github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
9,017 Commits 3 Branches 2 Tags 112 MiB
f8538b5e12
Commit Graph

9017 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Estes
54a63a3dd6
Merge pull request #5088 from Iceber/update-linuxkit-readme 
update linuxkit readme
 2021-03-01 10:23:29 -05:00
Phil Estes
1f801c02ce
Merge pull request #5099 from AkihiroSuda/cache-vagrant 
CI: cache ~/.vagrant.d/boxes
 2021-03-01 09:53:37 -05:00
Akihiro Suda
4702af9178
CI: cache ~/.vagrant.d/boxes 
For deflaking `vagrant up`

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-03-01 15:01:47 +09:00
Akihiro Suda
9ade247b38
overlay: support "userxattr" option (kernel 5.11) 
The "userxattr" option is needed for mounting overlayfs inside a user namespace with kernel >= 5.11.

The "userxattr" option is NOT needed for the initial user namespace (aka "the host").

Also, Ubuntu (since circa 2015) and Debian (since 10) with kernel < 5.11 can mount the overlayfs in a user namespace without the "userxattr" option.

The corresponding kernel commit: 2d2f2d7322ff43e0fe92bf8cccdc0b09449bf2e1
> ovl: user xattr
>
> Optionally allow using "user.overlay." namespace instead of "trusted.overlay."
> ...
> Disable redirect_dir and metacopy options, because these would allow privilege escalation through direct manipulation of the
> "user.overlay.redirect" or "user.overlay.metacopy" xattrs.

Fix issue 5060

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-03-01 13:54:51 +09:00
Iceber Gu
ba199129b6
update linuxkit readme 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2021-03-01 12:00:56 +08:00
Derek McGowan
10bbd1a462
Merge pull request #5051 from wzshiming/fix/missing-close 
Fix missing close
 2021-02-26 14:59:43 -08:00
Maksym Pavlenko
46c9746507
Merge pull request #5064 from Iceber/fix-redundant-slice 
oci: fix superfluous slice operations
 2021-02-26 09:44:50 -08:00
Derek McGowan
07a3ce3d7f
Merge pull request #5080 from dmcgowan/prepare-1.5.0-beta.2 
Prepare 1.5.0-beta.2 release
 2021-02-26 08:52:27 -08:00
Derek McGowan
9884730e5c
Merge pull request #5069 from AkihiroSuda/restart-fast 
restart: skip Sleep() for the first iteration of the reconcilation
 2021-02-25 16:37:53 -08:00
Mike Brown
4379557924
Merge pull request #5086 from eramos2/revise-docs 
Fixed wording in docs, and broken link
 2021-02-25 15:32:25 -06:00
Phil Estes
8dbe53a2a9
Merge pull request #5070 from yoheiueda/empty-masked 
cri: set default masked/readonly paths to empty paths
 2021-02-25 15:38:45 -05:00
alexyadon
c61f0ceada
Fix broken docs links (#5085) 
* docs: fix broken links

Signed-off-by: Alex Yadon <alex.yadon@ibm.com>

* docs: use relative paths

Signed-off-by: Alex Yadon <alex.yadon@ibm.com>
 2021-02-25 14:09:49 -06:00
Iceber Gu
f7f6aabfff oci: fix superfluous slice operations 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2021-02-26 02:35:25 +08:00
Emmanuel Ramos
224efa9dae Fixed wording in docs, and broken link 
Signed-off-by: Emmanuel Ramos <emmanuel.ramos2@ibm.com>
 2021-02-25 13:18:13 -05:00
Phil Estes
2bc8c779c5
Merge pull request #5068 from AkihiroSuda/restart-test 
restart: add an integration test
 2021-02-25 12:16:51 -05:00
Michael Crosby
119fe70469
Merge pull request #5071 from AkihiroSuda/restart-parallel 
restart: parallelize reconcile()
 2021-02-25 11:33:26 -05:00
Phil Estes
7738370db7
Merge pull request #5083 from AkihiroSuda/remove-dep-gocapability 
drop dependency on github.com/syndtr/gocapability
 2021-02-25 10:48:21 -05:00
Akihiro Suda
7ee610edb5
drop dependency on github.com/syndtr/gocapability 
pkg/cap has the full list of the caps (for UT, originally),
so we can drop dependency on github.com/syndtr/gocapability

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 15:17:28 +09:00
Akihiro Suda
9822173354
cap: rename FromUint64 to FromBitmap 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 15:02:10 +09:00
Akihiro Suda
6ab6eaa790
restart: skip Sleep() for the first iteration of the reconcilation 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 13:30:38 +09:00
Akihiro Suda
36df282dcb
restart: add an integration test 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 13:30:22 +09:00
Akihiro Suda
b23dc1131e
restart: parallelize reconcile() 
The only shared variable `m.client` is thread-safe, so we can safely
parallelize the loops.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 13:30:00 +09:00
Derek McGowan
f38a797034
Prepare release notes for 1.5.0-beta.2 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2021-02-24 08:56:20 -08:00
Yohei Ueda
07f1df4541
cri: set default masked/readonly paths to empty paths 
Fixes #5029.

