runc module #15

New issue

Open

opened 2025-12-21 11:46:23 +00:00 by thabeta · 0 comments

thabeta commented

2025-12-21 11:46:23 +00:00

Owner

Low-level container runtime implementation using runc, providing OCI-compliant container execution with direct control over container lifecycle and cgroup management.

Functionality

Direct runc binary integration for container execution
Full OCI runtime specification compliance
Cgroup v1/v2 management
Process lifecycle management
Namespace management
Security features (seccomp, AppArmor, SELinux)
Checkpoint/restore support

Module API

Runc Client

RuncClient::new() -> Result<Self, RuncError> - Create client
RuncClient::with_runc_path(path: &str) -> Self - Set runc binary
RuncClient::with_systemd_cgroup() -> Self - Use systemd cgroup?
RuncClient::with_root(path: &str) -> Self - Set root directory
RuncClient::version() -> Result<VersionInfo, RuncError> - Get version
RuncClient::check_spec(&self, spec: &OCISpec) -> Result<(), RuncError> - Validate spec

Container Operations

create_container(&self, id: &str, bundle: &Path) -> Result<(), RuncError> - Create container
start_container(&self, id: &str) -> Result<(), RuncError> - Start container
delete_container(&self, id: &str, force: bool) -> Result<(), RuncError> - Delete container
kill_container(&self, id: &str, signal: Signal) -> Result<(), RuncError> - Send signal
list_containers(&self) -> Result<Vec<ContainerState>, RuncError> - List containers
state_container(&self, id: &str) -> Result<ContainerState, RuncError> - Get state

Process Operations

exec_process(&self, id: &str, process: &ProcessSpec) -> Result<ExecResult, RuncError> - Exec process
ps_container(&self, id: &str) -> Result<Vec<ProcessInfo>, RuncError> - List processes
update_container(&self, id: &str, resources: &LinuxResources) -> Result<(), RuncError> - Update resources

Checkpoint/Restore

checkpoint_container(&self, id: &str, options: &CheckpointOptions) -> Result<(), RuncError> - Checkpoint
restore_container(&self, id: &str, bundle: &Path, options: &RestoreOptions) -> Result<(), RuncError> - Restore
list_checkpoints(&self, id: &str) -> Result<Vec<CheckpointInfo>, RuncError> - List checkpoints

Event Handling

events(&self) -> Result<EventStream, RuncError> - Stream events
subscribe_events(&self, filters: EventFilters) -> Result<EventStream, RuncError> - Subscribe to events

Cgroup Management

create_cgroup(&self, path: &str, config: CgroupConfig) -> Result<(), RuncError> - Create cgroup
delete_cgroup(&self, path: &str) -> Result<(), RuncError> - Delete cgroup
get_cgroup_stats(&self, path: &str) -> Result<CgroupStats, RuncError> - Get stats
update_cgroup(&self, path: &str, config: CgroupConfig) -> Result<(), RuncError> - Update cgroup

Low-level container runtime implementation using runc, providing OCI-compliant container execution with direct control over container lifecycle and cgroup management. ## Functionality - Direct runc binary integration for container execution - Full OCI runtime specification compliance - Cgroup v1/v2 management - Process lifecycle management - Namespace management - Security features (seccomp, AppArmor, SELinux) - Checkpoint/restore support ## Module API ### Runc Client - `RuncClient::new() -> Result<Self, RuncError>` - Create client - `RuncClient::with_runc_path(path: &str) -> Self` - Set runc binary - `RuncClient::with_systemd_cgroup() -> Self` - Use systemd cgroup? - `RuncClient::with_root(path: &str) -> Self` - Set root directory - `RuncClient::version() -> Result<VersionInfo, RuncError>` - Get version - `RuncClient::check_spec(&self, spec: &OCISpec) -> Result<(), RuncError>` - Validate spec ### Container Operations - `create_container(&self, id: &str, bundle: &Path) -> Result<(), RuncError>` - Create container - `start_container(&self, id: &str) -> Result<(), RuncError>` - Start container - `delete_container(&self, id: &str, force: bool) -> Result<(), RuncError>` - Delete container - `kill_container(&self, id: &str, signal: Signal) -> Result<(), RuncError>` - Send signal - `list_containers(&self) -> Result<Vec<ContainerState>, RuncError>` - List containers - `state_container(&self, id: &str) -> Result<ContainerState, RuncError>` - Get state ### Process Operations - `exec_process(&self, id: &str, process: &ProcessSpec) -> Result<ExecResult, RuncError>` - Exec process - `ps_container(&self, id: &str) -> Result<Vec<ProcessInfo>, RuncError>` - List processes - `update_container(&self, id: &str, resources: &LinuxResources) -> Result<(), RuncError>` - Update resources ### Checkpoint/Restore - `checkpoint_container(&self, id: &str, options: &CheckpointOptions) -> Result<(), RuncError>` - Checkpoint - `restore_container(&self, id: &str, bundle: &Path, options: &RestoreOptions) -> Result<(), RuncError>` - Restore - `list_checkpoints(&self, id: &str) -> Result<Vec<CheckpointInfo>, RuncError>` - List checkpoints ### Event Handling - `events(&self) -> Result<EventStream, RuncError>` - Stream events - `subscribe_events(&self, filters: EventFilters) -> Result<EventStream, RuncError>` - Subscribe to events ### Cgroup Management - `create_cgroup(&self, path: &str, config: CgroupConfig) -> Result<(), RuncError>` - Create cgroup - `delete_cgroup(&self, path: &str) -> Result<(), RuncError>` - Delete cgroup - `get_cgroup_stats(&self, path: &str) -> Result<CgroupStats, RuncError>` - Get stats - `update_cgroup(&self, path: &str, config: CgroupConfig) -> Result<(), RuncError>` - Update cgroup

despiegk added this to the later milestone

2025-12-21 20:40:19 +00:00

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

geomind_research/herolib_rust#15

No description provided.

Rows
Columns