github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
8,348 Commits 3 Branches 2 Tags 112 MiB
cdb2f9c66f
Commit Graph

51 Commits

Author SHA1 Message Date
Akihiro Suda
0762fdd9e2
Revert "Fix doc for runtime specific options" 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-09-22 17:23:19 +09:00
Mike Brown
fe9bb8da65
Merge branch 'master' into ssdoc 2020-07-29 11:44:10 -05:00
ktock
375dd76255 Add description about disable_snapshot_annotations to configuration doc 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2020-07-28 09:30:20 +09:00
ktock
c80660b82b Allow GC to discard content after successful pull and unpack 
This commit adds a config flag for allowing GC to clean layer contents up after
unpacking these contents completed, which leads to deduplication of layer
contents between the snapshotter and the contnet store.

Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2020-07-28 09:05:47 +09:00
Michael Crosby
5f5d954b6a add selinux category range to config 
This allows an admin to set the upper bounds on the category range for selinux
labels.  This can be useful when handling allocation of PVs or other volume
types that need to be shared with selinux enabled on the hosts and volumes.

Signed-off-by: Michael Crosby <michael@thepasture.io>
 2020-07-20 16:02:07 -04:00
HsuanChi (Austin) Kuo
904ab30f9d Fix doc for runtime specifc options 
Signed-off-by: Hsuan-Chi Kuo <hckuo2@illinois.edu>
 2020-07-10 11:04:49 -05:00
Akihiro Suda
fe6833a9a4
config: TolerateMissingHugePagesCgroupController -> TolerateMissingHugetlbController 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-07-02 13:49:42 +09:00
Mike Brown
b661ad711e
Merge pull request #1504 from lorenz/ignore-image-defined-volumes 
Add option for ignoring volumes defined in images
 2020-06-14 11:52:48 -05:00
Lorenz Brun
5a1d49b063 Add option for ignoring volumes defined in images 
Signed-off-by: Lorenz Brun <lorenz@brun.one>
 2020-06-09 21:02:47 +02:00
Brian Goff
c694c63176 Add config for registry http headers 
This adds a configuration knob for adding request headers to all
registry requests. It is not namespaced to a registry.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-06-08 18:56:15 -07:00
Maksym Pavlenko
df8d6c5b7b Update documentation for base OCI spec files 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-28 14:45:11 -07:00
Maksym Pavlenko
8d54f39753 Allow specify base OCI runtime spec 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-28 13:39:31 -07:00
Maksym Pavlenko
674fe72aa8 Update docs for unset seccomp profile 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2020-05-10 10:46:58 -07:00
Dave Syer
5ac8515bf0 Clarify that plugin names are long in version = 2 
Otherwise it's confusing for readers who just need quick reference
for plugin configurations.

Signed-off-by: Dave Syer <dsyer@pivotal.io>
 2020-04-27 14:35:41 +01:00
Brandon Lum
8d5a8355d0 Updated docs and code for default nil behavior 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-27 23:42:03 +00:00
Brandon Lum
7a24da0375 Updated docs and encryption.md -> decryption.md 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Brandon Lum
c5209cd679 Updated doc based on changes requested 
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2020-02-24 20:45:57 +00:00
Mike Brown
c9ed98462d move to v3.2 for the pause image 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-02-14 12:55:52 -06:00
Akihiro Suda
aaddaa2732 bump up the default runtime to "io.containerd.runc.v2" 
The former default runtime "io.containerd.runc.v1" won't support new features
like support for cgroup v2: containerd/containerd#3726

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2019-12-16 11:53:58 +09:00
Lantao Liu
35eb96d901 Update deployment and integration test 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-09-18 17:21:37 -07:00
Ed Bartosh
e28689657a Add ContatinerAnnotations to the Runtime and config 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2019-09-10 11:28:51 +03:00
Alex Price
3353ab76d9 Add flag to overload default privileged host device behaviour 
This commit adds a flag to the runtime config that allows overloading of the default
privileged behaviour. When the flag is enabled on a runtime, host devices won't
be appended to the runtime spec if the container is run as privileged.

