This change splits the definition of pkg/cri/os.ResolveSymbolicLink by
platform (windows/!windows), and switches to an alternate implementation
for Windows. This aims to fix the issue described in containerd/containerd#5405.
The previous implementation which just called filepath.EvalSymlinks has
historically had issues on Windows. One of these issues we were able to
fix in Go, but EvalSymlinks's behavior is not well specified on
Windows, and there could easily be more issues in the future, so it
seems prudent to move to a separate implementation for Windows.
The new implementation uses the Windows GetFinalPathNameByHandle API,
which takes a handle to an open file or directory and some flags, and
returns the "real" name for the object. See comments in the code for
details on the implementation.
I have tested this change with a variety of mounts and everything seems
to work as expected. Functions that make incorrect assumptions on what a
Windows path can look like may have some trouble with the \\?\ path
syntax. For instance EvalSymlinks fails when given a \\?\UNC\ path. For
this reason, the resolvePath implementation modifies the returned path
to translate to the more common form (\\?\UNC\server\share ->
\\server\share).
Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
(cherry picked from commit b0d3b35b28)
Signed-off-by: Phil Estes <estesp@gmail.com>
We can check that the reported containers stats are not lower than it should
by using the resource-consumer image. This image contains stress / testlimit.exe
which can consume a specified amount of memory.
Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
aufs was removed from Ubuntu kernel in Ubuntu 21.04, so deprecate the
built-in aufs snapshotter.
The aufs snapshotter can be still maintained as a non-builtin snapshotter.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Currently, the cri-integration tests do not work on Windows due to various reasons.
One of the reasons is because all the tests are using Linux-specific images. This
commit refactors the image pulling / usage in the cri-integration tests, making it
easier to update, and easier to configure the a custom registry to pull those images
from.
For Windows runs, custom registries can be created, which will also contain Windows
images, and the cri-integration tests can be configured to use those registries by
specifying the "--image-list" argument, a TOML file which will contain an alternative
mapping of the default images.
Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
- Add a multi-arch image with linux/amd64 and linux/arm64 (limit to just
what we are running in CI)
- Bump versions to 2.0 as 1.0 is the single-arch image
- Use `docker buildx` instead of just docker, so we don't need to build
manifests by hand
- busybox now does not have `nogroup`, since the test needs it, switch
over from busybox to ubuntu for just the volume-ownership image
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
This commit adds support for the PID namespace mode TARGET
when generating a container spec.
The container that is created will be sharing its PID namespace
with the target container that was specified by ID in the namespace
options.
Signed-off-by: Thomas Hartland <thomas.george.hartland@cern.ch>
The proto version was updated with cgroup in v1.0.0 but
the protos were not regenerated. The v1.0.1 tag fixes this.
Signed-off-by: Derek McGowan <derek@mcg.dev>
