jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,079 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

1079 Commits

Author SHA1 Message Date
Mrunal Patel c942816d76 Add anchors to misc. docs 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2017-03-02 11:01:18 -08:00
Mrunal Patel 4b0755490e Add anchors to runtime 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2017-03-02 11:00:53 -08:00
Mrunal Patel d01ef9a806 Add anchors to config and config linux 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2017-03-02 11:00:31 -08:00
zhouhao 513ab686e9 Add new architectures from libseccomp 2.3.2 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-03-02 14:33:06 +08:00
Mrunal Patel 40474dd78c Merge pull request #704 from hqhq/use_uint64_for_memory 
Set specs value the same as kernel API input
 2017-03-01 14:05:37 -08:00
Qiang Huang 2db839104d Merge pull request #699 from crosbymichael/mount-optional 
Make mount type and source optional
 2017-02-28 20:05:03 -08:00
Qiang Huang ec9449187b Set specs value the same as kernel API input 
This partially revert #648 , after a second thought, I think we
should use specs value the same as kernel API input, see:
https://github.com/opencontainers/runtime-spec/issues/692#issuecomment-281889852

For memory and hugetlb limits *.limit_in_bytes, cgroup APIs take the values
as string, but the parsed values are unsigned long, see:
https://github.com/torvalds/linux/blob/v4.10/mm/page_counter.c#L175-L193

For `cpu.cfs_quota_us` and `cpu.rt_runtime_us`, cgroup APIs take the input
value as signed long long, while `cpu.cfs_period_us` and `cpu.rt_periof_us`
take the input value as unsigned long long.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2017-03-01 09:10:43 +08:00
Michael Crosby 52461516ea Make mount type and source optional 
These are optional on multiple platforms and should be left up to the
runtime/host system for validation.

Closes #470

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-02-28 13:50:18 -08:00
Ma Shimiao a4ff8879bc schema: add username for user field 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2017-02-28 17:58:08 +08:00
W. Trevor King c41ea83d84 config: Make process optional 
Since be59415 (Split create and start, 2016-04-01, #384), it's
possible for a container process to never execute user-specified code
(e.g. you can call 'create', 'kill', 'delete' without calling
'start').  For folks who expect to do that, there's no reason to
define process.args.

The only other process property required for all platforms is 'cwd',
but the runtime's idler code isn't specified in sufficient detail for
the configuration author to have an opinion about what its working
directory should be.

On Linux and Solaris, 'user' is also required for 'uid' and 'gid'.  My
preferred approach here is to make those optional and define defaults
[1,2]:

  If unset, the runtime will not attempt to manipulate the user ID
  (e.g. not calling setuid(2) or similar).

But the maintainer consensus is that they want those to be explicitly
required properties [3,4,5].  With the current spec, one option could
be to make process optional (with the idler's working directory
unspecified) for OSes besides Linux and Solaris.  On Windows, username
is optional, but that was likely accidental [6].

So an unspecified 'process' would leave process.cwd and process.user
unset.  What that means for the implementation-defined container
process between 'create' and 'start' is unclear, but clarifying how
that is handled is a separate issue [7] independent of whether
'process' is optional or not.

[1]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216076069
[2]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/DWdystx5X3A
     Subject: Exposing platform defaults
     Date: Thu, 14 Jan 2016 15:36:26 -0800
     Message-ID: <20160114233625.GN6362@odin.tremily.us>
[3]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2016/opencontainers.2016-05-04-17.00.log.html#l-44
[4]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216937010
[5]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216937090
[6]: https://github.com/opencontainers/runtime-spec/issues/618#issuecomment-277105273
[7]: https://github.com/opencontainers/runtime-spec/pull/700

