Commit graph

2044 commits

Author SHA1 Message Date
Nalin Dahyabhai
82c90747c2 Don't double-free an UnparsedSource
github.com/containers/image.FromUnparsedImage() "takes ownership" of the
UnparsedImage that we pass to it, so we shouldn't also Close() the
UnparsedImage ourselves after we've wrapped it up in an Image object.

Since creating an Image is the only thing we do with the UnparsedImage
after creating it from a SourceImage, just use the FromSource() function
to handle both steps at once.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-26 15:52:51 -04:00
Mrunal Patel
93f1ec3b1f Merge pull request #691 from mheon/remove_server_state
Move remaining server state to libkpod
2017-07-26 11:25:34 -07:00
Mrunal Patel
1f40531dca Make the profile port configurable
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-26 10:57:55 -07:00
Nalin Dahyabhai
7e9ac9700b Avoid duplicate image configuration parsing logic
Don't bother trying to find and parse the image's configuration blob
after we've already done it; just reuse the value.  This frees us from
making the assumption that the last blob which was committed to local
storage was the image's configuration blob.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-26 12:43:22 -04:00
Nalin Dahyabhai
8957156c41 Parse out image names as repotags and repodigests
Parse the set of image names as tagged references, canonical references,
or repository names to which we add the default tag, and return them in
libkpod.ImageData reports.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-26 12:43:22 -04:00
Mrunal Patel
120af8ef01 Merge pull request #692 from nalind/api-usage
Fix a couple of bugs in our use of containers/storage and containers/image
2017-07-26 09:35:11 -07:00
Nalin Dahyabhai
3747048aa4 Don't leak containers/image Image references
In-memory image objects created using an ImageReference's NewImage()
method need to be Close()d.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-25 13:30:54 -04:00
Nalin Dahyabhai
2e50006f1c Avoid using lower-level storage APIs
Switch from using the lower-level storage APIs (accessing LayerStore,
ImageStore, and ContainerStore types directly) in favor of the
higher-level ones that take care of synchronization and locking for us.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-25 13:29:49 -04:00
Matthew Heon
158893bd1a Move Pod ID and Name indexes into libkpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-25 11:46:22 -04:00
Matthew Heon
ece055327a Move Sandbox state into libkpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-25 11:46:15 -04:00
Antonio Murdaca
065960386f Merge pull request #676 from 14rcole/libkpod-image
move kpod logic into libkpod/image
2017-07-25 17:39:56 +02:00
Ryan Cole
18f94f38ba Remove GetImage() and make rmi use more robust FindImage()
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-25 09:02:45 -04:00
Mrunal Patel
8fd089c570 Merge pull request #685 from 14rcole/libkpod-serverfunctions
Libkpod serverfunctions
2017-07-24 16:29:31 -07:00
Mrunal Patel
4cce851851 Merge pull request #688 from giuseppe/conmon-do-not-leave-zombies
conmon: use waitpid to wait for terminated processes
2017-07-24 14:50:17 -07:00
Ryan Cole
c1706475c0 move functions supporting rmi command to libkpod/image
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 16:17:26 -04:00
Ryan Cole
0f44ff1d3b move functions supporting images command to libkpod/image
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:35:36 -04:00
Ryan Cole
df7536e3c0 move PushImage and PullImage to libkpod/image
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:35:36 -04:00
Ryan Cole
14864f820e move code supporting push, pull, and inspect to libkpod and libkpod/image
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:35:36 -04:00
Ryan Cole
2c1fd1ad3f move container-related functions out of kpod and into libkpod
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:34:55 -04:00
Ryan Cole
a68a981d0b move image-related functions out of cmd/kpod/common.go and into libkpod/image
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:34:55 -04:00
Ryan Cole
95e17b4a73 move driver and image metadata to libkpod
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:34:55 -04:00
Ryan Cole
314d55f284 move shutdown function into libkpod and have server call in to it
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 14:32:02 -04:00
Mrunal Patel
a95bbe9608 Merge pull request #687 from nalind/vendor
Bump vendored containers/image, containers/storage, and add ostreedev/ostree-go
2017-07-24 11:07:08 -07:00
Nalin Dahyabhai
eebbd6a098 Add notes to README.md about needing ostree-dev
Add notes to README.md about needing to install ostree-devel, or
libostree-dev, or building ostree from source.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-24 13:03:09 -04:00
Nalin Dahyabhai
1e1d6a512f Build with ostree
Build using a locally-built copy of ostree in testing setups.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-24 13:03:07 -04:00
Dan Walsh
d76645680f Bump image, storage, and image-spec
Bump containers/image (pulling in its new dependency on ostree-go),
containers/storage, and updated image-spec.

