As `setupSandboxFiles` was done in sandbox controller, it is difficult
here to know if the sandbox controller has done and where the host path
in. Make sure the host path exists before adding them to linux container
mounts, otherwise, the container would generate some unnecessary mounts.
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
See kubernetes/enhancements issue 3857 (PR 3858).
Replaces PR 9713 `cri: make read-only mounts recursively read-only`
Unlike PR 9713, this PR does not automatically upgrade RO mounts to RRO.
Test depends on:
- kubernetes-sigs/cri-tools PR 1344
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Adds a plugin type for container monitor.
Rename the task monitor type to avoid confusion.
Add config migration for new plugin types to pass existing migration
tests.
Signed-off-by: Derek McGowan <derek@mcg.dev>
It's used to check new release containerd can parse metric data from existing
shim created by previous release.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Followed the Migration Guide at https://cli.urfave.org/migrate-v1-to-v2/
The major changes not pointed out in the migration guide are:
- context.Args() no longer produces a []slice, so context.Args().Slice()
in substitued
- All cli.Global***** are deprecated (the migration guide is somewhat
unclear on this)
Signed-off-by: Derek Nola <derek.nola@suse.com>
Vendor in urfave cli/v2
Signed-off-by: Derek Nola <derek.nola@suse.com>
Fix NewStringSlice calls
Signed-off-by: Derek Nola <derek.nola@suse.com>
On startup `gcTimeSum` might work fast and return `0`, so on this case
the algorithm turns in infinity loop which simple consume CPU on timer
which fires without any interval.
Use `5ms` as fallback to have interval `245ms` for that case.
Closes: https://github.com/containerd/containerd/issues/5089
Signed-off-by: Kirill A. Korinsky <kirill@korins.ky>
Schema 1 (`application/vnd.docker.distribution.manifest.v1+prettyjws`) has been
officially deprecated since containerd v1.7 (PR 6884).
We have planned to remove the support for Schema 1 in containerd v2.0, but this
removal may still surprise some users.
So, in containerd v2.0 we will just disable it by default.
The support for Schema 1 can be still enabled by setting an environment variable
`CONTAINERD_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE=1`, however, this workaround
will be completely removed in containerd v2.1.
Schema 2 was introduced in Docker 1.10 (Feb 2016), so most users should
have been already using Schema 2 or OCI.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Propagate the deprecation list to CRI runtime conditions.
The propagated conditions are visible via `crictl info`,
but not visible via `kubectl get nodes -o yaml` yet, although
the CRI API says "These conditions will be exposed to users to help
them understand the status of the system".
https://github.com/kubernetes/cri-api/blob/v0.29.1/pkg/apis/runtime/v1/api.proto#L1505-L1509
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Print deprecation warnings on any ctr command, as users won't notice the
deprecations until we actually remove the deprecated features.
The warnings can be suppressed by setting
`CONTAINERD_SUPPRESS_DEPRECATION_WARNINGS=1`.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
