clarify kill and delete operation for shared pid namespace container

[lifubang]

There was no description for delete a container which doesn't have it's own private pid namespace, so it may cause some break changes when we do code refactor in this area. Maybe we should add some descriptions for this.

---

In fact, container-runtime kill [-a,--all] container_id signal] and container-runtime delete [-f,--force] container_id has been used by upstream projects for many years, but it isn't defined in runtime-spec. It may cause some break changes when we do code refactor in this area. So, maybe we should define it clearly in runtime-spec.

background: https://github.com/opencontainers/runc/issues/4049

[lifubang]

@opencontainers/runtime-spec-maintainers PTAL, we need this PR to make a decision how to fix a bug in runc(https://github.com/opencontainers/runc/issues/4047). Looking forward your feedback, thanks.

[lifubang]

https://github.com/opencontainers/runtime-spec/blob/6331715093bfcf25137411bfacb403235ed7d018/runtime.md?plain=1#L95

I wonder we should change this rule or not? Before we change this rule, I changed my PR to clarify kill and delete operation for shared pid namespace container, if we don't think this type container should be described in runtime-spec, feel free to close this PR.

[fuweid]

@lifubang the operation can be function or command-line. -a is kind of command-line api. I think the maintainer can accept <all> here.

However, the runc kill -a has been used for many years. <all> can be -a in the command-line implementation, is it correct? @AkihiroSuda

[AkihiroSuda]

However, the runc kill -a has been used for many years. can be -a in the command-line implementation, is it correct? @AkihiroSuda

Yes, but the command line implementation is (currently) out of the scope of the OCI Runtime Spec.

[lifubang]

Yes, but the command line implementation is (currently) out of the scope of the OCI Runtime Spec.

How about add runtime-cmd-api.md to define all the basic command apis?

[AkihiroSuda]

Yes, but the command line implementation is (currently) out of the scope of the OCI Runtime Spec.

How about add runtime-cmd-api.md to define all the basic command apis?

Adding the CLI spec to the Runtime Spec was once rejected in 2017 (https://github.com/opencontainers/runtime-spec/pull/513#issuecomment-278550496) and accepted in the runtime-tools repo: https://github.com/opencontainers/runtime-tools/blob/master/docs/command-line-interface.md

I guess we can revisit this, but it is beyond the scope of this PR. (Feel free to open an issue/PR)

[fuweid]

Yes, but the command line implementation is (currently) out of the scope of the OCI Runtime Spec.

How about add runtime-cmd-api.md to define all the basic command apis?

Adding the CLI spec to the Runtime Spec was once rejected in 2017 (https://github.com/opencontainers/runtime-spec/pull/513#issuecomment-278550496) and accepted in the runtime-tools repo: https://github.com/opencontainers/runtime-tools/blob/master/docs/command-line-interface.md

I guess we can revisit this, but it is beyond the scope of this PR. (Feel free to open an issue/PR)

Thanks. We should discuss it in other pr (I also received the runc maintainer's comment about introducing new flag https://github.com/opencontainers/runc/pull/4045)

[lifubang]

@opencontainers/runtime-spec-maintainers PTAL