b6c7becbfe
This PR adds support for user-defined health-check probes for Docker containers. It adds a `HEALTHCHECK` instruction to the Dockerfile syntax plus some corresponding "docker run" options. It can be used with a restart policy to automatically restart a container if the check fails. The `HEALTHCHECK` instruction has two forms: * `HEALTHCHECK [OPTIONS] CMD command` (check container health by running a command inside the container) * `HEALTHCHECK NONE` (disable any healthcheck inherited from the base image) The `HEALTHCHECK` instruction tells Docker how to test a container to check that it is still working. This can detect cases such as a web server that is stuck in an infinite loop and unable to handle new connections, even though the server process is still running. When a container has a healthcheck specified, it has a _health status_ in addition to its normal status. This status is initially `starting`. Whenever a health check passes, it becomes `healthy` (whatever state it was previously in). After a certain number of consecutive failures, it becomes `unhealthy`. The options that can appear before `CMD` are: * `--interval=DURATION` (default: `30s`) * `--timeout=DURATION` (default: `30s`) * `--retries=N` (default: `1`) The health check will first run **interval** seconds after the container is started, and then again **interval** seconds after each previous check completes. If a single run of the check takes longer than **timeout** seconds then the check is considered to have failed. It takes **retries** consecutive failures of the health check for the container to be considered `unhealthy`. There can only be one `HEALTHCHECK` instruction in a Dockerfile. If you list more than one then only the last `HEALTHCHECK` will take effect. The command after the `CMD` keyword can be either a shell command (e.g. `HEALTHCHECK CMD /bin/check-running`) or an _exec_ array (as with other Dockerfile commands; see e.g. `ENTRYPOINT` for details). The command's exit status indicates the health status of the container. The possible values are: - 0: success - the container is healthy and ready for use - 1: unhealthy - the container is not working correctly - 2: starting - the container is not ready for use yet, but is working correctly If the probe returns 2 ("starting") when the container has already moved out of the "starting" state then it is treated as "unhealthy" instead. For example, to check every five minutes or so that a web-server is able to serve the site's main page within three seconds: HEALTHCHECK --interval=5m --timeout=3s \ CMD curl -f http://localhost/ || exit 1 To help debug failing probes, any output text (UTF-8 encoded) that the command writes on stdout or stderr will be stored in the health status and can be queried with `docker inspect`. Such output should be kept short (only the first 4096 bytes are stored currently). When the health status of a container changes, a `health_status` event is generated with the new status. The health status is also displayed in the `docker ps` output. Signed-off-by: Thomas Leonard <thomas.leonard@docker.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
60 lines
1.9 KiB
Go
60 lines
1.9 KiB
Go
package libcontainerd
|
|
|
|
import "io"
|
|
|
|
// State constants used in state change reporting.
|
|
const (
|
|
StateStart = "start-container"
|
|
StatePause = "pause"
|
|
StateResume = "resume"
|
|
StateExit = "exit"
|
|
StateRestart = "restart"
|
|
StateRestore = "restore"
|
|
StateStartProcess = "start-process"
|
|
StateExitProcess = "exit-process"
|
|
StateOOM = "oom" // fake state
|
|
stateLive = "live"
|
|
)
|
|
|
|
// CommonStateInfo contains the state info common to all platforms.
|
|
type CommonStateInfo struct { // FIXME: event?
|
|
State string
|
|
Pid uint32
|
|
ExitCode uint32
|
|
ProcessID string
|
|
}
|
|
|
|
// Backend defines callbacks that the client of the library needs to implement.
|
|
type Backend interface {
|
|
StateChanged(containerID string, state StateInfo) error
|
|
AttachStreams(processFriendlyName string, io IOPipe) error
|
|
}
|
|
|
|
// Client provides access to containerd features.
|
|
type Client interface {
|
|
Create(containerID string, spec Spec, options ...CreateOption) error
|
|
Signal(containerID string, sig int) error
|
|
SignalProcess(containerID string, processFriendlyName string, sig int) error
|
|
AddProcess(containerID, processFriendlyName string, process Process) error
|
|
Resize(containerID, processFriendlyName string, width, height int) error
|
|
Pause(containerID string) error
|
|
Resume(containerID string) error
|
|
Restore(containerID string, options ...CreateOption) error
|
|
Stats(containerID string) (*Stats, error)
|
|
GetPidsForContainer(containerID string) ([]int, error)
|
|
Summary(containerID string) ([]Summary, error)
|
|
UpdateResources(containerID string, resources Resources) error
|
|
}
|
|
|
|
// CreateOption allows to configure parameters of container creation.
|
|
type CreateOption interface {
|
|
Apply(interface{}) error
|
|
}
|
|
|
|
// IOPipe contains the stdio streams.
|
|
type IOPipe struct {
|
|
Stdin io.WriteCloser
|
|
Stdout io.Reader
|
|
Stderr io.Reader
|
|
Terminal bool // Whether stderr is connected on Windows
|
|
}
|