Merge pull request #26961 from Microsoft/jjh/oci
Windows: OCI runtime spec compliance
This commit is contained in:
commit
97660c6ec5
21 changed files with 140 additions and 301 deletions
|
@ -5,6 +5,7 @@ import (
|
||||||
"github.com/docker/docker/daemon/caps"
|
"github.com/docker/docker/daemon/caps"
|
||||||
"github.com/docker/docker/daemon/exec"
|
"github.com/docker/docker/daemon/exec"
|
||||||
"github.com/docker/docker/libcontainerd"
|
"github.com/docker/docker/libcontainerd"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainerd.Process) error {
|
func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainerd.Process) error {
|
||||||
|
@ -13,7 +14,7 @@ func execSetPlatformOpt(c *container.Container, ec *exec.Config, p *libcontainer
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
p.User = &libcontainerd.User{
|
p.User = &specs.User{
|
||||||
UID: uid,
|
UID: uid,
|
||||||
GID: gid,
|
GID: gid,
|
||||||
AdditionalGids: additionalGids,
|
AdditionalGids: additionalGids,
|
||||||
|
|
|
@ -14,7 +14,6 @@ import (
|
||||||
containertypes "github.com/docker/docker/api/types/container"
|
containertypes "github.com/docker/docker/api/types/container"
|
||||||
"github.com/docker/docker/container"
|
"github.com/docker/docker/container"
|
||||||
"github.com/docker/docker/daemon/caps"
|
"github.com/docker/docker/daemon/caps"
|
||||||
"github.com/docker/docker/libcontainerd"
|
|
||||||
"github.com/docker/docker/oci"
|
"github.com/docker/docker/oci"
|
||||||
"github.com/docker/docker/pkg/idtools"
|
"github.com/docker/docker/pkg/idtools"
|
||||||
"github.com/docker/docker/pkg/mount"
|
"github.com/docker/docker/pkg/mount"
|
||||||
|
@ -623,7 +622,7 @@ func (daemon *Daemon) populateCommonSpec(s *specs.Spec, c *container.Container)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, error) {
|
func (daemon *Daemon) createSpec(c *container.Container) (*specs.Spec, error) {
|
||||||
s := oci.DefaultSpec()
|
s := oci.DefaultSpec()
|
||||||
if err := daemon.populateCommonSpec(&s, c); err != nil {
|
if err := daemon.populateCommonSpec(&s, c); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -719,7 +718,7 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
|
||||||
s.Process.NoNewPrivileges = c.NoNewPrivileges
|
s.Process.NoNewPrivileges = c.NoNewPrivileges
|
||||||
s.Linux.MountLabel = c.MountLabel
|
s.Linux.MountLabel = c.MountLabel
|
||||||
|
|
||||||
return (*libcontainerd.Spec)(&s), nil
|
return (*specs.Spec)(&s), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func clearReadOnly(m *specs.Mount) {
|
func clearReadOnly(m *specs.Mount) {
|
||||||
|
|
|
@ -3,13 +3,13 @@ package daemon
|
||||||
import (
|
import (
|
||||||
containertypes "github.com/docker/docker/api/types/container"
|
containertypes "github.com/docker/docker/api/types/container"
|
||||||
"github.com/docker/docker/container"
|
"github.com/docker/docker/container"
|
||||||
"github.com/docker/docker/libcontainerd"
|
|
||||||
"github.com/docker/docker/oci"
|
"github.com/docker/docker/oci"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, error) {
|
func (daemon *Daemon) createSpec(c *container.Container) (*specs.Spec, error) {
|
||||||
s := oci.DefaultSpec()
|
s := oci.DefaultSpec()
|
||||||
return (*libcontainerd.Spec)(&s), nil
|
return (*specs.Spec)(&s), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// mergeUlimits merge the Ulimits from HostConfig with daemon defaults, and update HostConfig
|
// mergeUlimits merge the Ulimits from HostConfig with daemon defaults, and update HostConfig
|
||||||
|
|
|
@ -5,12 +5,11 @@ import (
|
||||||
|
|
||||||
containertypes "github.com/docker/docker/api/types/container"
|
containertypes "github.com/docker/docker/api/types/container"
|
||||||
"github.com/docker/docker/container"
|
"github.com/docker/docker/container"
|
||||||
"github.com/docker/docker/libcontainerd"
|
|
||||||
"github.com/docker/docker/libcontainerd/windowsoci"
|
|
||||||
"github.com/docker/docker/oci"
|
"github.com/docker/docker/oci"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, error) {
|
func (daemon *Daemon) createSpec(c *container.Container) (*specs.Spec, error) {
|
||||||
s := oci.DefaultSpec()
|
s := oci.DefaultSpec()
|
||||||
|
|
||||||
linkedEnv, err := daemon.setupLinkedContainers(c)
|
linkedEnv, err := daemon.setupLinkedContainers(c)
|
||||||
|
@ -33,7 +32,7 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
for _, mount := range mounts {
|
for _, mount := range mounts {
|
||||||
m := windowsoci.Mount{
|
m := specs.Mount{
|
||||||
Source: mount.Source,
|
Source: mount.Source,
|
||||||
Destination: mount.Destination,
|
Destination: mount.Destination,
|
||||||
}
|
}
|
||||||
|
@ -71,25 +70,27 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
|
||||||
|
|
||||||
// In s.Windows.Resources
|
// In s.Windows.Resources
|
||||||
// @darrenstahlmsft implement these resources
|
// @darrenstahlmsft implement these resources
|
||||||
cpuShares := uint64(c.HostConfig.CPUShares)
|
cpuShares := uint16(c.HostConfig.CPUShares)
|
||||||
s.Windows.Resources = &windowsoci.WindowsResources{
|
cpuPercent := uint8(c.HostConfig.CPUPercent)
|
||||||
CPU: &windowsoci.WindowsCPU{
|
memoryLimit := uint64(c.HostConfig.Memory)
|
||||||
Percent: &c.HostConfig.CPUPercent,
|
s.Windows.Resources = &specs.WindowsResources{
|
||||||
|
CPU: &specs.WindowsCPUResources{
|
||||||
|
Percent: &cpuPercent,
|
||||||
Shares: &cpuShares,
|
Shares: &cpuShares,
|
||||||
},
|
},
|
||||||
Memory: &windowsoci.WindowsMemory{
|
Memory: &specs.WindowsMemoryResources{
|
||||||
Limit: &c.HostConfig.Memory,
|
Limit: &memoryLimit,
|
||||||
//TODO Reservation: ...,
|
//TODO Reservation: ...,
|
||||||
},
|
},
|
||||||
Network: &windowsoci.WindowsNetwork{
|
Network: &specs.WindowsNetworkResources{
|
||||||
//TODO Bandwidth: ...,
|
//TODO Bandwidth: ...,
|
||||||
},
|
},
|
||||||
Storage: &windowsoci.WindowsStorage{
|
Storage: &specs.WindowsStorageResources{
|
||||||
Bps: &c.HostConfig.IOMaximumBandwidth,
|
Bps: &c.HostConfig.IOMaximumBandwidth,
|
||||||
Iops: &c.HostConfig.IOMaximumIOps,
|
Iops: &c.HostConfig.IOMaximumIOps,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
return (*libcontainerd.Spec)(&s), nil
|
return (*specs.Spec)(&s), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func escapeArgs(args []string) []string {
|
func escapeArgs(args []string) []string {
|
||||||
|
|
|
@ -15,7 +15,7 @@ import (
|
||||||
// It also ensures each of the mounts are lexographically sorted.
|
// It also ensures each of the mounts are lexographically sorted.
|
||||||
|
|
||||||
// BUGBUG TODO Windows containerd. This would be much better if it returned
|
// BUGBUG TODO Windows containerd. This would be much better if it returned
|
||||||
// an array of windowsoci mounts, not container mounts. Then no need to
|
// an array of runtime spec mounts, not container mounts. Then no need to
|
||||||
// do multiple transitions.
|
// do multiple transitions.
|
||||||
|
|
||||||
func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
|
func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
|
||||||
|
|
|
@ -107,7 +107,7 @@ clone git github.com/docker/go v1.5.1-1-1-gbaf439e
|
||||||
clone git github.com/agl/ed25519 d2b94fd789ea21d12fac1a4443dd3a3f79cda72c
|
clone git github.com/agl/ed25519 d2b94fd789ea21d12fac1a4443dd3a3f79cda72c
|
||||||
|
|
||||||
clone git github.com/opencontainers/runc cc29e3dded8e27ba8f65738f40d251c885030a28 # libcontainer
|
clone git github.com/opencontainers/runc cc29e3dded8e27ba8f65738f40d251c885030a28 # libcontainer
|
||||||
clone git github.com/opencontainers/runtime-spec v1.0.0-rc1 # specs
|
clone git github.com/opencontainers/runtime-spec 1c7c27d043c2a5e513a44084d2b10d77d1402b8c # specs
|
||||||
clone git github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0
|
clone git github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0
|
||||||
# libcontainer deps (see src/github.com/opencontainers/runc/Godeps/Godeps.json)
|
# libcontainer deps (see src/github.com/opencontainers/runc/Godeps/Godeps.json)
|
||||||
clone git github.com/coreos/go-systemd v4
|
clone git github.com/coreos/go-systemd v4
|
||||||
|
|
|
@ -133,7 +133,7 @@ func (clnt *client) prepareBundleDir(uid, gid int) (string, error) {
|
||||||
return p, nil
|
return p, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (clnt *client) Create(containerID string, checkpoint string, checkpointDir string, spec Spec, options ...CreateOption) (err error) {
|
func (clnt *client) Create(containerID string, checkpoint string, checkpointDir string, spec specs.Spec, options ...CreateOption) (err error) {
|
||||||
clnt.lock(containerID)
|
clnt.lock(containerID)
|
||||||
defer clnt.unlock(containerID)
|
defer clnt.unlock(containerID)
|
||||||
|
|
||||||
|
|
|
@ -13,6 +13,7 @@ import (
|
||||||
|
|
||||||
"github.com/Microsoft/hcsshim"
|
"github.com/Microsoft/hcsshim"
|
||||||
"github.com/Sirupsen/logrus"
|
"github.com/Sirupsen/logrus"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
type client struct {
|
type client struct {
|
||||||
|
@ -92,7 +93,7 @@ const defaultOwner = "docker"
|
||||||
// },
|
// },
|
||||||
// "Servicing": false
|
// "Servicing": false
|
||||||
//}
|
//}
|
||||||
func (clnt *client) Create(containerID string, checkpoint string, checkpointDir string, spec Spec, options ...CreateOption) error {
|
func (clnt *client) Create(containerID string, checkpoint string, checkpointDir string, spec specs.Spec, options ...CreateOption) error {
|
||||||
clnt.lock(containerID)
|
clnt.lock(containerID)
|
||||||
defer clnt.unlock(containerID)
|
defer clnt.unlock(containerID)
|
||||||
logrus.Debugln("libcontainerd: client.Create() with spec", spec)
|
logrus.Debugln("libcontainerd: client.Create() with spec", spec)
|
||||||
|
@ -109,15 +110,15 @@ func (clnt *client) Create(containerID string, checkpoint string, checkpointDir
|
||||||
if spec.Windows.Resources != nil {
|
if spec.Windows.Resources != nil {
|
||||||
if spec.Windows.Resources.CPU != nil {
|
if spec.Windows.Resources.CPU != nil {
|
||||||
if spec.Windows.Resources.CPU.Shares != nil {
|
if spec.Windows.Resources.CPU.Shares != nil {
|
||||||
configuration.ProcessorWeight = *spec.Windows.Resources.CPU.Shares
|
configuration.ProcessorWeight = uint64(*spec.Windows.Resources.CPU.Shares)
|
||||||
}
|
}
|
||||||
if spec.Windows.Resources.CPU.Percent != nil {
|
if spec.Windows.Resources.CPU.Percent != nil {
|
||||||
configuration.ProcessorMaximum = *spec.Windows.Resources.CPU.Percent * 100 // ProcessorMaximum is a value between 1 and 10000
|
