Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

config: Add VM-based container configuration section #949

Merged
merged 1 commit into from
Mar 31, 2018
+187 −0
Merged

config: Add VM-based container configuration section #949

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 68 additions & 0 deletions config-vm.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
# <a name="VirtualMachineSpecificContainerConfiguration" /> Virtual-machine-specific Container Configuration

This section describes the schema for the [virtual-machine-specific section](config.md#platform-specific-configuration) of the [container configuration](config.md).
The virtual-machine container specification provides additional configuration for the hypervisor, kernel, and image.

## <a name="HypervisorObject" /> Hypervisor Object

**`hypervisor`** (object, OPTIONAL) specifies details of the hypervisor that manages the container virtual machine.
* **`path`** (string, REQUIRED) path to the hypervisor binary that manages the container virtual machine.
This value MUST be an absolute path in the [runtime mount namespace](glossary.md#runtime-namespace).
* **`parameters`** (array of strings, OPTIONAL) specifies an array of parameters to pass to the hypervisor.

### Example

```json
"hypervisor": {
"path": "/path/to/vmm",
"parameters": ["opts1=foo", "opts2=bar"]
}
```

## <a name="KernelObject" /> Kernel Object

**`kernel`** (object, REQUIRED) specifies details of the kernel to boot the container virtual machine with.
* **`path`** (string, REQUIRED) path to the kernel used to boot the container virtual machine.
This value MUST be an absolute path in the [runtime mount namespace](glossary.md#runtime-namespace).
* **`parameters`** (array of strings, OPTIONAL) specifies an array of parameters to pass to the kernel.
* **`initrd`** (string, OPTIONAL) path to an initial ramdisk to be used by the container virtual machine.
This value MUST be an absolute path in the [runtime mount namespace](glossary.md#runtime-namespace).

### Example

```json
"kernel": {
"path": "/path/to/vmlinuz",
"parameters": ["foo=bar", "hello world"],
"initrd": "/path/to/initrd.img"
}
```

## <a name="ImageObject" /> Image Object

**`image`** (object, OPTIONAL) specifies details of the image that contains the root filesystem for the container virtual machine.
* **`path`** (string, REQUIRED) path to the container virtual machine root image.
This value MUST be an absolute path in the [runtime mount namespace](glossary.md#runtime-namespace).
* **`format`** (string, REQUIRED) format of the container virtual machine root image. Commonly supported formats are:
* **`raw`** [raw disk image format][raw-image-format]. Unset values for `format` will default to that format.
* **`qcow2`** [QEMU image format][qcow2-image-format].
* **`vdi`** [VirtualBox 1.1 compatible image format][vdi-image-format].
* **`vmdk`** [VMware compatible image format][vmdk-image-format].
* **`vhd`** [Virtual Hard Disk image format][vhd-image-format].

This image contains the root filesystem that the virtual machine **`kernel`** will boot into, not to be confused with the container root filesystem itself. The latter, as specified by **`path`** from the [Root Configuration](config.md#Root-Configuration) section, will be mounted inside the virtual machine at a location chosen by the virtual-machine-based runtime.

### Example

```json
"image": {
"path": "/path/to/vm/rootfs.img",
"format": "raw"
}
```

[raw-image-format]: https://en.wikipedia.org/wiki/IMG_(file_format)
[qcow2-image-format]: https://git.qemu.org/?p=qemu.git;a=blob_plain;f=docs/interop/qcow2.txt;hb=HEAD
[vdi-image-format]: https://forensicswiki.org/wiki/Virtual_Disk_Image_(VDI)
[vmdk-image-format]: http://www.vmware.com/app/vmdk/?src=vmdk
[vhd-image-format]: https://github.com/libyal/libvhdi/blob/master/documentation/Virtual%20Hard%20Disk%20(VHD)%20image%20format.asciidoc
2 changes: 2 additions & 0 deletions config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,8 @@ For Windows based systems the user structure has the following fields:
This MUST be set if the target platform of this spec is `windows`.
* **`solaris`** (object, OPTIONAL) [Solaris-specific configuration](config-solaris.md).
This MAY be set if the target platform of this spec is `solaris`.
* **`vm`** (object, OPTIONAL) [Virtual-machine-specific configuration](config-vm.md).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You'll also want to add virtual-machine entries here and here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done now

This MAY be set if the target platform and architecture of this spec support hardware virtualization.

### Example (Linux)

Expand Down
3 changes: 3 additions & 0 deletions schema/config-schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,9 @@
},
"windows": {
"$ref": "config-windows.json#/windows"
},
"vm": {
"$ref": "config-vm.json#/vm"
}
},
"required": [
Expand Down
60 changes: 60 additions & 0 deletions schema/config-vm.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
{
"vm": {
"description": "configuration for virtual-machine-based containers",
"type": "object",
"required": [
"kernel"
],
"properties": {
"hypervisor": {
"description": "hypervisor config used by VM-based containers",
"type": "object",
"required": [
"path"
],
"properties": {
"path": {
"$ref": "defs.json#/definitions/FilePath"
},
"parameters": {
"$ref": "defs.json#/definitions/ArrayOfStrings"
}
}
},
"kernel": {
"description": "kernel config used by VM-based containers",
"type": "object",
"required": [
"path"
],
"properties": {
"path": {
"$ref": "defs.json#/definitions/FilePath"
},
"parameters": {
"$ref": "defs.json#/definitions/ArrayOfStrings"
},
"initrd": {
"$ref": "defs.json#/definitions/FilePath"
}
}
},
"image": {
"description": "root image config used by VM-based containers",
"type": "object",
"required": [
"path",
"format"
],
"properties": {
"path": {
"$ref": "defs.json#/definitions/FilePath"
},
"format": {
"$ref": "defs-vm.json#/definitions/RootImageFormat"
}
}
}
}
}
}
14 changes: 14 additions & 0 deletions schema/defs-vm.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"definitions": {
"RootImageFormat": {
"type": "string",
"enum": [
"raw",
"qcow2",
"vdi",
"vmdk",
"vhd"
]
}
}
}
2 changes: 2 additions & 0 deletions spec.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ Platforms defined by this specification are:
* `linux`: [runtime.md](runtime.md), [config.md](config.md), [config-linux.md](config-linux.md), and [runtime-linux.md](runtime-linux.md).
* `solaris`: [runtime.md](runtime.md), [config.md](config.md), and [config-solaris.md](config-solaris.md).
* `windows`: [runtime.md](runtime.md), [config.md](config.md), and [config-windows.md](config-windows.md).
* `vm`: [runtime.md](runtime.md), [config.md](config.md), and [config-vm.md](config-vm.md).

# <a name="ociRuntimeSpecTOC" />Table of Contents

Expand All @@ -29,6 +30,7 @@ Platforms defined by this specification are:
- [Linux-specific Configuration](config-linux.md)
- [Solaris-specific Configuration](config-solaris.md)
- [Windows-specific Configuration](config-windows.md)
- [Virtual-Machine-specific Configuration](config-vm.md)
- [Glossary](glossary.md)

# <a name="ociRuntimeSpecNotationalConventions" />Notational Conventions
Expand Down
38 changes: 38 additions & 0 deletions specs-go/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ type Spec struct {
Solaris *Solaris `json:"solaris,omitempty" platform:"solaris"`
// Windows is platform-specific configuration for Windows based containers.
Windows *Windows `json:"windows,omitempty" platform:"windows"`
// VM specifies configuration for virtual-machine-based containers.
VM *VM `json:"vm,omitempty" platform:"vm"`
}

// Process contains information to start a specific application inside the container.
Expand Down Expand Up @@ -499,6 +501,42 @@ type WindowsHyperV struct {
UtilityVMPath string `json:"utilityVMPath,omitempty"`
}

// VM contains information for virtual-machine-based containers.
type VM struct {
// Hypervisor specifies hypervisor-related configuration for virtual-machine-based containers.
Hypervisor VMHypervisor `json:"hypervisor,omitempty"`
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If Hypervisor is ever set in a container spec, it can only be run by the same hypervisor type and the same deployment. Is it acceptable from OCI point of view?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh, good point. Shouldn't the hypervisor be exec'd with the correct path and args anyways from a runtime?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has been spun off into #964.

// Kernel specifies kernel-related configuration for virtual-machine-based containers.
Kernel VMKernel `json:"kernel"`
// Image specifies guest image related configuration for virtual-machine-based containers.
Image VMImage `json:"image,omitempty"`
}

// VMHypervisor contains information about the hypervisor to use for a virtual machine.
type VMHypervisor struct {
// Path is the host path to the hypervisor used to manage the virtual machine.
Path string `json:"path"`
// Parameters specifies parameters to pass to the hypervisor.
Parameters string `json:"parameters,omitempty"`
}

// VMKernel contains information about the kernel to use for a virtual machine.
type VMKernel struct {
// Path is the host path to the kernel used to boot the virtual machine.
Path string `json:"path"`
// Parameters specifies parameters to pass to the kernel.
Parameters string `json:"parameters,omitempty"`
// InitRD is the host path to an initial ramdisk to be used by the kernel.
InitRD string `json:"initrd,omitempty"`
}

// VMImage contains information about the virtual machine root image.
type VMImage struct {
// Path is the host path to the root image that the VM kernel would boot into.
Path string `json:"path"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this leaving the type of that path completely up to the runtime? (qcow, raw, directory, etc)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC, this image is a small disk and is used for booting only. Making it raw is enough.

By the way, I hope rootfs and volume support media types. But it is not the purpose of this PR.

// Format is the root image format type (e.g. "qcow2", "raw", "vhd", etc).
Format string `json:"format"`
}

// LinuxSeccomp represents syscall restrictions
type LinuxSeccomp struct {
DefaultAction LinuxSeccompAction `json:"defaultAction"`
Expand Down