Documentation
¶
Overview ¶
Binary runsc is an implementation of the Open Container Initiative Runtime that runs applications inside a sandbox.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package boot loads the kernel and runs a container.
|
Package boot loads the kernel and runs a container. |
|
filter
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
|
platforms
Package platforms imports all available platform packages.
|
Package platforms imports all available platform packages. |
|
Package cgroup provides an interface to read and write configuration to cgroup.
|
Package cgroup provides an interface to read and write configuration to cgroup. |
|
Package cmd holds implementations of the runsc commands.
|
Package cmd holds implementations of the runsc commands. |
|
Package console contains utilities for working with pty consols in runsc.
|
Package console contains utilities for working with pty consols in runsc. |
|
Package container creates and manipulates containers.
|
Package container creates and manipulates containers. |
|
test_app
Binary test_app is like a swiss knife for tests that need to run anything inside the sandbox.
|
Binary test_app is like a swiss knife for tests that need to run anything inside the sandbox. |
|
Package criutil contains utility functions for interacting with the Container Runtime Interface (CRI), principally via the crictl command line tool.
|
Package criutil contains utility functions for interacting with the Container Runtime Interface (CRI), principally via the crictl command line tool. |
|
Package dockerutil is a collection of utility functions, primarily for testing.
|
Package dockerutil is a collection of utility functions, primarily for testing. |
|
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox.
|
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox. |
|
filter
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
|
Package sandbox creates and manipulates sandboxes.
|
Package sandbox creates and manipulates sandboxes. |
|
Package specutils contains utility functions for working with OCI runtime specs.
|
Package specutils contains utility functions for working with OCI runtime specs. |
|
Package testutil contains utility functions for runsc tests.
|
Package testutil contains utility functions for runsc tests. |
Click to show internal directories.
Click to hide internal directories.