Marshal(svc)
if err != nil {
return err
}
fmt.Printf(string(data))
}
return nil
}
func validateVolumes(volumes []Volume) (util.StringSet, error) {
allNames := util.StringSet{}
for i := range volumes {
vol := &volumes[i] // so we can set default values
if !util.IsDNSLabel(vol.Name) {
return util.StringSet{}, makeInvalidError("Volume.Name", vol.Name)
}
if allNames.Has(vol.Name) {
return util.StringSet{}, makeDuplicateError("Volume.Name", vol.Name)
}
allNames.Insert(vol.Name)
}
return allNames, nil
}
func validateVolumes(volumes []Volume) (util.StringSet, errorList) {
allErrs := errorList{}
allNames := util.StringSet{}
for i := range volumes {
vol := &volumes[i] // so we can set default values
if !util.IsDNSLabel(vol.Name) {
allErrs.Append(makeInvalidError("Volume.Name", vol.Name))
} else if allNames.Has(vol.Name) {
allErrs.Append(makeDuplicateError("Volume.Name", vol.Name))
} else {
allNames.Insert(vol.Name)
}
}
return allNames, allErrs
}
func validateContainers(containers []api.Container, volumes util.StringSet) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
allNames := util.StringSet{}
for i, ctr := range containers {
cErrs := errs.ValidationErrorList{}
capabilities := capabilities.Get()
if len(ctr.Name) == 0 {
cErrs = append(cErrs, errs.NewFieldRequired("name", ctr.Name))
} else if !util.IsDNSLabel(ctr.Name) {
cErrs = append(cErrs, errs.NewFieldInvalid("name", ctr.Name, dnsLabelErrorMsg))
} else if allNames.Has(ctr.Name) {
cErrs = append(cErrs, errs.NewFieldDuplicate("name", ctr.Name))
} else if ctr.Privileged && !capabilities.AllowPrivileged {
cErrs = append(cErrs, errs.NewFieldForbidden("privileged", ctr.Privileged))
} else {
allNames.Insert(ctr.Name)
}
if len(ctr.Image) == 0 {
cErrs = append(cErrs, errs.NewFieldRequired("image", ctr.Image))
}
if ctr.Lifecycle != nil {
cErrs = append(cErrs, validateLifecycle(ctr.Lifecycle).Prefix("lifecycle")...)
}
cErrs = append(cErrs, validateProbe(ctr.LivenessProbe).Prefix("livenessProbe")...)
cErrs = append(cErrs, validateProbe(ctr.ReadinessProbe).Prefix("readinessProbe")...)
cErrs = append(cErrs, validatePorts(ctr.Ports).Prefix("ports")...)
cErrs = append(cErrs, validateEnv(ctr.Env).Prefix("env")...)
cErrs = append(cErrs, validateVolumeMounts(ctr.VolumeMounts, volumes).Prefix("volumeMounts")...)
cErrs = append(cErrs, validatePullPolicy(&ctr).Prefix("pullPolicy")...)
cErrs = append(cErrs, validateResourceRequirements(&ctr).Prefix("resources")...)
allErrs = append(allErrs, cErrs.PrefixIndex(i)...)
}
// Check for colliding ports across all containers.
// TODO(thockin): This really is dependent on the network config of the host (IP per pod?)
// and the config of the new manifest. But we have not specced that out yet, so we'll just
// make some assumptions for now. As of now, pods share a network namespace, which means that
// every Port.HostPort across the whole pod must be unique.
allErrs = append(allErrs, checkHostPortConflicts(containers)...)
return allErrs
}
func validateVolumes(volumes []api.Volume) (util.StringSet, errs.ValidationErrorList) {
allErrs := errs.ValidationErrorList{}
allNames := util.StringSet{}
for i, vol := range volumes {
el := validateSource(&vol.Source).Prefix("source")
if len(vol.Name) == 0 {
el = append(el, errs.NewFieldRequired("name", vol.Name))
} else if !util.IsDNSLabel(vol.Name) {
el = append(el, errs.NewFieldInvalid("name", vol.Name, dnsLabelErrorMsg))
} else if allNames.Has(vol.Name) {
el = append(el, errs.NewFieldDuplicate("name", vol.Name))
}
if len(el) == 0 {
allNames.Insert(vol.Name)
} else {
allErrs = append(allErrs, el.PrefixIndex(i)...)
}
}
return allNames, allErrs
}
func validateContainers(containers []api.Container, volumes util.StringSet) errs.ErrorList {
allErrs := errs.ErrorList{}
allNames := util.StringSet{}
for i := range containers {
cErrs := errs.ErrorList{}
ctr := &containers[i] // so we can set default values
if len(ctr.Name) == 0 {
cErrs = append(cErrs, errs.NewFieldRequired("name", ctr.Name))
} else if !util.IsDNSLabel(ctr.Name) {
cErrs = append(cErrs, errs.NewFieldInvalid("name", ctr.Name))
} else if allNames.Has(ctr.Name) {
cErrs = append(cErrs, errs.NewFieldDuplicate("name", ctr.Name))
} else {
allNames.Insert(ctr.Name)
}
if len(ctr.Image) == 0 {
cErrs = append(cErrs, errs.NewFieldRequired("image", ctr.Image))
}
if ctr.Lifecycle != nil {
cErrs = append(cErrs, validateLifecycle(ctr.Lifecycle).Prefix("lifecycle")...)
}
cErrs = append(cErrs, validatePorts(ctr.Ports).Prefix("ports")...)
cErrs = append(cErrs, validateEnv(ctr.Env).Prefix("env")...)
cErrs = append(cErrs, validateVolumeMounts(ctr.VolumeMounts, volumes).Prefix("volumeMounts")...)
allErrs = append(allErrs, cErrs.PrefixIndex(i)...)
}
// Check for colliding ports across all containers.
// TODO(thockin): This really is dependent on the network config of the host (IP per pod?)
// and the config of the new manifest. But we have not specced that out yet, so we'll just
// make some assumptions for now. As of now, pods share a network namespace, which means that
// every Port.HostPort across the whole pod must be unique.
allErrs = append(allErrs, checkHostPortConflicts(containers)...)
return allErrs
}
func validateVolumes(volumes []Volume) (util.StringSet, errorList) {
allErrs := errorList{}
allNames := util.StringSet{}
for i := range volumes {
vol := &volumes[i] // so we can set default values
errs := errorList{}
// TODO(thockin) enforce that a source is set once we deprecate the implied form.
if vol.Source != nil {
errs = validateSource(vol.Source)
}
if !util.IsDNSLabel(vol.Name) {
errs.Append(makeInvalidError("Volume.Name", vol.Name))
} else if allNames.Has(vol.Name) {
errs.Append(makeDuplicateError("Volume.Name", vol.Name))
}
if len(errs) == 0 {
allNames.Insert(vol.Name)
} else {
allErrs.Append(errs...)
}
}
return allNames, allErrs
}
func canonicalizeName(name *string) {
*name = strings.ToLower(*name)
if !util.IsDNSLabel(*name) {
checkErr(fmt.Errorf("name (%s) is not a valid DNS label", *name))
}
}
// TODO: unify with validation.validateLabels
func validateLabelKey(k string) error {
if !util.IsDNSLabel(k) {
return errors.NewFieldNotSupported("key", k)
}
return nil
}