mirror/youki
1
0
Fork 0
mirror of https://github.com/containers/youki synced 2024-11-23 17:32:15 +01:00
Code Issues
f2d95ca41c
youki/MirgationGuide.md
Eric Fang 5f3f4ce82f
move the validation logic into executor (#2258) 
* move the validation logic into executor

To allow more flexibility for the executor, we move the validate logic into the executor.
The validate runs in the `create` step before workloads are executed.
Instead of implementing the validation in the `exec`, to maintain
backward competiability, we have to introduce an extra step. The exec is
too late to fail if the spec is not validated.

Signed-off-by: yihuaf <yihuaf@unkies.org>

* Update the migration guide

Signed-off-by: yihuaf <yihuaf@unkies.org>

* Add a comment explaining when the validate step runs.

Signed-off-by: yihuaf <yihuaf@unkies.org>

* Implement different error types for validate

Signed-off-by: yihuaf <yihuaf@unkies.org>

---------

Signed-off-by: yihuaf <yihuaf@unkies.org>
2023-08-22 21:59:15 +09:00

1.4 KiB
Raw Blame History

Migration Guide

This contains information for migrating library versions.

V0.1.0 -> v0.2.0

libcontainer

  • The Rootless struct has been re-named as UserNamespaceConfig , RootlessIDMapper has been re-named to UserNamespaceIDMapper , and correspondingly the RootlessError has been re-named to UserNamespaceError . This is due to the fact that the structure was to be used for containers when a new user namespace is to be created, and that is not strictly only for rootless uses. Accordingly, the fields of various structs has been updated to reflect this change :

    • rootless (module name) -> user_ns
    • Rootless::rootless_id_mapper -> UserNamespaceConfig::id_mapper
    • LibcontainerError::Rootless -> LibcontainerError::UserNamespace
    • ContainerBuilderImpl::rootless -> ContainerBuilderImpl::user_ns_config
    • ContainerArgs::rootless -> ContainerArgs::user_ns_config

  • Changes that will occur for properly running in rootless mode : TODO (@YJDoc2)

  • Executor now contains 2 methods for implementation. We introduce a validate step in addition to execute. The validate should validate the input OCI spec. The step runs after all the namespaces are entered and rootfs is pivoted.

  • Executor is now composible instead of an array of executor. To implement multiple executor, create a new executor that runs all the executor. The users are now in control of how multiple executor are run.