Skip to content

Commit

Permalink
config: Make process optional
Browse files Browse the repository at this point in the history
Since be59415 (Split create and start, 2016-04-01, opencontainers#384), it's
possible for a container process to never execute user-specified code
(e.g. you can call 'create', 'kill', 'delete' without calling
'start').  For folks who expect to do that, there's no reason to
define process.args.

The only other process property required for all platforms is 'cwd',
but the runtime's idler code isn't specified in sufficient detail for
the configuration author to have an opinion about what its working
directory should be.

On Linux and Solaris, 'user' is also required for 'uid' and 'gid'.  My
preferred approach here is to make those optional and define defaults
[1,2]:

  If unset, the runtime will not attempt to manipulate the user ID
  (e.g. not calling setuid(2) or similar).

But the maintainer consensus is that they want those to be explicitly
required properties [3,4,5].  With the current spec, one option could
be to make process optional (with the idler's working directory
unspecified) for OSes besides Linux and Solaris.  On Windows, username
is optional, but that was likely accidental [6].

So an unspecified 'process' would leave process.cwd and process.user
unset.  What that means for the implementation-defined container
process between 'create' and 'start' is unclear, but clarifying how
that is handled is a separate issue [7] independent of whether
'process' is optional or not.

[1]: opencontainers#417 (comment)
[2]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/DWdystx5X3A
     Subject: Exposing platform defaults
     Date: Thu, 14 Jan 2016 15:36:26 -0800
     Message-ID: <[email protected]>
[3]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2016/opencontainers.2016-05-04-17.00.log.html#l-44
[4]: opencontainers#417 (comment)
[5]: opencontainers#417 (comment)
[6]: opencontainers#618 (comment)
[7]: opencontainers#700

Signed-off-by: W. Trevor King <[email protected]>
  • Loading branch information
wking committed Feb 27, 2017
1 parent 2d491b0 commit c41ea83
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 3 deletions.
3 changes: 2 additions & 1 deletion config.md
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,8 @@ For Windows, see links for details about [mountvol](http://ss64.com/nt/mountvol.

## Process

**`process`** (object, REQUIRED) specifies the container process.
**`process`** (object, OPTIONAL) specifies the container process.
This property is REQUIRED when [`start`](runtime.md#start) is called.

* **`terminal`** (bool, OPTIONAL) specifies whether a terminal is attached to that process, defaults to false.
As an example, if set to true on Linux a pseudoterminal pair is allocated for the container process and the pseudoterminal slave is duplicated on the container process's [standard streams][stdin.3].
Expand Down
1 change: 1 addition & 0 deletions runtime.md
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ This operation MUST generate an error if it is not provided the container ID.
Attempting to start a container that does not exist MUST generate an error.
Attempting to start an already started container MUST have no effect on the container and MUST generate an error.
This operation MUST run the user-specified program as specified by [`process`](config.md#process).
This operation MUST generate an error if `process` was not set.

Upon successful completion of this operation the `status` property of this container MUST be `running`.

Expand Down
1 change: 0 additions & 1 deletion schema/config-schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,6 @@
"required": [
"ociVersion",
"platform",
"process",
"root"
]
}
2 changes: 1 addition & 1 deletion specs-go/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ type Spec struct {
// Platform specifies the configuration's target platform.
Platform Platform `json:"platform"`
// Process configures the container process.
Process Process `json:"process"`
Process *Process `json:"process,omitempty"`
// Root configures the container's root filesystem.
Root Root `json:"root"`
// Hostname configures the container's hostname.
Expand Down

0 comments on commit c41ea83

Please sign in to comment.