update to use containerd seccomp package
Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
This commit is contained in:
		
							parent
							
								
									9ff5e389ff
								
							
						
					
					
						commit
						09243b740c
					
				
					 8199 changed files with 30742 additions and 1598219 deletions
				
			
		
							
								
								
									
										11
									
								
								vendor/github.com/opencontainers/runc/man/README.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										11
									
								
								vendor/github.com/opencontainers/runc/man/README.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,11 +0,0 @@ | |||
| runc man pages | ||||
| ==================== | ||||
| 
 | ||||
| This directory contains man pages for runc in markdown format. | ||||
| 
 | ||||
| To generate man pages from it, use this command | ||||
| 
 | ||||
|     ./md2man-all.sh | ||||
| 
 | ||||
| You will see man pages generated under the man8 directory. | ||||
| 
 | ||||
							
								
								
									
										27
									
								
								vendor/github.com/opencontainers/runc/man/md2man-all.sh
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										27
									
								
								vendor/github.com/opencontainers/runc/man/md2man-all.sh
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,27 +0,0 @@ | |||
| #!/bin/bash | ||||
| set -e | ||||
| 
 | ||||
| # get into this script's directory | ||||
| cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" | ||||
| 
 | ||||
| [ "$1" = '-q' ] || { | ||||
| 	set -x | ||||
| 	pwd | ||||
| } | ||||
| 
 | ||||
| if ! ( which go-md2man &>/dev/null ); then | ||||
| 	echo "To install man pages, please install 'go-md2man'." | ||||
| 	exit 0 | ||||
| fi | ||||
| 
 | ||||
| for FILE in *.md; do | ||||
| 	base="$(basename "$FILE")" | ||||
| 	name="${base%.md}" | ||||
| 	num="${name##*.}" | ||||
| 	if [ -z "$num" -o "$name" = "$num" ]; then | ||||
| 		# skip files that aren't of the format xxxx.N.md (like README.md) | ||||
| 		continue | ||||
| 	fi | ||||
| 	mkdir -p "./man${num}" | ||||
| 	go-md2man -in "$FILE" -out "./man${num}/${name}" | ||||
| done | ||||
							
								
								
									
										25
									
								
								vendor/github.com/opencontainers/runc/man/runc-checkpoint.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										25
									
								
								vendor/github.com/opencontainers/runc/man/runc-checkpoint.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,25 +0,0 @@ | |||
| # NAME | ||||
|    runc checkpoint - checkpoint a running container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc checkpoint [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container to be | ||||
| checkpointed. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The checkpoint command saves the state of the container instance. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --image-path value           path for saving criu image files | ||||
|    --work-path value            path for saving work files and logs | ||||
|    --parent-path value          path for previous criu image files in pre-dump | ||||
|    --leave-running              leave the process running after checkpointing | ||||
|    --tcp-established            allow open tcp connections | ||||
|    --ext-unix-sk                allow external unix sockets | ||||
|    --shell-job                  allow shell jobs | ||||
|    --page-server value          ADDRESS:PORT of the page server | ||||
|    --file-locks                 handle file locks, for safety | ||||
|    --pre-dump                   dump container's memory information only, leave the container running after this | ||||
|    --manage-cgroups-mode value  cgroups mode: 'soft' (default), 'full' and 'strict' | ||||
|    --empty-ns value             create a namespace, but don't restore its properties | ||||
							
								
								
									
										27
									
								
								vendor/github.com/opencontainers/runc/man/runc-create.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										27
									
								
								vendor/github.com/opencontainers/runc/man/runc-create.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,27 +0,0 @@ | |||
| # NAME | ||||
|    runc create - create a container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc create [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is your name for the instance of the container that you | ||||
| are starting. The name you provide for the container instance must be unique on | ||||
| your host. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The create command creates an instance of a container for a bundle. The bundle | ||||
| is a directory with a specification file named "config.json" and a root | ||||
| filesystem. | ||||
| 
 | ||||
| The specification file includes an args parameter. The args parameter is used | ||||
| to specify command(s) that get run when the container is started. To change the | ||||
| command(s) that get executed on start, edit the args parameter of the spec. See | ||||
| "runc spec --help" for more explanation. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --bundle value, -b value  path to the root of the bundle directory, defaults to the current directory | ||||
|    --console-socket value    path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal | ||||
|    --pid-file value          specify the file to write the process id to | ||||
|    --no-pivot                do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk | ||||
|    --no-new-keyring          do not create a new session keyring for the container.  This will cause the container to inherit the calling processes session key | ||||
|    --preserve-fds value      Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total) (default: 0) | ||||
							
