Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

move the description of user ns mapping and default files to proper file #171

Merged
merged 2 commits into from
Jan 5, 2016
+30 −24
Merged

move the description of user ns mapping and default files to proper file #171

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0c9a978
runtime-config: add example label before json exmaple
gao-feng Jan 5, 2016
053f059
move the description of user ns mapping to proper file
gao-feng Jan 5, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 0 additions & 24 deletions config-linux.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,30 +16,6 @@ Valid values are the strings for capabilities defined in [the man page](http://m
]
```

## User namespace mappings

```json
"uidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 10
}
],
"gidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 10
}
]
```

uid/gid mappings describe the user namespace mappings from the host to the container.
The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
There is a limit of 5 mappings which is the Linux kernel hard limit.

## Default Devices and File Systems
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change sounds good.


The Linux ABI includes both syscalls and several special file paths.
Expand Down
30 changes: 30 additions & 0 deletions runtime-config-linux.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,32 @@ Also, when a path is specified, a runtime MUST assume that the setup for that pa
]
```

## User namespace mappings

###### Example

```json
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know you're just copy-pasting here, but since you reorder, it might be worth adding the *Example* psuedo-header that seems to be our convention for setting off examples.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wking You mean we should add Example before all of json examples in this file?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Sun, Sep 13, 2015 at 07:34:11PM -0700, Gao feng wrote:

@wking You mean we should add Example before all of json examples
in this file?

Yes, although we can leave examples you aren't touching for follow-up
PRs (although it looks like you got a lot of them in 107a454, and
I'm fine with that too).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, append another commit :)

Copy link
Contributor

@wking wking Sep 14, 2015 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"uidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 10
}
],
"gidMappings": [
{
"hostID": 1000,
"containerID": 0,
"size": 10
}
]
```

uid/gid mappings describe the user namespace mappings from the host to the container.
The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
There is a limit of 5 mappings which is the Linux kernel hard limit.

## Devices

`devices` is an array specifying the list of devices to be created in the container.
Expand Down Expand Up @@ -152,6 +178,8 @@ The Spec does not include naming schema for cgroups.
The Spec does not support [split hierarchy](https://www.kernel.org/doc/Documentation/cgroups/unified-hierarchy.txt).
The cgroups will be created if they don't exist.

###### Example

```json
"cgroupsPath": "/myRuntime/myContainer"
```
Expand Down Expand Up @@ -182,6 +210,8 @@ For more information, see [the memory cgroup man page](https://www.kernel.org/do

More information on `oom_score_adj` available [here](https://www.kernel.org/doc/Documentation/filesystems/proc.txt).

###### Example

```json
"oomScoreAdj": 0
```
Expand Down