github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
10,081 Commits 3 Branches 2 Tags 112 MiB
adee2c7974
Commit Graph

279 Commits

Author SHA1 Message Date
Sebastiaan van Stijn
2741dbe2c1
contrib: Dockerfile: bump go 1.12 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-05 12:59:20 +02:00
Sebastiaan van Stijn
a84f87d84f
contrib: Dockerfile: add a base stage 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-05 12:26:55 +02:00
Sebastiaan van Stijn
a07e12cded
contrib: Dockerfile: reformat, and use --no-install-recommends 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-05 12:24:41 +02:00
Sebastiaan van Stijn
ba9e1ea23c
contrib: Dockerfile: use build-arg for go-version 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-04-05 12:16:36 +02:00
Maksym Pavlenko
8784eb6308 Move snapshotters benchmark to a separate package 
Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-02 14:42:21 -07:00
Maksym Pavlenko
d9526f5c4f Move CloudFormation template to contrib 
Signed-off-by: Maksym Pavlenko <makpav@amazon.com>
 2019-04-01 13:34:48 -07:00
Sebastiaan van Stijn
8f8fd3c3a8
seccomp: whitelist statx syscall 
This whitelists the statx syscall; libseccomp-2.3.3 or up
is needed for this, older seccomp versions will ignore this.

Equivalent of https://github.com/moby/moby/pull/36417

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-20 11:59:02 +01:00
Avi Kivity
4506eb45bf seccomp: whitelist io_pgetevents 
io_pgetevents() is a new Linux system call, similar to the already-whitelisted
io_getevents(). It has no security implications. Whitelist it so applications can
use the new system call.

Fixes #3105.

Signed-off-by: Avi Kivity <avi@scylladb.com>
 2019-03-19 11:56:32 +02:00
Tibor Vass
7ca2c3d68d contrib/nvidia: export helper binary path and list of Nvidia capabilities 
Signed-off-by: Tibor Vass <tibor@docker.com>
 2019-03-12 15:28:14 -07:00
zhangyue
996c60616a fix: fix error info start capitalized 
Signed-off-by: zhangyue <zy675793960@yeah.net>
 2018-11-28 15:26:16 +08:00
Jean Rouge
90880078b9 Adding a --load-kmods flag to the NVIDIA OCI hook 
Signed-off-by: Jean Rouge <jer329@cornell.edu>
 2018-11-15 01:52:11 -08:00
Mike Brown
6039a4d322 link to new icon location 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-10-27 10:23:56 -05:00
Sebastiaan van Stijn
07237e34e6
Bump to Go 1.11.x 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2018-10-25 22:13:21 +02:00
nashasha1
7f03ad6579 Fix typos 
Signed-off-by: nashasha1 <a4012017@sina.com>
 2018-09-07 16:59:42 +08:00
Kenfe-Mickaël Laventure
875b92c507
Merge pull request #2512 from crosbymichael/gpupath 
Add nvidia Opts to lookup containerd binary or hook path
 2018-07-31 09:28:33 -07:00
Michael Crosby
e4f33dcfb5 Add nvidia Opts to lookup containerd binary or hook path 
This is for consumers like Docker that manage a `docker-containerd`.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-07-31 10:11:25 -04:00
Michael Crosby
81e2859e8b Change gpu Capability type to string 
This helps with mappings so that we are not translating multiple times
from caller to hook.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-07-30 15:37:13 -04:00
Derek McGowan
ca71484793
Merge pull request #2480 from dmcgowan/proxy-plugin-doc 
Document plugins
 2018-07-30 11:23:24 -07:00
Michael Crosby
dd0c04970d nvidia GPU support for caps and multiple uuids 
This improves nvidia support for multiple uuids per container and fixes
the API to add individual capabilities.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-07-27 15:28:59 -04:00
Derek McGowan
3e657de3af
Document plugins 
Add plugins documentation to root.
Mention configuring proxy plugins and runtime plugins.

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-07-25 23:28:09 -07:00
Lantao Liu
0a5c05bcd4
Merge pull request #776 from Random-Liu/disable-streaming 
Disable TLS streaming to work with new kubelet streaming proxy.
 2018-06-01 00:48:44 -07:00
Lantao Liu
6c7ec48daf Another logo fix. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-05-21 18:05:30 -07:00
Lantao Liu
6f43d493f9 Disable TLS streaming to work with new kubelet streaming proxy. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-05-18 19:02:03 -07:00
Michael Crosby
b949697a9c Add nvidia gpu support via libnvidia-container 
This adds nvidia gpu support via the libnvidia-container project and
`nvidia-container-cli`.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-05-09 13:37:39 -04:00
Tom Godkin
fc8bce59b9 Use user-specific temp directory if set 
This allows non-privileged users to use containerd. This is part of a
larger track of work integrating containerd into Cloudfoundry's garden
with support for rootless.

