github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
13,318 Commits 3 Branches 4 Tags
df9b0a0675b8ff99605bccfa46bbb58c2ee8182d
Commit Graph

13318 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Estes
14e851ecc7 Merge pull request #9538 from containerd/dependabot/go_modules/github.com/Microsoft/hcsshim-0.12.0-rc.1 
build(deps): bump github.com/Microsoft/hcsshim from 0.12.0-rc.0 to 0.12.0-rc.1
 2023-12-14 14:55:21 +00:00
Samuel Karp
25dc823bfd integration: fix format string for klog.Infof 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-12-13 22:56:57 -08:00
dependabot[bot]
fc4b78c05c build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0 
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/intel/goresctrl/releases)
- [Commits](https://github.com/intel/goresctrl/compare/v0.3.0...v0.5.0)

---
updated-dependencies:
- dependency-name: github.com/intel/goresctrl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:26 +00:00
dependabot[bot]
1c96087ce7 build(deps): bump github.com/Microsoft/hcsshim 
Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) from 0.12.0-rc.0 to 0.12.0-rc.1.
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.0-rc.0...v0.12.0-rc.1)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:06 +00:00
dependabot[bot]
7e3c8af520 build(deps): bump github.com/prometheus/client_golang 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:36:55 +00:00
dependabot[bot]
f9303d04de build(deps): bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:34:30 +00:00
dependabot[bot]
4c1ebe33bd build(deps): bump docker/setup-buildx-action from 2 to 3 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:34:15 +00:00
Fu Wei
a901236bf0 Merge pull request #9532 from AkihiroSuda/dependabot 
dependabot: enable groups
 2023-12-14 02:58:39 +00:00
Akihiro Suda
98796a4da8 Merge pull request #9526 from containerd/dependabot/go_modules/github.com/moby/sys/mountinfo-0.7.1 
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
 2023-12-14 00:52:13 +00:00
Akihiro Suda
51fd1d47e6 dependabot: enable groups 
See https://github.blog/changelog/2023-06-30-grouped-version-updates-for-dependabot-public-beta/

