Add support for mount in runtime config

This could be used in LinuxKit now, as there are some examples, eg https://github.com/linuxkit/linuxkit/blob/master/blueprints/docker-for-mac/base.yml#L33 which are creating containers to do a mount. The main reason though is to in future change the ad hoc code that generates overlay mounts for writeable containers with a runtime config which does the same thing; this code needs to create both tmpfs and overlay mounts. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2025-07-20 17:49:10 +00:00 · 2017-08-22 15:00:18 +01:00 · 2017-08-22 15:00:18 +01:00 · ee0901762f
commit ee0901762f
parent 0d58d332be
3 changed files with 7 additions and 4 deletions
--- a/docs/yaml.md
+++ b/docs/yaml.md
@ -183,6 +183,8 @@ permissions issues in use.

 In addition to the parts of the specification above used to generate the OCI spec, there is a `runtime` section in the image specification
 which specifies some actions to take place when the container is being started.
+- `mounts` takes a list of mount specifications (`source`, `destination`, `type`, `options`) and mounts them in the root namespace before the container is created. It will
+  try to make any missing destination directories.
 - `mkdir` takes a list of directories to create at runtime, in the root mount namespace. These are created before the container is started, so they can be used to create
  directories for bind mounts, for example in `/tmp` or `/run` which would otherwise be empty.
 - `interface` defines a list of actions to perform on a network interface:
--- a/src/moby/config.go
+++ b/src/moby/config.go
@ -93,9 +93,10 @@ type Image struct {

 // Runtime is the type of config processed at runtime, not used to build the OCI spec
 type Runtime struct {
-	Mkdir      []string    `yaml:"mkdir" json:"mkdir,omitempty"`
-	Interfaces []Interface `yaml:"interfaces" json:"interfaces,omitempty"`
-	BindNS     *Namespaces `yaml:"bindNS" json:"bindNS,omitempty"`
+	Mounts     []specs.Mount `yaml:"mounts" json:"mounts,omitempty"`
+	Mkdir      []string      `yaml:"mkdir" json:"mkdir,omitempty"`
+	Interfaces []Interface   `yaml:"interfaces" json:"interfaces,omitempty"`
+	BindNS     Namespaces    `yaml:"bindNS" json:"bindNS,omitempty"`
 }

 // Namespaces is the type for configuring paths to bind namespaces
@ -727,7 +728,6 @@ func ConfigInspectToOCI(yaml Image, inspect types.ImageInspect, idMap map[string
 	sort.Sort(mountList)

 	namespaces := []specs.LinuxNamespace{}
-	// to attach to an existing namespace, easiest to bind mount with nsfs in a system container

 	// net, ipc, and uts namespaces: default to not creating a new namespace (usually host namespace)
 	netNS := assignStringEmpty3("root", label.Net, yaml.Net)
--- a/src/moby/schema.go
+++ b/src/moby/schema.go
@ -239,6 +239,7 @@ var schema = string(`
      "type": "object",
      "additionalProperties": false,
      "properties": {
+        "mounts": {"$ref": "#/definitions/mounts"},
        "mkdir": {"$ref": "#/definitions/strings"},
        "interfaces": {"$ref": "#/definitions/interfaces"},
        "bindNS": {"$ref": "#/definitions/namespaces"}