Module oci_spec::runtime [−][src]
Expand description
OCI runtime spec types and definitions.
Structs
Box specifies dimensions of a rectangle. Used for specifying the size of a console.
Hook specifies a command that is run at a particular event in the lifecycle of a container.
Hooks specifies a command that is run in the container at a particular event in the lifecycle (setup and teardown) of a container.
Linux contains platform-specific configuration for Linux based containers.
LinuxBlockIO for Linux cgroup ‘blkio’ resource management.
LinuxCapabilities specifies the list of allowed capabilities that are kept for a process. http://man7.org/linux/man-pages/man7/capabilities.7.html
LinuxCPU for Linux cgroup ‘cpu’ resource management.
LinuxDevice represents the mknod information for a Linux special device file.
Represents a device rule for the devices specified to the device controller
LinuxHugepageLimit structure corresponds to limiting kernel hugepages.
LinuxIDMapping specifies UID/GID mappings.
LinuxIntelRdt has container runtime resource constraints for Intel RDT CAT and MBA features which introduced in Linux 4.10 and 4.12 kernel.
LinuxInterfacePriority for network interfaces.
LinuxMemory for Linux cgroup ‘memory’ resource management.
LinuxNamespace is the configuration for a Linux namespace.
LinuxNetwork identification and priority configuration.
LinuxPersonality represents the Linux personality syscall input.
LinuxPids for Linux cgroup ‘pids’ resource management (Linux 4.3).
LinuxRdma for Linux cgroup ‘rdma’ resource management (Linux 4.11).
Resource constraints for container
RLimit types and restrictions.
LinuxSeccomp represents syscall restrictions.
LinuxSeccompArg used for matching specific syscall arguments in seccomp.
LinuxSyscall is used to match a syscall in seccomp.
LinuxThrottleDevice struct holds a major:minor rate_per_second pair.
LinuxWeightDevice struct holds a major:minor weight pair for
weightDevice.
Mount specifies a mount for a container.
Process contains information to start a specific application inside the container.
Root contains information about the container’s root filesystem on the host.
Solaris contains platform-specific configuration for Solaris application containers.
SolarisAnet provides the specification for automatic creation of network resources for this container.
SolarisCappedCPU allows users to set limit on the amount of CPU time that can be used by container.
SolarisCappedMemory allows users to set the physical and swap caps on the memory that can be used by this container.
Base configuration for the container.
User id (uid) and group id (gid) tracks file permssions.
VM contains information for virtual-machine-based containers.
VMHypervisor contains information about the hypervisor to use for a virtual machine.
VMImage contains information about the virtual machine root image.
VMKernel contains information about the kernel to use for a virtual machine.
Windows defines the runtime configuration for Windows based containers, including Hyper-V containers.
WindowsCPUResources contains CPU resource management settings.
WindowsDevice represents information about a host device to be mapped into the container.
WindowsHyperV contains information for configuring a container to run with Hyper-V isolation.
WindowsMemoryResources contains memory resource management settings.
WindowsNetwork contains network settings for Windows containers.
Available windows resources.
WindowsStorageResources contains storage resource management settings.
Enums
Available seccomp architectures.
All available capabilities.
Device types
Available Linux namespaces.
Define domain and flags for LinuxPersonality.
Available rlimit types (see https://man7.org/linux/man-pages/man2/getrlimit.2.html)
Available seccomp actions.
The seccomp operator to be used for args.
Functions
Default masks paths, cannot read these host files.
utility function to generate default config for mounts.
Utility function to get default namespaces.
Default readonly paths, for example most containers shouldn’t have permission to write to
/proc/sys.