containerd

Author	SHA1	Message	Date
Lantao Liu	0c2d3b718d	Fix privileged devices. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-09 17:43:06 -08:00
Lantao Liu	78708b20c7	Merge pull request #1351 from Random-Liu/better-unknown-state-handling Better handle unknown state.	2019-12-09 10:34:57 -08:00
Lantao Liu	facbaa0e79	Better handle unknown state. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-12-06 10:56:27 -08:00
bpopovschi	5d7bd738e4	Use containerD WithHostDevices Signed-off-by: bpopovschi <zyqsempai@mail.ru>	2019-12-04 11:34:46 +02:00
Lantao Liu	444f02a89e	Merge pull request #1344 from darfux/add-resolvconf-to-sandbox-container Provide resolvConf to sandbox container's mounts	2019-12-01 21:25:19 -08:00
Li Yuxuan	dbc1fb37d0	Provide resolvConf to sandbox container's mounts As https://github.com/kata-containers/runtime/issues/1603 discussed, kata relies on such mount spec to setup resolv.conf for pod VM properly. Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>	2019-11-28 12:05:05 +08:00
Lantao Liu	ab6701bd11	Add insecure_skip_verify option. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-11-26 13:25:52 -08:00
Lantao Liu	5c2f33bd0d	Cleanup path for windows mount Signed-off-by: Lantao Liu <lantaol@google.com>	2019-11-15 18:52:11 +00:00
Erik Wilson	7cc3938717	Set default scheme in registryEndpoints for host Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>	2019-10-31 10:30:17 -07:00
Lantao Liu	65b9c31805	Use `http` for localhost, 127.0.0.1 and ::1 by default. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-10-28 19:07:43 -07:00
Lantao Liu	d95e21c89b	Add container compute stats support. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-10-25 14:32:02 -07:00
Lantao Liu	2ce0bb0926	Update code for latest containerd. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-10-09 18:05:20 -07:00
Lantao Liu	358d672160	Add hostname CRI validation and unit test. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-25 16:11:27 -07:00
Lantao Liu	7fba77f238	Merge pull request #1298 from Random-Liu/set-sandbox-cpu-shares Set default sandbox container cpu shares on windows.	2019-09-25 11:05:43 -07:00
Lantao Liu	2eba67a7ee	Merge pull request #1287 from crosbymichael/cgroups Use type alias from containerd for cgroup metric types	2019-09-24 17:34:49 -07:00
Lantao Liu	f3ef10e9a2	Set default sandbox container cpu shares on windows. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-24 17:03:11 -07:00
Justin Terry (VM)	ed7873ef1e	Forward SandboxConfig.Hostname to Workload container activation 1. For Windows the Hostname property is not inherited from the sandbox and must be passed for the Workload container activations as well. Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>	2019-09-24 10:21:17 -07:00
Lantao Liu	bad68a8270	Merge pull request #1284 from liyanhui1228/win_portforward Add windows port forward support	2019-09-23 22:17:08 -07:00
Angela Li	dc413bd6d6	Add windows portforward support Signed-off-by: Angela Li <yanhuil@google.com>	2019-09-23 17:36:43 -07:00
Michael Crosby	c8c7c54a6e	Use typealias for containerd metrics Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-09-20 16:01:48 -04:00
Lantao Liu	470776c903	Merge pull request #1274 from Random-Liu/dualstack Add DualStack support	2019-09-19 21:32:26 -07:00
Lantao Liu	c1ece0c801	Address comment. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-19 14:05:28 -07:00
Phil Estes	229eb19bd6	Add back default UNIX env to container config Due to changes to the defaults in containerd, the CRI path to creating a container OCI config needs to add back in the default UNIX $PATH (and any other defaults) as that is the expected behavior from other runtimes. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2019-09-19 09:00:25 -04:00
Antonio Ojea	fcd6bf318b	Report Additional POD IPs Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-18 17:21:37 -07:00
Lantao Liu	dc964de85f	Add windows implmenetation Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-18 10:46:29 -07:00
Lantao Liu	c6cb25c158	Open/create log file with FILE_SHARE_DELETE on windows Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-18 10:46:28 -07:00
Mike Brown	738179542a	add a test case for container_annotations Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2019-09-10 11:28:59 +03:00
Ed Bartosh	05a9028969	Use container annotations when creating containers Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>	2019-09-10 11:28:59 +03:00
Lantao Liu	115b7664d9	Clarify some exec behavior. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-03 16:52:23 -07:00
Lantao Liu	50c73e6dc5	Move unix specific logic into _unix.go Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-03 16:23:42 -07:00
Lantao Liu	c6203ec13b	Fix panic for task in unknown state. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-09-03 14:56:15 -07:00
Nishchay	f41675d234	fix: support empty auth config for anonymous registry - empty username means caller wants to use no credentials, typically for anonymous registry - Fixes https://github.com/containerd/cri/issues/1249 Signed-off-by: Nishchay Kumar <mrawesomenix@gmail.com>	2019-08-28 10:24:31 -07:00
Lantao Liu	28aef2fe38	Support CNI DNS capabilities. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-22 14:29:04 -07:00
Lantao Liu	10acd8e769	Fix apparmor for privileged. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-19 16:28:45 -07:00
Michael Crosby	3995efc7c1	Update cni and go-cni to the v0.7.1 release Closes #1236 Signed-off-by: Michael Crosby <crosbymichael@gmail.com>	2019-08-14 16:19:37 +00:00
Lantao Liu	81ca274c6f	Add wildcard mirror support. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-13 12:02:57 -07:00
Lantao Liu	8021850e91	Merge pull request #1233 from AkihiroSuda/allow-ca-without-client-certs allow non-mutual TLS	2019-08-11 17:07:57 -07:00
Lantao Liu	fd6c732cd7	Merge pull request #1232 from Random-Liu/avoid-schema1-roundtrip Remove extra roundtrip for checking schema1.	2019-08-10 10:25:46 -07:00
Akihiro Suda	28e492fce0	allow non-mutual TLS Previously, client keypair had needed to be specified even when unused. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2019-08-10 21:48:03 +09:00
Lantao Liu	d64fa3b6b8	Remove extra roundtrip for checking schema1. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-09 18:47:40 -07:00
Lantao Liu	005f9f7378	Consider endpoint path when checking default host. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-09 18:22:08 -07:00
Lantao Liu	53e94c6753	Use containerd registry mirror library. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-09 14:39:30 -07:00
Alex Price	3353ab76d9	Add flag to overload default privileged host device behaviour This commit adds a flag to the runtime config that allows overloading of the default privileged behaviour. When the flag is enabled on a runtime, host devices won't be appended to the runtime spec if the container is run as privileged. By default the flag is false to maintain the current behaviour of privileged. Fixes #1213 Signed-off-by: Alex Price <aprice@atlassian.com>	2019-08-08 12:16:42 +10:00
Lantao Liu	95bd02d28f	Merge pull request #1200 from jterry75/image_user Assign ImageSpec User if SecurityContext is not set	2019-08-07 13:50:08 -07:00
Lantao Liu	8ea0cc90aa	Merge pull request #1221 from jterry75/log_g Switch to containerd/log package	2019-08-07 13:49:33 -07:00
Justin Terry (VM)	bc2cff625b	Assign ImageSpec User if SecurityContext is not set By default the SecurityContext for Container activation can contain a Username UID, GID. The order of precedences is username, UID, GID. If none of these options are specified as a last resort attempt to set the ImageSpec username. Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>	2019-08-07 12:20:52 -07:00
Justin Terry (VM)	193918b702	Switch to containerd/log package Moves to the containerd/log package over logrus directly. This benefits the traces because if using any log context such as OpenCensus on the entry gRPC API all traces for that gRPC method will now contain the appropriate TraceID, SpanID for easy correlation. Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>	2019-08-07 12:18:18 -07:00
Lantao Liu	eae5fc360f	Infer systemd cgroup based on path suffix. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-06 11:00:51 -07:00
Lantao Liu	986d04aec1	Add test for disable_proc_mount. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-02 11:22:34 -07:00
Lantao Liu	b74653b821	Print warning message for deprecated options. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-08-02 01:10:11 -07:00

1 2 3 4 5 ...

603 Commits