								
								
									
										17
									
								
								vendor/github.com/opencontainers/runc/man/runc-delete.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										17
									
								
								vendor/github.com/opencontainers/runc/man/runc-delete.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,17 +0,0 @@ | |||
| # NAME | ||||
|    runc delete - delete any resources held by the container often used with detached container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc delete [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --force, -f		Forcibly deletes the container if it is still running (uses SIGKILL) | ||||
| 
 | ||||
| # EXAMPLE | ||||
| For example, if the container id is "ubuntu01" and runc list currently shows the | ||||
| status of "ubuntu01" as "stopped" the following will delete resources held for | ||||
| "ubuntu01" removing "ubuntu01" from the runc list of containers:   | ||||
| 
 | ||||
|        # runc delete ubuntu01 | ||||
							
								
								
									
										15
									
								
								vendor/github.com/opencontainers/runc/man/runc-events.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										15
									
								
								vendor/github.com/opencontainers/runc/man/runc-events.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,15 +0,0 @@ | |||
| # NAME | ||||
|    runc events - display container events such as OOM notifications, cpu, memory, and IO usage statistics | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc events [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The events command displays information about the container. By default the | ||||
| information is displayed once every 5 seconds. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --interval value     set the stats collection interval (default: 5s) | ||||
|    --stats              display the container's stats then exit | ||||
							
								
								
									
										30
									
								
								vendor/github.com/opencontainers/runc/man/runc-exec.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										30
									
								
								vendor/github.com/opencontainers/runc/man/runc-exec.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,30 +0,0 @@ | |||
| # NAME | ||||
|    runc exec - execute new process inside the container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc exec [command options] <container-id> -- <container command> [args...] | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container and | ||||
| "<container command>" is the command to be executed in the container. | ||||
| 
 | ||||
| # EXAMPLE | ||||
| For example, if the container is configured to run the linux ps command the | ||||
| following will output a list of processes running in the container: | ||||
| 
 | ||||
|        # runc exec <container-id> ps | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --console value                          specify the pty slave path for use with the container | ||||
|    --cwd value                              current working directory in the container | ||||
|    --env value, -e value                    set environment variables | ||||
|    --tty, -t                                allocate a pseudo-TTY | ||||
|    --user value, -u value                   UID (format: <uid>[:<gid>]) | ||||
|    --additional-gids value, -g value        additional gids | ||||
|    --process value, -p value                path to the process.json | ||||
|    --detach, -d                             detach from the container's process | ||||
|    --pid-file value                         specify the file to write the process id to | ||||
|    --process-label value                    set the asm process label for the process commonly used with selinux | ||||
|    --apparmor value                         set the apparmor profile for the process | ||||
|    --no-new-privs                           set the no new privileges value for the process | ||||
|    --cap value, -c value                    add a capability to the bounding set for the process | ||||
|    --no-subreaper                           disable the use of the subreaper used to reap reparented processes | ||||
							
								
								
									
										18
									
								
								vendor/github.com/opencontainers/runc/man/runc-kill.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										18
									
								
								vendor/github.com/opencontainers/runc/man/runc-kill.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,18 +0,0 @@ | |||
| # NAME | ||||
|    runc kill - kill sends the specified signal (default: SIGTERM) to the container's init process | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc kill [command options] <container-id> <signal> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container and | ||||
| "<signal>" is the signal to be sent to the init process. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --all, -a  send the specified signal to all processes inside the container | ||||
| 
 | ||||
| # EXAMPLE | ||||
| 
 | ||||
| For example, if the container id is "ubuntu01" the following will send a "KILL" | ||||
| signal to the init process of the "ubuntu01" container: | ||||
| 
 | ||||
|        # runc kill ubuntu01 KILL | ||||
							
								
								
									
										19
									
								
								vendor/github.com/opencontainers/runc/man/runc-list.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										19
									
								
								vendor/github.com/opencontainers/runc/man/runc-list.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,19 +0,0 @@ | |||
| # NAME | ||||
|    runc list - lists containers started by runc with the given root | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc list [command options] | ||||
| 
 | ||||
| # EXAMPLE | ||||
| Where the given root is specified via the global option "--root" | ||||
| (default: "/run/runc"). | ||||
| 
 | ||||
| To list containers created via the default "--root": | ||||
|        # runc list | ||||
| 
 | ||||
| To list containers created using a non-default value for "--root": | ||||
|        # runc --root value list | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --format value, -f value     select one of: table or json (default: "table") | ||||
|    --quiet, -q                  display only container IDs | ||||
							
								
								
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-pause.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-pause.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,12 +0,0 @@ | |||
| # NAME | ||||
|    runc pause - pause suspends all processes inside the container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc pause <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container to be | ||||
| paused.  | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The pause command suspends all processes in the instance of the container. | ||||
| Use runc list to identiy instances of containers and their current status. | ||||
							
								
								
									
										13
									
								
								vendor/github.com/opencontainers/runc/man/runc-ps.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										13
									
								
								vendor/github.com/opencontainers/runc/man/runc-ps.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,13 +0,0 @@ | |||
| # NAME | ||||
|    runc ps - ps displays the processes running inside a container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc ps [command options] <container-id> [ps options] | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --format value, -f value     select one of: table(default) or json | ||||
| 
 | ||||
| The default format is table.  The following will output the processes of a container | ||||
| in json format: | ||||
| 
 | ||||
|     # runc ps -f json <container-id> | ||||
							
								
								
									
										26
									
								
								vendor/github.com/opencontainers/runc/man/runc-restore.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										26
									
								
								vendor/github.com/opencontainers/runc/man/runc-restore.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,26 +0,0 @@ | |||
| # NAME | ||||
|    runc restore - restore a container from a previous checkpoint | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc restore [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container to be | ||||
| restored. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    Restores the saved state of the container instance that was previously saved | ||||
| using the runc checkpoint command. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --image-path value           path to criu image files for restoring | ||||
|    --work-path value            path for saving work files and logs | ||||
|    --tcp-established            allow open tcp connections | ||||
|    --ext-unix-sk                allow external unix sockets | ||||
|    --shell-job                  allow shell jobs | ||||
|    --file-locks                 handle file locks, for safety | ||||
|    --manage-cgroups-mode value  cgroups mode: 'soft' (default), 'full' and 'strict' | ||||
|    --bundle value, -b value     path to the root of the bundle directory | ||||
|    --detach, -d                 detach from the container's process | ||||
|    --pid-file value             specify the file to write the process id to | ||||
|    --no-subreaper               disable the use of the subreaper used to reap reparented processes | ||||
|    --no-pivot                   do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk | ||||
							
								
								
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-resume.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-resume.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,12 +0,0 @@ | |||
| # NAME | ||||
|    runc resume - resumes all processes that have been previously paused | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc resume <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is the name for the instance of the container to be | ||||
| resumed. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The resume command resumes all processes in the instance of the container. | ||||
| Use runc list to identiy instances of containers and their current status. | ||||
							
								
								
									
										29
									
								
								vendor/github.com/opencontainers/runc/man/runc-run.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										29
									
								
								vendor/github.com/opencontainers/runc/man/runc-run.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,29 +0,0 @@ | |||
| # NAME | ||||
|    runc run - create and run a container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc run [command options] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is your name for the instance of the container that you | ||||
| are starting. The name you provide for the container instance must be unique on | ||||
| your host. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The run command creates an instance of a container for a bundle. The bundle | ||||
| is a directory with a specification file named "config.json" and a root | ||||
| filesystem. | ||||
| 
 | ||||
| The specification file includes an args parameter. The args parameter is used | ||||
| to specify command(s) that get run when the container is started. To change the | ||||
| command(s) that get executed on start, edit the args parameter of the spec. See | ||||
| "runc spec --help" for more explanation. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --bundle value, -b value  path to the root of the bundle directory, defaults to the current directory | ||||
|    --console-socket value    path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal | ||||
|    --detach, -d              detach from the container's process | ||||
|    --pid-file value          specify the file to write the process id to | ||||
|    --no-subreaper            disable the use of the subreaper used to reap reparented processes | ||||
|    --no-pivot                do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk | ||||
|    --no-new-keyring          do not create a new session keyring for the container.  This will cause the container to inherit the calling processes session key | ||||
|    --preserve-fds value      Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total) (default: 0) | ||||
							
								
								
