GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → opencontainers → Runtime Tools

opencontainers / Runtime Tools

Licence: apache-2.0
OCI Runtime Tools

Programming Languages

go
31211 projects - #10 most used programming language

Labels

dockeroci

Projects that are alternatives of or similar to Runtime Tools

Image Spec
OCI Image Format
Stars: ✭ 1,851 (+652.44%)
Mutual labels:  oci
Oci Cloudnative
MuShop - Cloud Native microservices demo for Oracle Cloud Infrastructure
Stars: ✭ 147 (-40.24%)
Mutual labels:  oci
Terrier
Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of specific files according to their hashes.
Stars: ✭ 203 (-17.48%)
Mutual labels:  oci
Ignite
Ignite a Firecracker microVM
Stars: ✭ 1,954 (+694.31%)
Mutual labels:  oci
Gvisor
Application Kernel for Containers
Stars: ✭ 12,012 (+4782.93%)
Mutual labels:  oci
Image Tools
OCI Image Tooling
Stars: ✭ 167 (-32.11%)
Mutual labels:  oci
Cloudsploit
Cloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+443.9%)
Mutual labels:  oci
Containership
A simple container management platform
Stars: ✭ 241 (-2.03%)
Mutual labels:  oci
Artwork
OCI artwork and logos
Stars: ✭ 146 (-40.65%)
Mutual labels:  oci
Syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (-20.33%)
Mutual labels:  oci
Jib
🏗 Build container images for your Java applications.
Stars: ✭ 11,370 (+4521.95%)
Mutual labels:  oci
Oci Designer Toolkit
OCI designer toolKIT (OKIT) is a set of tools for enabling design, deploy and visualise OCI environments through a graphical web based interface.
Stars: ✭ 130 (-47.15%)
Mutual labels:  oci
Runtime Spec
OCI Runtime Specification
Stars: ✭ 2,316 (+841.46%)
Mutual labels:  oci
Selinux
common selinux implementation
Stars: ✭ 107 (-56.5%)
Mutual labels:  oci
Ormb
Docker for Your ML/DL Models Based on OCI Artifacts
Stars: ✭ 234 (-4.88%)
Mutual labels:  oci
Go Digest
Common digest package used across the container ecosystem
Stars: ✭ 99 (-59.76%)
Mutual labels:  oci
Orca Build
Build OCI images from Dockerfiles.
Stars: ✭ 159 (-35.37%)
Mutual labels:  oci
Ocilib
OCILIB (C and C++ Drivers for Oracle) - Open source C and C++ library for accessing Oracle databases
Stars: ✭ 245 (-0.41%)
Mutual labels:  oci
Box
A mruby-based Builder for Docker Images
Stars: ✭ 236 (-4.07%)
Mutual labels:  oci
Runtime
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
Stars: ✭ 2,103 (+754.88%)
Mutual labels:  oci
View All Similar Projects ➔

oci-runtime-tool Build Status Go Report Card

oci-runtime-tool is a collection of tools for working with the OCI runtime specification. To build from source code, runtime-tools requires Go 1.10.x or above.

Table of Contents

Additional documentation about how this group operates:

Generating an OCI runtime spec configuration files

oci-runtime-tool generate generates configuration JSON for an OCI bundle. OCI-compatible runtimes like runC expect to read the configuration from config.json.

$ oci-runtime-tool generate --output config.json
$ cat config.json
{
        "ociVersion": "0.5.0",
        …
}

Validating an OCI bundle

oci-runtime-tool validate validates an OCI bundle. The error message will be printed if the OCI bundle failed the validation procedure.

$ oci-runtime-tool generate
$ oci-runtime-tool validate
INFO[0000] Bundle validation succeeded.

