containerd

Author	SHA1	Message	Date
Mike Brown	f4b3cdb892	Merge pull request #1399 from mikebrow/pause-image-update move to v3.2 for the pause image	2020-02-20 10:45:16 -06:00
Akihiro Suda	c23ed3befc	Merge pull request #1402 from thaJeztah/bump_crypto vendor: golang.org/x/crypto 1d94cc7ab1c630336ab82ccb9c9cda72a875c382	2020-02-20 16:43:27 +09:00
Sebastiaan van Stijn	98ce6c022e	vendor: golang.org/x/crypto 1d94cc7ab1c630336ab82ccb9c9cda72a875c382 full diff: `60c769a6c5...1d94cc7ab1` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-19 12:44:01 +01:00
Mike Brown	c9ed98462d	move to v3.2 for the pause image Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-02-14 12:55:52 -06:00
Mike Brown	cf0e0a1e2c	Merge pull request #1332 from bg-chun/update_cri_for_hugepages update cri-plugin to parse hugepages limit	2020-02-12 10:05:01 -06:00
Mike Brown	c955404ce7	Merge pull request #1384 from jterry75/fix_grpc_err Fix store error serialization to gRPC status codes	2020-02-06 10:22:04 -06:00
Byonggon Chun	c02c24847f	update cri-plugin to parse hugepages limit from CRI message Signed-off-by: Byonggon Chun <bg.chun@samsung.com>	2020-02-06 15:28:24 +09:00
Justin Terry (VM)	a8cc66b37a	Fix store error serialization to gRPC status codes The pkg/store errors are duplicated errors of NotFound and AlreadyExist from containerd's errdefs package and thus do not properly serialize when running errdefs.ToGRPC on them. CRI runs this function on every return from a CRI method so the conversion fails if there is a cache miss from the store caches for containers or sandboxes. This change verifies that the errors are properly converted to their gRPC values. Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>	2020-02-05 18:32:45 -08:00
Byonggon Chun	99c6e0dd51	Update Kubernetes dependencies for CRI update update cri-api vendor to include hugepages changes KEP: https://github.com/kubernetes/enhancements/pull/1199 CRI: https://github.com/kubernetes/kubernetes/pull/83614 Signed-off-by: Byonggon Chun <bg.chun@samsung.com>	2020-02-05 13:37:28 +09:00
Mike Brown	c0294ebfe0	Merge pull request #1387 from thaJeztah/bump_yaml vendor: bump gopkg.in/yaml.v2 v2.2.8	2020-01-29 18:33:17 -06:00
Sebastiaan van Stijn	3d0818d99e	vendor: bump gopkg.in/yaml.v2 v2.2.8 full diff: https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.8 includes: - go-yaml/yaml@f90ceb4f40 Fix check for non-map alias merging in v2 - fix for "yaml.Unmarshal crashes on "assignment to entry in nil map"" - go-yaml/yaml 543 Port stale simple_keys fix to v2 - go-yaml/yaml@1f64d6156d Fix issue in simple_keys improvements - fixes "Invalid simple_keys now cause panics later in decode" - go-yaml/yaml 555 Optimize cases with long potential simple_keys Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-01-28 13:42:20 +01:00
Akihiro Suda	19589b4bf9	Merge pull request #1383 from dims/update-to-new-rc10-of-opencontainers/runc Bump to opencontainers/runc new version - v1.0.0-rc10	2020-01-25 05:01:09 +09:00
Davanum Srinivas	5f0bf05239	pick up fix for CVE-2019-19921 in opencontainers/selinux opencontainers/selinux/issues/61 has a request for a new release Here's the full diff: `3a1f366feb...5215b1806f` Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-01-24 13:45:40 -05:00
Davanum Srinivas	311887da35	Bump to opencontainers/runc new version - v1.0.0-rc10 We have a new release of runc ( opencontainers/runc#2217 ). This release has a fix for a race condition we are struggling with in kubernetes (especially CI jobs) which was fixed in opencontainers/runc#2185 The v1.0.0-rc10 includes the fix for CVE-2019-19921 as well. The full diff upstream is here: https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc10 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-01-24 09:56:50 -05:00
Mike Brown	3f99b45073	Merge pull request #1380 from AkihiroSuda/vendor-kube1.17.1 vendor kubernetes 1.17.1	2020-01-23 13:20:52 -08:00
George Goh	f50816381e	Add correct paths for cri's systemd config files in CentOS. Signed-off-by: George Goh <gohge@vmware.com>	2020-01-23 09:15:26 +08:00
Akihiro Suda	2d28b60046	vendor kubernetes 1.17.1 Corresponds to https://github.com/kubernetes/kubernetes/blob/v1.17.1/go.mod note: `k8snet.ChooseBindAddress()` was renamed to `k8snet.ResolveBindAddress()` in `afa0b808f8` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-01-22 02:06:50 +09:00
Akihiro Suda	5e5960f2bc	Merge pull request #1376 from Zyqsempai/add-cgroups-v2-metrics Cgroupv2: Added CPU, Memory metrics	2020-01-21 23:21:09 +09:00
Boris Popovschi	6b8846cdf8	vendor updated + added cgroupv2 metrics Signed-off-by: Boris Popovschi <zyqsempai@mail.ru>	2020-01-17 11:55:06 +02:00
Lantao Liu	b2804c0693	Merge pull request #1371 from AkihiroSuda/cgroup2-unshare-cgroupns cgroup2: unshare cgroup namespace for containers	2020-01-14 10:08:14 -08:00
Akihiro Suda	982e767745	Merge pull request #1374 from lumjjb/bump_containerd Bump vendor containerd/containerd version	2020-01-11 07:28:33 +09:00
Brandon Lum	73cd077c6b	Bump vendor containerd/containerd version Signed-off-by: Brandon Lum <lumjjb@gmail.com>	2020-01-10 20:13:22 +00:00
