diff --git a/config.md b/config.md index 5af29d4..ffdae21 100644 --- a/config.md +++ b/config.md @@ -320,6 +320,12 @@ For Linux-based systems, the `process` object supports the following process-spe * **`period`** (uint64, OPTIONAL) represents the length of the period in nanoseconds used for determining the process runtime, used by the deadline scheduler. If not set, the runtime must use the value 0. * **`selinuxLabel`** (string, OPTIONAL) specifies the SELinux label for the process. For more information about SELinux, see [SELinux documentation][selinux]. +* **`ioPriority`** (object, OPTIONAL) configures the I/O priority settings for the container's processes within the process group. + The I/O priority settings will be automatically applied to the entire process group, affecting all processes within the container. + The following properties are available: + + * **`class`** (string, REQUIRED) specifies the I/O scheduling class. Possible values are `IOPRIO_CLASS_RT`, `IOPRIO_CLASS_BE`, and `IOPRIO_CLASS_IDLE`. + * **`priority`** (int, REQUIRED) specifies the priority level within the class. The value should be an integer ranging from 0 (highest) to 7 (lowest). ### User @@ -361,6 +367,10 @@ _Note: symbolic name for uid and gid, such as uname and gname respectively, are ], "apparmorProfile": "acme_secure_profile", "selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675", + "ioPriority": { + "class": "IOPRIO_CLASS_IDLE", + "priority": 4 + }, "noNewPrivileges": true, "capabilities": { "bounding": [ @@ -761,6 +771,10 @@ Here is a full example `config.json` for reference. "apparmorProfile": "acme_secure_profile", "oomScoreAdj": 100, "selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675", + "ioPriority": { + "class": "IOPRIO_CLASS_IDLE", + "priority": 4 + }, "noNewPrivileges": true }, "root": { diff --git a/schema/config-schema.json b/schema/config-schema.json index b8393d8..475e8f1 100644 --- a/schema/config-schema.json +++ b/schema/config-schema.json @@ -144,6 +144,15 @@ "selinuxLabel": { "type": "string" }, + "ioPriority": { + "class": "string", + "enum": [ + "IOPRIO_CLASS_RT", + "IOPRIO_CLASS_BE", + "IOPRIO_CLASS_IDLE" + ], + "priority": "integer" + }, "noNewPrivileges": { "type": "boolean" }, diff --git a/specs-go/config.go b/specs-go/config.go index f070bdf..4e7717d 100644 --- a/specs-go/config.go +++ b/specs-go/config.go @@ -92,6 +92,8 @@ type Process struct { Scheduler *Scheduler `json:"scheduler,omitempty" platform:"linux"` // SelinuxLabel specifies the selinux context that the container process is run as. SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"` + // IOPriority contains the I/O priority settings for the cgroup. + IOPriority *LinuxIOPriority `json:"ioPriority,omitempty" platform:"linux"` } // LinuxCapabilities specifies the list of allowed capabilities that are kept for a process. @@ -109,6 +111,22 @@ type LinuxCapabilities struct { Ambient []string `json:"ambient,omitempty" platform:"linux"` } +// IOPriority represents I/O priority settings for the container's processes within the process group. +type LinuxIOPriority struct { + Class IOPriorityClass `json:"class"` + Priority int `json:"priority"` +} + +// IOPriorityClass represents an I/O scheduling class. +type IOPriorityClass string + +// Possible values for IOPriorityClass. +const ( + IOPRIO_CLASS_RT IOPriorityClass = "IOPRIO_CLASS_RT" + IOPRIO_CLASS_BE IOPriorityClass = "IOPRIO_CLASS_BE" + IOPRIO_CLASS_IDLE IOPriorityClass = "IOPRIO_CLASS_IDLE" +) + // Box specifies dimensions of a rectangle. Used for specifying the size of a console. type Box struct { // Height is the vertical dimension of a box.