github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,497 Commits 3 Branches 2 Tags 112 MiB
32f6e6c8aa
Commit Graph

11497 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Brown
9d479844c6 vendor k8s and containerd for apparmor fix 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-01 18:08:34 -05:00
Mike Brown
4f442de959 adds support for AppArmor 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-01 18:08:34 -05:00
Lantao Liu
4f449cec5f Merge pull request #202 from Random-Liu/fix-image-repo-digest 
Fix repo digest for schema 1 image.
 2017-09-01 16:01:05 -07:00
Lantao Liu
e6332a7d7f Configure iptables to accept all TCP/UDP/ICMP packets. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-01 22:59:20 +00:00
Kenfe-Mickaël Laventure
b4cc42d028 Merge pull request #1460 from mlaventure/pid-host-kill-init 
Ensure all init children are dead when it exits
 2017-09-01 15:17:40 -07:00
Kenfe-Mickael Laventure
939ad32117
Update go-runc to ba22f6a82e52be3be4eb4a00000fe816f4b41c2e 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-09-01 14:50:56 -07:00
Kenfe-Mickael Laventure
a6fb9bc111
reaper: Return an error if exit status is not 0 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-09-01 14:50:56 -07:00
Kenfe-Mickael Laventure
92772bd471
linux: Ensure all init children are dead when it exits 
This ensure that when using the host pid, we don't let process alive,
preventing Wait() to return until they all die.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-09-01 14:50:56 -07:00
Kenfe-Mickael Laventure
9d251cbd1b
Delete bundle dir on restore if we're not debugging the shim 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-09-01 14:50:56 -07:00
Kenfe-Mickaël Laventure
d3e1132588 Merge pull request #1453 from crosbymichael/oom 
Convert oom metric to const
 2017-09-01 14:45:46 -07:00
Stephen Day
378e3343fe Merge pull request #1362 from AkihiroSuda/ctr-snapshot-info 
ctr: add `ctr snapshot info <key>`
 2017-09-01 14:25:25 -07:00
Lantao Liu
7121d251b0 Return image repo digest in container status. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-01 20:58:15 +00:00
Michael Crosby
b04e408a4b Convert OOM Metric to Const 
This converts the oom metric to be a const metric so that deleted tasks
do not fill up the metric labels.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-09-01 16:43:30 -04:00
Michael Crosby
93395c0b1d Merge pull request #1462 from stevvooe/fieldpath-fix 
service/containers: correctly plumb fieldpaths
 2017-09-01 16:30:57 -04:00
Stephen J Day
5cc108605f
service/containers: correctly plumb fieldpaths 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2017-09-01 13:17:31 -07:00
Derek McGowan
7182085551 Merge pull request #1447 from stevvooe/nice-events 
containerd: export Subscribe method on client
 2017-09-01 11:42:49 -07:00
Phil Estes
4291fb4803 Merge pull request #1454 from mlaventure/per-container-runtime-binary 
Per container runtime binary
 2017-09-01 13:25:17 -04:00
Phil Estes
a3f0bbaac1 Merge pull request #1459 from crosbymichael/exec-wait 
Wait on exec process not task
 2017-09-01 12:12:28 -04:00
Michael Crosby
5614e9c7b3 Wait on exec process not task 
Fixes #1449

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-09-01 11:51:45 -04:00
Michael Crosby
3e2a9c60af Merge pull request #1458 from AkihiroSuda/net-host 
ctr: net-host: bind-mount host /etc/{hosts,resolv.conf}
 2017-09-01 10:28:17 -04:00
Phil Estes
dd05301bef Merge pull request #1457 from AkihiroSuda/nit-doc 
RELEASES.md: Go API -> Go client API
 2017-09-01 10:00:23 -04:00
Lantao Liu
5057c2d4fb Merge pull request #197 from Random-Liu/not-remove-out-dated-tag 
Do not remove out dated image tag.
 2017-09-01 00:48:37 -07:00
Lantao Liu
cfb5513a54 Fix repo digest for schema 1 image. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-01 07:18:02 +00:00
Akihiro Suda
053deb5ce2 ctr: net-host: bind-mount host /etc/{hosts,resolv.conf} 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-09-01 07:16:31 +00:00
Lantao Liu
73bb6e3283 Do not remove out dated image tag. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-01 07:09:13 +00:00
Akihiro Suda
37896edfed RELEASES.md: Go API -> Go client API 
So as to make sure the Go plugin API is not in the scope

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-09-01 07:05:35 +00:00
Akihiro Suda
525bffd194 snapshot: support JSON marshalling for Info 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-09-01 04:47:35 +00:00
Akihiro Suda
fef7f3addc ctr: add ctr snapshot info <key> 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-09-01 04:41:34 +00:00
Lantao Liu
9c49624174 Merge pull request #157 from miaoyq/apply-selinux-opt 
Support selinux options/label
 2017-08-31 16:30:30 -07:00
Lantao Liu
66baf1312d Merge pull request #193 from abhinandanpb/containerd_shim 
Setting containerd shim to Pod cgroup
 2017-08-31 16:12:57 -07:00
Ian Campbell
94b0d0ecd0 ctr: drop labels from ctr containers subcommand list 
The labels can be very long (e.g. cri-containerd stores a large JSON metadata
blob as `io.cri-containerd.container.metadata`) which renders the output
useless due to all the line wrapping etc.

The information is still available in `ctr containers info «name»`.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-08-31 23:42:21 +01:00
Abhinandan Prativadi
59008c608e Setting containerd shim cgroup same as pod cgroup 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-08-31 15:16:51 -07:00
Lantao Liu
82ee80d0fa Implement streaming server stop (Kubernetes#51377) 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-31 21:56:47 +00:00
Kenfe-Mickael Laventure
1b79170849
linux: Add RuntimeRoot to RuncOptions 
This allow specifying wher the OCI runtime should store its state data.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-31 14:35:05 -07:00
Kenfe-Mickael Laventure
ab0cb4e756
linux: Honor RuncOptions if set on container 
This also fix the type used for RuncOptions.SystemCgroup, hence introducing
an API break.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-31 14:35:05 -07:00
Kenfe-Mickael Laventure
e0d8cb1366
Fix retrieval of container Runtime.Options field 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-31 12:05:39 -07:00
Kenfe-Mickaël Laventure
22df20b35f Merge pull request #1452 from crosbymichael/reaper2 
Update reaper for multiple subscribers
 2017-08-31 11:52:23 -07:00
Michael Crosby
6b4c4a2937 Update reaper for multipe subscribers 
Depends on https://github.com/containerd/go-runc/pull/24

The is currently a race with the reaper where you could miss some exit
events from processes.

The problem before and why the reaper was so complex was because
processes could fork, getting a pid, and then fail on an execve before
we would have time to register the process with the reaper.  This could
cause pids to fill up in a map as a way to reduce the race.

This changes makes the reaper handle multiple subscribers so that the
caller can handle locking, for when they want to wait for a specific
pid, without affecting other callers using the reaper code.

Exit events are broadcast to multiple subscribers, in the case, the runc
commands and container pids that we get from a pid-file.  Locking while
the entire container stats no longs affects runc commands where you want
to call `runc create` and wait until that has been completed.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-31 14:29:47 -04:00
Stephen J Day
9255e752b3
containerd: export Subscribe method on client 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2017-08-31 11:14:03 -07:00
Phil Estes
c2e894c33a Merge pull request #1448 from darrenstahlmsft/ConsoleSize 
Ensure ConsoleSize is not nil
 2017-08-31 08:49:45 -04:00
Yanqiang Miao
0c3304e006 Support selinux options/label 
Support selinux optios/label

Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
 2017-08-31 19:20:12 +08:00
Lantao Liu
c311f10a77 Merge pull request #190 from Random-Liu/cleanup-image-operations 
Cleanup image operations
 2017-08-30 18:19:40 -07:00
Lantao Liu
ac4f238f48 Cleanup image operations. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-31 00:52:09 +00:00
Lantao Liu
130aa5ac0d Checkpoint container status onto disk. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-31 00:41:52 +00:00
Stephen Day
c1c2aafffe Merge pull request #1444 from Random-Liu/add-image-config 
Add image config function.
 2017-08-30 17:27:23 -07:00
Darren Stahl
04c6bf42e2 Ensure ConsoleSize is not nil 
Signed-off-by: Darren Stahl <darst@microsoft.com>
 2017-08-30 16:34:20 -07:00
Lantao Liu
39854b292a Merge pull request #184 from abhinandanpb/cgroup 
Adding option to configure cgroup to start cri-containerd
 2017-08-30 16:27:01 -07:00
Lantao Liu
76e016ca30 Add image config function. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-30 23:02:43 +00:00
Abhinandan Prativadi
e1edeae4c9 Adding option to configure cgroup to start cri-containerd 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-08-30 14:37:40 -07:00
Lantao Liu
80b57f54a6 Merge pull request #192 from Random-Liu/fix-sandbox-container-snapshotter 
Fix sandbox container snapshotter.
 2017-08-30 13:47:15 -07:00