1 files changed, 24 insertions, 0 deletions

diff --git a/system/conmon/README b/system/conmon/README
new file mode 100644
index 0000000000..8c1e2691b9
--- /dev/null
+++ b/system/conmon/README
@@ -0,0 +1,24 @@
+An OCI container runtime monitor.
+
+Conmon is a monitoring program and communication tool between a container
+manager (like podman or CRI-O) and an OCI runtime (like runc or crun) for a
+single container.
+
+Upon being launched, it double-forks to daemonize and detach from the parent
+that launched it. It then launches the runtime as its child. This allows
+managing processes to die in the foreground, but still be able to watch over
+and connect to the child process (the container).
+
+While the container runs, conmon does two things:
+
+    Provides a socket for attaching to the container, holding open the
+    container's standard streams and forwarding them over the socket.  Writes
+    the contents of the container's streams to a log file (or to the systemd
+    journal) so they can be read after the container's death.
+
+Finally, upon the containers death, conmon will record its exit time and code
+to be read by the managing programs.
+
+Written in C and designed to have a low memory footprint, conmon is intended
+to be run by a container managing library. Essentially, conmon is the smallest
+daemon a container can have.