github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
1,952 Commits 3 Branches 2 Tags 112 MiB
22b55461b3
Commit Graph

1952 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Brown
22b55461b3
Merge pull request #1514 from dims/update-kubernetes-to-1.19.0-beta.2 
Update kubernetes to 1.19.0 beta.2
 2020-06-22 10:58:47 -05:00
Davanum Srinivas
c4205721ee
Update vendor/ directory 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-22 08:45:11 -04:00
Davanum Srinivas
41f184f15b
Update vendor.conf to kubernetes 1.19.0-beta.2 
update streaming import path
switch remote package path

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-22 08:44:49 -04:00
Mike Brown
4f8a580795
Merge pull request #1510 from crosbymichael/selinux-bump 
bump selinux dep
 2020-06-15 14:50:23 -05:00
Michael Crosby
713205b369 bump selinux dep 
Includes fixes for the category range and mount labeling.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-06-15 15:15:35 -04:00
Michael Crosby
6164822714
Merge pull request #1508 from janosi/sctp-hostport 
Remove the protocol filter from the HostPort management
 2020-06-15 14:48:37 -04:00
Mike Brown
b661ad711e
Merge pull request #1504 from lorenz/ignore-image-defined-volumes 
Add option for ignoring volumes defined in images
 2020-06-14 11:52:48 -05:00
Mike Brown
26dc5b9772
Merge pull request #1505 from dcantah/windows-cred-spec 
Add GMSA credential spec passing
 2020-06-14 11:52:33 -05:00
Laszlo Janosi
479dfbac45
Remove the protocol filter from the portMappings constructor. 
Reason: originally it was introduced to prevent the loading of the SCTP kernel module on the nodes. But iptables chain creation alone does not load the kernel module. The module would be loaded if an SCTP socket was created, but neither cri nor the portmap CNI plugin starts managing SCTP sockets if hostPort / portmappings are defined.
Signed-off-by: Laszlo Janosi <laszlo.janosi@ibm.com>
 2020-06-14 15:48:00 +00:00
Daniel Canter
9620b2e1da Add GMSA Credential Spec passing 
Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2020-06-10 11:15:07 -07:00
Wei Fu
ae8200bf93
Merge pull request #1499 from webwurst/patch-1 
Fix typo
 2020-06-10 13:46:29 +08:00
Mike Brown
3290b86a8c
Merge pull request #1506 from cpuguy83/registry_headers 
Add config for registry http headers
 2020-06-09 18:43:11 -05:00
Lorenz Brun
5a1d49b063 Add option for ignoring volumes defined in images 
Signed-off-by: Lorenz Brun <lorenz@brun.one>
 2020-06-09 21:02:47 +02:00
Brian Goff
c694c63176 Add config for registry http headers 
This adds a configuration knob for adding request headers to all
registry requests. It is not namespaced to a registry.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-06-08 18:56:15 -07:00
Tobias Bradtke
098e040014 Fix typo 
Signed-off-by: Tobias Bradtke <webwurst@gmail.com>
 2020-06-05 18:19:49 +02:00
Wei Fu
bc96548c7b
Merge pull request #1502 from mikebrow/nginx-timing-problem 
move up to latest cri-tools - pick up nginx fix
 2020-06-04 12:52:51 +08:00
Mike Brown
e56347aabc move up to latest critools pick up nginx fix 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-06-03 15:26:26 -05:00
Mike Brown
62c91260d2
Merge pull request #1501 from dims/tolerate-missing-hugetlb-cgroups-controller 
Tolerate missing HugeTLB cgroups controller
 2020-06-02 10:53:40 -05:00
Davanum Srinivas
d7ce093d63
Tolerate missing HugeTLB cgroups controller 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-01 12:07:32 -04:00
Michael Crosby
8898550e34
Merge pull request #1498 from mxpv/base 
Specify base OCI runtime spec
 2020-05-29 16:34:29 -04:00
Maksym Pavlenko
17c61e36cb Fix cgroups path for base OCI spec 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-29 11:40:12 -07:00
Maksym Pavlenko
df8d6c5b7b Update documentation for base OCI spec files 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-28 14:45:11 -07:00
Maksym Pavlenko
8d54f39753 Allow specify base OCI runtime spec 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-28 13:39:31 -07:00
Mike Brown
c7f25cb3ae
Merge pull request #1490 from mikebrow/document-gcr-json-key-auth 
add a registry auth tutorial
 2020-05-28 08:49:52 -05:00
Mike Brown
83b115af16
Merge pull request #1497 from mikebrow/add-commit-sha-to-log 
would like to have the commit sha in the log file names
 2020-05-28 08:48:53 -05:00
Mike Brown
e8148bb49b would like to have the commit sha in the logs 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-05-27 17:47:43 -05:00
Maksym Pavlenko
f8380958c1
Merge pull request #1496 from mikebrow/variable-cri-tools-version 
add support for setting CRITOOL_VERSION
 2020-05-27 15:16:34 -07:00
Michael Crosby
c744b66a3b
Merge pull request #1495 from crosbymichael/cni-bump 
Use go-cni tag
 2020-05-27 12:28:38 -04:00
Mike Brown
b97a2f33b0 add support for setting CRITOOL_VERSION 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-05-27 11:16:23 -05:00
Derek McGowan
52c2c6b5df
Merge pull request #1494 from MHBauer/docs-moved 
docs moved
 2020-05-26 18:48:07 -07:00
Morgan Bauer
5877716621
docs moved 
- to sig-node
 - to sig-testing

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
 2020-05-26 16:46:09 -07:00
Michael Crosby
477b31ce04 Use go-cni tag 
Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-05-26 19:32:03 -04:00
Derek McGowan
129bdd7a3d
Merge pull request #1487 from crosbymichael/selinux 
Add SELinux Support for CRI
 2020-05-26 15:53:18 -07:00
Phil Estes
dea6229923
Merge pull request #1491 from thaJeztah/bump_selinux 
vendor: opencontainers/selinux v1.5.2
 2020-05-26 16:49:28 -04:00
Michael Crosby
72edf3016d Use new SELinux APIs 
This moves most of the API calls off of the `labels` package onto the root
selinux package.  This is the newer API for most selinux operations.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-05-26 15:18:46 -04:00
Sebastiaan van Stijn
0b3c7e1479
vendor: opencontainers/selinux v1.5.2 
full diff: https://github.com/opencontainers/selinux/compare/v1.5.1...v1.5.2

- Implement FormatMountLabel unconditionally
  Implementing FormatMountLabel on situations built without selinux
  should be possible; the context will be ignored if no SELinux is available.
- Remote potential race condition, where mcs label is freed
  Theorectially if you do not change the MCS Label then we free it and two
  commands later reserve it. If some other process was grabbing MCS Labels
  at the same time, the other process could get the same label.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-05-26 16:30:35 +02:00
Mike Brown
a7ad3bc01f add a registry auth tutorial 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-05-22 15:39:30 -05:00
Darren Shepherd
24209b91bf Add MCS label support 
Carry of #1246

Signed-off-by: Darren Shepherd <darren@rancher.com>
Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-05-20 13:59:51 -05:00
Mike Brown
e10e07b50e
Merge pull request #1489 from mikebrow/ltag-scan-symlink-fixed 
no longer need to skip /test header scan due to symlink
 2020-05-20 10:44:09 -05:00
Mike Brown
cc54a9dca4 no longer need to skip /test due to symlink 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-05-20 07:38:12 -05:00
Mike Brown
40071878d7
Merge pull request #1486 from thaJeztah/bump_golang_1.13.11 
Bump Golang 1.13.11
 2020-05-18 09:34:37 -05:00
Wei Fu
48ee0b348c
Merge pull request #1485 from thaJeztah/vendor_back_to_tags 
vendor.conf: back to using tags
 2020-05-18 22:31:59 +08:00
Sebastiaan van Stijn
8f02fe04d8
Bump Golang 1.13.11 
full diff: https://github.com/golang/go/compare/go1.13.10...go1.13.11

go1.13.11 (released 2020/05/14) includes fixes to the compiler. See the Go 1.13.11
milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.11+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-05-18 15:54:17 +02:00
Sebastiaan van Stijn
6096c0ebbb
vendor.conf: back to using tags 
When I changed the vendor.conf format to use tags, many of the
dependencies didn't use tagged versions, and the column format
made the file slightly more consistent / easier to read.

With many dependencies moving to go modules, we see more deps
tagging releases, and we're now more actively trying to use
tagged releases for our dependencies.

With containerd/containerd changing the format to use tags as
default, it makes sense to do the same here as well (to allow
for easier comparing the vendor.conf files between repositories)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-05-18 15:44:42 +02:00
Mike Brown
dc81240a6d
Merge pull request #1484 from thaJeztah/bump_containerd 
vendor: containerd/containerd v1.4.0-beta.0
 2020-05-18 08:11:36 -05:00
Mike Brown
36ba7766fb
Merge pull request #1483 from thaJeztah/bump_cni 
vendor: containerd/go-cni 0553354f0046ccd41a02e724826040491a3d8998
 2020-05-18 08:04:16 -05:00
Sebastiaan van Stijn
f9083f167a
vendor: containerd/containerd v1.4.0-beta.0 
full diff: ed261720c8...v1.4.0-beta.0

Relevant changes:

- Replace errors.Cause() with errors.Is()
- Transfer error to ErrNotFound when kill a not exist container
- vendor: update containerd/cri, remove "docker/distribution" dependency
- vendor: containerd/continuity, containerd/fifo, containerd/go-runc
- vendor: opencontainers/go-digest v1.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-05-16 14:37:00 +02:00
Sebastiaan van Stijn
103785ea26
vendor: containerd/go-cni 0553354f0046ccd41a02e724826040491a3d8998 
full diff: 0d360c50b1...0553354f00

- Add WithConfList opt for adding conf list from bytes
- Use Go modules instead of vndr
- Test on go1.13, 1.14, remove go1.12
- Update pkg/errors v0.9.1, switch to using errors.Is() instead of errors.Cause()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-05-16 12:58:26 +02:00
Mike Brown
82a602bf12
Merge pull request #1480 from mikebrow/remove-boilerplate 
removing boilerplate test already replaced by project boiler check
 2020-05-14 19:37:01 -05:00
Mike Brown
3f0aa45453 removing boilerplate test replace by projectboiler check 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-05-14 17:52:12 -05:00