Skip to content

Commit 99d1df7

Browse files
vbattsvbatts
committed
source and schema: differentiate with examples
The standard is on the JSON schema (not yet IETF spec JSON-schema), such that it is not implemenations specific. Thus far, the reference has been in how golang source renders the JSON documents. Having the JSON source and the markdown documents in sync has been an ongoing step to keep in sync. Separating these two allows the golang source to continue being _a_ reference, but the JSON schema in the documentation to be _the_ reference. As validation tooling is refined, then it will facilitate ensuring the available golang source conforms to the reference JSON. Signed-off-by: Vincent Batts <[email protected]>
1 parent 9ffb3ef commit 99d1df7

File tree

8 files changed

+316
-0
lines changed

8 files changed

+316
-0
lines changed

config.md

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -127,4 +127,77 @@ For Linux-based systems the user structure has the following fields:
127127
Interpretation of the platform section of the JSON file is used to find which platform-specific sections may be available in the document.
128128
For example, if `os` is set to `linux`, then a JSON object conforming to the [Linux-specific schema](config-linux.md) SHOULD be found at the key `linux` in the `config.json`.
129129

130+
## Configuration Schema Example
131+
132+
Here is a full example `config.json` for reference.
133+
134+
```json
135+
{
136+
"version": "0.2.0",
137+
"platform": {
138+
"os": "linux",
139+
"arch": "amd64"
140+
},
141+
"process": {
142+
"terminal": true,
143+
"user": {
144+
"uid": 1,
145+
"gid": 1,
146+
"additionalGids": [5, 6]
147+
},
148+
"args": [
149+
"sh"
150+
],
151+
"env": [
152+
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
153+
"TERM=xterm"
154+
],
155+
"cwd": "/"
156+
},
157+
"root": {
158+
"path": "rootfs",
159+
"readonly": true
160+
},
161+
"hostname": "mrsdalloway",
162+
"mounts": [
163+
{
164+
"name": "proc",
165+
"path": "/proc"
166+
},
167+
{
168+
"name": "dev",
169+
"path": "/dev"
170+
},
171+
{
172+
"name": "devpts",
173+
"path": "/dev/pts"
174+
},
175+
{
176+
"name": "shm",
177+
"path": "/dev/shm"
178+
},
179+
{
180+
"name": "mqueue",
181+
"path": "/dev/mqueue"
182+
},
183+
{
184+
"name": "sysfs",
185+
"path": "/sys"
186+
},
187+
{
188+
"name": "cgroup",
189+
"path": "/sys/fs/cgroup"
190+
}
191+
],
192+
"linux": {
193+
"capabilities": [
194+
"CAP_AUDIT_WRITE",
195+
"CAP_KILL",
196+
"CAP_NET_BIND_SERVICE"
197+
]
198+
}
199+
}
200+
```
201+
202+
130203
[uts-namespace]: http://man7.org/linux/man-pages/man7/namespaces.7.html

