Skip to content

Nasdaq/oci-injector-hook

Folders and files

NameName
Last commit message
Last commit date

Latest commit

7bb5739 · Dec 30, 2019

History

7 Commits
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 30, 2019
Dec 28, 2019
Nov 30, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019
Dec 28, 2019

Repository files navigation

oci-injector-hook

It is sometimes useful to inject platform-specific files and devices into an OCI container at runtime. Common use cases include device drivers (GPUs, network adapters, FPGAs, etc). This hook uses the POSIX-platform Hooks from the OCI Runtime Spec to inject these files into a container's rootfs before the container is started.

Supported File Types

  • Devices (not yet implemented) - Device files under /dev/
  • Directories - create directories in the container rootfs
  • Binaries - exectuable binaries
  • Libraries - library files (updates ld.so.cache)
  • Miscellaneous - ordinary files to copy in (chmod +x/ldconfig not required)

Configuration

Configurations are definied in .json files placed in the /etc/oci-injector-hook/ directory. Each configuration has an activation_flag, which indicates an environment variable that must be present in the container's environment for the hook to execute.

The activation_flag can either be the name of an environment variable (VAR) or a variable with a value (VAR=value). When a name is given the hook will run when the environment variable is present, when a variable with a value is given the hook will only run when the variable is present with the given value.

An example configuration file: /etc/oci-injector-hook/foo.json

{
  "activation_flag": "OCI_FOO",
  "devices": [ "/dev/foo" ],
  "binaries": [ "/usr/bin/runfoo" ],
  "libraries": [ "/usr/lib64/libfoo.so" ],
  "directories": [ "/etc/foo" ],
  "miscellaneous": [ "/etc/foo/config.json" ]
}

License

This project is licensed under the Apache-2.0 License

Inspiration

This project was inspired by work done in the following projects to support SolarFlare Network Adapters: