jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #370 from vbatts/json_schema_and_examples 

Json schema and examples
This commit is contained in:
Mrunal Patel 2016-04-11 17:25:03 -07:00
parent d445f0c33a d4e7326d50
commit 6734c7a3a1
5 changed files with 272 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
config-linux.md
View File

@ -241,7 +241,7 @@ For more information on how these two settings work together, see [the memory cg
###### Example
```json
"oomScoreAdj": 0
"oomScoreAdj": 100
```
#### Memory
@ -251,9 +251,9 @@ For more information, see [the memory cgroup man page][cgroup-v1-memory].
The following parameters can be specified to setup the controller:
* **`limit`** *(uint64, optional)* - sets limit of memory usage
* **`limit`** *(uint64, optional)* - sets limit of memory usage in bytes
* **`reservation`** *(uint64, optional)* - sets soft limit of memory usage
* **`reservation`** *(uint64, optional)* - sets soft limit of memory usage in bytes
* **`swap`** *(uint64, optional)* - sets limit of memory+Swap usage
@ -267,9 +267,9 @@ The following parameters can be specified to setup the controller:
```json
"memory": {
"limit": 0,
"reservation": 0,
"swap": 0,
"limit": 536870912,
"reservation": 536870912,
"swap": 536870912,
"kernel": 0,
"kernelTCP": 0,
"swappiness": 0
@ -301,13 +301,13 @@ The following parameters can be specified to setup the controller:
```json
"cpu": {
"shares": 0,
"quota": 0,
"period": 0,
"realtimeRuntime": 0,
"realtimePeriod": 0,
"cpus": "",
"mems": ""
"shares": 1024,
"quota": 1000000,
"period": 500000,
"realtimeRuntime": 950000,
"realtimePeriod": 1000000,
"cpus": "2-3",
"mems": "0-7"
}
```
@ -337,8 +337,8 @@ The following parameters can be specified to setup the controller:
```json
"blockIO": {
"blkioWeight": 0,
"blkioLeafWeight": 0,
"blkioWeight": 10,
"blkioLeafWeight": 10,
"blkioWeightDevice": [
{
"major": 8,

198
config.md
View File

@ -232,7 +232,7 @@ If a hook returns a non-zero exit code, then an error is logged and the remainin
],
"poststart": [
{
"path": "/usr/bin/notify-start"
"path": "/usr/bin/notify-start",
"timeout": 5
}
],
@ -269,7 +269,7 @@ Here is a full example `config.json` for reference.
```json
{
"ociVersion": "0.3.0",
"ociVersion": "0.5.0-dev",
"platform": {
"os": "linux",
"arch": "amd64"
@ -284,6 +284,20 @@ Here is a full example `config.json` for reference.
6
]
},
"uidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 32000
}
],
"gidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 32000
}
],
"args": [
"sh"
],
@ -298,14 +312,20 @@ Here is a full example `config.json` for reference.
"CAP_NET_BIND_SERVICE"
],
"rlimits": [
{
"type": "RLIMIT_CORE",
"hard": 1024,
"soft": 1024
},
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"apparmorProfile": "",
"selinuxLabel": ""
"apparmorProfile": "acme_secure_profile",
"selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675",
"noNewPrivileges": true
},
"root": {
"path": "rootfs",
@ -390,20 +410,166 @@ Here is a full example `config.json` for reference.
"hooks": {
"prestart": [
{
"path": "/usr/bin/uptime",
"path": "/usr/bin/fix-mounts",
"args": [
"/usr/bin/uptime"
"fix-mounts",
"arg1",
"arg2"
],
"env": []
"env": [
"key1=value1"
]
},
{
"path": "/usr/bin/setup-network"
}
],
"poststart": [
{
"path": "/usr/bin/notify-start",
"timeout": 5
}
],
"poststop": [
{
"path": "/usr/sbin/cleanup.sh",
"args": [
"cleanup.sh",
"-f"
]
}
]
},
"linux": {
"devices": [
{
"path": "/dev/fuse",
"type": "c",
"major": 10,
"minor": 229,
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/sda",
"type": "b",
"major": 8,
"minor": 0,
"fileMode": 432,
"uid": 0,
"gid": 0
}
],
"sysctl": {
"net.ipv4.ip_forward": "1",
"net.core.somaxconn": "256"
},
"cgroupsPath": "/myRuntime/myContainer",
"resources": {
"network": {
"classID": 1048577,
"priorities": [
{
"name": "eth0",
"priority": 500
},
{
"name": "eth1",
"priority": 1000
}
]
},
"pids": {
"limit": 32771
},
"hugepageLimits": [
{
"pageSize": "2MB",
"limit": 9223372036854772000
}
],
"oomScoreAdj": 100,
"memory": {
"limit": 536870912,
"reservation": 536870912,
"swap": 536870912,
"kernel": 0,
"kernelTCP": 0,
"swappiness": 0
},
"cpu": {
"shares": 1024,
"quota": 1000000,
"period": 500000,
"realtimeRuntime": 950000,
"realtimePeriod": 1000000,
"cpus": "2-3",
"mems": "0-7"
},
"disableOOMKiller": false,
"devices": [
{
"allow": false,
"access": "rwm"
},
{
"allow": true,
"type": "c",
"major": 10,
"minor": 229,
"access": "rw"
},
{
"allow": true,
"type": "b",
"major": 8,
"minor": 0,
"access": "r"
}
],
"blockIO": {
"blkioWeight": 10,
"blkioLeafWeight": 10,
"blkioWeightDevice": [
{
"major": 8,
"minor": 0,
"weight": 500,
"leafWeight": 300
},
{
"major": 8,
"minor": 16,
"weight": 500
}
],
"blkioThrottleReadBpsDevice": [
{
"major": 8,
"minor": 0,
"rate": 600
}
],
"blkioThrottleWriteIOPSDevice": [
{
"major": 8,
"minor": 16,
"rate": 300
}
]
}
},
"rootfsPropagation": "slave",
"seccomp": {
"defaultAction": "SCMP_ACT_ALLOW",
"architectures": [
"SCMP_ARCH_X86"
],
"syscalls": [
{
"name": "getcwd",
"action": "SCMP_ACT_ERRNO"
}
]
},
@ -423,7 +589,25 @@ Here is a full example `config.json` for reference.
{
"type": "mount"
}
],
"maskedPaths": [
"/proc/kcore",
"/proc/latency_stats",
"/proc/timer_stats",
"/proc/sched_debug"
],
"readonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"annotations": {
"key1": "value1",
"key2": "value2"
}
}
```

