github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,956 Commits 3 Branches 4 Tags
13bd93847dec418cdec80a98eb8fb68ef19e541c
Commit Graph

357 Commits

Author SHA1 Message Date
Lantao Liu
467f9e0e8a Fix proc mount support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-31 17:11:15 -07:00
Akihiro Suda
4195136eea Merge pull request #3433 from dmcgowan/gc-docs 
Add garbage collection doc
 2019-07-30 14:03:01 +09:00
Lantao Liu
c78caf902d Add max concurrent downloads support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-26 18:15:17 -07:00
Brandon Lum
8cd480c233 Specify protocols in ctr encrypt recipients 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2019-07-26 13:20:22 -04:00
Derek McGowan
22f44c44d9 Add garbage collection doc 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2019-07-25 14:42:30 -07:00
Aldo Culquicondor
4b43303203 Add option to register on TCP server 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-25 09:42:49 -04:00
Lantao Liu
64bf4bebf3 Merge pull request #1188 from alculquicondor/fix/doc 
Update docs to v2 config
 2019-07-24 14:25:42 -07:00
Aldo Culquicondor
e2550f6285 Update docs to v2 config 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-24 09:30:13 -04:00
Brandon Lum
c6d437fd70 Corrected lease implementation 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2019-07-18 18:17:20 -04:00
Stefan Berger
bf8804c743 Implemented image encryption/decryption libraries and ctr commands 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2019-07-17 15:19:58 -04:00
Joe Borg
9ebc10ec08 Correcting typo 
`/ec/` > `/etc/`

Signed-off-by: Joe Borg <joe@josephb.org>
 2019-07-04 14:12:20 -04:00
Michael Crosby
bb9616ba20 Merge pull request #3379 from Ace-Tang/clean-doc 
docs: remove shim_no_newns in ops.md
 2019-06-26 11:30:21 -04:00
Ace-Tang
2d03791158 docs: remove shim_no_newns in ops.md 
this ops is removed in commit fd2e3cd326,
remove from doc avoid misleading users.

Signed-off-by: Ace-Tang <aceapril@126.com>
 2019-06-26 16:37:36 +08:00
Phil Estes
0886e4f1b7 No need to keep 2017 DockerCon doc 
Remove outdated discussion document from repo.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2019-06-26 00:00:59 -04:00
BoWen Yan
d15a06b190 docs: Fix typo to some markdown files in /docs. 
Signed-off-by: BoWen Yan <loneybw@gmail.com>
 2019-06-13 15:29:12 +08:00
Mike Brown
3ba04c01cc doc update for cni max num 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-06-11 08:35:22 -05:00
kuramal
b022de5f37 add cni plugin config file max num config, set go-cni to commit 22460c0 
Signed-off-by: kuramal <linxxnil@126.com>
 2019-06-10 12:14:35 +08:00
Vlad Ungureanu
60a58af376 Add TLS auth registry support 
Signed-off-by: Vlad Ungureanu <ungureanuvladvictor@gmail.com>
 2019-06-06 14:55:53 -07:00
Lantao Liu
db90808477 Update doc and add deprecation policy for CRI options. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-04-25 16:11:16 -07:00
Lantao Liu
19e2b20c13 Use ctr images import. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-04-15 10:37:31 -07:00
Derek McGowan
2f60e389a0 Merge pull request #2626 from krsoninikhil/defaults3 
Uses namespace labels for default options
 2019-04-02 11:46:35 -07:00
Lantao Liu
238658719f Cleanup pod annotation test and only support tailing wildcard. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-25 12:54:34 -07:00
Harshal Patil
effd82227c Add support for passing sandbox annotations to runtime 
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
 2019-03-21 14:38:14 +05:30
Mike Brown
9474b05dd7 clarify the versioning for the tarball 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-03-13 12:58:12 -05:00
Lantao Liu
f2f90f6b00 Merge pull request #1060 from Random-Liu/support-stream-idle-timeout 
Support stream idle timeout.
 2019-02-28 10:28:27 -08:00
Lantao Liu
8222da7768 Support stream idle timeout. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-28 01:30:01 -08:00
Lantao Liu
76ed153e8c Add more explanation about the CRI config. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-27 16:51:36 -08:00
Aldo Culquicondor
c88e18b907 Fix architecture doc 
Network namespace is created before the pause container.

Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-02-27 18:00:40 -05:00
Shengjing Zhu
fb80483711 docs: Add NAME section in all manpages 
As described in https://lintian.debian.org/tags/manpage-has-bad-whatis-entry.html
each manual page should start with a "NAME" section.

