commit
						4fa5505a7c
					
				
					 10 changed files with 58 additions and 31 deletions
				
			
		|  | @ -97,7 +97,7 @@ RUN set -x \ | ||||||
|        && rm -rf "$GOPATH" |        && rm -rf "$GOPATH" | ||||||
| 
 | 
 | ||||||
| # Install crictl | # Install crictl | ||||||
| ENV CRICTL_COMMIT 16e6fe4d7199c5689db4630a9330e6a8a12cecd1 | ENV CRICTL_COMMIT b42fc3f364dd48f649d55926c34492beeb9b2e99 | ||||||
| RUN set -x \ | RUN set -x \ | ||||||
|        && export GOPATH="$(mktemp -d)" \ |        && export GOPATH="$(mktemp -d)" \ | ||||||
|        && git clone https://github.com/kubernetes-incubator/cri-tools.git "$GOPATH/src/github.com/kubernetes-incubator/cri-tools" \ |        && git clone https://github.com/kubernetes-incubator/cri-tools.git "$GOPATH/src/github.com/kubernetes-incubator/cri-tools" \ | ||||||
|  |  | ||||||
							
								
								
									
										2
									
								
								Makefile
									
										
									
									
									
								
							
							
						
						
									
										2
									
								
								Makefile
									
										
									
									
									
								
							|  | @ -12,6 +12,7 @@ MANDIR ?= ${PREFIX}/share/man | ||||||
| ETCDIR ?= ${DESTDIR}/etc | ETCDIR ?= ${DESTDIR}/etc | ||||||
| ETCDIR_CRIO ?= ${ETCDIR}/crio | ETCDIR_CRIO ?= ${ETCDIR}/crio | ||||||
| BUILDTAGS ?= seccomp $(shell hack/btrfs_tag.sh) $(shell hack/libdm_tag.sh) $(shell hack/btrfs_installed_tag.sh) $(shell hack/ostree_tag.sh) $(shell hack/selinux_tag.sh) | BUILDTAGS ?= seccomp $(shell hack/btrfs_tag.sh) $(shell hack/libdm_tag.sh) $(shell hack/btrfs_installed_tag.sh) $(shell hack/ostree_tag.sh) $(shell hack/selinux_tag.sh) | ||||||
|  | CRICTL_CONFIG_DIR=${DESTDIR}/etc | ||||||
| 
 | 
 | ||||||
| BASHINSTALLDIR=${PREFIX}/share/bash-completion/completions | BASHINSTALLDIR=${PREFIX}/share/bash-completion/completions | ||||||
| OCIUMOUNTINSTALLDIR=$(PREFIX)/share/oci-umount/oci-umount.d | OCIUMOUNTINSTALLDIR=$(PREFIX)/share/oci-umount/oci-umount.d | ||||||
|  | @ -165,6 +166,7 @@ install.config: | ||||||
| 	install ${SELINUXOPT} -D -m 644 crio.conf $(ETCDIR_CRIO)/crio.conf | 	install ${SELINUXOPT} -D -m 644 crio.conf $(ETCDIR_CRIO)/crio.conf | ||||||
| 	install ${SELINUXOPT} -D -m 644 seccomp.json $(ETCDIR_CRIO)/seccomp.json | 	install ${SELINUXOPT} -D -m 644 seccomp.json $(ETCDIR_CRIO)/seccomp.json | ||||||
| 	install ${SELINUXOPT} -D -m 644 crio-umount.conf $(OCIUMOUNTINSTALLDIR)/crio-umount.conf | 	install ${SELINUXOPT} -D -m 644 crio-umount.conf $(OCIUMOUNTINSTALLDIR)/crio-umount.conf | ||||||
|  | 	install ${SELINUXOPT} -D -m 644 crictl.yaml $(CRICTL_CONFIG_DIR) | ||||||
| 
 | 
 | ||||||
| install.completions: | install.completions: | ||||||
| 	install ${SELINUXOPT} -d -m 755 ${BASHINSTALLDIR} | 	install ${SELINUXOPT} -d -m 755 ${BASHINSTALLDIR} | ||||||
|  |  | ||||||
|  | @ -4,7 +4,7 @@ | ||||||
|   git: |   git: | ||||||
|     repo: "https://github.com/kubernetes-incubator/cri-tools.git" |     repo: "https://github.com/kubernetes-incubator/cri-tools.git" | ||||||
|     dest: "{{ ansible_env.GOPATH }}/src/github.com/kubernetes-incubator/cri-tools" |     dest: "{{ ansible_env.GOPATH }}/src/github.com/kubernetes-incubator/cri-tools" | ||||||
|     version: "16e6fe4d7199c5689db4630a9330e6a8a12cecd1" |     version: "b42fc3f364dd48f649d55926c34492beeb9b2e99" | ||||||
| 
 | 
 | ||||||
| - name: install crictl | - name: install crictl | ||||||
|   command: "/usr/bin/go install github.com/kubernetes-incubator/cri-tools/cmd/crictl" |   command: "/usr/bin/go install github.com/kubernetes-incubator/cri-tools/cmd/crictl" | ||||||
|  |  | ||||||
							
