github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,497 Commits 3 Branches 2 Tags 112 MiB
32f6e6c8aa
Commit Graph

11497 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lantao Liu
356a41c424
Merge pull request #697 from Random-Liu/fs-layout-change 
adds volatile state directory to the fs plan for cntrs/pods/fifo
 2018-03-23 19:24:19 -07:00
Lantao Liu
f4c9ef2647 Add symlink follow into unmount util. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-24 01:25:31 +00:00
Mike Brown
94df315de8 adds volatile state directory to the fs plan for cntrs/pods/fifo 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-03-24 00:05:52 +00:00
Lantao Liu
2ab611a2f2
Merge pull request #698 from Random-Liu/update-dependencies 
Update dependencies
 2018-03-23 16:48:14 -07:00
Stephen J Day
acc71293c5
server: allow configuration default send/recv message sizes 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-03-23 16:17:23 -07:00
Lantao Liu
aa83a7a0aa Change for new containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 23:03:16 +00:00
Lantao Liu
e5f6cbce51 Update kubernetes to v1.10.0-rc.1 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 23:03:07 +00:00
Lantao Liu
776929c52e Update containerd to 8a7e17ef96 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 23:03:00 +00:00
Stephen J Day
9754696ff5
linux/prox: timeout fifo creation 
Under certain conditions in the client, the fifo for a container may not
be created. A timeout has been added to this operation to ensure the
shim can recover when the client fails to open the fifos.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-03-23 14:53:13 -07:00
Lantao Liu
205892d935
Merge pull request #696 from Random-Liu/update-document 
Update documents.
 2018-03-23 14:47:33 -07:00
Lantao Liu
b05744478a Update documents. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 21:03:46 +00:00
Derek McGowan
8a7e17ef96
Merge pull request #2227 from stevvooe/include-aufs-default 
cmd/containerd: include aufs by default
 2018-03-23 12:33:04 -07:00
Stephen J Day
ab8e05ac50
cmd/containerd: include aufs by default 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-03-23 11:27:12 -07:00
Michael Crosby
3e8e9d3ed7
Merge pull request #2223 from dmcgowan/with-lease-context 
lease: pass in context to lease done function in client
 2018-03-23 10:27:39 -04:00
Lantao Liu
7f64f9b85c
Merge pull request #695 from miaoyq/add-doc-for-config 
Add a document for cri plugin config
 2018-03-23 00:55:26 -07:00
Yanqiang Miao
559581e18a Add a document for cri plugin config 
Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
 2018-03-23 15:08:58 +08:00
Lantao Liu
c6fecb2115
Merge pull request #688 from Random-Liu/cleanup-kata-code 
Address comments for privileged runtime code.
 2018-03-22 23:01:31 -07:00
Akihiro Suda
7b323b1402 services/content: fix reading a blob which is smaller than the read buffer. 
The newly added test fails without this fix in services/content/service.go:

    $ go test -c . && sudo ./containerd.test -test.v -test.root -test.run TestContentClient
    ...
        --- FAIL: TestContentClient/SmallBlob (0.02s)
            provideringester.go:62: rpc error: code = OutOfRange desc = read
    past object length 6 bytes
            helpers.go:67: drwx------       4096
    /tmp/content-suite-ContentClient-286788688
    FAIL

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-03-23 12:51:28 +09:00
Lantao Liu
ca67f94ee0 Address comments for privileged runtime code. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 02:17:46 +00:00
Lantao Liu
c63c357d2d
Merge pull request #694 from Random-Liu/address-comments-in-#681 
Make const private.
 2018-03-22 18:31:04 -07:00
Lantao Liu
55d512b98c Make const private. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-23 00:48:50 +00:00
Lantao Liu
5ae4de1cc2
Merge pull request #681 from mikebrow/tls-config 
adds tls certificate to tls config
 2018-03-22 17:34:04 -07:00
Derek McGowan
382b313c51
Merge pull request #2222 from ijc/ignore-sockets-in-archiver 
Ignore sockets when creating a tar stream of a layer
 2018-03-22 14:11:42 -07:00
Derek McGowan
43d0a5cb60
Pass in context to lease done function in client 
Allows the client to choose the context to finish the lease.
This allows the client to switch contexts when the main context
used to the create the lease may have been cancelled.

