Skip to content

Add linux.resources.devices#99

Closed
wking wants to merge 1 commit intoopencontainers:masterfrom
wking:device-cgroups-without-dropping-copy-from-host
Closed

Add linux.resources.devices#99
wking wants to merge 1 commit intoopencontainers:masterfrom
wking:device-cgroups-without-dropping-copy-from-host

Conversation

@wking
Copy link
Copy Markdown
Contributor

@wking wking commented Aug 6, 2015

This cherry-picks the device-cgroup commit from #98, since I think the
approach is useful regardless of how we're creating the devices.

@wking
Add linux.resources.devices
dfb613a 
For specifying device cgroups independent of device creation.

I also split the cgroups section into sections for each class (the
earlier docs were very terse).  I'll flesh these sections out in
future commits if the devices addition sounds acceptable.

Signed-off-by: W. Trevor King <wking@tremily.us>
@wking wking mentioned this pull request Aug 6, 2015
Merged
@wking
Copy link
Copy Markdown
Contributor Author

wking commented Aug 6, 2015

And all the pre-close pushback against #98 seemed to focus on the commit dropping linux.devices. I didn't see any comments in #98 on the commit cherry-picked here (just the discussion in #94: 1, 2, 3, 4, 5).

wking added a commit to wking/opencontainer-runtime-spec that referenced this pull request Aug 7, 2015
@wking
config-linux: Explicitly document mknod/cgroups overloading
3236c26 
I'd prefer to handle mknod and device cgroups independently [1,2], to
avoid all this "If path is given..." and "If parameters is given..."
special casing.  But the overloaded approach has landed [3], so this
commit documents the indended semantics [4].  I'm not sure how bundle
authors are supposed to register deny cgroups rules [5].

[1]: opencontainers#98
[2]: opencontainers#99
[3]: opencontainers#94 (comment)
[4]: opencontainers#94 (comment)
[5]: opencontainers#94 (comment)

Signed-off-by: W. Trevor King <wking@tremily.us>
This was referenced Aug 7, 2015
Closed
Closed
@laijs laijs mentioned this pull request Aug 31, 2015
Closed
@wking
Copy link
Copy Markdown
Contributor Author

wking commented Sep 11, 2015

I was hunting around for the device docs to link today, and was surprised to find them in the runtime.json tree. Besides avoiding the complication of overloading (see #101), I think splitting the mknod and cgroup functionality would let us move the mknod functionality back into the config.json tree (it certainly doesn't seem like a host-specific setting), while leaving the cgroup functionality in runtime.json (since that does seem like a host-specific setting).

@wking wking mentioned this pull request Sep 16, 2015
Merged
@crosbymichael
Copy link
Copy Markdown
Member

crosbymichael commented Sep 25, 2015

I think this one can be closed now that we already have a Device struct and fields documented.

@wking
Copy link
Copy Markdown
Contributor Author

wking commented Sep 25, 2015

On Fri, Sep 25, 2015 at 01:45:09PM -0700, Michael Crosby wrote:

I think this one can be closed now that we already have a Device
struct and fields documented.

Not really documented, see #101 ;). I still think the separation
between mknod and cgroups proposed here would make everyone's life
easier than landing the #101 docs for the current structure. But it's
your project, I'm just floating suggestions :).

wking added a commit to wking/nmbug-oci that referenced this pull request Dec 29, 2015
@wking
Separate config entries for device mknod and cgroups
d0e2dd7 
I filed a PR to keep this separate [1], but it was closed after [2]
landed.  See also [3], where I point out that putting the mknod stuff
in the “control groups” section is awkward.

[1]: opencontainers/runtime-spec#99
     Add linux.resources.devices
[2]: opencontainers/runtime-spec#94
     Replace Linux.Device with more specific config
[3]: opencontainers/runtime-spec#171 (comment)
     move the description of user ns mapping and default files to proper file
@wking wking mentioned this pull request Jan 12, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wking @crosbymichael