configuration.ProcessorMaximum = int64(*spec.Windows.Resources.CPU.Percent * 100) // ProcessorMaximum is a value between 1 and 10000
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if spec.Windows.Resources.Memory != nil {
|
if spec.Windows.Resources.Memory != nil {
|
||||||
if spec.Windows.Resources.Memory.Limit != nil {
|
if spec.Windows.Resources.Memory.Limit != nil {
|
||||||
configuration.MemoryMaximumInMB = *spec.Windows.Resources.Memory.Limit / 1024 / 1024
|
configuration.MemoryMaximumInMB = int64(*spec.Windows.Resources.Memory.Limit / 1024 / 1024)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if spec.Windows.Resources.Storage != nil {
|
if spec.Windows.Resources.Storage != nil {
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
|
|
||||||
"github.com/Microsoft/hcsshim"
|
"github.com/Microsoft/hcsshim"
|
||||||
"github.com/Sirupsen/logrus"
|
"github.com/Sirupsen/logrus"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
type container struct {
|
type container struct {
|
||||||
|
@ -19,7 +20,7 @@ type container struct {
|
||||||
// The ociSpec is required, as client.Create() needs a spec,
|
// The ociSpec is required, as client.Create() needs a spec,
|
||||||
// but can be called from the RestartManager context which does not
|
// but can be called from the RestartManager context which does not
|
||||||
// otherwise have access to the Spec
|
// otherwise have access to the Spec
|
||||||
ociSpec Spec
|
ociSpec specs.Spec
|
||||||
|
|
||||||
manualStopRequested bool
|
manualStopRequested bool
|
||||||
hcsContainer hcsshim.Container
|
hcsContainer hcsshim.Container
|
||||||
|
|
|
@ -3,6 +3,7 @@ package libcontainerd
|
||||||
import (
|
import (
|
||||||
"io"
|
"io"
|
||||||
|
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -36,7 +37,7 @@ type Backend interface {
|
||||||
|
|
||||||
// Client provides access to containerd features.
|
// Client provides access to containerd features.
|
||||||
type Client interface {
|
type Client interface {
|
||||||
Create(containerID string, checkpoint string, checkpointDir string, spec Spec, options ...CreateOption) error
|
Create(containerID string, checkpoint string, checkpointDir string, spec specs.Spec, options ...CreateOption) error
|
||||||
Signal(containerID string, sig int) error
|
Signal(containerID string, sig int) error
|
||||||
SignalProcess(containerID string, processFriendlyName string, sig int) error
|
SignalProcess(containerID string, processFriendlyName string, sig int) error
|
||||||
AddProcess(ctx context.Context, containerID, processFriendlyName string, process Process) error
|
AddProcess(ctx context.Context, containerID, processFriendlyName string, process Process) error
|
||||||
|
|
|
@ -5,17 +5,12 @@ import (
|
||||||
"github.com/opencontainers/runtime-spec/specs-go"
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Spec is the base configuration for the container. It specifies platform
|
|
||||||
// independent configuration. This information must be included when the
|
|
||||||
// bundle is packaged for distribution.
|
|
||||||
type Spec specs.Spec
|
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
// Process contains information to start a specific application inside the container.
|
||||||
type Process struct {
|
type Process struct {
|
||||||
// Terminal creates an interactive terminal for the container.
|
// Terminal creates an interactive terminal for the container.
|
||||||
Terminal bool `json:"terminal"`
|
Terminal bool `json:"terminal"`
|
||||||
// User specifies user information for the process.
|
// User specifies user information for the process.
|
||||||
User *User `json:"user"`
|
User *specs.User `json:"user"`
|
||||||
// Args specifies the binary and arguments for the application to execute.
|
// Args specifies the binary and arguments for the application to execute.
|
||||||
Args []string `json:"args"`
|
Args []string `json:"args"`
|
||||||
// Env populates the process environment for the process.
|
// Env populates the process environment for the process.
|
||||||
|
@ -47,10 +42,6 @@ type Stats containerd.StatsResponse
|
||||||
// Summary contains a container summary from containerd
|
// Summary contains a container summary from containerd
|
||||||
type Summary struct{}
|
type Summary struct{}
|
||||||
|
|
||||||
// User specifies linux specific user and group information for the container's
|
|
||||||
// main process.
|
|
||||||
type User specs.User
|
|
||||||
|
|
||||||
// Resources defines updatable container resource values.
|
// Resources defines updatable container resource values.
|
||||||
type Resources containerd.UpdateResource
|
type Resources containerd.UpdateResource
|
||||||
|
|
||||||
|
|
|
@ -1,14 +1,5 @@
|
||||||
package libcontainerd
|
package libcontainerd
|
||||||
|
|
||||||
import (
|
|
||||||
"github.com/opencontainers/runtime-spec/specs-go"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Spec is the base configuration for the container. It specifies platform
|
|
||||||
// independent configuration. This information must be included when the
|
|
||||||
// bundle is packaged for distribution.
|
|
||||||
type Spec specs.Spec
|
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
// Process contains information to start a specific application inside the container.
