Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This gives us an easy way to share state JSON (because sometimes the PID is insufficient, e.g. on Linux you may need externalFds for efficient checkpointing [1,2]) [3]. Possible alternatives for transmitting state information, and why I feel this approach is superior: * Writing a state file from a pre-start hook [4]. This is pretty close to the --state option, but the --state option allows callers to recover the JSON via a named pipe like /dev/fd/3. That sort of direct connection would be trickier to setup with a hook-based approach. Pre-start and post-stop hooks may still be the best solution for (de)registering a container with a monitoring service, but that's not quite the same application. * Writing a state file to a global directory [5]. Atomic changes, change-monitoring, garbage collection, and ownership/access issues on a global directory are all hard to get right (or have ambiguous values of "right") [6]. * Requiring runtimes to maintain an internal registry of containers they launch [7]. This gives runtimes more flexibility than having a single, global directory. But ownership/access issues are still difficult (if one unprivileged user registers a container, can another unprivileged user see that entry? What elevated permissions would you need to see that entry? To remove that entry?). And the easiest way to get atomic changes and garbage-collection is by registering with a daemon, while not requiring a daemon is currently the #1 feature listed on [8]. In the event that any of those arguments seem leaky, callers that prefer a different approach can easily use hooks (without setting --state) or write wrappers that use a named pipe approach like (--state /dev/fd/3) to collect the JSON and then write it to their preferred registry. So the --state approach seems easy for the runtime to implement reliably, and also compatible with any of the suggested alternatives. The converse is not true; requiring a write to a global or per-runtime registry is not compatible with use-cases that prefer the anonymity of not writing the state at all (which is possible just by leaving off the --state option). [1]: opencontainers/runtime-spec#87 (comment) [2]: https://groups.google.com/a/opencontainers.org/d/msg/dev/z25xQsF3pHA/ixyeTrxyFwAJ Subject: Re: Drop /run/opencontainer entirely? Date: Fri, 4 Sep 2015 21:30:24 -0700 Message-ID: <20150905043024.GB25638@odin.tremily.us> [3]: https://groups.google.com/a/opencontainers.org/d/msg/dev/q6TYqVZOcX8/W1RVyCXCCQAJ Subject: Re: removal of /run/opencontainer/containers, add --state? Date: Tue, 8 Dec 2015 15:49:57 -0800 Message-ID: <20151208234957.GK2767@odin.tremily.us> [4]: https://groups.google.com/a/opencontainers.org/d/msg/dev/q6TYqVZOcX8/GQs0zkRHBwAJ Subject: Re: removal of /run/opencontainer/containers Date: Mon, 30 Nov 2015 13:55:40 -0800 Message-ID: <20151130215540.GF23595@odin.tremily.us> [5]: https://github.com/opencontainers/specs/blob/v0.1.1/runtime.md#state [6]: https://groups.google.com/a/opencontainers.org/d/msg/dev/q6TYqVZOcX8/JRm4auylBQAJ Subject: removal of /run/opencontainer/containers Date: Wed, 25 Nov 2015 14:29:35 +0000 Message-ID: <CAD2oYtNipt3i_C6=J4Bc-jwauo5YAvKXUqTROnPNP3vZ9+C5Vw@mail.gmail.com> [7]: https://groups.google.com/a/opencontainers.org/d/msg/dev/q6TYqVZOcX8/wHYucS-rBQAJ Subject: Re: removal of /run/opencontainer/containers Date: Wed, 25 Nov 2015 08:06:10 -0800 Message-ID: <CANEZBD7VCWj6w5dFAEbULrL6WsY=FSRhVsWFreYXUOHwsUJkwA@mail.gmail.com> [8]: http://runc.io/ Embeddable Containers are started as a child process of runC and can be embedded into various other systems without having to run a Docker daemon. Signed-off-by: W. Trevor King <wking@tremily.us>
- Loading branch information
