github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
10,590 Commits 3 Branches 2 Tags 112 MiB
af24e3871a
Commit Graph

10590 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Estes
22655d4583
Merge pull request #6822 from thaJeztah/bump_golang_1.18.1 
update golang to 1.18.1, 1.17.9
 2022-04-19 14:17:55 +01:00
Sebastiaan van Stijn
dbdf50cc09
update golang to 1.18.1, 1.17.9 
go1.18.1 (released 2022-04-12) includes security fixes to the crypto/elliptic,
crypto/x509, and encoding/pem packages, as well as bug fixes to the compiler,
linker, runtime, the go command, vet, and the bytes, crypto/x509, and go/types
packages. See the Go 1.18.1 milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.18.1+label%3ACherryPickApproved

Includes fixes for:

- CVE-2022-24675 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24675)
- CVE-2022-27536 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27536)
- CVE-2022-28327 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28327)

go1.17.9 (released 2022-04-12) includes security fixes to the crypto/elliptic
and encoding/pem packages, as well as bug fixes to the linker and runtime. See
the Go 1.17.9 milestone on the issue tracker for details:

Includes fixes for:

- CVE-2022-24675 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24675)
- CVE-2022-28327 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28327)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-04-19 09:39:10 +02:00
Derek McGowan
be60973a30
Merge pull request #6703 from mxpv/s 
Sandbox API
 2022-04-18 20:55:06 -07:00
Kazuyoshi Kato
fd704d3341 Build bin/gen-manpages instead of using "go run" 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-18 21:02:27 +00:00
Kazuyoshi Kato
b497e64143 Fuzz filter package with Go 1.18's fuzzer 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-18 20:49:29 +00:00
Henry Wang
94faa70df4 allow ptrace(2) by default for kernel >= 4.8 
Signed-off-by: Henry Wang <henwang@amazon.com>
 2022-04-18 20:45:29 +00:00
Fu Wei
7cbde74432
Merge pull request #6811 from dmcgowan/lease-plugin 2022-04-18 18:26:31 +08:00
Derek McGowan
fe8da6dcaf
Move lease manager plugin to separate package 
Create lease plugin type to separate lease manager from services plugin.
This allows other service plugins to depend on the lease manager.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-04-15 11:08:47 -07:00
Phil Estes
fed7df1e25
Merge pull request #6807 from shnmorimoto/fix_pool_device_test 
fix pool_device_test
 2022-04-15 18:09:01 +01:00
Derek McGowan
98260e1b18
Merge pull request #6806 from mikebrow/netns-hardening 
check for duplicate nspath possibilities
 2022-04-14 15:02:44 -07:00
Mike Brown
147f0a7e02 check for duplicate nspath possibilities 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-04-14 18:33:19 +00:00
Fu Wei
e0abf62710
Merge pull request #6805 from deckhouse/reset-empty-entrypoint 2022-04-14 19:43:06 +08:00
Shinichi Morimoto
942af12032 fix pool_device_test.go 
While executing mke2fs, 'Not enough space to build proposed filesystem while setting up superblock' error is happend on Ubuntu20.04

Signed-off-by: Shinichi Morimoto <shnmorimoto@gmail.com>
 2022-04-14 09:55:29 +09:00
Andrey Klimentyev
5f3ce9512b Do not append []string{""} to command to preserve Docker compatibility 
Signed-off-by: Andrey Klimentyev <andrey.klimentyev@flant.com>
 2022-04-13 13:29:49 +03:00
Derek McGowan
8367f69fb5
Add collectible resources to metadata gc 
Adds a registration function to metadata which allows plugins to
register resources to be garbage collected. These resources allow
defining resources types which are ephemeral and stored outside the
metadata plugin without extending it. The garbage collection of these
resources will not fail the metadata gc process if their removal fails.
These resources may be referenced by existing metadata store resources
but may not be used to reference metadata store resources for the purpose
of preventing garbage collection.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-04-12 18:59:18 -07:00
Nguyen Phan Huy
c525aa5f85 Set timeout when collecting metrics from shim's Stat 
Signed-off-by: Nguyen Phan Huy <phanhuy1502@gmail.com>
 2022-04-12 10:49:29 +08:00
Phil Estes
eaf286224b
Merge pull request #6789 from corhere/fix/otel-panic 
tracing: fix panic on startup when configured
 2022-04-11 14:57:56 +01:00
Phil Estes
40a16a02b6
Merge pull request #6680 from linxiulei/fast_load 
Optimize loading performance for cri recover
 2022-04-11 14:57:03 +01:00
Fu Wei
d6d304dd89
Merge pull request #6798 from yanghesong/change_architecture_path 2022-04-11 16:33:33 +08:00
yanghesong
49235ccbac Change architecture path in README.md 
Signed-off-by: yanghesong <hesong.yang@foxmail.com>
 2022-04-11 15:40:51 +08:00
Fu Wei
e5f4c29a2b
Merge pull request #6792 from Junnplus/typo 2022-04-11 11:08:39 +08:00
Mike Brown
449eb08b89
Merge pull request #6788 from fuweid/fix-issue-6772 
metrics/cgroups: fix deadlock issue in Add during Collect
 2022-04-10 20:00:02 -05:00
Wei Fu
8a1280b2b6 metrics/cgroups: fix deadlock issue in Add during Collect 
The Collector.Collect will be the field ns'Collect's callback, which be
invoked periodically with internal lock. And Collector.Add also runs
with ns.Lock in Collector.Lock, which is easy to cause deadlock.

