We use cookies to ensure you get the best experience on our website
ホーム エクスプローラ ヘルプ
登録 サインイン
0ct0pu5
/
moby
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: c20e8dffbb
ブランチ タグ
moby
/
daemon
/
info.go

info.go 8.2 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262 
  1. package daemon // import "github.com/docker/docker/daemon"
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 	"net/url"
    6. 

  6. 	"os"
    7. 

  7. 	"runtime"
    8. 

  8. 	"strings"
    9. 

  9. 	"time"
    10. 

  10. 

  11. 	"github.com/docker/docker/api"
    12. 

  12. 	"github.com/docker/docker/api/types"
    13. 

  13. 	"github.com/docker/docker/cli/debug"
    14. 

  14. 	"github.com/docker/docker/daemon/logger"
    15. 

  15. 	"github.com/docker/docker/dockerversion"
    16. 

  16. 	"github.com/docker/docker/pkg/fileutils"
    17. 

  17. 	"github.com/docker/docker/pkg/parsers/kernel"
    18. 

  18. 	"github.com/docker/docker/pkg/parsers/operatingsystem"
    19. 

  19. 	"github.com/docker/docker/pkg/platform"
    20. 

  20. 	"github.com/docker/docker/pkg/sysinfo"
    21. 

  21. 	"github.com/docker/docker/pkg/system"
    22. 

  22. 	"github.com/docker/docker/registry"
    23. 

  23. 	"github.com/docker/go-connections/sockets"
    24. 

  24. 	"github.com/sirupsen/logrus"
    25. 

  25. )
    26. 

  26. 

  27. // SystemInfo returns information about the host server the daemon is running on.
    28. 

  28. func (daemon *Daemon) SystemInfo() (*types.Info, error) {
    29. 

  29. 	sysInfo := sysinfo.New(true)
    30. 

  30. 	cRunning, cPaused, cStopped := stateCtr.get()
    31. 

  31. 

  32. 	v := &types.Info{
    33. 

