vbatts
/
containerd
1
0
Fork 0
Code Pull Requests Releases Activity

Update bundle.md 

As we only have config.json in specs now.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
This commit is contained in:
Qiang Huang 2016-03-22 15:07:27 +08:00
parent f6313ebfaf
commit 8dc52a6461
2 changed files with 145 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/attach.md
View File

@ -18,15 +18,15 @@ message CreateContainerRequest {
string stdin = 3; // path to the file where stdin will be read (optional) string stdin = 3; // path to the file where stdin will be read (optional)
string stdout = 4; // path to file where stdout will be written (optional) string stdout = 4; // path to file where stdout will be written (optional)
string stderr = 5; // path to file where stderr will be written (optional) string stderr = 5; // path to file where stderr will be written (optional)
string console = 6; // path to the console for a container (optional) string console = 6; // path to the console for a container (optional)
string checkpoint = 7; // checkpoint name if you want to create immediate checkpoint (optional) string checkpoint = 7; // checkpoint name if you want to create immediate checkpoint (optional)
} }
``` ```
## Attach ## Attach
In order to have attach like functionality for your containers you use the same API request but named pipes or `fifo`s can be be used to achieve this type of functionality. In order to have attach like functionality for your containers you use the same API request but named pipes or `fifo`s can be used to achieve this type of functionality.
The default CLI for containerd does this if you specify the `--attach` flag on `create`. The default CLI for containerd does this if you specify the `--attach` flag on `create` or `start`.
It will create fifos for each of the containers stdio which the CLI can read and write to. It will create fifos for each of the containers stdio which the CLI can read and write to.
This can be used to create an interactive session with the container, `bash` for example, or to have a blocking way to collect the container's STDIO and forward it to your logging facilities. This can be used to create an interactive session with the container, `bash` for example, or to have a blocking way to collect the container's STDIO and forward it to your logging facilities.

367
docs/bundle.md
View File

@ -49,242 +49,159 @@ cli tool from the [runc](https://github.com/opencontainers/runc) repository.
You need to `cd` into the `redis` directory and run the `runc spec` command. After doing this you You need to `cd` into the `redis` directory and run the `runc spec` command. After doing this you
should have two files created, `configs.json` and `runtime.json`. The directory structure should should have a file `config.json` created. The directory structure should look like this:
look like this:
``` ```
/containers/redis /containers/redis
├── config.json ├── config.json
├── rootfs/ └── rootfs/
└── runtime.json
``` ```
## Edits ## Edits
We need to edit the config to add `redis-server` as the application to launch inside the container along with We need to edit the config to add `redis-server` as the application to launch inside the container,
a few other settings. The resulting `config.json` should look like this: and remove the network namespace so that you can connect to the redis server on your system.
The resulting `config.json` should look like this:
```json ```json
{ {
"version": "0.2.0", "ociVersion": "0.4.0",
"platform": { "platform": {
"os": "linux", "os": "linux",
"arch": "amd64" "arch": "amd64"
}, },
"process": { "process": {
"terminal": false, "terminal": true,
"user": { "user": {},
"uid": 1000, "args": [
"gid": 1000 "redis-server", "--bind", "0.0.0.0"
}, ],
"args": [ "env": [
"redis-server", "--bind", "0.0.0.0" "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
], "TERM=xterm"
"env": [ ],
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "cwd": "/",
"TERM=xterm" "capabilities": [
], "CAP_AUDIT_WRITE",
"cwd": "" "CAP_KILL",
}, "CAP_NET_BIND_SERVICE"
"root": { ],
"path": "rootfs", "rlimits": [
"readonly": false {
}, "type": "RLIMIT_NOFILE",
"hostname": "shell", "hard": 1024,
"mounts": [ "soft": 1024
{"name": "proc", "path": "/proc"}, }
{"name": "dev", "path": "/dev"}, ],
{"name": "devpts", "path": "/dev/pts"}, "noNewPrivileges": true
{"name": "shm", "path": "/dev/shm"}, },
{"name": "mqueue", "path": "/dev/mqueue"}, "root": {
{"name": "sysfs", "path": "/sys"} "path": "rootfs",
], "readonly": true
"linux": { },
"capabilities": [ "hostname": "runc",
"CAP_AUDIT_WRITE", "mounts": [
"CAP_KILL", {
"CAP_NET_BIND_SERVICE" "destination": "/proc",
] "type": "proc",
} "source": "proc"
} },
``` {
"destination": "/dev",
You will also want to edit the `runtime.json` file to remove the network namespace so that "type": "tmpfs",
you can connect to the redis server on your system. The final result for the `runtime.json` "source": "tmpfs",
file should look like this: "options": [
"nosuid",
```json "strictatime",
{ "mode=755",
"mounts": { "size=65536k"
"dev": { ]
"type": "tmpfs", },
"source": "tmpfs", {
"options": [ "destination": "/dev/pts",
"nosuid", "type": "devpts",
"strictatime", "source": "devpts",
"mode=755", "options": [
"size=65536k" "nosuid",
] "noexec",
}, "newinstance",
"devpts": { "ptmxmode=0666",
"type": "devpts", "mode=0620",
"source": "devpts", "gid=5"
"options": [ ]
"nosuid", },
"noexec", {
"newinstance", "destination": "/dev/shm",
"ptmxmode=0666", "type": "tmpfs",
"mode=0620", "source": "shm",
"gid=5" "options": [
] "nosuid",
}, "noexec",
"mqueue": { "nodev",
"type": "mqueue", "mode=1777",
"source": "mqueue", "size=65536k"
"options": [ ]
"nosuid", },
"noexec", {
"nodev" "destination": "/dev/mqueue",
] "type": "mqueue",
}, "source": "mqueue",
"proc": { "options": [
"type": "proc", "nosuid",
"source": "proc", "noexec",
"options": null "nodev"
}, ]
"shm": { },
"type": "tmpfs", {
"source": "shm", "destination": "/sys",
"options": [ "type": "sysfs",
"nosuid", "source": "sysfs",
"noexec", "options": [
"nodev", "nosuid",
"mode=1777", "noexec",
"size=65536k" "nodev",
] "ro"
}, ]
"sysfs": { },
"type": "sysfs", {
"source": "sysfs", "destination": "/sys/fs/cgroup",
"options": [ "type": "cgroup",
"nosuid", "source": "cgroup",
"noexec", "options": [
"nodev" "nosuid",
] "noexec",
} "nodev",
}, "relatime",
"linux": { "ro"
"rlimits": [ ]
{ }
"type": "RLIMIT_NOFILE", ],
"hard": 1024, "hooks": {},
"soft": 1024 "linux": {
} "resources": {
], "devices": [
"resources": { {
"disableOOMKiller": false, "allow": false,
"memory": { "access": "rwm"
"limit": 0, }
"reservation": 0, ]
"swap": 0, },
"kernel": 0 "namespaces": [
}, {
"cpu": { "type": "pid"
"shares": 0, },
"quota": 0, {
"period": 0, "type": "ipc"
"realtimeRuntime": 0, },
"realtimePeriod": 0, {
"cpus": "", "type": "uts"
"mems": "" },
}, {
"pids": { "type": "mount"
"limit": 0 }
}, ],
"blockIO": { "devices": null
"blkioWeight": 0, }
"blkioLeafWeight": 0,
"blkioWeightDevice": null,
"blkioThrottleReadBpsDevice": null,
"blkioThrottleWriteBpsDevice": null,
"blkioThrottleReadIOPSDevice": null,
"blkioThrottleWriteIOPSDevice": null
},
"hugepageLimits": null,
"network": {
"classId": "",
"priorities": null
}
},
"namespaces": [
{"type": "pid", "path": ""},
{"type": "ipc", "path": ""},
{"type": "uts", "path": ""},
{"type": "mount", "path": ""}
],
"devices": [
{
"path": "/dev/null",
"type": 99,
"major": 1,
"minor": 3,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/random",
"type": 99,
"major": 1,
"minor": 8,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/full",
"type": 99,
"major": 1,
"minor": 7,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/tty",
"type": 99,
"major": 5,
"minor": 0,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/zero",
"type": 99,
"major": 1,
"minor": 5,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
},
{
"path": "/dev/urandom",
"type": 99,
"major": 1,
"minor": 9,
"permissions": "rwm",
"fileMode": 438,
"uid": 0,
"gid": 0
}
]
}
} }
``` ```