Goroutine X:

	ns.Collect
	  ns.Lock
	    Collector.Collect
	      Collector.RLock

Goroutine Y:

	Collector.Add
	  Collector.Lock
	    ns.Lock

We should use ns.Lock without Collector.Lock in Add.

Fix: #6772

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-04-10 09:17:21 +08:00
Eric Lin
a5dfbfcf5a cri: load sandboxes/containers/images in parallel 
Parallelizing them decreases loading duration.

Time to complete recover():
* Without competing IOs + without opt: 21s
* Without competing IOs + with opt: 14s
* Competing IOs + without opt: 3m44s
* Competing IOs + with opt: 33s

Signed-off-by: Eric Lin <linxiulei@gmail.com>
 2022-04-09 13:01:14 +00:00
Ye Sijun
6d69aca561 make consistent for checkpoint path 
Signed-off-by: Ye Sijun <junnplus@gmail.com>
 2022-04-09 17:28:17 +08:00
Akihiro Suda
ea7a9cbac0
Merge pull request #6794 from dcantah/aks-adopters-update 
ADOPTERS: Update AKS Info
 2022-04-09 12:38:27 +09:00
Daniel Canter
6341e0696e ADOPTERS: Update AKS Info 
Containerd support for Windows nodes in AKS has been generally available
for k8s clusters 1.20 and greater since mid January. This change updates
the wording in ADOPTERS.md

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-04-08 17:55:47 -07:00
Maksym Pavlenko
b446c7647f [Sandbox] Remove outdated documentation 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:34:50 -07:00
Maksym Pavlenko
d0b32c0539 [sandbox] Migrate from gogo to Any 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:34:50 -07:00
Maksym Pavlenko
85a49e4ee7 [sandbox] Cleanup interfaces 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:34:50 -07:00
Maksym Pavlenko
de49745723 [sandbox] Fix CI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:34:48 -07:00
Maksym Pavlenko
b7a36950f6 [Sandbox] Add Wait and PID 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
0d165e6544 Restore sandboxes on daemon restart 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
0c5e5c3579 Fix protobuf after rebase 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
fa02477ca9 [sandbox] Add sandbox shim skeleton 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
35195737e7 [sandbox] Register shim plugin after #6301 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
17a2aaded3 [sandbox] Add ctr support 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:48 -07:00
Maksym Pavlenko
982de8a5d5 Launch sandboxed containers from task service 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
00f7a6bf2b [sandbox] Address PR review comments 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
6343fe3ea2 [sandbox] Implement sandbox controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
eaccbf1d03 [sandbox] Add clients 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
df234edeb4 [sandbox] Add controller service 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
a433beb79f [sandbox] Update vendor 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
0e77f758a4 [sandbox] Implement store service 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
13eb1a4bb0 [sandbox] Revendor API changes 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
d7ece87243 [sandbox] Save sandbox ID to container's store 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
cab7d5b3d2 [sandbox] Implement metadata store 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
87d4c8923e [sandbox] Add basic sandbox structures and interfaces 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Maksym Pavlenko
4445d0a8da [sandbox] Add protobuf definitions 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Ye Sijun
3df7674058 add restart policy for enhanced restart manager 
Signed-off-by: Ye Sijun <junnplus@gmail.com>
 2022-04-09 01:04:11 +08:00