Nalin Dahyabhai
0b7348b35c
Use errors.Cause() when looking at storage errors
...
The storage library uses github.com/pkg/errors to wrap errors that it
returns from many of its functions, so when passing them to
os.IsNotExist() or comparing them to specific errors defined in the
storage library, unwrap them using errors.Cause().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-08-03 15:40:54 -04:00
Mrunal Patel
66d96e77e3
Merge pull request #674 from runcom/additional-registries
...
*: implement additional pull registries
2017-08-02 17:42:58 -07:00
Antonio Murdaca
da176cd379
Merge pull request #717 from 14rcole/oci-getcontainer
...
Allow oci memory store to match containers by id prefix or by name
2017-08-02 16:55:36 +02:00
Antonio Murdaca
a35727c80b
*: implement additional pull registries
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-08-02 16:38:11 +02:00
Ryan Cole
b56da85fc1
Make container server update it's list of containers upon creation
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-08-01 11:44:57 -04:00
Ryan Cole
9ada0eb4e5
Allow containerserver to match containers by id prefix or name
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-31 19:49:39 -04:00
Matthew Heon
9529f565b2
Add option to use file-based locking for libkpod state
...
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-31 15:58:29 -04:00
Ryan Cole
a8b6f2ad8a
Update kpod commands to use getConfig()
...
Make getStore() take a config struct from which it pulls the store
options, then update the kpod commands so that they call getConfig()
and pass the config into getStore()
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-27 15:58:55 -04:00
Ryan Cole
0c8f106ee8
add basic config struct to libkpod
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-27 11:12:50 -04:00
Matthew Heon
158893bd1a
Move Pod ID and Name indexes into libkpod
...
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-25 11:46:22 -04:00
Matthew Heon
ece055327a
Move Sandbox state into libkpod
...
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-25 11:46:15 -04:00
Ryan Cole
314d55f284
move shutdown function into libkpod and have server call in to it
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:32:02 -04:00
Ryan Cole
4fe17ee16d
Update libkpod New()
...
update libkpod's New() function to use a config struct, and update
server.New() to call into libkpod.New()
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:39 -04:00
Ryan Cole
49ed4ab710
move reserve/release container name into libkpod
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:31 -04:00
Ryan Cole
d625e0e468
move containerState to/from disk to libkpod
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:20 -04:00
Mrunal Patel
7b69d43198
Merge pull request #675 from 14rcole/sandbox-package
...
Move sandbox into its own package
2017-07-21 07:18:00 -07:00
Ryan Cole
d50dba979e
Move sandbox into its own package
...
If sandbox is in the same package as server, there will be a circular dependency when
kpod create is implemented
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-21 08:15:55 -04:00
Ryan Cole
680f7a6106
Add kpod push
command
...
Push an image to a specified location, such as to an atomic registry
or a local directory
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 11:12:40 -04:00
Antonio Murdaca
ab1fef9e1f
Merge pull request #667 from 14rcole/containerserver-state
...
move container state to libkpod
2017-07-20 16:42:31 +02:00
Ryan Cole
bd540ac94c
Separate container state from sandbox state in server
...
Move container state data to libkpod, separate from the sandbox
data in server. However, the move was structured such that sandbox
data could easily be moved over into libkpod in the future
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 08:18:55 -04:00
Mrunal Patel
4128bbd7dc
Bump up runtime-spec dependency to v1.0.0
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-19 21:38:05 -07:00
Ryan Cole
3ddf2efae2
Refactor server sandbox
...
Make sandbox struct and it methods public, and add accessor methods
for the struct fields
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-19 08:53:45 -04:00
Antonio Murdaca
a82cc428a9
Merge pull request #664 from 14rcole/libkpod-containerserver
...
Decouple kubernetes-dependent and non-dependent parts of server
2017-07-19 13:29:26 +02:00
Ryan Cole
64ad902480
Decouple kubernetes-dependent an non-dependent parts of server
...
Move non-kubernetes-dependent portions of server struct to libkpod.
So far, only the struct fields have been moved and not their dependent
functions
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-18 14:23:50 -04:00
Mrunal Patel
2b18d58d60
Merge pull request #666 from tklauser/seccomp-x-sys-unix
...
