Skip to content

Commit c5d827a

Browse files
liudlongwenlingz
liudlong
authored and
wenlingz
committed
ACRN: Add runC container sample config file
This patch adds the runC container config file, we will run acrn-dm in runC container, and set acrn QoS parameters based on runC. In the config file we mount SOS root directory to the container and disable network/mount/ipc namespace. Tracked-On: #2020 Signed-off-by: Long Liu <long.liu@intel.com> Acked-by: Yu Wang <yu1.wang@intel.com>
1 parent da0cf3a commit c5d827a

File tree

2 files changed

+196
-0
lines changed

2 files changed

+196
-0
lines changed

devicemodel/samples/apl-mrb/runC.json

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
{
2+
"ociVersion": "1.0.1-dev",
3+
"process": {
4+
"terminal": false,
5+
"user": {
6+
"uid": 0,
7+
"gid": 0
8+
},
9+
"args": [
10+
"/usr/share/acrn/samples/apl-mrb/launch_uos.sh",
11+
"-V",
12+
"2"
13+
],
14+
"env": [
15+
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
16+
"TERM=xterm"
17+
],
18+
"cwd": "/",
19+
"capabilities": {
20+
"bounding": [
21+
"CAP_SYS_ADMIN",
22+
"CAP_SYS_RESOURCE",
23+
"CAP_WAKE_ALARM",
24+
"CAP_SYS_MODULE"
25+
26+
],
27+
"effective": [
28+
"CAP_SYS_ADMIN",
29+
"CAP_SYS_RESOURCE",
30+
"CAP_WAKE_ALARM",
31+
"CAP_SYS_MODULE"
32+
],
33+
"inheritable": [
34+
"CAP_SYS_ADMIN",
35+
"CAP_SYS_RESOURCE",
36+
"CAP_WAKE_ALARM",
37+
"CAP_SYS_MODULE"
38+
],
39+
"permitted": [
40+
"CAP_SYS_ADMIN",
41+
"CAP_SYS_RESOURCE",
42+
"CAP_WAKE_ALARM",
43+
"CAP_SYS_MODULE"
44+
],
45+
"ambient": [
46+
"CAP_SYS_ADMIN",
47+
"CAP_SYS_RESOURCE",
48+
"CAP_WAKE_ALARM",
49+
"CAP_SYS_MODULE"
50+
]
51+
}
52+
},
53+
"root": {
54+
"path": "rootfs",
55+
"readonly": false
56+
},
57+
"hostname": "runc",
58+
"mounts": [
59+
{
60+
"destination": "/",
61+
"type": "none",
62+
"source": "/",
63+
"options": ["rbind","rw"]
64+
}
65+
],
66+
"linux": {
67+
"resources": {
68+
"devices": [
69+
{
70+
"allow": true,
71+
"access": "rwm"
72+
}
73+
]
74+
},
75+
"uidMappings": [
76+
{
77+
"hostID": 0,
78+
"containerID": 0,
79+
"size": 1
80+
}
81+
],
82+
"gidMappings": [
83+
{
84+
"hostID": 0,
85+
"containerID": 0,
86+
"size": 1
87+
}
88+
],
89+
"namespaces": [
90+
{
91+
"type": "pid"
92+
},
93+
{
94+
"type": "uts"
95+
}
96+
]
97+
}
98+
}

devicemodel/samples/nuc/runC.json

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
{
2+
"ociVersion": "1.0.1-dev",
3+
"process": {
4+
"terminal": false,
5+
"user": {
6+
"uid": 0,
7+
"gid": 0
8+
},
9+
"args": [
10+
"/usr/share/acrn/samples/apl-mrb/launch_uos.sh",
11+
"-V",
12+
"2"
13+
],
14+
"env": [
15+
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
16+
"TERM=xterm"
17+
],
18+
"cwd": "/",
19+
"capabilities": {
20+
"bounding": [
21+
"CAP_SYS_ADMIN",
22+
"CAP_SYS_RESOURCE",
23+
"CAP_WAKE_ALARM",
24+
"CAP_SYS_MODULE"
25+
26+
],
27+
"effective": [
28+
"CAP_SYS_ADMIN",
29+
"CAP_SYS_RESOURCE",
30+
"CAP_WAKE_ALARM",
31+
"CAP_SYS_MODULE"
32+
],
33+
"inheritable": [
34+
"CAP_SYS_ADMIN",
35+
"CAP_SYS_RESOURCE",
36+
"CAP_WAKE_ALARM",
37+
"CAP_SYS_MODULE"
38+
],
39+
"permitted": [
40+
"CAP_SYS_ADMIN",
41+
"CAP_SYS_RESOURCE",
42+
"CAP_WAKE_ALARM",
43+
"CAP_SYS_MODULE"
44+
],
45+
"ambient": [
46+
"CAP_SYS_ADMIN",
47+
"CAP_SYS_RESOURCE",
48+
"CAP_WAKE_ALARM",
49+
"CAP_SYS_MODULE"
50+
]
51+
}
52+
},
53+
"root": {
54+
"path": "rootfs",
55+
"readonly": false
56+
},
57+
"hostname": "runc",
58+
"mounts": [
59+
{
60+
"destination": "/",
61+
"type": "none",
62+
"source": "/",
63+
"options": ["rbind","rw"]
64+
}
65+
],
66+
"linux": {
67+
"resources": {
68+
"devices": [
69+
{
70+
"allow": true,
71+
"access": "rwm"
72+
}
73+
]
74+
},
75+
"uidMappings": [
76+
{
77+
"hostID": 0,
78+
"containerID": 0,
79+
"size": 1
80+
}
81+
],
82+
"gidMappings": [
83+
{
84+
"hostID": 0,
85+
"containerID": 0,
86+
"size": 1
87+
}
88+
],
89+
"namespaces": [
90+
{
91+
"type": "pid"
92+
},
93+
{
94+
"type": "uts"
95+
}
96+
]
97+
}
98+
}

0 commit comments

Comments
 (0)