Because we merged the PR that added the API descriptors and modified the
API at the same time. This updates the protobufs to be consistent.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
This removes the metric vec that was holding onto all task id and
namespace combinations forever, until containerd was restarted. This
was causing a memory leak with many task.
This also removes the shim cmd where the `Args` is quite large from the
reaper after the shim has been started cutting down on another leak.
This is the first pass through the reaper but more code is required to
fix all the issues when commands are added.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Make sure we wait for the client side copy goroutines to start coping
from the fifos before returning from the function.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Previously "`/`" in a container was always owned by `root:root` (0/0), even if
`withRemappedSnapshot` had been used. Meaning that if `withUserNamespace` is
used then `/` can be remapped to `nobody:nogroup` (65534/65534).
The fix is is twofold:
- incrementFS should operate on the root of the tree.
- when creating a new snapshot we must propagate the ownership of the topmost
"lower" directory into the new "upper".
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
We were not checking the error value of `Kill` leading to deadlock if the
process didn't exist.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
This adds null IO option for efficient handling of IO.
It provides a container directly with `/dev/null` and does not require
any io.Copy within the shim whenever a user does not want the IO of the
container.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Adding image.Config,image.Size,image.RootFS to retrieve the internal image information
which will be needed by consumers of containerd
Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
This could render tasks for a container unresolvalbe. If there is a use
case for changing the runtime of a container, we should think it through
carefully.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Differ is updated to set a label for the uncompressed hash
of compressed content. This allows compressed blobs to
be used and looked up for their uncompressed hashes.
Uses commit options to set labels.
Updates rootfs default to create compressed archives.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Add commit options which allow for setting labels on commit.
Prevents potential race between garbage collector reading labels
after commit and labels getting set.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