[#156343575]

Signed-off-by: Claudia Beresford <cberesford@pivotal.io>
 2018-05-04 10:27:58 +01:00
Lantao Liu
06f53b4838 Add unix:// prefix for socket addresses used by CRI remote client. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-20 17:36:25 -07:00
Lantao Liu
69b3f3aeac Add socat back. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-11 01:53:24 +00:00
abhi
f7a0b43734 Minor cleanup of comment in ansible 
Signed-off-by: abhi <abhi@docker.com>
 2018-04-09 15:57:24 -07:00
abhi
c200cb4642 Updating ansible installer 
Signed-off-by: abhi <abhi@docker.com>
 2018-04-09 14:31:49 -07:00
Lantao Liu
ad7bffc093 Enable TLS streaming in all the setup. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-03 00:17:26 +00:00
Lantao Liu
b287fec35d Upgrade the tarball version in ansible. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-02 20:06:20 +00:00
Lantao Liu
c4f80aecb7
Merge pull request #711 from tklauser/libapparmor-dep 
Drop libapparmor dependency from build docs
 2018-04-02 11:55:27 -07:00
Tobias Klauser
d29678a3c4 Drop libapparmor dependency from build docs 
As of opencontainers/runc@db093f6 runc no longer depends on libapparmor
thus libapparmor-dev no longer needs to be installed to build it or
anythind that depends on it (like containerd or cri-containerd). Adjust
the documentation accordingly.

containerd/containerd#2238 did the same for containerd.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
 2018-03-31 18:18:12 +02:00
Michael Crosby
606be14859
Merge pull request #2238 from tklauser/runc-libapparmor-dep 
Drop libapparmor dependency from runc build docs
 2018-03-30 10:18:34 -04:00
Tobias Klauser
a74903a307 Drop libapparmor dependency from runc build docs 
As of opencontainers/runc@db093f621f runc
no longer depends on libapparmor thus libapparmor-dev no longer needs to
be installed to build it. Adjust the documentation accordingly.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
 2018-03-29 09:18:45 +02:00
Justin Cormack
9435aeeb30
The set of bounding capabilities is the largest group 
No capabilities can be granted outside the bounding set, so there
is no point looking at any other set for the largest scope.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-03-28 17:36:46 -07:00
Lantao Liu
ddda05211b Use systemd service cgroup and oom score adj. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-28 00:30:59 +00:00
Lantao Liu
f0655ecfe0 Use pause image from new source. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-26 07:11:41 +00:00
Nitesh Konkar
6a542c596b Bump pause container to multi-arch gcr.io/google-containers/pause:3.1 
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
 2018-03-22 05:44:12 +00:00
Mike Brown
0ee7614785 docs update for cri-containerd to cri move 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-03-16 15:33:17 -05:00
Abhinandan Prativadi
ffda916fd0
Merge pull request #641 from Random-Liu/fix-ansible-doc 
Require ansible 2.4+.
 2018-03-05 21:39:22 -08:00
Lantao Liu
640e7ac2b0 Update ansible setup. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-06 00:05:02 +00:00
Lantao Liu
760248df77 Require ansible 2.4+. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-05 21:51:59 +00:00
Phil Estes
6aa612dfc2
Update recommended versions to Go 1.10 
To match build requirements for containerd now that we are using 1.10.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2018-02-27 16:50:12 -08:00
Kunal Kushwaha
b12c3215a0 Licence header added 
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
 2018-02-19 10:32:26 +09:00
Christopher Jones
8043f26651
[contrib] bump golang 
Use golang:1.9, which should get the latest 1.9.x version,
instead of using a specific tag.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
 2018-02-16 08:23:35 -05:00
Justin Cormack
35be3d5127 Remove a really confusing fallthrough 
This is so confusing, and not needed.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-02-08 16:22:29 +00:00
Christopher Jones
051ac5dd63
running tests in a container 
This provides a dockerfile for building a container to run the containerd tests

