We should never return a nil context because of the way this function is
typically used... e.g.
```
ctx, done, err := containerd.WithLease(ctx)
```
If there is an error `ctx` will be nil and any error handling may cause
an NPE if it tries to use `ctx`.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Moved registry host configuration to the config package
and allows support of loading configurations from a
directory when the hosts are being resolved.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Add `remotes/certutil` functions for loading `ca.crt`, `client.cert`, and `client.key` into `tls.Config` from a directory like `/etc/docker/certs.d/<hostname>.
See https://docs.docker.com/engine/security/certificates/ .
Client applications including CRI plugin are expected to configure the resolver using these functions.
As an example, the `ctr` tool is extended to support `ctr images pull --certs-dir=/etc/docker/certs.d example.com/foo/bar:baz`.
Tested with Harbor 1.8.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
If runtime is not runc, it doesn't make sense to send runc Options
as container create options, which will confuse other runtimes and
it actually causes kata shimv2 to fail to unmarshal the requset.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Errors like `"type with url %s: not found"` are typical for non-builtin
event types, and should not resultin exiting `ctr`.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* --uidmap support for one remapping
* --gidmap support for one remapping
* create IoUid and IoGid options for getNewTaskOpts
Signed-off-by: Jie Hao Liao <liaojh1998@gmail.com>
* only shim v2 runc v2 ("io.containerd.runc.v2") is supported
* only PID metrics is implemented. Others should be implemented in separate PRs.
* lots of code duplication in v1 metrics and v2 metrics. Dedupe should be separate PR.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This change includes a cri master bump and a cgroup bump for windows support
with cgroup stats and reusing the cgroup metric types.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
The cgroup dependency brings in quite a lot only for WithNamespaceCgroupDeletion,
which is a namespaces.DeleteOpt.
Signed-off-by: Tibor Vass <tibor@docker.com>
- Add `all-manifests` option to both `ctr content fetch` and `ctr
images pull`. By default it is false.
- This option ties to `AppendDistributionSourceLabel` in client.
Signed-off-by: Yu Yi <yiyu@google.com>
We are separating out the encryption code and have designed a few new
interfaces and APIs for processing content streams. This keep the core
clean of encryption code but enables not only encryption but support of
multiple content types ( custom media types ).
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Closes#1862
This adds a new rpc to the introspection service to provide server
information with a generated UUID that is done on demand and the os and
arch of the server.
ctr output:
```bash
> sudo ctr version
Client:
Version: v1.2.0-802-g57821695.m
Revision: 578216950de9c1c188708369e2a31ac6c494dfee.m
Server:
Version: v1.2.0-802-g57821695.m
Revision: 578216950de9c1c188708369e2a31ac6c494dfee.m
UUID: 92e982a9-f13e-4a2c-9032-e69b27fed454
OS: linux
ARCH: amd64
```
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
