commit
cc983bb6f4
|
@ -1,6 +1,6 @@
|
||||||
# Solaris Application Container Configuration
|
# Solaris Application Container Configuration
|
||||||
|
|
||||||
Solaris application containers can be configured using the following properties, all of the below properties have mappings to properties specified under zonecfg(1M) man page, except milestone.
|
Solaris application containers can be configured using the following properties, all of the below properties have mappings to properties specified under zonecfg(8) man page, except milestone.
|
||||||
|
|
||||||
## milestone
|
## milestone
|
||||||
The SMF(Service Management Facility) FMRI which should go to "online" state before we start the desired process within the container.
|
The SMF(Service Management Facility) FMRI which should go to "online" state before we start the desired process within the container.
|
||||||
|
@ -26,7 +26,7 @@ The property should consist of a comma-separated privilege set specification as
|
||||||
## maxShmMemory
|
## maxShmMemory
|
||||||
The maximum amount of shared memory allowed for this application container.
|
The maximum amount of shared memory allowed for this application container.
|
||||||
A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
|
A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
|
||||||
Mapped to max-shm-memory in zonecfg(1M) man page.
|
Mapped to max-shm-memory in zonecfg(8) man page.
|
||||||
|
|
||||||
**`maxShmMemory`** *(string, OPTIONAL)*
|
**`maxShmMemory`** *(string, OPTIONAL)*
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ Sets a limit on the amount of CPU time that can be used by a container.
|
||||||
The unit used translates to the percentage of a single CPU that can be used by all user threads in a container, expressed as a fraction (for example, .75) or a mixed number (whole number and fraction, for example, 1.25).
|
The unit used translates to the percentage of a single CPU that can be used by all user threads in a container, expressed as a fraction (for example, .75) or a mixed number (whole number and fraction, for example, 1.25).
|
||||||
An ncpu value of 1 means 100% of a CPU, a value of 1.25 means 125%, .75 mean 75%, and so forth.
|
An ncpu value of 1 means 100% of a CPU, a value of 1.25 means 125%, .75 mean 75%, and so forth.
|
||||||
When projects within a capped container have their own caps, the minimum value takes precedence.
|
When projects within a capped container have their own caps, the minimum value takes precedence.
|
||||||
cappedCPU is mapped to capped-cpu in zonecfg(1M) man page.
|
cappedCPU is mapped to capped-cpu in zonecfg(8) man page.
|
||||||
|
|
||||||
* **`ncpus`** *(string, OPTIONAL)*
|
* **`ncpus`** *(string, OPTIONAL)*
|
||||||
|
|
||||||
|
@ -54,7 +54,7 @@ cappedCPU is mapped to capped-cpu in zonecfg(1M) man page.
|
||||||
## cappedMemory
|
## cappedMemory
|
||||||
The physical and swap caps on the memory that can be used by this application container.
|
The physical and swap caps on the memory that can be used by this application container.
|
||||||
A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
|
A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
|
||||||
cappedMemory is mapped to capped-memory in zonecfg(1M) man page.
|
cappedMemory is mapped to capped-memory in zonecfg(8) man page.
|
||||||
|
|
||||||
* **`physical`** *(string, OPTIONAL)*
|
* **`physical`** *(string, OPTIONAL)*
|
||||||
* **`swap`** *(string, OPTIONAL)*
|
* **`swap`** *(string, OPTIONAL)*
|
||||||
|
@ -78,26 +78,26 @@ For more information on the daemon check the zoneadmd(1M) man page.
|
||||||
When such a container is started, a temporary VNIC(Virtual NIC) is automatically created for the container.
|
When such a container is started, a temporary VNIC(Virtual NIC) is automatically created for the container.
|
||||||
The VNIC is deleted when the container is torn down.
|
The VNIC is deleted when the container is torn down.
|
||||||
The following properties can be used to setup automatic networks.
|
The following properties can be used to setup automatic networks.
|
||||||
For additional information on properties check zonecfg(1M) man page for the respective release of Solaris.
|
For additional information on properties check zonecfg(8) man page for the respective release of Solaris.
