update vendor

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>

vendor/github.com/opencontainers/runc/man/README.md

@@ -0,0 +1,11 @@
+runc man pages
+====================
+
+This directory contains man pages for runc in markdown format.
+
+To generate man pages from it, use this command
+
+    ./md2man-all.sh
+
+You will see man pages generated under the man8 directory.
+

vendor/github.com/opencontainers/runc/man/md2man-all.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+set -e
+
+# get into this script's directory
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+[ "$1" = '-q' ] || {
+	set -x
+	pwd
+}
+
+if ! ( which go-md2man &>/dev/null ); then
+	echo "To install man pages, please install 'go-md2man'."
+	exit 0
+fi
+
+for FILE in *.md; do
+	base="$(basename "$FILE")"
+	name="${base%.md}"
+	num="${name##*.}"
+	if [ -z "$num" -o "$name" = "$num" ]; then
+		# skip files that aren't of the format xxxx.N.md (like README.md)
+		continue
+	fi
+	mkdir -p "./man${num}"
+	go-md2man -in "$FILE" -out "./man${num}/${name}"
+done

vendor/github.com/opencontainers/runc/man/runc-checkpoint.8.md

@@ -0,0 +1,25 @@
+# NAME
+   runc checkpoint - checkpoint a running container
+
+# SYNOPSIS
+   runc checkpoint [command options] <container-id>
+
+Where "<container-id>" is the name for the instance of the container to be
+checkpointed.
+
+# DESCRIPTION
+   The checkpoint command saves the state of the container instance.
+
+# OPTIONS
+   --image-path value           path for saving criu image files
+   --work-path value            path for saving work files and logs
+   --parent-path value          path for previous criu image files in pre-dump
+   --leave-running              leave the process running after checkpointing
+   --tcp-established            allow open tcp connections
+   --ext-unix-sk                allow external unix sockets
+   --shell-job                  allow shell jobs
+   --page-server value          ADDRESS:PORT of the page server
+   --file-locks                 handle file locks, for safety
+   --pre-dump                   dump container's memory information only, leave the container running after this
+   --manage-cgroups-mode value  cgroups mode: 'soft' (default), 'full' and 'strict'
+   --empty-ns value             create a namespace, but don't restore its properties

vendor/github.com/opencontainers/runc/man/runc-create.8.md

@@ -0,0 +1,27 @@
+# NAME
+   runc create - create a container
+
+# SYNOPSIS
+   runc create [command options] <container-id>
+
+Where "<container-id>" is your name for the instance of the container that you
+are starting. The name you provide for the container instance must be unique on
+your host.
+
+# DESCRIPTION
+   The create command creates an instance of a container for a bundle. The bundle
+is a directory with a specification file named "config.json" and a root
+filesystem.
+
+The specification file includes an args parameter. The args parameter is used
+to specify command(s) that get run when the container is started. To change the
+command(s) that get executed on start, edit the args parameter of the spec. See
+"runc spec --help" for more explanation.
+
+# OPTIONS
+   --bundle value, -b value  path to the root of the bundle directory, defaults to the current directory
+   --console-socket value    path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal
+   --pid-file value          specify the file to write the process id to
+   --no-pivot                do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk
+   --no-new-keyring          do not create a new session keyring for the container.  This will cause the container to inherit the calling processes session key
+   --preserve-fds value      Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total) (default: 0)

vendor/github.com/opencontainers/runc/man/runc-delete.8.md

@@ -0,0 +1,17 @@
+# NAME
+   runc delete - delete any resources held by the container often used with detached container
+
+# SYNOPSIS
+   runc delete [command options] <container-id>
+
+Where "<container-id>" is the name for the instance of the container.
+
+# OPTIONS
+   --force, -f		Forcibly deletes the container if it is still running (uses SIGKILL)
+
+# EXAMPLE
+For example, if the container id is "ubuntu01" and runc list currently shows the
+status of "ubuntu01" as "stopped" the following will delete resources held for
+"ubuntu01" removing "ubuntu01" from the runc list of containers:  
+
+       # runc delete ubuntu01

vendor/github.com/opencontainers/runc/man/runc-events.8.md

@@ -0,0 +1,15 @@
+# NAME
+   runc events - display container events such as OOM notifications, cpu, memory, and IO usage statistics
+
+# SYNOPSIS
+   runc events [command options] <container-id>
+
+Where "<container-id>" is the name for the instance of the container.
+
+# DESCRIPTION
+   The events command displays information about the container. By default the
+information is displayed once every 5 seconds.
+
+# OPTIONS
+   --interval value     set the stats collection interval (default: 5s)
+   --stats              display the container's stats then exit

