From d43fc428aa0cf05071ea02e19642d8e1e3cb1672 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 11 Jan 2017 15:05:07 -0800 Subject: [PATCH] config-linux: Lift no-tweaking namespace restriction This restriction originally landed via 02b456e9 (Clarify behavior around namespaces paths, 2015-09-08, #158). The hostname case landed via 66a0543e (config: Require a new UTS namespace for config.json's hostname, 2015-10-05, #214) citing the namespace restriction. The restriciton extended to runtime namespaces in 01c2d55f (config-linux: Extend no-tweak requirement to runtime namespaces, 2016-08-24, #538). There was a proposal in-flight to get config-wide consistency around the no-tweaking concept [1]. In today's meeting, the maintainer consensus was to strike the no-tweaking restriction [2], which is what I've done here. I've removed the ROADMAP entry because this gives folks a way to adjust existing containers (launch a new container which joins and tweaks the original). The hostname entry still mentions the UTS namespace to provide a guard against accidental foot-gunning. There was no no-tweaking language for properties related to other namespaces (e.g. 'mounts'). Maybe the other namespaces have more obvious names. [1]: https://github.com/opencontainers/runtime-spec/pull/540 [2]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2017/opencontainers.2017-01-11-22.04.log.html#l-117 Signed-off-by: W. Trevor King --- ROADMAP.md | 8 -------- config-linux.md | 1 - config.md | 3 ++- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/ROADMAP.md b/ROADMAP.md index 89e5a499..e7dcaad2 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -18,14 +18,6 @@ Could be solved by lifecycle/ops and create/start split discussions *Owner:* vishh & duglin -### Live Container Updates - -Should we allow dynamic container updates to runtime options? - -Proposal: make it an optional feature - -*Owner:* hqhq (was vishh) robdolinms, bcorrie - ### Version Schema Decide on a robust versioning schema for the spec as it evolves. diff --git a/config-linux.md b/config-linux.md index 20e81250..2a5fddfc 100644 --- a/config-linux.md +++ b/config-linux.md @@ -39,7 +39,6 @@ The following parameters can be specified to setup namespaces: If a path is specified, that particular file is used to join that type of namespace. If a namespace type is not specified in the `namespaces` array, the container MUST inherit the [runtime namespace](glossary.md#runtime-namespace) of that type. -If a new namespace is not created (because the namespace type is not listed, or because it is listed with a `path`), runtimes MUST assume that the setup for that namespace has already been done and error out if the config specifies anything else related to that namespace. If a `namespaces` field contains duplicated namespaces with same `type`, the runtime MUST error out. ###### Example diff --git a/config.md b/config.md index 4ed534c6..8f68941a 100644 --- a/config.md +++ b/config.md @@ -256,7 +256,8 @@ For Windows based systems the user structure has the following fields: ## Hostname * **`hostname`** (string, OPTIONAL) configures the container's hostname as seen by processes running inside the container. - On Linux, you can only set this if your bundle creates a new [UTS namespace][uts-namespace]. + On Linux, this will change the hostname in the [container][container-namespace] [UTS namespace][uts-namespace]. + Depending on your [namespace configuration](config-linux.md#namespaces), the container UTS namespace may be the [runtime UTS namespace][runtime-namespace]. ### Example