4
schema/defs-linux.json
View File

@ -93,7 +93,9 @@
"type": "string"
},
"FileType": {
"type": "integer"
"description": "Type of a block or special character device",
"type": "string",
"pattern": "^[cbup]$"
},
"Device": {
"properties": {

93
schema/schema-linux.json
View File

@ -61,6 +61,21 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources",
"type": "object",
"properties": {
"oomScoreAdj": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/oomScoreAdj",
"type": "integer",
"minimum": -1000,
"maximum": 1000
},
"pids": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/pids",
"properties": {
"limit": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/pids/limit",
"$ref": "defs.json#/definitions/int64"
}
}
},
"blockIO": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO",
"type": "object",
@ -94,11 +109,9 @@
"oneOf": [
{
"type": "array",
"items": [
{
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
]
"items": {
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
},
{
"type": "null"
@ -110,11 +123,9 @@
"oneOf": [
{
"type": "array",
"items": [
{
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
]
"items": {
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
},
{
"type": "null"
@ -126,11 +137,9 @@
"oneOf": [
{
"type": "array",
"items": [
{
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
]
"items": {
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
}
},
{
"type": "null"
@ -140,11 +149,9 @@
"blkioWeightDevice": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO/blkioWeightDevice",
"type": "array",
"items": [
{
"$ref": "defs-linux.json#/definitions/blockIODeviceWeightPointer"
}
]
"items": {
"$ref": "defs-linux.json#/definitions/blockIODeviceWeightPointer"
}
}
}
},
@ -190,13 +197,16 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources/hugepageLimits",
"oneOf": [
{
"type": "object",
"properties": {
"pageSize": {
"type": "string"
},
"limit": {
"$ref": "defs.json#/definitions/uint64"
"type": "array",
"items": {
"type": "object",
"properties": {
"pageSize": {
"type": "string"
},
"limit": {
"$ref": "defs.json#/definitions/uint64"
}
}
}
},
@ -235,9 +245,9 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources/network",
"type": "object",
"properties": {
"classId": {
"classID": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/network/classId",
"type": "string"
"$ref": "defs.json#/definitions/uint32"
},
"priorities": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/network/priorities",
@ -257,31 +267,6 @@
}
}
},
"rlimits": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits",
"items": [
{
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0",
"properties": {
"hard": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/hard",
"type": "integer"
},
"soft": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/soft",
"type": "integer"
},
"type": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/type",
"type": "string",
"pattern": "^RLIMIT_[A-Z]+$"
}
},
"type": "object"
}
],
"type": "array"
},
"cgroupsPath": {
"oneOf": [
{

25
schema/schema.json
View File

@ -25,7 +25,7 @@
}
},
"annotations": {
"id": "https://opencontainers.org/schema/bundle/linux/sysctl",
"id": "https://opencontainers.org/schema/bundle/annotations",
"oneOf": [
{
"$ref": "defs.json#/definitions/mapStringString"
@ -139,6 +139,29 @@
"noNewPrivileges": {
"id": "https://opencontainers.org/schema/bundle/process/linux/noNewPrivileges",
"type": "boolean"
},
"rlimits": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits",
"type": "array",
"items": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0",
"type": "object",
"properties": {
"hard": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/hard",
"$ref": "defs.json#/definitions/uint64"
},
"soft": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/soft",
"$ref": "defs.json#/definitions/uint64"
},
"type": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/type",
"type": "string",
"pattern": "^RLIMIT_[A-Z]+$"
}
}
}
}
}
},