github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
1,781 Commits 3 Branches 4 Tags
7a24da03752a00cb1e27b95d72b7f2f690b30f81
Commit Graph

97 Commits

Author SHA1 Message Date
Brandon Lum
7a24da0375 Updated docs and encryption.md -> decryption.md 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
c5209cd679 Updated doc based on changes requested 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
8df431fc31 Defer multitenant key model to image auth discussion 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
f0579c7b4d Implmented node key model for image encryption 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Mike Brown
c9ed98462d move to v3.2 for the pause image 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-02-14 12:55:52 -06:00
Akihiro Suda
aaddaa2732 bump up the default runtime to "io.containerd.runc.v2" 
The former default runtime "io.containerd.runc.v1" won't support new features
like support for cgroup v2: containerd/containerd#3726

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2019-12-16 11:53:58 +09:00
Lantao Liu
4f350ad474 Fix typo. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-11-26 15:09:07 -08:00
Lantao Liu
ab6701bd11 Add insecure_skip_verify option. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-11-26 13:25:52 -08:00
Lantao Liu
56fa16ef9c Update the kube-up doc with a simpler approach. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-09-23 17:24:10 -07:00
Lantao Liu
35eb96d901 Update deployment and integration test 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-09-18 17:21:37 -07:00
Ed Bartosh
e28689657a Add ContatinerAnnotations to the Runtime and config 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2019-09-10 11:28:51 +03:00
Lantao Liu
2d03ccf5dd FDQN is a typo, and we don't support trailing dot in FQDN. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-30 13:31:04 -07:00
Lantao Liu
81ca274c6f Add wildcard mirror support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-13 12:02:57 -07:00
Akihiro Suda
28e492fce0 allow non-mutual TLS 
Previously, client keypair had needed to be specified even when unused.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2019-08-10 21:48:03 +09:00
Lantao Liu
53e94c6753 Use containerd registry mirror library. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-09 14:39:30 -07:00
Alex Price
3353ab76d9 Add flag to overload default privileged host device behaviour 
This commit adds a flag to the runtime config that allows overloading of the default
privileged behaviour. When the flag is enabled on a runtime, host devices won't
be appended to the runtime spec if the container is run as privileged.

By default the flag is false to maintain the current behaviour of privileged.

Fixes #1213

Signed-off-by: Alex Price <aprice@atlassian.com>
 2019-08-08 12:16:42 +10:00
Lantao Liu
871a8b89c8 Do not deprecate no_pivot yet. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-05 15:12:50 -07:00
Lantao Liu
b74653b821 Print warning message for deprecated options. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-02 01:10:11 -07:00
Lantao Liu
467f9e0e8a Fix proc mount support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-31 17:11:15 -07:00
Lantao Liu
c78caf902d Add max concurrent downloads support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-26 18:15:17 -07:00
Aldo Culquicondor
4b43303203 Add option to register on TCP server 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-25 09:42:49 -04:00
Lantao Liu
64bf4bebf3 Merge pull request #1188 from alculquicondor/fix/doc 
Update docs to v2 config
 2019-07-24 14:25:42 -07:00
Aldo Culquicondor
e2550f6285 Update docs to v2 config 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-24 09:30:13 -04:00
Joe Borg
9ebc10ec08 Correcting typo 
`/ec/` > `/etc/`

Signed-off-by: Joe Borg <joe@josephb.org>
 2019-07-04 14:12:20 -04:00
Mike Brown
3ba04c01cc doc update for cni max num 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-06-11 08:35:22 -05:00
kuramal
b022de5f37 add cni plugin config file max num config, set go-cni to commit 22460c0 
Signed-off-by: kuramal <linxxnil@126.com>
 2019-06-10 12:14:35 +08:00
Vlad Ungureanu
60a58af376 Add TLS auth registry support 
Signed-off-by: Vlad Ungureanu <ungureanuvladvictor@gmail.com>
 2019-06-06 14:55:53 -07:00
Lantao Liu
db90808477 Update doc and add deprecation policy for CRI options. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-04-25 16:11:16 -07:00
Lantao Liu
19e2b20c13 Use ctr images import. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-04-15 10:37:31 -07:00
Lantao Liu
238658719f Cleanup pod annotation test and only support tailing wildcard. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-25 12:54:34 -07:00
Harshal Patil
effd82227c Add support for passing sandbox annotations to runtime 
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
 2019-03-21 14:38:14 +05:30
Mike Brown
9474b05dd7 clarify the versioning for the tarball 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-03-13 12:58:12 -05:00
Lantao Liu
f2f90f6b00 Merge pull request #1060 from Random-Liu/support-stream-idle-timeout 
Support stream idle timeout.
 2019-02-28 10:28:27 -08:00
Lantao Liu
8222da7768 Support stream idle timeout. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-28 01:30:01 -08:00
Lantao Liu
76ed153e8c Add more explanation about the CRI config. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-27 16:51:36 -08:00
Aldo Culquicondor
c88e18b907 Fix architecture doc 
Network namespace is created before the pause container.

Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-02-27 18:00:40 -05:00
Mike Brown
857f169e9e update support statment reflecting eol for k8s 1.10 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-02-14 11:28:26 -06:00
Akihiro Suda
cd8231ab2a support DisableCgroup, DisableApparmor, RestrictOOMScoreAdj 
Add following config for supporting "rootless" mode

* DisableCgroup: disable cgroup
* DisableApparmor: disable Apparmor
* RestrictOOMScoreAdj: restrict the lower bound of OOMScoreAdj

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-01-03 05:12:04 +09:00
Lantao Liu
1442425f92 Support runtime specific configurations. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-10-08 17:17:29 -07:00
Lantao Liu
65283e4253 The indent is wrong. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-09-17 12:11:18 -07:00
Lantao Liu
3de8c8bf19 Update cri-tools to 98eea54af789ae13edce79cba101fb9ac8e7b241. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-09-17 10:54:42 -07:00
Tim Allclair
e7189a25c3 Add RuntimeHandler support 
Signed-off-by: Tim Allclair <tallclair@google.com>
 2018-09-05 17:27:35 -07:00
JulienBalestra
dffd0dfa0e streaming: tls conf validation to func with tests 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-30 15:10:48 +02:00
JulienBalestra
859003a940 stream: struct for x509 key pair, update the docs, error management 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-28 17:22:11 +02:00
Lantao Liu
b3d6f16383 Serve streaming on localhost by default to match k8s 1.11 default. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-21 01:10:45 +00:00
yanxuean
7065dd81f9 support no_pivot option for runc 
Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2018-07-20 08:46:50 +08:00
Lantao Liu
0f3c83b11b Use --no-overwrite-dir in installation doc. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-11 18:04:48 +00:00
Lantao Liu
952e53bf58 Add registry auth config, and use docker resolver in containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-09 19:08:48 -07:00
Lantao Liu
fd71c9f065 Fix another link. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-06-26 13:30:32 -07:00
Yu-Ju Hong
e23c0e708a Fix link to GCE getting started guide 
Signed-off-by: Yu-Ju Hong <yjhong@google.com>
 2018-06-25 12:10:03 -07:00