By default the flag is false to maintain the current behaviour of privileged.

Fixes #1213

Signed-off-by: Alex Price <aprice@atlassian.com>
 2019-08-08 12:16:42 +10:00
Lantao Liu
871a8b89c8 Do not deprecate no_pivot yet. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-05 15:12:50 -07:00
Lantao Liu
b74653b821 Print warning message for deprecated options. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-08-02 01:10:11 -07:00
Lantao Liu
467f9e0e8a Fix proc mount support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-31 17:11:15 -07:00
Lantao Liu
c78caf902d Add max concurrent downloads support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-07-26 18:15:17 -07:00
Aldo Culquicondor
4b43303203 Add option to register on TCP server 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-25 09:42:49 -04:00
Aldo Culquicondor
e2550f6285 Update docs to v2 config 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2019-07-24 09:30:13 -04:00
Mike Brown
3ba04c01cc doc update for cni max num 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2019-06-11 08:35:22 -05:00
kuramal
b022de5f37 add cni plugin config file max num config, set go-cni to commit 22460c0 
Signed-off-by: kuramal <linxxnil@126.com>
 2019-06-10 12:14:35 +08:00
Lantao Liu
db90808477 Update doc and add deprecation policy for CRI options. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-04-25 16:11:16 -07:00
Lantao Liu
238658719f Cleanup pod annotation test and only support tailing wildcard. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-03-25 12:54:34 -07:00
Harshal Patil
effd82227c Add support for passing sandbox annotations to runtime 
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
 2019-03-21 14:38:14 +05:30
Lantao Liu
f2f90f6b00
Merge pull request #1060 from Random-Liu/support-stream-idle-timeout 
Support stream idle timeout.
 2019-02-28 10:28:27 -08:00
Lantao Liu
8222da7768 Support stream idle timeout. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-28 01:30:01 -08:00
Lantao Liu
76ed153e8c Add more explanation about the CRI config. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2019-02-27 16:51:36 -08:00
Akihiro Suda
cd8231ab2a support DisableCgroup, DisableApparmor, RestrictOOMScoreAdj 
Add following config for supporting "rootless" mode

* DisableCgroup: disable cgroup
* DisableApparmor: disable Apparmor
* RestrictOOMScoreAdj: restrict the lower bound of OOMScoreAdj

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2019-01-03 05:12:04 +09:00
Lantao Liu
1442425f92 Support runtime specific configurations. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-10-08 17:17:29 -07:00
Lantao Liu
65283e4253 The indent is wrong. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-09-17 12:11:18 -07:00
Tim Allclair
e7189a25c3
Add RuntimeHandler support 
Signed-off-by: Tim Allclair <tallclair@google.com>
 2018-09-05 17:27:35 -07:00
JulienBalestra
dffd0dfa0e
streaming: tls conf validation to func with tests 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-30 15:10:48 +02:00
JulienBalestra
859003a940
stream: struct for x509 key pair, update the docs, error management 
Signed-off-by: JulienBalestra <julien.balestra@datadoghq.com>
 2018-08-28 17:22:11 +02:00
Lantao Liu
b3d6f16383 Serve streaming on localhost by default to match k8s 1.11 default. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-07-21 01:10:45 +00:00
yanxuean
7065dd81f9 support no_pivot option for runc 
Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2018-07-20 08:46:50 +08:00
Lantao Liu
405f57f8e0 Add max_container_log_size 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-06-14 14:24:17 -07:00
Lantao Liu
d8a3c5f254 Address comments. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-09 18:15:09 +00:00
Lantao Liu
b2099c2061 Add cni config template support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-07 06:34:45 +00:00
Lantao Liu
ad7bffc093 Enable TLS streaming in all the setup. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-04-03 00:17:26 +00:00
Lantao Liu
f0655ecfe0 Use pause image from new source. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-26 07:11:41 +00:00
Mike Brown
94df315de8 adds volatile state directory to the fs plan for cntrs/pods/fifo 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-03-24 00:05:52 +00:00