Browse code
Update container.json and readme Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Michael Crosby authored on 2014/04/12 00:44:11Showing 2 changed files
| ... | ... |
@@ -16,76 +16,149 @@ process are specified in this file. The configuration is used for each process |
| 16 | 16 |
Sample `container.json` file: |
| 17 | 17 |
```json |
| 18 | 18 |
{
|
| 19 |
- "hostname" : "koye", |
|
| 20 |
- "networks" : [ |
|
| 19 |
+ "mounts" : [ |
|
| 21 | 20 |
{
|
| 22 |
- "gateway" : "172.17.42.1", |
|
| 23 |
- "context" : {
|
|
| 24 |
- "bridge" : "docker0", |
|
| 25 |
- "prefix" : "veth" |
|
| 26 |
- }, |
|
| 27 |
- "address" : "172.17.0.2/16", |
|
| 28 |
- "type" : "veth", |
|
| 29 |
- "mtu" : 1500 |
|
| 21 |
+ "type" : "devtmpfs" |
|
| 30 | 22 |
} |
| 31 | 23 |
], |
| 32 |
- "cgroups" : {
|
|
| 33 |
- "parent" : "docker", |
|
| 34 |
- "name" : "11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620" |
|
| 35 |
- }, |
|
| 36 | 24 |
"tty" : true, |
| 37 | 25 |
"environment" : [ |
| 38 | 26 |
"HOME=/", |
| 39 |
- "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", |
|
| 40 |
- "HOSTNAME=11bb30683fb0", |
|
| 41 |
- "TERM=xterm" |
|
| 42 |
- ], |
|
| 43 |
- "capabilities_mask" : [ |
|
| 44 |
- "SETPCAP", |
|
| 45 |
- "SYS_MODULE", |
|
| 46 |
- "SYS_RAWIO", |
|
| 47 |
- "SYS_PACCT", |
|
| 48 |
- "SYS_ADMIN", |
|
| 49 |
- "SYS_NICE", |
|
| 50 |
- "SYS_RESOURCE", |
|
| 51 |
- "SYS_TIME", |
|
| 52 |
- "SYS_TTY_CONFIG", |
|
| 53 |
- "MKNOD", |
|
| 54 |
- "AUDIT_WRITE", |
|
| 55 |
- "AUDIT_CONTROL", |
|
| 56 |
- "MAC_OVERRIDE", |
|
| 57 |
- "MAC_ADMIN", |
|
| 58 |
- "NET_ADMIN" |
|
| 27 |
+ "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin", |
|
| 28 |
+ "container=docker", |
|
| 29 |
+ "TERM=xterm-256color" |
|
| 59 | 30 |
], |
| 60 |
- "context" : {
|
|
| 61 |
- "apparmor_profile" : "docker-default" |
|
| 31 |
+ "hostname" : "koye", |
|
| 32 |
+ "cgroups" : {
|
|
| 33 |
+ "parent" : "docker", |
|
| 34 |
+ "name" : "docker-koye" |
|
| 62 | 35 |
}, |
| 63 |
- "mounts" : [ |
|
| 36 |
+ "capabilities_mask" : [ |
|
| 37 |
+ {
|
|
| 38 |
+ "value" : 8, |
|
| 39 |
+ "key" : "SETPCAP", |
|
| 40 |
+ "enabled" : false |
|
| 41 |
+ }, |
|
| 42 |
+ {
|
|
| 43 |
+ "enabled" : false, |
|
| 44 |
+ "value" : 16, |
|
| 45 |
+ "key" : "SYS_MODULE" |
|
| 46 |
+ }, |
|
| 47 |
+ {
|
|
| 48 |
+ "value" : 17, |
|
| 49 |
+ "key" : "SYS_RAWIO", |
|
| 50 |
+ "enabled" : false |
|
| 51 |
+ }, |
|
| 52 |
+ {
|
|
| 53 |
+ "key" : "SYS_PACCT", |
|
| 54 |
+ "value" : 20, |
|
| 55 |
+ "enabled" : false |
|
| 56 |
+ }, |
|
| 57 |
+ {
|
|
| 58 |
+ "value" : 21, |
|
| 59 |
+ "key" : "SYS_ADMIN", |
|
| 60 |
+ "enabled" : false |
|
| 61 |
+ }, |
|
| 62 |
+ {
|
|
| 63 |
+ "value" : 23, |
|
| 64 |
+ "key" : "SYS_NICE", |
|
| 65 |
+ "enabled" : false |
|
| 66 |
