Commit graph

1451 commits

Author SHA1 Message Date
Nalin Dahyabhai
d1099a6cc5 Fix integration tests on systems with apparmor
When the integration test image is run on a system with apparmor
enabled, it needs binaries from the 'apparmor' package, so ensure that
it's always there.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-20 17:32:18 -04:00
Nalin Dahyabhai
4ebcd650e0 Force use of the "vfs" driver when testing on AUFS
Basically none of the clever storage drivers will work when we're on top
of AUFS, so if we find ourselves in that situation when running tests,
default to storage options of "--storage-driver vfs".

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-20 17:29:38 -04:00
Mrunal Patel
3b295967f1 Merge pull request #636 from 14rcole/kpod-push
Add `kpod push` command
2017-07-20 12:44:21 -07:00
Ryan Cole
680f7a6106 Add kpod push command
Push an image to a specified location, such as to an atomic registry
or a local directory

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 11:12:40 -04:00
Antonio Murdaca
ab1fef9e1f Merge pull request #667 from 14rcole/containerserver-state
move container state to libkpod
2017-07-20 16:42:31 +02:00
Antonio Murdaca
f8f9488e02 Merge pull request #673 from mrunalp/runtime_spec_v1
Update to OCI runtime spec v1.0.0
2017-07-20 14:33:01 +02:00
Ryan Cole
bd540ac94c Separate container state from sandbox state in server
Move container state data to libkpod, separate from the sandbox
data in server.  However, the move was structured such that sandbox
data could easily be moved over into libkpod in the future

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-20 08:18:55 -04:00
Mrunal Patel
4128bbd7dc Bump up runtime-spec dependency to v1.0.0
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-19 21:38:05 -07:00
Mrunal Patel
0eb5cd527f Merge pull request #672 from 14rcole/find-godeps-fix
Fix bug in find-godeps
2017-07-19 16:15:52 -07:00
Mrunal Patel
a7c1745aa2 Merge pull request #643 from umohnani8/kpod_history
Add 'kpod history' command
2017-07-19 16:15:28 -07:00
Ryan Cole
1c820fb06f Fix bug in find-godeps
go list {{.Imports}} outputs imports as an array, and the leading
and trailing square brackets can get caught in the name of a package.
Add a pipe in the dependency command to remove the brackets

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-19 16:49:22 -04:00
Mrunal Patel
115fea46cf Merge pull request #670 from sak0/dev
kpod images --digests output align
2017-07-19 12:42:57 -07:00
Mrunal Patel
093660ea68 Merge pull request #669 from 14rcole/sandbox-public
Refactor server sandbox
2017-07-19 12:42:13 -07:00
umohnani8
ad490708a4 Add 'kpod history' command
Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-07-19 15:11:25 -04:00
Mrunal Patel
b4973e1006 Merge pull request #655 from rhatdan/cri-o
We need to support the name cri-o and crio for rpm and systemd
2017-07-19 10:18:44 -07:00
Ryan Cole
3ddf2efae2 Refactor server sandbox
Make sandbox struct and it methods public, and add accessor methods
for the struct fields

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-19 08:53:45 -04:00
Daniel J Walsh
23c66c7bdf We need to support the name cri-o and crio for rpm and systemd
Adding these aliases will make it easier for users who forget to
use crio or cri-o.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-07-19 07:29:36 -04:00
Antonio Murdaca
a82cc428a9 Merge pull request #664 from 14rcole/libkpod-containerserver
Decouple kubernetes-dependent and non-dependent parts of server
2017-07-19 13:29:26 +02:00
CuiHaozhi
8c3950ad6d kpod images --digests output align
Signed-off-by: CuiHaozhi <cuihz@wise2c.com>
2017-07-18 23:07:29 -04:00
Ryan Cole
64ad902480 Decouple kubernetes-dependent an non-dependent parts of server
Move non-kubernetes-dependent portions of server struct to libkpod.
So far, only the struct fields have been moved and not their dependent
functions

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-18 14:23:50 -04:00
Mrunal Patel
2b18d58d60 Merge pull request #666 from tklauser/seccomp-x-sys-unix
Use Prctl() and associated constants from x/sys/unix
2017-07-18 09:58:40 -07:00
Antonio Murdaca
4d6ff0b414 Merge pull request #665 from 14rcole/imagespec-removal
Remove ImageSpec dependency from server
2017-07-18 16:54:11 +02:00
Tobias Klauser
92a51af7ba seccomp: use Prctl() from x/sys/unix
Use unix.Prctl() instead of manually reimplementing it using
unix.RawSyscall. Also use unix.SECCOMP_MODE_FILTER instead of locally
defining it.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-18 15:34:23 +02:00
Tobias Klauser
642f2bb70e vendor: update golang.org/x/sys
Update golang.org/x/sys to get newly added functions and constants which
will be used in successive commits.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-18 15:31:00 +02:00
Antonio Murdaca
e659280298 Merge pull request #652 from vbatts/kpod_info
kpod: info subcommand
2017-07-18 09:58:49 +02:00
Ryan Cole
f3efb850b7 Remove ImageSpec dependency from server
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-17 16:21:56 -04:00
ab36ad50be
kpod: info subcommand
Design: The output of the `info` subcommand ought to be directly
consumable in a format like JSON or yaml.
The structure being a map of sorts.

Each subsection of information being an individual cluster under the
top-level, like platform info, debug, storage, etc.

Even if there are errors under the top level key, the value will be a
map with the key of "error" and the value as the message of the
`err.Error()`. In this way, the command always returns usable output.

Ideally there will be a means for anything that can register info to do
so independently from it being in the single info.go, so this approach
is having a typed signature for the function that gives info, but i'm
sure it could be better.

