containerd

Author	SHA1	Message	Date
Lantao Liu	69b3f3aeac	Add socat back. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-04-11 01:53:24 +00:00
Lantao Liu	b09489de96	Merge pull request #727 from Random-Liu/fix-symlink-layer Support symlink layer in image import.	2018-04-10 18:32:29 -07:00
Lantao Liu	9f85c48e4c	Support symlink layer in image import. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-04-10 22:08:45 +00:00
Lantao Liu	3d0706c4e5	Merge pull request #691 from abhi/socat Getting rid of nsenter and socat	2018-04-09 15:34:44 -07:00
abhi	02b952ec17	Getting rid of socat Signed-off-by: abhi <abhi@docker.com>	2018-04-09 14:31:44 -07:00
Lantao Liu	304045491c	Merge pull request #725 from Random-Liu/fix-resolver-race Fix resolver race	2018-04-09 13:10:44 -07:00
Lantao Liu	a68530c1e8	Port containerd fix #2276 Signed-off-by: Lantao Liu <lantaol@google.com>	2018-04-09 18:36:06 +00:00
Lantao Liu	d8a3c5f254	Address comments. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-04-09 18:15:09 +00:00
Lantao Liu	b2099c2061	Add cni config template support. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-04-07 06:34:45 +00:00
abhi	aeef99a76e	Using netns to perform socat This commit removes the usage of nsenter and uses netns to perform socat operation. Signed-off-by: abhi <abhi@docker.com>	2018-04-05 13:28:00 -07:00
Mike Brown	c7793564fc	switches from not CA signed to self CA signed for streaming TLS Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-04-02 17:50:12 -05:00
Mike Brown	2f9f721b63	adds a new flag to enable TLS support insecure for now Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-04-02 12:27:55 -05:00
Lantao Liu	ed20174ce4	Add RunAsGroup support. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-30 22:26:07 +00:00
Lantao Liu	be43ad09da	Fix a log output. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-28 21:31:44 +00:00
Lantao Liu	277edb2d3b	Fix event monitor panic. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-27 01:41:35 +00:00
Lantao Liu	f0655ecfe0	Use pause image from new source. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-26 07:11:41 +00:00
Lantao Liu	356a41c424	Merge pull request #697 from Random-Liu/fs-layout-change adds volatile state directory to the fs plan for cntrs/pods/fifo	2018-03-23 19:24:19 -07:00
Lantao Liu	f4c9ef2647	Add symlink follow into unmount util. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-24 01:25:31 +00:00
Mike Brown	94df315de8	adds volatile state directory to the fs plan for cntrs/pods/fifo Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-03-24 00:05:52 +00:00
Lantao Liu	aa83a7a0aa	Change for new containerd. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-23 23:03:16 +00:00
Lantao Liu	c6fecb2115	Merge pull request #688 from Random-Liu/cleanup-kata-code Address comments for privileged runtime code.	2018-03-22 23:01:31 -07:00
Lantao Liu	ca67f94ee0	Address comments for privileged runtime code. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-23 02:17:46 +00:00
Lantao Liu	55d512b98c	Make const private. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-23 00:48:50 +00:00
Lantao Liu	5ae4de1cc2	Merge pull request #681 from mikebrow/tls-config adds tls certificate to tls config	2018-03-22 17:34:04 -07:00
Mike Brown	89adb74414	adds tls certificate to tls config Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-03-22 09:42:31 -05:00
Nitesh Konkar	6a542c596b	Bump pause container to multi-arch gcr.io/google-containers/pause:3.1 Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>	2018-03-22 05:44:12 +00:00
Lantao Liu	9177cb16bc	Remove omitempty from config json. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-21 07:28:25 +00:00
Jose Carlos Venegas Munoz	bdc5eee544	test: Add unit tests for privileged runtime functions - Add unit test for privilegedSandbox - Add unit test for getRuntime Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>	2018-03-20 18:04:23 -06:00
