github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
10,081 Commits 3 Branches 2 Tags 112 MiB
adee2c7974
Commit Graph

10081 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Estes
2d0a06d41b
Merge pull request #3146 from Ace-Tang/add-test 
test: add custom cgroup test
 2019-03-29 15:37:23 -04:00
Ace-Tang
f7f6dd7b4e test: add custom cgroup test 
avoid issue #3133 occurs again

Signed-off-by: Ace-Tang <aceapril@126.com>
 2019-03-29 15:55:50 +08:00
Lantao Liu
0caa06ac87 Update CNI to v0.7.5. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-29 00:13:35 -07:00
Lantao Liu
92fc1b9362
Merge pull request #1101 from thaJeztah/bump_selinux 
bump opencontainers/selinux to v1.2
 2019-03-28 23:33:23 -07:00
Michael Crosby
e7b6fea572
Merge pull request #3022 from mxpv/devmapper 
Integrate device mapper snapshotter
 2019-03-29 00:06:11 -04:00
Akihiro Suda
3a80a801af
Merge pull request #3139 from thaJeztah/bump_runc_v1.0.0-rc7 
update opencontainers/runc v1.0.0-rc7
 2019-03-29 12:32:50 +09:00
Michael Crosby
86cfcb870e
Merge pull request #3142 from thaJeztah/bump_cgroups 
bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1
 2019-03-28 22:38:02 -04:00
Sebastiaan van Stijn
7b397f0322
bump opencontainers/selinux to v1.2 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-29 01:33:35 +01:00
Lantao Liu
84f9514df1
Merge pull request #1106 from Random-Liu/update-containerd 
Update containerd to f2a20ead83.
 2019-03-28 16:59:57 -07:00
Sebastiaan van Stijn
2b8df8309e
bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1 
full diff: dbea6f2bd4...4994991857

brings in https://github.com/containerd/cgroups/pull/79 Return ErrCgroupDeleted when no subsystems
fixes https://github.com/containerd/containerd/issues/3133 Custom cgroup path does not work in containerd 1.2.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-28 23:36:36 +01:00
Lantao Liu
c60dd60f80 Update containerd to f2a20ead83. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-28 14:31:13 -07:00
Sebastiaan van Stijn
bc6ac08784
update opencontainers/runc v1.0.0-rc7 
full diff: 2b18fe1d88...v1.0.0-rc7

changes included:

- opencontainers/runc#2012 Need to setup labeling of kernel keyrings
- opencontainers/runc#2014 Add $RUNC_USE_SYSTEMD to run tests using systemd cgroup driver
- opencontainers/runc#2015 Use getenv not secure_getenv
  - fixes opencontainers/runc#2013 build fails with musl libc
- opencontainers/runc#2023 Fixes regression causing zombie runc:[1:CHILD] processes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-28 21:42:17 +01:00
Lantao Liu
4b4182cf59 Do not assume there is no duplicated elements in arrays. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-28 13:05:55 -07:00
Michael Crosby
f2a20ead83
Merge pull request #3137 from Random-Liu/fix-race-and-panic 
Fix capability option race and panic.
 2019-03-28 11:43:28 -04:00
Lantao Liu
808b223536 Fix race and panic. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-28 01:27:13 -07:00
Lantao Liu
9bd49c98c6 No UTS namespace for hostnetwork. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-27 15:07:36 -07:00
Lantao Liu
8777224600
Merge pull request #1099 from Random-Liu/do-not-kill-if-cancelled 
Do not SIGKILL container if container stop is cancelled.
 2019-03-27 14:55:18 -07:00
Lantao Liu
8be5a1e1ad
Merge pull request #1094 from crosbymichael/oci-opts 
Replace runtime-tools with containerd's opts for spec generation
 2019-03-27 14:54:08 -07:00
Maksym Pavlenko
87289a0c62 devmapper: implement Usage 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2019-03-27 14:50:12 -07:00
Maksym Pavlenko
010b4da36f devmapper: implement dmsetup status 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2019-03-27 14:26:07 -07:00
Michael Crosby
5eddc1a2cc Use container'd oci opts for spec generation 
This bumps the containerd and sys packages in CRI

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Remove runtime-tools

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Update tests for oci opts package

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2019-03-27 16:57:04 -04:00
Lantao Liu
1a0228d520 Do not SIGKILL container if container stop is cancelled. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-27 00:49:41 -07:00
Justin
90a7da8625
Merge pull request #3128 from jhowardmsft/jjh/ci 
Windows: appveyor: Build shim binary from Microsoft/hcsshim repo
 2019-03-26 09:14:54 -07:00
John Howard
8710940165 Windows: Build shim binary from Microsoft/hcsshim 
Signed-off-by: John Howard <jhoward@microsoft.com>

This is part of a phased update to remove the existing Windows shim
code from the containerd repo, and instead use the one from Microsoft/hcsshim.
 2019-03-25 15:52:12 -07:00
Lantao Liu
eb27e526f5
Merge pull request #1096 from Random-Liu/finish-runtime-annotations 
Cleanup pod annotation test and only support wildcard
 2019-03-25 14:12:38 -07:00
Lantao Liu
238658719f Cleanup pod annotation test and only support tailing wildcard. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-25 12:54:34 -07:00
John Howard
e16e995939 Vendor Microsoft/hcsshim@8abdbb82 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-25 11:11:37 -07:00
Derek McGowan
68c44f8cc8
Merge pull request #3122 from stefanberger/descriptor_annotations.pr 
Extend adaptImage function with annotations case
 2019-03-22 14:28:15 -07:00
Stefan Berger
5d50b9c2bb Extend adaptImage function with annotations case 
Extend the adaptImage function with a case for handling the annotations
so they can be used in the filter adaptors for fieldpaths.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2019-03-22 14:56:26 -04:00
Michael Crosby
9b882c44f8
Merge pull request #3000 from stefanberger/descriptor_annotations.pr 
Add missing annotations map to Descriptor for gRPC transfer
 2019-03-22 14:05:44 -04:00
Phil Estes
8ea28ff564
Merge pull request #3117 from crosbymichael/exec-load 
Fastpath opt and ExecProcess loading
 2019-03-22 13:20:51 -04:00
Michael Crosby
388c8a1760 Fastpath opt and ExecProcess loading 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2019-03-22 12:08:43 -04:00
Michael Crosby
fc44aa810c
Merge pull request #3119 from jterry75/windows_lcow_vmgroup_access 
Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID
 2019-03-22 12:07:17 -04:00
Michael Crosby
24beaece37
Merge pull request #3120 from jhowardmsft/jjh/create-data-root-with-permissions 
Windows: Root/state create with right ACL and in right place
 2019-03-22 12:06:39 -04:00
Lantao Liu
bb58b1dbb0
Merge pull request #1084 from harche/passthrough_annotations 
Add support for passing sandbox annotations to runtime
 2019-03-22 00:00:08 -07:00
John Howard
a849664519 Windows:ProgramFiles to ProgramData 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-21 18:50:01 -07:00
John Howard
6034c1950a Windows:Create root/state with ACL 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2019-03-21 18:47:34 -07:00
Justin Terry (VM)
7361b19875 Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID 
For LCOW using the Virtual Machines SID for the shared read-only layers
improves overall performance avoiding the need to set per VM access at runtime.

Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
 2019-03-21 14:53:43 -07:00
Justin Terry (VM)
4c9b5ef8ea Update vendor github.com/Microsoft/go-winio 
Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
 2019-03-21 14:12:41 -07:00
Jack Baines
d15832a4c2 Address review comments 
-Fix whitespace on imports
-Fix test case naming

Signed-off-by: Jack Baines <jack.baines@uk.ibm.com>
 2019-03-21 15:59:49 +00:00
Phil Estes
ceba56893a
Merge pull request #3104 from AkihiroSuda/split-contentserver 
decouple api.ContentServer implementation package from bbolt dependency
 2019-03-21 10:10:26 -04:00
Harshal Patil
effd82227c Add support for passing sandbox annotations to runtime 
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
 2019-03-21 14:38:14 +05:30
Michael Crosby
9bd6b0932e
Merge pull request #3111 from thaJeztah/whitelist_statx 
seccomp: whitelist statx syscall
 2019-03-20 10:48:18 -05:00
Sebastiaan van Stijn
8f8fd3c3a8
seccomp: whitelist statx syscall 
This whitelists the statx syscall; libseccomp-2.3.3 or up
is needed for this, older seccomp versions will ignore this.

Equivalent of https://github.com/moby/moby/pull/36417

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2019-03-20 11:59:02 +01:00
Jack Baines
908b771086 Add code to return message field of returned registry errors 
Docker registries return errors in a know format so this change now checks for these
errors and returns the message field. If the error is not in the expected format fall
back to the original behaviour.

https://github.com/containerd/containerd/issues/3076

Signed-off-by: Jack Baines <jack.baines@uk.ibm.com>
 2019-03-19 21:05:36 +00:00
Phil Estes
9ab4c8cbcc
Merge pull request #3108 from alculquicondor/fix/import 
Allow to import an image for the default platform only.
 2019-03-19 13:29:57 -04:00
Michael Crosby
0cbbd0f68b
Merge pull request #3107 from avikivity/3105 
seccomp: whitelist io_pgetevents
 2019-03-19 10:55:00 -05:00
Aldo Culquicondor
9a8727cf09 Allow to import an image for the default platform only. 
Add `all-platforms` option to `ctr images import`.

Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-03-19 11:25:57 -04:00
Avi Kivity
4506eb45bf seccomp: whitelist io_pgetevents 
io_pgetevents() is a new Linux system call, similar to the already-whitelisted
io_getevents(). It has no security implications. Whitelist it so applications can
use the new system call.

Fixes #3105.

Signed-off-by: Avi Kivity <avi@scylladb.com>
 2019-03-19 11:56:32 +02:00
Akihiro Suda
f3ff95ab72 decouple api.ContentServer implementation package from bbolt dependency 
For moby/buildkit#886

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-03-19 16:09:45 +09:00