|
||||||
type Process struct {
|
type Process struct {
|
||||||
// Terminal creates an interactive terminal for the container.
|
// Terminal creates an interactive terminal for the container.
|
||||||
|
@ -30,9 +21,5 @@ type StateInfo struct {
|
||||||
// Platform specific StateInfo
|
// Platform specific StateInfo
|
||||||
}
|
}
|
||||||
|
|
||||||
// User specifies Solaris specific user and group information for the container's
|
|
||||||
// main process.
|
|
||||||
type User specs.User
|
|
||||||
|
|
||||||
// Resources defines updatable container resource values.
|
// Resources defines updatable container resource values.
|
||||||
type Resources struct{}
|
type Resources struct{}
|
||||||
|
|
|
@ -2,17 +2,11 @@ package libcontainerd
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/Microsoft/hcsshim"
|
"github.com/Microsoft/hcsshim"
|
||||||
"github.com/docker/docker/libcontainerd/windowsoci"
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Spec is the base configuration for the container.
|
|
||||||
type Spec windowsoci.Spec
|
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
// Process contains information to start a specific application inside the container.
|
||||||
type Process windowsoci.Process
|
type Process specs.Process
|
||||||
|
|
||||||
// User specifies user information for the containers main process.
|
|
||||||
type User windowsoci.User
|
|
||||||
|
|
||||||
// Summary contains a ProcessList item from HCS to support `top`
|
// Summary contains a ProcessList item from HCS to support `top`
|
||||||
type Summary hcsshim.ProcessListItem
|
type Summary hcsshim.ProcessListItem
|
||||||
|
|
|
@ -1,199 +0,0 @@
|
||||||
package windowsoci
|
|
||||||
|
|
||||||
// This file contains the Windows spec for a container. At the time of
|
|
||||||
// writing, Windows does not have a spec defined in opencontainers/specs,
|
|
||||||
// hence this is an interim workaround. TODO Windows: FIXME @jhowardmsft
|
|
||||||
|
|
||||||
import "fmt"
|
|
||||||
|
|
||||||
// Spec is the base configuration for the container.
|
|
||||||
type Spec struct {
|
|
||||||
// Version of the Open Container Runtime Specification with which the bundle complies.
|
|
||||||
Version string `json:"ociVersion"`
|
|
||||||
// Platform specifies the configuration's target platform.
|
|
||||||
Platform Platform `json:"platform"`
|
|
||||||
// Process configures the container process.
|
|
||||||
Process Process `json:"process"`
|
|
||||||
// Root configures the container's root filesystem.
|
|
||||||
Root Root `json:"root"`
|
|
||||||
// Hostname configures the container's hostname.
|
|
||||||
Hostname string `json:"hostname,omitempty"`
|
|
||||||
// Mounts configures additional mounts (on top of Root).
|
|
||||||
Mounts []Mount `json:"mounts,omitempty"`
|
|
||||||
// Hooks configures callbacks for container lifecycle events.
|
|
||||||
Hooks Hooks `json:"hooks"`
|
|
||||||
// Annotations contains arbitrary metadata for the container.
|
|
||||||
Annotations map[string]string `json:"annotations,omitempty"`
|
|
||||||
|
|
||||||
// Linux is platform specific configuration for Linux based containers.
|
|
||||||
Linux *Linux `json:"linux,omitempty" platform:"linux"`
|
|
||||||
// Solaris is platform specific configuration for Solaris containers.
|
|
||||||
Solaris *Solaris `json:"solaris,omitempty" platform:"solaris"`
|
|
||||||
// Windows is platform specific configuration for Windows based containers, including Hyper-V containers.
|
|
||||||
Windows *Windows `json:"windows,omitempty" platform:"windows"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Windows contains platform specific configuration for Windows based containers.
|
|
||||||
type Windows struct {
|
|
||||||
// Resources contains information for handling resource constraints for the container
|
|
||||||
Resources *WindowsResources `json:"resources,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
|
||||||
type Process struct {
|
|
||||||
// Terminal creates an interactive terminal for the container.
|
|
||||||
Terminal bool `json:"terminal,omitempty"`
|
|
||||||
// User specifies user information for the process.
|
|
||||||
User User `json:"user"`
|
|
||||||
// Args specifies the binary and arguments for the application to execute.
|
|
||||||
Args []string `json:"args"`
|
|
||||||
// Env populates the process environment for the process.
|
|
||||||
Env []string `json:"env,omitempty"`
|
|
||||||
// Cwd is the current working directory for the process and must be
|
|
||||||
// relative to the container's root.
|
|
||||||
Cwd string `json:"cwd"`
|
|
||||||
// Capabilities are Linux capabilities that are kept for the container.
|
|
||||||
Capabilities []string `json:"capabilities,omitempty" platform:"linux"`
|
|
||||||
// Rlimits specifies rlimit options to apply to the process.
|
|
||||||
Rlimits []Rlimit `json:"rlimits,omitempty" platform:"linux"`
|
|
||||||
// NoNewPrivileges controls whether additional privileges could be gained by processes in the container.
|
|
||||||
NoNewPrivileges bool `json:"noNewPrivileges,omitempty" platform:"linux"`
|
|
||||||
// ApparmorProfile specifies the apparmor profile for the container.
|
|
||||||
ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"`
|
|
||||||
// SelinuxLabel specifies the selinux context that the container process is run as.
|
|
||||||
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
|
|
||||||
// ConsoleSize contains the initial size of the console.
|
|
||||||
ConsoleSize Box `json:"consoleSize" platform:"windows"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Box specifies height and width dimensions. Used for sizing of a console.
|
|
||||||
type Box struct {
|
|
||||||
Height uint
|
|
||||||
Width uint
|
|
||||||
}
|
|
||||||
|
|
||||||
// User specifies specific user (and group) information for the container process.
|
|
||||||
type User struct {
|
|
||||||
// UID is the user id.
|
|
||||||
UID uint32 `json:"uid" platform:"linux,solaris"`
|
|
||||||
// GID is the group id.
|
|
||||||
GID uint32 `json:"gid" platform:"linux,solaris"`
|
|
||||||
// AdditionalGids are additional group ids set for the container's process.
|
|
||||||
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"`
|
|
||||||
// Username is the user name.
|
|
||||||
Username string `json:"username,omitempty" platform:"windows"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Root contains information about the container's root filesystem on the host.
|
|
||||||
type Root struct {
|
|
||||||
// Path is the absolute path to the container's root filesystem.
|
|
||||||
Path string `json:"path"`
|
|
||||||
// Readonly makes the root filesystem for the container readonly before the process is executed.
|
|
||||||
Readonly bool `json:"readonly"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Platform specifies OS and arch information for the host system that the container
|
|
||||||
// is created for.
|
|
||||||
type Platform struct {
|
|
||||||
// OS is the operating system.
|
|
||||||
OS string `json:"os"`
|
|
||||||
// Arch is the architecture
|
|
||||||
Arch string `json:"arch"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Mount specifies a mount for a container.
|
|
||||||
type Mount struct {
|
|
||||||
// Destination is the path where the mount will be placed relative to the container's root. The path and child directories MUST exist, a runtime MUST NOT create directories automatically to a mount point.
|
|
||||||
Destination string `json:"destination"`
|
|
||||||
// Type specifies the mount kind.
|
|
||||||
Type string `json:"type"`
|
|
||||||
// Source specifies the source path of the mount. In the case of bind mounts on
|
|
||||||
// Linux based systems this would be the file on the host.
|
|
||||||
Source string `json:"source"`
|
|
||||||
// Options are fstab style mount options.
|
|
||||||
Options []string `json:"options,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// WindowsStorage contains storage resource management settings
|
|
||||||
type WindowsStorage struct {
|
|
||||||
// Specifies maximum Iops for the system drive
|
|
||||||
Iops *uint64 `json:"iops,omitempty"`
|
|
||||||
// Specifies maximum bytes per second for the system drive
|
|
||||||
Bps *uint64 `json:"bps,omitempty"`
|
|
||||||
// Sandbox size indicates the size to expand the system drive to if it is currently smaller
|
|
||||||
SandboxSize *uint64 `json:"sandbox_size,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// WindowsMemory contains memory settings for the container
|
|
||||||
type WindowsMemory struct {
|
|
||||||
// Memory limit (in bytes).
|
|
||||||
Limit *int64 `json:"limit,omitempty"`
|
|
||||||
// Memory reservation (in bytes).
|
|
||||||
Reservation *uint64 `json:"reservation,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// WindowsCPU contains information for cpu resource management
|
|
||||||
type WindowsCPU struct {
|
|
||||||
// Number of CPUs available to the container. This is an appoximation for Windows Server Containers.
|
|
||||||
Count *uint64 `json:"count,omitempty"`
|
|
||||||
// CPU shares (relative weight (ratio) vs. other containers with cpu shares). Range is from 1 to 10000.
|
|
||||||
Shares *uint64 `json:"shares,omitempty"`
|
|
||||||
// Percent of available CPUs usable by the container.
|
|
||||||
Percent *int64 `json:"percent,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// WindowsNetwork contains network resource management information
|
|
||||||
type WindowsNetwork struct {
|
|
||||||
// Bandwidth is the maximum egress bandwidth in bytes per second
|
|
||||||
Bandwidth *uint64 `json:"bandwidth,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// WindowsResources has container runtime resource constraints
|
|
||||||
// TODO Windows containerd. This structure needs ratifying with the old resources
|
|
||||||
// structure used on Windows and the latest OCI spec.
|
|
||||||
type WindowsResources struct {
|
|
||||||
// Memory restriction configuration
|
|
||||||
Memory *WindowsMemory `json:"memory,omitempty"`
|
|
||||||
// CPU resource restriction configuration
|
|
||||||
CPU *WindowsCPU `json:"cpu,omitempty"`
|
|
||||||
// Storage restriction configuration
|
|
||||||
Storage *WindowsStorage `json:"storage,omitempty"`
|
|
||||||
// Network restriction configuration
|
|
||||||
Network *WindowsNetwork `json:"network,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
const (
|
|
||||||
// VersionMajor is for an API incompatible changes
|
|
||||||
VersionMajor = 0
|
|
||||||
// VersionMinor is for functionality in a backwards-compatible manner
|
|
||||||
VersionMinor = 3
|
|
||||||
// VersionPatch is for backwards-compatible bug fixes
|
|
||||||
VersionPatch = 0
|
|
||||||
|
|
||||||
// VersionDev indicates development branch. Releases will be empty string.
|
|
||||||
VersionDev = ""
|
|
||||||
)
|
|
||||||
|
|
||||||
// Version is the specification version that the package types support.
|
|
||||||
var Version = fmt.Sprintf("%d.%d.%d%s (Windows)", VersionMajor, VersionMinor, VersionPatch, VersionDev)
|
|
||||||
|
|
||||||
//
|
|
||||||
// Temporary structures. Ultimately this whole file will be removed.
|
|
||||||
//
|
|
||||||
|
|
||||||
// Linux contains platform specific configuration for Linux based containers.
|
|
||||||
type Linux struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
// Solaris contains platform specific configuration for Solaris application containers.
|
|
||||||
type Solaris struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
// Hooks for container setup and teardown
|
|
||||||
type Hooks struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
// Rlimit type and restrictions. Placeholder only to support the Process structure.
|
|
||||||
// Not used on Windows, only present for compilation purposes.
