containerd

Author	SHA1	Message	Date
Lantao Liu	31a960fb58	Merge pull request #918 from Random-Liu/show-runtime-handler-in-sandbox-info Show runtime handler in sandbox debug info.	2018-09-17 10:43:51 -07:00
Lantao Liu	46b8f4290b	Merge pull request #912 from Random-Liu/add-hostname-env-integration-test Add hostname env integration test.	2018-09-17 10:42:46 -07:00
Lantao Liu	4b45e16a4b	Show runtime handler in sandbox debug info. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-16 21:27:51 -07:00
Lantao Liu	c7c68993c7	Add hostname env integration test. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-16 20:32:18 -07:00
Lantao Liu	e402ae2f02	Merge pull request #914 from Random-Liu/fix-addition-gids Fix addition gids	2018-09-14 10:30:41 -07:00
Lantao Liu	51ee6ea6dc	Add integration test Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-13 16:31:32 -07:00
Lantao Liu	ca3b806b5c	Fix addition group ids. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-13 16:31:32 -07:00
Lantao Liu	f267f217cd	Update containerd to `66b984ee33` Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-13 16:31:32 -07:00
Lantao Liu	3e5eb0c7d5	Merge pull request #911 from Random-Liu/sctp-support Skip sctp protocol hostport mapping.	2018-09-11 17:22:47 -07:00
Lantao Liu	f540c2a74d	Skip sctp protocol hostport mapping. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-11 16:32:15 -07:00
Lantao Liu	0470309270	Merge pull request #908 from Random-Liu/update-kubernetes Update kubernetes to v1.12.0-beta.1.	2018-09-11 11:12:55 -07:00
Lantao Liu	a2655acd2a	Update kubernetes to v1.12.0-beta.1. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-10 17:34:48 -07:00
Lantao Liu	fe0cd3672b	Merge pull request #865 from Random-Liu/cache-image-reference Cache image reference	2018-09-10 16:21:57 -07:00
Lantao Liu	ed68cfd543	Merge pull request #901 from Random-Liu/fix-hostname-env Fix hostname env.	2018-09-10 13:57:03 -07:00
Lantao Liu	953d67d250	Create image reference cache. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-10 11:30:52 -07:00
Lantao Liu	f08a90ff64	Fix hostname env. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-10 10:58:17 -07:00
Lantao Liu	cfdf872493	Merge pull request #891 from tallclair/runtimehandler Add RuntimeHandler support	2018-09-10 10:09:57 -07:00
Yu-Ju Hong	9cd964f62b	Merge pull request #898 from Random-Liu/revert-#895 Revert "Add HOSTNAME to env by default for pod containers"	2018-09-06 16:20:29 -07:00
Lantao Liu	eb3d3cfc5e	Revert "Add HOSTNAME to env by default for pod containers" This reverts commit `4c3e195db3`. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-06 15:30:53 -07:00
Lantao Liu	db8500d10c	Merge pull request #892 from Random-Liu/fix-volume-mount-order Sort volume mount.	2018-09-06 14:44:45 -07:00
Tim Allclair	e7189a25c3	Add RuntimeHandler support Signed-off-by: Tim Allclair <tallclair@google.com>	2018-09-05 17:27:35 -07:00
Lantao Liu	67c0b3e5e2	Merge pull request #894 from Random-Liu/support-masked-readonly-paths Support masked readonly paths	2018-09-05 10:32:40 -07:00
Lantao Liu	1e471b1a44	Merge pull request #895 from estesp/add-hostname-env Add HOSTNAME to env by default for pod containers	2018-09-05 10:31:34 -07:00
Phil Estes	4c3e195db3	Add HOSTNAME to env by default for pod containers To match expectations of users coming from Docker engine runtime, add the HOSTNAME to the environment of new containers in a pod. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2018-09-05 12:04:40 -04:00
Lantao Liu	3e4cec8739	Add MaskedPaths and ReadonlyPaths support. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-04 23:49:16 -07:00
Lantao Liu	4a65865eaa	Update kubernetes to 6b7c39a4f8d4c38e8724550cc3e6e41b7ac7a276 Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-04 23:47:39 -07:00
Lantao Liu	063f8158f8	Sort volume mount. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-04 22:43:37 -07:00
Tim Allclair	89b5b3cc40	Vendor latest CRI API Signed-off-by: Tim Allclair <tallclair@google.com>	2018-09-04 20:05:11 -07:00
Lantao Liu	49877571e9	Merge pull request #886 from DataDog/JulienBalestra/tls-stream stream: can use user certificates	2018-09-03 23:35:18 -07:00
JulienBalestra	dffd0dfa0e	streaming: tls conf validation to func with tests Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>	2018-08-30 15:10:48 +02:00
Lantao Liu	9acd95319a	Merge pull request #890 from Random-Liu/update-go-cni Update go-cni to 6d7b509a054a3cb1c35ed1865d4fde2f0cb547cd.	2018-08-29 17:27:31 -07:00
Lantao Liu	3da8bedb65	Update go-cni to 6d7b509a054a3cb1c35ed1865d4fde2f0cb547cd. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-08-29 11:17:02 -07:00
JulienBalestra	859003a940	stream: struct for x509 key pair, update the docs, error management Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>	2018-08-28 17:22:11 +02:00
JulienBalestra	b82b524260	stream: can use user certificates Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>	2018-08-27 19:26:14 +02:00
Lantao Liu	df67dfff19	Merge pull request #885 from Random-Liu/enhance-container-stop Fix an issue that container/sandbox can't be stopped.	2018-08-27 10:26:11 -07:00
Lantao Liu	bca304ff3e	Fix an issue that container/sandbox can't be stopped. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-08-24 18:54:08 -07:00
Lantao Liu	a3af7393fe	Merge pull request #880 from thaJeztah/align_dependencies_to_tags Use tagged versions for dependencies where possible	2018-08-22 10:36:35 -07:00
Sebastiaan van Stijn	1d7f5f43b2	Use tagged versions for dependencies where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2018-08-22 15:31:25 +02:00
Lantao Liu	58eb04550d	Merge pull request #873 from miaoyq/verify-selinux-level Verify selinux level format	2018-08-13 18:57:01 -07:00
Yanqiang Miao	a87bda08c0	update selinux to b6fa367 Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>	2018-08-14 08:33:43 +08:00
Yanqiang Miao	415727cd9f	verify selinux level format Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>	2018-08-14 08:33:34 +08:00
Lantao Liu	7d483b2fb0	Merge pull request #874 from Random-Liu/update-containerd Update containerd to `b9eeaa1ce8`.	2018-08-09 11:00:36 -07:00
Lantao Liu	6379fd0346	Update containerd to `b9eeaa1ce8`. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-08-09 01:53:44 -07:00
Lantao Liu	c9d6151526	Merge pull request #869 from Random-Liu/support-netd Support netd in GCE bootstrap.	2018-07-31 10:44:53 -07:00
Lantao Liu	d1dcacf9ef	Support netd in GCE bootstrap. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-07-30 23:37:00 -07:00
Lantao Liu	1263024a5a	Merge pull request #864 from Random-Liu/unpack-during-import Unpack image during import.	2018-07-26 10:12:45 -07:00
Lantao Liu	e1a37e8797	Unpack image during import. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-07-26 07:48:41 +00:00
Lantao Liu	a0cfc8c1d2	Merge pull request #857 from egernst/untrusted-priv sandbox: separate host accessing workload and privileged	2018-07-24 12:11:41 -07:00
Eric Ernst	9a01272dc2	sandbox: separate host accessing workload and privileged VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: #855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>	2018-07-22 16:51:22 -07:00
Lantao Liu	2be13a8a30	Merge pull request #858 from Random-Liu/stream-serve-on-local Serve streaming on localhost by default to match k8s 1.11 default.	2018-07-20 19:12:53 -07:00

1 2 3 4 5 ...

1269 Commits