github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
3,094 Commits 3 Branches 2 Tags 112 MiB
eda50b1fa6
Commit Graph

3094 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kenfe-Mickaël Laventure
49e3d43ff2 Merge pull request #1443 from crosbymichael/daemon-cgroup 
Place containerd inside cgroup
 2017-08-30 10:45:19 -07:00
Michael Crosby
932246b575 Place containerd inside cgroup 
This adds a config option to place the `containerd` daemon process into
a cgroup so that proper resource usage and accounting can be applied.

It defaults to not being place inside a cgroup and will create a new
cgroup if the `path` does not exist in the config or join an existing
`path` if it already exists.

```toml
[cgroup]
    path = "/containerd"
```

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-29 15:00:27 -04:00
Michael Crosby
c3711c3866 Merge pull request #1319 from mlaventure/handle-sigkilled-shim 
Handle sigkilled shim
 2017-08-29 14:06:17 -04:00
Michael Crosby
744308a952 Merge pull request #1440 from mlaventure/fix-shim-panic 
Fix panic in CloseIO when not Stdin was allocated for a process
 2017-08-29 13:33:05 -04:00
Kenfe-Mickael Laventure
42b131c1f3
Allow setting runtime options when using WithRuntime() 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 10:03:51 -07:00
Kenfe-Mickael Laventure
1c92c0ecbf
Fix panic in CloseIO when not Stdin was allocated for a process 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 09:58:48 -07:00
Kenfe-Mickaël Laventure
456e1697ee Merge pull request #1438 from crosbymichael/apparmor 
Add default apparmor profile generation
 2017-08-29 09:55:34 -07:00
Phil Estes
7dd87c35ee Merge pull request #1436 from crosbymichael/security 
Add security mailing list to readme and releases
 2017-08-29 12:19:59 -04:00
Michael Crosby
2b46989dbe Add default apparmor profile generation 
This adds default apparmor profile generation to the containerd client
so that profiles can be generated with a SpecOpt

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-29 12:03:24 -04:00
Kenfe-Mickael Laventure
edd1da8591
Use configured runtime when cleaning up after dead shim 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
700120c066
Don't build binaries when running make vet 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
3f34c421d3
Add missing "/tasks/exec-started" event topic 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
dbd3eff1e6
containerd: add state flag to specify state dir 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
d541567119
Handle SIGKILL'ed shim while daemon is running 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
c23f29ebce
containerd-shim: Don't try to delete container twice 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
eb4abac9f7
linux: Prevent deadlock in reaper.WaitPid() 
A deadlock can occurs if `WaitPid()` is called twice before the process
dies.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Kenfe-Mickael Laventure
9923a49e97
linux/shim: Kill container upon SIG{TERM,KILL} 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-29 08:27:44 -07:00
Michael Crosby
6ec92ddbc9 Merge pull request #1437 from darrenstahlmsft/LCOWConfig 
LCOW: Split Windows and Linux HCS config generation
 2017-08-29 10:28:00 -04:00
Darren Stahl
d0b613665a Split Windows config generation to support LCOW 
Signed-off-by: Darren Stahl <darst@microsoft.com>
 2017-08-28 18:05:55 -07:00
Darren Stahl
4a782f7b54 Vendor opengcs and hcsshim 
Signed-off-by: Darren Stahl <darst@microsoft.com>
 2017-08-28 15:07:51 -07:00
Michael Crosby
6b6ac8e9f0 Add security mailing list to readme and releases 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-28 17:17:50 -04:00
Michael Crosby
cf09e32618 Merge pull request #1435 from Random-Liu/with-process-kill-all 
WithProcessKill should kill all processes.
 2017-08-28 14:49:18 -04:00
Lantao Liu
2f237b2fde WithProcessKill should kill all processes. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-28 18:39:00 +00:00
Kenfe-Mickaël Laventure
31b5bb9107 Merge pull request #1434 from crosbymichael/kill-all 
Add KillOpts for killing all processes
 2017-08-28 11:07:12 -07:00
Michael Crosby
ed6b8fb0aa Add KillOpts for killing all processes 
Fixes #1431