|
||||||
|
|
||||||
* **`linkname`** *(string, OPTIONAL)* Specify a name for the automatically created VNIC datalink.
|
* **`linkname`** *(string, OPTIONAL)* Specify a name for the automatically created VNIC datalink.
|
||||||
* **`lowerLink`** *(string, OPTIONAL)* Specify the link over which the VNIC will be created.
|
* **`lowerLink`** *(string, OPTIONAL)* Specify the link over which the VNIC will be created.
|
||||||
Mapped to lower-link in the zonecfg(1M) man page.
|
Mapped to lower-link in the zonecfg(8) man page.
|
||||||
* **`allowedAddress`** *(string, OPTIONAL)* The set of IP addresses that the container can use might be constrained by specifying the allowedAddress property.
|
* **`allowedAddress`** *(string, OPTIONAL)* The set of IP addresses that the container can use might be constrained by specifying the allowedAddress property.
|
||||||
If allowedAddress has not been specified, then they can use any IP address on the associated physical interface for the network resource.
|
If allowedAddress has not been specified, then they can use any IP address on the associated physical interface for the network resource.
|
||||||
Otherwise, when allowedAddress is specified, the container cannot use IP addresses that are not in the allowedAddress list for the physical address.
|
Otherwise, when allowedAddress is specified, the container cannot use IP addresses that are not in the allowedAddress list for the physical address.
|
||||||
Mapped to allowed-address in the zonecfg(1M) man page.
|
Mapped to allowed-address in the zonecfg(8) man page.
|
||||||
* **`configureAllowedAddress`** *(string, OPTIONAL)* If configureAllowedAddress is set to true, the addresses specified by allowedAddress are automatically configured on the interface each time the container starts.
|
* **`configureAllowedAddress`** *(string, OPTIONAL)* If configureAllowedAddress is set to true, the addresses specified by allowedAddress are automatically configured on the interface each time the container starts.
|
||||||
When it is set to false, the allowedAddress will not be configured on container start.
|
When it is set to false, the allowedAddress will not be configured on container start.
|
||||||
Mapped to configure-allowed-address in the zonecfg(1M) man page.
|
Mapped to configure-allowed-address in the zonecfg(8) man page.
|
||||||
* **`defrouter`** *(string, OPTIONAL)* The value for the OPTIONAL default router.
|
* **`defrouter`** *(string, OPTIONAL)* The value for the OPTIONAL default router.
|
||||||
* **`macAddress`** *(string, OPTIONAL)* Set the VNIC's MAC addresses based on the specified value or keyword.
|
* **`macAddress`** *(string, OPTIONAL)* Set the VNIC's MAC addresses based on the specified value or keyword.
|
||||||
If not a keyword, it is interpreted as a unicast MAC address.
|
If not a keyword, it is interpreted as a unicast MAC address.
|
||||||
For a list of the supported keywords please refer to the zonecfg(1M) man page of the respective Solaris release.
|
For a list of the supported keywords please refer to the zonecfg(8) man page of the respective Solaris release.
|
||||||
Mapped to mac-address in the zonecfg(1M) man page.
|
Mapped to mac-address in the zonecfg(8) man page.
|
||||||
* **`linkProtection`** *(string, OPTIONAL)* Enables one or more types of link protection using comma-separated values.
|
* **`linkProtection`** *(string, OPTIONAL)* Enables one or more types of link protection using comma-separated values.
|
||||||
See the protection property in dladm(8) for supported values in respective release of Solaris.
|
See the protection property in dladm(8) for supported values in respective release of Solaris.
|
||||||
Mapped to link-protection in the zonecfg(1M) man page.
|
Mapped to link-protection in the zonecfg(8) man page.
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
```json
|
```json
|
||||||
|
|
23
config.md
23
config.md
|
@ -44,17 +44,22 @@ For example, if a configuration is compliant with version 1.1 of this specificat
|
||||||
**`mounts`** (array, OPTIONAL) configures additional mounts (on top of [`root`](#root-configuration)).
|
**`mounts`** (array, OPTIONAL) configures additional mounts (on top of [`root`](#root-configuration)).
|
||||||
The runtime MUST mount entries in the listed order.
|
The runtime MUST mount entries in the listed order.
|
||||||
The parameters are similar to the ones in [the Linux mount system call](http://man7.org/linux/man-pages/man2/mount.2.html).
|
The parameters are similar to the ones in [the Linux mount system call](http://man7.org/linux/man-pages/man2/mount.2.html).
|
||||||
|
For Solaris, the mounts corresponds to fs resource in zonecfg(8).
|
||||||
|
|
||||||
* **`destination`** (string, REQUIRED) Destination of mount point: path inside container.
|
* **`destination`** (string, REQUIRED) Destination of mount point: path inside container.
|
||||||
This value MUST be an absolute path.
|
This value MUST be an absolute path.
|
||||||
For the Windows operating system, one mount destination MUST NOT be nested within another mount (e.g., c:\\foo and c:\\foo\\bar).
|
For the Windows operating system, one mount destination MUST NOT be nested within another mount (e.g., c:\\foo and c:\\foo\\bar).
|
||||||
|
For the Solaris operating system, this corresponds to "dir" of the fs resource in zonecfg(8).
|
||||||
* **`type`** (string, REQUIRED) The filesystem type of the filesystem to be mounted.
|
* **`type`** (string, REQUIRED) The filesystem type of the filesystem to be mounted.
|
||||||
Linux: *filesystemtype* argument supported by the kernel are listed in */proc/filesystems* (e.g., "minix", "ext2", "ext3", "jfs", "xfs", "reiserfs", "msdos", "proc", "nfs", "iso9660").
|
Linux: *filesystemtype* argument supported by the kernel are listed in */proc/filesystems* (e.g., "minix", "ext2", "ext3", "jfs", "xfs", "reiserfs", "msdos", "proc", "nfs", "iso9660").
|
||||||
Windows: ntfs.
|
Windows: ntfs.
|
||||||
|
Solaris: corresponds to "type" of the fs resource in zonecfg(8).
|
||||||
* **`source`** (string, REQUIRED) A device name, but can also be a directory name or a dummy.
|
* **`source`** (string, REQUIRED) A device name, but can also be a directory name or a dummy.
|
||||||
Windows: the volume name that is the target of the mount point, \\?\Volume\{GUID}\ (on Windows source is called target).
|
Windows: the volume name that is the target of the mount point, \\?\Volume\{GUID}\ (on Windows source is called target).
|
||||||
|
Solaris: corresponds to "special" of the fs resource in zonecfg(8).
|
||||||
* **`options`** (list of strings, OPTIONAL) Mount options of the filesystem to be used.
|
* **`options`** (list of strings, OPTIONAL) Mount options of the filesystem to be used.
|
||||||
Linux: [supported][mount.8-filesystem-independent] [options][mount.8-filesystem-specific] are listed in [mount(8)][mount.8].
|
Linux: [supported][mount.8-filesystem-independent] [options][mount.8-filesystem-specific] are listed in [mount(8)][mount.8].
|
||||||
|
Solaris: corresponds to "options" of the fs resource in zonecfg(8).
|
||||||
|
|
||||||
### Example (Linux)
|
### Example (Linux)
|
||||||
|
|
||||||
|
@ -90,6 +95,24 @@ The parameters are similar to the ones in [the Linux mount system call](http://m
|
||||||
|
|
||||||
See links for details about [mountvol](http://ss64.com/nt/mountvol.html) and [SetVolumeMountPoint](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365561(v=vs.85).aspx) in Windows.
|
See links for details about [mountvol](http://ss64.com/nt/mountvol.html) and [SetVolumeMountPoint](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365561(v=vs.85).aspx) in Windows.
|
||||||
|
|
||||||
|
### Example (Solaris)
|
||||||
|
|
||||||
|
```json
|
||||||
|
"mounts": [
|
||||||
|
{
|
||||||
|
"destination": "/opt/local",
|
||||||
|
"type": "lofs",
|
||||||
|
"source": "/usr/local",
|
||||||
|
"options": ["ro","nodevices"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"destination": "/opt/sfw",
|
||||||
|
"type": "lofs",
|
||||||
|
"source": "/opt/sfw"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## Process configuration
|
## Process configuration
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue