containerd

Author	SHA1	Message	Date
Mike Brown	68a84f7878	Merge pull request #1438 from zhsj/use-containerd-reference Replace docker/distribution/reference with containerd/reference/docker	2020-04-15 14:58:43 -05:00
Shengjing Zhu	4cee89baf5	Update vendor after dropping depends distribution/reference Signed-off-by: Shengjing Zhu <i@zhsj.me>	2020-04-16 03:30:43 +08:00
Davanum Srinivas	2b162b6c11	update selinux dependency to fix test failures Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-04-15 14:59:43 -04:00
Mike Brown	d531dc492a	Merge pull request #1405 from fuweid/me-async-load-cnicnf reload cni network config if has fs change events	2020-04-15 13:57:32 -05:00
Wei Fu	4ce334aa49	reload cni network config if has fs change events With go RWMutex design, no goroutine should expect to be able to acquire a read lock until the read lock has been released, if one goroutine call lock. The original design is to reload cni network config on every single Status CRI gRPC call. If one RunPodSandbox request holds read lock to allocate IP for too long, all other RunPodSandbox/StopPodSandbox requests will wait for the RunPodSandbox request to release read lock. And the Status CRI call will fail and kubelet becomes NOTReady. Reload cni network config at every single Status CRI call is not necessary and also brings NOTReady situation. To lower the possibility of NOTReady, CRI will reload cni network config if there is any valid fs change events from the cni network config dir. Signed-off-by: Wei Fu <fuweid89@gmail.com>	2020-04-03 12:28:58 +08:00
Sebastiaan van Stijn	e093a0ee08	Use local "ensureRemoveAll" instead of docker/pkg/system Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-03-12 20:21:14 +01:00
Sebastiaan van Stijn	46fcfe5219	vendor: docker/docker 4634ce647cf2ce2c6031129ccd109e557244986f Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-03-10 18:06:27 +01:00
Sebastiaan van Stijn	b1417519e0	vendor: github.com/google/gofuzz v1.1.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-03-06 16:18:30 +01:00
Sebastiaan van Stijn	24cbca5a78	vendor: update containerd `0131015594` full diff: `e1221e69a8...0131015594` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-03-05 23:49:40 +01:00
Mike Brown	6565c640be	Merge pull request #1407 from dims/update-opencontainers/selinux-to-1.3.3 Update to a released version of opencontainers/selinux (1.3.3)	2020-02-28 14:56:49 -06:00
Davanum Srinivas	3d4c597bdc	Update to a released version of opencontainers/selinux (1.3.3) Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-02-28 11:43:02 -05:00
Brandon Lum	808ae59cf6	Update vendors to versioning Signed-off-by: Brandon Lum <lumjjb@gmail.com>	2020-02-24 22:08:31 +00:00
Brandon Lum	ac8ec18813	bump imgcrypt commit version Signed-off-by: Brandon Lum <lumjjb@gmail.com>	2020-02-24 20:45:57 +00:00
Brandon Lum	f0579c7b4d	Implmented node key model for image encryption Signed-off-by: Brandon Lum <lumjjb@gmail.com>	2020-02-24 20:45:57 +00:00
Davanum Srinivas	5f0bf05239	pick up fix for CVE-2019-19921 in opencontainers/selinux opencontainers/selinux/issues/61 has a request for a new release Here's the full diff: `3a1f366feb...5215b1806f` Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-01-24 13:45:40 -05:00
Davanum Srinivas	311887da35	Bump to opencontainers/runc new version - v1.0.0-rc10 We have a new release of runc ( opencontainers/runc#2217 ). This release has a fix for a race condition we are struggling with in kubernetes (especially CI jobs) which was fixed in opencontainers/runc#2185 The v1.0.0-rc10 includes the fix for CVE-2019-19921 as well. The full diff upstream is here: https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc10 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-01-24 09:56:50 -05:00
Boris Popovschi	6b8846cdf8	vendor updated + added cgroupv2 metrics Signed-off-by: Boris Popovschi <zyqsempai@mail.ru>	2020-01-17 11:55:06 +02:00
Brandon Lum	73cd077c6b	Bump vendor containerd/containerd version Signed-off-by: Brandon Lum <lumjjb@gmail.com>	2020-01-10 20:13:22 +00:00
Mike Brown	2da1ced9a1	update for containerd vendor changes Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-01-08 15:30:36 -06:00
Kathryn Baldauf	63d2a0445c	add local support for introspection service Signed-off-by: Kathryn Baldauf <kabaldau@microsoft.com>	2020-01-03 11:42:21 -08:00
Sebastiaan van Stijn	d63c62fb30	update kubernetes dependency to v1.16.3 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-11-28 14:44:15 +01:00
Phil Estes	d6359df24f	Update docker/docker vendor to upstream latest Also requires containerd and golang.org/x/sys vendor updates Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2019-11-23 17:55:11 -05:00
Lantao Liu	d95e21c89b	Add container compute stats support. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-10-25 14:32:02 -07:00
Lantao Liu	4e2b4aa972	Update containerd to `c0c6b51179`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-10-09 18:05:20 -07:00
