github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,784 Commits 3 Branches 2 Tags 112 MiB
06e085c8b5
Commit Graph

11784 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maksym Pavlenko
06e085c8b5 Add Fields type alias to log package 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-20 17:29:08 -08:00
Fu Wei
ce215971d4
Merge pull request #8104 from AkihiroSuda/xx-1.2.1 
release: xx v1.2.1
 2023-02-14 22:41:27 +08:00
Akihiro Suda
9c82e929fd
release: xx v1.2.1 
https://github.com/tonistiigi/xx/compare/v1.1.0...v1.2.1

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-14 14:25:59 +09:00
Akihiro Suda
4e2eb8ba4e
Merge pull request #7964 from dmcgowan/transfer-image-store-references 
[transfer] update imagestore interface to support multiple references
 2023-02-14 11:22:27 +09:00
Kazuyoshi Kato
458fd48720
Merge pull request #8100 from mxpv/options 
[sandbox] Use options to pass PodSandboxConfig to shims
 2023-02-13 14:47:59 -08:00
Derek McGowan
081601f521
Update imagestore interface to support multiple references 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-13 13:58:33 -08:00
Maksym Pavlenko
2b24af8d13 Use options to pass PodSandboxConfig to shims 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-13 12:36:20 -08:00
Derek McGowan
edb8ebaf07
Merge pull request #8047 from ruiwen-zhao/send_nil 
Send container events with nil PodSandboxStatus
 2023-02-13 11:38:14 -08:00
Derek McGowan
164ac924f8
Merge pull request #7984 from aitumik/aitumik/add-host-network-tests 
test: add hostNetwork tests for both windows and linux
 2023-02-13 11:37:20 -08:00
Derek McGowan
34d83e1ff4
Merge pull request #8097 from helen-frank/feature/configloadPre-inspectionInAdvance 
loadConfig pre-inspection in advance
 2023-02-13 09:44:45 -08:00
Phil Estes
ee73e2e9fe
Merge pull request #8068 from thaJeztah/apparmor_remove_versioned 
contrib/apparmor: remove version-dependent rules
 2023-02-13 11:30:20 -05:00
helen
a8bb1ad2a0 loadConfig pre-inspection in advance 
Signed-off-by: helen <haitao.zhang@daocloud.io>
 2023-02-13 20:11:30 +08:00
Fu Wei
2654ece1d0
Merge pull request #8066 from fuweid/cleanup-blockio-init 
*: introduce wrapper pkgs for blockio and rdt
 2023-02-13 14:05:32 +08:00
Derek McGowan
c6cf6b2522
Merge pull request #8093 from mxpv/instrument 
Extract CRI instrument into separate package
 2023-02-12 21:45:13 -08:00
Maksym Pavlenko
750d18aced Extract CRI instrument package 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-12 20:49:15 -08:00
Fu Wei
040fcf85f0
Merge pull request #8091 from dcantah/mirror-generic-toml-change 2023-02-12 11:23:34 +08:00
Fu Wei
a453e92f26
Merge pull request #8092 from AkihiroSuda/typeurl-v2 2023-02-12 11:17:37 +08:00
Wei Fu
60d04b0b0f pkg: rename {blockio,rdt}_default.go -> nonlinux.go 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-02-12 08:35:17 +08:00
Akihiro Suda
b61988670c
go.mod: github.com/containerd/typeurl/v2 v2.1.0 
Changes: https://github.com/containerd/typeurl/compare/7f6e6d160d67...v2.1.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-11 23:39:52 +09:00
Danny Canter
74b371b98a CRI: Mirror generic toml runtime config under server 
In https://github.com/containerd/containerd/pull/7764 it was made
so that generic runtime options in the containerd toml config file
would get passed to shims regardless of if containerd knew of the
type beforehand and could supply the struct. However, this was only
added for the sandbox server fork here and not the regular ol' CRI
server. This change just mirrors the parts that need to be plopped in
pkg/cri/server

