diff --git a/hack/vendor.sh b/hack/vendor.sh index 99e5a9ba7b..153915e550 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -107,7 +107,7 @@ clone git github.com/docker/go v1.5.1-1-1-gbaf439e clone git github.com/agl/ed25519 d2b94fd789ea21d12fac1a4443dd3a3f79cda72c clone git github.com/opencontainers/runc cc29e3dded8e27ba8f65738f40d251c885030a28 # libcontainer -clone git github.com/opencontainers/runtime-spec v1.0.0-rc1 # specs +clone git github.com/opencontainers/runtime-spec 1c7c27d043c2a5e513a44084d2b10d77d1402b8c # specs clone git github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0 # libcontainer deps (see src/github.com/opencontainers/runc/Godeps/Godeps.json) clone git github.com/coreos/go-systemd v4 diff --git a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/config.go index ec99035bbc..491b734c93 100644 --- a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/config.go +++ b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/config.go @@ -4,33 +4,37 @@ import "os" // Spec is the base configuration for the container. type Spec struct { - // Version is the version of the specification that is supported. + // Version of the Open Container Runtime Specification with which the bundle complies. Version string `json:"ociVersion"` - // Platform is the host information for OS and Arch. + // Platform specifies the configuration's target platform. Platform Platform `json:"platform"` - // Process is the container's main process. + // Process configures the container process. Process Process `json:"process"` - // Root is the root information for the container's filesystem. + // Root configures the container's root filesystem. Root Root `json:"root"` - // Hostname is the container's host name. + // Hostname configures the container's hostname. Hostname string `json:"hostname,omitempty"` - // Mounts profile configuration for adding mounts to the container's filesystem. + // Mounts configures additional mounts (on top of Root). Mounts []Mount `json:"mounts,omitempty"` - // Hooks are the commands run at various lifecycle events of the container. + // Hooks configures callbacks for container lifecycle events. Hooks Hooks `json:"hooks"` - // Annotations is an unstructured key value map that may be set by external tools to store and retrieve arbitrary metadata. + // Annotations contains arbitrary metadata for the container. Annotations map[string]string `json:"annotations,omitempty"` // Linux is platform specific configuration for Linux based containers. - Linux Linux `json:"linux" platform:"linux,omitempty"` + Linux *Linux `json:"linux,omitempty" platform:"linux"` // Solaris is platform specific configuration for Solaris containers. - Solaris Solaris `json:"solaris" platform:"solaris,omitempty"` + Solaris *Solaris `json:"solaris,omitempty" platform:"solaris"` + // Windows is platform specific configuration for Windows based containers, including Hyper-V containers. + Windows *Windows `json:"windows,omitempty" platform:"windows"` } // Process contains information to start a specific application inside the container. type Process struct { // Terminal creates an interactive terminal for the container. Terminal bool `json:"terminal,omitempty"` + // ConsoleSize specifies the size of the console. + ConsoleSize Box `json:"consoleSize,omitempty"` // User specifies user information for the process. User User `json:"user"` // Args specifies the binary and arguments for the application to execute. @@ -43,25 +47,33 @@ type Process struct { // Capabilities are Linux capabilities that are kept for the container. Capabilities []string `json:"capabilities,omitempty" platform:"linux"` // Rlimits specifies rlimit options to apply to the process. - Rlimits []Rlimit `json:"rlimits,omitempty"` + Rlimits []Rlimit `json:"rlimits,omitempty" platform:"linux"` // NoNewPrivileges controls whether additional privileges could be gained by processes in the container. - NoNewPrivileges bool `json:"noNewPrivileges,omitempty"` - - // ApparmorProfile specified the apparmor profile for the container. (this field is platform dependent) + NoNewPrivileges bool `json:"noNewPrivileges,omitempty" platform:"linux"` + // ApparmorProfile specifies the apparmor profile for the container. ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"` - // SelinuxLabel specifies the selinux context that the container process is run as. (this field is platform dependent) + // SelinuxLabel specifies the selinux context that the container process is run as. SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"` } -// User specifies Linux specific user and group information for the container's -// main process. +// Box specifies dimensions of a rectangle. Used for specifying the size of a console. +type Box struct { + // Height is the vertical dimension of a box. + Height uint `json:"height"` + // Width is the horizontal dimension of a box. + Width uint `json:"width"` +} + +// User specifies specific user (and group) information for the container process. type User struct { - // UID is the user id. (this field is platform dependent) - UID uint32 `json:"uid" platform:"linux"` - // GID is the group id. (this field is platform dependent) - GID uint32 `json:"gid" platform:"linux"` - // AdditionalGids are additional group ids set for the container's process. (this field is platform dependent) - AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux"` + // UID is the user id. + UID uint32 `json:"uid" platform:"linux,solaris"` + // GID is the group id. + GID uint32 `json:"gid" platform:"linux,solaris"` + // AdditionalGids are additional group ids set for the container's process. + AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"` + // Username is the user name. + Username string `json:"username,omitempty" platform:"windows"` } // Root contains information about the container's root filesystem on the host. @@ -262,7 +274,7 @@ type Memory struct { // Kernel memory limit (in bytes). Kernel *uint64 `json:"kernel,omitempty"` // Kernel memory limit for tcp (in bytes) - KernelTCP *uint64 `json:"kernelTCP"` + KernelTCP *uint64 `json:"kernelTCP,omitempty"` // How aggressive the kernel will swap memory pages. Range from 0 to 100. Swappiness *uint64 `json:"swappiness,omitempty"` } @@ -294,15 +306,15 @@ type Pids struct { // Network identification and priority configuration type Network struct { // Set class identifier for container's network packets - ClassID *uint32 `json:"classID"` + ClassID *uint32 `json:"classID,omitempty"` // Set priority of network traffic for container Priorities []InterfacePriority `json:"priorities,omitempty"` } // Resources has container runtime resource constraints type Resources struct { - // Devices are a list of device rules for the whitelist controller - Devices []DeviceCgroup `json:"devices"` + // Devices configures the device whitelist. + Devices []DeviceCgroup `json:"devices,omitempty"` // DisableOOMKiller disables the OOM killer for out of memory conditions DisableOOMKiller *bool `json:"disableOOMKiller,omitempty"` // Specify an oom_score_adj for the container. @@ -371,9 +383,9 @@ type Solaris struct { // Specification for automatic creation of network resources for this container. Anet []Anet `json:"anet,omitempty"` // Set limit on the amount of CPU time that can be used by container. - CappedCPU CappedCPU `json:"cappedCPU,omitempty"` + CappedCPU *CappedCPU `json:"cappedCPU,omitempty"` // The physical and swap caps on the memory that can be used by this container. - CappedMemory CappedMemory `json:"cappedMemory,omitempty"` + CappedMemory *CappedMemory `json:"cappedMemory,omitempty"` } // CappedCPU allows users to set limit on the amount of CPU time that can be used by container. @@ -405,6 +417,58 @@ type Anet struct { Macaddress string `json:"macAddress,omitempty"` } +// Windows defines the runtime configuration for Windows based containers, including Hyper-V containers. +type Windows struct { + // Resources contains information for handling resource constraints for the container. + Resources *WindowsResources `json:"resources,omitempty"` +} + +// WindowsResources has container runtime resource constraints for containers running on Windows. +type WindowsResources struct { + // Memory restriction configuration. + Memory *WindowsMemoryResources `json:"memory,omitempty"` + // CPU resource restriction configuration. + CPU *WindowsCPUResources `json:"cpu,omitempty"` + // Storage restriction configuration. + Storage *WindowsStorageResources `json:"storage,omitempty"` + // Network restriction configuration. + Network *WindowsNetworkResources `json:"network,omitempty"` +} + +// WindowsMemoryResources contains memory resource management settings. +type WindowsMemoryResources struct { + // Memory limit in bytes. + Limit *uint64 `json:"limit,omitempty"` + // Memory reservation in bytes. + Reservation *uint64 `json:"reservation,omitempty"` +} + +// WindowsCPUResources contains CPU resource management settings. +type WindowsCPUResources struct { + // Number of CPUs available to the container. + Count *uint64 `json:"count,omitempty"` + // CPU shares (relative weight to other containers with cpu shares). Range is from 1 to 10000. + Shares *uint16 `json:"shares,omitempty"` + // Percent of available CPUs usable by the container. + Percent *uint8 `json:"percent,omitempty"` +} + +// WindowsStorageResources contains storage resource management settings. +type WindowsStorageResources struct { + // Specifies maximum Iops for the system drive. + Iops *uint64 `json:"iops,omitempty"` + // Specifies maximum bytes per second for the system drive. + Bps *uint64 `json:"bps,omitempty"` + // Sandbox size specifies the minimum size of the system drive in bytes. + SandboxSize *uint64 `json:"sandboxSize,omitempty"` +} + +// WindowsNetworkResources contains network resource management settings. +type WindowsNetworkResources struct { + // EgressBandwidth is the maximum egress bandwidth in bytes per second. + EgressBandwidth *uint64 `json:"egressBandwidth,omitempty"` +} + // Arch used for additional architectures type Arch string diff --git a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/state.go b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/state.go index 445f8c5c0c..ad31b893bb 100644 --- a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/state.go +++ b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/state.go @@ -8,7 +8,7 @@ type State struct { ID string `json:"id"` // Status is the runtime state of the container. Status string `json:"status"` - // Pid is the process id for the container's main process. + // Pid is the process ID for the container process. Pid int `json:"pid"` // BundlePath is the path to the container's bundle directory. BundlePath string `json:"bundlePath"` diff --git a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/version.go b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/version.go index 2dbd302e3c..8b5ec89089 100644 --- a/vendor/src/github.com/opencontainers/runtime-spec/specs-go/version.go +++ b/vendor/src/github.com/opencontainers/runtime-spec/specs-go/version.go @@ -11,7 +11,7 @@ const ( VersionPatch = 0 // VersionDev indicates development branch. Releases will be empty string. - VersionDev = "-rc1" + VersionDev = "-rc2-dev" ) // Version is the specification version that the package types support.