github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
10,590 Commits 3 Branches 2 Tags 112 MiB
af24e3871a
Commit Graph

10590 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Akihiro Suda
bf672cccee
Merge pull request #4328 from thaJeztah/bump_x_text 
vendor: golang.org/x/text v0.3.3 (CVE-2020-14040)
 2020-06-18 00:14:24 +09:00
Phil Estes
fb80a49ec1
Merge pull request #4327 from AkihiroSuda/fix-4326 
shim v2 runc: propagate options.Root to Cleanup
 2020-06-17 09:23:53 -04:00
Sebastiaan van Stijn
ea06877696
vendor: golang.org/x/text v0.3.3 
full diff: 19e51611da...v0.3.3

includes a fix for [CVE-2020-14040][1]

[1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-06-17 13:15:11 +02:00
Akihiro Suda
f1a469a035
shim v2 runc: propagate options.Root to Cleanup 
Previously shim v2 (`io.containerd.runc.{v1,v2}`) always used `/run/containerd/runc` as the runc root.

Fix #4326

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-17 19:06:36 +09:00
Phil Estes
49b0743c1c
Merge pull request #4324 from AkihiroSuda/fix-get-runtimeversion 
integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default
 2020-06-16 08:44:22 -04:00
Johannes Frey
8897e15203
Add more test cases with single quotes 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:54 +02:00
Johannes Frey
cb91b1724d
Add testcase containing mountpoint with escaped backslash 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:54 +02:00
Johannes Frey
87f9fdb065
Cope with double quotes in Linux Mountinfo 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:36 +02:00
Akihiro Suda
4c49ff88c5
integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default 
containerd 1.4 uses io.containerd.runc.v2 as the default runtime for
both CRI and non-CRI. The test is updated to assume v2 shim by default.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-16 14:41:25 +09:00
Phil Estes
705b8527d4
Merge pull request #4323 from crosbymichael/cri-bump1.4x 
Bump CRI for 1.4x release
 2020-06-15 16:28:35 -04:00
Michael Crosby
785f4c5cd9 Bump CRI for 1.4x release 
includes selinux bump.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-06-15 16:07:00 -04:00
Mike Brown
4f8a580795
Merge pull request #1510 from crosbymichael/selinux-bump 
bump selinux dep
 2020-06-15 14:50:23 -05:00
Michael Crosby
ae2f3fdfd1
Merge pull request #4315 from fuweid/fix-4294 
restart plugin: support binary log uri
 2020-06-15 15:24:41 -04:00
Michael Crosby
713205b369 bump selinux dep 
Includes fixes for the category range and mount labeling.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-06-15 15:15:35 -04:00
Michael Crosby
6164822714
Merge pull request #1508 from janosi/sctp-hostport 
Remove the protocol filter from the HostPort management
 2020-06-15 14:48:37 -04:00
Mike Brown
b661ad711e
Merge pull request #1504 from lorenz/ignore-image-defined-volumes 
Add option for ignoring volumes defined in images
 2020-06-14 11:52:48 -05:00
Mike Brown
26dc5b9772
Merge pull request #1505 from dcantah/windows-cred-spec 
Add GMSA credential spec passing
 2020-06-14 11:52:33 -05:00
Laszlo Janosi
479dfbac45
Remove the protocol filter from the portMappings constructor. 
Reason: originally it was introduced to prevent the loading of the SCTP kernel module on the nodes. But iptables chain creation alone does not load the kernel module. The module would be loaded if an SCTP socket was created, but neither cri nor the portmap CNI plugin starts managing SCTP sockets if hostPort / portmappings are defined.
Signed-off-by: Laszlo Janosi <laszlo.janosi@ibm.com>
 2020-06-14 15:48:00 +00:00
Michael Crosby
185ea541d2
Merge pull request #4317 from KentaTada/modify-pdeathsignal-type 
Change the type of PdeathSignal
 2020-06-12 11:34:17 -04:00
Kenta Tada
730b7a932e Change the type of PdeathSignal 
Use x/sys as same as runtime/v1/linux/runtime.go

Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
 2020-06-11 11:35:51 +09:00
Daniel Canter
9620b2e1da Add GMSA Credential Spec passing 
Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2020-06-10 11:15:07 -07:00
Wei Fu
ae8200bf93
Merge pull request #1499 from webwurst/patch-1 
Fix typo
 2020-06-10 13:46:29 +08:00
Mike Brown
3290b86a8c
Merge pull request #1506 from cpuguy83/registry_headers 
Add config for registry http headers
 2020-06-09 18:43:11 -05:00
Lorenz Brun
5a1d49b063 Add option for ignoring volumes defined in images 
Signed-off-by: Lorenz Brun <lorenz@brun.one>
 2020-06-09 21:02:47 +02:00
Wei Fu
d656fa38ca restart plugin: support binary log uri 
Introduce LogURIGenerator helper function in cio package. It is used in
the restart options, like WithBinaryLogURI and WithFileLogURI.

And restart.LogPathLabel might be used in production and work well. In
order to reduce breaking change, the LogPathLabel is still recognized if
new LogURILabel is not set. In next release 1.5, the LogPathLabel will
be removed.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2020-06-10 00:09:24 +08:00
Brian Goff
c694c63176 Add config for registry http headers 
This adds a configuration knob for adding request headers to all
registry requests. It is not namespaced to a registry.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-06-08 18:56:15 -07:00
Wei Fu
834665d9db
Merge pull request #4311 from rudyfly/upsteam_overlay_indexoff 
overlay: use index=off to fix EBUSY on mount
 2020-06-09 08:25:06 +08:00
Michael Crosby
7868e8d6aa
Merge pull request #4309 from gaurav1086/waitForPid_fix_goroutine_leak 
waitForPid: fix goroutine leak
 2020-06-08 16:34:53 -04:00
Michael Crosby
7fdcd07feb
Merge pull request #4310 from gaurav1086/process_io_fix_goroutine_leak 
Process I/O: Fix goroutine leak
 2020-06-08 16:34:11 -04:00
Derek McGowan
4e6d38606c
Merge pull request #4313 from crosbymichael/allow-list 
Update usage of whitelist in project
 2020-06-08 12:35:20 -07:00
Michael Crosby
0f831093ce Update usage of whitelist in project 
Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-06-08 12:49:22 -05:00
Rudy Zhang
d36810d66d overlay: use index=off to fix EBUSY on mount 
kernel version > 4.13rc1 support index=on feature, it will be failed
with EBUSY when trying to mount.

Related: https://github.com/moby/moby/pull/37993

Signed-off-by: Rudy Zhang <rudyflyzhang@gmail.com>
 2020-06-08 15:51:15 +08:00
Gaurav Singh
7213cd89d6 Process I/O: Fix goroutine leak 
Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>
 2020-06-07 17:38:36 -04:00
Gaurav Singh
ae08491bff waitForPid: fix goroutine leak 
Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>
 2020-06-07 17:33:10 -04:00
Tobias Bradtke
098e040014 Fix typo 
Signed-off-by: Tobias Bradtke <webwurst@gmail.com>
 2020-06-05 18:19:49 +02:00
Maksym Pavlenko
38cb1c1a54
Merge pull request #4303 from estesp/update-hcsshim-release-flow 
Streamline hcsshim build addition to release flow
 2020-06-04 10:34:07 -07:00
Phil Estes
8fcd5a1f28
Streamline hcs shim release flow 
Improvements to acquire/build hcsshim from source in the release
workflow.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2020-06-04 12:23:50 -04:00
Phil Estes
8f959d569a
Merge pull request #4292 from cpuguy83/add_hcsshim_to_release_tar 
Add windows hcsshim to release pipeline
 2020-06-04 08:56:09 -04:00
Wei Fu
bc96548c7b
Merge pull request #1502 from mikebrow/nginx-timing-problem 
move up to latest cri-tools - pick up nginx fix
 2020-06-04 12:52:51 +08:00
Mike Brown
e56347aabc move up to latest critools pick up nginx fix 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-06-03 15:26:26 -05:00
Phil Estes
7e98b43cfa
Merge pull request #4299 from estesp/update-cri-tools 
Match version used in CRI project
 2020-06-03 15:42:24 -04:00
Phil Estes
ef0cf12647
Match version used in CRI project 
Use the critools version currently being used in the CRI project CI.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2020-06-03 15:12:48 -04:00
Brian Goff
2be80f9997 Add windows hcsshim to release pipeline 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-06-03 11:10:33 -07:00
Michael Crosby
7ce8a9d7d3
Merge pull request #4204 from ashrayjain/aj/add-kill-retry 
Make killing shims more resilient
 2020-06-03 11:10:43 -04:00
Phil Estes
7121969f2d
Merge pull request #4296 from dims/revendor-containerd-cri-for-tolerating-hugepages-cgroup 
Revendor CRI to 62c91260d2
 2020-06-03 09:35:46 -04:00
Ashray Jain
3e95727f39 Make killing shims more resilient 
Currently, we send a single SIGKILL to the shim process
once and then we spin in a loop where we use kill(pid, 0)
to detect when the pid has disappeared completely.

Unfortunately, this has a race condition since pids can be reused causing us
to spin in an infinite loop when that happens.

This adds a timeout to this loop which logs a warning and exits the
infinite loop.

Signed-off-by: Ashray Jain <ashrayj@palantir.com>
 2020-06-03 12:57:08 +01:00
Davanum Srinivas
e64b14820e
Revendor CRI to 62c91260d2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-02 15:27:39 -04:00
Mike Brown
62c91260d2
Merge pull request #1501 from dims/tolerate-missing-hugetlb-cgroups-controller 
Tolerate missing HugeTLB cgroups controller
 2020-06-02 10:53:40 -05:00
Derek McGowan
3dd8242a67
Add host specific headers 
Allows configuring headers per registry host

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2020-06-01 18:27:41 -07:00
Michael Crosby
62dd14114d
Merge pull request #4273 from AkihiroSuda/oomv2 
cgroup2: implement `containerd.events.TaskOOM` event
 2020-06-01 12:51:34 -04:00