oci

package
v4.0.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 5, 2023 License: BSD-3-Clause Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultCaps = []string{
	"CAP_NET_RAW",
	"CAP_NET_BIND_SERVICE",
	"CAP_AUDIT_READ",
	"CAP_AUDIT_WRITE",
	"CAP_DAC_OVERRIDE",
	"CAP_SETFCAP",
	"CAP_SETPCAP",
	"CAP_SETGID",
	"CAP_SETUID",
	"CAP_MKNOD",
	"CAP_CHOWN",
	"CAP_FOWNER",
	"CAP_FSETID",
	"CAP_KILL",
	"CAP_SYS_CHROOT",
}

DefaultCaps is the default set of capabilities granted to an OCI container. Ref: https://github.com/opencontainers/runc/blob/main/libcontainer/SPEC.md#security

Functions

func DefaultConfig

func DefaultConfig() (*generate.Generator, error)

DefaultConfig returns an OCI config generator with a default OCI configuration for cgroups v1 or v2 dependent on the current host.

func DefaultConfigV1

func DefaultConfigV1() (*generate.Generator, error)

DefaultConfigV1 returns an OCI config generator with a default OCI configuration for cgroups v1.

func DefaultConfigV2

func DefaultConfigV2() (*generate.Generator, error)

DefaultConfigV2 returns an OCI config generator with a default OCI configuration for cgroups v2. This is identical to v1 except that we use a cgroup namespace, and mount the namespaced cgroup fs into the container.

Types

type Config

type Config struct {
	generate.Generator
	specs.Spec
}

Config is the OCI runtime configuration.

func (*Config) MarshalJSON

func (c *Config) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler.

func (*Config) UnmarshalJSON

func (c *Config) UnmarshalJSON(b []byte) error

UnmarshalJSON implements json.Unmarshaler.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL