github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,497 Commits 3 Branches 2 Tags 112 MiB
32f6e6c8aa
Commit Graph

380 Commits

Author SHA1 Message Date
Phil Estes
9b39b0bfd9
Merge pull request #7812 from mxpv/cri 
Minor fix when querying pod sandbox status
 2022-12-14 10:15:03 -05:00
Maksym Pavlenko
371e27ffb2
Merge pull request #7809 from mikebrow/check-deep-copies-on-restart 
nil check to avoid panic on upgrade
 2022-12-13 22:22:20 -08:00
Maksym Pavlenko
0e33a8fa4f [sb] Fix status 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-13 16:35:15 -08:00
Derek McGowan
c666147592
Merge pull request #7805 from chaunceyjiang/painc 
fatal error: concurrent map iteration and map write
 2022-12-13 15:01:25 -08:00
Mike Brown
ce3a732709 nil check to avoid panic on upgrade 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-12-13 16:18:18 -06:00
Phil Estes
ecf00ffe84
Merge pull request #7783 from inspektor-gadget/qasim/cri-disable-swap 
cri: make swapping disabled with memory limit
 2022-12-13 15:21:51 -05:00
chaunceyjiang
5a3a9baec9 fatal error: concurrent map iteration and map write 
Signed-off-by: chaunceyjiang <chaunceyjiang@gmail.com>
 2022-12-13 20:08:23 +08:00
Fu Wei
d2f68bfb36
Merge pull request #7313 from pacoxu/image-pull-metrics 
add metrics for image pulling: error; in progress count; thoughput
 2022-12-13 19:49:22 +08:00
Fu Wei
f2cf411b79
Merge pull request #7073 from ruiwen-zhao/event 
Add container event support to containerd
 2022-12-09 15:24:23 +08:00
Maksym Pavlenko
e1abaeb386
Merge pull request #7764 from mxpv/config 
Pass TOML configuration options for runtimes CRI is not aware of
 2022-12-08 12:59:13 -08:00
ruiwen-zhao
a6929f9f6b Add Evented PLEG support to sandbox server 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-12-08 19:31:36 +00:00
ruiwen-zhao
a338abc902 Add container event support to containerd 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-12-08 19:30:39 +00:00
Maksym Pavlenko
3bc8fc4d30 Cleanup build constraints 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-08 09:36:20 -08:00
Qasim Sarfraz
69975b92bb cri: make swapping disabled with memory limit 
OCI runtime spec defines memory.swap as 'limit of memory+Swap usage'
so setting them to equal should disable the swap. Also, this change
should make containerd behaviour same as other runtimes e.g
'cri-dockerd/dockershim' and won't be impacted when user turn on
'NodeSwap' (https://github.com/kubernetes/enhancements/issues/2400) feature.

Signed-off-by: Qasim Sarfraz <qasimsarfraz@microsoft.com>
 2022-12-08 13:54:55 +01:00
Maksym Pavlenko
d10dbd2d2d
Merge pull request #7773 from mxpv/ctx 
Fix context when waiting sandbox
 2022-12-07 13:53:37 -08:00
Derek McGowan
241563be06
Merge pull request from GHSA-2qjp-425j-52j9 
CRI stream server: Fix goroutine leak in Exec
 2022-12-07 13:50:26 -08:00
Maksym Pavlenko
f9295aa49f Fix context when waiting sandbox 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-07 12:52:04 -08:00
Maksym Pavlenko
8ab1d44967 Pass runtime configuration as TOML blob 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-07 10:55:06 -08:00
Paco Xu
c59f1635f0 add metrics for image pulling: success/failure count; in progress count; thoughput 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-12-07 15:11:00 +08:00
Maksym Pavlenko
03a4dc0711
Merge pull request #7768 from mxpv/fixes 
sbserver bug fixing
 2022-12-06 17:07:54 -08:00
Maksym Pavlenko
a113737ccf sbserver bug fixing 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-06 15:32:42 -08:00
Phil Estes
5d4276cc34
Merge pull request #7525 from thaJeztah/remove_deprecated_stubs 
remove some (aliases for) deprecated functions
 2022-12-06 11:49:18 -05:00
Derek McGowan
51195ad099
Merge pull request #7731 from mxpv/cri 
[Sandbox API] CRI status cleanup
 2022-12-01 13:43:13 -08:00
Derek McGowan
c469f67a2b
Merge pull request #6019 from klihub/pr/proto/nri 
NRI: add support for NRI with extended scope.
 2022-11-30 10:42:17 -08:00
Kirtana Ashok
08d5879f32 Added nullptr checks to pkg/cri/server and sbserver 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2022-11-29 13:25:49 -08:00
Danny Canter
f012617edf CRI stream server: Fix goroutine leak in Exec 
In the CRI streaming server, a goroutine (`handleResizeEvents`) is launched
to handle terminal resize events if a TTY is asked for with an exec; this
is the sender of terminal resize events. Another goroutine is launched
shortly after successful process startup to actually do something with
these events, however the issue arises if the exec process fails to start
for any reason that would have `process.Start` return non-nil. The receiver
goroutine never gets launched so the sender is stuck blocked on a channel send
infinitely.

This could be used in a malicious manner by repeatedly launching execs
with a command that doesn't exist in the image, as a single goroutine
will get leaked on every invocation which will slowly grow containerd's
memory usage.

Signed-off-by: Danny Canter <danny@dcantah.dev>
 2022-11-29 06:31:38 -08:00
Maksym Pavlenko
9f4ba48839 [sandbox] Fix panic when waiting for sandbox controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 13:29:21 -08:00
Maksym Pavlenko
dbc6d33ac5 [sandbox] Specify sandbox ID when using sandboxed shims 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 13:27:54 -08:00
Maksym Pavlenko
9a53a6c34a [sandbox] Don't access pause container when creating pod container 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 12:48:57 -08:00
Maksym Pavlenko
cc111eef61 [sandbox] Move sandbox info to podsandbox controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 12:06:41 -08:00
Krisztian Litkey
02f0a8b50e pkg/cri/server: nuke old v0.1.0 NRI hooks. 
Remove direct invocation of old v0.1.0 NRI plugins. They
can be enabled using the revised NRI API and the v0.1.0
adapter plugin.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:42 +02:00
Krisztian Litkey
b27ef6f169 pkg/cri/server: experimental NRI integration for CRI. 
Implement the adaptation interface required by the NRI
service plugin to handle CRI sandboxes and containers.
Hook the NRI service plugin into CRI request processing.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:08 +02:00
Maksym Pavlenko
a6d1d53cc2 [sandbox] Update Controller.Status protos 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 10:13:37 -08:00
Fu Wei
6bfe6e38b2
Merge pull request #7684 from mxpv/sb-runtime-fix 
Fix sandbox API when calling sandboxed shims
 2022-11-28 22:32:08 +08:00
Maksym Pavlenko
6d830d30ad
Merge pull request #7470 from lengrongfu/feat/sandbox_api_status 
Sandbox API: implement Controller.Status for SandboxAPI
 2022-11-22 18:11:57 -08:00
Maksym Pavlenko
ae0da7dc58 Use sandbox store to retrieve runtime info for sandboxed containers 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-22 17:43:40 -08:00
Maksym Pavlenko
3ddaa34445 Retrieve sandbox creation time from store. 
All pause container object references must be removed
from sbserver. This is an implementation detail of
podsandbox package.

Added TODOs for remaining work.

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-22 17:43:36 -08:00
Maksym Pavlenko
4b32819823 Remove duplicated helpers 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-22 17:40:36 -08:00
Maksym Pavlenko
3f331e7d13 Specify runtime configuration for sandbox shims 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-22 17:39:27 -08:00
Samuel Karp
a74f7e902b
sbserver: save netns in sandbox metadata on create 
Port of b41d6f40bb to sbserver

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-11-21 16:45:37 -08:00
Samuel Karp
1deaedd38a
sbserver: persist sandbox during partial teardown 
Port of 4f4aad057d to sbserver

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-11-21 16:45:36 -08:00
Phil Estes
99acefaad9
Merge pull request #7697 from inspektor-gadget/qasim/add-sandbox-uid-annotation 
cri: add pod uid annotation
 2022-11-21 10:54:20 -05:00
Sebastiaan van Stijn
3e5b444ac4
pkg/cri/util/: remove deprecated NormalizeImageRef alias 
Has been deprecated in containerd v1.3.0, so we can remove this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:27:20 +01:00
yanggang
579c7f43de
Change fsnotify event status condition. 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2022-11-20 09:43:54 +08:00
Fu Wei
8e787543de
Merge pull request #7685 from sofat1989/mainrunserially 
can set up the network serially by CNI plugins
 2022-11-19 12:33:40 +08:00
Qasim Sarfraz
0c4d32c131 cri: add pod uid annotation 
Signed-off-by: Qasim Sarfraz <qasimsarfraz@microsoft.com>
 2022-11-19 01:12:02 +01:00
ruiwen-zhao
792294ce06 Update to cri-api v0.26.0-beta.0 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:13:34 +00:00
ruiwen-zhao
234bf990dc Copy cri-api v1alpha2 from v0.25.4 to containerd internal directory 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:09:43 +00:00
Fei Su
f6232793b4 can set up the network serially by CNI plugins 
Signed-off-by: Fei Su <sofat1989@126.com>
 2022-11-18 15:19:00 +08:00
Kazuyoshi Kato
6596a70861 Use github.com/containerd/cgroups/v3 to remove gogo 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-11-14 21:07:48 +00:00