Commit graph

1143 commits

Author SHA1 Message Date
Michael Crosby
fe53956044 Add missing monitor file
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-10 09:30:03 -08:00
Michael Crosby
61263bd77e Set containerd as subreaper
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-09 16:26:14 -08:00
Michael Crosby
6d3a70eb58 Make ctr --rootfs an absolute path
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-09 16:13:23 -08:00
Michael Crosby
9f3240364f Implement reaper with runc support in shim
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-09 16:11:57 -08:00
Michael Crosby
df48983fe7 Add reaper code for daemon
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-09 16:07:35 -08:00
Michael Crosby
4fd2478513 Update go-runc to bd9aef7cf4402a3a8728e3ef83dcca6a5a1be899
Also remove the comment fields in the vndr script, they are too hard to
keep up to date and add little value when we have the git commit
timestamps

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-09 13:47:49 -08:00
Michael Crosby
0e0ae74b82 Merge pull request #612 from stevvooe/simplify-resolution-flow
cmd/dist, remotes: simplify resolution flow
2017-03-09 12:41:12 -08:00
Stephen J Day
831f68fd71
cmd/dist, remotes: simplify resolution flow
After receiving feedback during containerd summit walk through of the
pull POC, we found that the resolution flow for names was out of place.
We could see this present in awkward places where we were trying to
re-resolve whether something was a digest or a tag and extra retries to
various endpoints.

By centering this problem around, "what do we write in the metadata
store?", the following interface comes about:

```
Resolve(ctx context.Context, ref string) (name string, desc ocispec.Descriptor, fetcher Fetcher, err error)
```

The above takes an "opaque" reference (we'll get to this later) and
returns the canonical name for the object, a content description of the
object and a `Fetcher` that can be used to retrieve the object and its
child resources. We can write `name` into the metadata store, pointing
at the descriptor. Descisions about discovery, trust, provenance,
distribution are completely abstracted away from the pulling code.

A first response to such a monstrosity is "that is a lot of return
arguments". When we look at the actual, we can see that in practice, the
usage pattern works well, albeit we don't quite demonstrate the utility
of `name`, which will be more apparent later. Designs that allowed
separate resolution of the `Fetcher` and the return of a collected
object were considered. Let's give this a chance before we go
refactoring this further.

With this change, we introduce a reference package with helps for
remotes to decompose "docker-esque" references into consituent
components, without arbitrarily enforcing those opinions on the backend.
Utlimately, the name and the reference used to qualify that name are
completely opaque to containerd. Obviously, implementors will need to
show some candor in following some conventions, but the possibilities
are fairly wide. Structurally, we still maintain the concept of the
locator and object but the interpretation is up to the resolver.

For the most part, the `dist` tool operates exactly the same, except
objects can be fetched with a reference:

```
dist fetch docker.io/library/redis:latest
```

The above should work well with a running containerd instance. I
recommend giving this a try with `fetch-object`, as well. With
`fetch-object`, it is easy for one to better understand the intricacies
of the OCI/Docker image formats.

Ultimately, this serves the main purpose of the elusive "metadata
store".

