Block the synchronization of registering NRI plugins during
CRI events to avoid the plugin ending up in an inconsistent
starting state after initial sync (missing pods, containers
or missed events for some pods or containers).
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
However, when an image has multiple tags, the image originally obtained may not be the one actually specified by the user.
Starting from cri-api v0.28.0, a UserSpecifiedImage field is added to ImageSpec.
It is more appropriate to use UserSpecifiedImage.
Signed-off-by: jinda.ljd <jinda.ljd@alibaba-inc.com>
`disable_cgroup` was implemenetd in containerd/cri PR 970 (Nov 2018)
for supporting very early version of Usernetes on cgroup v1 hosts,
when most distros were still not ready to support cgroup v2.
This configuration is no longer needed, as cgroup v2 delegation is
now supported on almost all distros.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Commit 3c8469a782 removed uses of the api
types.Platform type from public interfaces, instead using the type from
the OCI image spec.
For convenience, it also introduced an alias in the platforms package.
While this alias allows packages that already import containerd's
platforms package (now a separate module), it may also cause confusion
(it's not clear that it's an alias for the OCI type), and for packages
that do not depend on containerd's platforms package / module may now
be resulting in an extra dependency.
Let's remove the use of this alias, and instead use the OCI type directly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
so that we cri service don't have to get sandbox controller everytime it
needs to call sandbox controller api.
Signed-off-by: Abel Feng <fshb1988@gmail.com>
As `setupSandboxFiles` was done in sandbox controller, it is difficult
here to know if the sandbox controller has done and where the host path
in. Make sure the host path exists before adding them to linux container
mounts, otherwise, the container would generate some unnecessary mounts.
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
See kubernetes/enhancements issue 3857 (PR 3858).
Replaces PR 9713 `cri: make read-only mounts recursively read-only`
Unlike PR 9713, this PR does not automatically upgrade RO mounts to RRO.
Test depends on:
- kubernetes-sigs/cri-tools PR 1344
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
