containerd

Author	SHA1	Message	Date
Harshal Patil	effd82227c	Add support for passing sandbox annotations to runtime Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>	2019-03-21 14:38:14 +05:30
Lantao Liu	0464298b1e	Use clean path for map and comparison. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-03-03 21:19:50 -08:00
Lantao Liu	b2cd840042	Merge pull request #1045 from Random-Liu/fix-env-performance-issue Fix env performance issue	2019-02-12 11:03:33 -08:00
Lantao Liu	877c1cadc1	Include default envs from containerd. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-02-12 10:29:45 -08:00
Lantao Liu	9e2ce3494d	Merge pull request #1042 from Random-Liu/etc-hostname Set /etc/hostname.	2019-02-12 10:15:11 -08:00
Lantao Liu	ec6dd37691	Add env cache. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-02-12 03:02:20 -08:00
Lantao Liu	089d4fbfb8	Set /etc/hostname. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-02-12 00:18:00 -08:00
Sebastiaan van Stijn	51affb8839	Replace util.NormalizeImageRef with reference.ParseDockerRef Using the utility caused other project to have containerd/cri as a dependency, only for this utility. The new `reference.ParseDockerRef` function does the same (it's a copy of this function). Tests were kept for now, but could be removed in future. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-02-07 13:22:58 +01:00
Lantao Liu	83af4dad87	Support unknown state for sandbox and container Signed-off-by: Lantao Liu <lantaol@google.com>	2019-02-05 11:56:24 -08:00
Lantao Liu	d9914c8dbd	Always fallback to the new runtime options. Signed-off-by: Lantao Liu <lantaol@google.com>	2019-01-24 00:59:02 -08:00
Akihiro Suda	cd8231ab2a	support DisableCgroup, DisableApparmor, RestrictOOMScoreAdj Add following config for supporting "rootless" mode * DisableCgroup: disable cgroup * DisableApparmor: disable Apparmor * RestrictOOMScoreAdj: restrict the lower bound of OOMScoreAdj Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>	2019-01-03 05:12:04 +09:00
Lantao Liu	459e481808	Update code for golang 1.11 gofmt. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-11-07 16:08:58 -08:00
Lantao Liu	c1740d8291	Manage mount lifecycle and remove cached state Signed-off-by: Lantao Liu <lantaol@google.com>	2018-10-24 11:00:25 -07:00
Lantao Liu	1442425f92	Support runtime specific configurations. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-10-08 17:17:29 -07:00
Lantao Liu	db68300a5a	Manage unmanaged images in k8s.io namespace Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-27 11:19:11 -07:00
Lantao Liu	fe0cd3672b	Merge pull request #865 from Random-Liu/cache-image-reference Cache image reference	2018-09-10 16:21:57 -07:00
Lantao Liu	953d67d250	Create image reference cache. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-10 11:30:52 -07:00
Lantao Liu	f08a90ff64	Fix hostname env. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-10 10:58:17 -07:00
Lantao Liu	063f8158f8	Sort volume mount. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-09-04 22:43:37 -07:00
Yanqiang Miao	a87bda08c0	update selinux to b6fa367 Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>	2018-08-14 08:33:43 +08:00
Yanqiang Miao	415727cd9f	verify selinux level format Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>	2018-08-14 08:33:34 +08:00
Lantao Liu	952e53bf58	Add registry auth config, and use docker resolver in containerd. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-07-09 19:08:48 -07:00
Akihiro Suda	097249054d	vendor containerd (#2135 ) For containerd/containerd#2135 Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>	2018-06-02 23:10:59 +09:00
Evan Hazlett	d7d2212324	vendor bump Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> containerd: linux -> runtime/linux Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> fix utils to properly format vendor repo Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> test fixup Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>	2018-05-30 19:51:24 -04:00
Mike Brown	94df315de8	adds volatile state directory to the fs plan for cntrs/pods/fifo Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-03-24 00:05:52 +00:00
Lantao Liu	ca67f94ee0	Address comments for privileged runtime code. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-23 02:17:46 +00:00