Lantao Liu	83a9d2460c	Merge pull request #1363 from Random-Liu/fix-validate-config Validate and update the right config	2020-01-10 00:11:27 -08:00
Akihiro Suda	71740399e0	cgroup2: unshare cgroup namespace for containers In cgroup v1 container implementations, cgroupns is not used by default because it was not available in the kernel until kernel 4.6 (May 2016), and the default behavior will not change on cgroup v1 environments, because changing the default will break compatibility and surprise users. For cgroup v2, implementations are going to unshare cgroupns by default so as to hide /sys/fs/cgroup from containers. * Discussion: https://github.com/containers/libpod/issues/4363 * Podman PR (merged): https://github.com/containers/libpod/pull/4374 * Moby PR: https://github.com/moby/moby/pull/40174 This PR enables cgroupns for containers, but pod sandboxes are untouched because probably there is no need to do. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-01-09 14:58:30 +09:00
Justin	522a056fe6	Merge pull request #1368 from mikebrow/vendor-update-2020-01-06 update for containerd vendor changes	2020-01-08 14:57:45 -08:00
Mike Brown	2da1ced9a1	update for containerd vendor changes Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-01-08 15:30:36 -06:00
Mike Brown	55566f9682	Merge pull request #1364 from katiewasnothere/local_introspection add introspection service to cri plugin	2020-01-06 15:58:17 -08:00
Kathryn Baldauf	63d2a0445c	add local support for introspection service Signed-off-by: Kathryn Baldauf <kabaldau@microsoft.com>	2020-01-03 11:42:21 -08:00
Lantao Liu	5a9c12d49e	Validate and update the right config Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-19 17:50:51 -08:00
Lantao Liu	ff8a2e7c65	Merge pull request #1359 from AkihiroSuda/shim-v2-runc-v2 bump up the default runtime to "io.containerd.runc.v2"	2019-12-17 11:24:22 -08:00
Akihiro Suda	aaddaa2732	bump up the default runtime to "io.containerd.runc.v2" The former default runtime "io.containerd.runc.v1" won't support new features like support for cgroup v2: containerd/containerd#3726 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2019-12-16 11:53:58 +09:00
Lantao Liu	61d3e49b42	Merge pull request #1357 from darfux/add-container-restart-test integration: Add container restart test	2019-12-12 16:52:00 -08:00
darfux	5cccd008a0	integration: Add container restart test Add an integration test case to test whether a runtime can restart a container properly. Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>	2019-12-12 10:23:15 +08:00
Lantao Liu	e68cc95fe4	Merge pull request #1356 from Random-Liu/revert-#1349 Fix privileged support	2019-12-11 17:14:01 -08:00
Mike Brown	0253fa42aa	Merge pull request #1358 from mikebrow/buildfix-appveyor add removal of old go	2019-12-11 13:12:33 -08:00
Mike Brown	7fcef89b7d	add removal of old go Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2019-12-11 12:45:07 -06:00
Lantao Liu	78e6d6175e	Update golang to 1.13.4. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-10 13:19:53 -08:00
Lantao Liu	0c2d3b718d	Fix privileged devices. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-09 17:43:06 -08:00
Lantao Liu	78708b20c7	Merge pull request #1351 from Random-Liu/better-unknown-state-handling Better handle unknown state.	2019-12-09 10:34:57 -08:00
Lantao Liu	facbaa0e79	Better handle unknown state. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-06 10:56:27 -08:00
Mike Brown	69828d0bb2	Merge pull request #1349 from Zyqsempai/1316-use-with-host-devices Use containerD WithHostDevices	2019-12-05 14:13:48 -08:00
bpopovschi	5d7bd738e4	Use containerD WithHostDevices Signed-off-by: bpopovschi <zyqsempai@mail.ru>	2019-12-04 11:34:46 +02:00
Lantao Liu	0881caa9bd	Merge pull request #1348 from thaJeztah/bump_kubernetes_1.16.3 update kubernetes dependency to v1.16.3	2019-12-02 10:15:35 -08:00
Lantao Liu	444f02a89e	Merge pull request #1344 from darfux/add-resolvconf-to-sandbox-container Provide resolvConf to sandbox container's mounts	2019-12-01 21:25:19 -08:00
Sebastiaan van Stijn	d63c62fb30	update kubernetes dependency to v1.16.3 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-11-28 14:44:15 +01:00
Li Yuxuan	dbc1fb37d0	Provide resolvConf to sandbox container's mounts As https://github.com/kata-containers/runtime/issues/1603 discussed, kata relies on such mount spec to setup resolv.conf for pod VM properly. Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>	2019-11-28 12:05:05 +08:00
Lantao Liu	40e147cb73	Merge pull request #1347 from Random-Liu/fix-typo Fix typo.	2019-11-26 16:36:23 -08:00
Lantao Liu	4f350ad474	Fix typo. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-11-26 15:09:07 -08:00
Lantao Liu	ae3c28c4d7	Merge pull request #1345 from Random-Liu/insecure-skip-verify Add insecure_skip_verify option.	2019-11-26 14:34:55 -08:00
Lantao Liu	ab6701bd11	Add insecure_skip_verify option. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-11-26 13:25:52 -08:00

1 2 3 4 5 ...

1875 Commits