Signed-off-by: W. Trevor King <wking@tremily.us>
 2017-02-27 12:39:14 -08:00
Mrunal Patel 2d491b03fa Merge pull request #694 from q384566678/state-json 
state-schema.json: add the value of status
 2017-02-27 11:19:26 -08:00
Mrunal Patel fb76f47bf4 Merge pull request #696 from q384566678/json-fix 
Fix config-schema.json
 2017-02-27 11:19:04 -08:00
Mrunal Patel 18965b08af Merge pull request #697 from q384566678/config-linux-fix 
config-linux.md: fix info
 2017-02-27 11:17:45 -08:00
Michael Crosby 472cdae2de Merge pull request #695 from q384566678/config-fix 
add REQUIRED to platform field
 2017-02-27 11:03:24 -08:00
zhouhao 5a470213e7 config-linux.md: fix info 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-02-27 16:07:52 +08:00
zhouhao ec49ba1ada remove mounts from required 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-02-27 09:29:01 +08:00
zhouhao 0a8ef1d7b5 config-schema.json: add required 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-02-27 09:27:04 +08:00
Mrunal Patel ae7a541930 Merge pull request #657 from GrantSeltzer/improve-seccomp-spec 
config: Improve seccomp format to be more expressive
 2017-02-24 18:59:49 -08:00
zhouhao 5dda457654 add REQUIRED to platform field 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-02-24 14:05:33 +08:00
zhouhao 7ec622e5c3 state-schema.json: add the value of status 
Signed-off-by: zhouhao <zhouhao@cn.fujitsu.com>
 2017-02-24 13:33:54 +08:00
grantseltzer 652323cd77 improve seccomp format to be more expressive 
Signed-off-by: grantseltzer <grantseltzer@gmail.com>
 2017-02-22 18:17:16 -05:00
Michael Crosby 3f5078dab0 Merge pull request #693 from hqhq/dont_limit_mapping 
Remove uid/gid mapping limit depend on kernel
 2017-02-22 15:00:00 -08:00
Mrunal Patel ac9f8e0b5f Merge pull request #675 from crosbymichael/caps 
Add ambient and bounding capability support
 2017-02-22 14:59:11 -08:00
Michael Crosby eb114f0570 Add ambient and bounding capability support 
Closes #668

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-02-22 14:47:51 -08:00
Qiang Huang a5c4e91dae Remove uid/gid mapping limit depend on kernel 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2017-02-22 14:43:18 -08:00
Mrunal Patel 8c22b690a4 Merge pull request #688 from Mashimiao/schema-fix-device-required 
schema: remove major,minor from device required items
 2017-02-17 10:18:30 -08:00
Mrunal Patel 359de8f44d Merge pull request #691 from crosbymichael/abstract 
Add OCI Runtime Abstract
 2017-02-17 08:08:04 -08:00
Michael Crosby b81c09c9fd Add OCI Runtime Abstract 
Closes #506

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-02-16 15:39:35 -08:00
Mrunal Patel e6d2a0ff2b Merge pull request #685 from Mashimiao/config-fix-and-hook-args 
config.md: args of Hooks should be optional
 2017-02-15 14:12:46 -08:00
Ma Shimiao 0e808fcad0 schema: remove major,minor from device required items 
When type is p, major and minor is not required.
So, we should not leave them in require.

Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2017-02-14 14:15:12 +08:00
Vincent Batts 21f7998bfb Merge pull request #570 from wking/go-protocol-definition 
config: Link platform:"…" JSON tags with ~~protocol~~ platform slugs
 2017-02-09 14:33:25 -06:00
Ma Shimiao fcd62099ff config.md: args of Hooks should be optional 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2017-02-09 09:45:42 +08:00
Vincent Batts 67c81aa3c6 Merge pull request #684 from Mashimiao/schema-fix-invalid-types 
schema: fix invalid types
 2017-02-08 15:24:26 -05:00
Mrunal Patel 1f408dc1db Merge pull request #507 from wking/add-creating-status 
runtime: Add 'creating' to state status
 2017-02-08 11:46:50 -08:00
Mrunal Patel 7c1a16b54a Merge pull request #552 from x1022as/validate 
improve validate usage message
 2017-02-08 11:45:29 -08:00
W. Trevor King 4af0c72f92 config: Link platform:"..." JSON tags with platform slugs 
So that the semantics of the tags are clear.

The platform/protocol disconnect is unfortunate.  "Protocol" was
chosen in de3f1af6 (Remove language around Solaris being optional as
it is covered in compliance language, 2016-08-17, #527) because we may
have compliance subsets that aren't linked to platforms [1].  I'd be
open to renaming the JSON tag from platform:"..." -> protocol:"...",
but that's probably more change than it's worth.  The approach taken
in this commit, on the other hand, renames "protocol" to "platform".
I think that unnecessarily limits (or sets up confusing semantics for)
the platform/protocol values you can use, but two maintainers both
prefer "platform" [2,3].

[1]: https://github.com/opencontainers/runtime-spec/pull/527#issuecomment-238979250
[2]: https://github.com/opencontainers/runtime-spec/pull/570#discussion_r99227202
[3]: https://github.com/opencontainers/runtime-spec/pull/570#discussion_r100013014

Signed-off-by: W. Trevor King <wking@tremily.us>
 2017-02-08 08:01:47 -08:00
W. Trevor King b4a3c8daeb spec: Slug protocol names 
We'll be referring to these in code, and using a slug everywhere
avoids having to define both a slug form (linux) and an English form
(Linux containers).

Signed-off-by: W. Trevor King <wking@tremily.us>
 2017-02-08 07:47:09 -08:00
Ma Shimiao 4100020dfc schema: fix invalid types 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2017-02-08 16:35:45 +08:00
Deng Guangxing 21ee162b42 add explicit usage message to validate and some fix 
this commit contains:
* add explicit usage message to validate
* schemaPath was overrided by filepath.Abs(), schemaLoader would not get
* the abs path.
* check local scheme and document file path with os.Stat()

Signed-off-by: Deng Guangxing <dengguangxing@huawei.com>
 2017-02-08 15:18:18 +08:00
W. Trevor King c763e6418f config: Move valid-value rules to their own section 
This wording just landed via 718f9f3 (origin/pr/673) minor narrative
cleanup regarding config compatibility, 2017-01-30, #673), but the
rule is generic and not unique to platform-specific properties.

Also adjust the wording somewhat to match the more established wording
from the "Extensibility" section.

Signed-off-by: W. Trevor King <wking@tremily.us>
 2017-02-07 15:29:13 -08:00
Michael Crosby 2e2d568b83 Merge pull request #673 from jlbutler/config-compat-303 
narrative cleanup in support of Base Config Compatibility #303
 2017-02-07 14:19:21 -08:00
Jesse Butler 718f9f3f5d minor narrative cleanup regarding config compatibility 
Signed-off-by: Jesse Butler <jesse.butler@oracle.com>
 2017-02-07 12:57:06 -05:00
Vincent Batts 0d104bb63c Merge pull request #672 from vbatts/bump-version 
Bump version for 1.0.0-rc4
 2017-02-06 12:30:34 -05:00
Qiang Huang 2392e66f16 Merge pull request #674 from crosbymichael/state 
Rename bundlePath to bundle
 2017-02-06 10:43:17 +08:00
Qiang Huang ce0783aa1c Merge pull request #662 from wking/json-schema-no-pointer 
schema: Drop pointers and nulls
 2017-02-06 10:41:35 +08:00
Mrunal Patel 7278567eb2 Merge pull request #666 from dqminh/container-filesystem 
linux: relax filesystem requirements for container
 2017-02-03 11:22:16 -08:00
Michael Crosby 5d3f1674e6 Rename bundlePath to bundle 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-02-02 13:10:54 -08:00
Vincent Batts 2a234c749b
version: master back to -dev 
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
 2017-01-30 08:10:59 -05:00
Vincent Batts 339eba5240
version: release 1.0.0-rc4 
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
 2017-01-30 08:10:51 -05:00
W. Trevor King be402e40ed ChangeLog: Document changes since v1.0.0-rc3 
Through 3297cd57 (Merge pull request #216 from
wking/travis-test-branch-commits, 2017-01-24).

Signed-off-by: W. Trevor King <wking@tremily.us>
 2017-01-27 13:03:03 -08:00