Testing OCI runtimes

The runtime validation suite uses node-tap, which is packaged for some distributions (for example, it is in Debian's node-tap package). If your distribution does not package node-tap, you can install npm (for example, from Gentoo's nodejs package) and use it:

$ npm install tap

Build the validation executables:

$ make runtimetest validation-executables

Runtime validation currently only supports the OCI Runtime Command Line Interface. If we add support for alternative APIs in the future, runtime validation will gain an option to select the desired runtime API. For the command line interface, the RUNTIME option selects the runtime command (funC in the OCI Runtime Command Line Interface).

$ sudo make RUNTIME=runc localvalidation
RUNTIME=runc tap validation/pidfile.t validation/linux_cgroups_hugetlb.t validation/linux_cgroups_memory.t validation/linux_rootfs_propagation_shared.t validation/kill.t validation/create.t validation/poststart.t validation/linux_cgroups_network.t validation/poststop_fail.t validation/linux_readonly_paths.t validation/prestart_fail.t validation/hooks_stdin.t validation/default.t validation/linux_masked_paths.t validation/poststop.t validation/misc_props.t validation/prestart.t validation/poststart_fail.t validation/mounts.t validation/linux_cgroups_relative_pids.t validation/process_user.t validation/process.t validation/hooks.t validation/process_capabilities_fail.t validation/process_rlimits_fail.t validation/linux_cgroups_relative_cpus.t validation/process_rlimits.t validation/linux_cgroups_relative_blkio.t validation/linux_sysctl.t validation/linux_seccomp.t validation/linux_devices.t validation/start.t validation/linux_cgroups_pids.t validation/process_capabilities.t validation/process_oom_score_adj.t validation/linux_cgroups_relative_hugetlb.t validation/linux_cgroups_cpus.t validation/linux_cgroups_relative_memory.t validation/state.t validation/root_readonly_true.t validation/linux_cgroups_blkio.t validation/linux_rootfs_propagation_unbindable.t validation/delete.t validation/linux_cgroups_relative_network.t validation/hostname.t validation/killsig.t validation/linux_uid_mappings.t
validation/pidfile.t .failed to create the container
container_linux.go:348: starting container process caused "process_linux.go:402: container init caused \"process_linux.go:367: setting cgroup config for procHooks process caused \\\"failed to write 56892210544640 to hugetlb.1GB.limit_in_bytes: open /sys/fs/cgroup/hugetlb/cgrouptest/hugetlb.1GB.limit_in_bytes: permission denied\\\"\""
exit status 1
validation/pidfile.t .................................. 1/1 315ms
validation/linux_cgroups_hugetlb.t .................... 0/1
  not ok validation/linux_cgroups_hugetlb.t
    timeout: 30000
    file: validation/linux_cgroups_hugetlb.t
    command: validation/linux_cgroups_hugetlb.t
    args: []
    stdio:
      - 0
      - pipe
      - 2
    cwd: /…/go/src/github.com/opencontainers/runtime-tools
    exitCode: 1

validation/linux_cgroups_memory.t ..................... 9/9
validation/linux_rootfs_propagation_shared.t ...... 252/282
  not ok shared root propagation exposes "/target348456609/mount892511628/example376408222"

  Skipped: 29
     /dev/null (default device) has unconfigured permissions
…
total ........................................... 4381/4962


  4381 passing (1m)
  567 pending
  14 failing

make: *** [Makefile:44: localvalidation] Error 1

You can also run an individual test executable directly:

$ sudo RUNTIME=runc validation/default/default.t
TAP version 13
ok 1 - has expected hostname
  ---
  {
    "actual": "mrsdalloway",
    "expected": "mrsdalloway"
  }
  ...
ok 287 # SKIP linux.gidMappings not set
1..287

If you cannot install node-tap, you can probably run the test suite with another TAP consumer. For example, with prove:

$ sudo make TAP='prove -Q -j9' RUNTIME=runc VALIDATION_TESTS=validation/pidfile/pidfile.t localvalidation
RUNTIME=runc prove -Q -j9 validation/pidfile.t
All tests successful.
Files=1, Tests=1,  0 wallclock secs ( 0.01 usr  0.01 sys +  0.03 cusr  0.03 csys =  0.08 CPU)
Result: PASS
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].