vendor/github.com/opencontainers/runc/man/runc-exec.8.md

@@ -0,0 +1,30 @@
+# NAME
+   runc exec - execute new process inside the container
+
+# SYNOPSIS
+   runc exec [command options] <container-id> -- <container command> [args...]
+
+Where "<container-id>" is the name for the instance of the container and
+"<container command>" is the command to be executed in the container.
+
+# EXAMPLE
+For example, if the container is configured to run the linux ps command the
+following will output a list of processes running in the container:
+
+       # runc exec <container-id> ps
+
+# OPTIONS
+   --console value                          specify the pty slave path for use with the container
+   --cwd value                              current working directory in the container
+   --env value, -e value                    set environment variables
+   --tty, -t                                allocate a pseudo-TTY
+   --user value, -u value                   UID (format: <uid>[:<gid>])
+   --additional-gids value, -g value        additional gids
+   --process value, -p value                path to the process.json
+   --detach, -d                             detach from the container's process
+   --pid-file value                         specify the file to write the process id to
+   --process-label value                    set the asm process label for the process commonly used with selinux
+   --apparmor value                         set the apparmor profile for the process
+   --no-new-privs                           set the no new privileges value for the process
+   --cap value, -c value                    add a capability to the bounding set for the process
+   --no-subreaper                           disable the use of the subreaper used to reap reparented processes

vendor/github.com/opencontainers/runc/man/runc-kill.8.md

@@ -0,0 +1,18 @@
+# NAME
+   runc kill - kill sends the specified signal (default: SIGTERM) to the container's init process
+
+# SYNOPSIS
+   runc kill [command options] <container-id> <signal>
+
+Where "<container-id>" is the name for the instance of the container and
+"<signal>" is the signal to be sent to the init process.
+
+# OPTIONS
+   --all, -a  send the specified signal to all processes inside the container
+
+# EXAMPLE
+
+For example, if the container id is "ubuntu01" the following will send a "KILL"
+signal to the init process of the "ubuntu01" container:
+
+       # runc kill ubuntu01 KILL

vendor/github.com/opencontainers/runc/man/runc-list.8.md

@@ -0,0 +1,19 @@
+# NAME
+   runc list - lists containers started by runc with the given root
+
+# SYNOPSIS
+   runc list [command options]
+
+# EXAMPLE
+Where the given root is specified via the global option "--root"
+(default: "/run/runc").
+
+To list containers created via the default "--root":
+       # runc list
+
+To list containers created using a non-default value for "--root":
+       # runc --root value list
+
+# OPTIONS
+   --format value, -f value     select one of: table or json (default: "table")
+   --quiet, -q                  display only container IDs

vendor/github.com/opencontainers/runc/man/runc-pause.8.md

@@ -0,0 +1,12 @@
+# NAME
+   runc pause - pause suspends all processes inside the container
+
+# SYNOPSIS
+   runc pause <container-id>
+
+Where "<container-id>" is the name for the instance of the container to be
+paused. 
+
+# DESCRIPTION
+   The pause command suspends all processes in the instance of the container.
+Use runc list to identiy instances of containers and their current status.

vendor/github.com/opencontainers/runc/man/runc-ps.8.md

@@ -0,0 +1,13 @@
+# NAME
+   runc ps - ps displays the processes running inside a container
+
+# SYNOPSIS
+   runc ps [command options] <container-id> [ps options]
+
+# OPTIONS
+   --format value, -f value     select one of: table(default) or json
+
+The default format is table.  The following will output the processes of a container
+in json format:
+
+    # runc ps -f json <container-id>

vendor/github.com/opencontainers/runc/man/runc-restore.8.md

@@ -0,0 +1,26 @@
+# NAME
+   runc restore - restore a container from a previous checkpoint
+
+# SYNOPSIS
+   runc restore [command options] <container-id>
+
+Where "<container-id>" is the name for the instance of the container to be
+restored.
+
+# DESCRIPTION
+   Restores the saved state of the container instance that was previously saved
+using the runc checkpoint command.
+
+# OPTIONS
+   --image-path value           path to criu image files for restoring
+   --work-path value            path for saving work files and logs
+   --tcp-established            allow open tcp connections
+   --ext-unix-sk                allow external unix sockets
+   --shell-job                  allow shell jobs
+   --file-locks                 handle file locks, for safety
+   --manage-cgroups-mode value  cgroups mode: 'soft' (default), 'full' and 'strict'
+   --bundle value, -b value     path to the root of the bundle directory
+   --detach, -d                 detach from the container's process
+   --pid-file value             specify the file to write the process id to
+   --no-subreaper               disable the use of the subreaper used to reap reparented processes
+   --no-pivot                   do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk

vendor/github.com/opencontainers/runc/man/runc-resume.8.md

@@ -0,0 +1,12 @@
+# NAME
+   runc resume - resumes all processes that have been previously paused
+
+# SYNOPSIS
+   runc resume <container-id>
+
+Where "<container-id>" is the name for the instance of the container to be
+resumed.
+
+# DESCRIPTION
+   The resume command resumes all processes in the instance of the container.
+Use runc list to identiy instances of containers and their current status.

vendor/github.com/opencontainers/runc/man/runc-run.8.md

@@ -0,0 +1,29 @@
+# NAME
+   runc run - create and run a container
+
+# SYNOPSIS
+   runc run [command options] <container-id>
+
+Where "<container-id>" is your name for the instance of the container that you
+are starting. The name you provide for the container instance must be unique on
+your host.
+
+# DESCRIPTION
+   The run command creates an instance of a container for a bundle. The bundle
+is a directory with a specification file named "config.json" and a root
+filesystem.
+
+The specification file includes an args parameter. The args parameter is used
+to specify command(s) that get run when the container is started. To change the
+command(s) that get executed on start, edit the args parameter of the spec. See
+"runc spec --help" for more explanation.
+
+# OPTIONS
+   --bundle value, -b value  path to the root of the bundle directory, defaults to the current directory
+   --console-socket value    path to an AF_UNIX socket which will receive a file descriptor referencing the master end of the console's pseudoterminal
+   --detach, -d              detach from the container's process
+   --pid-file value          specify the file to write the process id to
+   --no-subreaper            disable the use of the subreaper used to reap reparented processes
+   --no-pivot                do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk
+   --no-new-keyring          do not create a new session keyring for the container.  This will cause the container to inherit the calling processes session key
+   --preserve-fds value      Pass N additional file descriptors to the container (stdio + $LISTEN_FDS + N in total) (default: 0)

vendor/github.com/opencontainers/runc/man/runc-spec.8.md

@@ -0,0 +1,52 @@
+# NAME
+   runc spec - create a new specification file
+
+# SYNOPSIS
+   runc spec [command options] [arguments...]
+
+# DESCRIPTION
+   The spec command creates the new specification file named "config.json" for
+the bundle.
+
+The spec generated is just a starter file. Editing of the spec is required to
+achieve desired results. For example, the newly generated spec includes an args
+parameter that is initially set to call the "sh" command when the container is
+started. Calling "sh" may work for an ubuntu container or busybox, but will not
+work for containers that do not include the "sh" program.
+
+# EXAMPLE
+  To run docker's hello-world container one needs to set the args parameter
+in the spec to call hello. This can be done using the sed command or a text
+editor. The following commands create a bundle for hello-world, change the
+default args parameter in the spec from "sh" to "/hello", then run the hello
+command in a new hello-world container named container1:
+
+    mkdir hello
+    cd hello
+    docker pull hello-world
+    docker export $(docker create hello-world) > hello-world.tar
+    mkdir rootfs
+    tar -C rootfs -xf hello-world.tar
+    runc spec
+    sed -i 's;"sh";"/hello";' config.json
+    runc start container1
+
+In the start command above, "container1" is the name for the instance of the
+container that you are starting. The name you provide for the container instance
+must be unique on your host.
+
+An alternative for generating a customized spec config is to use "oci-runtime-tool", the
+sub-command "oci-runtime-tool generate" has lots of options that can be used to do any
+customizations as you want, see [runtime-tools](https://github.com/opencontainers/runtime-tools)
+to get more information.
+
+When starting a container through runc, runc needs root privilege. If not
+already running as root, you can use sudo to give runc root privilege. For
+example: "sudo runc start container1" will give runc root privilege to start the
+container on your host.
+
+Alternatively, you can start a rootless container, which has the ability to run without root privileges. For this to work, the specification file needs to be adjusted accordingly. You can pass the parameter --rootless to this command to generate a proper rootless spec file.
+
+# OPTIONS
+   --bundle value, -b value     path to the root of the bundle directory
+   --rootless                   generate a configuration for a rootless container

vendor/github.com/opencontainers/runc/man/runc-start.8.md

@@ -0,0 +1,12 @@
+# NAME
+   runc start - start executes the user defined process in a created container
+
+# SYNOPSIS
+   runc start <container-id>
+
+Where "<container-id>" is your name for the instance of the container that you
+are starting. The name you provide for the container instance must be unique on
+your host.
+
+# DESCRIPTION
+   The start command executes the user defined process in a created container.

vendor/github.com/opencontainers/runc/man/runc-state.8.md

@@ -0,0 +1,11 @@
+# NAME
+   runc state - output the state of a container
+
+# SYNOPSIS
+   runc state <container-id>
+
+Where "<container-id>" is your name for the instance of the container.
+
+# DESCRIPTION
+   The state command outputs current state information for the
+instance of a container.

