mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-09-02 15:37:11 +00:00
Add support for OCI annotations
Annotations do not do anything by default but get passed through to the runtime, which can be useful. I never metadata I didn't like... Also fix sysctl to be a map in the validation, not an array. I can't see any examples using this in LinuxKit, but this matches OCI so is correct. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
@@ -181,8 +181,9 @@ bind mounted into a container.
|
||||
- `rootfsPropagation` sets the rootfs propagation, eg `shared`, `slave` or (default) `private`.
|
||||
- `cgroupsPath` sets the path for cgroups.
|
||||
- `resources` sets cgroup resource limits as per the OCI spec.
|
||||
- `sysctl` sets a list of `sysctl` key value pairs that are set inside the container namespace.
|
||||
- `sysctl` sets a map of `sysctl` key value pairs that are set inside the container namespace.
|
||||
- `rmlimits` sets a list of `rlimit` values in the form `name,soft,hard`, eg `nofile,100,200`. You can use `unlimited` as a value too.
|
||||
- `annotations` sets a map of key value pairs as OCI metadata.
|
||||
|
||||
There are experimental `userns`, `uidMappings` and `gidMappings` options for user namespaces but these are not yet supported, and may have
|
||||
permissions issues in use.
|
||||
|
||||
Reference in New Issue
Block a user