Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

specs-go/config: add keyring support #1112

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Commits on Aug 3, 2021

  1. specs-go/config: add keyring support

    Currently, with `runc` we have a special cmdline flag `--no-new-keyring`
    for `runc run` that enables/disables the creation of a new kernel
    keyring. The main reason we have the option is that older kernels had
    issues with allocating a lot of keyrings (so in order to run containers
    on old kernels you need to disable the creation of a new keyring).
    
    This patch adds keyring support into part of the OCI spec which allows
    managers to drive this behavior in a runtime-agnostic way and helps make
    swapping in other runtimes easier.
    
    Fixes opencontainers#754
    Fixes opencontainers#950
    
    Signed-off-by: Kailun Qin <[email protected]>
    kailun-qin committed Aug 3, 2021
    Configuration menu
    Copy the full SHA
    0a35229 View commit details
    Browse the repository at this point in the history
  2. Update keyring support docs

    Signed-off-by: Kailun Qin <[email protected]>
    kailun-qin committed Aug 3, 2021
    Configuration menu
    Copy the full SHA
    fa28902 View commit details
    Browse the repository at this point in the history