Use Prctl() and associated constants from x/sys/unix
2017-07-18 09:58:40 -07:00
Tobias Klauser
92a51af7ba
seccomp: use Prctl() from x/sys/unix
...
Use unix.Prctl() instead of manually reimplementing it using
unix.RawSyscall. Also use unix.SECCOMP_MODE_FILTER instead of locally
defining it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-18 15:34:23 +02:00
Ryan Cole
f3efb850b7
Remove ImageSpec dependency from server
...
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-17 16:21:56 -04:00
Antonio Murdaca
73c5285260
Merge pull request #658 from mheon/lock_to_interface
...
Replace sync.Mutex with sync.Locker to allow different locks
2017-07-15 10:48:12 +02:00
Mrunal Patel
d02828e8a6
Support ImageVolumesBind when container is created
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-07-14 16:51:52 -07:00
Mrunal Patel
7443263bd6
Add config for ImageVolumesBind option
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-07-14 15:31:50 -07:00
Matthew Heon
4086f2bc37
Replace sync.Mutex with sync.Locker to allow different locks
...
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-14 16:27:12 -04:00
Antonio Murdaca
17584facf0
Merge pull request #641 from mrunalp/pids_limit
...
Pids limit
2017-07-12 12:39:54 +02:00
Antonio Murdaca
f7206aa86d
Merge pull request #647 from mrunalp/rename_to_crio
...
Rename remnants of ocid to crio
2017-07-12 12:38:28 +02:00
Tobias Klauser
822172a892
all: Switch from package syscall to golang.org/x/sys/unix
...
The syscall package is locked down and the comment in [1] advises to
switch code to use the corresponding package from golang.org/x/sys. Do
so and replace usage of package syscall where possible (leave
syscall.SysProcAttr and syscall.Stat_t).
[1] https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24
This will also allow to get updates and fixes just by re-vendoring
golang.org/x/sys/unix instead of having to update to a new go version.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-12 08:18:55 +02:00
Mrunal Patel
ed9d49f247
container: Add cgroup mount for introspection
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-11 19:17:48 -07:00
Mrunal Patel
6b543be50b
Rename remnants of ocid to crio
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-11 16:19:18 -07:00
Mrunal Patel
e49dd34657
Add support for container pids limit
...
We add a daemon level setting and will add a container
override once it is supported in CRI.
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-11 14:59:52 -07:00
Mrunal Patel
d40883d88c
container: Use ImageVolumes setting at container creation
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-10 13:46:14 -07:00
Mrunal Patel
dc55fd2f14
config: Add ImageVolumes configuration setting
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-10 13:46:14 -07:00
Andrew Pilloud
1a01ca7251
server: inherit rlimits from server
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-07-03 14:49:34 -07:00
Antonio Murdaca
f3f8b67b76
Merge pull request #626 from mrunalp/pod_infra_oom
...
sandbox: Adjust OOM score of infra container to a low value
2017-06-26 18:38:50 +02:00
Antonio Murdaca
d1850d9993
Merge pull request #629 from mrunalp/oci_id
...
oci: Use container ID as ID instead of container name
2017-06-25 13:14:26 +02:00
Mrunal Patel
510d7d97d4
Merge pull request #605 from apilloud/hostport
...
server: Add support for hostPorts
2017-06-24 10:28:28 -07:00
Mrunal Patel
67504a02d5
oci: Use container ID as ID instead of container name
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-24 08:31:41 -07:00
Mrunal Patel
975347b874
container: Add containerID to annotations for the container
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-23 09:31:13 -07:00
Mrunal Patel
cb4c566fac
sandbox: Adjust OOM score of infra container to a low value
...
This matches the current kube behavior. This will probably
be provided over the CRI at which point we won't have to
define a constant in cri-o code.
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-23 09:24:53 -07:00
Andrew Pilloud
17359e34a6
server: init iptables without kube
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Andrew Pilloud
28cd8bde49
server: Hookup kubelet hostport
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Antonio Murdaca
6035cff9e4
server: standardize on naming
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-22 11:55:03 +02:00
Antonio Murdaca
94a457d46a
sandbox_run: need to stop sandbox before removing it on conflict
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-18 11:42:07 +02:00