This pulls in the OCI v1.0 specifications and code that allows us to
support 1.0 images.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-24 13:01:54 -04:00
Mrunal Patel
5138691c3b Merge pull request #684 from giuseppe/fix-makefile-tests-rule
Makefile: do not rebuild tests every time "make" runs
2017-07-24 09:44:32 -07:00
Ryan Cole
4fe17ee16d Update libkpod New()
update libkpod's New() function to use a config struct, and update
server.New() to call into libkpod.New()

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:39 -04:00
Ryan Cole
49ed4ab710 move reserve/release container name into libkpod
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:31 -04:00
Ryan Cole
d625e0e468 move containerState to/from disk to libkpod
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-24 10:35:20 -04:00
Giuseppe Scrivano
595b0557f3 conmon: use waitpid to wait for terminated processes
During my testing in OpenShift I've noticed that conmon leaves some
zombies processes.  The reason is that we are using
PR_SET_CHILD_SUBREAPER in conmon and runC forks a new process (runc
init) each time we start a container.  Using g_child_watch_add only on
the main runc process and on the container process is not enough as we
do not cleanup any other zombie process.

Since glib doesn't allow to catch SIGCHLD and to better integrate in the
existing code, catch it with signal(2) then raise a SIGUSR1 that glib
handles.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2017-07-24 14:50:50 +02:00
Giuseppe Scrivano
55310f9a95 conmon: do not fail if waitpid is interrupted
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2017-07-23 18:55:16 +02:00
Mrunal Patel
1aa0d5da86 Merge pull request #686 from sak0/dev
crioctl ctr stop: enable timeout input
2017-07-22 13:22:13 -07:00
Giuseppe Scrivano
a30f84906c Makefile: do not rebuild tests every time "make" runs
bin2img/checkseccomp/copyimg are file targets and should not be .PHONY.
This prevents to build them if not necessary.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2017-07-22 11:37:24 +02:00
Mrunal Patel
c66c633b77 Merge pull request #682 from nalind/build-flags
Build all of our binaries with the same build tags
2017-07-21 19:23:16 -07:00
Nalin Dahyabhai
375ffaee03 Build all of our binaries with the same build tags
Build all of our binaries with the same build tags and the same LDFLAGS.
This means we add $(LDFLAGS) to bin2img, copyimg, and cri-o,
$(BUILDTAGS) to kpod, and both to crioctl and checkseccomp.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-21 10:28:10 -04:00
Mrunal Patel
7b69d43198 Merge pull request #675 from 14rcole/sandbox-package
Move sandbox into its own package
2017-07-21 07:18:00 -07:00
Mrunal Patel
0e17bf4659 Merge pull request #648 from 14rcole/kpod-inspect
Implement `kpod inspect`
2017-07-21 07:12:08 -07:00
Mrunal Patel
b28b297d8e Merge pull request #680 from nalind/vfs-over-aufs
Force use of the "vfs" driver when testing on AUFS
2017-07-21 07:06:29 -07:00
Mrunal Patel
3a66d70632 Merge pull request #681 from nalind/apparmor-ci
Fix integration tests on systems with apparmor
2017-07-21 07:04:35 -07:00
CuiHaozhi
13fd708f04 crioctl ctr stop: enable timeout input
Signed-off-by: CuiHaozhi <cuihz@wise2c.com>
2017-07-21 09:48:22 -04:00
Ryan Cole
d50dba979e Move sandbox into its own package
If sandbox is in the same package as server, there will be a circular dependency when
kpod create is implemented

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-21 08:15:55 -04:00
Ryan Cole
0d4305a261 Implement kpod inspect
kpod inspect allows the user to view low-level information about
containers and images

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-21 08:11:27 -04:00
Nalin Dahyabhai
d1099a6cc5 Fix integration tests on systems with apparmor
When the integration test image is run on a system with apparmor
enabled, it needs binaries from the 'apparmor' package, so ensure that
it's always there.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-20 17:32:18 -04:00
Nalin Dahyabhai
4ebcd650e0 Force use of the "vfs" driver when testing on AUFS
Basically none of the clever storage drivers will work when we're on top
of AUFS, so if we find ourselves in that situation when running tests,
default to storage options of "--storage-driver vfs".

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-20 17:29:38 -04:00
Mrunal Patel
3b295967f1 Merge pull request #636 from 14rcole/kpod-push
Add `kpod push` command
2017-07-20 12:44:21 -07:00
Ryan Cole
680f7a6106 Add kpod push command
Push an image to a specified location, such as to an atomic registry
or a local directory

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 11:12:40 -04:00
Antonio Murdaca
ab1fef9e1f Merge pull request #667 from 14rcole/containerserver-state
move container state to libkpod
2017-07-20 16:42:31 +02:00
Antonio Murdaca
f8f9488e02 Merge pull request #673 from mrunalp/runtime_spec_v1
Update to OCI runtime spec v1.0.0
2017-07-20 14:33:01 +02:00
Ryan Cole
bd540ac94c Separate container state from sandbox state in server
Move container state data to libkpod, separate from the sandbox
data in server.  However, the move was structured such that sandbox
data could easily be moved over into libkpod in the future

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 08:18:55 -04:00