Jose Carlos Venegas Munoz	ca16bd601a	runtime: Add trusted runtime option Some CRI compatible runtimes may not support provileged operations. Specifically hypervisor based runtimes (like kata-containers, cc-runtime and runv) do not support privileged operations like: - Provide access to the host namespaces - Create fully privileged containers with access to host devices Hypervisor based runtimes create container workloads within virtual machines. When a running host privileged containers using them, they wont provide support to requested the privileged opertations. This commits add the new options to define two runtimes: Trusted runtime : Used when a privileged container is requested. Default runtime : for non-privileged workloads. A container that belongs to a privileged pod will inherent this property an will be created with the trusted runtime. - Add options to define trusted runtime - Add logic to decide if a sanbox is trusted - Export annotation containers below to a trusted sandbox Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>	2018-03-20 13:56:49 -06:00
Lantao Liu	387da59ee5	Rename all variables to remove "cricontainerd". Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-19 21:59:32 +00:00
Lantao Liu	e1fe1abff0	Use `github.com/pkg/errors` Signed-off-by: Lantao Liu <lantaol@google.com>	2018-03-17 02:24:38 +00:00
abhi	2bdf428eb7	Removing DAD config and updating plugins to v0.7.0 Signed-off-by: abhi <abhi@docker.com>	2018-03-16 14:46:46 -07:00
Lantao Liu	1dcbf4f742	Merge pull request #663 from abhi/cni Moving to use go-cni library from containerd	2018-03-15 17:53:50 -07:00
abhi	003bbd4292	Modifying fake cni plugin Signed-off-by: abhi <abhi@docker.com>	2018-03-15 17:05:33 -07:00
yanxuean	7583bce4ab	some comments Signed-off-by: yanxuean <yan.xuean@zte.com.cn>	2018-03-15 15:55:54 +08:00
abhi	92110e1d74	Moving to use go-cni library from containerd This fix aims to use the cni library form containerd. The library avoid usage of nsenter. Signed-off-by: abhi <abhi@docker.com>	2018-03-14 19:25:54 -07:00
Mike Brown	d4e7154625	move links for cri-containerd to cri Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2018-03-13 17:06:26 -05:00
Lantao Liu	46fc92f65f	Use new namespace mode and support shared pid namespace. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-02-08 03:10:57 +00:00
abhi	f3ccd85891	Adding Registry Mirror support This commit aims to add registy mirror support similar to docker. The UI is similar to docker where user can provide mirror urls and the image resolves against the provided mirrors before fetching from default docker regitry mirror url. Signed-off-by: abhi <abhi@docker.com>	2018-01-31 10:47:34 -08:00
Lantao Liu	2b6f084f36	Disable IPv6 dad by default. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-01-22 23:54:16 +00:00
Lantao Liu	7d18d61674	Move cgroup and oom score setting to cmd. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-01-19 01:35:36 +00:00
Lantao Liu	025ffe551f	Rename kubernetes-incubator/cri-containerd to containerd/cri-containerd. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-01-10 22:35:33 +00:00
Lantao Liu	31bc964195	Enable HostSpecific option in runtime-tools generator. Signed-off-by: Lantao Liu <lantaol@google.com>	2018-01-03 19:04:47 +00:00
Lantao Liu	a9c7237e67	Merge pull request #470 from mikebrow/debug-image adding info map for verbose image status	2017-12-12 15:09:57 -08:00
Mike Brown	31223fd5b1	adds oci image spec to image info placed into imagestore Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2017-12-12 15:58:07 -06:00
yason	41c8763e2b	improve calling for content Signed-off-by: yason <yan.xuean@zte.com.cn>	2017-12-11 15:28:10 +08:00
yanxuean	b4ebf2d7a7	improve localResolve Signed-off-by: yanxuean <yan.xuean@zte.com.cn>	2017-11-23 10:56:12 +08:00
abhi	cd5886d647	Adding kube pod and container labels to containerd Currently we have the pod and container labels part of containerd metadata extensions. However for third party users like cadvisor that depend on standard kube labels will need to be aware of the way metadata is stored in containerd to fetch the labels. Signed-off-by: abhi <abhi@docker.com>	2017-11-07 22:19:19 -08:00
Lantao Liu	25fdf72692	Add image load. Signed-off-by: Lantao Liu <lantaol@google.com>	2017-10-27 21:51:04 +00:00
Yanqiang Miao	c65921b16a	Get the mountInfo by 'LookupMount' in containerd Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>	2017-10-12 11:09:24 +08:00
Mike Brown	d8a3c6b018	adds support for configuring the containerd runtime engine Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2017-09-26 20:22:51 -05:00
Lantao Liu	cd57d063c5	Add systemd cgroup support. Signed-off-by: Lantao Liu <lantaol@google.com>	2017-09-26 06:44:30 +00:00

1 2

92 Commits