github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
1,001 Commits 3 Branches 2 Tags 112 MiB
e1fe1abff0
Commit Graph

94 Commits

Author SHA1 Message Date
Lantao Liu
e1fe1abff0 Use github.com/pkg/errors 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-17 02:24:38 +00:00
abhi
2bdf428eb7 Removing DAD config and updating plugins to v0.7.0 
Signed-off-by: abhi <abhi@docker.com>
 2018-03-16 14:46:46 -07:00
abhi
003bbd4292 Modifying fake cni plugin 
Signed-off-by: abhi <abhi@docker.com>
 2018-03-15 17:05:33 -07:00
abhi
92110e1d74 Moving to use go-cni library from containerd 
This fix aims to use the cni library form containerd.
The library avoid usage of nsenter.

Signed-off-by: abhi <abhi@docker.com>
 2018-03-14 19:25:54 -07:00
Mike Brown
d4e7154625 move links for cri-containerd to cri 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-03-13 17:06:26 -05:00
Lantao Liu
f01c6d73a6 Fix cleanup context. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-07 07:05:27 +00:00
Lantao Liu
46fc92f65f Use new namespace mode and support shared pid namespace. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-02-08 03:10:57 +00:00
Lantao Liu
d113c16802 Update ocicni to my fork. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-02-02 19:45:26 +00:00
Lantao Liu
df58d6825d Avoid containerd access as much as possible. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-25 23:36:00 +00:00
Lantao Liu
2b6f084f36 Disable IPv6 dad by default. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-22 23:54:16 +00:00
Lantao Liu
3d68005c04 Replace glog with logrus 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-17 21:57:31 +00:00
Jose Carlos Venegas Munoz
b383b0261a Annotations: Provide container metadata for VM based runtimes 
For hypervisor-based container runtimes (like Kata Containers, Clear Containers
or runv) a pod will be created in a VM and then create containers within the VM.

When a runtime is requested for container commands like create and start, both
the instal "pause" container and next containers need to be added to the pod
namespace (same VM).

A runtime does not know if it needs to create/start a VM or if it needs to add a
container to an already running VM pod.

This patch adds a way to provide this information through container annotations.
When starting a container or a sandbox, 2 annotations are added:

- type (Container or Sandbox)
- sandbox name

This allow to a VM based runtime to decide if they need to create a pod VM or
container within the VM pod.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2018-01-17 09:57:20 -06:00
Lantao Liu
025ffe551f Rename kubernetes-incubator/cri-containerd to containerd/cri-containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-10 22:35:33 +00:00
Lantao Liu
aee7a366f3
Merge pull request #525 from abhi/cniip 
Caching IP allocated by CNI plugin
 2018-01-05 00:27:48 -08:00
abhi
f1dbc0b375 Caching IP allocated by CNI plugin 
Signed-off-by: abhi <abhi@docker.com>
 2018-01-04 20:00:55 -08:00
Lantao Liu
31bc964195 Enable HostSpecific option in runtime-tools generator. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-01-03 19:04:47 +00:00
Mike Brown
31223fd5b1 adds oci image spec to image info placed into imagestore 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-12-12 15:58:07 -06:00
abhi
43c05efb22 Revert: Setting containerd shim cgroup same as pod cgroup 
Signed-off-by: abhi <abhi@docker.com>
 2017-12-01 16:03:38 -08:00
Lantao Liu
181d7d5076 Move shim cgroup opts to pkg/containerd/opts. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-12-01 19:18:26 +00:00
abhi
0d6774f4af Setting containerd shim cgroup same as pod cgroup 
Signed-off-by: abhi <abhi@docker.com>
 2017-12-01 08:33:50 -08:00
Mike Brown
4934098e27
Merge pull request #440 from dnephin/use-oci-package 
Use containerd.oci package
 2017-11-28 16:41:26 -06:00
Daniel Nephin
85d3bf0660 Use SpecOpts from new oci package 
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
 2017-11-28 15:30:11 -05:00
Brian Goff
f6fe36d17a Remove explicit unpack on all container creates 
This only performs an unpack if there is an error when creating the
container snapshot (and only if it's a "not found' error) since it should
already be unpacked.