Michael Crosby	c8c7c54a6e	Use typealias for containerd metrics Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-09-20 16:01:48 -04:00
Michael Crosby	437123646a	Update containerd to `ed16170c4c` 1.3.0+2 Includes changes for cgroup metrics type alias Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-09-20 10:06:22 -04:00
Lantao Liu	5a68bd70c8	Update kubernetes to 1.16.0-rc.2 Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-18 17:21:37 -07:00
Lantao Liu	59b6ed641f	Update containerd to `59a625defb` Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-12 18:13:15 -07:00
Lantao Liu	86de625ece	Update vendor Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-03 16:23:42 -07:00
Lantao Liu	28aef2fe38	Support CNI DNS capabilities. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-22 14:29:04 -07:00
Michael Crosby	3995efc7c1	Update cni and go-cni to the v0.7.1 release Closes #1236 Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-08-14 16:19:37 +00:00
Lantao Liu	7f330dc4aa	Update containerd to fix panic caused by race condition. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-10 10:40:43 -07:00
Lantao Liu	27de1a5862	Update containerd to `5222236c1b`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-09 10:41:46 -07:00
Lantao Liu	f994f43aec	Update vendors. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-08 10:39:50 -07:00
Lantao Liu	0344ac239b	Update containerd for config backward compatibility. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-07-23 19:14:28 -07:00
Mike Brown	41a9176b0d	Merge pull request #1190 from odinuge/dep/cgroups Update dependency containerd/cgroups	2019-07-02 16:20:24 -05:00
Odin Ugedal	c8a04d0994	Update dependency containerd/cgroups Signed-off-by: Odin Ugedal <odin@ugedal.com>	2019-06-25 16:58:31 +02:00
Sebastiaan van Stijn	3f49760d76	bump libseccomp-golang v0.9.1 full diff: `32f571b700...689e3c1541` Release notes: * Version 0.9.1 - May 21, 2019 - Minimum supported version of libseccomp bumped to v2.2.0 (`fc0298087f`) - PowerPC and S390(x) architectures are unavailable below library version v2.3.0 and will return errors if used with incompatible libraries - Use Libseccomp's `seccomp_version` API to retrieve library version - Unconditionally set TSync attribute for filters, due to Go's heavily threaded nature - Fix [CVE-2017-18367](https://nvd.nist.gov/vuln/detail/CVE-2017-18367) - Multiple syscall arguments were incorrectly combined with logical-OR, instead of logical-AND (`06e7a29f36`) - Fix a failure to build on Debian-based distributions due to CGo code - Fix unit test failures on 32-bit architectures - Improve several errors to be more verbose about their causes - Add support for SCMP_ACT_LOG (with libseccomp versions 2.4.x and higher), permitting syscalls but logging their execution - Add support for SCMP_FLTATR_CTL_LOG (with libseccomp versions 2.4.x and higher), logging not-allowed actions when they are denied Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-06-25 10:28:02 +02:00
Lantao Liu	72819d68d1	Update vendor Signed-off-by: Lantao Liu <lantaol@google.com>	2019-06-12 11:18:55 -07:00
Lantao Liu	efba8e147f	Update containerd to `2f69be5594`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-06-10 19:34:46 -07:00
kuramal	b022de5f37	add cni plugin config file max num config, set go-cni to commit 22460c0 Signed-off-by: kuramal <linxxnil@126.com>	2019-06-10 12:14:35 +08:00
Johannes M. Scheuermann	0d439c3474	Implement bandwidth capabilties Signed-off-by: Johannes M. Scheuermann <joh.scheuer@gmail.com>	2019-05-24 10:29:52 +02:00
Lantao Liu	1626663e24	Include new go.mod file. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-04-29 14:06:57 -07:00
Lantao Liu	603972523e	Update containerd to `32e788a8be`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-04-12 15:13:45 -07:00
Lantao Liu	e425bd019a	Update go-cni to 891c2a41e18144b2d7921f971d6c9789a68046b2. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-04-10 12:07:59 -07:00
Lantao Liu	bf112b3c2b	Update containerd `591e52c504`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-04-05 11:39:34 -07:00
Sebastiaan van Stijn	5e7d59fc9d	bump opencontainers/selinux v1.2.1 full diff: opencontainers/selinux@v1.2...v1.2.1 brings in opencontainers/selinux#49 Ignore attempts to setLabels "" on SELinux disabled systems Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-04-04 09:33:38 +02:00
Sebastiaan van Stijn	7b397f0322	bump opencontainers/selinux to v1.2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-03-29 01:33:35 +01:00
Lantao Liu	c60dd60f80	Update containerd to `f2a20ead83`. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-03-28 14:31:13 -07:00
Michael Crosby	5eddc1a2cc	Use container'd oci opts for spec generation This bumps the containerd and sys packages in CRI Signed-off-by: Michael Crosby <crosbymichael@gmail.com> Remove runtime-tools Signed-off-by: Michael Crosby <crosbymichael@gmail.com> Update tests for oci opts package Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-03-27 16:57:04 -04:00

1 2 3 4 5

212 Commits