  33. 		ID:                 daemon.ID,
    34. 

  34. 		Containers:         cRunning + cPaused + cStopped,
    35. 

  35. 		ContainersRunning:  cRunning,
    36. 

  36. 		ContainersPaused:   cPaused,
    37. 

  37. 		ContainersStopped:  cStopped,
    38. 

  38. 		Images:             daemon.imageService.CountImages(),
    39. 

  39. 		IPv4Forwarding:     !sysInfo.IPv4ForwardingDisabled,
    40. 

  40. 		BridgeNfIptables:   !sysInfo.BridgeNFCallIPTablesDisabled,
    41. 

  41. 		BridgeNfIP6tables:  !sysInfo.BridgeNFCallIP6TablesDisabled,
    42. 

  42. 		Debug:              debug.IsEnabled(),
    43. 

  43. 		Name:               hostName(),
    44. 

  44. 		NFd:                fileutils.GetTotalUsedFds(),
    45. 

  45. 		NGoroutines:        runtime.NumGoroutine(),
    46. 

  46. 		SystemTime:         time.Now().Format(time.RFC3339Nano),
    47. 

  47. 		LoggingDriver:      daemon.defaultLogConfig.Type,
    48. 

  48. 		CgroupDriver:       daemon.getCgroupDriver(),
    49. 

  49. 		NEventsListener:    daemon.EventsService.SubscribersCount(),
    50. 

  50. 		KernelVersion:      kernelVersion(),
    51. 

  51. 		OperatingSystem:    operatingSystem(),
    52. 

  52. 		IndexServerAddress: registry.IndexServer,
    53. 

  53. 		OSType:             platform.OSType,
    54. 

  54. 		Architecture:       platform.Architecture,
    55. 

  55. 		RegistryConfig:     daemon.RegistryService.ServiceConfig(),
    56. 

  56. 		NCPU:               sysinfo.NumCPU(),
    57. 

  57. 		MemTotal:           memInfo().MemTotal,
    58. 

  58. 		GenericResources:   daemon.genericResources,
    59. 

  59. 		DockerRootDir:      daemon.configStore.Root,
    60. 

  60. 		Labels:             daemon.configStore.Labels,
    61. 

  61. 		ExperimentalBuild:  daemon.configStore.Experimental,
    62. 

  62. 		ServerVersion:      dockerversion.Version,
    63. 

  63. 		ClusterStore:       daemon.configStore.ClusterStore,
    64. 

  64. 		ClusterAdvertise:   daemon.configStore.ClusterAdvertise,
    65. 

  65. 		HTTPProxy:          maskCredentials(sockets.GetProxyEnv("http_proxy")),
    66. 

  66. 		HTTPSProxy:         maskCredentials(sockets.GetProxyEnv("https_proxy")),
    67. 

  67. 		NoProxy:            sockets.GetProxyEnv("no_proxy"),
    68. 

  68. 		LiveRestoreEnabled: daemon.configStore.LiveRestoreEnabled,
    69. 

  69. 		Isolation:          daemon.defaultIsolation,
    70. 

  70. 	}
    71. 

  71. 

  72. 	daemon.fillAPIInfo(v)
    73. 

  73. 	// Retrieve platform specific info
    74. 

  74. 	daemon.fillPlatformInfo(v, sysInfo)
    75. 

  75. 	daemon.fillDriverInfo(v)
    76. 

  76. 	daemon.fillPluginsInfo(v)
    77. 

  77. 	daemon.fillSecurityOptions(v, sysInfo)
    78. 

  78. 	daemon.fillLicense(v)
    79. 

  79. 

  80. 	return v, nil
    81. 

  81. }
    82. 

  82. 

  83. // SystemVersion returns version information about the daemon.
    84. 

  84. func (daemon *Daemon) SystemVersion() types.Version {
    85. 

  85. 	kernelVersion := kernelVersion()
    86. 

  86. 

  87. 	v := types.Version{
    88. 

  88. 		Components: []types.ComponentVersion{
    89. 

  89. 			{
    90. 

  90. 				Name:    "Engine",
    91. 

  91. 				Version: dockerversion.Version,
    92. 

  92. 				Details: map[string]string{
    93. 

  93. 					"GitCommit":     dockerversion.GitCommit,
    94. 

  94. 					"ApiVersion":    api.DefaultVersion,
    95. 

  95. 					"MinAPIVersion": api.MinVersion,
    96. 

  96. 					"GoVersion":     runtime.Version(),
    97. 

  97. 					"Os":            runtime.GOOS,
    98. 

  98. 					"Arch":          runtime.GOARCH,
    99. 

  99. 					"BuildTime":     dockerversion.BuildTime,
    100. 

  100. 					"KernelVersion": kernelVersion,
    101. 

  101. 					"Experimental":  fmt.Sprintf("%t", daemon.configStore.Experimental),
    102. 

  102. 				},
    103. 

  103. 			},
    104. 

  104. 		},
    105. 

  105. 

  106. 		// Populate deprecated fields for older clients
    107. 

  107. 		Version:       dockerversion.Version,
    108. 

  108. 		GitCommit:     dockerversion.GitCommit,
    109. 

  109. 		APIVersion:    api.DefaultVersion,
    110. 

  110. 		MinAPIVersion: api.MinVersion,
    111. 

  111. 		GoVersion:     runtime.Version(),
    112. 

  112. 		Os:            runtime.GOOS,
    113. 

  113. 		Arch:          runtime.GOARCH,
    114. 

  114. 		BuildTime:     dockerversion.BuildTime,
    115. 

  115. 		KernelVersion: kernelVersion,
    116. 

  116. 		Experimental:  daemon.configStore.Experimental,
    117. 

  117. 	}
    118. 

  118. 

  119. 	v.Platform.Name = dockerversion.PlatformName
    120. 