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-08 16:46:13 -08:00
Michael Crosby
fc45d9c119 Chown grpc socket based on config
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-08 11:42:36 -08:00
Kunal Kushwaha
8f13b160b1 Testcase for multiple Prepare/View on same key.
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
2017-03-08 11:16:12 +09:00
Michael Crosby
e1731d2e5e Add linux runtime config
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-03-07 16:46:09 -08:00
Michael Crosby
27a99400e8 Merge pull request #610 from dmcgowan/snapshot-move-testsuite
snapshot: move testsuite to sub-package
2017-03-07 16:45:04 -08:00
Michael Crosby
2fb3b73b95 Merge pull request #611 from dmcgowan/snapshot-plugins
Add snapshot plugin type
2017-03-07 16:44:35 -08:00
Derek McGowan
a4247e2aa9 Add snapshot plugin type
Update existing snapshot drivers to register as plugins.
Load snapshot driver at containerd startup.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-07 14:55:36 -08:00
Derek McGowan
66bbf5c449 Move snapshot testsuite to sub package
Prevents imports of snapshot to require importing test packages.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-07 09:16:45 -08:00
Phil Estes
f06db40baf Merge pull request #608 from dmcgowan/move-plugins
Move plugin registration to separate package
2017-03-07 11:10:24 -05:00
Derek McGowan
0b44e24c07 Move plugin registration to separate package
Only compile in plugin support on non-windows 1.8.
Re-enable go 1.7.x tests.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-06 17:23:00 -08:00
Derek McGowan
7359fd0f25 Merge pull request #597 from stevvooe/pull-prototype
cmd/dist: implement fetch prototype
2017-03-06 16:39:26 -08:00
Stephen Day
34f3ee29c9 Merge pull request #523 from AkihiroSuda/snapshot-test
snapshotter: add more assertion
2017-03-06 15:42:10 -08:00
Kenfe-Mickaël Laventure
a7cb5a783c Merge pull request #607 from vburenin/dont-hang
Do not read all IO if a container is not started.
2017-03-06 13:12:37 -08:00
Volodymyr Burenin
72034dad40 Do not read all IO if container is not started.
Signed-off-by: Volodymyr Burenin <vburenin@gmail.com>
2017-03-06 13:47:45 -06:00
Michael Crosby
328e30dc67 Merge pull request #606 from vburenin/user-runtime-option
Added new --runtime option for 'ctr run' to specify user defined runtime.
2017-03-06 11:35:15 -08:00
Volodymyr Burenin
2972f2728f Added new flag for 'ctr run' to specify user defined runtime.
Signed-off-by: Volodymyr Burenin <vburenin@gmail.com>
2017-03-06 13:11:31 -06:00
Phil Estes
5b4964a705 Merge pull request #594 from AkihiroSuda/implement-status
api: implement fetching the container status
2017-03-06 10:44:51 -05:00
Akihiro Suda
750cdc951f snapshotter: add more assertion
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-03-06 08:34:43 +00:00
Akihiro Suda
899a52d655 api: implement fetching the container status
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-03-06 08:26:35 +00:00
Kenfe-Mickaël Laventure
a7ef3e5313 Merge pull request #602 from chchliang/containerdtest
remove this container from map
2017-03-03 09:29:37 -08:00
chchliang
54b677acf9 remove this container from map
Signed-off-by: chchliang <chen.chuanliang@zte.com.cn>
2017-03-03 16:51:50 +08:00
Stephen J Day
55a1b4eff8 cmd/dist: implement fetch prototype
With the rename of fetch to fetch-object, we now introduce the `fetch`
command. It will fetch all of the resources required for an image into
the content store. We'll still need to follow this up with metadata
registration but this is a good start.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-02 17:36:01 -08:00
Derek McGowan
971b9ca29a Merge pull request #598 from stevvooe/easier-fetch
cmd/dist: default mediatypes to oci and docker
2017-03-02 17:35:40 -08:00
Stephen J Day
ea9389d4c5
cmd/dist: default mediatypes to oci and docker
To make using the `fetch-object` for demonstrations much easier, the
mediatypes are defaulted when a non-digest object identifier is
provided. We also add support for OCI mediatypes, although they are
mostly unavailable.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-02 16:50:32 -08:00
Derek McGowan
f09aadc9bf Merge pull request #596 from stevvooe/fetch-object
cmd/dist: change fetch to fetch-object command
2017-03-02 16:00:15 -08:00
Stephen J Day
6ab6cdce71
cmd/dist: change fetch to fetch-object command
To allow us to differentiate from fetching an image, fetch a part of an
image and pulling an image, we now call the `fetch` command the
`fetch-object` command. We can now introduce a command that does the
complete image fetch without creating snapshots, allowing `pull` to
perform the entire process.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-03-02 13:50:09 -08:00
Derek McGowan
2831e9b469 Merge pull request #581 from kunalkushwaha/testsuite-transitive
Testcase to test Transitivity of snapshot layers.
2017-03-02 11:38:49 -08:00
Stephen Day
a15aa8e9ab Merge pull request #593 from ijc25/delete-response
Return DeleteResponse from ContainerService.Delete
2017-03-02 10:10:58 -08:00
Kenfe-Mickaël Laventure
01323ff50e Merge pull request #595 from ijc25/rerun-vndr
Rerun vndr with latest version of tool
2017-03-02 08:08:56 -08:00
Ian Campbell
7527110fda Rerun vndr with latest version of tool
That is, e55af28bae.

Since f77ece9cb5
the license files regex is case insensitive which picks up one more file.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-03-02 14:22:00 +00:00
Derek McGowan
a185a69f46 Merge pull request #589 from stevvooe/content-service-client
services/content: move service client into package
2017-03-01 11:28:01 -08:00
Michael Crosby
5e6eb1ddc7 Merge pull request #591 from ijc25/config-json-fd-leak
Do not leak open fd to config.json in newBundle
2017-03-01 11:10:37 -08:00
Derek McGowan
95a5758641 Merge pull request #585 from stevvooe/content-service-ignore-eof
services/content: ignore io.EOF after successful commit
2017-03-01 10:14:56 -08:00
Ian Campbell
186a9a2acd Return DeleteResponse from ContainerService.Delete
The message was defined but the method was returning empty, plumb through the
result from the shim layer.

Compile tested only.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-03-01 14:59:29 +00:00
Ian Campbell
eae8ca69b7 Do not leak open fd to config.json in newBundle
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-03-01 11:15:10 +00:00
Stephen J Day
5da4e1d0d2 services/content: move service client into package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-02-28 17:12:24 -08:00
Stephen Day
4793f968e5 Merge pull request #586 from stevvooe/dist-grpc-connect
cmd/dist: add global connect-timeout for GRPC
2017-02-28 17:12:00 -08:00
Michael Crosby
20a1222aa9 Merge pull request #587 from stevvooe/content-service-module
cmd/containerd: set correct module on interceptor for content
2017-02-28 16:50:58 -08:00
Stephen J Day
0c00d4a64c
cmd/containerd: set correct module on interceptor for content
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-02-28 16:47:41 -08:00
Stephen J Day
d3fdfd85f4
services/content: ignore io.EOF after successful commit
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-02-28 16:46:01 -08:00
Stephen J Day
d61d0b5aef
cmd/dist: add global connect-timeout for GRPC
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-02-28 16:43:08 -08:00
Stephen Day
317b884110 Merge pull request #576 from stevvooe/seek-reset-handling
content: allow reset via Truncate
2017-02-28 10:42:21 -08:00
Stephen J Day
d99756a8a2
content: allow reset via Truncate
To make restarting after failed pull less racy, we define `Truncate(size
int64) error` on `content.Writer` for the zero offset. Truncating a
writer will dump any existing data and digest state and start from the
beginning. All subsequent writes will start from the zero offset.

For the service, we support this by defining the behavior for a write
that changes the offset. To keep this narrow, we only support writes out
of order at the offset 0, which causes the writer to dump existing data
and reset the local hash.

This makes restarting failed pulls much smoother when there was a
previously encountered error and the source doesn't support arbitrary
seeks or reads at arbitrary offsets. By allowing this to be done while
holding the write lock on a ref, we can restart the full download
without causing a race condition.

Once we implement seeking on the `io.Reader` returned by the fetcher,
this will be less useful, but it is good to ensure that our protocol
properly supports this use case for when streaming is the only option.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-02-28 10:40:02 -08:00