This is needed to support daemon restart as the unix socket is recreated at
every start.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Define the release process for containerd and outline the components
that are and are not covered by versioning guarantees. Please read the
document for details.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Because runc will delete a container after a successful checkpoint we
need to handle a NotFound error from runc on delete.
There is also a race between SIGKILL'ing the shim and it actually
exiting to unmount the tasks rootfs, we need to loop and wait for the
task to actually be reaped before trying to delete the rootfs+bundle.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This adds a `stress` binary to help stress test containerd. It is
different from a benchmarking tool as it only gives a simple summary at
the end.
It is built to run long, multi hour/day stress tests across builds of
containerd.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
By moving the binaries to be rooted at `bin/` in the tar file,
installation can be done from a tar file in one fell swoop:
```console
$ make release
$ sudo tar -C /usr/local -xvf releases/containerd-1.0.0-alpha3-72-ge6ba48f2.m.linux-amd64.tar.gz
```
Signed-off-by: Stephen J Day <stephen.day@docker.com>
The argument order, naming and behavior of the snapshots command didn't
really follow any of the design constraints or conventions of the
`Snapshotter` interface. This brings the command into line with that
interface definition.
The `snapshot archive` command has been removed as it requires more
thought on design to correctly emit diffs.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
After some analysis, it was found that Content.Reader was generally
redudant to an io.ReaderAt. This change removes `Content.Reader` in
favor of a `Content.ReaderAt`. In general, `ReaderAt` can perform better
over interfaces with indeterminant latency because it avoids remote
state for reads. Where a reader is required, a helper is provided to
convert it into an `io.SectionReader`.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Use lchown when remapping the container's rootfs as to ensure that the
symlink has the correct permissions but the underlying file that it
points to is not modified.
Remapping on the host can cause host files to change outside of the
rootfs if symlinks are dereferenced.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Use the CopyFileRange and Lsetxattr from golang.org/x/sys/unix instead
of their counterparts from github.com/containerd/continuity/sysx. These
are 1:1 replacements (except for the fd parameter types in
CopyFileRange).
This will eventually allow to remove these functions there as well.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
The syscall package is locked down and the comment in [1] advises to
switch code to use the corresponding package from golang.org/x/sys. Do
so and replace usage of package syscall with package
golang.org/x/sys/{unix,windows} where applicable.
[1] https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24
This will also allow to get updates and fixes for syscall wrappers
without having to use a new go version.
Errno, Signal and SysProcAttr aren't changed as they haven't been
implemented in x/sys/. Stat_t from syscall is used if standard library
packages (e.g. os) require it. syscall.ENOTSUP, syscall.SIGKILL and
syscall.SIGTERM are used for cross-platform files.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Add an option that allows users for force kill and delete a process/task
when calling `Delete`
Fixes#1274
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