+ }, |
|
| 67 |
+ {
|
|
| 68 |
+ "value" : 24, |
|
| 69 |
+ "key" : "SYS_RESOURCE", |
|
| 70 |
+ "enabled" : false |
|
| 71 |
+ }, |
|
| 64 | 72 |
{
|
| 65 |
- "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/resolv.conf", |
|
| 66 |
- "writable" : false, |
|
| 67 |
- "destination" : "/etc/resolv.conf", |
|
| 68 |
- "private" : true |
|
| 73 |
+ "key" : "SYS_TIME", |
|
| 74 |
+ "value" : 25, |
|
| 75 |
+ "enabled" : false |
|
| 69 | 76 |
}, |
| 70 | 77 |
{
|
| 71 |
- "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/hostname", |
|
| 72 |
- "writable" : false, |
|
| 73 |
- "destination" : "/etc/hostname", |
|
| 74 |
- "private" : true |
|
| 78 |
+ "enabled" : false, |
|
| 79 |
+ "value" : 26, |
|
| 80 |
+ "key" : "SYS_TTY_CONFIG" |
|
| 75 | 81 |
}, |
| 76 | 82 |
{
|
| 77 |
- "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/hosts", |
|
| 78 |
- "writable" : false, |
|
| 79 |
- "destination" : "/etc/hosts", |
|
| 80 |
- "private" : true |
|
| 83 |
+ "key" : "AUDIT_WRITE", |
|
| 84 |
+ "value" : 29, |
|
| 85 |
+ "enabled" : false |
|
| 86 |
+ }, |
|
| 87 |
+ {
|
|
| 88 |
+ "value" : 30, |
|
| 89 |
+ "key" : "AUDIT_CONTROL", |
|
| 90 |
+ "enabled" : false |
|
| 91 |
+ }, |
|
| 92 |
+ {
|
|
| 93 |
+ "enabled" : false, |
|
| 94 |
+ "key" : "MAC_OVERRIDE", |
|
| 95 |
+ "value" : 32 |
|
| 96 |
+ }, |
|
| 97 |
+ {
|
|
| 98 |
+ "enabled" : false, |
|
| 99 |
+ "key" : "MAC_ADMIN", |
|
| 100 |
+ "value" : 33 |
|
| 101 |
+ }, |
|
| 102 |
+ {
|
|
| 103 |
+ "key" : "NET_ADMIN", |
|
| 104 |
+ "value" : 12, |
|
| 105 |
+ "enabled" : false |
|
| 106 |
+ }, |
|
| 107 |
+ {
|
|
| 108 |
+ "value" : 27, |
|
| 109 |
+ "key" : "MKNOD", |
|
| 110 |
+ "enabled" : true |
|
| 111 |
+ } |
|
| 112 |
+ ], |
|
| 113 |
+ "networks" : [ |
|
| 114 |
+ {
|
|
| 115 |
+ "mtu" : 1500, |
|
| 116 |
+ "address" : "127.0.0.1/0", |
|
| 117 |
+ "type" : "loopback", |
|
| 118 |
+ "gateway" : "localhost" |
|
| 119 |
+ }, |
|
| 120 |
+ {
|
|
| 121 |
+ "mtu" : 1500, |
|
| 122 |
+ "address" : "172.17.42.2/16", |
|
| 123 |
+ "type" : "veth", |
|
| 124 |
+ "context" : {
|
|
| 125 |
+ "bridge" : "docker0", |
|
| 126 |
+ "prefix" : "veth" |
|
| 127 |
+ }, |
|
| 128 |
+ "gateway" : "172.17.42.1" |
|
| 81 | 129 |
} |
| 82 | 130 |
], |
| 83 | 131 |
"namespaces" : [ |
| 84 |
- "NEWNS", |
|
| 85 |
- "NEWUTS", |
|
| 86 |
- "NEWIPC", |
|
| 87 |
- "NEWPID", |
|
| 88 |
- "NEWNET" |
|
| 132 |
+ {
|
|
| 133 |
+ "key" : "NEWNS", |
|
| 134 |
+ "value" : 131072, |
|
| 135 |
+ "enabled" : true, |
|
| 136 |
+ "file" : "mnt" |
|
| 137 |
+ }, |
|
| 138 |
+ {
|
|
| 139 |
+ "key" : "NEWUTS", |
|
| 140 |
+ "value" : 67108864, |
|
| 141 |
+ "enabled" : true, |
|
| 142 |
+ "file" : "uts" |
|
| 143 |
+ }, |
|
| 144 |
+ {
|
|
| 145 |
+ "enabled" : true, |
|
| 146 |
+ "file" : "ipc", |
|
| 147 |