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-12-14 09:38:44 +09:00
Akihiro Suda
2196327f55 Merge pull request #9525 from containerd/dependabot/go_modules/k8s.io/component-base-0.28.4 
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
 2023-12-13 22:59:43 +00:00
dependabot[bot]
4a71a93604 build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1 
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](https://github.com/moby/sys/compare/mountinfo/v0.6.2...mountinfo/v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 17:40:31 +00:00
Akihiro Suda
ff6324c953 Merge pull request #9527 from containerd/dependabot/go_modules/golang.org/x/mod-0.14.0 
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
 2023-12-13 16:50:40 +00:00
Phil Estes
73167c07a7 Merge pull request #9523 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.4 
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
 2023-12-13 16:42:38 +00:00
dependabot[bot]
344fe957f4 build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 16:14:48 +00:00
Akihiro Suda
308839d23a Merge pull request #9521 from containerd/dependabot/go_modules/golang.org/x/sync-0.5.0 
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
 2023-12-13 15:07:04 +00:00
Phil Estes
565cc91657 Merge pull request #9494 from rumpl/fix-append-additonal-groups 
WithAppendAdditionalGroups: better /etc/group handling
 2023-12-13 14:59:58 +00:00
Fu Wei
9f17ed6771 Merge pull request #9522 from containerd/dependabot/go_modules/go.etcd.io/bbolt-1.3.8 
build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8
 2023-12-13 13:50:01 +00:00
Akihiro Suda
614395ce65 Merge pull request #9513 from containerd/dependabot/github_actions/ossf/scorecard-action-2.3.1 
build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1
 2023-12-13 12:33:03 +00:00
Akihiro Suda
93e3a50420 Merge pull request #9511 from containerd/dependabot/github_actions/google-github-actions/auth-2 
build(deps): bump google-github-actions/auth from 0 to 2
 2023-12-13 05:52:48 +00:00
Akihiro Suda
47b18765b2 Merge pull request #9509 from containerd/dependabot/github_actions/google-github-actions/upload-cloud-storage-1.0.3 
build(deps): bump google-github-actions/upload-cloud-storage from 0.10.4 to 1.0.3
 2023-12-13 05:12:31 +00:00
Akihiro Suda
e66b912048 Merge pull request #9517 from containerd/dependabot/github_actions/actions/stale-9 
build(deps): bump actions/stale from 8 to 9
 2023-12-13 05:11:26 +00:00
Akihiro Suda
fd163893bc Merge pull request #9512 from containerd/dependabot/github_actions/crazy-max/ghaction-github-runtime-3 
build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
 2023-12-13 05:01:40 +00:00
Akihiro Suda
43bcea89a7 Merge pull request #9515 from containerd/dependabot/github_actions/actions/github-script-7 
build(deps): bump actions/github-script from 6 to 7
 2023-12-13 04:46:10 +00:00
Akihiro Suda
d9eeec3bd0 Merge pull request #9516 from containerd/dependabot/github_actions/docker/login-action-3 
build(deps): bump docker/login-action from 2 to 3
 2023-12-13 04:45:49 +00:00
Akihiro Suda
32ad372706 Merge pull request #9510 from containerd/dependabot/github_actions/actions/setup-go-5 
build(deps): bump actions/setup-go from 3 to 5
 2023-12-13 04:14:25 +00:00
Akihiro Suda
5f38d64f2a Merge pull request #9508 from containerd/dependabot/github_actions/actions/checkout-4 
build(deps): bump actions/checkout from 3 to 4
 2023-12-13 03:52:59 +00:00
dependabot[bot]
6726a2aebf build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4 
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.28.2 to 0.28.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.28.2...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/component-base
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:26:34 +00:00
dependabot[bot]
0c98f10631 build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.2 to 1.17.4.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:25:20 +00:00
dependabot[bot]
39ba0347ee build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:42 +00:00
dependabot[bot]
db43e3d1f7 build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:20 +00:00
dependabot[bot]
4660090baf build(deps): bump actions/stale from 8 to 9 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:21:03 +00:00
dependabot[bot]
ace8ab1bd6 build(deps): bump docker/login-action from 2 to 3 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:21:01 +00:00
dependabot[bot]
0b94716e82 build(deps): bump actions/github-script from 6 to 7 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:55 +00:00
dependabot[bot]
9133ad811d build(deps): bump actions/upload-artifact from 1 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:47 +00:00
dependabot[bot]
c1823a7c6b build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.3 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](865b409285...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:41 +00:00
dependabot[bot]
36b12cbcbb build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3 
Bumps [crazy-max/ghaction-github-runtime](https://github.com/crazy-max/ghaction-github-runtime) from 2 to 3.
- [Release notes](https://github.com/crazy-max/ghaction-github-runtime/releases)
- [Commits](https://github.com/crazy-max/ghaction-github-runtime/compare/v2...v3)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-runtime
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:36 +00:00
dependabot[bot]
dc5a6cfaef build(deps): bump google-github-actions/auth from 0 to 2 
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 0 to 2.
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/auth/compare/v0...v2)

---
updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:31 +00:00
dependabot[bot]
f6a9c69665 build(deps): bump actions/setup-go from 3 to 5 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:26 +00:00
dependabot[bot]
e27ea7d1ad build(deps): bump google-github-actions/upload-cloud-storage 
Bumps [google-github-actions/upload-cloud-storage](https://github.com/google-github-actions/upload-cloud-storage) from 0.10.4 to 1.0.3.
- [Release notes](https://github.com/google-github-actions/upload-cloud-storage/releases)
- [Changelog](https://github.com/google-github-actions/upload-cloud-storage/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/upload-cloud-storage/compare/v0.10.4...v1.0.3)

---
updated-dependencies:
- dependency-name: google-github-actions/upload-cloud-storage
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:20 +00:00
dependabot[bot]
3ca95282ea build(deps): bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:20:14 +00:00
Derek McGowan
c0e94bc9a8 Merge pull request #9492 from kiashok/moveCriConfig 
Move GenerateRuntimeOptions() to pkg/cri/config
 2023-12-13 00:13:46 +00:00
Maksym Pavlenko
8f1479132f Merge pull request #9504 from AkihiroSuda/dependabot 
CI: enable dependabot
 2023-12-12 23:41:52 +00:00
Samuel Karp
edcbc508b6 Merge pull request #9496 from mxpv/links 
Add nighly job to verify doc links (and fix broken links)
 2023-12-12 23:04:50 +00:00
Phil Estes
35c125b2dd Merge pull request #9503 from ktock/go-toml-2.1.1 
go.mod: Bump up github.com/pelletier/go-toml to v2.1.1
 2023-12-12 21:25:14 +00:00
Derek McGowan
1feb23465f Merge pull request #9401 from fuweid/v2-mode 
*: introduce image_pull_with_sync_fs in CRI
 2023-12-12 14:34:44 +00:00
Djordje Lukic
1398186ca7 WithAppendAdditionalGroups: better /etc/group handling 
Scratch images don't necessarily have the /etc/group file, so we shouldn't
fail if opening/parsing it is not needed: if all the group to add are numeric.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
 2023-12-12 15:24:41 +01:00
Akihiro Suda
5a140dca5e CI: enable dependabot 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-12-12 18:46:07 +09:00
Kohei Tokunaga
c1197995b9 go.mod: Bump up github.com/pelletier/go-toml to v2.1.1 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-12 14:28:55 +09:00
Wei Fu
23278c81fb *: introduce image_pull_with_sync_fs in CRI 
It's to ensure the data integrity during unexpected power failure.

Background:

Since release 1.3, in Linux system, containerD unpacks and writes files into
overlayfs snapshot directly. It doesn’t involve any mount-umount operations
so that the performance of pulling image has been improved.

As we know, the umount syscall for overlayfs will force kernel to flush
all the dirty pages into disk. Without umount syscall, the files’ data relies
on kernel’s writeback threads or filesystem's commit setting (for
instance, ext4 filesystem).

The files in committed snapshot can be loss after unexpected power failure.
However, the snapshot has been committed and the metadata also has been
fsynced. There is data inconsistency between snapshot metadata and files
in that snapshot.

We, containerd, received several issues about data loss after unexpected
power failure.

* https://github.com/containerd/containerd/issues/5854
* https://github.com/containerd/containerd/issues/3369#issuecomment-1787334907

Solution:

* Option 1: SyncFs after unpack

Linux platform provides [syncfs][syncfs] syscall to synchronize just the
filesystem containing a given file.

* Option 2: Fsync directories recursively and fsync on regular file

The fsync doesn't support symlink/block device/char device files. We
need to use fsync the parent directory to ensure that entry is
persisted.

However, based on [xfstest-dev][xfstest-dev], there is no case to ensure
fsync-on-parent can persist the special file's metadata, for example,
uid/gid, access mode.

Checkout [generic/690][generic/690]: Syncing parent dir can persist
symlink. But for f2fs, it needs special mount option. And it doesn't say
that uid/gid can be persisted. All the details are behind the
implemetation.

> NOTE: All the related test cases has `_flakey_drop_and_remount` in
[xfstest-dev].

Based on discussion about [Documenting the crash-recovery guarantees of Linux file systems][kernel-crash-recovery-data-integrity],
we can't rely on Fsync-on-parent.

* Option 1 is winner

This patch is using option 1.

There is test result based on [test-tool][test-tool].
All the networking traffic created by pull is local.

  * Image: docker.io/library/golang:1.19.4 (992 MiB)
    * Current: 5.446738579s
      * WIOS=21081, WBytes=1329741824, RIOS=79, RBytes=1197056
    * Option 1: 6.239686088s
      * WIOS=34804, WBytes=1454845952, RIOS=79, RBytes=1197056
    * Option 2: 1m30.510934813s
      * WIOS=42143, WBytes=1471397888, RIOS=82, RBytes=1209344

  * Image: docker.io/tensorflow/tensorflow:latest (1.78 GiB, ~32590 Inodes)
    * Current: 8.852718042s
      * WIOS=39417, WBytes=2412818432, RIOS=2673, RBytes=335987712
    * Option 1: 9.683387174s
      * WIOS=42767, WBytes=2431750144, RIOS=89, RBytes=1238016
    * Option 2: 1m54.302103719s
      * WIOS=54403, WBytes=2460528640, RIOS=1709, RBytes=208237568

The Option 1 will increase `wios`. So, the `image_pull_with_sync_fs` is
option in CRI plugin.

[syncfs]: <https://man7.org/linux/man-pages/man2/syncfs.2.html>
[xfstest-dev]: <https://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git>
[generic/690]: <https://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git/tree/tests/generic/690?h=v2023.11.19>
[kernel-crash-recovery-data-integrity]: <https://lore.kernel.org/linux-fsdevel/1552418820-18102-1-git-send-email-jaya@cs.utexas.edu/>
[test-tool]: <a17fb2010d/contrib/syncfs/containerd/main_test.go (L51)>

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-12-12 10:18:39 +08:00