  120. 

  121. 	return v
    122. 

  122. }
    123. 

  123. 

  124. func (daemon *Daemon) fillDriverInfo(v *types.Info) {
    125. 

  125. 	var ds [][2]string
    126. 

  126. 	drivers := ""
    127. 

  127. 	statuses := daemon.imageService.LayerStoreStatus()
    128. 

  128. 	for os, gd := range daemon.graphDrivers {
    129. 

  129. 		ds = append(ds, statuses[os]...)
    130. 

  130. 		drivers += gd
    131. 

  131. 		if len(daemon.graphDrivers) > 1 {
    132. 

  132. 			drivers += fmt.Sprintf(" (%s) ", os)
    133. 

  133. 		}
    134. 

  134. 		switch gd {
    135. 

  135. 		case "devicemapper", "overlay":
    136. 

  136. 			v.Warnings = append(v.Warnings, fmt.Sprintf("WARNING: the %s storage-driver is deprecated, and will be removed in a future release.", gd))
    137. 

  137. 		}
    138. 

  138. 	}
    139. 

  139. 	drivers = strings.TrimSpace(drivers)
    140. 

  140. 

  141. 	v.Driver = drivers
    142. 

  142. 	v.DriverStatus = ds
    143. 

  143. 

  144. 	fillDriverWarnings(v)
    145. 

  145. }
    146. 

  146. 

  147. func (daemon *Daemon) fillPluginsInfo(v *types.Info) {
    148. 

  148. 	v.Plugins = types.PluginsInfo{
    149. 

  149. 		Volume:  daemon.volumes.GetDriverList(),
    150. 

  150. 		Network: daemon.GetNetworkDriverList(),
    151. 

  151. 

  152. 		// The authorization plugins are returned in the order they are
    153. 

  153. 		// used as they constitute a request/response modification chain.
    154. 

  154. 		Authorization: daemon.configStore.AuthorizationPlugins,
    155. 

  155. 		Log:           logger.ListDrivers(),
    156. 

  156. 	}
    157. 

  157. }
    158. 

  158. 

  159. func (daemon *Daemon) fillSecurityOptions(v *types.Info, sysInfo *sysinfo.SysInfo) {
    160. 

  160. 	var securityOptions []string
    161. 

  161. 	if sysInfo.AppArmor {
    162. 

  162. 		securityOptions = append(securityOptions, "name=apparmor")
    163. 

  163. 	}
    164. 

  164. 	if sysInfo.Seccomp && supportsSeccomp {
    165. 

  165. 		profile := daemon.seccompProfilePath
    166. 

  166. 		if profile == "" {
    167. 

  167. 			profile = "default"
    168. 

  168. 		}
    169. 

  169. 		securityOptions = append(securityOptions, fmt.Sprintf("name=seccomp,profile=%s", profile))
    170. 

  170. 	}
    171. 

  171. 	if selinuxEnabled() {
    172. 

  172. 		securityOptions = append(securityOptions, "name=selinux")
    173. 

  173. 	}
    174. 

  174. 	if rootIDs := daemon.idMapping.RootPair(); rootIDs.UID != 0 || rootIDs.GID != 0 {
    175. 

  175. 		securityOptions = append(securityOptions, "name=userns")
    176. 

  176. 	}
    177. 

  177. 	v.SecurityOptions = securityOptions
    178. 

  178. }
    179. 

  179. 

  180. func (daemon *Daemon) fillAPIInfo(v *types.Info) {
    181. 

  181. 	const warn string = `
    182. 

  182.          Access to the remote API is equivalent to root access on the host. Refer
    183. 

  183.          to the 'Docker daemon attack surface' section in the documentation for
    184. 

  184.          more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface`
    185. 

  185. 

  186. 	cfg := daemon.configStore
    187. 

  187. 	for _, host := range cfg.Hosts {
    188. 