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
 2018-01-30 14:44:30 -05:00
Michael Crosby
d179c61231 Revert "Use jsoniteer for faster json encoding/decoding" 
This reverts commit 4233b87b89.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-29 15:47:48 -05:00
Michael Crosby
4233b87b89 Use jsoniteer for faster json encoding/decoding 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-26 16:32:55 -05:00
Lantao Liu
144ff3989b Update all glog flags to log-level. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-17 21:57:31 +00:00
Mike Brown
07c8f07ba3 fix kubernetes-incubator links 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-01-11 17:50:57 -06:00
Lantao Liu
025ffe551f Rename kubernetes-incubator/cri-containerd to containerd/cri-containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-10 22:35:33 +00:00
Lantao Liu
ec975b2e7a Add OS and arch in release tarball. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-12-13 23:03:03 +00:00
Lantao Liu
5a17149a70 Add LimitNPROC, LimitNOFILE and LimitCORE for containerd and 
cri-containerd.

Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-12-01 00:16:58 +00:00
Daniel Nephin
cdf62f69a1 Fix usage of oci in other packages. 
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
 2017-11-27 16:16:17 -05:00
Antoine Huret
7814230fd9 contrib instead of contib 
Signed-off-by: Antoine Huret <huret.antoine@yahoo.fr>
 2017-11-26 16:54:30 +01:00
Wei Wei
53a4f93967 replace deprecated ansible include cmd 
Signed-off-by: Wei Wei <weiwei.inf@gmail.com>
 2017-11-06 15:06:46 +08:00
Lantao Liu
10ada61fe6 Update cri-containerd version to 1.0.0-alpha.1 in ansible. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-11-01 00:06:22 +00:00
Lantao Liu
95dfd3c039 Add runtime cgroup and put containerd and cri-containerd into it. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-31 06:21:20 +00:00
Lantao Liu
a7d12a1dd8 Remove the oom score in systemd unit. cri-containerd sets it by itself. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-12 17:32:20 +00:00
Lantao Liu
60ea331f9f Update ansible playbook release version. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-29 06:21:28 +00:00
Lantao Liu
8c7ddee69d Rename getting-started.md to README.md. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-28 23:11:00 +00:00
Abhinandan Prativadi
0ee33fda03 Combining few tasks into one 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-09-26 12:12:00 -07:00
Abhinandan Prativadi
b23165cb29 Merge pull request #282 from Random-Liu/fix-ansible-playbook 
Improve ansible playbook.
 2017-09-26 10:49:21 -07:00
Ian Campbell
99d4757ce6 contrib: add reference to LinuxKit project 
Just a simple README with a pointer to the project.

Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-09-26 10:52:33 +01:00
Lantao Liu
c83af81403 Merge pull request #279 from abhinandanpb/readme 
Getting started guide
 2017-09-25 16:06:32 -07:00
Lantao Liu
994df4cb7c Improve ansible playbook. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-25 22:39:04 +00:00
Abhinandan Prativadi
300f0cf89e Create a getting started guide for users 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-09-25 14:04:54 -07:00
Lantao Liu
b2dcb9f3ec Add net.ipv4.ip_forward=1 and use ansible sysctl. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-22 23:36:12 +00:00
Abhinandan Prativadi
2dae863f87 Merge pull request #276 from abhinandanpb/master 
Fixing ansible playbook for centos installation
 2017-09-22 15:19:35 -07:00
Abhinandan Prativadi
ffd2e0e32e Fixing ansible playbook for centos installation 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-09-22 17:50:41 -04:00
Lantao Liu
7ab54a00da Use systemd units in tar. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-22 21:28:36 +00:00
Abhinandan Prativadi
bafc7be9be kubernetes + containerd installer 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-09-20 22:32:09 -07:00
Mike Brown
120bb4cd47 fixes missing default permission 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-20 13:15:39 -05:00
Michael Crosby
58015abbd5 Add readme to contib 
Closes #1442

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-09-18 11:47:27 -04:00
Mike Brown
426650f21b adds seccomp helpers 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-13 13:11:30 -05:00
Lantao Liu
8c6d5e0ca2 Add systemd unit files for containerd and cri-containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-08 17:44:29 +00:00
Michael Crosby
2b46989dbe Add default apparmor profile generation 
This adds default apparmor profile generation to the containerd client
so that profiles can be generated with a SpecOpt

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-29 12:03:24 -04:00