-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: working group for FreeBSD runtime #133
Conversation
I'm also happy to help @dfr and @samuelkarp getting this done, in what ever way is required. |
I made a minimal suggestion for a FreeBSD config extension here: https://github.com/dfr/runtime-spec/tree/freebsd-spec. This just allows setting a subset of the jail parameters to be used when creating a container jail. |
@gtewallace Are there other members of the FreeBSD community who are interested in either being an owner or actively participating in the WG? |
Right now, we always use a private UTS namespace on FreeBSD. This should be made optional but implementing that cleanly needs a FreeBSD extension to the OCI runtime config. The process for that is starting (opencontainers/tob#133) but in the meantime, assume that the UTS namespace is private on FreeBSD. This moves the Linux-specific namespace logic to container_internal_linux.go and adds a FreeBSD stub. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
Right now, we always use a private UTS namespace on FreeBSD. This should be made optional but implementing that cleanly needs a FreeBSD extension to the OCI runtime config. The process for that is starting (opencontainers/tob#133) but in the meantime, assume that the UTS namespace is private on FreeBSD. This moves the Linux-specific namespace logic to container_internal_linux.go and adds a FreeBSD stub. Signed-off-by: Doug Rabson <dfr@rabson.org>
Right now, we always use a private UTS namespace on FreeBSD. This should be made optional but implementing that cleanly needs a FreeBSD extension to the OCI runtime config. The process for that is starting (opencontainers/tob#133) but in the meantime, assume that the UTS namespace is private on FreeBSD. This moves the Linux-specific namespace logic to container_internal_linux.go and adds a FreeBSD stub. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
me |
owner or participant? |
Participant. Sorry for being vague. |
Ok, I was just wondering whether or not to change the owners section of the WG proposal. |
Asking around. thanks! |
Just to confirm, I am happy with being listed as @dfr has done |
Me, as a participant. Commenting here as suggested by @dch |
I would like to join this WG as a participant. |
Count me in as participant. |
I'd like to join as a participant as well and help wherever it is required. |
Thanks everyone! Calling for a vote @opencontainers/tob: 2/3 vote is required, so 6/9 TOB members. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM(non-binding)
7fac456
to
0d1192f
Compare
Signed-off-by: Doug Rabson <dfr@rabson.org>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🧁🐐
Hi @cyphar quick ping to see if your concerns were addressed. tnx! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
With 7/9 approvals, and 2 non-votes, this has passed. 🎉 |
I would be interested in joining the WG as a participant. |
Would be happy to join as a participant as well. |
Note for people interested in participating: there is a new github repository which we will use to coordinate: https://github.com/opencontainers/wg-freebsd-runtime |
With two working OCI runtimes for FreeBSD (runj, ocijail) and several container engines including containerd, podman and cri-o, there is a need to define a FreeBSD-specific section of the runtime-spec to allow support for platform features such as resource limits and fine-grained jail permissions. This will help to ensure runtime compatibility and build a consensus for the best way to support FreeBSD container runtimes.