+ "key" : "NEWIPC", |
|
| 148 |
+ "value" : 134217728 |
|
| 149 |
+ }, |
|
| 150 |
+ {
|
|
| 151 |
+ "file" : "pid", |
|
| 152 |
+ "enabled" : true, |
|
| 153 |
+ "value" : 536870912, |
|
| 154 |
+ "key" : "NEWPID" |
|
| 155 |
+ }, |
|
| 156 |
+ {
|
|
| 157 |
+ "enabled" : true, |
|
| 158 |
+ "file" : "net", |
|
| 159 |
+ "key" : "NEWNET", |
|
| 160 |
+ "value" : 1073741824 |
|
| 161 |
+ } |
|
| 89 | 162 |
] |
| 90 | 163 |
} |
| 91 | 164 |
``` |
| ... | ... |
@@ -1,50 +1,146 @@ |
| 1 | 1 |
{
|
| 2 |
- "hostname": "koye", |
|
| 3 |
- "tty": true, |
|
| 4 |
- "environment": [ |
|
| 5 |
- "HOME=/", |
|
| 6 |
- "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin", |
|
| 7 |
- "container=docker", |
|
| 8 |
- "TERM=xterm-256color" |
|
| 9 |
- ], |
|
| 10 |
- "namespaces": [ |
|
| 11 |
- "NEWIPC", |
|
| 12 |
- "NEWNS", |
|
| 13 |
- "NEWPID", |
|
| 14 |
- "NEWUTS", |
|
| 15 |
- "NEWNET" |
|
| 16 |
- ], |
|
| 17 |
- "capabilities_mask": [ |
|
| 18 |
- "SETPCAP", |
|
| 19 |
- "SYS_MODULE", |
|
| 20 |
- "SYS_RAWIO", |
|
| 21 |
- "SYS_PACCT", |
|
| 22 |
- "SYS_ADMIN", |
|
| 23 |
- "SYS_NICE", |
|
| 24 |
- "SYS_RESOURCE", |
|
| 25 |
- "SYS_TIME", |
|
| 26 |
- "SYS_TTY_CONFIG", |
|
| 27 |
- "MKNOD", |
|
| 28 |
- "AUDIT_WRITE", |
|
| 29 |
- "AUDIT_CONTROL", |
|
| 30 |
- "MAC_OVERRIDE", |
|
| 31 |
- "MAC_ADMIN", |
|
| 32 |
- "NET_ADMIN" |
|
| 33 |
- ], |
|
| 34 |
- "networks": [{
|
|
| 35 |
- "type": "veth", |
|
| 36 |
- "context": {
|
|
| 37 |
- "bridge": "docker0", |
|
| 38 |
- "prefix": "dock" |
|
| 39 |
- }, |
|
| 40 |
- "address": "172.17.0.100/16", |
|
| 41 |
- "gateway": "172.17.42.1", |
|
| 42 |
- "mtu": 1500 |
|
| 43 |
- } |
|
| 44 |
- ], |
|
| 45 |
- "cgroups": {
|
|
| 46 |
- "name": "docker-koye", |
|
| 47 |
- "parent": "docker", |
|
| 48 |
- "memory": 5248000 |
|
| 49 |
- } |
|
| 2 |
+ "mounts" : [ |
|
| 3 |
+ {
|
|
| 4 |
+ "type" : "devtmpfs" |
|
| 5 |
+ } |
|
| 6 |
+ ], |
|
| 7 |
+ "tty" : true, |
|
| 8 |
+ "environment" : [ |
|
| 9 |
+ "HOME=/", |
|
| 10 |
+ "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin", |
|
| 11 |
+ "container=docker", |
|
| 12 |
+ "TERM=xterm-256color" |
|
| 13 |
+ ], |
|
| 14 |
+ "hostname" : "koye", |
|
| 15 |
+ "cgroups" : {
|
|
| 16 |
+ "parent" : "docker", |
|
| 17 |
+ "name" : "docker-koye" |
|
| 18 |
+ }, |
|
| 19 |
+ "capabilities_mask" : [ |
|
| 20 |
+ {
|
|
| 21 |
+ "value" : 8, |
|
| 22 |
+ "key" : "SETPCAP", |
|
| 23 |
+ "enabled" : false |
|
| 24 |
+ }, |
|
| 25 |
+ {
|
|
| 26 |
+ "enabled" : false, |
|
| 27 |
+ "value" : 16, |
|
| 28 |
+ "key" : "SYS_MODULE" |
|
| 29 |
+ }, |
|
| 30 |
+ {
|
|
| 31 |
+ "value" : 17, |
|
| 32 |
+ "key" : "SYS_RAWIO", |
|
| 33 |
+ "enabled" : false |
|
| 34 |
+ }, |
|
| 35 |
+ {
|
|
| 36 |
+ "key" : "SYS_PACCT", |
|
| 37 |
+ "value" : 20, |
|
| 38 |
+ "enabled" : false |
|
| 39 |
+ }, |
|
| 40 |
+ {
|
|
| 41 |
+ "value" : 21, |
|
| 42 |
+ "key" : "SYS_ADMIN", |
|
| 43 |
+ "enabled" : false |
|
| 44 |
+ }, |
|
| 45 |
+ {
|
|
| 46 |
+ "value" : 23, |
|
| 47 |
+ "key" : "SYS_NICE", |
|
| 48 |
+ "enabled" : false |
|
| 49 |
+ }, |
|
| 50 |
+ {
|
|
| 51 |
+ "value" : 24, |
|
| 52 |
+ "key" : "SYS_RESOURCE", |
|
| 53 |
+ "enabled" : false |
|
| 54 |
+ }, |
|
| 55 |
+ {
|
|
| 56 |
+ "key" : "SYS_TIME", |
|
| 57 |
+ "value" : 25, |
|
| 58 |
+ "enabled" : false |
|
| 59 |
+ }, |
|
| 60 |
+ {
|
|
| 61 |
+ "enabled" : false, |
|
| 62 |
+ "value" : 26, |
|
| 63 |
+ "key" : "SYS_TTY_CONFIG" |
|
| 64 |
+ }, |
|
| 65 |
+ {
|
|
| 66 |
+ "key" : "AUDIT_WRITE", |
|
| 67 |
+ "value" : 29, |
|
| 68 |
+ "enabled" : false |
|
| 69 |
+ }, |
|
| 70 |
+ {
|
|
| 71 |
+ "value" : 30, |
|
| 72 |
+ "key" : "AUDIT_CONTROL", |
|
| 73 |
+ "enabled" : false |
|
| 74 |
+ }, |
|
| 75 |
+ {
|
|
| 76 |
+ "enabled" : false, |
|
| 77 |
+ "key" : "MAC_OVERRIDE", |
|
| 78 |
+ "value" : 32 |
|
| 79 |
+ }, |
|
| 80 |
+ {
|
|
| 81 |
+ "enabled" : false, |
|
| 82 |
+ "key" : "MAC_ADMIN", |
|
| 83 |
+ "value" : 33 |
|
| 84 |
+ }, |
|
| 85 |
+ {
|
|
| 86 |
+ "key" : "NET_ADMIN", |
|
| 87 |
+ "value" : 12, |
|
| 88 |
+ "enabled" : false |
|
| 89 |
+ }, |
|
| 90 |
+ {
|
|
| 91 |
+ "value" : 27, |
|
| 92 |
+ "key" : "MKNOD", |
|
| 93 |
+ "enabled" : true |
|
| 94 |
+ } |
|
| 95 |
+ ], |
|
| 96 |
+ "networks" : [ |
|
| 97 |
+ {
|
|
| 98 |
+ "mtu" : 1500, |
|
| 99 |
+ "address" : "127.0.0.1/0", |
|
| 100 |
+ "type" : "loopback", |
|
| 101 |
+ "gateway" : "localhost" |
|
| 102 |
+ }, |
|
| 103 |
+ {
|
|
| 104 |
+ "mtu" : 1500, |
|
| 105 |
+ "address" : "172.17.42.2/16", |
|
| 106 |
+ "type" : "veth", |
|
| 107 |
+ "context" : {
|
|
| 108 |
+ "bridge" : "docker0", |
|
| 109 |
+ "prefix" : "veth" |
|
| 110 |
+ }, |
|
| 111 |
+ "gateway" : "172.17.42.1" |
|
| 112 |
+ } |
|
| 113 |
+ ], |
|
| 114 |
+ "namespaces" : [ |
|
| 115 |
+ {
|
|
| 116 |
+ "key" : "NEWNS", |
|
| 117 |
+ "value" : 131072, |
|
| 118 |
+ "enabled" : true, |
|
| 119 |
+ "file" : "mnt" |
|
| 120 |
+ }, |
|
| 121 |
+ {
|
|
| 122 |
+ "key" : "NEWUTS", |
|
| 123 |
+ "value" : 67108864, |
|
| 124 |
+ "enabled" : true, |
|
| 125 |
+ "file" : "uts" |
|
| 126 |
+ }, |
|
| 127 |
+ {
|
|
| 128 |
+ "enabled" : true, |
|
| 129 |
+ "file" : "ipc", |
|
| 130 |
+ "key" : "NEWIPC", |
|
| 131 |
+ "value" : 134217728 |
|
| 132 |
+ }, |
|
| 133 |
+ {
|
|
| 134 |
+ "file" : "pid", |
|
| 135 |
+ "enabled" : true, |
|
| 136 |
+ "value" : 536870912, |
|
| 137 |
+ "key" : "NEWPID" |
|
| 138 |
+ }, |
|
| 139 |
+ {
|
|
| 140 |
+ "enabled" : true, |
|
| 141 |
+ "file" : "net", |
|
| 142 |
+ "key" : "NEWNET", |
|
| 143 |
+ "value" : 1073741824 |
|
| 144 |
+ } |
|
| 145 |
+ ] |
|
| 50 | 146 |
} |