github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
5,191 Commits 3 Branches 2 Tags 112 MiB
57b51b9481
Commit Graph

5191 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Estes
c9977b59f6
Merge pull request #3166 from mxpv/refactor 
Move snapshotters benchmark to a separate package
 2019-04-03 08:37:03 -04:00
Maksym Pavlenko
90085a7ac5 Add empty file to prevent build from failing 
Go build fails on directory with only test files
https://github.com/golang/go/issues/8279

Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-02 17:35:19 -07:00
Stefan Berger
baf3403439 Extend Applier's Apply() method with an optional options parameter 
Extend the Applier interface's Apply method with an optional
options parameter.

For the container image encryption we intend to use the options
parameter to pass image decryption parameters ('dcparameters'),
which are primarily (privatte) keys, in form of a JSON document
under the map key '_dcparameters', and pass them to the Applier's
Apply() method. This helps us to access decryption keys and start
the pipeline with the layer decryption before the layer data are
unzipped and untarred.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
 2019-04-02 18:19:48 -04:00
Maksym Pavlenko
8784eb6308 Move snapshotters benchmark to a separate package 
Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-02 14:42:21 -07:00
Derek McGowan
2f60e389a0
Merge pull request #2626 from krsoninikhil/defaults3 
Uses namespace labels for default options
 2019-04-02 11:46:35 -07:00
Phil Estes
22bb5ebc7f
Merge pull request #3159 from thaJeztah/fix_parseinfofile_parsing 
Fix parseInfoFile does not handle spaces in filenames
 2019-04-02 09:40:26 -04:00
Sebastiaan van Stijn
adc4fa217b
Use pkg/errors for all errors 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-02 14:13:23 +02:00
Sebastiaan van Stijn
c22effb168
fix parseInfoFile does not handle spaces in filenames 
`/proc/self/mountinfo` uses `\040` for spaces, however, `parseInfoFile()`
did not decode those spaces in paths, therefore attempting to use `\040`
as a literal part of the path.

This patch un-quotes the `root` and `mount point` fields to fix
situations where paths contain spaces.

Note that the `mount source` field is not modified, given that
this field is documented (man `PROC(5)`) as:

    filesystem-specific information or "none"

Which I interpreted as "the format in this field is undefined".

Reported-by: Daniil Yaroslavtsev <daniilyar@users.noreply.github.com>
Reported-by: Nathan Ringo <remexre@gmail.com>
Based-on-patch-by: Diego Becciolini <itizir@users.noreply.github.com>
Based-on-patch-by: Sergei Utinski <sergei-utinski@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-02 13:06:32 +02:00
Derek McGowan
bc8a1895e3
Merge pull request #3155 from crosbymichael/plugins 
Add configurable plugin path
 2019-04-01 15:22:51 -07:00
Phil Estes
932f883e49
Merge pull request #3152 from mxpv/bench 
Add snapshotters benchmark
 2019-04-01 17:21:47 -04:00
Michael Crosby
559dfa59a1 Add configurable plugin path 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2019-04-01 16:54:27 -04:00
Michael Crosby
341b99d6e2
Merge pull request #3153 from thepwagner/issue-3118 
runtime/v1/linux/proc/io: io race
 2019-04-01 16:36:49 -04:00
Maksym Pavlenko
d9526f5c4f Move CloudFormation template to contrib 
Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-01 13:34:48 -07:00
Peter Wagner
ae04c16607 runtime: guard Close() until both streams are complete 
Signed-off-by: Peter Wagner <thepwagner@github.com>
 2019-04-01 15:23:57 -04:00
Peter Wagner
e96ac2040d runtime: log IO error when copying output streams 
Signed-off-by: Peter Wagner <thepwagner@github.com>
 2019-04-01 15:23:57 -04:00
Maksym Pavlenko
515be73c82 Add snapshotters benchmark 
Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-01 11:13:27 -07:00
Lifubang
872296642a fix shouldKillAllOnExit check for v2 
Signed-off-by: Lifubang <lifubang@acmcoder.com>
 2019-03-30 11:37:14 +08:00
Lifubang
fa5f744a79 fix shouldKillAllOnExit check 
Signed-off-by: Lifubang <lifubang@acmcoder.com>
 2019-03-30 11:36:56 +08:00
Phil Estes
2d0a06d41b
Merge pull request #3146 from Ace-Tang/add-test 
test: add custom cgroup test
 2019-03-29 15:37:23 -04:00
Ace-Tang
f7f6dd7b4e test: add custom cgroup test 
avoid issue #3133 occurs again

Signed-off-by: Ace-Tang <aceapril@126.com>
 2019-03-29 15:55:50 +08:00
Michael Crosby
e7b6fea572
Merge pull request #3022 from mxpv/devmapper 
Integrate device mapper snapshotter
 2019-03-29 00:06:11 -04:00
Akihiro Suda
3a80a801af
Merge pull request #3139 from thaJeztah/bump_runc_v1.0.0-rc7 
update opencontainers/runc v1.0.0-rc7
 2019-03-29 12:32:50 +09:00
Michael Crosby
86cfcb870e
Merge pull request #3142 from thaJeztah/bump_cgroups 
bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1
 2019-03-28 22:38:02 -04:00
Sebastiaan van Stijn
2b8df8309e
bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1 
full diff: dbea6f2bd4...4994991857

brings in https://github.com/containerd/cgroups/pull/79 Return ErrCgroupDeleted when no subsystems
fixes https://github.com/containerd/containerd/issues/3133 Custom cgroup path does not work in containerd 1.2.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-28 23:36:36 +01:00
Sebastiaan van Stijn
bc6ac08784
update opencontainers/runc v1.0.0-rc7 
full diff: 2b18fe1d88...v1.0.0-rc7

changes included:

- opencontainers/runc#2012 Need to setup labeling of kernel keyrings
- opencontainers/runc#2014 Add $RUNC_USE_SYSTEMD to run tests using systemd cgroup driver
- opencontainers/runc#2015 Use getenv not secure_getenv
  - fixes opencontainers/runc#2013 build fails with musl libc
- opencontainers/runc#2023 Fixes regression causing zombie runc:[1:CHILD] processes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-28 21:42:17 +01:00
Michael Crosby
f2a20ead83
Merge pull request #3137 from Random-Liu/fix-race-and-panic 
Fix capability option race and panic.
 2019-03-28 11:43:28 -04:00
Lantao Liu
808b223536 Fix race and panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-28 01:27:13 -07:00
Maksym Pavlenko
87289a0c62 devmapper: implement Usage 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2019-03-27 14:50:12 -07:00
Maksym Pavlenko
010b4da36f devmapper: implement dmsetup status 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2019-03-27 14:26:07 -07:00
Justin
90a7da8625
Merge pull request #3128 from jhowardmsft/jjh/ci 
Windows: appveyor: Build shim binary from Microsoft/hcsshim repo
 2019-03-26 09:14:54 -07:00
John Howard
8710940165 Windows: Build shim binary from Microsoft/hcsshim 
Signed-off-by: John Howard <jhoward@microsoft.com>

This is part of a phased update to remove the existing Windows shim
code from the containerd repo, and instead use the one from Microsoft/hcsshim.
 2019-03-25 15:52:12 -07:00
John Howard
e16e995939 Vendor Microsoft/hcsshim@8abdbb82 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-25 11:11:37 -07:00
Derek McGowan
68c44f8cc8
Merge pull request #3122 from stefanberger/descriptor_annotations.pr 
Extend adaptImage function with annotations case
 2019-03-22 14:28:15 -07:00
Stefan Berger
5d50b9c2bb Extend adaptImage function with annotations case 
Extend the adaptImage function with a case for handling the annotations
so they can be used in the filter adaptors for fieldpaths.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2019-03-22 14:56:26 -04:00
Michael Crosby
9b882c44f8
Merge pull request #3000 from stefanberger/descriptor_annotations.pr 
Add missing annotations map to Descriptor for gRPC transfer
 2019-03-22 14:05:44 -04:00
Phil Estes
8ea28ff564
Merge pull request #3117 from crosbymichael/exec-load 
Fastpath opt and ExecProcess loading
 2019-03-22 13:20:51 -04:00
Michael Crosby
388c8a1760 Fastpath opt and ExecProcess loading 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2019-03-22 12:08:43 -04:00
Michael Crosby
fc44aa810c
Merge pull request #3119 from jterry75/windows_lcow_vmgroup_access 
Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID
 2019-03-22 12:07:17 -04:00
Michael Crosby
24beaece37
Merge pull request #3120 from jhowardmsft/jjh/create-data-root-with-permissions 
Windows: Root/state create with right ACL and in right place
 2019-03-22 12:06:39 -04:00
John Howard
a849664519 Windows:ProgramFiles to ProgramData 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-21 18:50:01 -07:00
John Howard
6034c1950a Windows:Create root/state with ACL 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-21 18:47:34 -07:00
Justin Terry (VM)
7361b19875 Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID 
For LCOW using the Virtual Machines SID for the shared read-only layers
improves overall performance avoiding the need to set per VM access at runtime.

Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
 2019-03-21 14:53:43 -07:00
Justin Terry (VM)
4c9b5ef8ea Update vendor github.com/Microsoft/go-winio 
Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
 2019-03-21 14:12:41 -07:00
Jack Baines
d15832a4c2 Address review comments 
-Fix whitespace on imports
-Fix test case naming

Signed-off-by: Jack Baines <jack.baines@uk.ibm.com>
 2019-03-21 15:59:49 +00:00
Phil Estes
ceba56893a
Merge pull request #3104 from AkihiroSuda/split-contentserver 
decouple api.ContentServer implementation package from bbolt dependency
 2019-03-21 10:10:26 -04:00
Michael Crosby
9bd6b0932e
Merge pull request #3111 from thaJeztah/whitelist_statx 
seccomp: whitelist statx syscall
 2019-03-20 10:48:18 -05:00
Sebastiaan van Stijn
8f8fd3c3a8
seccomp: whitelist statx syscall 
This whitelists the statx syscall; libseccomp-2.3.3 or up
is needed for this, older seccomp versions will ignore this.

Equivalent of https://github.com/moby/moby/pull/36417

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-20 11:59:02 +01:00
Jack Baines
908b771086 Add code to return message field of returned registry errors 
Docker registries return errors in a know format so this change now checks for these
errors and returns the message field. If the error is not in the expected format fall
back to the original behaviour.

https://github.com/containerd/containerd/issues/3076

Signed-off-by: Jack Baines <jack.baines@uk.ibm.com>
 2019-03-19 21:05:36 +00:00
Phil Estes
9ab4c8cbcc
Merge pull request #3108 from alculquicondor/fix/import 
Allow to import an image for the default platform only.
 2019-03-19 13:29:57 -04:00
Michael Crosby
0cbbd0f68b
Merge pull request #3107 from avikivity/3105 
seccomp: whitelist io_pgetevents
 2019-03-19 10:55:00 -05:00