-
Notifications
You must be signed in to change notification settings - Fork 59
Limitations
Contents
This is still early code and the OCI standard has not yet reached version 1.0.0, hence there are a few feature gaps, cc-oci-runtime currently works with all the 1.0.0 release candidates.
The page documents those gaps, all of which are being worked on.
Basic Networking within the Clear Container is available:
$ sudo docker run -it --net=bridge $image
Or simply:
$ sudo docker run -it $image
$ sudo docker run -it --net=none $image
--net=host
- Doesn't make immediate sense when using a VM. It may be possible to "fake it" well enough for some use cases in the future (#81).
--net=containers
- We don't support "joining" an already existing VM at the moment (#82)
The current OCI runtime doesn't support adding networks to an already running container using docker network connect. We currently only setup the VM network configuration with what is defined by the CNM plugin at startup time. It would be possible to watch the networking namespace to discover and propagate new networks at runtime but it's not implemented today (tracked in issue #388).
OCI Annotations are not currently exposed inside the Clear Container.
Although the runtime provides stub implementations of these commands, this is currently purely to satisfy Docker - the commands do NOT save/restore the state of the Clear Container.
When running the runtime in standalone mode with the console set to the current terminal as:
cc-oci-runtime create --bundle "$bundle_dir" --console $(tty) --pid-file "$pidfile" "$name"
causes any sudo operations in the terminal to fail later after the container has finished execution.
When a container is created the guest memory and CPU configuration is fixed:
- Memory: 2GB
- CPUs: cpus=2,sockets=1,cores=2,threads=1
This default configuration is defined in the file data/hypervisor.args .
Hence, the following items are not supported:
- Unconstrained memory and CPU containers
- docker run -m MEMORY is not supported
- docker run --cpus= is not supported
- docker update
- Run containers under VMware* is not supported. See https://github.com/01org/cc-oci-runtime/issues/666
- Run containers under Hyper-V* is not supported. See https://github.com/01org/cc-oci-runtime/issues/1053
A complete list of functionality gaps can be found by running the report below: