github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,654 Commits 3 Branches 4 Tags
b0d7a96976f60d0bb1d07d448210c64efee2e5a2
Commit Graph

1336 Commits

Author SHA1 Message Date
Derek McGowan
1cc38f8df7 Merge pull request #5904 from qiutongs/ip-leakage-fix 2022-09-29 18:14:35 -07:00
Qiutong Song
4f4aad057d Persist container and sandbox if resource cleanup fails, like teardownPodNetwork 
Signed-off-by: Qiutong Song <songqt01@gmail.com>
 2022-09-27 14:38:41 +00:00
Maksym Pavlenko
39f7cd73e7 Merge pull request #7405 from kzys/cri-fuzz 
Refactor CRI fuzzers
 2022-09-22 16:55:27 -07:00
Maksym Pavlenko
23b545232c Merge pull request #7417 from ruiwen-zhao/grpc_code 
Set grpc code for unimplemented cri-api methods
 2022-09-22 12:12:34 -07:00
Phil Estes
8f95bac049 Merge pull request #7401 from wllenyj/sandbox_stop 
Sandbox API: implement Controller.Wait and Controller.Stop
 2022-09-22 14:33:52 -04:00
ruiwen-zhao
c6f571fc7d Set grpc code for unimplemented cri-api methods 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-09-22 07:24:48 +00:00
wanglei01
82890dd290 CRI: implement Controller.Stop for SandboxAPI 
Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
 2022-09-22 14:38:52 +08:00
wanglei01
927906992f CRI: implement Controller.Wait for SandboxAPI 
Rework sandbox monitoring, we should rely on Controller.Wait instead of
CRIService.StartSandboxExitMonitor

Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
 2022-09-22 14:38:45 +08:00
Ed Bartosh
e22a7a3833 reference CDI configuration details 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2022-09-21 11:25:28 +03:00
Samuel Karp
c8010b9cbe sbserver: return resources in ContainerStatus 
Port of b7b1200dd3 to sbserver

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-09-20 18:38:09 -07:00
Kazuyoshi Kato
a37c64b20c Refactor CRI fuzzers 
pkg/cri/sbserver/cri_fuzzer.go and pkg/cri/server/cri_fuzzer.go were
mostly the same.

This commit merges them together and move the unified fuzzer to
contrib/fuzz again to sort out dependencies. pkg/cri/ shouldn't consume
cmd/.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-19 22:14:11 +00:00
Phil Estes
a1e4a94694 Merge pull request #7393 from Iceber/skip_verify 
remotes/docker/config: Skipping TLS verification for localhost
 2022-09-19 10:53:56 -04:00
Iceber Gu
3cfde732e1 remotes/docker/config: Skipping TLS verification for localhost 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2022-09-13 17:40:23 +08:00
Kevin Parsons
de509c0682 Merge pull request #6901 from dcantah/add-wcowhyp-runtime 
windows: Add runhcs-wcow-hypervisor runtimeclass to the default config
 2022-09-08 10:53:12 -07:00
lengrongfu
3c0e6c40ad feat: upgrade registry.k8s.io/pause version 
Signed-off-by: rongfu.leng <1275177125@qq.com>
 2022-09-06 15:59:20 +08:00
Abirdcfly
dcfaa30ba2 chore: remove duplicate word in comments 
Signed-off-by: Abirdcfly Fu <fp544037857@gmail.com>
 2022-08-29 13:05:32 +08:00
Samuel Karp
36d0cfd0fd Merge pull request #6517 from ruiwen-zhao/return-resource 2022-08-24 14:01:30 -07:00
ruiwen-zhao
b7b1200dd3 ContainerStatus to return container resources 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-08-24 19:08:06 +00:00
Paco Xu
9525b3148a migrate from k8s.gcr.io to registry.k8s.io 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-08-24 13:46:46 +08:00
Daniel Canter
f0036cb9dc windows: Add runhcs-wcow-hypervisor runtimeclass to the default config 
As part of the effort of getting hypervisor isolated windows container
support working for the CRI entrypoint here, add the runhcs-wcow-hypervisor
handler for the default config. This sets the correct SandboxIsolation
value that the Windows shim uses to differentiate process vs. hypervisor
isolation. This change additionally sets the wcow-process runtime to
passthrough io.microsoft.container* annotations and the hypervisor runtime
to accept io.microsoft.virtualmachine* annotations.

Note that for K8s users this runtime handler will need to be configured by
creating the corresponding RuntimeClass resources on the cluster as it's
not the default runtime.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-08-19 07:56:43 -07:00
Wei Fu
460b0533b2 pkg/cri/streaming: increase ReadHeaderTimeout 
It is follow-up of #7254. This commit will increase ReadHeaderTimeout
from 3s to 30m, which prevent from unexpected timeout when the node is
running with high-load. 30 Minutes is longer enough to get close to
before what #7254 changes.