									
										52
									
								
								vendor/github.com/opencontainers/runc/man/runc-spec.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										52
									
								
								vendor/github.com/opencontainers/runc/man/runc-spec.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,52 +0,0 @@ | |||
| # NAME | ||||
|    runc spec - create a new specification file | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc spec [command options] [arguments...] | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The spec command creates the new specification file named "config.json" for | ||||
| the bundle. | ||||
| 
 | ||||
| The spec generated is just a starter file. Editing of the spec is required to | ||||
| achieve desired results. For example, the newly generated spec includes an args | ||||
| parameter that is initially set to call the "sh" command when the container is | ||||
| started. Calling "sh" may work for an ubuntu container or busybox, but will not | ||||
| work for containers that do not include the "sh" program. | ||||
| 
 | ||||
| # EXAMPLE | ||||
|   To run docker's hello-world container one needs to set the args parameter | ||||
| in the spec to call hello. This can be done using the sed command or a text | ||||
| editor. The following commands create a bundle for hello-world, change the | ||||
| default args parameter in the spec from "sh" to "/hello", then run the hello | ||||
| command in a new hello-world container named container1: | ||||
| 
 | ||||
|     mkdir hello | ||||
|     cd hello | ||||
|     docker pull hello-world | ||||
|     docker export $(docker create hello-world) > hello-world.tar | ||||
|     mkdir rootfs | ||||
|     tar -C rootfs -xf hello-world.tar | ||||
|     runc spec | ||||
|     sed -i 's;"sh";"/hello";' config.json | ||||
|     runc start container1 | ||||
| 
 | ||||
| In the start command above, "container1" is the name for the instance of the | ||||
| container that you are starting. The name you provide for the container instance | ||||
| must be unique on your host. | ||||
| 
 | ||||
| An alternative for generating a customized spec config is to use "oci-runtime-tool", the | ||||
| sub-command "oci-runtime-tool generate" has lots of options that can be used to do any | ||||
| customizations as you want, see [runtime-tools](https://github.com/opencontainers/runtime-tools) | ||||
| to get more information. | ||||
| 
 | ||||
| When starting a container through runc, runc needs root privilege. If not | ||||
| already running as root, you can use sudo to give runc root privilege. For | ||||
| example: "sudo runc start container1" will give runc root privilege to start the | ||||
| container on your host. | ||||
| 
 | ||||
| Alternatively, you can start a rootless container, which has the ability to run without root privileges. For this to work, the specification file needs to be adjusted accordingly. You can pass the parameter --rootless to this command to generate a proper rootless spec file. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --bundle value, -b value     path to the root of the bundle directory | ||||
|    --rootless                   generate a configuration for a rootless container | ||||
							
								
								
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-start.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										12
									
								
								vendor/github.com/opencontainers/runc/man/runc-start.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,12 +0,0 @@ | |||
| # NAME | ||||
|    runc start - start executes the user defined process in a created container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc start <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is your name for the instance of the container that you | ||||
| are starting. The name you provide for the container instance must be unique on | ||||
| your host. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The start command executes the user defined process in a created container. | ||||
							
								
								
									
										11
									
								
								vendor/github.com/opencontainers/runc/man/runc-state.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										11
									
								
								vendor/github.com/opencontainers/runc/man/runc-state.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,11 +0,0 @@ | |||
| # NAME | ||||
|    runc state - output the state of a container | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc state <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is your name for the instance of the container. | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The state command outputs current state information for the | ||||
| instance of a container. | ||||
							
								
								
									
										51
									
								
								vendor/github.com/opencontainers/runc/man/runc-update.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										51
									
								
								vendor/github.com/opencontainers/runc/man/runc-update.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,51 +0,0 @@ | |||
| # NAME | ||||
|    runc update - update container resource constraints | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc update [command options] <container-id> | ||||
| 
 | ||||
| # DESCRIPTION | ||||
|    The data can be read from a file or the standard input, the | ||||
| accepted format is as follow (unchanged values can be omitted): | ||||
| 
 | ||||
|    { | ||||
|      "memory": { | ||||
|        "limit": 0, | ||||
|        "reservation": 0, | ||||
|        "swap": 0, | ||||
|        "kernel": 0, | ||||
|        "kernelTCP": 0 | ||||
|      }, | ||||
|      "cpu": { | ||||
|        "shares": 0, | ||||
|        "quota": 0, | ||||
|        "period": 0, | ||||
|        "realtimeRuntime": 0, | ||||
|        "realtimePeriod": 0, | ||||
|        "cpus": "", | ||||
|        "mems": "" | ||||
|      }, | ||||
|      "blockIO": { | ||||
|        "blkioWeight": 0 | ||||
|      } | ||||
|    } | ||||
| 
 | ||||
| Note: if data is to be read from a file or the standard input, all | ||||
| other options are ignored. | ||||
| 
 | ||||
| # OPTIONS | ||||
|    --resources value, -r value  path to the file containing the resources to update or '-' to read from the standard input | ||||
|    --blkio-weight value         Specifies per cgroup weight, range is from 10 to 1000 (default: 0) | ||||
|    --cpu-period value           CPU CFS period to be used for hardcapping (in usecs). 0 to use system default | ||||
|    --cpu-quota value            CPU CFS hardcap limit (in usecs). Allowed cpu time in a given period | ||||
|    --cpu-rt-period value        CPU realtime period to be used for hardcapping (in usecs). 0 to use system default | ||||
|    --cpu-rt-runtime value       CPU realtime hardcap limit (in usecs). Allowed cpu time in a given period | ||||
|    --cpu-share value            CPU shares (relative weight vs. other containers) | ||||
|    --cpuset-cpus value          CPU(s) to use | ||||
|    --cpuset-mems value          Memory node(s) to use | ||||
|    --kernel-memory value        Kernel memory limit (in bytes) | ||||
|    --kernel-memory-tcp value    Kernel memory limit (in bytes) for tcp buffer | ||||
|    --memory value               Memory limit (in bytes) | ||||
|    --memory-reservation value   Memory reservation or soft_limit (in bytes) | ||||
|    --memory-swap value          Total memory usage (memory + swap); set '-1' to enable unlimited swap | ||||
|    --pids-limit value           Maximum number of pids allowed in the container (default: 0) | ||||
							