Signed-off-by: Brian Goff <brian.goff@docker.com>
 2017-11-28 14:28:20 -05:00
yanxuean
50cb8a0571 update containerd for refactor 
fix #423

Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2017-11-27 19:24:14 +00:00
abhi
cd5886d647 Adding kube pod and container labels to containerd 
Currently we have the pod and container labels part of
containerd metadata extensions. However for third party users
like cadvisor that depend on standard kube labels will need
to be aware of the way metadata is stored in containerd to
fetch the labels.

Signed-off-by: abhi <abhi@docker.com>
 2017-11-07 22:19:19 -08:00
Lantao Liu
25fdf72692 Add image load. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-27 21:51:04 +00:00
Lantao Liu
f10cc58362 Revert "Put containerd-shim into pod cgroup" 
This reverts commit e9cf1d5909.

Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-27 05:33:55 +00:00
Lantao Liu
5e74cba0f0 Add log of generated id for debugging. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-27 00:11:16 +00:00
Lantao Liu
6c6b337e87 Merge pull request #358 from Random-Liu/unpack-when-creation 
Also unpack image during creation.
 2017-10-26 22:44:07 +02:00
Lantao Liu
acc3f74d5c Also unpack image during creation. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-26 17:57:53 +00:00
Yanqiang Miao
e9cf1d5909 Put containerd-shim into pod cgroup 
Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
 2017-10-26 10:17:12 +08:00
Lantao Liu
bde8b0517e Update kubernetes and containerd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-10-11 06:16:19 +00:00
Mike Brown
d8a3c6b018 adds support for configuring the containerd runtime engine 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-26 20:22:51 -05:00
Lantao Liu
cd57d063c5 Add systemd cgroup support. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-26 06:44:30 +00:00
Lantao Liu
4231473df3 Address comments 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-25 23:09:44 +00:00
Lantao Liu
21233b22be Check seccomp enable and add unit test for seccomp/apparmor. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-25 23:09:26 +00:00
Mike Brown
78a925f57b vendor for new seccomp helpers 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-21 17:37:50 -05:00
Mike Brown
c0a2d152d9 adds seccomp support 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-21 17:22:11 -05:00
yanxuean
e1a7a0ea76 Switch to containerd extension 
fix #251

Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2017-09-21 00:15:10 +08:00
Lantao Liu
71b0d0a043 Use config in service. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-17 06:46:40 +00:00
Lantao Liu
0bfcdd39ab Remove /run mount for backward compatibility with docker. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-09 07:34:00 +00:00
Lantao Liu
c4846745d6 Use WithNewSnapshot for sandbox container. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-09 03:59:58 +00:00
Lantao Liu
f36ef46b35 Use new ocicni. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-07 00:14:12 +00:00
Ian Campbell
0161764ef5 Always use a writeable snapshot as the rootfs. 
This will be made readonly by runc based on spec.Root.Readonly (which we
already set correctly) but defering until then gives runc the chance to make
any missing mount points as it processes the spec.Mount array.

This is necessary because many container images lack mount points for things
like the /etc/hosts which we want to overbind. This is not noticed with e.g.
Docker because it automatically creates an additional layer containing those.
This is something we may want to do here as well eventually but for now using a
writeable snapshot is both necessary and sufficient.

The same does not apply to the sandbox since we never modify its rootfs or want
to mount anything in it etc, add a comment to clarify.

Fixes #220.

Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-09-06 22:20:14 +01:00
Lantao Liu
c3cb1cfde8 Revert "Setting containerd shim cgroup same as pod cgroup" 
This reverts commit 59008c608e.

Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-09-02 04:20:55 +00:00
Mike Brown
4f442de959 adds support for AppArmor 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2017-09-01 18:08:34 -05:00
Lantao Liu
9c49624174 Merge pull request #157 from miaoyq/apply-selinux-opt 
Support selinux options/label
 2017-08-31 16:30:30 -07:00
Abhinandan Prativadi
59008c608e Setting containerd shim cgroup same as pod cgroup 
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
 2017-08-31 15:16:51 -07:00
Yanqiang Miao
0c3304e006 Support selinux options/label 
Support selinux optios/label

Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
 2017-08-31 19:20:12 +08:00
Lantao Liu
ac4f238f48 Cleanup image operations. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-31 00:52:09 +00:00