containerd

Author	SHA1	Message	Date
Abel Feng	c8012b6d74	sandbox: make a clear dependency of cri plugins Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-11-30 23:06:41 +08:00
Maksym Pavlenko	e15c246550	Move CRI image service into a separate plugin Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com> Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-11-20 09:41:27 +08:00
Wei Fu	f6c4de6b53	fix: podsandbox depends on Lease plugin introduced by `09723a6175` Signed-off-by: Wei Fu <fuweid89@gmail.com>	2023-11-17 23:29:04 +08:00
Fu Wei	09723a6175	Merge pull request #9275 from abel-von/sandbox-plugin-1019 sandbox: podsandbox controller init its own client	2023-11-16 10:01:02 +00:00
Samuel Karp	1a54a217ca	Merge pull request #9338 from Iceber/update_pinned_label cri: fix update of pinned label for images	2023-11-16 05:54:55 +00:00
Abel Feng	32bf805e57	sandbox: add a sandboxService interface to criService so that we can add a fakeSandboxService to the criService in tests. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-11-15 09:25:58 +08:00
Abel Feng	25a4c3d235	sandbox: remove SandboxersServicePlugin Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-11-15 09:22:10 +08:00
Abel Feng	0cf48bab2c	sandbox: podsandbox init its own client To break the cyclic dependency of cri plugin and podsandbox plugin, we define a new plugin type of SandboxesServicePlugin and when cri init it's own client, it will add the all the controllers by get them from the SandboxesServicePlugin. when podsandbox controller init it's client, it will not Require the SandboxesServicePlugin. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-11-15 09:22:10 +08:00
Akhil Mohan	e682da76ce	fix labels in pod sandbox Signed-off-by: Akhil Mohan <makhil@vmware.com>	2023-11-14 01:52:09 +05:30
Akhil Mohan	64c41162c3	update tests to use labels from cri/labels Signed-off-by: Akhil Mohan <makhil@vmware.com>	2023-11-14 01:46:43 +05:30
Akhil Mohan	7e79225cec	refactor labels used in cri server remove the duplication of labels used in cri/server and move them to a common package cri/labels Signed-off-by: Akhil Mohan <makhil@vmware.com>	2023-11-14 01:45:26 +05:30
Iceber Gu	2e014fa2ac	cri: fix update of pinned label for images Signed-off-by: Iceber Gu <caiwei95@hotmail.com>	2023-11-10 23:27:11 +08:00
rongfu.leng	7b9fcfd7c6	add default enable unprivileged icmp/ports Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-11-08 23:00:35 +08:00
rongfu.leng	e099717f9f	validate kernel version for unprivileged icmp/port Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-11-06 23:50:12 +08:00
Samuel Karp	bd2db42464	Merge pull request #9287 from lengrongfu/feat/add-warning-use-inheritable add warning use inheritable Capabilities	2023-11-04 00:33:18 +00:00
Samuel Karp	a596d09ec9	cri: add deprecation warning for configs Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-11-02 11:17:32 -07:00
Samuel Karp	35924bccc0	cri: add deprecation warning for auths Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-11-02 11:17:32 -07:00
Samuel Karp	d7cb25d770	cri: add deprecation warning for mirrors Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-11-02 11:17:31 -07:00
Samuel Karp	58cc275eb8	cri: add ability to emit deprecation warnings Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-11-02 11:17:31 -07:00
Samuel Karp	6cd0e8e405	Merge pull request #9321 from dmcgowan/switch-to-plugin-repo Switch to plugin repo	2023-11-02 16:50:49 +00:00
Phil Estes	740717673f	Merge pull request #9317 from jsturtevant/fix-sbserver-windows CRI: Handle ArgsEscaped for new Sb Server by clearing commandline in spec	2023-11-02 14:45:39 +00:00
rongfu.leng	df19888f83	add warning use inheritable Capabilities Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-11-02 16:14:59 +08:00
Derek McGowan	9db21401c4	Switch to github.com/containerd/plugin Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-11-01 23:01:42 -07:00
James Sturtevant	a67efe88db	Add tests cases Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2023-11-01 15:32:43 -07:00
James Sturtevant	0ffc3e9873	Handle ArgsEscaped for new Sb Server The PR https://github.com/containerd/containerd/pull/8198 fixed this for CRI but missed clearing the commandline in the forked SB server. This simply adds that back in Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2023-11-01 12:06:07 -07:00
Derek McGowan	261e01c2ac	Move client to subpackage Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-11-01 10:37:00 -07:00
Derek McGowan	5fdf55e493	Update go module to github.com/containerd/containerd/v2 Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-10-29 20:52:21 -07:00
Derek McGowan	638b474c81	Temporarily remove imgcrypt in CRI to fix circular dependency Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-10-27 15:36:47 -07:00
Derek McGowan	18c9e7ec4c	Merge pull request #9270 from fuweid/fix-sb-issues pkg/cri: should ignore no sandbox bucket	2023-10-21 21:44:16 +00:00
Abel Feng	8b4f9656d2	sandbox: remove ValidateMode as it is not used Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-10-20 16:02:13 +08:00
Wei Fu	337cc21719	pkg/cri: should ignore no sandbox bucket The sandbox might be recovered from v1.x release. It doesn't have metadata bucket. We should ignore the not-found error. How to reproduce the issue: ```bash ➜ containerd git:(main) sudo ctr version Client: Version: 1.6.22 Revision: 8165feabfdfe38c65b599c4993d227328c231fca Go version: go1.19.11 Server: Version: 1.6.22 Revision: 8165feabfdfe38c65b599c4993d227328c231fca UUID: be4216aa-8a2e-4305-9186-efeacd2d9a17 ➜ containerd git:(main) cat /tmp/pod.json { "metadata": { "name": "nginx-sandbox", "namespace": "default", "attempt": 1, "uid": "hdishd83djaidwnduwk28bcsb" }, "log_directory": "/tmp", "linux": { } } ➜ containerd git:(main) sudo crictl runp /tmp/pod.json 616ea1cc657c57e80abf74e707a8177878ac2ec1ab7c346b4adb7bc0fadf986e ➜ containerd git:(main) sudo crictl pods POD ID CREATED STATE NAME NAMESPACE ATTEMPT RUNTIME 616ea1cc657c5 9 seconds ago Ready nginx-sandbox default 1 (default) ➜ containerd git:(main) make BUILDTAGS=no_btrfs ➜ containerd git:(main) sudo PREFIX=/usr make install + install bin/ctr bin/containerd bin/containerd-stress bin/containerd-shim-runc-v2 ➜ containerd git:(main) sudo systemctl restart containerd ➜ containerd git:(main) sudo ctr version Client: Version: v1.7.0-943-g980767551 Revision: `9807675518` Go version: go1.20.10 Server: Version: v1.7.0-943-g980767551 Revision: `9807675518` UUID: be4216aa-8a2e-4305-9186-efeacd2d9a17 ➜ containerd git:(main) sudo crictl stopp 616ea1cc657c5 Stopped sandbox 616ea1cc657c5 ➜ containerd git:(main) sudo crictl rmp 616ea1cc657c5 E1019 14:03:37.885162 2052643 remote_runtime.go:295] "RemovePodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to remove sandbox metadata from store: failed to delete sandbox \"616ea1cc657c57e80abf74e707a8177878ac2ec1ab7c346b4adb7bc0fadf986e\": bucket not found" podSandboxID="616ea1cc657c5" removing the pod sandbox "616ea1cc657c5": rpc error: code = Unknown desc = failed to remove sandbox metadata from store: failed to delete sandbox "616ea1cc657c57e80abf74e707a8177878ac2ec1ab7c346b4adb7bc0fadf986e": bucket not found ``` Signed-off-by: Wei Fu <fuweid89@gmail.com>	2023-10-20 15:20:18 +08:00
Maksym Pavlenko	f90f80d9b3	Merge pull request #9254 from adisky/cri-streaming-from-k8s Use staging k8s.io/kubelet/cri/streaming package	2023-10-19 12:32:12 -07:00
Derek McGowan	bb64e6a8ef	Initialize sandbox controller list on CRI server creation Avoid calling out to the client to get a sandbox controller and instead setup the list of controllers on initialization. This fixes a test failure which does not set the client. Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-10-18 15:25:25 -07:00
Derek McGowan	9807675518	Merge pull request #8268 from abel-von/sandbox-plugin Sandbox: make sandbox controller plugin	2023-10-18 10:16:10 -07:00