|
|
||||||
type Rlimit struct {
|
|
||||||
}
|
|
|
@ -1,3 +0,0 @@
|
||||||
// +build !windows
|
|
||||||
|
|
||||||
package windowsoci
|
|
|
@ -76,7 +76,7 @@ func DefaultSpec() specs.Spec {
|
||||||
"CAP_AUDIT_WRITE",
|
"CAP_AUDIT_WRITE",
|
||||||
}
|
}
|
||||||
|
|
||||||
s.Linux = specs.Linux{
|
s.Linux = &specs.Linux{
|
||||||
MaskedPaths: []string{
|
MaskedPaths: []string{
|
||||||
"/proc/kcore",
|
"/proc/kcore",
|
||||||
"/proc/latency_stats",
|
"/proc/latency_stats",
|
||||||
|
|
|
@ -3,17 +3,17 @@ package oci
|
||||||
import (
|
import (
|
||||||
"runtime"
|
"runtime"
|
||||||
|
|
||||||
"github.com/docker/docker/libcontainerd/windowsoci"
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// DefaultSpec returns default spec used by docker.
|
// DefaultSpec returns default spec used by docker.
|
||||||
func DefaultSpec() windowsoci.Spec {
|
func DefaultSpec() specs.Spec {
|
||||||
return windowsoci.Spec{
|
return specs.Spec{
|
||||||
Version: windowsoci.Version,
|
Version: specs.Version,
|
||||||
Platform: windowsoci.Platform{
|
Platform: specs.Platform{
|
||||||
OS: runtime.GOOS,
|
OS: runtime.GOOS,
|
||||||
Arch: runtime.GOARCH,
|
Arch: runtime.GOARCH,
|
||||||
},
|
},
|
||||||
Windows: &windowsoci.Windows{},
|
Windows: &specs.Windows{},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,6 +15,7 @@ import (
|
||||||
"github.com/docker/docker/pkg/plugins"
|
"github.com/docker/docker/pkg/plugins"
|
||||||
"github.com/docker/docker/plugin/v2"
|
"github.com/docker/docker/plugin/v2"
|
||||||
"github.com/docker/docker/restartmanager"
|
"github.com/docker/docker/restartmanager"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (pm *Manager) enable(p *v2.Plugin, force bool) error {
|
func (pm *Manager) enable(p *v2.Plugin, force bool) error {
|
||||||
|
@ -27,7 +28,7 @@ func (pm *Manager) enable(p *v2.Plugin, force bool) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
p.RestartManager = restartmanager.New(container.RestartPolicy{Name: "always"}, 0)
|
p.RestartManager = restartmanager.New(container.RestartPolicy{Name: "always"}, 0)
|
||||||
if err := pm.containerdClient.Create(p.GetID(), "", "", libcontainerd.Spec(*spec), libcontainerd.WithRestartManager(p.RestartManager)); err != nil {
|
if err := pm.containerdClient.Create(p.GetID(), "", "", specs.Spec(*spec), libcontainerd.WithRestartManager(p.RestartManager)); err != nil {
|
||||||
if err := p.RestartManager.Cancel(); err != nil {
|
if err := p.RestartManager.Cancel(); err != nil {
|
||||||
logrus.Errorf("enable: restartManager.Cancel failed due to %v", err)
|
logrus.Errorf("enable: restartManager.Cancel failed due to %v", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,33 +4,37 @@ import "os"
|
||||||
|
|
||||||
// Spec is the base configuration for the container.
|
// Spec is the base configuration for the container.
|
||||||
type Spec struct {
|
type Spec struct {
|
||||||
// Version is the version of the specification that is supported.
|
// Version of the Open Container Runtime Specification with which the bundle complies.
|
||||||
Version string `json:"ociVersion"`
|
Version string `json:"ociVersion"`
|
||||||
// Platform is the host information for OS and Arch.
|
// Platform specifies the configuration's target platform.
|
||||||
Platform Platform `json:"platform"`
|
Platform Platform `json:"platform"`
|
||||||
// Process is the container's main process.
|
// Process configures the container process.
|
||||||
Process Process `json:"process"`
|
Process Process `json:"process"`
|
||||||
// Root is the root information for the container's filesystem.
|
// Root configures the container's root filesystem.
|
||||||
Root Root `json:"root"`
|
Root Root `json:"root"`
|
||||||
// Hostname is the container's host name.
|
// Hostname configures the container's hostname.
|
||||||
Hostname string `json:"hostname,omitempty"`
|
Hostname string `json:"hostname,omitempty"`
|
||||||
// Mounts profile configuration for adding mounts to the container's filesystem.
|
// Mounts configures additional mounts (on top of Root).
|
||||||
Mounts []Mount `json:"mounts,omitempty"`
|
Mounts []Mount `json:"mounts,omitempty"`
|
||||||
// Hooks are the commands run at various lifecycle events of the container.
|
// Hooks configures callbacks for container lifecycle events.
|
||||||
Hooks Hooks `json:"hooks"`
|
Hooks Hooks `json:"hooks"`
|
||||||
// Annotations is an unstructured key value map that may be set by external tools to store and retrieve arbitrary metadata.
|
// Annotations contains arbitrary metadata for the container.
|
||||||
Annotations map[string]string `json:"annotations,omitempty"`
|
Annotations map[string]string `json:"annotations,omitempty"`
|
||||||
|
|
||||||
// Linux is platform specific configuration for Linux based containers.
|
// Linux is platform specific configuration for Linux based containers.
|
||||||
Linux Linux `json:"linux" platform:"linux,omitempty"`
|
Linux *Linux `json:"linux,omitempty" platform:"linux"`
|
||||||
// Solaris is platform specific configuration for Solaris containers.
|
// Solaris is platform specific configuration for Solaris containers.
