feat: Add ShmSize, Sysctl and Runtime option (runfinch#235)

* feat: Add ShmSize, Sysctl and Runtime option

Signed-off-by: Arjun Raja Yogidas <[email protected]>

Author: coderbirju

api/handlers/container/create.go

@@ -179,6 +179,20 @@ func (h *handler) create(w http.ResponseWriter, r *http.Request) {
 	if req.HostConfig.GroupAdd != nil {
 		groupAdd = req.HostConfig.GroupAdd
 	}
+	sysctl := []string{}
+	if req.HostConfig.Sysctls != nil {
+		sysctl = translateSysctls(req.HostConfig.Sysctls)
+	}
+
+	shmSize := ""
+	if req.HostConfig.ShmSize > 0 {
+		shmSize = fmt.Sprint(req.HostConfig.ShmSize)
+	}
+
+	runtime := defaults.Runtime
+	if req.HostConfig.Runtime != "" {
+		runtime = req.HostConfig.Runtime
+	}
 
 	globalOpt := ncTypes.GlobalCommandOptions(*h.Config)
 	createOpt := ncTypes.ContainerCreateOptions{
@@ -228,6 +242,7 @@ func (h *handler) create(w http.ResponseWriter, r *http.Request) {
 		BlkioDeviceReadIOps:  throttleDevicesToStrings(req.HostConfig.BlkioDeviceReadIOps),
 		BlkioDeviceWriteIOps: throttleDevicesToStrings(req.HostConfig.BlkioDeviceWriteIOps),
 		IPC:                  req.HostConfig.IpcMode, // IPC namespace to use
+		ShmSize:              shmSize,
 		// #endregion
 
 		// #region for user flags
@@ -242,7 +257,8 @@ func (h *handler) create(w http.ResponseWriter, r *http.Request) {
 		Privileged:  req.HostConfig.Privileged,
 		// #endregion
 		// #region for runtime flags
-		Runtime: defaults.Runtime, // nerdctl default.
+		Runtime: runtime, // Runtime to use for this container, e.g. "crun", or "io.containerd.runc.v2".
+		Sysctl:  sysctl,
 		// #endregion
 
 		// #region for volume flags
@@ -392,3 +408,16 @@ func throttleDevicesToStrings(devices []*blkiodev.ThrottleDevice) []string {
 	}
 	return strings
 }
+
+// translateSysctls converts a map of sysctls to a slice of strings in the format "KEY=VALUE".
+func translateSysctls(sysctls map[string]string) []string {
+	if sysctls == nil {
+		return nil
+	}
+
+	var result []string
+	for key, val := range sysctls {
+		result = append(result, fmt.Sprintf("%s=%s", key, val))
+	}
+	return result
+}

api/handlers/container/create_test.go

@@ -880,6 +880,31 @@ var _ = Describe("Container Create API ", func() {
 			Expect(rr.Body).Should(MatchJSON(jsonResponse))
 		})
 
+		It("should set ShmSize, Sysctl and Runtime option", func() {
+			body := []byte(`{
+				"Image": "test-image",
+				"HostConfig": {
+					"Sysctls": { "net.ipv4.ip_forward": "1" },
+					"ShmSize": 302348,
+					"Runtime": "crun"
+				}
+			}`)
+			req, _ := http.NewRequest(http.MethodPost, "/containers/create", bytes.NewReader(body))
+
+			// expected create options
+			createOpt.ShmSize = "302348"
+			createOpt.Sysctl = []string{"net.ipv4.ip_forward=1"}
+			createOpt.Runtime = "crun"
+
+			service.EXPECT().Create(gomock.Any(), "test-image", nil, equalTo(createOpt), equalTo(netOpt)).Return(
+				cid, nil)
+
+			// handler should return success message with 201 status code.
+			h.create(rr, req)
+			Expect(rr).Should(HaveHTTPStatus(http.StatusCreated))
+			Expect(rr.Body).Should(MatchJSON(jsonResponse))
+		})
+
 		Context("translate port mappings", func() {
 			It("should return empty if port mappings is nil", func() {
 				Expect(translatePortMappings(nil)).Should(BeEmpty())
@@ -1060,6 +1085,7 @@ func getDefaultCreateOpt(conf config.Config) types.ContainerCreateOptions {
 
 		// #region for runtime flags
 		Runtime: defaults.Runtime, // nerdctl default.
+		Sysctl:  []string{},
 		// #endregion
 
 		// #region for volume flags

api/types/container_types.go

@@ -92,9 +92,9 @@ type ContainerHostConfig struct {
 	// TODO: SecurityOpt []string          // List of string values to customize labels for MLS systems, such as SELinux. (["key=value"])
 	Tmpfs   map[string]string `json:",omitempty"` // List of tmpfs (mounts) used for the container
 	UTSMode string            // UTS namespace to use for the container
-	// TODO: ShmSize int64             // Size of /dev/shm in bytes. The size must be greater than 0.
-	// TODO: Sysctls map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
-	// TODO: Runtime string            `json:",omitempty"` // Runtime to use with this container
+	ShmSize int64             // Size of /dev/shm in bytes. The size must be greater than 0.
+	Sysctls map[string]string `json:",omitempty"` // List of Namespaced sysctls used for the container
+	Runtime string            `json:",omitempty"` // Runtime to use with this container
 	// TODO: PublishAllPorts bool              // Should docker publish all exposed port for the container
 	// TODO: StorageOpt      map[string]string `json:",omitempty"` // Storage driver options per container.
 	// TODO: UsernsMode      UsernsMode        // The user namespace to use for the container

e2e/tests/container_create.go

@@ -1265,6 +1265,96 @@ func ContainerCreate(opt *option.Option) {
 			}
 			Expect(foundAllowAllDevices).Should(BeTrue())
 		})
+
+		It("should create a container with specified ShmSize", func() {
+			// Define options
+			options.Cmd = []string{"sleep", "Infinity"}
+			options.HostConfig.ShmSize = 134217728 // 128MB
+
+			// Create container
+			statusCode, ctr := createContainer(uClient, url, testContainerName, options)
+			Expect(statusCode).Should(Equal(http.StatusCreated))
+			Expect(ctr.ID).ShouldNot(BeEmpty())
+
+			// Start container
+			command.Run(opt, "start", testContainerName)
+
+			// Inspect container using Docker-compatible format
+			resp := command.Stdout(opt, "inspect", testContainerName)
+			var inspect []*dockercompat.Container
+			err := json.Unmarshal(resp, &inspect)
+			Expect(err).Should(BeNil())
+			Expect(inspect).Should(HaveLen(1))
+
+			// Verify ShmSize in HostConfig
+			Expect(inspect[0].HostConfig.ShmSize).Should(Equal(options.HostConfig.ShmSize))
+		})
+
+		It("should create a container with specified Sysctls", func() {
+			// Define options
+			options.Cmd = []string{"sleep", "Infinity"}
+			options.HostConfig.Sysctls = map[string]string{
+				"net.ipv4.ip_forward": "1",
+				"kernel.msgmax":       "65536",
+			}
+
+			// Create container
+			statusCode, ctr := createContainer(uClient, url, testContainerName, options)
+			Expect(statusCode).Should(Equal(http.StatusCreated))
+			Expect(ctr.ID).ShouldNot(BeEmpty())
+
+			// Start container
+			command.Run(opt, "start", testContainerName)
+
+			// Verify sysctls using native inspect
+			nativeResp := command.Stdout(opt, "inspect", "--mode=native", testContainerName)
+			var nativeInspect []map[string]interface{}
+			err := json.Unmarshal(nativeResp, &nativeInspect)
+			Expect(err).Should(BeNil())
+			Expect(nativeInspect).Should(HaveLen(1))
+
+			// Navigate to the sysctls section
+			spec, ok := nativeInspect[0]["Spec"].(map[string]interface{})
+			Expect(ok).Should(BeTrue())
+			linux, ok := spec["linux"].(map[string]interface{})
+			Expect(ok).Should(BeTrue())
+			sysctls, ok := linux["sysctl"].(map[string]interface{})
+			Expect(ok).Should(BeTrue())
+
+			// Verify sysctl values
+			Expect(sysctls["net.ipv4.ip_forward"]).Should(Equal("1"))
+			Expect(sysctls["kernel.msgmax"]).Should(Equal("65536"))
+		})
+
+		It("should create a container with specified Runtime", func() {
+			// Define options
+			options.Cmd = []string{"sleep", "Infinity"}
+			options.HostConfig.Runtime = "io.containerd.runc.v2"
+
+			// Create container
+			statusCode, ctr := createContainer(uClient, url, testContainerName, options)
+			Expect(statusCode).Should(Equal(http.StatusCreated))
+			Expect(ctr.ID).ShouldNot(BeEmpty())
+
+			// Start container
+			command.Run(opt, "start", testContainerName)
+
+			// Verify runtime using native inspect
+			nativeResp := command.Stdout(opt, "inspect", "--mode=native", testContainerName)
+			var nativeInspect []map[string]interface{}
+			err := json.Unmarshal(nativeResp, &nativeInspect)
+			Expect(err).Should(BeNil())
+			Expect(nativeInspect).Should(HaveLen(1))
+
+			// Navigate to the Runtime section
+			runtime, ok := nativeInspect[0]["Runtime"].(map[string]interface{})
+			Expect(ok).Should(BeTrue())
+
+			// Verify runtime name
+			runtimeName, ok := runtime["Name"].(string)
+			Expect(ok).Should(BeTrue())
+			Expect(runtimeName).Should(Equal(options.HostConfig.Runtime))
+		})
 	})
 }