Commit graph

1173 commits

Author SHA1 Message Date
Michael Crosby
71e8d765df set +x on overlay fs dirs
We need to set +x on the overlay dirs or after dropping from root to a
non-root user an eperm will happen on exec or other file access

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-24 12:55:35 -07:00
Michael Crosby
597815af7e Generate spec based on image config
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-23 15:40:09 -07:00
Stephen Day
44d2ef4db3 Merge pull request #635 from dmcgowan/snapshot-metastore-context
Snapshot driver metastore
2017-03-22 15:29:52 -07:00
Michael Crosby
355e3ec032 Merge pull request #653 from samuelkarp/scope
readme: Add metrics to scope as per #646
2017-03-22 15:16:42 -07:00
Samuel Karp
473cb40a2f readme: Add metrics to scope as per #646
https://github.com/docker/containerd/pull/646

Signed-off-by: Samuel Karp <skarp@amazon.com>
2017-03-22 15:07:40 -07:00
Derek McGowan
b24cf459d0 Merge pull request #648 from stevvooe/docker-resolver
cmd/dist, remotes: break out docker resolver
2017-03-22 14:46:45 -07:00
Stephen J Day
e1a361bff2
cmd/dist, remotes: break out docker resolver
Allow usage of the experimental docker resolver as a package. There are
very few changes to the consuming code, demonstrating the effectiveness
of the abstraction. This move will allow future contributions to a more
featured resolver implementation.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-22 14:14:01 -07:00
Stephen Day
4cc7cddf4b Merge pull request #649 from stevvooe/real-image-size
cmd/dist: show real image size in list
2017-03-22 14:06:25 -07:00
Stephen J Day
1f21fb7f8b
cmd/dist: show real image size in list
As a demonstration of the power of the visitor implementation, we now
report the image size in the `dist images` command. This is the size of
the packed resources as would be pushed into a remote. A similar method
could be added to calculate the unpacked size.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-22 13:53:58 -07:00
Derek McGowan
44a8b85f5f Merge pull request #644 from AkihiroSuda/armv7
support compilation for armv7
2017-03-22 13:53:27 -07:00
Michael Crosby
5e5479718c Merge pull request #619 from crosbymichael/no-shim
Add `no_shim` config for not running with a shim
2017-03-22 13:49:03 -07:00
Michael Crosby
51f1a66c0b Merge pull request #651 from dmcgowan/enforce-go-fmt
Call go fmt in travis
2017-03-22 13:48:08 -07:00
Michael Crosby
beda443bcf Merge pull request #646 from crosbymichael/container-metrics
Add container level metrics
2017-03-22 13:42:37 -07:00
Michael Crosby
d219b47f65 Add device path to metrics
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:25 -07:00
Michael Crosby
c90e0c94a5 Remove containerd_ namespace from container stats
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:25 -07:00
Michael Crosby
155185c2b2 Add container to monitor in runtime
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:25 -07:00
Michael Crosby
f36feb2ed4 Add prometheus container level metrics
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:25 -07:00
Michael Crosby
977939850b Update runtime spec to 035da1dca3dfbb00d752eb58b0b
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:25 -07:00
Michael Crosby
ddbeb9f936 Add monitor plugin loading
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-22 11:44:05 -07:00
Derek McGowan
6997c5c32d Update btrfs undo logic
Ensure undo failures are logged in a consistent way.
Remove created subvolume on commit failure on create.
Ensure that removed value get logged on delete failure.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-22 10:58:45 -07:00
Akihiro Suda
ae42cc4173 support compilation for armv7
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-03-22 07:28:25 +00:00
Qiang Huang
1005d1dba9 Merge pull request #645 from AkihiroSuda/disable-plugin-go18-non-amd64
plugin: disable Go 1.8 plugin on non-amd64
2017-03-22 02:21:51 -05:00
Derek McGowan
65e2c02ee1 Merge pull request #650 from stevvooe/move-image-to-images
images: move image package to images
2017-03-21 23:39:23 -07:00
Derek McGowan
7473b2125a Call go fmt in travis
Not all checks are passing yet but we should still enforce
the most basic one.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:36:18 -07:00
Derek McGowan
55ef482c5a Add storage testsuite
Added error variables and error check methods to snapshots

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:16:39 -07:00
Derek McGowan
8383519d96
Move parent bucket to same level as snapshot bucket
Adds a zero byte separator on composite key.
Stores child key in back reference to allow following.
Add parent bucket to get/create bucket functions.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:36 -07:00
Derek McGowan
397499c288
Add root flag to boltdb tests
Needed for CI to run root coverage