vendor/github.com/opencontainers/runc/man/runc-update.8.md

@@ -0,0 +1,51 @@
+# NAME
+   runc update - update container resource constraints
+
+# SYNOPSIS
+   runc update [command options] <container-id>
+
+# DESCRIPTION
+   The data can be read from a file or the standard input, the
+accepted format is as follow (unchanged values can be omitted):
+
+   {
+     "memory": {
+       "limit": 0,
+       "reservation": 0,
+       "swap": 0,
+       "kernel": 0,
+       "kernelTCP": 0
+     },
+     "cpu": {
+       "shares": 0,
+       "quota": 0,
+       "period": 0,
+       "realtimeRuntime": 0,
+       "realtimePeriod": 0,
+       "cpus": "",
+       "mems": ""
+     },
+     "blockIO": {
+       "blkioWeight": 0
+     }
+   }
+
+Note: if data is to be read from a file or the standard input, all
+other options are ignored.
+
+# OPTIONS
+   --resources value, -r value  path to the file containing the resources to update or '-' to read from the standard input
+   --blkio-weight value         Specifies per cgroup weight, range is from 10 to 1000 (default: 0)
+   --cpu-period value           CPU CFS period to be used for hardcapping (in usecs). 0 to use system default
+   --cpu-quota value            CPU CFS hardcap limit (in usecs). Allowed cpu time in a given period
+   --cpu-rt-period value        CPU realtime period to be used for hardcapping (in usecs). 0 to use system default
+   --cpu-rt-runtime value       CPU realtime hardcap limit (in usecs). Allowed cpu time in a given period
+   --cpu-share value            CPU shares (relative weight vs. other containers)
+   --cpuset-cpus value          CPU(s) to use
+   --cpuset-mems value          Memory node(s) to use
+   --kernel-memory value        Kernel memory limit (in bytes)
+   --kernel-memory-tcp value    Kernel memory limit (in bytes) for tcp buffer
+   --memory value               Memory limit (in bytes)
+   --memory-reservation value   Memory reservation or soft_limit (in bytes)
+   --memory-swap value          Total memory usage (memory + swap); set '-1' to enable unlimited swap
+   --pids-limit value           Maximum number of pids allowed in the container (default: 0)

vendor/github.com/opencontainers/runc/man/runc.8.md

@@ -0,0 +1,57 @@
+# NAME
+   runc - Open Container Initiative runtime
+
+# SYNOPSIS
+   runc [global options] command [command options] [arguments...]
+   
+# DESCRIPTION
+runc is a command line client for running applications packaged according to
+the Open Container Initiative (OCI) format and is a compliant implementation of the
+Open Container Initiative specification.
+
+runc integrates well with existing process supervisors to provide a production
+container runtime environment for applications. It can be used with your
+existing process monitoring tools and the container will be spawned as a
+direct child of the process supervisor.
+
+Containers are configured using bundles. A bundle for a container is a directory
+that includes a specification file named "config.json" and a root filesystem.
+The root filesystem contains the contents of the container. 
+
+To start a new instance of a container:
+
+    # runc start [ -b bundle ] <container-id>
+
+Where "<container-id>" is your name for the instance of the container that you
+are starting. The name you provide for the container instance must be unique on
+your host. Providing the bundle directory using "-b" is optional. The default
+value for "bundle" is the current directory.
+
+# COMMANDS
+   checkpoint   checkpoint a running container
+   delete       delete any resources held by the container often used with detached containers
+   events       display container events such as OOM notifications, cpu, memory, IO and network stats
+   exec         execute new process inside the container
+   init         initialize the namespaces and launch the process (do not call it outside of runc)
+   kill         kill sends the specified signal (default: SIGTERM) to the container's init process
+   list         lists containers started by runc with the given root
+   pause        pause suspends all processes inside the container
+   ps           displays the processes running inside a container
+   restore      restore a container from a previous checkpoint
+   resume       resumes all processes that have been previously paused
+   run          create and run a container
+   spec         create a new specification file
+   start        executes the user defined process in a created container
+   state        output the state of a container
+   update       update container resource constraints
+   help, h      Shows a list of commands or help for one command
+   
+# GLOBAL OPTIONS
+   --debug              enable debug output for logging
+   --log value          set the log file path where internal debug information is written (default: "/dev/null")
+   --log-format value   set the format used by logs ('text' (default), or 'json') (default: "text")
+   --root value         root directory for storage of container state (this should be located in tmpfs) (default: "/run/runc" or $XDG_RUNTIME_DIR/runc for rootless containers)
+   --criu value         path to the criu binary used for checkpoint and restore (default: "criu")
+   --systemd-cgroup     enable systemd cgroup support, expects cgroupsPath to be of form "slice:prefix:name" for e.g. "system.slice:runc:434234"
+   --help, -h           show help
+   --version, -v        print the version