From 81c9f3116f3f646a87d0cbb8e682811ed3770693 Mon Sep 17 00:00:00 2001 From: Mrunal Patel Date: Wed, 17 May 2017 13:39:16 -0700 Subject: [PATCH] Clarify cgroups path handling behavior Signed-off-by: Mrunal Patel --- config-linux.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/config-linux.md b/config-linux.md index 7adadba62..8621f4bd5 100644 --- a/config-linux.md +++ b/config-linux.md @@ -183,13 +183,16 @@ If a `cgroupsPath` value is specified, the runtime MUST consistently attach to t Implementations of the Spec can choose to name cgroups in any manner. The Spec does not include naming schema for cgroups. The Spec does not support per-controller paths for the reasons discussed in the [cgroupv2 documentation][cgroup-v2]. -The cgroups will be created if they don't exist. -You can configure a container's cgroups via the `resources` field of the Linux configuration. -Do not specify `resources` unless limits have to be updated. +The runtime MUST create the cgroups specified by the `cgroupsPath` if they don't exist. +If `cgroupsPath` is empty, then the behavior is runtime implementation specific. + +The runtime MUST ensure that the container process is attached to the cgroups specified by `cgroupsPath`. +If any property is set under `resources` then the runtime MUST set it for the container. +Check individual properties for any specific handling. + For example, to run a new process in an existing container without updating limits, `resources` need not be specified. -Runtimes MAY attach the container process to additional cgroup controllers beyond those necessary to fulfill the `resources` settings. ### Example