There's a couple spots where we know exactly how large
the destination buffer should be, so pre-size these to
avoid any reallocs to a higher capacity.
Signed-off-by: Danny Canter <danny@dcantah.dev>
The boltdb instance in metadata is only used for getting transactions
and can also be overriden via the context to have a wider control of the
transaction boundary. Using the transactor interface allows callers of
metadata to have more control of the transaction lifecycle.
Since boltdb must be fsync'ed on commit, operations which perform many
database operations can be costly and slow. While providing transactor
via context can be used to group together operations, it does not
provide a way to manage the commit fsyncs more globally.
Signed-off-by: Derek McGowan <derek@mcg.dev>
When no port is specified, allow falling back from 443 to 80 when
http is specified along with a TLS configuration.
Signed-off-by: Derek McGowan <derek@mcg.dev>
Commit 3c8469a782 removed uses of the api
types.Platform type from public interfaces, instead using the type from
the OCI image spec.
For convenience, it also introduced an alias in the platforms package.
While this alias allows packages that already import containerd's
platforms package (now a separate module), it may also cause confusion
(it's not clear that it's an alias for the OCI type), and for packages
that do not depend on containerd's platforms package / module may now
be resulting in an extra dependency.
Let's remove the use of this alias, and instead use the OCI type directly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this, during a call to the docker resolver, we would generate
span wrappers for each HTTPRequest correctly, however, as the docker
resolver reaches out to the docker authorizer, it could create HTTP
requests (for fetching tokens) that would not be wrapped in any span.
This can result in rather confusing traces, e.g. something like:
remotes.docker.resolver.HTTPRequest
HTTP HEAD (fetch index, fails with 401)
HTTP GET (fetch token)
remotes.docker.resolver.HTTPRequest
HTTP HEAD (fetch index)
remotes.docker.resolver.HTTPRequest
HTTP GET (fetch manifest)
By adding a span into the FetchToken, this trace becomes a little easier
to consume:
remotes.docker.resolver.HTTPRequest
HTTP HEAD (fetch index, fails with 401)
remotes.docker.resolver.FetchToken
HTTP GET (fetch token)
remotes.docker.resolver.HTTPRequest
HTTP HEAD (fetch index)
remotes.docker.resolver.HTTPRequest
HTTP GET (fetch manifest)
Signed-off-by: Justin Chadwell <me@jedevc.com>
When a set of layers are provided to the unpacker, then the unpacker
should still fetch them regardless of whether they will be used for
unpack. The image handler filters are responsible for removing content
which is not intended to be fetched. Currently there is no way to use an
unpacker and also fetch all platforms.
Signed-off-by: Derek McGowan <derek@mcg.dev>
remote sandbox controller may restart, the Wait call should be retried
if it is an grpc disconnetion error.
Signed-off-by: Abel Feng <fshb1988@gmail.com>
Currently the metadata snapshotter is not consistently adding keys to a
lease when already exists is returned. When a lease is provided, any
already exists errors should add the relevant key to the lease. It is
not expected that clients must explicitly lease a key after calling
Prepare/Commit.
Signed-off-by: Derek McGowan <derek@mcg.dev>
This commit gets rid of the TODO by moving the check to use the
pluginInfo() infrastructure.
The check is only enforced for shims that return info that can be read
as type runtime.Features. For shims that don't provide that, we just
ignore it, as those shims might not be affected by this.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Allow the api to stay at the same v1 go package name and keep using a
1.x version number. This indicates the API is still at 1.x and allows
sharing proto types with containerd 1.6 and 1.7 releases.
Signed-off-by: Derek McGowan <derek@mcg.dev>