Current iteration of this outputs the following as a limited user:

```yaml
host:
  MemFree: 711307264
  MemTotal: 2096222208
  SwapFree: 2147479552
  SwapTotal: 2147479552
  arch: amd64
  cpus: 1
  os: linux
store:
  error: 'mkdir /var/run/containers/storage: permission denied'

```

and as root (`sudo kpod info -D`):

```yaml
debug:
  compiler: gc
  go version: go1.7.6
  goroutines: 3
host:
  MemFree: 717795328
  MemTotal: 2096222208
  SwapFree: 2147479552
  SwapTotal: 2147479552
  arch: amd64
  cpus: 1
  os: linux
store:
  ContainerStore:
    number: 1
  GraphDriverName: overlay2
  GraphRoot: /var/lib/containers/storage
  ImageStore:
    number: 1
```

And with the `--json --debug` flag:

```json
{
  "debug": {
    "compiler": "gc",
    "go version": "go1.7.6",
    "goroutines": 3
  },
  "host": {
    "MemFree": 709402624,
    "MemTotal": 2096222208,
    "SwapFree": 2147479552,
    "SwapTotal": 2147479552,
    "arch": "amd64",
    "cpus": 1,
    "os": "linux"
  },
  "store": {
    "ContainerStore": {
      "number": 1
    },
    "GraphDriverName": "overlay2",
    "GraphRoot": "/var/lib/containers/storage",
    "ImageStore": {
      "number": 1
    }
  }
}
```

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2017-07-17 14:23:53 -04:00
Mrunal Patel
3f70873aab Merge pull request #662 from rhatdan/master
Make the README.md more useful in links to man page documentation
2017-07-17 11:03:34 -07:00
Mrunal Patel
2fcc6d574b Merge pull request #663 from runcom/fix-arch-goos
oci: fix type mismatch on some platform/arch
2017-07-17 09:55:22 -07:00
Daniel J Walsh
d43e67ad00 Make the README.md more useful in links to man page documentation
This patch will allow people who go to the github page to easily read
man pages.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-07-17 16:52:14 +00:00
Antonio Murdaca
47ea873253
oci: fix type mismatch on some platform/arch
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-07-17 15:31:19 +02:00
Mrunal Patel
db310e9641 Merge pull request #661 from rhatdan/launch
Remove kpod launch example code
2017-07-15 06:30:30 -07:00
Daniel J Walsh
0bd5f6cebc Remove kpod launch example code
We now have actual kpod code, so no reason to have a not implemented feature.
Especially when we don't intend to create kpod launch.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-07-15 06:54:41 -04:00
Antonio Murdaca
73c5285260 Merge pull request #658 from mheon/lock_to_interface
Replace sync.Mutex with sync.Locker to allow different locks
2017-07-15 10:48:12 +02:00
Antonio Murdaca
f16113a627 Merge pull request #660 from mrunalp/volumes_bind
Add ImagesVolumesBind option
2017-07-15 10:47:10 +02:00
Mrunal Patel
fa5a3a04e0 test: Add a test for image volumes bind mount option
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-07-14 16:57:38 -07:00
Mrunal Patel
d02828e8a6 Support ImageVolumesBind when container is created
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-07-14 16:51:52 -07:00
Mrunal Patel
7443263bd6 Add config for ImageVolumesBind option
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-07-14 15:31:50 -07:00
Matthew Heon
a3c95bf903 Change opLock mutex for containers to sync.Locker
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-14 17:09:08 -04:00
Matthew Heon
4086f2bc37 Replace sync.Mutex with sync.Locker to allow different locks
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-07-14 16:27:12 -04:00
Mrunal Patel
96ebf829c9 Merge pull request #656 from 14rcole/vendor-image
Update vendor for containers/image
2017-07-14 07:19:14 -07:00
Ryan Cole
f15c13efac Update vendor for containers/image
Update the vendored commit for containers/image, because the previous
version did not include the function ListNames() in transports

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-07-14 09:39:13 -04:00
Antonio Murdaca
fa25b381b1 Merge pull request #649 from umohnani8/main
Remove repeated app.Flags in cmd/kpod/main.go
2017-07-12 20:28:51 +02:00
umohnani8
f9b9f92d3f Remove repeated app.Flags in cmd/kpod/main.go
Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-07-12 11:59:45 -04:00
Antonio Murdaca
17584facf0 Merge pull request #641 from mrunalp/pids_limit
Pids limit
2017-07-12 12:39:54 +02:00
Antonio Murdaca
f7206aa86d Merge pull request #647 from mrunalp/rename_to_crio
Rename remnants of ocid to crio
2017-07-12 12:38:28 +02:00
Antonio Murdaca
dd53f5e6bb Merge pull request #635 from tklauser/syscall-to-x-sys-unix
all: Switch from package syscall to golang.org/x/sys/unix
2017-07-12 12:37:11 +02:00
Tobias Klauser
822172a892 all: Switch from package syscall to golang.org/x/sys/unix
The syscall package is locked down and the comment in [1] advises to
switch code to use the corresponding package from golang.org/x/sys. Do
so and replace usage of package syscall where possible (leave
syscall.SysProcAttr and syscall.Stat_t).

  [1] https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24

This will also allow to get updates and fixes just by re-vendoring
golang.org/x/sys/unix instead of having to update to a new go version.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-12 08:18:55 +02:00
Mrunal Patel
288415d31d test: Add test for pids limit
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-11 19:17:48 -07:00
Mrunal Patel
ed9d49f247 container: Add cgroup mount for introspection
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-11 19:17:48 -07:00