Commit graph

475 commits

Author SHA1 Message Date
Mrunal Patel
4a7ea899b0 Don't share container UTS namespace with pod
kubernetes doesn't share the UTS namespace

Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-18 14:17:57 -07:00
Mrunal Patel
5e7d96bd6a Add server side pod filtering support
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-17 12:24:57 -07:00
Mrunal Patel
01c8785ea4 Use Set instead of map for storing pod labels
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-17 11:28:48 -07:00
Mrunal Patel
d2cae34243 Add server side container label filtering
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-13 17:01:31 -07:00
Mrunal Patel
09049fc357 Filter containers by id, pod id and state in container list
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-13 12:40:02 -07:00
Antonio Murdaca
8a9395964e
server/sandbox: fix add/release pod/ctr ids and names
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-13 18:48:23 +02:00
Mrunal Patel
e999610fd6 Merge pull request #115 from cyphar/toml-config
cmd: server: use TOML configuration file
2016-10-11 16:07:25 -07:00
Antonio Murdaca
be2b0cfa50
server/server: skip f no sandbox when restoring containers
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-12 00:36:34 +02:00
Crazykev
f6536bf30e pod/container name should be released when create failed
Signed-off-by: Crazykev <crazykev@zju.edu.cn>
2016-10-11 20:19:51 +08:00
Aleksa Sarai
7bf5110b76
server: refactor to use Config struct
This paves the way for having a configuration file that is loaded rather
than everything being set via the command-line.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-11 03:10:32 +11:00
Antonio Murdaca
cfa4a341a6
server/container: fix bug when listing container IDs
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-08 14:55:25 +02:00
Antonio Murdaca
217d278623
server/server: check pods/ctrs directories before restore
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-08 14:46:39 +02:00
Antonio Murdaca
54d6ddb5af
server: containers restore
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-08 14:46:39 +02:00
Antonio Murdaca
7c6eb77224 Merge pull request #110 from mrunalp/pod_meta
Return pod metadata in pod list and status APIs
2016-10-07 20:44:40 +02:00
Dan Walsh
cd12a4acfe Can't use SELinux separation when sharing the host pid/ipc namespace
SELinux will cause breakage when sharing these namespaces.  For example it
will block processes inside of the container from looking at the hosts /proc
in hosts Pid Namespace.  It will also block all access to semaphores and
shared memory defined outside of the pod.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-07 07:28:12 -04:00
Antonio Murdaca
fbcd609644 Merge pull request #109 from mrunalp/get_sb
Refactor to use helper method to get sandbox from request
2016-10-07 09:44:00 +02:00
Mrunal Patel
d1198fc75b Populate pod metadata in pod list and status APIs
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 16:51:13 -07:00
Mrunal Patel
d7e72cb3a2 Refactor to use helper method get sandbox object
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:34:05 -07:00
Mrunal Patel
ec0b27fffc Add a helper method to get sandbox from request
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:34:05 -07:00
Mrunal Patel
77afd34a27 Container state fixes
Move Container State constants to oci package
and fixup where strings were used instead of
the status constants