And ideally, we should allow user to configure the streaming server if
the users want this feature.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-08-18 07:42:12 +08:00
ruiwen-zhao
6e4b6830f1 Update CRI-API 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-08-10 03:55:51 +00:00
Maksym Pavlenko
ca3b9b50fe Run gofmt 1.19 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-08-04 18:18:33 -07:00
Maksym Pavlenko
5cf77fc43d Add TODOs for the remaining work 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-08-04 10:29:15 -07:00
Maksym Pavlenko
aa3303b697 Update sandbox protobuf to match CRI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
8823224174 Update controller's start response to incldue pid and labels 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
3d028308ef Cleanup CRI files 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
c085fac1e5 Move sandbox start behind controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Brian Goff
f5fb2c32d2 Regenerate protos with updated protoc-gen-go 
This fixes CI issues

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-07-28 16:59:30 +00:00
Fu Wei
116af9d1cc Merge pull request #7207 from zouyee/relabel 
replace with selinux label
 2022-07-28 00:05:31 +08:00
Derek McGowan
6acde90772 Merge pull request #7069 from fuweid/failpoint-in-runc-shimv2 
test: introduce failpoint control to runc-shimv2 and cni
 2022-07-26 23:12:20 -07:00
zounengren
d121efc6d8 replace with selinux label 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-07-24 20:11:16 +08:00
zounengren
20e7b399f9 prevent Server reuse after a Shutdown 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-07-24 15:55:16 +08:00
Jeff Widman
050cd58ce6 Drop deprecated ioutil 
`ioutil` has been deprecated by golang. All the code in `ioutil` just
forwards functionality to code in either the `io` or `os` packages.

See https://github.com/golang/go/pull/51961 for more info.

Signed-off-by: Jeff Widman <jeff@jeffwidman.com>
 2022-07-23 08:36:20 -07:00
Maksym Pavlenko
500ff95f02 Make getServicesOpts a helper 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-22 19:38:45 -07:00
Wei Fu
cbebeb9440 pkg/failpoint: add FreeBSD link and update pkg doc 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Wei Fu
1ae6e8b076 pkg/failpoint: add DelegatedEval API 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Wei Fu
ffd59ba600 pkg/failpoint: init failpoint package 
Failpoint is used to control the fail during API call when testing, especially
the API is complicated like CRI-RunPodSandbox. It can help us to test
the unexpected behavior without mock. The control design is based on freebsd
fail(9), but simpler.

REF: https://www.freebsd.org/cgi/man.cgi?query=fail&sektion=9&apropos=0&manpath=FreeBSD%2B10.0-RELEASE

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Danielle Lancashire
3125f7e1a0 cri_stats: handle missing cpu stats 
Signed-off-by: Danielle Lancashire <dani@builds.terrible.systems>
 2022-07-22 12:10:24 +00:00
Fu Wei
badb66113c Merge pull request #7189 from zouyee/ctx 2022-07-22 11:09:02 +08:00
Derek McGowan
24aad6dd46 Merge pull request #7182 from HeavenTonight/main 
code cleanup
 2022-07-20 13:09:10 -07:00
zounengren
7dc66eee64 using ContextDialer instead 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-07-20 22:53:42 +08:00
James Sturtevant
0d6881898e Refactor usageNanoCores be to used for all OSes 
Signed-off-by: James Sturtevant <jstur@microsoft.com>
 2022-07-19 16:49:08 -07:00
guiyong.ou
628f6ac681 code cleanup 
Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>
 2022-07-19 22:46:32 +08:00
Maksym Pavlenko
e69a83f356 Merge pull request #7168 from mxpv/linter 
Update and align golangci-lint version
 2022-07-18 12:23:06 -07:00
Mike Brown
88bcbb0361 adds a comment explaining how to disable experimental sbserver 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-07-15 17:00:56 -05:00
Maksym Pavlenko
3a3f43f72f Fix linter warnings 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-15 13:29:04 -07:00
Maksym Pavlenko
98a1b7ff1b Add log messages when choosing CRI server 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-14 09:12:35 -07:00
Maksym Pavlenko
2ba6353316 Change metrics namespace for sandboxed CRI to prevent panic 
panic: duplicate metrics collector registration attempted

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-13 12:47:13 -07:00
Maksym Pavlenko
b8e93774c1 Enable integration tests against sandboxed CRI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-13 12:02:06 -07:00