containerd

Author	SHA1	Message	Date
Maksym Pavlenko	38f19f991e	Add config flag to default empty seccomp profile This changes adds `default_seccomp_profile` config switch to apply default seccomp profile when not provided by k8s.a Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2020-05-08 13:24:38 -07:00
Lantao Liu	3a7fef51fc	Create etcd user in cloud init. Signed-off-by: Lantao Liu <lantaol@google.com>	2020-05-08 10:14:53 -07:00
Mike Brown	65830369b6	Merge pull request #1468 from fuweid/me-change-rollback RunPodSandbox: destroy network if fails or invalid	2020-05-01 18:09:07 -05:00
Wei Fu	9c506d0af4	Merge pull request #1465 from dsyer/master Clarify that plugin names are long in version = 2	2020-05-01 12:09:28 +08:00
Wei Fu	48e797c77f	RunPodSandbox: destroy network if fails or invalid Should destroy the pod network if fails to setup or return invalid net interface, especially multiple CNI configurations. Signed-off-by: Wei Fu <fuweid89@gmail.com>	2020-05-01 12:07:33 +08:00
Mike Brown	dc7afe8fbe	Merge pull request #1466 from ktock/parallel-snapshot Pass chained layer digests to snapshotter for parallel snapshot preparation	2020-04-28 11:12:37 -05:00
ktock	ca661c8dc9	Pass chained layer digests to snapshotter for parallel snapshot preparation Currently, CRI plugin passes each layer digest to remote snapshotters sequentially, which leads to sequential snapshots preparation. But it costs extra time especially for remote snapshotters which need to connect to the remote backend store (e.g. registries) for checking the snapshot existence on each preparation. This commit solves this problem by introducing new label `containerd.io/snapshot/cri.chain` for passing all layer digests in an image to snapshotters and by allowing them to prepare these snapshots in parallel, which leads to speed up the preparation. Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>	2020-04-28 15:03:08 +09:00
Dave Syer	5ac8515bf0	Clarify that plugin names are long in version = 2 Otherwise it's confusing for readers who just need quick reference for plugin configurations. Signed-off-by: Dave Syer <dsyer@pivotal.io>	2020-04-27 14:35:41 +01:00
Mike Brown	4ea4ca99c7	Merge pull request #1455 from 6WIND/master fix incomplete host device for PrivilegedWithoutHostDevices	2020-04-26 22:28:20 -05:00
Wei Fu	197dca5a35	Merge pull request #1464 from mikebrow/test-apparmor-profile move up to latest critools; add apparmor profile check	2020-04-27 11:16:28 +08:00
Mike Brown	776c125e4f	move up to latest critools; add apparmor profile check Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-26 16:16:48 -05:00
Mike Brown	14c4b47bb1	Merge pull request #1459 from mikebrow/containerd-project-readme link readme to containerd/project	2020-04-23 10:19:34 -05:00
Mike Brown	6b01946938	link readme to containerd/project repo Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-23 09:26:12 -05:00
Mike Brown	2db26cc9f0	Merge pull request #1458 from mikebrow/copyright-alignment use containerd/project header test	2020-04-23 07:32:13 -05:00
Phil Estes	4147010574	Merge pull request #1457 from hickeyma/fix-docs Add improvement to docs	2020-04-23 08:29:16 -04:00
Martin Hickey	02307da36d	Add improvement to docs Some small improvements to docs of things I found while using the docs. Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>	2020-04-23 09:47:54 +00:00
Mike Brown	1b60224e2e	use containerd/project header test Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-22 19:35:37 -05:00
Thibaut Collet	98f8ec4995	fix incomplete host device for PrivilegedWithoutHostDevices For a privilege pods with PrivilegedWithoutHostDevices set to true host device specified in the config are not provided (whereas it is done for non privilege pods or privilege pods with PrivilegedWithoutHostDevices set to false as all devices are included). Add them in this case. Fixes: `3353ab76d9` ("Add flag to overload default privileged host device behaviour") Signed-off-by: Thibaut Collet <thibaut.collet@6wind.com>	2020-04-22 18:20:36 +02:00
Derek McGowan	befc70b444	Merge pull request #1456 from mikebrow/fix-deprecated-greeting remove broken greetings github action	2020-04-21 15:57:42 -07:00
Mike Brown	f673f0cf5c	remove greetings due to security issue Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-21 17:00:45 -05:00
Wei Fu	6b669315bc	Merge pull request #1454 from mikebrow/project-dco-integration-for-make use project dco test locally	2020-04-21 23:00:13 +08:00
Wei Fu	a45f57bcf1	Merge pull request #1375 from jdewinne/registry-doc Update registry.md for auth config	2020-04-21 16:25:08 +08:00
Joris De Winne	050e8c63c0	Update registry.md for auth config Signed-off-by: Joris De Winne <joris.dewinne@gmail.com>	2020-04-20 21:19:35 -07:00
Mike Brown	0049d4f973	use project dco test locally Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-20 14:57:07 -05:00
Mike Brown	9d37687a95	Merge pull request #1436 from chethanah/add-container-name-annot Support for additional OCI annotations: 'container-name'	2020-04-19 13:19:47 -05:00
Wei Fu	f3e44466d6	Merge pull request #1451 from mikebrow/split-validate-from-build-and-test split tests and some refactoring	2020-04-19 10:30:55 +08:00
Mike Brown	b838ac8c2e	split tests and some refactoring Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-17 15:32:37 -05:00
Mike Brown	c6c9268eb0	Merge pull request #1450 from yylt/add-scheme-endpoint add default scheme when mirrors no scheme	2020-04-17 12:00:48 -05:00
yang yang	d07f7f167a	add default scheme if endpoint no scheme Signed-off-by: yang yang <yang8518296@163.com>	2020-04-17 23:33:28 +08:00
Mike Brown	61b7af7564	Merge pull request #1446 from mikebrow/remove-travis have moved these tests to github actions	2020-04-16 18:56:49 -05:00
Mike Brown	27f911d663	removes the error when tls is configured for https but http is tried first Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-16 13:23:56 -05:00
Mike Brown	3fc5a909d1	have moved these tests to github actions Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-16 12:17:21 -05:00
Mike Brown	7ccd3f7d7e	Merge pull request #1431 from ktock/stargz Enable to pass additional handler on pull for stargz-based remote snapshots	2020-04-16 12:02:02 -05:00
ktock	c1b7bcf395	Enable to pass additional handler on pull for stargz-based remote snapshots Throughout container lifecycle, pulling image is one of the time-consuming steps. Recently, containerd community started to tackle this issue with stargz-based remote snapshots, as a non-core subproject(https://github.com/containerd/stargz-snapshotter). This snapshotter is implemented as a standard proxy plugin but it requires the client to pass some additional information (image ref and layer digest) for each pull operation to query layer contents on the registry. Stargz snapshotter project provides an image handler to do this and stargz snapshot users need to pass this handler to containerd client. This commit enables to use stargz-based remote snapshots through CRI by passing the handler to containerd client on pull operation. Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>	2020-04-16 20:53:52 +09:00
Wei Fu	45f0e21d2c	Merge pull request #1445 from mikebrow/move-travis-to-github-actions adds git hub actions for linux CI	2020-04-16 12:28:49 +08:00
Chethan Suresh	7fc8652e32	Add OCI annotations for container name Along with type(Sandbox or Container) and Sandbox name annotations provide support for additional annotation: - Container name This will help us perform per container operation by comparing it with pass through annotations (eg. pod metadata annotations from K8s) Signed-off-by: Chethan Suresh <Chethan.Suresh@sony.com>	2020-04-16 07:14:58 +05:30
Mike Brown	67de3e4ccf	adds git hub actions for linux CI Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-15 17:25:10 -05:00
Mike Brown	68a84f7878	Merge pull request #1438 from zhsj/use-containerd-reference Replace docker/distribution/reference with containerd/reference/docker	2020-04-15 14:58:43 -05:00
Mike Brown	6e980b9efd	Merge pull request #1443 from dims/build-runc-with-selinux-support Build runc with selinux support	2020-04-15 14:43:42 -05:00
Shengjing Zhu	4cee89baf5	Update vendor after dropping depends distribution/reference Signed-off-by: Shengjing Zhu <i@zhsj.me>	2020-04-16 03:30:43 +08:00
Shengjing Zhu	4263229a7b	Replace docker/distribution/reference with containerd/reference/docker Since https://github.com/containerd/containerd/pull/3728 The docker/distribution/reference package is copied into containerd core Signed-off-by: Shengjing Zhu <i@zhsj.me>	2020-04-16 03:29:58 +08:00
Davanum Srinivas	2b162b6c11	update selinux dependency to fix test failures Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-04-15 14:59:43 -04:00
Davanum Srinivas	e4ad53f2c2	Build runc with selinux support docker-ce seems to be building runc with selinux support, let us follow the same pattern here please: https://github.com/docker/docker-ce/search?p=1&q=RUNC_BUILDTAGS&unscoped_q=RUNC_BUILDTAGS Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-04-15 14:59:42 -04:00
Mike Brown	d531dc492a	Merge pull request #1405 from fuweid/me-async-load-cnicnf reload cni network config if has fs change events	2020-04-15 13:57:32 -05:00
Mike Brown	3d250b8289	Merge pull request #1439 from mikebrow/fix-selinux-unit-test fixes bad unit test when selinux is enabled	2020-04-15 13:54:19 -05:00
Mike Brown	8b6377bad8	Merge pull request #1442 from containerd/mikebrow-add-greeting-action Create greetings.yml	2020-04-15 13:45:34 -05:00
Mike Brown	4a9fa22683	Merge pull request #1441 from dims/run-test-in-windows Running critest under windows using github action	2020-04-15 13:45:10 -05:00
Davanum Srinivas	5c31c7591e	Running critest under windows using github actions Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2020-04-15 14:09:41 -04:00
Mike Brown	aa9b1885b5	fixes bad unit tests when selinux is enabled Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-15 12:28:11 -05:00
Mike Brown	7381f31b36	Create greetings.yml Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2020-04-15 11:59:24 -05:00

1 2 3 4 5 ...

1973 Commits