Jose Carlos Venegas Munoz	ca16bd601a	runtime: Add trusted runtime option Some CRI compatible runtimes may not support provileged operations. Specifically hypervisor based runtimes (like kata-containers, cc-runtime and runv) do not support privileged operations like: - Provide access to the host namespaces - Create fully privileged containers with access to host devices Hypervisor based runtimes create container workloads within virtual machines. When a running host privileged containers using them, they wont provide support to requested the privileged opertations. This commits add the new options to define two runtimes: Trusted runtime : Used when a privileged container is requested. Default runtime : for non-privileged workloads. A container that belongs to a privileged pod will inherent this property an will be created with the trusted runtime. - Add options to define trusted runtime - Add logic to decide if a sanbox is trusted - Export annotation containers below to a trusted sandbox Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>	2018-03-20 13:56:49 -06:00
Lantao Liu	387da59ee5	Rename all variables to remove "cricontainerd". Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-19 21:59:32 +00:00
Lantao Liu	e1fe1abff0	Use `github.com/pkg/errors` Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-17 02:24:38 +00:00
abhi	2bdf428eb7	Removing DAD config and updating plugins to v0.7.0 Signed-off-by: abhi <abhi@docker.com>	2018-03-16 14:46:46 -07:00
Lantao Liu	1dcbf4f742	Merge pull request #663 from abhi/cni Moving to use go-cni library from containerd	2018-03-15 17:53:50 -07:00
Lantao Liu	5e5a5f50d1	Merge pull request #671 from Random-Liu/ctrcri-to-ctr-cri Ctrcri to ctr cri	2018-03-15 17:14:59 -07:00
abhi	003bbd4292	Modifying fake cni plugin Signed-off-by: abhi <abhi@docker.com>	2018-03-15 17:05:33 -07:00
Lantao Liu	7e67d96b9b	Replace `ctrcri` with `ctr cri`. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-15 23:22:00 +00:00
Lantao Liu	d389af83a9	Cleanup event backoff. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-15 18:49:36 +00:00
yanxuean	c751847350	Handle containerd event reliably fix #434 Signed-off-by: yanxuean <yan.xuean@zte.com.cn>	2018-03-15 17:14:02 +08:00
yanxuean	7583bce4ab	some comments Signed-off-by: yanxuean <yan.xuean@zte.com.cn>	2018-03-15 15:55:54 +08:00
abhi	92110e1d74	Moving to use go-cni library from containerd This fix aims to use the cni library form containerd. The library avoid usage of nsenter. Signed-off-by: abhi <abhi@docker.com>	2018-03-14 19:25:54 -07:00
Mike Brown	d4e7154625	move links for cri-containerd to cri Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-03-13 17:06:26 -05:00
Lantao Liu	f0a500a390	Use direct function call. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-13 04:51:19 +00:00
Lantao Liu	80b2f751d3	Merge pull request #654 from stevvooe/simplify-stopch pkg/store: use a sync.Once to synchronize channel close	2018-03-09 15:29:32 -08:00
Lantao Liu	e20c6eb8a8	Merge pull request #558 from Random-Liu/report-containerd-version Report containerd version instead of cri-containerd version.	2018-03-09 15:25:32 -08:00
Stephen J Day	4ed26f3116	pkg/store: use a sync.Once to synchronize channel close Signed-off-by: Stephen J Day <stephen.day@docker.com>	2018-03-09 14:43:16 -08:00
Abhinandan Prativadi	1f28f8d2fe	Merge pull request #650 from Random-Liu/fix-resolver Handles 401 in resolver.	2018-03-07 10:59:43 -08:00
Lantao Liu	40c8372f0e	Handles 401 in resolver. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-07 07:35:02 +00:00
Lantao Liu	f01c6d73a6	Fix cleanup context. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-07 07:05:27 +00:00
Lantao Liu	d3b112a989	Merge pull request #639 from Random-Liu/remove-standalone-mode Remove standalone mode	2018-03-05 17:23:06 -08:00
Lantao Liu	ceb540d823	Fix potential panic. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-05 22:09:58 +00:00

... 11 12 13 14 15 ...

1040 Commits