Signed-off-by: Danny Canter <danny@dcantah.dev>
 2023-02-11 05:18:52 -08:00
ruiwen-zhao
51a8db233d Send container events with nil PodSandboxStatus 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2023-02-11 01:34:39 +00:00
ruiwen-zhao
27c8f4085c Move PLEG event generation back to sbserver to avoid missing pod sandbox status 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2023-02-11 01:34:33 +00:00
Fu Wei
cf7b705dcd
Merge pull request #8086 from neersighted/apparmor_parser_regression 
Revert `apparmor_parser` regression
 2023-02-11 09:27:53 +08:00
Fu Wei
362ba2c743
Merge pull request #7981 from dmcgowan/sandbox-controller-interface-refactor 
[sandbox] refactor controller interface
 2023-02-11 09:22:36 +08:00
Nathan
7cf5560754 test: add hostNetwork tests for both windows and linux 
Signed-off-by: Nathan <aitumik@protonmail.com>
 2023-02-11 00:15:48 +03:00
Phil Estes
024a748c09
Merge pull request #7933 from AkihiroSuda/drop-libbtrfs 
btrfs: depend on kernel UAPI instead of libbtrfs
 2023-02-10 16:13:19 -05:00
Bjorn Neergaard
d33a43cc23
pkg/apparmor: clarify Godoc 
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
 2023-02-10 10:23:59 -07:00
Bjorn Neergaard
a3265102d9
Revert "Don't check for apparmor_parser to be present" 
This reverts commit 1acca8bba3.

As stated in the Godoc, this function is intended to check for presence
of `apparmor_parser`. Changing this regressed the public API of
containerd, and directly contradicts the way that this function is
consumed inside of containerd itself:
* fdfdc9bfc0/pkg/apparmor/apparmor.go (L20)
* fdfdc9bfc0/pkg/cri/sbserver/helpers_linux.go (L85)
* fdfdc9bfc0/pkg/cri/server/helpers_linux.go (L144)

This has lead to a number of painful regressions and attempted fixes in
Moby:
* https://github.com/moby/moby/issues/44900
* https://github.com/moby/moby/pull/44902
* https://github.com/moby/moby/issues/44970

While reverting this late into the life of 1.6 and at the start of the
life of 1.7 is likely painful, I think this is ultimately the best path
to take, as containerd is subject to the same failure to start
containers with an AppArmor kernel when `apparmor_parser` is missing as
Moby.

Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
 2023-02-10 10:05:56 -07:00
Derek McGowan
fdfdc9bfc0
Merge pull request #8082 from AkihiroSuda/ci-skip-on-fork 
CI: skip some jobs when `repo != containerd/containerd`
 2023-02-10 08:35:51 -08:00
Sebastiaan van Stijn
c990e3f2ed
contrib/apparmor: remove version-dependent rules 
These conditions were added in docker in 8cf89245f5
to account for old versions of debian/ubuntu (apparmor_parser < 2.8.95)
that lacked some options;

> This allows us to use the apparmor profile we have in contrib/apparmor/
> and solves the problems where certain functions are not apparent on older
> versions of apparmor_parser on debian/ubuntu.

Those patches were from 2015/2016, and all currently supported distro
versions should now have more current versions than that. Looking at the
oldest supported versions;

Ubuntu 18.04 "Bionic":

    apparmor_parser --version
    AppArmor parser version 2.12
    Copyright (C) 1999-2008 Novell Inc.
    Copyright 2009-2012 Canonical Ltd.

Debian 10 "Buster"

    apparmor_parser --version
    AppArmor parser version 2.13.2
    Copyright (C) 1999-2008 Novell Inc.
    Copyright 2009-2018 Canonical Ltd.