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:36 -07:00
Derek McGowan
73f467a32b
Use enumerated kind in boltdb proto message
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:36 -07:00
Derek McGowan
912746b016
Update btrfs driver to use snapshot storage
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:36 -07:00
Derek McGowan
61b524aff2
Update overlay snapshot driver to use metastore
Update tests to use boltdb.
Update test suite to pass context.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:35 -07:00
Derek McGowan
63ea9908c0
Add bolt db metastore implementation
Add metastore benchmark suite to test metastore performance.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:35 -07:00
Derek McGowan
17e7e70fe2
Add snapshot metadata store interface
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-21 23:15:35 -07:00
Stephen J Day
39da6ff879
images: move image package to images
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-21 17:36:37 -07:00
Derek McGowan
26fe49a7bc Merge pull request #647 from otsneh/spec-values-fix
Update shim exec rpc to take fewer args
2017-03-21 17:03:04 -07:00
Ophir Sneh
87f94bf79b Update shim exec rpc to take fewer args
Signed-off-by: Ophir Sneh <otsneh@gmail.com>
2017-03-21 15:34:02 -07:00
Michael Crosby
604af9cd46 Merge pull request #640 from stevvooe/pull-prototype
cmd/dist, cmd/ctr: end to end image pull
2017-03-21 13:18:30 -07:00
Stephen J Day
706ba7212f
vendor: add boltdb dependency
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-21 13:08:32 -07:00
Stephen J Day
e53539c58f
cmd/dist, cmd/ctr: end to end image pull
With this changeset, we now have a proof of concept of end to end pull.
Up to this point, the relationship between subsystems has been somewhat
theoretical. We now leverage fetching, the snapshot drivers, the rootfs
service, image metadata and the execution service, validating the proposed
model for containerd. There are a few caveats, including the need to move some
of the access into GRPC services, but the basic components are there.

The first command we will cover here is `dist pull`. This is the analog
of `docker pull` and `git pull`. It performs a full resource fetch for
an image and unpacks the root filesystem into the snapshot drivers. An
example follows:

``` console
$ sudo ./bin/dist pull docker.io/library/redis:latest
docker.io/library/redis:latest:                                                   resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:4c8fb09e8d634ab823b1c125e64f0e1ceaf216025aa38283ea1b42997f1e8059: done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:3b281f2bcae3b25c701d53a219924fffe79bdb74385340b73a539ed4020999c4:    done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:e4a35914679d05d25e2fccfd310fde1aa59ffbbf1b0b9d36f7b03db5ca0311b0:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:4b7726832aec75f0a742266c7190c4d2217492722dfd603406208eaa902648d8:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:338a7133395941c85087522582af182d2f6477dbf54ba769cb24ec4fd91d728f:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:83f12ff60ff1132d1e59845e26c41968406b4176c1a85a50506c954696b21570:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:693502eb7dfbc6b94964ae66ebc72d3e32facd981c72995b09794f1e87bac184:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:622732cddc347afc9360b4b04b46c6f758191a1dc73d007f95548658847ee67e:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:19a7e34366a6f558336c364693df538c38307484b729a36fede76432789f084f:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 1.6 s                                                                    total:   0.0 B (0.0 B/s)
INFO[0001] unpacking rootfs
```

Note that we haven't integrated rootfs unpacking into the status output, but we
pretty much have what is in docker today (:P). We can see the result of our pull
with the following:

```console
$ sudo ./bin/dist images
REF                            TYPE                                                 DIGEST                                                                  SIZE
docker.io/library/redis:latest application/vnd.docker.distribution.manifest.v2+json sha256:4c8fb09e8d634ab823b1c125e64f0e1ceaf216025aa38283ea1b42997f1e8059 1.8 kB
```

The above shows that we have an image called "docker.io/library/redis:latest"
mapped to the given digest marked with a specific format. We get the size of
the manifest right now, not the full image, but we can add more as we need it.
For the most part, this is all that is needed, but a few tweaks to the model
for naming may need to be added. Specifically, we may want to index under a few
different names, including those qualified by hash or matched by tag versions.
We can do more work in this area as we develop the metadata store.

The name shown above can then be used to run the actual container image. We can
do this with the following command:

```console
$ sudo ./bin/ctr run --id foo docker.io/library/redis:latest /usr/local/bin/redis-server
1:C 17 Mar 17:20:25.316 # Warning: no config file specified, using the default config. In order to specify a config file use /usr/local/bin/redis-server /path/to/redis.conf
1:M 17 Mar 17:20:25.317 * Increased maximum number of open files to 10032 (it was originally set to 1024).
                _._
           _.-``__ ''-._
      _.-``    `.  `_.  ''-._           Redis 3.2.8 (00000000/0) 64 bit
  .-`` .-```.  ```\/    _.,_ ''-._
 (    '      ,       .-`  | `,    )     Running in standalone mode
 |`-._`-...-` __...-.``-._|'` _.-'|     Port: 6379
 |    `-._   `._    /     _.-'    |     PID: 1
  `-._    `-._  `-./  _.-'    _.-'
 |`-._`-._    `-.__.-'    _.-'_.-'|
 |    `-._`-._        _.-'_.-'    |           http://redis.io
  `-._    `-._`-.__.-'_.-'    _.-'
 |`-._`-._    `-.__.-'    _.-'_.-'|
 |    `-._`-._        _.-'_.-'    |
  `-._    `-._`-.__.-'_.-'    _.-'
      `-._    `-.__.-'    _.-'
          `-._        _.-'
              `-.__.-'

1:M 17 Mar 17:20:25.326 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 17 Mar 17:20:25.326 # Server started, Redis version 3.2.8
1:M 17 Mar 17:20:25.326 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 17 Mar 17:20:25.326 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 17 Mar 17:20:25.326 * The server is now ready to accept connections on port 6379
```

Wow! So, now we are running `redis`!

There are still a few things to work out. Notice that we have to specify the
command as part of the arguments to `ctr run`. This is because are not yet
reading the image config and converting it to an OCI runtime config. With the
base laid in this PR, adding such functionality should be straightforward.

While this is a _little_ messy, this is great progress. It should be easy
sailing from here.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-21 13:08:23 -07:00
Phil Estes
fa71fc91fa Merge pull request #631 from chanezon/master
added website code for containerd.io
2017-03-21 09:14:26 -07:00
Akihiro Suda
6bd0710831 plugin: disable Go 1.8 plugin on non-amd64
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-03-21 08:34:05 +00:00
Derek McGowan
f251d2b487 Merge pull request #643 from stevvooe/clarify-digest-description
reference: clarify digest description
2017-03-20 17:09:36 -07:00
Stephen J Day
d325c8b1d5
reference: clarify digest description
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-20 17:01:06 -07:00
Qiang Huang
5f6edd072c Merge pull request #639 from crosbymichael/report-317
Add dev report for mar 17 2017
2017-03-18 05:49:25 -05:00
Stephen Day
a98b81c572
reports: add update on image pull
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-17 18:00:38 -07:00
Michael Crosby
2e2c61ba27 Add dev report for mar 17 2017
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-17 16:35:53 -07:00
Michael Crosby
ffbe36e118 Merge pull request #638 from stevvooe/refactor-fetch
cmd/dist, image, remotes: introduce image handlers
2017-03-17 16:07:25 -07:00
Stephen J Day
5a3151eefc
cmd/dist, image, remotes: introduce image handlers
With this PR, we introduce the concept of image handlers. They support
walking a tree of image resource descriptors for doing various tasks
related to processing them. Handlers can be dispatched sequentially or
in parallel and can be stacked for various effects.

The main functionality we introduce here is parameterized fetch without
coupling format resolution to the process itself. Two important
handlers, `remotes.FetchHandler` and `image.ChildrenHandler` can be
composed to implement recursive fetch with full status reporting. The
approach can also be modified to filter based on platform or other
constraints, unlocking a lot of possibilities.

This also includes some light refactoring in the fetch command, in
preparation for submission of end to end pull.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-17 15:47:50 -07:00
Patrick Chanezon
06d5068055 removed unused images
Signed-off-by: Patrick Chanezon <patlist@chanezon.com>
2017-03-17 12:09:03 -07:00
Derek McGowan
f95ba7c5ea Merge pull request #637 from fate-grand-order/typo
fix misspell "resources" in content/store.go
2017-03-16 23:42:13 -07:00
fate-grand-order
680e191c91 fix misspell "resources" in content/store.go
Signed-off-by: fate-grand-order <chenjg@harmonycloud.cn>
2017-03-17 10:41:24 +08:00