Aditi Sharma	03d81f595f	Use cri streaming pkg from k8s staging Use staging k8s.io/kubelet/cri/streaming package Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>	2023-10-18 09:14:28 +05:30
Fu Wei	dc7dba9c20	Merge pull request #9239 from jiangliu/cri-multi-snapshotters CRI: use (snapshotter_id, snapshot_key) to uniquely identify snapshots	2023-10-18 09:30:55 +08:00
Jiang Liu	8e7c10c6d0	CRI: enhance ImageFsInfo() to support multiple snapshotters Enhance cri/server/image/imagefs_info.go:ImageFsInfo() to support snapshotter per runtime. Now `ImageFsInfoResponse.ImageFilesystems` may contain multiple entries. Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>	2023-10-17 17:38:18 +08:00
Abel Feng	3ef300ca75	sandbox: remove global variable of podsandbox controller Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-10-16 21:17:50 +08:00
Abel Feng	d2d434b7d6	sandbox: add all sandbox information to Create method When call sandbox controller to create sandbox, we change the param from sandbox id to total sandbox object to git all information to controller, so that sandbox controller do not rely on the sandbox store anymore, this is more decouple for the sandbox controller plugin inside containerd, and it is neccesary for remote sandbox controller plugins as it is not able to get sandbox from the sandbox store anymore. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-10-16 21:17:50 +08:00
Abel Feng	2951fb6dc6	sandbox: support more sandbox controllers make containerd extensible to support more sandbox controllers registered into containerd by config. we change the default sandbox controller plugin's name from "local" to "shim". to make sure we can get the controller by the plugin name it registered into containerd. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-10-16 21:17:44 +08:00
Abel Feng	69e501e7cd	sandbox: change SandboxMode to Sandboxer Signed-off-by: Abel Feng <fshb1988@gmail.com>	2023-10-16 20:49:36 +08:00
Jiang Liu	5ad6f34329	CRI: use (snapshotter_id, snapshot_key) to uniquely identify snapshots Before snapshotter per runtime, CRI only supports a global snapshotter. So a snapshot can be uniquely identified by `snapshot_key`. With snapshotter per runtime enabled, there may be multiple snapshotters used by CRI. So only (snapshotter_id, snapshot_key) can uniquely identify a snapshot. Also extends CRI/store/snapshot/Store to support multiple snapshotters. Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>	2023-10-16 10:21:10 +08:00
Derek McGowan	7b2a918213	Generalize the plugin package Remove containerd specific parts of the plugin package to prepare its move out of the main repository. Separate the plugin registration singleton into a separate package. Separating out the plugin package and registration makes it easier to implement external plugins without creating a dependency loop. Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-10-12 21:22:32 -07:00
Derek McGowan	a80606bc2d	Move plugin type definitions to containerd plugins package The plugins packages defines the plugins used by containerd. Move all the types and properties to this package. Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-10-12 20:52:56 -07:00
Maksym Pavlenko	1b31993240	Rename sbserver to server Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-10-12 15:46:57 -07:00
Maksym Pavlenko	fa1d3a9ccb	Fix dependencies after remove Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-10-12 10:30:46 -07:00
Maksym Pavlenko	536abf1b35	Remove legacy CRI Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-10-12 09:18:45 -07:00
Maksym Pavlenko	33b1a833c6	Move CRI testing package out Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-10-12 09:18:20 -07:00
Maksym Pavlenko	016114ff6f	Move bandwidth package out of CRI server Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-10-12 09:12:52 -07:00
Samuel Karp	841c693710	Merge pull request #9076 from CFSworks/fix-ipv6-pref Fix `ip_pref` configuration option	2023-10-06 23:31:45 -07:00

1 2 3 4 5 ...

692 Commits