Coder Social home page Coder Social logo

Comments (6)

philips avatar philips commented on June 14, 2024

That is great question. My interpretation is that readonlyRootfs means it is mounted RO and nothing is writeable, writes will fail.

from runtime-spec.

philips avatar philips commented on June 14, 2024

@chanezon wrote the original spec, so what was the thought with readonlyRootfs. Perhaps @crosbymichael knows too.

from runtime-spec.

wking avatar wking commented on June 14, 2024

On Thu, Jun 25, 2015 at 01:01:42PM -0700, Brandon Philips wrote:

My interpretation is that readonlyRootfs means it is mounted RO and
nothing is writeable, writes will fail.

That was my interpretation too. If you want the CoW semantics, just
copy your container before launching it and don't set readonlyRootfs.
For bonus points, using something like btrfs' snapshots for this
initial copy will mean you get to share unaltered blocks between your
copy and the original.

That said, I agree that disambiguation is good, and “mounted
read-only” is pretty unambiguous ;).

from runtime-spec.

thecloudtaylor avatar thecloudtaylor commented on June 14, 2024

Makes since, I'll try to disambiguate. Is this a feature utilized commonly today? Windows does not support booting/running the OS from read-only volumes so this would have to be a platform split at least for now.

from runtime-spec.

wking avatar wking commented on June 14, 2024

On Thu, Jun 25, 2015 at 03:32:56PM -0700, Taylor Brown wrote:

Is this a feature utilized commonly today?

I don't know how to get a number for that, but the ability to do this
in Docker landed in 1.5 1, and the associated PR
(moby/moby#10093) references moby/moby#7923 (“Fedora has
supported the concept of a readonly root for a long time…). The other
referenced issues (moby/moby#2710 and moby/moby#8752) seem to
be more focused on the general ideas of increased security and the
fact that you'll fail early if your application tries to store
information in a volume that you don't intend to save.

from runtime-spec.

thecloudtaylor avatar thecloudtaylor commented on June 14, 2024

Interesting, seems like the initial conversation was skeptical on it's usefulness but I do like the idea of it interims of failing deterministically if the process tires to write outside of the intended/defined scope. I submitted #25 to try and cleanup/disambiguate the content.

from runtime-spec.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.