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:16:21 -07:00
Mrunal Patel
f6a12b865c Refactor to use new helper method to get Container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 12:49:59 -07:00
Mrunal Patel
a56cbb4117 Add a helper to get container from request
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 12:49:04 -07:00
Mrunal Patel
027aaf15b7 Merge pull request #100 from rhatdan/selinux
Selinux
2016-10-06 12:28:12 -07:00
Dan Walsh
be77b841fa Add SELinux support to OCID
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-06 14:13:06 -04:00
Mrunal Patel
0321870568 Cleanup container directory and state on creation failure
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 11:12:39 -07:00
Antonio Murdaca
a5da8a4d1e Merge pull request #97 from mrunalp/ctr_dir_id
Use container ID as the directory name
2016-10-05 23:02:25 +02:00
Mrunal Patel
e82426fa8f Use container ID as the directory name
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-05 12:18:56 -07:00
Mrunal Patel
869f85e4bb Add support for specifying container short IDs
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-05 11:55:45 -07:00
Mrunal Patel
edba913f67 Track container IDs in index
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-05 11:31:41 -07:00
Mrunal Patel
0482a4281a Separate container IDs from container names
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-04 16:57:12 -07:00
Mrunal Patel
484719c8fe Add a function to generate container id and name
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-04 16:15:23 -07:00
Mrunal Patel
3e19549232 Add name and id indexes for containers
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-04 16:00:04 -07:00
Aleksa Sarai
bac579a9e5
server: create pause rootfs manually without Docker
This lessens the Docker requirement for creating sandboxes (with the
requirement only existing for the actual image pulling that is done when
adding a container to a pod). The interface was chosen to match the
--conmon interface, so that the location of the pause binary can be
chosen by a user.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-02 20:11:07 +11:00
Antonio Murdaca
3697a61db9 Merge pull request #84 from mrunalp/pod_attempt
Include attempt in the pod name
2016-10-01 01:06:00 +02:00
Mrunal Patel
d5a8d1bae3 Add annotations for pods
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 15:48:31 -07:00
Mrunal Patel
581c17169c Include attempt in the pod name
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 15:23:38 -07:00
Mrunal Patel
50bea08c50 Remove containers from state on pod remove
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 12:23:48 -07:00
Dan Walsh
f51c98b057 Install conmon in /usr/libexec/ocid/conmon
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-09-29 08:55:12 -04:00
Mrunal Patel
1b3d172377 Ensure containers are stopped on RemovePod
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-28 13:12:38 -07:00
Mrunal Patel
72ac4fe33e Stop container first if it is running on RemoveContainer
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-28 12:24:12 -07:00
Mrunal Patel
e47189c148 Add server impl for listing containers
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-27 15:17:41 -07:00
Antonio Murdaca
4578cc93d1
server: fix panic when listing sandboxes
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-27 10:46:45 +02:00
Antonio Murdaca
f7d3f7a69a Merge pull request #59 from mrunalp/pod_create_bug
Pod create bug
2016-09-27 09:13:40 +02:00
Antonio Murdaca
df2eebbbcd Merge pull request #58 from mrunalp/sb_short_id
Pod short ID
2016-09-27 07:51:54 +02:00
Mrunal Patel
4606f2a61a Fix the build for ocid to cri-o rename
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 16:55:12 -07:00
Mrunal Patel
3245810bd6 Release pod name when pod is removed
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:42:08 -07:00
Mrunal Patel
78aae688e2 Add API to release Pod name when not required
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:41:58 -07:00
Mrunal Patel
e1b8802848 Fix typo 2016-09-26 15:31:06 -07:00
Mrunal Patel
833333538e Allow specifying short pod IDs for container create
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:24:33 -07:00
Mrunal Patel
2e387072ac Allow specifying pod IDs by unique prefixes
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:24:23 -07:00
Mrunal Patel
ecda01c284 Add server impl of list pod sandboxes
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 12:45:53 -07:00
Mrunal Patel
7c9aaf34cd Introduce consts for containers states
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 12:44:24 -07:00
Mrunal Patel
204b2a645b Populate state in pod status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 11:18:35 -07:00
Antonio Murdaca
ab05a4526b
vendor: bump k8s@5fe2495588425a6613e28a048d8cc7bcb7513c7f
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-26 10:07:46 +02:00
Antonio Murdaca
857aaa7816
cmd/server: provide a flag to set ocid root dir
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-24 00:38:06 +02:00
Mrunal Patel
5475f6b32b Fix lint error
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:06:12 -07:00
Mrunal Patel
99a7a53309 Cleanup comments
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:05:23 -07:00
Mrunal Patel
b839ff1093 Fixup pod sandbox status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:05:18 -07:00
Mrunal Patel
6eab35c6b5 Fixup remove sandbox logic
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:04:45 -07:00
Mrunal Patel
2066b68791 Fixup stop sandbox logic
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:04:07 -07:00
Mrunal Patel
688f689736 Include pod namespace in the pod name
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 11:42:45 -07:00
Antonio Murdaca
97f5f809a4
server/sandbox: return id after creation
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:18:58 +02:00
Antonio Murdaca
569183030f
fix vendored deps
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
e269cb8b7e
new vendoring
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
32029aaba6
id and name indexes for pods
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Mrunal Patel
0ba5dfc15a Automate the creation of the pod sandbox rootfs
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-20 15:45:46 -07:00
Mrunal Patel
19926bc905 Check if container in a pod is already stopped before stopping it
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-19 14:01:48 -07:00
Mrunal Patel
8d3b9971e7 Increase the deadline to 30 seconds in lint and fix lint errors
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-19 13:13:53 -07:00