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-03-22 14:09:24 -07:00
Kenfe-Mickaël Laventure
07dfb0368a
Merge pull request #2220 from stevvooe/redundant-pkg-name 
cmd/ctr/app: remove redundant package name
 2018-03-22 13:23:50 -07:00
Derek McGowan
804249cdcf
Merge pull request #2214 from miaoyq/fixes-config-bug 
Fixes a default config bug of gc scheduler
 2018-03-22 13:21:33 -07:00
Derek McGowan
9b111bdc39
Add ignore socket test 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-03-22 13:17:33 -07:00
Lantao Liu
b142a225ea
Merge pull request #690 from nitkon/master 
Bump pause container to multi-arch gcr.io/google-containers/pause:3.1
 2018-03-22 11:47:44 -07:00
Stephen J Day
903ee88368
cmd/ctr/app: remove redundant package name 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-03-22 10:12:00 -07:00
Ian Campbell
2ec3382d2d Ignore sockets when creating a tar stream of a layer 
The go-tar implementation which is used cannot handle sockets.

There's no good reason to preserve a socket, they are basically useless without
the process which made them.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2018-03-22 15:19:35 +00:00
Mike Brown
89adb74414 adds tls certificate to tls config 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-03-22 09:42:31 -05:00
Nitesh Konkar
6a542c596b Bump pause container to multi-arch gcr.io/google-containers/pause:3.1 
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
 2018-03-22 05:44:12 +00:00
Akihiro Suda
9304193b8c
Merge pull request #2219 from dmcgowan/fix-lock-on-schema1-configs 
content: add writer open helper to handle unavailable refs
 2018-03-22 11:45:17 +09:00
Derek McGowan
5304ef294b
Add writer open helper to handle unavailable refs 
Updates blob writer helper to use new open and ensure
unavailable errors are always handled.
Removes duplication of unavailable handling code.

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-03-21 16:30:22 -07:00
Lantao Liu
246ffa325d
Merge pull request #689 from Random-Liu/remove-omit-empty 
Remove omitempty from config json.
 2018-03-21 11:41:36 -07:00
Lantao Liu
9177cb16bc Remove omitempty from config json. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-21 07:28:25 +00:00
Lantao Liu
cf156144bc
Merge pull request #657 from jcvenegas/trusted-runtime 
[WIP]config: Allow to define trusted runtime
 2018-03-20 19:21:04 -07:00
Lantao Liu
f3b8e72998
Merge pull request #685 from Random-Liu/update-cri-tools 
Update cri-tools and build critest into release tarball again.
 2018-03-20 19:08:18 -07:00
Lantao Liu
65c1cc77bb
Merge pull request #682 from Random-Liu/update-doc 
Update README.d and graphs.
 2018-03-20 19:08:06 -07:00
Jose Carlos Venegas Munoz
536b381362 test: Allow change containerd config 
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2018-03-20 18:05:40 -06:00
Jose Carlos Venegas Munoz
bdc5eee544 test: Add unit tests for privileged runtime functions 
- Add unit test for privilegedSandbox

- Add unit test  for getRuntime

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2018-03-20 18:04:23 -06:00
Lantao Liu
36768a1920 Update cri-tools and build critest into release tarball again. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-20 21:26:05 +00:00
Lantao Liu
129d060e10 Update README.d and graphs. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-20 21:11:23 +00:00
Jose Carlos Venegas Munoz
ca16bd601a runtime: Add trusted runtime option 
Some CRI compatible runtimes may not support provileged operations.
Specifically hypervisor based runtimes (like kata-containers, cc-runtime
and runv) do not support privileged operations like:

- Provide access to the host namespaces
- Create fully privileged containers with access to host devices

Hypervisor based runtimes create container workloads within virtual machines.
When a running host privileged containers using them,
they wont provide support to requested the privileged opertations.

This commits add the new options to define two runtimes:

Trusted runtime : Used when a privileged container is requested.
Default runtime : for non-privileged workloads.

A container that belongs to a privileged pod will inherent this property
an will be created with the trusted runtime.

- Add options to define trusted runtime
- Add logic to decide if a sanbox is trusted
- Export annotation containers below to a trusted sandbox

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2018-03-20 13:56:49 -06:00
Lantao Liu
7f959b6dd5
Merge pull request #684 from Random-Liu/fix-kube-up-and-docs 
Fix for kube-up.sh and update several documments.
 2018-03-20 10:18:14 -07:00
Yanqiang Miao
d465f858a0 Fixes a default config bug of gc scheduler 
Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
 2018-03-20 19:29:40 +08:00
Lantao Liu
904938fa9d Fix for kube-up.sh and update several documments. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-20 09:24:15 +00:00
Lantao Liu
013ab03a53
Merge pull request #683 from Random-Liu/rename-variables 
Rename all variables to remove "cricontainerd".
 2018-03-19 15:45:45 -07:00
Lantao Liu
387da59ee5 Rename all variables to remove "cricontainerd". 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-19 21:59:32 +00:00
Kenfe-Mickaël Laventure
4c8bbb55b7
Merge pull request #2216 from crosbymichael/task-id 
Add task.ID() API
 2018-03-19 14:01:54 -07:00