github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
1,875 Commits 3 Branches 2 Tags 112 MiB
2a5e493198
Commit Graph

1875 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Brown
aa9b1885b5 fixes bad unit tests when selinux is enabled 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-04-15 12:28:11 -05:00
Mike Brown
7381f31b36 Create greetings.yml 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-04-15 11:59:24 -05:00
Wei Fu
4ce334aa49 reload cni network config if has fs change events 
With go RWMutex design, no goroutine should expect to be able to
acquire a read lock until the read lock has been released, if one
goroutine call lock.

The original design is to reload cni network config on every single
Status CRI gRPC call. If one RunPodSandbox request holds read lock
to allocate IP for too long, all other RunPodSandbox/StopPodSandbox
requests will wait for the RunPodSandbox request to release read lock.
And the Status CRI call will fail and kubelet becomes NOTReady.

Reload cni network config at every single Status CRI call is not
necessary and also brings NOTReady situation. To lower the possibility
of NOTReady, CRI will reload cni network config if there is any valid fs
change events from the cni network config dir.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2020-04-03 12:28:58 +08:00
Mike Brown
7013a825b0
Merge pull request #1424 from fvoznika/patch-1 
Start docker unconditionally
 2020-04-01 08:27:22 -05:00
Fabricio Voznika
efddc5f252 Start docker unconditionally 
`systemctl is-enabled` is not a reliable indicator that the docker service should be started. Docker service may be running even if marked as disabled.

Signed-off-by: Fabricio Voznika <fvoznika@google.com>
 2020-03-31 15:29:17 -07:00
Mike Brown
27d4fd5979
Merge pull request #1425 from dims/fix-x/sys-dependency-version 
use the same dependency version for x/sys from containerd/containerd
 2020-03-30 12:00:13 -05:00
Davanum Srinivas
61f095b73e
use the same dependency version for x/sys from containerd/containerd 
The versions of x/sys drifted between the repos:
- https://github.com/containerd/cri/blob/master/vendor.conf#L53
- https://github.com/containerd/containerd/blob/master/vendor.conf#L49

Picking the one that is newer:
52ab431487...5c8b2ff675

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-30 11:17:58 -04:00
Akihiro Suda
dd3c5f08b8
Merge pull request #1418 from darfux/fix_handle_resizing_leak 
Fix goroutine leak when exec/attach
 2020-03-28 22:51:51 +09:00
Mike Brown
67566810f7
Merge pull request #1426 from dims/vendor-update-kubernetes-v1.18.0 
vendor: update kubernetes v1.18.0
 2020-03-27 14:19:49 -05:00
Davanum Srinivas
95b7c08260
vendor: update kubernetes v1.18.0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-27 09:39:58 -04:00
Mike Brown
c1115d4e57
Merge pull request #1422 from chenrui333/update-golang-versions 
Bump golang to v1.13.9 and v1.14.1

Mike: golang service referesh:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.9+label%3ACherryPickApproved
 2020-03-25 15:06:55 -05:00
Mike Brown
cc3fbebec2
Merge pull request #1423 from dims/add-version-numbers-for-newly-tagged-repos 
Add version numbers for newly tagged repos
 2020-03-25 14:55:45 -05:00
Davanum Srinivas
172cf68b53
Add version numbers for newly tagged repos 
The following repos have been tagged as v1.0.0:

- 8375c3424e
- 92c8520ef9
- a93fcdb778

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-03-25 12:19:42 -04:00
Rui Chen
664acc1396
Bump golang to v1.13.9 and v1.14.1 
Signed-off-by: Rui Chen <chenrui333@gmail.com>
 2020-03-25 09:20:29 -04:00
Li Yuxuan
cb0140063e Fix goroutine leak when exec/attach 
The resize chan is never closed when doing exec/attach now. What's more,
`resize` is a recieved only chan so it can not be closed. Use ctx to
exit the goroutine in `handleResizing` properly.

Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
 2020-03-24 10:42:54 +08:00
Mike Brown
5fb103d8e6
Merge pull request #1382 from georgegoh/master 
Add correct paths for cri's systemd config files in CentOS.
 2020-03-16 12:11:03 -05:00
George Goh
c44ad801f9 Fixed merge conflicts. 2020-03-16 20:56:08 +08:00
Wei Fu
4d4c35b3a8
Merge pull request #1417 from mikebrow/add-golang-1.14-for-travis-tests 
add golang 1.14 to prepare for move
 2020-03-13 17:54:39 +08:00
Mike Brown
7cd773bd3b add golang 1.14 to prepare for move 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-03-12 19:30:19 -05:00
Derek McGowan
92cb4ed978
Merge pull request #1416 from thaJeztah/ensure_remove_all 
Use local "ensureRemoveAll" instead of docker/pkg/system
 2020-03-12 14:53:57 -07:00
Sebastiaan van Stijn
e093a0ee08
Use local "ensureRemoveAll" instead of docker/pkg/system 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-12 20:21:14 +01:00
Sebastiaan van Stijn
46fcfe5219
vendor: docker/docker 4634ce647cf2ce2c6031129ccd109e557244986f 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-10 18:06:27 +01:00
Mike Brown
687469d3ce
Merge pull request #1415 from AkihiroSuda/cgroup2-privileged-no-unshare-cgroupns 
cgroup2: do not unshare cgroup namespace for privileged
 2020-03-09 12:45:50 -05:00
Akihiro Suda
fa72e2f693 cgroup2: do not unshare cgroup namespace for privileged 
Conforms to the latest KEP:
0e409b4749/keps/sig-node/20191118-cgroups-v2.md (cgroup-namespace)

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-03-09 01:49:04 +09:00
Mike Brown
1a00c06886
Merge pull request #1413 from thaJeztah/update_kubernetes 
vendor: update kubernetes to v1.18.0-beta.1
 2020-03-06 11:19:56 -06:00
Sebastiaan van Stijn
a3e7f68fa5
vendor: update kubernetes v1.18.0-beta.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-06 16:18:37 +01:00
Sebastiaan van Stijn
4210588d3c
vendor: sigs.k8s.io/yaml v1.2.0 
full diff: https://github.com/kubernetes-sigs/yaml/compare/v1.1.0...v1.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-06 16:18:35 +01:00
Sebastiaan van Stijn
ef54a7839a
vendor: bump golang.org/x/crypto bac4c82f6975 (CVE-2020-9283) 
no local changes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-06 16:18:33 +01:00
Sebastiaan van Stijn
b1417519e0
vendor: github.com/google/gofuzz v1.1.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-06 16:18:30 +01:00
Mike Brown
5f0cbd5ffe
Merge pull request #1414 from thaJeztah/update_containerd 
vendor: update containerd 0131015594
 2020-03-06 08:42:39 -06:00
Sebastiaan van Stijn
24cbca5a78
vendor: update containerd 0131015594 
full diff: e1221e69a8...0131015594

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-05 23:49:40 +01:00
Mike Brown
d68533d654
Merge pull request #1412 from mikebrow/update-golang-1.13.8 
update to golang 1.13.8
 2020-03-05 14:44:40 -06:00
Mike Brown
d5ff8b5781
Merge pull request #1411 from thaJeztah/reformat_vendor 
Reformat vendor.conf: use columns, pin by git-sha, and sort alphabetically
 2020-03-05 14:21:44 -06:00
Mike Brown
ad984ca844 update to golang 1.13.8 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-03-05 13:31:15 -06:00
Sebastiaan van Stijn
3650918d9d
vendor.conf: reformat to use columns 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-05 19:32:07 +01:00
Sebastiaan van Stijn
1b74251d91
vendor.conf: sort imports alphabetically 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-05 19:28:26 +01:00
Mike Brown
073e3c9bb4
Merge pull request #1403 from thaJeztah/align_selinux_to_tag 
vendor: update golang.org/x/sys 52ab431487773bc9dd1b0766228b1cf3944126bf
 2020-03-03 13:04:02 -06:00
Sebastiaan van Stijn
bb59a061ef
vendor: update golang.org/x/sys 52ab431487773bc9dd1b0766228b1cf3944126bf 
full diff: c990c680b6...52ab431487

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-03-02 18:12:23 +01:00
Mike Brown
6565c640be
Merge pull request #1407 from dims/update-opencontainers/selinux-to-1.3.3 
Update to a released version of opencontainers/selinux (1.3.3)
 2020-02-28 14:56:49 -06:00
Mike Brown
d4d6b3a0fc
Merge pull request #1340 from lumjjb/enc-node-model 
Implement node key model for image encryption
 2020-02-28 10:49:36 -06:00
Davanum Srinivas
3d4c597bdc
Update to a released version of opencontainers/selinux (1.3.3) 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-02-28 11:43:02 -05:00
Brandon Lum
8d5a8355d0 Updated docs and code for default nil behavior 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-27 23:42:03 +00:00
Brandon Lum
808ae59cf6 Update vendors to versioning 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 22:08:31 +00:00
Brandon Lum
7a24da0375 Updated docs and encryption.md -> decryption.md 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
c5209cd679 Updated doc based on changes requested 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
ffcef9dc32 Addressed nits 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
8df431fc31 Defer multitenant key model to image auth discussion 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
c43a7588f6 Refactor encrypted opts and added unit test 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
ac8ec18813 bump imgcrypt commit version 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
f0579c7b4d Implmented node key model for image encryption 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00