github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
71,983 Commits 1 Branch 31 Tags 1,019 MiB
068cdaa56c
Commit Graph

116 Commits

Author SHA1 Message Date
Harry Zhang
29c6a3b572 Enabel custom infracontainer image 
Modify api protoc for infra
 2016-10-03 23:54:19 -04:00
Kubernetes Submit Queue
a241daf3f2 Merge pull request #33500 from Random-Liu/apparmor-seccomp-cri 
Automatic merge from submit-queue

Add seccomp and apparmor support.

This PR adds seccomp and apparmor support in new CRI.

This a WIP because I'm still adding unit test for some of the functions. Sent this PR here for design discussion.

This PR is similar with https://github.com/kubernetes/kubernetes/pull/33450.
The differences are:
* This PR passes seccomp and apparmor configuration via annotations;
* This PR keeps the seccomp handling logic in docker shim because current seccomp implementation is very docker specific, and @timstclair told me that even the json seccomp profile file is defined by docker.

Notice that this PR almost passes related annotations in `api.Pod` to the runtime directly instead of introducing new CRI annotation.

@yujuhong @feiskyer @timstclair
 2016-10-03 20:34:13 -07:00
Yifan Gu
44ca3ea5e0 CRI: Add dns option, rename DNSOption to DNSConfig. 2016-09-29 13:46:32 -07:00
Random-Liu
88fb149cf5 Add seccomp and apparmor support. 2016-09-27 16:33:02 -07:00
Random-Liu
2141e230a6 Add oom score adj in new CRI implementation. 2016-09-26 11:39:02 -07:00
Yu-Ju Hong
2f60b72dd3 dockershim: add support for annotations 2016-09-16 11:31:15 -07:00
Yu-Ju Hong
fd70d94330 dockershim: fix sandbox/container filtering 2016-09-16 11:09:24 -07:00
Pengfei Ni
4d85e48528 CRI: remove name from ContainerFilter and PodSandboxFilter 2016-09-13 22:11:49 +08:00
Yu-Ju Hong
84aab8d4a8 dockershim: utilize the Metadata in container names 
This commit changes how the shim constructs and parses docker container names
by using the new "Metadata" types.
 2016-09-12 10:58:21 -07:00
Yu-Ju Hong
a1833d1947 dockershim: bug fixes and more unit tests 
Fixing the name triming and other small bugs. Added sandbox listing unit tests.
 2016-09-12 10:58:21 -07:00
Pengfei Ni
58a9da3310 Kubelet: rename CreatePodSandbox to RunPodSandbox in CRI 2016-09-07 21:38:56 +08:00
Pengfei Ni
9bfa37f2ae Kubelet: pass pod name/namespace/uid to runtimes 2016-08-23 07:33:15 +08:00
Yu-Ju Hong
bf7020a9b7 CRI: remove pod resources 
The pod-level resources need further discussion. Remove it from CRI for now.
 2016-08-12 17:07:25 -07:00
Yu-Ju Hong
5c06d7e620 CRI: rename DeletePodSandbox to RemovePodSandbox 
This makes it consistent with other calls (e.g., RemoveContainer, RemoveImage).
 2016-08-03 15:46:34 -07:00
Yu-Ju Hong
5960d87d21 dockershim: Implement sandbox methods 2016-08-02 15:24:52 -07:00
Yu-Ju Hong
03d11bcf4e Add a dockershim package 
Add a new docker integration with kubelet using the new runtime API.
This change adds the package with some skeletons, and implements some
of the basic operations.
 2016-07-27 18:30:25 -07:00