								
								
									
										57
									
								
								vendor/github.com/opencontainers/runc/man/runc.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										57
									
								
								vendor/github.com/opencontainers/runc/man/runc.8.md
									
										
									
										generated
									
									
										vendored
									
									
								
							|  | @ -1,57 +0,0 @@ | |||
| # NAME | ||||
|    runc - Open Container Initiative runtime | ||||
| 
 | ||||
| # SYNOPSIS | ||||
|    runc [global options] command [command options] [arguments...] | ||||
|     | ||||
| # DESCRIPTION | ||||
| runc is a command line client for running applications packaged according to | ||||
| the Open Container Initiative (OCI) format and is a compliant implementation of the | ||||
| Open Container Initiative specification. | ||||
| 
 | ||||
| runc integrates well with existing process supervisors to provide a production | ||||
| container runtime environment for applications. It can be used with your | ||||
| existing process monitoring tools and the container will be spawned as a | ||||
| direct child of the process supervisor. | ||||
| 
 | ||||
| Containers are configured using bundles. A bundle for a container is a directory | ||||
| that includes a specification file named "config.json" and a root filesystem. | ||||
| The root filesystem contains the contents of the container.  | ||||
| 
 | ||||
| To start a new instance of a container: | ||||
| 
 | ||||
|     # runc start [ -b bundle ] <container-id> | ||||
| 
 | ||||
| Where "<container-id>" is your name for the instance of the container that you | ||||
| are starting. The name you provide for the container instance must be unique on | ||||
| your host. Providing the bundle directory using "-b" is optional. The default | ||||
| value for "bundle" is the current directory. | ||||
| 
 | ||||
| # COMMANDS | ||||
|    checkpoint   checkpoint a running container | ||||
|    delete       delete any resources held by the container often used with detached containers | ||||
|    events       display container events such as OOM notifications, cpu, memory, IO and network stats | ||||
|    exec         execute new process inside the container | ||||
|    init         initialize the namespaces and launch the process (do not call it outside of runc) | ||||
|    kill         kill sends the specified signal (default: SIGTERM) to the container's init process | ||||
|    list         lists containers started by runc with the given root | ||||
|    pause        pause suspends all processes inside the container | ||||
|    ps           displays the processes running inside a container | ||||
|    restore      restore a container from a previous checkpoint | ||||
|    resume       resumes all processes that have been previously paused | ||||
|    run          create and run a container | ||||
|    spec         create a new specification file | ||||
|    start        executes the user defined process in a created container | ||||
|    state        output the state of a container | ||||
|    update       update container resource constraints | ||||
|    help, h      Shows a list of commands or help for one command | ||||
|     | ||||
| # GLOBAL OPTIONS | ||||
|    --debug              enable debug output for logging | ||||
|    --log value          set the log file path where internal debug information is written (default: "/dev/null") | ||||
|    --log-format value   set the format used by logs ('text' (default), or 'json') (default: "text") | ||||
|    --root value         root directory for storage of container state (this should be located in tmpfs) (default: "/run/runc" or $XDG_RUNTIME_DIR/runc for rootless containers) | ||||
|    --criu value         path to the criu binary used for checkpoint and restore (default: "criu") | ||||
|    --systemd-cgroup     enable systemd cgroup support, expects cgroupsPath to be of form "slice:prefix:name" for e.g. "system.slice:runc:434234" | ||||
|    --help, -h           show help | ||||
|    --version, -v        print the version | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue