Container(mapping=None, *, ignore_unknown_fields=False, **kwargs)Container runnable.
Attributes |
|
|---|---|
| Name | Description |
image_uri |
str
Required. The URI to pull the container image from. |
commands |
MutableSequence[str]
Required for some container images. Overrides the CMD
specified in the container. If there is an ENTRYPOINT
(either in the container image or with the entrypoint
field below) then these commands are appended as arguments
to the ENTRYPOINT.
|
entrypoint |
str
Required for some container images. Overrides the ENTRYPOINT specified in the container.
|
volumes |
MutableSequence[str]
Volumes to mount (bind mount) from the host machine files or directories into the container, formatted to match --volume option for the docker run command—for
example, /foo:/bar or /foo:/bar:ro.
If the TaskSpec.Volumes field is specified but this
field is not, Batch will mount each volume from the host
machine to the container with the same mount path by
default. In this case, the default mount option for
containers will be read-only (ro) for existing
persistent disks and read-write (rw) for other volume
types, regardless of the original mount options specified in
TaskSpec.Volumes. If you need different mount settings,
you can explicitly configure them in this field.
|
options |
str
Required for some container images. Arbitrary additional options to include in the docker run command when
running this container—for example, --network host. For
the --volume option, use the volumes field for the
container.
|
block_external_network |
bool
If set to true, external network access to and from container will be blocked, containers that are with block_external_network as true can still communicate with each other, network cannot be specified in the container.options field.
|
username |
str
Required if the container image is from a private Docker registry. The username to login to the Docker registry that contains the image. You can either specify the username directly by using plain text or specify an encrypted username by using a Secret Manager secret: projects/*/secrets/*/versions/*.
However, using a secret is recommended for enhanced
security.
Caution: If you specify the username using plain text, you
risk the username being exposed to any users who can view
the job or its logs. To avoid this risk, specify a secret
that contains the username instead.
Learn more about `Secret
Manager |
password |
str
Required if the container image is from a private Docker registry. The password to login to the Docker registry that contains the image. For security, it is strongly recommended to specify an encrypted password by using a Secret Manager secret: projects/*/secrets/*/versions/*.
Warning: If you specify the password using plain text, you
risk the password being exposed to any users who can view
the job or its logs. To avoid this risk, specify a secret
that contains the password instead.
Learn more about `Secret
Manager |
enable_image_streaming |
bool
Optional. If set to true, this container runnable uses Image streaming. Use Image streaming to allow the runnable to initialize without waiting for the entire container image to download, which can significantly reduce startup time for large container images. When enableImageStreaming is set to true, the container
runtime is containerd __ instead
of Docker. Additionally, this container runnable only
supports the following container subfields:
imageUri, commands[], entrypoint, and
volumes[]; any other container subfields are
ignored.
For more information about the requirements and limitations
for using Image streaming with Batch, see the
``image-streaming` sample on
GitHub |