Commit graph

1797 commits

Author SHA1 Message Date
Mrunal Patel
62c9caeb83 oci: Add debugs for container create failures
This makes it easier to debug container creation failures
by looking at cri-o logs.

Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-14 07:33:07 -07:00
Mrunal Patel
6a79d25e8c lint: Increase lint timeout to 600 seconds
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-14 07:32:37 -07:00
Antonio Murdaca
0dfec710f2
container_create: net files must be ro when rootfs is ro
we were blindly applying RO mount options but net addons like calico
modify those files.
This patch sets RO only when container's rootfs is RO, same behavior as
docker.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-14 15:31:34 +02:00
Antonio Murdaca
d2e1d559b7
container_create: just mkdir on image's volumes
tmpfs'es can override whatever there's on the container rootfs. We just
mkdir the volume as we're confident kube manages volumes in container.
We don't need any tmpfs nor any complex volume handling for now.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-14 15:31:31 +02:00
Samuel Ortiz
53ee423192 sandbox_remove: Do not error out when CNI tear down fails
We don't want to have lingering pods because of CNI failures.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-06-14 14:58:10 +02:00
Antonio Murdaca
de0013a2de Merge pull request #591 from mrunalp/readme_runc_version
readme: Fix the required version of runc
2017-06-14 14:46:55 +02:00
Mrunal Patel
066ced207f readme: Fixed the required version of runc
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-06-13 14:29:51 -07:00
Antonio Murdaca
e3170caa2e Merge pull request #593 from sameo/topic/cni
tutorial: Fix CNI plugins URL
2017-06-13 16:59:07 +02:00
Mrunal Patel
bca3f6262a Merge pull request #590 from apilloud/ipv6only
server: add --bind-address flag
2017-06-13 07:42:02 -07:00
Samuel Ortiz
9074d57439 tutorial: Fix CNI plugins URL
And make it clear that we're building the plugins and not only the core
library.

Fixes #592

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-06-13 16:12:07 +02:00
Andrew Pilloud
c77b5fbea8 Add stream-address and stream-port flags to crio
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-12 16:12:36 -07:00
Antonio Murdaca
67306aff8f Merge pull request #588 from mrunalp/update_roadmap
readme: Update the roadmap to reflect current status
2017-06-13 00:23:47 +02:00
Mrunal Patel
b347a50fa4 Merge pull request #589 from sameo/topic/cni
contrib/cni: Fix README link
2017-06-12 14:59:02 -07:00
Samuel Ortiz
0fb682641b contrib/cni: Fix README link
The CNI plugins are now living in a repo of their own.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-06-12 23:14:35 +02:00
Mrunal Patel
0f4aeef288 readme: Update the roadmap to reflect current status
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-12 10:58:51 -07:00
Mrunal Patel
2a6db15113 Merge pull request #584 from runcom/start-failed
adjust status on container start failure
2017-06-12 07:26:22 -07:00
Antonio Murdaca
b211061016
copy using bytes pools
Vendor and use docker/pkg/pools.
pools are used to lower the number of memory allocations and reuse buffers when
processing large streams operations..

The use of pools.Copy avoids io.Copy's internal buffer allocation.
This commit replaces io.Copy with pools.Copy to avoid the allocation of
buffers in io.Copy.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-12 12:53:23 +02:00
Antonio Murdaca
0b2f6b5354
adjust status on container start failure
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-12 12:48:50 +02:00
Mrunal Patel
86a35a1c12 Merge pull request #581 from runcom/readme-irc
README.md: add communication paragraph
2017-06-09 14:52:48 -07:00
Mrunal Patel
b8130b6852 Merge pull request #582 from runcom/fix-logrus
sandbox_status: Infof->Debugf response
2017-06-09 14:18:00 -07:00
Antonio Murdaca
3f56193a15 Merge pull request #577 from runcom/insecure-regisrties
*: support insecure registries
2017-06-09 20:31:43 +02:00
Antonio Murdaca
b5a10084dc
README.md: add communication paragraph
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-09 17:47:13 +02:00
Mrunal Patel
aab6b4e51c Merge pull request #580 from sameo/topic/ocicni
ocicni: Handle create and write events
2017-06-09 07:54:30 -07:00
Antonio Murdaca
cfec2c4cf4
sandbox_run: correct a defer
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-09 13:57:45 +02:00
Antonio Murdaca
e28540ca90
sandbox_status: Infof->Debugf response
This was cluttering the logs on my clusters. The log should be just in
debug mode as we do for every request/response flow.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-09 13:04:33 +02:00
Antonio Murdaca
952ae0db1c Merge pull request #571 from alexlarsson/conmon-glib-mainloop
conmon: Use glib mainloop instead of epoll
2017-06-09 12:03:56 +02:00
Samuel Ortiz
b480336dd7 ocicni: Handle create and write events
By only handling create events, we are breaking plugins that don't
create and write atomically, like weave for example.
The Weave plugin creates the file first and later write to it. We are
missing the second part and never see the final CNI config file.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-06-09 10:19:26 +02:00
Antonio Murdaca
8b53fabcbd
*: support insecure registries
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-09 01:04:29 +02:00
Mrunal Patel
8441dca284 Merge pull request #574 from runcom/smarter-pull
image_pull: check image already pulled
2017-06-08 15:38:08 -07:00
Antonio Murdaca
77fc45e7bc Merge pull request #575 from runcom/unit-after-network-online
contrib: systemd: change After to network-online.target
2017-06-08 22:17:00 +02:00
Mrunal Patel
7cd0ab671d Merge pull request #572 from runcom/fix-processArgs
container_create: fix OCI processArgs assemblement
2017-06-08 11:41:43 -07:00
Alexander Larsson
fcac68bf27 conmon: Handle runc exiting before passing terminal fd
We don't want to block on accepting the terminal fd, because then
we can't detect if runc died before calling out to pass the terminal
fd. To handle this we spin the glib mainloop listening to both the
terminal accept fd and a child pid watch.

Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-08 19:29:52 +02:00
Alexander Larsson
4494d82cfe conmon: Use glib mainloop instead of epoll
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-08 16:21:20 +02:00
Antonio Murdaca
3b545abf12
image_pull: check image already pulled
This is an optimization of our image pull code path. It's basically
how docker handles pulls as well. Let's be smart and check the image in
pull code path as well.
This also matches docker behavior which first checks whether we're
allowed to actually pull an image before looking into local storage.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-08 15:03:27 +02:00
Antonio Murdaca
65d4ac8fc2
container_create: fix OCI processArgs assemblement
This patch fixes the following command:

kubectl run -i --tty centos --image=centos -- sh

The command above use to fail with:

/usr/bin/sh: /usr/bin/sh: cannot execute binary file

That's because we were wrongly assembling the OCI processArgs.

Thanks @alexlarsson for spotting this.

This patch basically replicates what docker does when merging container
config and image config. It also replicates how docker sets processArgs
for the OCI runtime.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-08 11:48:11 +02:00
Antonio Murdaca
6a0aab40cb
contrib: systemd: change After to network-online.target
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-08 01:25:37 +02:00
Mrunal Patel
86b6856faf Merge pull request #573 from rhatdan/manpage
Add missing options from man page
2017-06-07 14:55:50 -07:00
Daniel J Walsh
6fec37d708 Add missing options from man page
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-06-07 21:08:21 +00:00
Antonio Murdaca
45eee4caa8 Merge pull request #570 from mrunalp/detach
Detach
2017-06-07 19:46:21 +02:00
Antonio Murdaca
cb4c6004fc Merge pull request #564 from runcom/vndr-master
vendor: remove dep and use vndr
2017-06-07 10:24:59 +02:00
Mrunal Patel
d0486e542f Support detaching in CRI attach
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-06 20:49:54 -07:00
Mrunal Patel
6e53568d15 conmon: Close client on zero read from attach client
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-06 20:49:54 -07:00
Mrunal Patel
0b6f68479b utils: Add function to allow copying with detach
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-06 20:49:52 -07:00
Antonio Murdaca
148e72d81e
vendor: remove dep and use vndr
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-07 00:04:21 +02:00
Antonio Murdaca
16f44674a4
Makefile: exclude ./vendor from git-validation
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-07 00:04:15 +02:00
Mrunal Patel
7c56d20988 Merge pull request #567 from vbatts/tutorial
tutorial: pull the redis image first
2017-06-06 14:59:27 -07:00
Antonio Murdaca
3f7e8e9884 Merge pull request #546 from mrunalp/cri/attach
Attach
2017-06-06 22:43:06 +02:00
e63bace453
tutorial: pull the redis image first
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2017-06-06 16:00:36 -04:00
Mrunal Patel
8f5f7aa5e2 Add code to handle CRI attach
A goroutine is started to forward terminal resize requests
from the resize channel. Also, data is copied back/forth
between stdin, stdout, stderr streams and the attach socket
for the container.

Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-06 07:36:52 -07:00
Mrunal Patel
1a6825758c conmon: Add control fifo for terminal resize handling
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-06 07:36:52 -07:00