|
||||||
Solaris Solaris `json:"solaris" platform:"solaris,omitempty"`
|
Solaris *Solaris `json:"solaris,omitempty" platform:"solaris"`
|
||||||
|
// Windows is platform specific configuration for Windows based containers, including Hyper-V containers.
|
||||||
|
Windows *Windows `json:"windows,omitempty" platform:"windows"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
// Process contains information to start a specific application inside the container.
|
||||||
type Process struct {
|
type Process struct {
|
||||||
// Terminal creates an interactive terminal for the container.
|
// Terminal creates an interactive terminal for the container.
|
||||||
Terminal bool `json:"terminal,omitempty"`
|
Terminal bool `json:"terminal,omitempty"`
|
||||||
|
// ConsoleSize specifies the size of the console.
|
||||||
|
ConsoleSize Box `json:"consoleSize,omitempty"`
|
||||||
// User specifies user information for the process.
|
// User specifies user information for the process.
|
||||||
User User `json:"user"`
|
User User `json:"user"`
|
||||||
// Args specifies the binary and arguments for the application to execute.
|
// Args specifies the binary and arguments for the application to execute.
|
||||||
|
@ -43,25 +47,33 @@ type Process struct {
|
||||||
// Capabilities are Linux capabilities that are kept for the container.
|
// Capabilities are Linux capabilities that are kept for the container.
|
||||||
Capabilities []string `json:"capabilities,omitempty" platform:"linux"`
|
Capabilities []string `json:"capabilities,omitempty" platform:"linux"`
|
||||||
// Rlimits specifies rlimit options to apply to the process.
|
// Rlimits specifies rlimit options to apply to the process.
|
||||||
Rlimits []Rlimit `json:"rlimits,omitempty"`
|
Rlimits []Rlimit `json:"rlimits,omitempty" platform:"linux"`
|
||||||
// NoNewPrivileges controls whether additional privileges could be gained by processes in the container.
|
// NoNewPrivileges controls whether additional privileges could be gained by processes in the container.
|
||||||
NoNewPrivileges bool `json:"noNewPrivileges,omitempty"`
|
NoNewPrivileges bool `json:"noNewPrivileges,omitempty" platform:"linux"`
|
||||||
|
// ApparmorProfile specifies the apparmor profile for the container.
|
||||||
// ApparmorProfile specified the apparmor profile for the container. (this field is platform dependent)
|
|
||||||
ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"`
|
ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"`
|
||||||
// SelinuxLabel specifies the selinux context that the container process is run as. (this field is platform dependent)
|
// SelinuxLabel specifies the selinux context that the container process is run as.
|
||||||
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
|
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// User specifies Linux specific user and group information for the container's
|
// Box specifies dimensions of a rectangle. Used for specifying the size of a console.
|
||||||
// main process.
|
type Box struct {
|
||||||
|
// Height is the vertical dimension of a box.
|
||||||
|
Height uint `json:"height"`
|
||||||
|
// Width is the horizontal dimension of a box.
|
||||||
|
Width uint `json:"width"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// User specifies specific user (and group) information for the container process.
|
||||||
type User struct {
|
type User struct {
|
||||||
// UID is the user id. (this field is platform dependent)
|
// UID is the user id.
|
||||||
UID uint32 `json:"uid" platform:"linux"`
|
UID uint32 `json:"uid" platform:"linux,solaris"`
|
||||||
// GID is the group id. (this field is platform dependent)
|
// GID is the group id.
|
||||||
GID uint32 `json:"gid" platform:"linux"`
|
GID uint32 `json:"gid" platform:"linux,solaris"`
|
||||||
// AdditionalGids are additional group ids set for the container's process. (this field is platform dependent)
|
// AdditionalGids are additional group ids set for the container's process.
|
||||||
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux"`
|
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"`
|
||||||
|
// Username is the user name.
|
||||||
|
Username string `json:"username,omitempty" platform:"windows"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Root contains information about the container's root filesystem on the host.
|
// Root contains information about the container's root filesystem on the host.
|
||||||
|
@ -262,7 +274,7 @@ type Memory struct {
|
||||||
// Kernel memory limit (in bytes).
|
// Kernel memory limit (in bytes).
|
||||||
Kernel *uint64 `json:"kernel,omitempty"`
|
Kernel *uint64 `json:"kernel,omitempty"`
|
||||||
// Kernel memory limit for tcp (in bytes)
|
// Kernel memory limit for tcp (in bytes)
|
||||||
KernelTCP *uint64 `json:"kernelTCP"`
|
KernelTCP *uint64 `json:"kernelTCP,omitempty"`
|
||||||
// How aggressive the kernel will swap memory pages. Range from 0 to 100.
|
// How aggressive the kernel will swap memory pages. Range from 0 to 100.
|
||||||
Swappiness *uint64 `json:"swappiness,omitempty"`
|
Swappiness *uint64 `json:"swappiness,omitempty"`
|
||||||
}
|
}
|
||||||
|
@ -294,15 +306,15 @@ type Pids struct {
|
||||||
// Network identification and priority configuration
|
// Network identification and priority configuration
|
||||||
type Network struct {
|
type Network struct {
|
||||||
// Set class identifier for container's network packets
|
// Set class identifier for container's network packets
|
||||||
ClassID *uint32 `json:"classID"`
|
ClassID *uint32 `json:"classID,omitempty"`
|
||||||
// Set priority of network traffic for container
|
// Set priority of network traffic for container
|
||||||
Priorities []InterfacePriority `json:"priorities,omitempty"`
|
Priorities []InterfacePriority `json:"priorities,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Resources has container runtime resource constraints
|
// Resources has container runtime resource constraints
|
||||||
type Resources struct {
|
type Resources struct {
|
||||||
// Devices are a list of device rules for the whitelist controller
|
// Devices configures the device whitelist.
|
||||||
Devices []DeviceCgroup `json:"devices"`
|
Devices []DeviceCgroup `json:"devices,omitempty"`
|
||||||
// DisableOOMKiller disables the OOM killer for out of memory conditions
|
// DisableOOMKiller disables the OOM killer for out of memory conditions
|
||||||
DisableOOMKiller *bool `json:"disableOOMKiller,omitempty"`
|
DisableOOMKiller *bool `json:"disableOOMKiller,omitempty"`
|
||||||
// Specify an oom_score_adj for the container.
|
// Specify an oom_score_adj for the container.
|
||||||
|
@ -371,9 +383,9 @@ type Solaris struct {
|
||||||
// Specification for automatic creation of network resources for this container.
|
// Specification for automatic creation of network resources for this container.
|
||||||
Anet []Anet `json:"anet,omitempty"`
|
Anet []Anet `json:"anet,omitempty"`
|
||||||
// Set limit on the amount of CPU time that can be used by container.
|
// Set limit on the amount of CPU time that can be used by container.
|
||||||
CappedCPU CappedCPU `json:"cappedCPU,omitempty"`
|
CappedCPU *CappedCPU `json:"cappedCPU,omitempty"`
|
||||||
// The physical and swap caps on the memory that can be used by this container.
|
// The physical and swap caps on the memory that can be used by this container.
|
||||||
CappedMemory CappedMemory `json:"cappedMemory,omitempty"`
|
CappedMemory *CappedMemory `json:"cappedMemory,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// CappedCPU allows users to set limit on the amount of CPU time that can be used by container.
|
// CappedCPU allows users to set limit on the amount of CPU time that can be used by container.
|
||||||
|
@ -405,6 +417,58 @@ type Anet struct {
|
||||||
Macaddress string `json:"macAddress,omitempty"`
|
Macaddress string `json:"macAddress,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Windows defines the runtime configuration for Windows based containers, including Hyper-V containers.
|
||||||
|
type Windows struct {
|
||||||
|
// Resources contains information for handling resource constraints for the container.
|
||||||
|
Resources *WindowsResources `json:"resources,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WindowsResources has container runtime resource constraints for containers running on Windows.
|
||||||
|
type WindowsResources struct {
|
||||||
|
// Memory restriction configuration.
|
||||||
|
Memory *WindowsMemoryResources `json:"memory,omitempty"`
|
||||||
|
// CPU resource restriction configuration.
|
||||||
|
CPU *WindowsCPUResources `json:"cpu,omitempty"`
|
||||||
|
// Storage restriction configuration.
|
||||||
|
Storage *WindowsStorageResources `json:"storage,omitempty"`
|
||||||
|
// Network restriction configuration.
|
||||||
|
Network *WindowsNetworkResources `json:"network,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WindowsMemoryResources contains memory resource management settings.
|
||||||
|
type WindowsMemoryResources struct {
|
||||||
|
// Memory limit in bytes.
|
||||||
|
Limit *uint64 `json:"limit,omitempty"`
|
||||||
|
// Memory reservation in bytes.
|
||||||
|
Reservation *uint64 `json:"reservation,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WindowsCPUResources contains CPU resource management settings.
|
||||||
|
type WindowsCPUResources struct {
|
||||||
|
// Number of CPUs available to the container.
|
||||||
|
Count *uint64 `json:"count,omitempty"`
|
||||||
|
// CPU shares (relative weight to other containers with cpu shares). Range is from 1 to 10000.
|
||||||
|
Shares *uint16 `json:"shares,omitempty"`
|
||||||
|
// Percent of available CPUs usable by the container.
|
||||||
|
Percent *uint8 `json:"percent,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WindowsStorageResources contains storage resource management settings.
|
||||||
|
type WindowsStorageResources struct {
|
||||||
|
// Specifies maximum Iops for the system drive.
|
||||||
|
Iops *uint64 `json:"iops,omitempty"`
|
||||||
|
// Specifies maximum bytes per second for the system drive.
|
||||||
|
Bps *uint64 `json:"bps,omitempty"`
|
||||||
|
// Sandbox size specifies the minimum size of the system drive in bytes.
|
||||||
|
SandboxSize *uint64 `json:"sandboxSize,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WindowsNetworkResources contains network resource management settings.
|
||||||
|
type WindowsNetworkResources struct {
|
||||||
|
// EgressBandwidth is the maximum egress bandwidth in bytes per second.
|
||||||
|
EgressBandwidth *uint64 `json:"egressBandwidth,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
// Arch used for additional architectures
|
// Arch used for additional architectures
|
||||||
type Arch string
|
type Arch string
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ type State struct {
|
||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
// Status is the runtime state of the container.
|
// Status is the runtime state of the container.
|
||||||
Status string `json:"status"`
|
Status string `json:"status"`
|
||||||
// Pid is the process id for the container's main process.
|
// Pid is the process ID for the container process.
|
||||||
Pid int `json:"pid"`
|
Pid int `json:"pid"`
|
||||||
// BundlePath is the path to the container's bundle directory.
|
// BundlePath is the path to the container's bundle directory.
|
||||||
BundlePath string `json:"bundlePath"`
|
BundlePath string `json:"bundlePath"`
|
||||||
|
|
|
@ -11,7 +11,7 @@ const (
|
||||||
VersionPatch = 0
|
VersionPatch = 0
|
||||||
|
|
||||||
// VersionDev indicates development branch. Releases will be empty string.
|
// VersionDev indicates development branch. Releases will be empty string.
|
||||||
VersionDev = "-rc1"
|
VersionDev = "-rc2-dev"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Version is the specification version that the package types support.
|
// Version is the specification version that the package types support.
|
||||||
|
|
Loading…
Reference in a new issue