This adds KillOpts so that a client can specify when they want to kill a
single process or all the processes inside a container.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-28 13:29:47 -04:00
Michael Crosby
a19761874e Merge pull request #1428 from mlaventure/go1.9 
Use golang 1.9 on CI
 2017-08-28 10:56:28 -04:00
Michael Crosby
b9879d46f4 Merge pull request #1433 from Random-Liu/fix-with-user-id 
WithUserID should not return error when /etc/passwd doesn't exist.
 2017-08-28 10:10:41 -04:00
Lantao Liu
410bcea236 WithUserID should not return error when /etc/passwd doesn't exist. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-28 05:57:49 +00:00
Michael Crosby
360e46ddda Merge pull request #1429 from dmcgowan/client-use-root-path 
Use RootPath for resolving path inside of an image
 2017-08-25 16:23:28 -04:00
Derek McGowan
44e266b7a7
Use RootPath for resolving path inside of an image 
Prevents unintentional lookup of host passwd file

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2017-08-25 13:16:46 -07:00
Michael Crosby
e4a77fcc0a Merge pull request #1425 from Random-Liu/add-with-user-id 
Add WithUserID which gets uid and gid from image's /etc/passwd.
 2017-08-25 16:00:49 -04:00
Lantao Liu
bb9e2bfa43 Add WithUserID which gets uid and gid from image's /etc/passwd. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2017-08-25 19:52:48 +00:00
Derek McGowan
ab1968d590 Merge pull request #1427 from crosbymichael/states 
Add procesStates for shim processes
 2017-08-25 12:03:27 -07:00
Derek McGowan
fb427da12f Merge pull request #1424 from crosbymichael/load-exec 
Add LoadProcess api to Task
 2017-08-25 11:50:56 -07:00
Derek McGowan
1a77db1a2a Merge pull request #1423 from crosbymichael/events 
Add Events client method
 2017-08-25 11:45:55 -07:00
Michael Crosby
967497097a Add procesStates for shim processes 
Use the state pattern to handle process transitions from one state to
another and what actions can be performed on a process in a specific
state.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-25 14:03:55 -04:00
Kenfe-Mickael Laventure
34c25e07e8
Use golang 1.9 on AppVeyor CI 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-25 08:58:40 -07:00
Kenfe-Mickael Laventure
77b98f0590
Use golang 1.9 on Travis CI 
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
 2017-08-25 08:34:04 -07:00
Michael Crosby
b3303b55c1 Add LoadProcess api to Task 
Fixes #1374

This adds a `LoadProcess` api to load existing exec'd processes from a
task.  It allows reattaching of IO and waiting on the process.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 16:30:34 -04:00
Kenfe-Mickaël Laventure
a6ce1ef2a1 Merge pull request #1413 from crosbymichael/user-opts 
Implement WithUsername for /etc/passwd lookup
 2017-08-24 11:49:23 -07:00
Michael Crosby
2052b76fa7 Change WithSpec to take SpecOpts 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 14:32:41 -04:00
Michael Crosby
421c607c54 Add Events client method 
Fixes #1381

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 11:10:01 -04:00
Michael Crosby
5c7f67186a Add libcontainer/user package for passwd parsing 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Michael Crosby
f66f0fb7a0 Update windows SpecOpts in tests 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Michael Crosby
f436f4c828 Add WithUsername spec opt 
This option will mount and inspect the /etc/passwd file of an image to
get the uid/gid of a user.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Michael Crosby
c601606f84 Move spec generation to Container Create 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Michael Crosby
fa14f2ef3a Add context and client to SpecOpts 
In order to do more advanced spec generation with images, snapshots,
etc, we need to inject the context and client into the spec generation
code.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Michael Crosby
ba69f5d488 Add WithUserIDs SpecOpt 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-08-24 10:32:16 -04:00
Derek McGowan
f05281743e Merge pull request #1420 from dmcgowan/alpha6 
release: updated version to alpha6
 2017-08-23 15:36:13 -07:00
Derek McGowan
b14c2cce11
release: updated version to alpha6 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2017-08-23 15:09:32 -07:00