containerd

Author	SHA1	Message	Date
Lantao Liu	ce12477f47	Support docker 18.09 in the test script. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:10 -07:00
Lantao Liu	1467121010	Remove the unused `health-monitor.sh`. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	201ad4d3c4	Support netd in GCE bootstrap. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	5ce7057502	Serve streaming on localhost by default to match k8s 1.11 default. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	b553fdaf31	Remove crictl on GCE for all cases. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	d8ce08fd92	Set stream server to serve on localhost on GCE. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	1629bab7f9	Make max container log line size configurable through cloud init. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	042378dcf1	Disable TLS streaming to work with new kubelet streaming proxy. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:09 -07:00
Bingshen Wang	37f2ecad97	Update cni.template Format the cni.template, use `space` instead of some `tab`. Avoid indent issue in text editor. Signed-off-by: bingshen.wbs <bingshen.wbs@alibaba-inc.com>	2020-08-11 09:15:09 -07:00
Lantao Liu	b58b6fef86	Disable restart plugin on GCE. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	f938a166cd	Fix kube-container-runtime-monitor. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	91f8e61bd3	Use crictl installed in kube-up.sh Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	5161f663e4	Add `unix://` prefix for socket addresses used by CRI remote client. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	1b995fcaf2	Add KUBE_CONTAINER_RUNTIME_NAME to fix fluentd support. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	48457a254e	Try using preloaded containerd if no version is specified. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	c67a38b0b5	Add log level support. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	4453aac005	Improve gce bootstrapping in various ways. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:08 -07:00
Lantao Liu	1bd3cdc572	Add cni config template support. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	d520fac508	Enable TLS streaming in all the setup. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	cdb4aec93a	Use systemd service cgroup and oom score adj. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	af8bd80689	Fix for kube-up.sh and update several documments. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	005da4a9b9	Replace `ctrcri` with `ctr cri`. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	0e2bd216ce	Update GCE cluster bootstrapping and e2e test Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	59e65e1f37	Enable container log rotation. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	85b4e69c9f	Do not block on stream server close. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	2ea6584ca7	Add initial wait for health-monitor and use pkill -x. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:07 -07:00
Lantao Liu	56b7ef2c4d	The ENV is finalized as KUBE_KUBELET_EXTRA_ARGS. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Mike Brown	24a3a0a068	change crictl sandboxes to pods; other references to sandboxes Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	8bc30e7a2e	Update ocicni to main stream. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	a010715584	Add a separate CLI for cri-containerd `ctrcri`. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	a843a30645	Use registry-1.docker.io as backup Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	ec649079a9	Put version into metadata so that version won't be changed across restart. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	7cbc1c8dc3	Set registry mirror. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	9f0816ac43	Configure container runtime cgroups for cgroup. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:06 -07:00
Lantao Liu	be72f47ec9	Add runtime cgroup and fix a cli panic. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Lantao Liu	680e21c430	Update all glog flags to `log-level`. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Lantao Liu	d50b9dd64c	Update containerd to 6c7abf7c76c1973d4fb4b0bad51691de84869a51. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Lantao Liu	869ea6b0c8	Add document for kube-up.sh Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Lantao Liu	30cbfb62ec	Add OS and arch in release tarball. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Lantao Liu	0512d1e0b2	Add `cluster` directory and health-monitor.sh. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-08-11 09:15:05 -07:00
Sebastiaan van Stijn	55c9eade39	Bump Golang 1.13.15 full diff: https://github.com/golang/go/compare/go1.13.14...go1.13.15 go1.13.15 (released 2020/08/06) includes security fixes to the encoding/binary package. See the Go 1.13.15 milestone on the issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.13.15+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-08-08 15:07:28 +02:00
Sebastiaan van Stijn	089672fff4	Bump Golang 1.13.14 full diff: https://github.com/golang/go/compare/go1.13.13...go1.13.14 go1.13.14 (released 2020/07/16) includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages. See the Go 1.13.14 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.13.14+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-07-17 15:37:52 +02:00
Akihiro Suda	c520f819a2	Bump Go 1.13.13 Includes security fixes to the `crypto/x509` and `net/http` packages. https://github.com/golang/go/issues?q=milestone%3AGo1.13.13+label%3ACherryPickApproved Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-07-15 14:24:48 +09:00
Florian Schmaus	e977564a8b	seccomp: allow 'rseq' syscall in default seccomp profile Restartable Sequences (rseq) are a kernel-based mechanism for fast update operations on per-core data in user-space. Some libraries, like the newest version of Google's TCMalloc, depend on it [1]. This also makes dockers default seccomp profile on par with systemd's, which enabled 'rseq' in early 2019 [2]. 1: https://google.github.io/tcmalloc/design.html 2: systemd/systemd@6fee3be Signed-off-by: Florian Schmaus <flo@geekplace.eu>	2020-06-26 17:10:05 +02:00
Wei Fu	e89500bcb0	Merge pull request #4333 from AkihiroSuda/golang-1.13.12 Bump Golang 1.13.12	2020-06-23 08:54:05 +08:00
Davanum Srinivas	2b0a994ccc	explicitly fail apparmor when !linux Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-06-22 12:54:09 -04:00
Akihiro Suda	1a83f9a638	Bump Golang 1.13.12 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-06-22 16:49:31 +09:00
Michael Crosby	0f831093ce	Update usage of whitelist in project Signed-off-by: Michael Crosby <michael@thepasture.io>	2020-06-08 12:49:22 -05:00
Kenta Tada	03755821d2	seccomp: remove the unused query_module(2) query_module(2) is only in kernels before Linux 2.6. Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>	2020-05-19 10:36:55 +09:00
Phil Estes	d7c4bda3b1	Merge pull request #4264 from thaJeztah/seccomp_allow_clock_adjtime seccomp: Whitelist `clock_adjtime`	2020-05-18 09:36:08 -04:00

1 2 3

109 Commits