								
								
									
										1
									
								
								crictl.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								crictl.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | ||||||
|  | runtime-endpoint: /var/run/crio.sock | ||||||
|  | @ -620,6 +620,10 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string, | ||||||
| 
 | 
 | ||||||
| 	labels := containerConfig.GetLabels() | 	labels := containerConfig.GetLabels() | ||||||
| 
 | 
 | ||||||
|  | 	if err := validateLabels(labels); err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	metadata := containerConfig.GetMetadata() | 	metadata := containerConfig.GetMetadata() | ||||||
| 
 | 
 | ||||||
| 	kubeAnnotations := containerConfig.GetAnnotations() | 	kubeAnnotations := containerConfig.GetAnnotations() | ||||||
|  |  | ||||||
|  | @ -38,12 +38,13 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque | ||||||
| 	logrus.Debugf("ListContainersRequest %+v", req) | 	logrus.Debugf("ListContainersRequest %+v", req) | ||||||
| 
 | 
 | ||||||
| 	var ctrs []*pb.Container | 	var ctrs []*pb.Container | ||||||
| 	filter := req.Filter | 	filter := req.GetFilter() | ||||||
| 	ctrList, err := s.ContainerServer.ListContainers() | 	ctrList, err := s.ContainerServer.ListContainers() | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		return nil, err | 		return nil, err | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	if filter != nil { | ||||||
| 		// Filter using container id and pod id first. | 		// Filter using container id and pod id first. | ||||||
| 		if filter.Id != "" { | 		if filter.Id != "" { | ||||||
| 			id, err := s.CtrIDIndex().Get(filter.Id) | 			id, err := s.CtrIDIndex().Get(filter.Id) | ||||||
|  | @ -73,6 +74,7 @@ func (s *Server) ListContainers(ctx context.Context, req *pb.ListContainersReque | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
| 		} | 		} | ||||||
|  | 	} | ||||||
| 
 | 
 | ||||||
| 	for _, ctr := range ctrList { | 	for _, ctr := range ctrList { | ||||||
| 		podSandboxID := ctr.Sandbox() | 		podSandboxID := ctr.Sandbox() | ||||||
|  |  | ||||||
|  | @ -227,6 +227,10 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest | ||||||
| 	// add labels | 	// add labels | ||||||
| 	labels := req.GetConfig().GetLabels() | 	labels := req.GetConfig().GetLabels() | ||||||
| 
 | 
 | ||||||
|  | 	if err := validateLabels(labels); err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	// Add special container name label for the infra container | 	// Add special container name label for the infra container | ||||||
| 	labelsJSON := []byte{} | 	labelsJSON := []byte{} | ||||||
| 	if labels != nil { | 	if labels != nil { | ||||||
|  |  | ||||||
|  | @ -18,6 +18,8 @@ const ( | ||||||
| 	// According to http://man7.org/linux/man-pages/man5/resolv.conf.5.html: | 	// According to http://man7.org/linux/man-pages/man5/resolv.conf.5.html: | ||||||
| 	// "The search list is currently limited to six domains with a total of 256 characters." | 	// "The search list is currently limited to six domains with a total of 256 characters." | ||||||
| 	maxDNSSearches = 6 | 	maxDNSSearches = 6 | ||||||
|  | 
 | ||||||
|  | 	maxLabelSize = 4096 | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| func copyFile(src, dest string) error { | func copyFile(src, dest string) error { | ||||||
|  | @ -196,3 +198,15 @@ func recordError(operation string, err error) { | ||||||
| 		metrics.CRIOOperationsErrors.WithLabelValues(operation).Inc() | 		metrics.CRIOOperationsErrors.WithLabelValues(operation).Inc() | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|  | 
 | ||||||
|  | func validateLabels(labels map[string]string) error { | ||||||
|  | 	for k, v := range labels { | ||||||
|  | 		if (len(k) + len(v)) > maxLabelSize { | ||||||
|  | 			if len(k) > 10 { | ||||||
|  | 				k = k[:10] | ||||||
|  | 			} | ||||||
|  | 			return fmt.Errorf("label key and value greater than maximum size (%d bytes), key: %s", maxLabelSize, k) | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | @ -211,9 +211,9 @@ function retry() { | ||||||
| 	false | 	false | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| # Waits until the given crio becomes reachable. | # Waits until crio becomes reachable. | ||||||
| function wait_until_reachable() { | function wait_until_reachable() { | ||||||
| 	retry 15 1 crictl status | 	retry 15 1 crictl version | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| # Start crio. | # Start crio. | ||||||
|  |  | ||||||
|  | @ -1,4 +1,4 @@ | ||||||
| package version | package version | ||||||
| 
 | 
 | ||||||
| // Version is the version of the build. | // Version is the version of the build. | ||||||
| const Version = "1.0.4-dev" | const Version = "1.0.5-dev" | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue