diff --git a/README.md b/README.md index 132859709..8d1f244c7 100644 --- a/README.md +++ b/README.md @@ -34,14 +34,9 @@ To provide context for users the following section gives example use cases for e #### Application Bundle Builders Application bundle builders can create a [bundle](bundle.md) directory that includes all of the files required for launching an application as a container. -The bundle contains an OCI [configuration file](config.md) where the builder can specify host-independent details such as [which executable to launch](config.md#process-configuration) and host-specific settings such as [mount](config.md#mounts) locations, [hook](config.md#hooks) paths, Linux [namespaces](config-linux.md#namespaces) and [cgroups](config-linux.md#control-groups). +The bundle contains an OCI [configuration file](config.md) where the builder can specify host-independent details such as [which executable to launch](config.md#process-configuration) and host-specific settings such as [mount](config.md#mounts) locations, Linux [namespaces](config-linux.md#namespaces) and [cgroups](config-linux.md#control-groups). Because the configuration includes host-specific settings, application bundle directories copied between two hosts may require configuration adjustments. -#### Hook Developers - -[Hook](config.md#hooks) developers can extend the functionality of an OCI-compliant runtime by hooking into a container's lifecycle with an external application. -Example use cases include sophisticated network configuration, volume garbage collection, etc. - #### Runtime Developers Runtime developers can build runtime implementations that run OCI-compliant bundles and container configuration, containing low-level OS and host specific details, on a particular platform. diff --git a/ROADMAP.md b/ROADMAP.md index 89e5a4996..a330137c1 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -45,11 +45,3 @@ Systems: * Linux *Owner:* robdolinms as lead coordinator - -### Full Lifecycle Hooks - -Ensure that we have lifecycle hooks in the correct places with full coverage over the container lifecycle. - -Will probably go away with Vish's work on splitting create and start, and if we have exec. - -*Owner:* diff --git a/config.md b/config.md index 1a551435c..2c21648b5 100644 --- a/config.md +++ b/config.md @@ -245,76 +245,6 @@ _Note: For Solaris, uid and gid specify the uid and gid of the process inside th } ``` -## Hooks - -Lifecycle hooks allow custom events for different points in a container's runtime. -Presently there are `Prestart`, `Poststart` and `Poststop`. - -* [`Prestart`](#prestart) is a list of hooks to be run before the container process is executed -* [`Poststart`](#poststart) is a list of hooks to be run immediately after the container process is started -* [`Poststop`](#poststop) is a list of hooks to be run after the container process exits - -Hooks allow one to run code before/after various lifecycle events of the container. -Hooks MUST be called in the listed order. -The state of the container is passed to the hooks over stdin, so the hooks could get the information they need to do their work. - -Hook paths are absolute and are executed from the host's filesystem in the [runtime namespace][runtime-namespace]. - -### Prestart - -The pre-start hooks are called after the container process is spawned, but before the user supplied command is executed. -They are called after the container namespaces are created on Linux, so they provide an opportunity to customize the container. -In Linux, for e.g., the network namespace could be configured in this hook. - -If a hook returns a non-zero exit code, then an error including the exit code and the stderr is returned to the caller and the container is torn down. - -### Poststart - -The post-start hooks are called after the user process is started. -For example this hook can notify user that real process is spawned. - -If a hook returns a non-zero exit code, then an error is logged and the remaining hooks are executed. - -### Poststop - -The post-stop hooks are called after the container process is stopped. -Cleanup or debugging could be performed in such a hook. -If a hook returns a non-zero exit code, then an error is logged and the remaining hooks are executed. - -### Example - -```json - "hooks" : { - "prestart": [ - { - "path": "/usr/bin/fix-mounts", - "args": ["fix-mounts", "arg1", "arg2"], - "env": [ "key1=value1"] - }, - { - "path": "/usr/bin/setup-network" - } - ], - "poststart": [ - { - "path": "/usr/bin/notify-start", - "timeout": 5 - } - ], - "poststop": [ - { - "path": "/usr/sbin/cleanup.sh", - "args": ["cleanup.sh", "-f"] - } - ] - } -``` - -`path` is required for a hook. -`args` and `env` are optional. -`timeout` is the number of seconds before aborting the hook. -The semantics are the same as `Path`, `Args` and `Env` in [golang Cmd](https://golang.org/pkg/os/exec/#Cmd). - ## Annotations This OPTIONAL property contains arbitrary metadata for the container. @@ -458,39 +388,6 @@ Here is a full example `config.json` for reference. ] } ], - "hooks": { - "prestart": [ - { - "path": "/usr/bin/fix-mounts", - "args": [ - "fix-mounts", - "arg1", - "arg2" - ], - "env": [ - "key1=value1" - ] - }, - { - "path": "/usr/bin/setup-network" - } - ], - "poststart": [ - { - "path": "/usr/bin/notify-start", - "timeout": 5 - } - ], - "poststop": [ - { - "path": "/usr/sbin/cleanup.sh", - "args": [ - "cleanup.sh", - "-f" - ] - } - ] - }, "linux": { "devices": [ { diff --git a/runtime.md b/runtime.md index 01bdb9d5d..bb1e7d977 100644 --- a/runtime.md +++ b/runtime.md @@ -123,8 +123,3 @@ Attempting to delete a container whose process is still running MUST generate an Deleting a container MUST delete the resources that were created during the `create` step. Note that resources associated with the container, but not created by this container, MUST NOT be deleted. Once a container is deleted its ID MAY be used by a subsequent container. - - -## Hooks -Many of the operations specified in this specification have "hooks" that allow for additional actions to be taken before or after each operation. -See [runtime configuration for hooks](./config.md#hooks) for more information. diff --git a/schema/config-schema.json b/schema/config-schema.json index 351901ad0..90176d462 100644 --- a/schema/config-schema.json +++ b/schema/config-schema.json @@ -8,21 +8,6 @@ "id": "https://opencontainers.org/schema/bundle/ociVersion", "$ref": "defs.json#/definitions/ociVersion" }, - "hooks": { - "id": "https://opencontainers.org/schema/bundle/hooks", - "type": "object", - "properties": { - "prestart": { - "$ref": "defs.json#/definitions/ArrayOfHooks" - }, - "poststart": { - "$ref": "defs.json#/definitions/ArrayOfHooks" - }, - "poststop": { - "$ref": "defs.json#/definitions/ArrayOfHooks" - } - } - }, "annotations": { "$ref": "defs.json#/definitions/annotations" }, @@ -168,7 +153,6 @@ "platform", "process", "root", - "mounts", - "hooks" + "mounts" ] } diff --git a/schema/defs.json b/schema/defs.json index 329031848..9132ca09f 100644 --- a/schema/defs.json +++ b/schema/defs.json @@ -103,25 +103,6 @@ "Env": { "$ref": "#/definitions/ArrayOfStrings" }, - "Hook": { - "properties": { - "path": { - "$ref": "#/definitions/FilePath" - }, - "args": { - "$ref": "#/definitions/ArrayOfStrings" - }, - "env": { - "$ref": "#/definitions/Env" - } - } - }, - "ArrayOfHooks": { - "type": "array", - "items": { - "$ref": "#/definitions/Hook" - } - }, "IDMapping": { "properties": { "hostID": { diff --git a/specs-go/config.go b/specs-go/config.go index 4a1612264..d7539eadb 100644 --- a/specs-go/config.go +++ b/specs-go/config.go @@ -16,8 +16,6 @@ type Spec struct { Hostname string `json:"hostname,omitempty"` // Mounts profile configuration for adding mounts to the container's filesystem. Mounts []Mount `json:"mounts,omitempty"` - // Hooks are the commands run at various lifecycle events of the container. - Hooks Hooks `json:"hooks"` // Annotations is an unstructured key value map that may be set by external tools to store and retrieve arbitrary metadata. Annotations map[string]string `json:"annotations,omitempty"` @@ -94,25 +92,6 @@ type Mount struct { Options []string `json:"options,omitempty"` } -// Hook specifies a command that is run at a particular event in the lifecycle of a container -type Hook struct { - Path string `json:"path"` - Args []string `json:"args,omitempty"` - Env []string `json:"env,omitempty"` - Timeout *int `json:"timeout,omitempty"` -} - -// Hooks for container setup and teardown -type Hooks struct { - // Prestart is a list of hooks to be run before the container process is executed. - // On Linux, they are run after the container namespaces are created. - Prestart []Hook `json:"prestart,omitempty"` - // Poststart is a list of hooks to be run after the container process is started. - Poststart []Hook `json:"poststart,omitempty"` - // Poststop is a list of hooks to be run after the container process exits. - Poststop []Hook `json:"poststop,omitempty"` -} - // Linux contains platform specific configuration for Linux based containers. type Linux struct { // UIDMapping specifies user mappings for supporting user namespaces on Linux.