From edd501a605fbbf53dba7bee8324842347ee239f8 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 7 Mar 2018 16:27:33 -0800 Subject: [PATCH] config-vm: Recycle the 'process' schema We already have two ways to specify a process to launch (for the container process and for hooks). This commit recycles the container process schema for launcing the hypervisor. I've dropped the terminal configuration because callers are unlikely to need control over their hypervisor's standard streams, but otherwise this is the same structure. The JSON Schema cheats a bit by not forbidding the terminal properties. We could address that if we really wanted to (JSON Schema makes it hard to extend a previously-defined object), but I'm leaving it to downstream tools in this commit. Signed-off-by: W. Trevor King --- config-vm.md | 9 ++-- schema/config-schema.json | 107 +------------------------------------ schema/config-vm.json | 13 +---- schema/defs.json | 108 ++++++++++++++++++++++++++++++++++++++ specs-go/config.go | 10 +--- 5 files changed, 114 insertions(+), 133 deletions(-) diff --git a/config-vm.md b/config-vm.md index ff551d317..0c671a120 100644 --- a/config-vm.md +++ b/config-vm.md @@ -5,17 +5,14 @@ The virtual-machine container specification provides additional configuration fo ## Hypervisor Object -**`hypervisor`** (object, OPTIONAL) specifies details of the hypervisor that manages the container virtual machine. -* **`path`** (string, REQUIRED) path to the hypervisor binary that manages the container virtual machine. - This value MUST be an absolute path in the [runtime mount namespace](glossary.md#runtime-namespace). -* **`parameters`** (array of strings, OPTIONAL) specifies an array of parameters to pass to the hypervisor. +**`hypervisor`** (object, OPTIONAL) configures the hypervisor process. +It has the same schema as [`process`](config.md#process), but `terminal` and `consoleSize` MUST NOT be configured. ### Example ```json "hypervisor": { - "path": "/path/to/vmm", - "parameters": ["opts1=foo", "opts2=bar"] + "args": ["/path/to/vmm", "opts1=foo", "opts2=bar"] } ``` diff --git a/schema/config-schema.json b/schema/config-schema.json index f90bd4b7d..ec94e5627 100644 --- a/schema/config-schema.json +++ b/schema/config-schema.json @@ -48,112 +48,7 @@ } }, "process": { - "type": "object", - "required": [ - "cwd", - "args" - ], - "properties": { - "args": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - }, - "consoleSize": { - "type": "object", - "required": [ - "height", - "width" - ], - "properties": { - "height": { - "$ref": "defs.json#/definitions/uint64" - }, - "width": { - "$ref": "defs.json#/definitions/uint64" - } - } - }, - "cwd": { - "type": "string" - }, - "env": { - "$ref": "defs.json#/definitions/Env" - }, - "terminal": { - "type": "boolean" - }, - "user": { - "type": "object", - "properties": { - "uid": { - "$ref": "defs.json#/definitions/UID" - }, - "gid": { - "$ref": "defs.json#/definitions/GID" - }, - "additionalGids": { - "$ref": "defs.json#/definitions/ArrayOfGIDs" - }, - "username": { - "type": "string" - } - } - }, - "capabilities": { - "type": "object", - "properties": { - "bounding": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - }, - "permitted": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - }, - "effective": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - }, - "inheritable": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - }, - "ambient": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - } - } - }, - "apparmorProfile": { - "type": "string" - }, - "oomScoreAdj": { - "type": "integer" - }, - "selinuxLabel": { - "type": "string" - }, - "noNewPrivileges": { - "type": "boolean" - }, - "rlimits": { - "type": "array", - "items": { - "type": "object", - "required": [ - "type", - "soft", - "hard" - ], - "properties": { - "hard": { - "$ref": "defs.json#/definitions/uint64" - }, - "soft": { - "$ref": "defs.json#/definitions/uint64" - }, - "type": { - "type": "string", - "pattern": "^RLIMIT_[A-Z]+$" - } - } - } - } - } + "$ref": "defs.json#/definitions/Process" }, "linux": { "$ref": "config-linux.json#/linux" diff --git a/schema/config-vm.json b/schema/config-vm.json index 6b1fb4baf..9baf73f13 100644 --- a/schema/config-vm.json +++ b/schema/config-vm.json @@ -8,18 +8,7 @@ "properties": { "hypervisor": { "description": "hypervisor config used by VM-based containers", - "type": "object", - "required": [ - "path" - ], - "properties": { - "path": { - "$ref": "defs.json#/definitions/FilePath" - }, - "parameters": { - "$ref": "defs.json#/definitions/ArrayOfStrings" - } - } + "$ref": "defs.json#/definitions/Process" }, "kernel": { "description": "kernel config used by VM-based containers", diff --git a/schema/defs.json b/schema/defs.json index c1533aede..fe0a0287a 100644 --- a/schema/defs.json +++ b/schema/defs.json @@ -78,6 +78,114 @@ "Env": { "$ref": "#/definitions/ArrayOfStrings" }, + "Process": { + "type": "object", + "required": [ + "cwd", + "args" + ], + "properties": { + "args": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + }, + "consoleSize": { + "type": "object", + "required": [ + "height", + "width" + ], + "properties": { + "height": { + "$ref": "defs.json#/definitions/uint64" + }, + "width": { + "$ref": "defs.json#/definitions/uint64" + } + } + }, + "cwd": { + "type": "string" + }, + "env": { + "$ref": "defs.json#/definitions/Env" + }, + "terminal": { + "type": "boolean" + }, + "user": { + "type": "object", + "properties": { + "uid": { + "$ref": "defs.json#/definitions/UID" + }, + "gid": { + "$ref": "defs.json#/definitions/GID" + }, + "additionalGids": { + "$ref": "defs.json#/definitions/ArrayOfGIDs" + }, + "username": { + "type": "string" + } + } + }, + "capabilities": { + "type": "object", + "properties": { + "bounding": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + }, + "permitted": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + }, + "effective": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + }, + "inheritable": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + }, + "ambient": { + "$ref": "defs.json#/definitions/ArrayOfStrings" + } + } + }, + "apparmorProfile": { + "type": "string" + }, + "oomScoreAdj": { + "type": "integer" + }, + "selinuxLabel": { + "type": "string" + }, + "noNewPrivileges": { + "type": "boolean" + }, + "rlimits": { + "type": "array", + "items": { + "type": "object", + "required": [ + "type", + "soft", + "hard" + ], + "properties": { + "hard": { + "$ref": "defs.json#/definitions/uint64" + }, + "soft": { + "$ref": "defs.json#/definitions/uint64" + }, + "type": { + "type": "string", + "pattern": "^RLIMIT_[A-Z]+$" + } + } + } + } + } + }, "Hook": { "type": "object", "properties": { diff --git a/specs-go/config.go b/specs-go/config.go index c9e848db6..77f12b171 100644 --- a/specs-go/config.go +++ b/specs-go/config.go @@ -504,21 +504,13 @@ type WindowsHyperV struct { // VM contains information for virtual-machine-based containers. type VM struct { // Hypervisor specifies hypervisor-related configuration for virtual-machine-based containers. - Hypervisor VMHypervisor `json:"hypervisor,omitempty"` + Hypervisor *Process `json:"hypervisor,omitempty"` // Kernel specifies kernel-related configuration for virtual-machine-based containers. Kernel VMKernel `json:"kernel"` // Image specifies guest image related configuration for virtual-machine-based containers. Image VMImage `json:"image,omitempty"` } -// VMHypervisor contains information about the hypervisor to use for a virtual machine. -type VMHypervisor struct { - // Path is the host path to the hypervisor used to manage the virtual machine. - Path string `json:"path"` - // Parameters specifies parameters to pass to the hypervisor. - Parameters string `json:"parameters,omitempty"` -} - // VMKernel contains information about the kernel to use for a virtual machine. type VMKernel struct { // Path is the host path to the kernel used to boot the virtual machine.