diff options
| author | Katharina Fey <kookie@spacekookie.de> | 2019-08-30 15:46:38 +0200 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2019-09-04 22:46:42 +0000 |
| commit | 18f7f19ce2adc6d61d73cf993cec5de89869d86a (patch) | |
| tree | 292fb06df4b4af7e861a1ac7acf2a6d903af5414 /doc | |
| parent | 43dade238f39fc3edb6c6be6d318e4f7f990f971 (diff) | |
ociTools: init
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/functions.xml | 1 | ||||
| -rw-r--r-- | doc/functions/ocitools.xml | 76 |
2 files changed, 77 insertions, 0 deletions
diff --git a/doc/functions.xml b/doc/functions.xml index 3b60f46d81d..96bd95958ea 100644 --- a/doc/functions.xml +++ b/doc/functions.xml @@ -20,4 +20,5 @@ <xi:include href="functions/appimagetools.xml" /> <xi:include href="functions/prefer-remote-fetch.xml" /> <xi:include href="functions/nix-gitignore.xml" /> + <xi:include href="functions/ocitools.xml" /> </chapter> diff --git a/doc/functions/ocitools.xml b/doc/functions/ocitools.xml new file mode 100644 index 00000000000..4500c41a34a --- /dev/null +++ b/doc/functions/ocitools.xml @@ -0,0 +1,76 @@ +<section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + xml:id="sec-pkgs-ociTools"> + <title>pkgs.ociTools</title> + + <para> + <varname>pkgs.ociTools</varname> is a set of functions for creating + containers according to the + <link xlink:href="https://github.com/opencontainers/runtime-spec">OCI + container specification v1.0.0</link>. Beyond that it makes no assumptions + about the container runner you choose to use to run the created container. + </para> + + <section xml:id="ssec-pkgs-ociTools-buildContainer"> + <title>buildContainer</title> + + <para> + This function creates a simple OCI container that runs a single command + inside of it. An OCI container consists of a <varname>config.json</varname> + and a rootfs directory.The nix store of the container will contain all + referenced dependencies of the given command. + </para> + + <para> + The parameters of <varname>buildContainer</varname> with an example value + are described below: + </para> + + <example xml:id='ex-ociTools-buildContainer'> + <title>Build Container</title> +<programlisting> +buildContainer { + cmd = with pkgs; writeScript "run.sh" '' + #!${bash}/bin/bash + ${coreutils}/bin/exec ${bash}/bin/bash + ''; <co xml:id='ex-ociTools-buildContainer-1' /> + + mounts = { + "/data" = { + type = "none"; + source = "/var/lib/mydata"; + options = [ "bind" ]; + }; + };<co xml:id='ex-ociTools-buildContainer-2' /> + + readonly = false; <co xml:id='ex-ociTools-buildContainer-3' /> +} + + </programlisting> + <calloutlist> + <callout arearefs='ex-ociTools-buildContainer-1'> + <para> + <varname>cmd</varname> specifies the program to run inside the container. + This is the only required argument for <varname>buildContainer</varname>. + All referenced packages inside the derivation will be made available + inside the container + </para> + </callout> + <callout arearefs='ex-ociTools-buildContainer-2'> + <para> + <varname>mounts</varname> specifies additional mount points chosen by the + user. By default only a minimal set of necessary filesystems are mounted + into the container (e.g procfs, cgroupfs) + </para> + </callout> + <callout arearefs='ex-ociTools-buildContainer-3'> + <para> + <varname>readonly</varname> makes the container's rootfs read-only if it is set to true. + The default value is false <literal>false</literal>. + </para> + </callout> + </calloutlist> + </example> + </section> +</section> |