runtime-config.md

Lines changed: 243 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -120,3 +120,246 @@ Only [mounts from the portable config](config.md#mount-points) will be mounted.
120120
```
121121

122122
See links for details about [mountvol](http://ss64.com/nt/mountvol.html) and [SetVolumeMountPoint](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365561(v=vs.85).aspx) in Windows.
123+
124+
## Configuration Schema Example
125+
126+
Here is a full example `runtime.json` for reference.
127+
128+
```json
129+
{
130+
"mounts": {
131+
"cgroup": {
132+
"type": "cgroup",
133+
"source": "cgroup",
134+
"options": [
135+
"nosuid",
136+
"noexec",
137+
"nodev",
138+
"relatime",
139+
"ro"
140+
]
141+
},
142+
"dev": {
143+
"type": "tmpfs",
144+
"source": "tmpfs",
145+
"options": [
146+
"nosuid",
147+
"strictatime",
148+
"mode=755",
149+
"size=65536k"
150+
]
151+
},
152+
"devpts": {
153+
"type": "devpts",
154+
"source": "devpts",
155+
"options": [
156+
"nosuid",
157+
"noexec",
158+
"newinstance",
159+
"ptmxmode=0666",
160+
"mode=0620",
161+
"gid=5"
162+
]
163+
},
164+
"mqueue": {
165+
"type": "mqueue",
166+
"source": "mqueue",
167+
"options": [
168+
"nosuid",
169+
"noexec",
170+
"nodev"
171+
]
172+
},
173+
"proc": {
174+
"type": "proc",
175+
"source": "proc",
176+
"options": null
177+
},
178+
"shm": {
179+
"type": "tmpfs",
180+
"source": "shm",
181+
"options": [
182+
"nosuid",
183+
"noexec",
184+
"nodev",
185+
"mode=1777",
186+
"size=65536k"
187+
]
188+
},
189+
"sysfs": {
190+
"type": "sysfs",
191+
"source": "sysfs",
192+
"options": [
193+
"nosuid",
194+
"noexec",
195+
"nodev"
196+
]
197+
}
198+
},
199+
"hooks": {
200+
"prestart": [
201+
{
202+
"path": "/usr/bin/fix-mounts",
203+
"args": ["fix-mounts", "arg1", "arg2"],
204+
"env": [ "key1=value1"]
205+
},
206+
{
207+
"path": "/usr/bin/setup-network"
208+
}
209+
],
210+
"poststart": [
211+
{
212+
"path": "/usr/bin/notify-start"
213+
}
214+
],
215+
"poststop": [
216+
{
217+
"path": "/usr/sbin/cleanup.sh",
218+
"args": ["cleanup.sh", "-f"]
219+
}
220+
]
221+
},
222+
"linux": {
223+
"uidMappings": null,
224+
"gidMappings": null,
225+
"rlimits": [
226+
{
227+
"type": "RLIMIT_NOFILE",
228+
"hard": 1024,
229+
"soft": 1024
230+
}
231+
],
232+
"sysctl": null,
233+
"resources": {
234+
"disableOOMKiller": false,
235+
"memory": {
236+
"limit": 0,
237+
"reservation": 0,
238+
"swap": 0,
239+
"kernel": 0,
240+
"swappiness": -1
241+
},
242+
"cpu": {
243+
"shares": 0,
244+
"quota": 0,
245+
"period": 0,
246+
"realtimeRuntime": 0,
247+
"realtimePeriod": 0,
248+
"cpus": "",
249+
"mems": ""
250+
},
251+
"pids": {
252+
"limit": 0
253+
},
254+
"blockIO": {
255+
"blkioWeight": 0,
256+
"blkioLeafWeight": 0,
257+
"blkioWeightDevice": null,
258+
"blkioThrottleReadBpsDevice": null,
259+
"blkioThrottleWriteBpsDevice": null,
260+
"blkioThrottleReadIOPSDevice": null,
261+
"blkioThrottleWriteIOPSDevice": null
262+
},
263+
"hugepageLimits": null,
264+
"network": {
265+
"classId": "",
266+
"priorities": null
267+
}
268+
},
269+
"cgroupsPath": "",
270+
"namespaces": [
271+
{
272+
"type": "pid",
273+
"path": ""
274+
},
275+
{
276+
"type": "network",
277+
"path": ""
278+
},
279+
{
280+
"type": "ipc",
281+
"path": ""
282+
},
283+
{
284+
"type": "uts",
285+
"path": ""
286+
},
287+
{
288+
"type": "mount",
289+
"path": ""
290+
}
291+
],
292+
"devices": [
293+
{
294+
"path": "/dev/null",
295+
"type": 99,
296+
"major": 1,
297+
"minor": 3,
298+
"permissions": "rwm",
299+
"fileMode": 438,
300+
"uid": 0,
301+
"gid": 0
302+
},
303+
{
304+
"path": "/dev/random",
305+
"type": 99,
306+
"major": 1,
307+
"minor": 8,
308+
"permissions": "rwm",
309+
"fileMode": 438,
310+
"uid": 0,
311+
"gid": 0
312+
},
313+
{
314+
"path": "/dev/full",
315+
"type": 99,
316+
"major": 1,
317+
"minor": 7,
318+
"permissions": "rwm",
319+
"fileMode": 438,
320+
"uid": 0,
321+
"gid": 0
322+
},
323+
{
324+
"path": "/dev/tty",
325+
"type": 99,
326+
"major": 5,
327+
"minor": 0,
328+
"permissions": "rwm",
329+
"fileMode": 438,
330+
"uid": 0,
331+
"gid": 0
332+
},
333+
{
334+
"path": "/dev/zero",
335+
"type": 99,
336+
"major": 1,
337+
"minor": 5,
338+
"permissions": "rwm",
339+
"fileMode": 438,
340+
"uid": 0,
341+
"gid": 0
342+
},
343+
{
344+
"path": "/dev/urandom",
345+
"type": 99,
346+
"major": 1,
347+
"minor": 9,
348+
"permissions": "rwm",
349+
"fileMode": 438,
350+
"uid": 0,
351+
"gid": 0
352+
}
353+
],
354+
"apparmorProfile": "",
355+
"selinuxProcessLabel": "",
356+
"seccomp": {
357+
"defaultAction": "SCMP_ACT_ALLOW",
358+
"architectures": null,
359+
"syscalls": []
360+
},
361+
"rootfsPropagation": ""
362+
}
363+
}
364+
```
365+

config.go renamed to src/specs/config.go

File renamed without changes.

config_linux.go renamed to src/specs/config_linux.go

File renamed without changes.

runtime_config.go renamed to src/specs/runtime_config.go

File renamed without changes.

runtime_config_linux.go renamed to src/specs/runtime_config_linux.go

File renamed without changes.

state.go renamed to src/specs/state.go

File renamed without changes.

version.go renamed to src/specs/version.go

File renamed without changes.

0 commit comments

Comments
 (0)