jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #370 from vbatts/json_schema_and_examples 

Json schema and examples
This commit is contained in:
Mrunal Patel 2016-04-11 17:25:03 -07:00
parent d445f0c33a d4e7326d50
commit 6734c7a3a1
5 changed files with 272 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
config-linux.md
View File

@ -241,7 +241,7 @@ For more information on how these two settings work together, see [the memory cg
###### Example ###### Example
```json ```json
"oomScoreAdj": 0 "oomScoreAdj": 100
``` ```
#### Memory #### Memory
@ -251,9 +251,9 @@ For more information, see [the memory cgroup man page][cgroup-v1-memory].
The following parameters can be specified to setup the controller: The following parameters can be specified to setup the controller:
* **`limit`** *(uint64, optional)* - sets limit of memory usage * **`limit`** *(uint64, optional)* - sets limit of memory usage in bytes
* **`reservation`** *(uint64, optional)* - sets soft limit of memory usage * **`reservation`** *(uint64, optional)* - sets soft limit of memory usage in bytes
* **`swap`** *(uint64, optional)* - sets limit of memory+Swap usage * **`swap`** *(uint64, optional)* - sets limit of memory+Swap usage
@ -267,9 +267,9 @@ The following parameters can be specified to setup the controller:
```json ```json
"memory": { "memory": {
"limit": 0, "limit": 536870912,
"reservation": 0, "reservation": 536870912,
"swap": 0, "swap": 536870912,
"kernel": 0, "kernel": 0,
"kernelTCP": 0, "kernelTCP": 0,
"swappiness": 0 "swappiness": 0
@ -301,13 +301,13 @@ The following parameters can be specified to setup the controller:
```json ```json
"cpu": { "cpu": {
"shares": 0, "shares": 1024,
"quota": 0, "quota": 1000000,
"period": 0, "period": 500000,
"realtimeRuntime": 0, "realtimeRuntime": 950000,
"realtimePeriod": 0, "realtimePeriod": 1000000,
"cpus": "", "cpus": "2-3",
"mems": "" "mems": "0-7"
} }
``` ```
@ -337,8 +337,8 @@ The following parameters can be specified to setup the controller:
```json ```json
"blockIO": { "blockIO": {
"blkioWeight": 0, "blkioWeight": 10,
"blkioLeafWeight": 0, "blkioLeafWeight": 10,
"blkioWeightDevice": [ "blkioWeightDevice": [
{ {
"major": 8, "major": 8,

198
config.md
View File

@ -232,7 +232,7 @@ If a hook returns a non-zero exit code, then an error is logged and the remainin
], ],
"poststart": [ "poststart": [
{ {
"path": "/usr/bin/notify-start" "path": "/usr/bin/notify-start",
"timeout": 5 "timeout": 5
} }
], ],
@ -269,7 +269,7 @@ Here is a full example `config.json` for reference.
```json ```json
{ {
"ociVersion": "0.3.0", "ociVersion": "0.5.0-dev",
"platform": { "platform": {
"os": "linux", "os": "linux",
"arch": "amd64" "arch": "amd64"
@ -284,6 +284,20 @@ Here is a full example `config.json` for reference.
6 6
] ]
}, },
"uidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 32000
}
],
"gidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 32000
}
],
"args": [ "args": [
"sh" "sh"
], ],
@ -298,14 +312,20 @@ Here is a full example `config.json` for reference.
"CAP_NET_BIND_SERVICE" "CAP_NET_BIND_SERVICE"
], ],
"rlimits": [ "rlimits": [
{
"type": "RLIMIT_CORE",
"hard": 1024,
"soft": 1024
},
{ {
"type": "RLIMIT_NOFILE", "type": "RLIMIT_NOFILE",
"hard": 1024, "hard": 1024,
"soft": 1024 "soft": 1024
} }
], ],
"apparmorProfile": "", "apparmorProfile": "acme_secure_profile",
"selinuxLabel": "" "selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675",
"noNewPrivileges": true
}, },
"root": { "root": {
"path": "rootfs", "path": "rootfs",
@ -390,20 +410,166 @@ Here is a full example `config.json` for reference.
"hooks": { "hooks": {
"prestart": [ "prestart": [
{ {
"path": "/usr/bin/uptime", "path": "/usr/bin/fix-mounts",
"args": [ "args": [
"/usr/bin/uptime" "fix-mounts",
"arg1",
"arg2"
], ],
"env": [] "env": [
"key1=value1"
]
},
{
"path": "/usr/bin/setup-network"
}
],
"poststart": [
{
"path": "/usr/bin/notify-start",
"timeout": 5
}
],
"poststop": [
{
"path": "/usr/sbin/cleanup.sh",
"args": [
"cleanup.sh",
"-f"
]
} }
] ]
}, },
"linux": { "linux": {
"devices": [
{
"path": "/dev/fuse",
"type": "c",
"major": 10,
"minor": 229,
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/sda",
"type": "b",
"major": 8,
"minor": 0,
"fileMode": 432,
"uid": 0,
"gid": 0
}
],
"sysctl": {
"net.ipv4.ip_forward": "1",
"net.core.somaxconn": "256"
},
"cgroupsPath": "/myRuntime/myContainer",
"resources": { "resources": {
"network": {
"classID": 1048577,
"priorities": [
{
"name": "eth0",
"priority": 500
},
{
"name": "eth1",
"priority": 1000
}
]
},
"pids": {
"limit": 32771
},
"hugepageLimits": [
{
"pageSize": "2MB",
"limit": 9223372036854772000
}
],
"oomScoreAdj": 100,
"memory": {
"limit": 536870912,
"reservation": 536870912,
"swap": 536870912,
"kernel": 0,
"kernelTCP": 0,
"swappiness": 0
},
"cpu": {
"shares": 1024,
"quota": 1000000,
"period": 500000,
"realtimeRuntime": 950000,
"realtimePeriod": 1000000,
"cpus": "2-3",
"mems": "0-7"
},
"disableOOMKiller": false,
"devices": [ "devices": [
{ {
"allow": false, "allow": false,
"access": "rwm" "access": "rwm"
},
{
"allow": true,
"type": "c",
"major": 10,
"minor": 229,
"access": "rw"
},
{
"allow": true,
"type": "b",
"major": 8,
"minor": 0,
"access": "r"
}
],
"blockIO": {
"blkioWeight": 10,
"blkioLeafWeight": 10,
"blkioWeightDevice": [
{
"major": 8,
"minor": 0,
"weight": 500,
"leafWeight": 300
},
{
"major": 8,
"minor": 16,
"weight": 500
}
],
"blkioThrottleReadBpsDevice": [
{
"major": 8,
"minor": 0,
"rate": 600
}
],
"blkioThrottleWriteIOPSDevice": [
{
"major": 8,
"minor": 16,
"rate": 300
}
]
}
},
"rootfsPropagation": "slave",
"seccomp": {
"defaultAction": "SCMP_ACT_ALLOW",
"architectures": [
"SCMP_ARCH_X86"
],
"syscalls": [
{
"name": "getcwd",
"action": "SCMP_ACT_ERRNO"
} }
] ]
}, },
@ -423,7 +589,25 @@ Here is a full example `config.json` for reference.
{ {
"type": "mount" "type": "mount"
} }
],
"maskedPaths": [
"/proc/kcore",
"/proc/latency_stats",
"/proc/timer_stats",
"/proc/sched_debug"
],
"readonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
] ]
},
"annotations": {
"key1": "value1",
"key2": "value2"
} }
} }
``` ```

4
schema/defs-linux.json
View File

@ -93,7 +93,9 @@
"type": "string" "type": "string"
}, },
"FileType": { "FileType": {
"type": "integer" "description": "Type of a block or special character device",
"type": "string",
"pattern": "^[cbup]$"
}, },
"Device": { "Device": {
"properties": { "properties": {

93
schema/schema-linux.json
View File

@ -61,6 +61,21 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources", "id": "https://opencontainers.org/schema/bundle/linux/resources",
"type": "object", "type": "object",
"properties": { "properties": {
"oomScoreAdj": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/oomScoreAdj",
"type": "integer",
"minimum": -1000,
"maximum": 1000
},
"pids": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/pids",
"properties": {
"limit": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/pids/limit",
"$ref": "defs.json#/definitions/int64"
}
}
},
"blockIO": { "blockIO": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO", "id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO",
"type": "object", "type": "object",
@ -94,11 +109,9 @@
"oneOf": [ "oneOf": [
{ {
"type": "array", "type": "array",
"items": [ "items": {
{ "$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer" }
}
]
}, },
{ {
"type": "null" "type": "null"
@ -110,11 +123,9 @@
"oneOf": [ "oneOf": [
{ {
"type": "array", "type": "array",
"items": [ "items": {
{ "$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer" }
}
]
}, },
{ {
"type": "null" "type": "null"
@ -126,11 +137,9 @@
"oneOf": [ "oneOf": [
{ {
"type": "array", "type": "array",
"items": [ "items": {
{ "$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer"
"$ref": "defs-linux.json#/definitions/blockIODeviceThrottlePointer" }
}
]
}, },
{ {
"type": "null" "type": "null"
@ -140,11 +149,9 @@
"blkioWeightDevice": { "blkioWeightDevice": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO/blkioWeightDevice", "id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO/blkioWeightDevice",
"type": "array", "type": "array",
"items": [ "items": {
{ "$ref": "defs-linux.json#/definitions/blockIODeviceWeightPointer"
"$ref": "defs-linux.json#/definitions/blockIODeviceWeightPointer" }
}
]
} }
} }
}, },
@ -190,13 +197,16 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources/hugepageLimits", "id": "https://opencontainers.org/schema/bundle/linux/resources/hugepageLimits",
"oneOf": [ "oneOf": [
{ {
"type": "object", "type": "array",
"properties": { "items": {
"pageSize": { "type": "object",
"type": "string" "properties": {
}, "pageSize": {
"limit": { "type": "string"
"$ref": "defs.json#/definitions/uint64" },
"limit": {
"$ref": "defs.json#/definitions/uint64"
}
} }
} }
}, },
@ -235,9 +245,9 @@
"id": "https://opencontainers.org/schema/bundle/linux/resources/network", "id": "https://opencontainers.org/schema/bundle/linux/resources/network",
"type": "object", "type": "object",
"properties": { "properties": {
"classId": { "classID": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/network/classId", "id": "https://opencontainers.org/schema/bundle/linux/resources/network/classId",
"type": "string" "$ref": "defs.json#/definitions/uint32"
}, },
"priorities": { "priorities": {
"id": "https://opencontainers.org/schema/bundle/linux/resources/network/priorities", "id": "https://opencontainers.org/schema/bundle/linux/resources/network/priorities",
@ -257,31 +267,6 @@
} }
} }
}, },
"rlimits": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits",
"items": [
{
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0",
"properties": {
"hard": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/hard",
"type": "integer"
},
"soft": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/soft",
"type": "integer"
},
"type": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/type",
"type": "string",
"pattern": "^RLIMIT_[A-Z]+$"
}
},
"type": "object"
}
],
"type": "array"
},
"cgroupsPath": { "cgroupsPath": {
"oneOf": [ "oneOf": [
{ {

25
schema/schema.json
View File

@ -25,7 +25,7 @@
} }
}, },
"annotations": { "annotations": {
"id": "https://opencontainers.org/schema/bundle/linux/sysctl", "id": "https://opencontainers.org/schema/bundle/annotations",
"oneOf": [ "oneOf": [
{ {
"$ref": "defs.json#/definitions/mapStringString" "$ref": "defs.json#/definitions/mapStringString"
@ -139,6 +139,29 @@
"noNewPrivileges": { "noNewPrivileges": {
"id": "https://opencontainers.org/schema/bundle/process/linux/noNewPrivileges", "id": "https://opencontainers.org/schema/bundle/process/linux/noNewPrivileges",
"type": "boolean" "type": "boolean"
},
"rlimits": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits",
"type": "array",
"items": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0",
"type": "object",
"properties": {
"hard": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/hard",
"$ref": "defs.json#/definitions/uint64"
},
"soft": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/soft",
"$ref": "defs.json#/definitions/uint64"
},
"type": {
"id": "https://opencontainers.org/schema/bundle/linux/rlimits/0/type",
"type": "string",
"pattern": "^RLIMIT_[A-Z]+$"
}
}
}
} }
} }
}, },