Signed-off-by: Shengjing Zhu <zhsj@debian.org>
 2019-02-22 23:40:28 +08:00
Mike Brown
857f169e9e update support statment reflecting eol for k8s 1.10 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-02-14 11:28:26 -06:00
Nikhil Soni
da2ab865e0 Add documentation for using namespace labels for configuring defaults. 
Signed-off-by: Nikhil Soni <krsoninikhil@gmail.com>
 2019-02-01 23:14:33 +05:30
Derek McGowan
8706a355dd Merge pull request #2889 from linxiulei/isolated_content 
metadata: define content sharing policy
 2019-01-14 13:15:38 -08:00
Phil Estes
a79879e9dd Add security audit report to README 
Also remove weekly development reports section from README as those are
not being produced regularly at this time.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2019-01-04 09:56:03 -05:00
Akihiro Suda
cd8231ab2a support DisableCgroup, DisableApparmor, RestrictOOMScoreAdj 
Add following config for supporting "rootless" mode

* DisableCgroup: disable cgroup
* DisableApparmor: disable Apparmor
* RestrictOOMScoreAdj: restrict the lower bound of OOMScoreAdj

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-01-03 05:12:04 +09:00
Eric Lin
4247f2684d metadata: define content sharing policy 
This changeset modifies the metadata store to allow one to set a
"content sharing policy" that defines how blobs are shared between
namespaces in the content store.

The default mode "shared" will make blobs available in all namespaces
once it is pulled into any namespace.  The blob will be pulled into
the namespace if a writer is opened with the "Expected" digest that
is already present in the backend.

The alternative mode, "isolated" requires that clients prove they have
access to the content by providing all of the content to the ingest
before the blob is added to the namespace.

Both modes share backing data, while "shared" will reduce total
bandwidth across namespaces, at the cost of allowing access to any
blob just by knowing its digest.

Note: Most functional codes and changelog of this commit originate from
Stephen J Day <stephen.day@docker.com>, see
40455aade8

Fixes #1713 Fixes #2865

Signed-off-by: Eric Lin <linxiulei@gmail.com>
 2018-12-21 15:02:21 +08:00
Sebastiaan van Stijn
723797d320 docs: remove website leftovers 
The website content moved to the github.com/containerd/containerd.io
repository.

Commit da1fba0050 removed all website-
related content, but there were some stray files left behind.

This patch removes those files, and updates the `.editorconfig` file
to only match Markdown files.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2018-12-20 10:01:51 +01:00
Sebastiaan van Stijn
555ea3fb43 Ignore modprobe failures in ExecStartPre (systemd unit) 
When running containerd inside LXC, due to systemd being unable to execute
`modprobe overlay` inside the container (module is already loaded in host kernel).

This patch adds a `-` prefix to the `ExecStartPre` command, so that failures
are ignored, and the service can start as usual.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2018-11-10 12:52:06 +01:00
Akihiro Suda
ce6d4c9a9f add docs/rootless.md 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-11-06 17:39:30 +09:00
Lantao Liu
1442425f92 Support runtime specific configurations. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-10-08 17:17:29 -07:00
Lantao Liu
65283e4253 The indent is wrong. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-09-17 12:11:18 -07:00
Lantao Liu
3de8c8bf19 Update cri-tools to 98eea54af789ae13edce79cba101fb9ac8e7b241. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-09-17 10:54:42 -07:00
Tim Allclair
e7189a25c3 Add RuntimeHandler support 
Signed-off-by: Tim Allclair <tallclair@google.com>
 2018-09-05 17:27:35 -07:00
JulienBalestra
dffd0dfa0e streaming: tls conf validation to func with tests 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-30 15:10:48 +02:00
JulienBalestra
859003a940 stream: struct for x509 key pair, update the docs, error management 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-28 17:22:11 +02:00
Phil Estes
da1fba0050 Website no longer managed from this repo 
Website content is deployed from containerd/containerd.io now

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2018-08-23 14:55:04 -04:00
Aleksa Sarai
7aa132ffc7 docs: man: rename config.toml(5) to be more descriptive 
The man page namespace is global, so in order to avoid colliding with
other man pages named "config.toml" rename ours to be more descriptive.
This also helps with discoverability (now tab-completion of 'man
containerd<tab>' will return the config man page), as well as making it
much cleaner from the perspective of distributions that want to package
containerd.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2018-08-08 18:33:29 +10:00
Michael Crosby
2742238909 Add docs for managed opts dir 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-08-03 11:50:02 -04:00
Lantao Liu
b3d6f16383 Serve streaming on localhost by default to match k8s 1.11 default. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-21 01:10:45 +00:00
yanxuean
7065dd81f9 support no_pivot option for runc 
Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2018-07-20 08:46:50 +08:00
Lantao Liu
0f3c83b11b Use --no-overwrite-dir in installation doc. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-11 18:04:48 +00:00