This patch removes the version-dependent rules.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-02-10 16:30:42 +01:00
Fu Wei
4c44ec702f
Merge pull request #8078 from Fish-pro/chore/package 2023-02-10 17:35:10 +08:00
Akihiro Suda
fe0116ec2a
CI: skip some jobs when repo != containerd/containerd 
For running CI in a non-upstream repo

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 18:12:08 +09:00
Zechun Chen
b944b108df Clean up repeated package import 
Signed-off-by: Zechun Chen <zechun.chen@daocloud.io>
 2023-02-10 16:21:55 +08:00
Fu Wei
218b1a335e
Merge pull request #8076 from cpuguy83/use_data_in_descriptor 
fetch: Use data from descriptor when available.
 2023-02-10 15:50:17 +08:00
Maksym Pavlenko
195eca1d6c
Merge pull request #8077 from Fish-pro/chore/httpvar 
chore: use http constants instead of string
 2023-02-09 23:32:17 -08:00
Derek McGowan
676b942fef
Merge pull request #8075 from swagatbora90/removeIntermediate 
Fix retry logic within devmapper device deactivation
 2023-02-09 22:21:49 -08:00
Fish-pro
76a62e52ae Use http constants instead of string 
Signed-off-by: Fish-pro <zechun.chen@daocloud.io>
 2023-02-10 14:01:48 +08:00
Akihiro Suda
a6f3cbe0ad
Merge pull request #8071 from mxpv/cleanup 
Clean CI yaml
 2023-02-10 11:34:18 +09:00
Brian Goff
13652e081e fetch: Use data from descriptor when available. 
OCI added support for a `data` field in a descriptor.
This field is expected to contain the content being pointed to by the
descriptor.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2023-02-10 01:12:40 +00:00
Akihiro Suda
52f82acb7b
btrfs: depend on kernel UAPI instead of libbtrfs 
See containerd/btrfs PR 40 and moby/moby PR 44761. (Thanks to [@]neersighted.)

The containerd/btrfs library now requires headers from kernel 4.12 or newer:
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs.h
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs_tree.h

These files are licensed under the GPL-2.0 WITH Linux-syscall-note, so it should be compatible with the Apache License 2.0.
https://spdx.org/licenses/Linux-syscall-note.html

The dependency on the kernel headers only affects users building from source.
Users on older kernels may opt to not compile this library (`BUILDTAGS=no_btfs`),
or to provide headers from a newer kernel.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 10:07:34 +09:00
Wei Fu
62df35df66 *: introduce wrapper pkgs for blockio and rdt 
Before this patch, both the RdtEnabled and BlockIOEnabled are provided
by services/tasks pkg. Since the services/tasks can be pkg plugin which
can be initialized multiple times or concurrently. It will fire data-race
issue as there is no mutex to protect `enable`.

This patch is aimed to provide wrapper pkgs to use intel/{blockio,rdt}
safely.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-02-10 08:21:34 +08:00
Swagat Bora
6ae3e5df6a Fix retry logic within devmapper device deactivation 
Signed-off-by: Swagat Bora <sbora@amazon.com>
 2023-02-09 23:40:18 +00:00
Maksym Pavlenko
6adb6a727e Rename release CI job 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-09 15:30:52 -08:00
Maksym Pavlenko
aed3b0a70b Clean CI file 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-09 15:30:52 -08:00
Samuel Karp
26509fa765
Merge pull request #8074 from kzys/fix-8073 
Fixes https://github.com/containerd/containerd/issues/8073
 2023-02-09 15:28:32 -08:00
Kazuyoshi Kato
617c66dcc7 Add critest.exe in $PATH 
The binary location was moved since
https://github.com/kubernetes-sigs/cri-tools/pull/1085.

Fixes #8073.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2023-02-09 22:23:01 +00:00
Derek McGowan
b0e97c0f9b
Use multierror for cleanup error 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-07 11:06:14 -08:00
Phil Estes
97480afdac
Merge pull request #7976 from yulng/lowercase 
keep the uppercase letter for flag info
 2023-02-07 09:54:38 +00:00
Derek McGowan
34314717b0
Remove sandox store and controller service type 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-06 22:05:26 -08:00
Derek McGowan
a788f6c799
Move local sandbox controller under plugins package 
Add options to sandbox controller interface.
Update sandbox controller interface to fully utilize sandbox controller
interface.
Move grpc error conversion to service.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-06 22:04:45 -08:00