489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
|
The first several lines list configurables:
* **`b`**: the path of the exported container, called the “bundle” in OCI
jargon
* **`c`**: the name of the Docker container you’re bundling up for use
with `runc`
* **`m`**: the [moby] directory, both because it’s long and because it’s
been known to change from one version of Docker to the next
* **`r`**: the path of the directory containing the bundle’s root file
system.
That last doesn’t have to be called `rootfs/`, and it doesn’t have to
live in the same directory as `config.json`, but it is conventional.
Because some OCI tools use those names as defaults, it’s best to follow
suit.
|
|
>
>
|
>
>
|
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
|
The first several lines list configurables:
* **`b`**: the path of the exported container, called the “bundle” in OCI
jargon
* **`c`**: the name of the Docker container you’re bundling up for use
with `runc`
* **`m`**: the directory holding the running machines, configurable
because:
* it’s long
* it’s been known to change from one version of Docker to the next
* you might be using [Podman](#podman)/[`crun`](#crun), so it has
to be “`/run/user/$UID/crun`” instead
* **`r`**: the path of the directory containing the bundle’s root file
system.
That last doesn’t have to be called `rootfs/`, and it doesn’t have to
live in the same directory as `config.json`, but it is conventional.
Because some OCI tools use those names as defaults, it’s best to follow
suit.
|
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
|
container bundle is small, it’s simpler to re-copy and unpack it
fresh each time.
I point that out because it might ask for your password twice: once for
the local sudo command, and once for the remote.
The default for the **`b`** variable is the convention for systemd based
machines, which will play into the [`nspawn`][sdnsp] alternative below.
Even if you aren’t using `nspawn`, it’s a reasonable place to put
containers under the [Linux FHS rules][LFHS].
[ctrd]: https://containerd.io/
[ecg]: https://github.com/opencontainers/runc/pull/3131
[LFHS]: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
[jq]: https://stedolan.github.io/jq/
[moby]: https://github.com/moby/moby
|
|
<
|
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
|
container bundle is small, it’s simpler to re-copy and unpack it
fresh each time.
I point that out because it might ask for your password twice: once for
the local sudo command, and once for the remote.
The default for the **`b`** variable is the convention for systemd based
machines, which will play into the [`nspawn` alternative below][sdnsp].
Even if you aren’t using `nspawn`, it’s a reasonable place to put
containers under the [Linux FHS rules][LFHS].
[ctrd]: https://containerd.io/
[ecg]: https://github.com/opencontainers/runc/pull/3131
[LFHS]: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
[jq]: https://stedolan.github.io/jq/
[sdnsp]: #nspawn
[runc]: https://github.com/opencontainers/runc
### <a id="podman"></a>Podman
Although your humble author claims the `runc` methods above are not
|