Carry #499
For these values, cgroup kernal APIs accept -1 to set
them as unlimited, as docker and runc all support
update resources, we should not set drawbacks in spec.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
I've also added our usual:
(<type>, <required|optional>)
to the Markdown so folks can see that this is a required object.
Signed-off-by: W. Trevor King <wking@tremily.us>
Catch up with the spec title from faad7e0f (README: title rename,
2016-04-04, #365).
Also make the Go comment consistent with the Markdown spec (no need to
maintain two phrasings for the same idea). The only difference
between the phrasings is now some shuffling at the beginning to start
off with the property name (to keep godoc happy).
The JSON Schema entry (in defs.json) is different too, because it has
to apply to both the configuration and state JSON, so mentioning
"bundle" makes less sense than mentioning "document".
Signed-off-by: W. Trevor King <wking@tremily.us>
Fix regression respectively introduced in 59ede1a and 59ede1a
The config-schema.json and state-schema.json references were missing "-schema".
Signed-off-by: Lee Calcote <leecalcote@gmail.com>
The IDs namespace the fields within the OCI, with /runtime to select
the opencontainers/runtime-spec project, and /state to select the
state JSON within runtime-spec.
Signed-off-by: W. Trevor King <wking@tremily.us>
So we can use it in the coming state-schema.json without duplication.
I dropped the "id" because none of the other defs.json entries had an
ID.
Signed-off-by: W. Trevor King <wking@tremily.us>
So we can use it in the coming state-schema.json without duplication.
While I'm touching it, I updated the spec title to match the project
README's header. I also dropped the "id" because none of the other
defs.json entries had an ID.
Signed-off-by: W. Trevor King <wking@tremily.us>
The JSON Schema requirement dates back to cdcabdeb (schema: JSON
Schema and validator for `config.json`, 2016-01-19, #313), but the
property has been explicitly optional in the Markdown spec since
7ac41c69 (config.md: reformat into a standard style, 2015-06-30).
Signed-off-by: W. Trevor King <wking@tremily.us>
The cgroup namespace is a new kernel feature available in 4.6+ that
allows a container to isolate its cgroup hierarchy. This currently only
allows for hiding information from /proc/self/cgroup, and mounting
cgroupfs as an unprivileged user. In the future, this namespace may
allow for subtree management by a container.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
The README title is:
Open Container Runtime Specification
And the config.md title is:
Container Configuration file
The JSON Schema covering that configuration file should have a
description that combines those two titles without introducing new
language.
Signed-off-by: W. Trevor King <wking@tremily.us>
Use wording from config.md, since the JSON Schema doesn't seem like a
good place to be picking new words.
Signed-off-by: W. Trevor King <wking@tremily.us>
We should only download dependence without installing,
otherwise we'll probably get error:
go install: no install location for directory /home/qhuang/specs/schema outside GOPATH
For more details see: go help gopath
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Fixes#320
This adds the maskedPaths and readonlyPaths fields to the spec so that
proper masking and setting of files in /proc can be configured.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Conforming to https://tools.ietf.org/html/draft-zyp-json-schema-03
and http://json-schema.org/latest/json-schema-core.html
* Utilizes a number of JSON schema features, including 'pattern'
* Defined primitives, like integers, that we'll use
* Split out definitions for primitives and platform-specific
* Provide a Makefile for:
- "fmt" target for *.json
- "validate" target for building the validation tool
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>