A directory structure that is written ahead of time, distributed, and used to seed the runtime for creating a container and launching a process within it.
The config.json
file in a bundle which defines the intended container and container process.
An environment for executing processes with configurable isolation and resource limitations. For example, namespaces, resource limits, and mounts are all part of the container environment.
On Linux,the namespaces in which the configured process executes.
A JSON structure that represents the implemented features of the runtime. Irrelevant to the actual availability of the features in the host operating system.
All configuration JSON MUST be encoded in UTF-8. JSON objects MUST NOT include duplicate names. The order of entries in JSON objects is not significant.
An implementation of this specification. It reads the configuration files from a bundle, uses that information to create a container, launches a process inside the container, and performs other lifecycle actions.
An external program to execute a runtime, directly or indirectly.
Examples of direct callers include containerd, CRI-O, and Podman. Examples of indirect callers include Docker/Moby and Kubernetes.
Runtime callers often execute a runtime via runc-compatible command line interface, however, its interaction interface is currently out of the scope of the Open Container Initiative Runtime Specification.
On Linux, the namespaces from which new container namespaces are created and from which some configured resources are accessed.