Antonio Murdaca
b053e63995
restore server rewrite
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:57:50 +02:00
Antonio Murdaca
22d434c1e6
restructure and make lint
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:56:13 +02:00
Antonio Murdaca
53e76cc752
warn when cannot update container status on server init
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:51:03 +02:00
Antonio Murdaca
260a7adb83
server/runtime: store sandbox id in container's annotations
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:51:03 +02:00
Antonio Murdaca
caae4b298a
create sandboxdir on server startup
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:51:03 +02:00
Antonio Murdaca
4fd1c583ad
sandboxes restore on server start
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:51:03 +02:00
Antonio Murdaca
35ef46f805
use an in memory store for containers
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 13:11:36 +02:00
Antonio Murdaca
59aae8cdb5
*: Failed -> failed in errors
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-18 11:38:14 +02:00
Antonio Murdaca
4bc8701fc0
*: switch from godep to glide
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-17 17:06:30 +02:00
Mrunal Patel
0d7b500cee Merge pull request #20 from runcom/locks
server: locking around server components
2016-09-17 08:04:02 -07:00
Antonio Murdaca
158dfdfbda
server: locking around server components
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-17 16:10:35 +02:00
Antonio Murdaca
2d8691cb0a
server: remove podsandbox on failure
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-17 11:37:20 +02:00
Mrunal Patel
f7f02009c2 Report exit code and finish time on container status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-16 16:33:33 -07:00
Mrunal Patel
6e05f772ed Add a property to track whether a container needs terminal
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-15 15:01:39 -07:00
Mrunal Patel
61ae296fe9 Update state after creating container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-13 13:51:29 -07:00
Mrunal Patel
819db7d8cc Return the started time and ctr state with ctr status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-12 15:43:30 -07:00
Mrunal Patel
76225afe5f Add server support for basic container status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-12 15:03:03 -07:00
Mrunal Patel
30b526376a Fix error message
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-12 14:43:16 -07:00
Mrunal Patel
bbe5325afc Fix the build to account for the change in repository
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:48:39 -07:00
Rajat Chopra
4cf737bb7d add cni networking with noop plugin as default
Signed-off-by: Rajat Chopra <rchopra@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
9cb0813d1e Server changes for supporting pod status
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
303a3929b2 Update the kubernetes api to latest
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
219fb703dc Remove container directories on pod sandbox removal
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
2eafad8a36 Refactor namespace joining
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
3e1bb97053 Join the namespaces of pod infra container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
4ee041a1c1 Fix container removal state tracking
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
0c386f74f9 Track container removal in state
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
6bbdbdeed8 Remove container directory
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
25a73811ee Add server impl for RemoveContainer
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
f1e4ee3c95 Add server impl for StopContainer
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
9a034d8993 Add implementation for starting container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
b494574b6a Add implementation for removing pod sandbox
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
c0048118a0 Add implementation for Stop Pod Sandbox
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
b01d9dcc10 Make the server process a reaper
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
eb00fa71c1 Start the pod infra container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
a26c0eb992 Create pod infra container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
8296898937 Fix logic for using host namespaces
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
18cd2bc87b Setup defaults for the pod sandbox container
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
c2ee13d187 Implement CreateContainer
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
f569f04154 godep: Update kubernetes dependency to get latest API
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
c5d0f23e5a server: ensure /var/lib/ocid/images exists
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
fc3b7b5aae Setup the server as subreaper for child processes
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
c13dbaf6ab Further refactoring
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
0bb2fb04d9 update generate functions
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
764f02ca11 Add container dir to oci
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
ac1340488d Refactor to add oci and util packages
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

Change the sandbox directory path

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
839463d837 set up CPU and Memory resources
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
b98900eb55 parse DNSOptions
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
c0a267bf56 Fixes
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
819d76b6fd Add first version of createPodSandbox
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
05f679f643 implement raw pullimage functionality
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
06e013cd3d *: abstractions and ImageService
plus some fix here and there

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
713bbabc61 server,cmd: fix error handling
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
90a446e2a5 Import ocitools/generate library
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
32876892fc Refactor runtimeversion to be a command instead of option
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
5c4a79543f Add Server.Version and cmd/client test code
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
e93156e71e Add stubs for server implementation
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00