-
Notifications
You must be signed in to change notification settings - Fork 553
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add readonly option for mount #868
Add readonly option for mount #868
Conversation
config.md
Outdated
@@ -79,6 +79,7 @@ For Solaris, the mount entry corresponds to the 'fs' resource in the [zonecfg(1M | |||
* **`options`** (array of strings, OPTIONAL) Mount options of the filesystem to be used. | |||
* Linux: supported options are listed in the [mount(8)][mount.8] man page. Note both [filesystem-independent][mount.8-filesystem-independent] and [filesystem-specific][mount.8-filesystem-specific] options are listed. | |||
* Solaris: corresponds to "options" of the fs resource in [zonecfg(1M)][zonecfg.1m]. | |||
* Windows: "ro" (readonly) is the only supported option for Windows. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Without any RFC 2119 wording, this wording places no compliance conditions on either runtimes or config JSON. I'd rather see wording like:
- Windows: runtimes MUST support
ro
, mounting the filesystem read-only whenro
is given.
Then:
- Windows runtimes are free to add support for additional options if they want.
- Config authors know they can rely on
ro
support in compliant Windows runtimes.
The drawback to allowing extensions is that configs that typo rp
or some such won't always fail compliance testing. You can cover that case with stricter-than-required validation (e.g the --base
level in my opencontainers/image-tools#66 proposal) though, so I don't think it's worth MUSTing configs to only use ro
.
The other platform entries for options
aren't currently great examples of this, although I hope to revive #771 if/when opencontainers/runc#1460 lands, and that would help the Linux case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@wking Should we just change the wording to be the following?
Windows: runtimes MUST support ro, mounting the filesystem read-only when ro is given.
If ro
is not a great option, is there a better replacement we should consider?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we just change the wording to be the following?
Windows: runtimes MUST support ro, mounting the filesystem read-only when ro is given.
I'd suggested backticks around the literal ro
, but other than that your line looks like my suggestion. So yes, I think that's what you should change the wording to.
If
ro
is not a great option, is there a better replacement we should consider?
I have no opinion on the value. ro
is what Linux uses for this concept, but I'm fine with Windows using whatever it likes.
PullApprove doesn't like the mismatch between author and signer (previous instance of this due to git-duet here, see also git-duet/git-duet#51).
|
@wking We have made the changes as suggested. |
@aminjam Why is this option so special that it needs to be called out specifically for windows? It seems kinda weird that we would make a big deal about it. |
@crosbymichael Windows containers are enabled by the This PR enables the end user to set that flag which gets passed through to |
@sunjayBhatia do you have a list of the supported options somewhere? |
@crosbymichael the only current possible/relevant options are here: https://github.com/Microsoft/hcsshim/blob/master/interface.go#L29-L33 We chose to supply |
On Thu, Jun 01, 2017 at 11:57:53AM -0700, Sunjay Bhatia wrote:
@crosbymichael the only current possible/relevant options are here:
https://github.com/Microsoft/hcsshim/blob/master/interface.go#L29-L33
We chose to supply `ro` because it is the only option that is
comparable to the Linux/Solaris options
With only one Windows runtime in the works, I don't see much reason to
distinguish between options defined in this spec and options which are
defined in the runtime docs. I'm fine following #814 and just making
the values implementation-defined on Windows, ideally with a stable
link to docs listing whatever the Windows runtime supports. See
similar previous discussion of making credentialSpec
implementation-defined [1].
I'm also fine if the Windows folks want to push those docs up here and
document most/all of their current options in the spec. Although then
you couldn't drop an option later without bumping the spec to 2.0, so
you'd only want to push options you are comfortable carrying for the
life of runtime-spec 1.x. But “this one is like the Linux/Solaris
options” doesn't seem like a good criterion for spec inclusion to me.
Having this spec require runtimes to support a particular option is
more useful on Linux, where there may be multiple runtimes and the
spec requirement gives config authors confidence that the option is
portable between those implementations.
[1]: #814 (comment)
|
We are working on a runtime implementation separate from I am similarly confused about why |
So windows only supports the |
On Thu, Jun 01, 2017 at 02:13:13PM -0700, Sunjay Bhatia wrote:
@wking
> With only one Windows runtime in the works
We are working on a runtime implementation separate from `docker`
And then presumably Docker would just use your implementation? Or are
they both going to be maintained in parallel, with possibly divergent
sets of mount options?
I am similarly confused about why `credentialSpec` is
"implementation defined" as that doesn't make this feel like a
"standard"
Implementation-defined values just mean you have to go to the
implementation docs to figure out what values are supported and what
they mean. If you aren't trying to write a runtime-agnostic config,
that's fine. If you are trying to write a runtime-agnostic config,
it's nice to have details in the spec about values that runtimes MUST
support. So if we expect multiple Windows runtimes with divergent
sets of mount options (not clear to me), then requiring runtime
support for critical options is a good thing to do here. Runtimes can
always extend beyond that set, and config authors can use the
extensions where they aren't concerned with portability.
|
@crosbymichael not sure how to treat those, makes sense that the spec should support them at some level and they could be things any windows runtime could support because they will be built on |
@wking Docker could use our implementation just like it uses While these projects are not connected, it would be nice to have a runtime agnostic config as you say because any runtime built for Windows will for at least now be built with the same libraries/subsystem. This field is just like other Windows fields where we have said "you have to support what |
This looks like it needs a rebase (although seems fine/sane to me). |
Signed-off-by: Amin Jamali <ajamali@pivotal.io> Signed-off-by: Mark DeLillo <mdelillo@pivotal.io>
@tianon rebased the commit on top of master |
hcsshim supports readonly option.
Signed-off-by: Amin Jamali ajamali@pivotal.io