Go to file
Alexander Morozov 5c56d28043 Fix panic in seccomp test on error
It can happen if newContainer is failed. Now test shows real error from
newContainer instead of trace.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-06-22 19:26:33 -07:00
Godeps Use godeps for building of vendored files 2015-06-22 09:23:17 -07:00
libcontainer Fix panic in seccomp test on error 2015-06-22 19:26:33 -07:00
.gitignore Initial commit of runc binary 2015-06-21 19:34:13 -07:00
LICENSE Initial commit of runc binary 2015-06-21 19:34:13 -07:00
Makefile Use godeps for building of vendored files 2015-06-22 09:23:17 -07:00
README.md Initial commit of runc binary 2015-06-21 19:34:13 -07:00
checkpoint.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
events.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
main.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
restore.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
run.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
signals.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
spec.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
spec_linux.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
tty.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00
utils.go Initial commit of runc binary 2015-06-21 19:34:13 -07:00

README.md

runc

runc is a CLI tool for spawning and running containers according to the OCF specification.

Building:

git clone https://github.com/opencontainers/runc
make
sudo make install

Using:

To run a container that you received just execute runc run with the JSON format at the argument or have a container.json file in the current working directory.

runc 
/ $ ps
PID   USER     COMMAND
1     daemon   sh
5     daemon   sh
/ $ 

OCF Container JSON Format;

{
    "version": "0.1",
    "os": "linux",
    "arch": "amd64",
    "processes": [
        {
            "tty": true,
            "user": "daemon",
            "args": [
                "sh"
            ],
            "env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "TERM=xterm"
            ],
            "cwd": ""
        }
    ],
    "root": {
        "path": "rootfs",
        "readonly": true
    },
    "cpus": 1.1,
    "memory": 1024,
    "hostname": "shell",
    "namespaces": [
        {
            "type": "process"
        },
        {
            "type": "network"
        },
        {
            "type": "mount"
        },
        {
            "type": "ipc"
        },
        {
            "type": "uts"
        }
    ],
    "capabilities": [
        "AUDIT_WRITE",
        "KILL",
        "NET_BIND_SERVICE"
    ],
    "devices": [
        "null",
        "random",
        "full",
        "tty",
        "zero",
        "urandom"
    ],
    "mounts": [
        {
            "type": "proc",
            "source": "proc",
            "destination": "/proc",
            "options": ""
        },
        {
            "type": "tmpfs",
            "source": "tmpfs",
            "destination": "/dev",
            "options": "nosuid,strictatime,mode=755,size=65536k"
        },
        {
            "type": "devpts",
            "source": "devpts",
            "destination": "/dev/pts",
            "options": "nosuid,noexec,newinstance,ptmxmode=0666,mode=0620,gid=5"
        },
        {
            "type": "tmpfs",
            "source": "shm",
            "destination": "/dev/shm",
            "options": "nosuid,noexec,nodev,mode=1777,size=65536k"
        },
        {
            "type": "mqueue",
            "source": "mqueue",
            "destination": "/dev/mqueue",
            "options": "nosuid,noexec,nodev"
        },
        {
            "type": "sysfs",
            "source": "sysfs",
            "destination": "/sys",
            "options": "nosuid,noexec,nodev"
        }
    ]
}

Examples:

Using runc with systemd

[Unit]
Description=Minecraft Build Server
Documentation=http://minecraft.net
After=network.target

[Service]
CPUQuota=200%
MemoryLimit=1536M
ExecStart=/usr/local/bin/runc
Restart=on-failure
WorkingDirectory=/containers/minecraftbuild

[Install]
WantedBy=multi-user.target