  188. 		// cnf.Hosts is normalized during startup, so should always have a scheme/proto
    189. 

  189. 		h := strings.SplitN(host, "://", 2)
    190. 

  190. 		proto := h[0]
    191. 

  191. 		addr := h[1]
    192. 

  192. 		if proto != "tcp" {
    193. 

  193. 			continue
    194. 

  194. 		}
    195. 

  195. 		if !cfg.TLS {
    196. 

  196. 			v.Warnings = append(v.Warnings, fmt.Sprintf("WARNING: API is accessible on http://%s without encryption.%s", addr, warn))
    197. 

  197. 			continue
    198. 

  198. 		}
    199. 

  199. 		if !cfg.TLSVerify {
    200. 

  200. 			v.Warnings = append(v.Warnings, fmt.Sprintf("WARNING: API is accessible on https://%s without TLS client verification.%s", addr, warn))
    201. 

  201. 			continue
    202. 

  202. 		}
    203. 

  203. 	}
    204. 

  204. }
    205. 

  205. 

  206. func hostName() string {
    207. 

  207. 	hostname := ""
    208. 

  208. 	if hn, err := os.Hostname(); err != nil {
    209. 

  209. 		logrus.Warnf("Could not get hostname: %v", err)
    210. 

  210. 	} else {
    211. 

  211. 		hostname = hn
    212. 

  212. 	}
    213. 

  213. 	return hostname
    214. 

  214. }
    215. 

  215. 

  216. func kernelVersion() string {
    217. 

  217. 	var kernelVersion string
    218. 

  218. 	if kv, err := kernel.GetKernelVersion(); err != nil {
    219. 

  219. 		logrus.Warnf("Could not get kernel version: %v", err)
    220. 

  220. 	} else {
    221. 

  221. 		kernelVersion = kv.String()
    222. 

  222. 	}
    223. 

  223. 	return kernelVersion
    224. 

  224. }
    225. 

  225. 

  226. func memInfo() *system.MemInfo {
    227. 

  227. 	memInfo, err := system.ReadMemInfo()
    228. 

  228. 	if err != nil {
    229. 

  229. 		logrus.Errorf("Could not read system memory info: %v", err)
    230. 

  230. 		memInfo = &system.MemInfo{}
    231. 

  231. 	}
    232. 

  232. 	return memInfo
    233. 

  233. }
    234. 

  234. 

  235. func operatingSystem() string {
    236. 

  236. 	var operatingSystem string
    237. 

  237. 	if s, err := operatingsystem.GetOperatingSystem(); err != nil {
    238. 

  238. 		logrus.Warnf("Could not get operating system name: %v", err)
    239. 

  239. 	} else {
    240. 

  240. 		operatingSystem = s
    241. 

  241. 	}
    242. 

  242. 	// Don't do containerized check on Windows
    243. 

  243. 	if runtime.GOOS != "windows" {
    244. 

  244. 		if inContainer, err := operatingsystem.IsContainerized(); err != nil {
    245. 

  245. 			logrus.Errorf("Could not determine if daemon is containerized: %v", err)
    246. 

  246. 			operatingSystem += " (error determining if containerized)"
    247. 

  247. 		} else if inContainer {
    248. 

  248. 			operatingSystem += " (containerized)"
    249. 

  249. 		}
    250. 

  250. 	}
    251. 

  251. 	return operatingSystem
    252. 

  252. }
    253. 

  253. 

  254. func maskCredentials(rawURL string) string {
    255. 

  255. 	parsedURL, err := url.Parse(rawURL)
    256. 

  256. 	if err != nil || parsedURL.User == nil {
    257. 

  257. 		return rawURL
    258. 

  258. 	}
    259. 

  259. 	parsedURL.User = url.UserPassword("xxxxx", "xxxxx")
    260. 

  260. 	maskedURL := parsedURL.String()
    261. 

  261. 	return maskedURL
    262. 

  262. }
    263.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5