Signed-off-by: Yohei Ueda <yohei@jp.ibm.com>
 2021-02-24 23:50:40 +09:00
Phil Estes
af4c55fa4a
Merge pull request #5078 from AkihiroSuda/fix-5077 
CI: fix "ls: cannot access '/etc/cni/net.d': Permission denied"
 2021-02-24 09:01:39 -05:00
Akihiro Suda
b4ef1e9dc7
CI: fix "ls: cannot access '/etc/cni/net.d': Permission denied" 
The CI host was probably updated recently and the permission bits of the
directory was changed.

Fix 5077

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-24 19:11:10 +09:00
Phil Estes
757be0a090
Merge pull request #5017 from AkihiroSuda/parse-cap 
oci.WithPrivileged: set the current caps, not the known caps
 2021-02-23 09:10:57 -05:00
Mike Brown
9173d3e929
Merge pull request #5021 from wzshiming/fix/signal_repeatedly 
Fix repeated sending signal
 2021-02-22 09:45:56 -06:00
Phil Estes
08d765af95
Merge pull request #5028 from Iceber/runtime-spec 
oci: fix the file mode of the device
 2021-02-22 09:25:56 -05:00
Fu, Wei
096e99fe7e
Merge pull request #5057 from estesp/moar-time 
Tune test timeouts for GH Actions
 2021-02-20 10:17:24 +08:00
Phil Estes
13f904cde2
Tune test timeouts for GH Actions 
We have enough failures these days; getting timed out when tests are
almost done is the last thing we need :)

On avg. the Linux integration tests are taking 15-17 min, but sometimes
they end up at 20 or a bit over and get canceled. I've seen rare cases
where the Vagrant setup+build+test runs gets very close to 40 min as
well.

Signed-off-by: Phil Estes <estesp@amazon.com>
 2021-02-19 16:27:43 -05:00
Phil Estes
e58be59cbd
Merge pull request #5054 from jterry75/fix_env_windows 
cri: append envs from image config to empty slice to avoid env lost
 2021-02-18 20:40:44 -05:00
Justin Terry (SF)
06e4e09567 cri: append envs from image config to empty slice to avoid env lost 
Signed-off-by: Justin Terry (SF) <juterry@microsoft.com>
 2021-02-18 16:39:28 -08:00
Phil Estes
c32ccdf8be
Merge pull request #5024 from yadzhang/deepcopy-imageconfig 
cri: append envs from image config to empty slice to avoid env lost
 2021-02-18 12:51:51 -05:00
Phil Estes
d30a6c005f
Merge pull request #5045 from wzshiming/fix/file-not-closed 
FIx file is not closed
 2021-02-18 12:45:19 -05:00
Shiming Zhang
5e4acc0436 Fix file is not closed 
Signed-off-by: Shiming Zhang <wzshiming@foxmail.com>
 2021-02-18 21:38:44 +08:00
Shiming Zhang
05ef2fe2fb Fix missing close 
Signed-off-by: Shiming Zhang <wzshiming@foxmail.com>
 2021-02-18 13:21:42 +08:00
Akihiro Suda
746cef0bc2
Merge pull request #5044 from wzshiming/fix/empty-error-warpping 
Fix empty error warpping
 2021-02-18 13:47:13 +09:00
zhangyadong.0808
08318b1ab9 cri: append envs from image config to empty slice to avoid env lost 
Signed-off-by: Yadong Zhang <yadzhang@gmail.com>
 2021-02-18 11:37:41 +08:00
Shiming Zhang
59db8a10e0 Fix empty error warpping 
Signed-off-by: Shiming Zhang <wzshiming@foxmail.com>
 2021-02-18 11:06:59 +08:00
Phil Estes
a98c83c2d4
Merge pull request #5033 from chrisfregly/master 
Fix TestRuntimeHandler logging
 2021-02-17 21:53:17 -05:00
Chris Fregly
80e1d98f6b fix: issue #5032 
Signed-off-by: Chris Fregly <cfregly@ibm.com>
 2021-02-17 18:21:17 -08:00
Justin
0cc3991387
Merge pull request #4912 from dcantah/dcantah/wcow-sandbox-size 
Scratch size customization and UVM scratch creation for WCOW snapshotter
 2021-02-17 15:19:19 -08:00
Shiming Zhang
dc6f5ef3b9 Fix repeated sending signal 
Signed-off-by: Shiming Zhang <wzshiming@foxmail.com>
 2021-02-17 21:33:49 +08:00
Michael Crosby
41e3057cc6
Merge pull request #5025 from jeremyje/win20h2 
Add references to Windows 20H2 test images.
 2021-02-12 11:58:49 -05:00
Maksym Pavlenko
88d97362b3
Merge pull request #5027 from kevpar/config-check 
Improve error detection when loading config
 2021-02-10 14:37:31 -08:00
Phil Estes
2adb2ea64c
Merge pull request #4973 from lorenz/move-netns-into-statedir 
Allow moving netns directory into StateDir
 2021-02-10 13:08:50 -05:00
Lorenz Brun
36d0bc1f2b Allow moving netns directory into StateDir 
Signed-off-by: Lorenz Brun <lorenz@nexantic.com>
 2021-02-10 18:33:14 +01:00
Mike Brown
e288feacf3
Merge pull request #5026 from crosbymichael/cni-anno 
[cri] add pod annotations to CNI call
 2021-02-10 09:21:58 -06:00
Akihiro Suda
51f985cb1f
oci: move cap UT to _linux_test.go 
No substantial code change

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-10 17:42:18 +09:00