Expand description
OCI runtime spec types and definitions.
Structs§
- Apparmor
- Apparmor represents the “apparmor” field.
- Apparmor
Builder - Builder for
Apparmor. - Box
- Box specifies dimensions of a rectangle. Used for specifying the size of a console.
- BoxBuilder
- Builder for
Box. - Cgroup
- Cgroup represents the “cgroup” field.
- Cgroup
Builder - Builder for
Cgroup. - ExecCPU
Affinity - ExecCPUAffinity specifies CPU affinity used to execute the process. This setting is not applicable to the container’s init process.
- ExecCPU
Affinity Builder - Builder for
ExecCPUAffinity. - Features
- Features represents supported features of the runtime.
- Features
Builder - Builder for
Features. - Hook
- Hook specifies a command that is run at a particular event in the lifecycle of a container.
- Hook
Builder - Builder for
Hook. - Hooks
- Hooks specifies a command that is run in the container at a particular event in the lifecycle (setup and teardown) of a container.
- Hooks
Builder - Builder for
Hooks. - IDMap
- IDMap represents the “idmap” field.
- IDMap
Builder - Builder for
IDMap. - Intel
Rdt - IntelRdt represents the “intelRdt” field.
- Intel
RdtBuilder - Builder for
IntelRdt. - Linux
- Linux contains platform-specific configuration for Linux based containers.
- Linux
Block Io - LinuxBlockIO for Linux cgroup ‘blkio’ resource management.
- Linux
Block IoBuilder - Builder for
LinuxBlockIo. - Linux
Builder - Builder for
Linux. - Linux
Capabilities - LinuxCapabilities specifies the list of allowed capabilities that are kept for a process. http://man7.org/linux/man-pages/man7/capabilities.7.html
- Linux
Capabilities Builder - Builder for
LinuxCapabilities. - Linux
Cpu - LinuxCPU for Linux cgroup ‘cpu’ resource management.
- Linux
CpuBuilder - Builder for
LinuxCpu. - Linux
Device - LinuxDevice represents the mknod information for a Linux special device file.
- Linux
Device Builder - Builder for
LinuxDevice. - Linux
Device Cgroup - Represents a device rule for the devices specified to the device controller
- Linux
Device Cgroup Builder - Builder for
LinuxDeviceCgroup. - Linux
Feature - Linux specific features.
- Linux
Feature Builder - Builder for
LinuxFeature. - Linux
Hugepage Limit - LinuxHugepageLimit structure corresponds to limiting kernel hugepages. Default to reservation limits if supported. Otherwise fallback to page fault limits.
- Linux
Hugepage Limit Builder - Builder for
LinuxHugepageLimit. - LinuxIO
Priority - RLimit types and restrictions.
- LinuxIO
Priority Builder - Builder for
LinuxIOPriority. - Linux
IdMapping - LinuxIDMapping specifies UID/GID mappings.
- Linux
IdMapping Builder - Builder for
LinuxIdMapping. - Linux
Intel Rdt - LinuxIntelRdt has container runtime resource constraints for Intel RDT CAT and MBA features and flags enabling Intel RDT CMT and MBM features. Intel RDT features are available in Linux 4.14 and newer kernel versions.
- Linux
Intel RdtBuilder - Builder for
LinuxIntelRdt. - Linux
Interface Priority - LinuxInterfacePriority for network interfaces.
- Linux
Interface Priority Builder - Builder for
LinuxInterfacePriority. - Linux
Memory - LinuxMemory for Linux cgroup ‘memory’ resource management.
- Linux
Memory Builder - Builder for
LinuxMemory. - Linux
Namespace - LinuxNamespace is the configuration for a Linux namespace.
- Linux
Namespace Builder - Builder for
LinuxNamespace. - Linux
Network - LinuxNetwork identification and priority configuration.
- Linux
Network Builder - Builder for
LinuxNetwork. - Linux
Personality - LinuxPersonality represents the Linux personality syscall input.
- Linux
Personality Builder - Builder for
LinuxPersonality. - Linux
Pids - LinuxPids for Linux cgroup ‘pids’ resource management (Linux 4.3).
- Linux
Pids Builder - Builder for
LinuxPids. - Linux
Rdma - LinuxRdma for Linux cgroup ‘rdma’ resource management (Linux 4.11).
- Linux
Rdma Builder - Builder for
LinuxRdma. - Linux
Resources - Resource constraints for container
- Linux
Resources Builder - Builder for
LinuxResources. - Linux
Seccomp - LinuxSeccomp represents syscall restrictions.
- Linux
Seccomp Arg - LinuxSeccompArg used for matching specific syscall arguments in seccomp.
- Linux
Seccomp ArgBuilder - Builder for
LinuxSeccompArg. - Linux
Seccomp Builder - Builder for
LinuxSeccomp. - Linux
Syscall - LinuxSyscall is used to match a syscall in seccomp.
- Linux
Syscall Builder - Builder for
LinuxSyscall. - Linux
Throttle Device - LinuxThrottleDevice struct holds a
major:minor rate_per_secondpair. - Linux
Throttle Device Builder - Builder for
LinuxThrottleDevice. - Linux
Weight Device - LinuxWeightDevice struct holds a
major:minor weightpair for weightDevice. - Linux
Weight Device Builder - Builder for
LinuxWeightDevice. - Mount
- Mount specifies a mount for a container.
- Mount
Builder - Builder for
Mount. - Mount
Extensions - MountExtensions represents the “mountExtensions” field.
- Mount
Extensions Builder - Builder for
MountExtensions. - Posix
Rlimit - RLimit types and restrictions.
- Posix
Rlimit Builder - Builder for
PosixRlimit. - Process
- Process contains information to start a specific application inside the container.
- Process
Builder - Builder for
Process. - Root
- Root contains information about the container’s root filesystem on the host.
- Root
Builder - Builder for
Root. - Scheduler
- Scheduler represents the scheduling attributes for a process. It is based on the Linux sched_setattr(2) syscall.
- Scheduler
Builder - Builder for
Scheduler. - Seccomp
- Seccomp represents the “seccomp” field.
- Seccomp
Builder - Builder for
Seccomp. - Selinux
- Selinux represents the “selinux” field.
- Selinux
Builder - Builder for
Selinux. - Solaris
- Solaris contains platform-specific configuration for Solaris application containers.
- Solaris
Anet - SolarisAnet provides the specification for automatic creation of network resources for this container.
- Solaris
Anet Builder - Builder for
SolarisAnet. - Solaris
Builder - Builder for
Solaris. - Solaris
CappedCPU - SolarisCappedCPU allows users to set limit on the amount of CPU time that can be used by container.
- Solaris
CappedCPU Builder - Builder for
SolarisCappedCPU. - Solaris
Capped Memory - SolarisCappedMemory allows users to set the physical and swap caps on the memory that can be used by this container.
- Solaris
Capped Memory Builder - Builder for
SolarisCappedMemory. - Spec
- Base configuration for the container.
- Spec
Builder - Builder for
Spec. - User
- User id (uid) and group id (gid) tracks file permssions.
- User
Builder - Builder for
User. - VM
- VM contains information for virtual-machine-based containers.
- VMBuilder
- Builder for
VM. - VMHypervisor
- VMHypervisor contains information about the hypervisor to use for a virtual machine.
- VMHypervisor
Builder - Builder for
VMHypervisor. - VMImage
- VMImage contains information about the virtual machine root image.
- VMImage
Builder - Builder for
VMImage. - VMKernel
- VMKernel contains information about the kernel to use for a virtual machine.
- VMKernel
Builder - Builder for
VMKernel. - Windows
- Windows defines the runtime configuration for Windows based containers, including Hyper-V containers.
- Windows
Builder - Builder for
Windows. - WindowsCPU
Resources - WindowsCPUResources contains CPU resource management settings.
- WindowsCPU
Resources Builder - Builder for
WindowsCPUResources. - Windows
Device - WindowsDevice represents information about a host device to be mapped into the container.
- Windows
Device Builder - Builder for
WindowsDevice. - Windows
HyperV - WindowsHyperV contains information for configuring a container to run with Hyper-V isolation.
- Windows
HyperV Builder - Builder for
WindowsHyperV. - Windows
Memory Resources - WindowsMemoryResources contains memory resource management settings.
- Windows
Memory Resources Builder - Builder for
WindowsMemoryResources. - Windows
Network - WindowsNetwork contains network settings for Windows containers.
- Windows
Network Builder - Builder for
WindowsNetwork. - Windows
Resources - Available windows resources.
- Windows
Resources Builder - Builder for
WindowsResources. - Windows
Storage Resources - WindowsStorageResources contains storage resource management settings.
- Windows
Storage Resources Builder - Builder for
WindowsStorageResources.
Enums§
- Arch
- Available seccomp architectures.
- Capability
- All available capabilities.
- IOPriority
Class - IOPriorityClass represents an I/O scheduling class.
- Linux
Device Type - Device types
- Linux
Namespace Type - Available Linux namespaces.
- Linux
Personality Domain - Define domain and flags for LinuxPersonality.
- Linux
Scheduler Flag - LinuxSchedulerFlag represents the flags used by the Linux Scheduler.
- Linux
Scheduler Policy - LinuxSchedulerPolicy represents different scheduling policies used with the Linux Scheduler
- Linux
Seccomp Action - Available seccomp actions.
- Linux
Seccomp Filter Flag - Available seccomp filter flags.
- Linux
Seccomp Operator - The seccomp operator to be used for args.
- Posix
Rlimit Type - Available rlimit types (see https://man7.org/linux/man-pages/man2/getrlimit.2.html)
Constants§
- VERSION_
DEV - Indicates development branch. Releases will be empty string.
- VERSION_
MAJOR - API incompatible changes.
- VERSION_
MINOR - Changing functionality in a backwards-compatible manner
- VERSION_
PATCH - Backwards-compatible bug fixes.
Functions§
- get_
default_ maskedpaths - Default masks paths, cannot read these host files.
- get_
default_ mounts - utility function to generate default config for mounts.
- get_
default_ namespaces - Utility function to get default namespaces.
- get_
default_ readonly_ paths - Default readonly paths, for example most containers shouldn’t have permission to write to
/proc/sys. - get_
rootless_ mounts - utility function to generate default rootless config for mounts.
- version
- Retrieve the version as string representation.
Type Aliases§
- Capabilities
- Capabilities is a unique set of Capability values.