The patch adds mount namespace for the container. Without the patch
when we destroy the container, there still have mountinfo for the
container. This is one workaroud for runC bug. If the mount namespace
is disabled, when try to mount host "/" to container "/", there will
cause the issue. Detail discussion as following link.
"https://groups.google.com/a/opencontainers.org/forum/#!searchin/
dev/mount$20namespace%7Csort:date/dev/p10bq-kXODk/obkqBRdxCQAJ"
After enable mount namespace, some small performance imapcts for
specific mediator, likes USB. Will keep monitor runc community,
and revert this patch once related runc patches get integrated.
Tracked-On: #2020
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The patch changes runC container's default rootfs directory. In the patch
change the rootfs to runC bundle's parent directory. Because in ACRN we map
SOS rootfs to container so the rootfs is an empty directory, after move it to
parent directory all the container can share the same rootfs.
Tracked-On: #2020
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yu Wang <yu1.wang@intel.com>
The patch adds more Linux capabilities for runC container. In ACRN runC
we will map native root directory to the container, when we launch UOS from
container it need more Linux capabilities to operate dev node. So add the
capabilities in runC configuration file.
Tracked-On: #2020
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yu Wang <yu1.wang@intel.com>
Change the default runC container start application to sh which will be
modified by launch_uos.sh during UOS boot. And the replacement is the
parameter set by "acrnctl add" command.
Tracked-On: #2020
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yu Wang <yu1.wang@intel.com>
This patch adds the runC container config file, we will run acrn-dm
in runC container, and set acrn QoS parameters based on runC.
In the config file we mount SOS root directory to the container and
disable network/mount/ipc namespace.
Tracked-On: projectacrn/acrn-hypervisor#2020
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Long Liu