Commit graph

2176 commits

Author SHA1 Message Date
Samuel Ortiz
c676b7b6c3 ocic: Initial implementation for ocic ctr exec
We use the k8s remotecommand client API to create a
streaming executor, and then stream the executed process
into stdout/stderr.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-24 18:44:49 +02:00
Jacek J. Łakis
0ba2be0dc8 lint: fix shadowing
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:49 +02:00
Jacek J. Łakis
b4e9023102 exec: Add endpoint for streaming server
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:49 +02:00
Jacek J. Łakis
203a52487c server: Start streaming server
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:48 +02:00
Jacek J. Łakis
70a51fe7f5 server: Add streamService to server
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:48 +02:00
Jacek J. Łakis
b75b6f6e4b container: add exec command prototype
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:48 +02:00
Jacek J. Łakis
3babbf0de1 ocic: Add container exec command
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
2017-04-24 18:44:40 +02:00
Jacek J. Łakis
bf51655a7b vendor: Update vendoring for the exec client and server implementations
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-24 18:38:41 +02:00
Mrunal Patel
d25b88583f Merge pull request #465 from mrunalp/bug/systemd_conmon
conmon: Fix logic for enabling systemd cgroups
2017-04-24 07:31:50 -07:00
Antonio Murdaca
152f7d077d Merge pull request #468 from sameo/topic/hosts
container: Bind mount hosts file for host networking containers
2017-04-22 09:57:32 +02:00
Samuel Ortiz
3b691d085c container: Bind mount hosts file for host networking containers
Fixes #451

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-22 04:04:38 +02:00
Mrunal Patel
5fe841c19d Merge pull request #467 from mrunalp/pause_warning
pause: Fix compilation warning
2017-04-21 17:23:22 -07:00
Mrunal Patel
8219f30f28 pause: Fix compilation warning
psignal needs a feature check macro

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-04-21 16:17:53 -07:00
Mrunal Patel
e395afe093 conmon: Fix logic for enabling systemd cgroups
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-04-21 14:20:17 -07:00
Antonio Murdaca
5dd2e10028 Merge pull request #462 from runcom/storage-tests
test: make storage configurable via env
2017-04-21 16:59:20 +02:00
Mrunal Patel
324cc4bf73 Merge pull request #463 from runcom/fix-net-test
test: fix bats dealing with std* streams
2017-04-21 07:47:02 -07:00
Antonio Murdaca
7985f7ad81
test: fix bats dealing with std* streams
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-04-21 13:42:59 +02:00
Antonio Murdaca
83e1de71dd
test: make storage configurable via env
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-04-21 12:29:39 +02:00
Mrunal Patel
49f3f2ac7f Merge pull request #415 from rhatdan/images
Add kpod image and kpod rmi for the handling of container images.
2017-04-20 15:57:06 -07:00
Antonio Murdaca
339e01ba79 Merge pull request #460 from vbatts/readable_server_fields
server: readable fields
2017-04-21 00:54:35 +02:00
Mrunal Patel
1cb31b801d Merge pull request #459 from vbatts/readable_oci_store
oci: more grep'able interface name
2017-04-20 14:43:30 -07:00
Dan Walsh
c07780a328 Merge branch 'master' of github.com:kubernetes-incubator/cri-o into RemoveAllContainers 2017-04-20 17:33:17 -04:00
Mrunal Patel
0801a68990 Merge pull request #410 from dcbw/default-gopath
build: create a local GOPATH if none specified
2017-04-20 12:03:54 -07:00
f401adffa9
server: readable fields
`git grep -w images` or `git grep -w storage` needs to be more useful.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2017-04-20 08:22:50 -04:00
f1fd06bfc1
oci: more grep'able interface name
`git grep -wi store` is not nearly useful enough. Taking steps for
readability.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2017-04-19 16:12:59 -04:00
Antonio Murdaca
0b48dd5d7f Merge pull request #456 from vbatts/readable-name
pkg/storage: switch to searchable fieldname
2017-04-18 15:12:33 +02:00
aa24e0554d
pkg/storage: switch to searchable fieldname
`image` as a variable/field name becomes too redundant and difficult to
grep for. Switching to `imageServer` makes for more readable code.

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2017-04-18 07:53:53 -04:00
Daniel J Walsh
54ee55493d Need to cleanup all pods on service poweroff
When powering off the system, we want the ocid service, to shutdown
all containers running on the system so they can cleanup properly
This patch will cleanup all pods on poweroff.

The ocid-shutdown.service drops a file /var/run/ocid.shutdown when the system
is shutting down. The ocid-shutdown.service should only be executed at system
shutdown.

On bootup sequence should be
start ocid.service
start ocid-shutdown.service (This is a NO-OP)

On system shutdown
stop ocid-shutdown.service (Creates /var/run/ocid.shutdown)
stop ocid.service (Notices /var/run/ocid.service and stops all pods before exiting.)

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-04-14 06:04:14 -04:00
Antonio Murdaca
7d7570e604 Merge pull request #449 from mrunalp/release_0.2
Release version 0.2
2017-04-13 20:30:55 +02:00
Mrunal Patel
32b546cf0b Release version 0.2
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-04-13 09:50:14 -07:00
Antonio Murdaca
95f683b402 Merge pull request #447 from mrunalp/update_spec
Update runtime-spec to v1.0.0.rc5
2017-04-13 13:22:01 +02:00
Mrunal Patel
24df2538db Update runtime-spec to v1.0.0.rc5
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-04-12 19:15:53 -07:00
Mrunal Patel
b6c022caae Merge pull request #434 from sameo/topic/ocicni-fixes
ocicni: support for asynchronous CNI config changes
2017-04-12 14:02:26 -07:00
Antonio Murdaca
a8b73e7583 Merge pull request #445 from cyphar/conmon-split-stderr
conmon: split std{out,err} pipe for !terminal containers
2017-04-12 21:01:42 +02:00
Aleksa Sarai
6940313691
test: add tests for split std{err,out}
Now that we have support for split std{out,err}, make sure that execsync
will correctly handle the split stdio properly. In addition, extend the
ctr logging test to make sure that the regular container logging is also
split correctly. We can't test !terminal containers because we only have
a single console for both std{out,err}.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-12 21:59:25 +10:00
Aleksa Sarai
87faf98447
oci: make ExecSync handle split std{out,err}
Now that conmon splits std{out,err} for !terminal containers, ExecSync
can parse that output to return the correct std{out,err} split to the
kubelet. Invalid log lines are ignored but complained about.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-12 21:59:25 +10:00
Aleksa Sarai
d4c9f3e6dc
conmon: split std{out,err} pipe for !terminal containers
While it's not currently possible to do this for terminal=true
containers, for !terminal containers we can create separate pipes for
stdout and stderr, and then log them separately. This is required for
k8s's conformance tests.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-12 21:59:24 +10:00
Aleksa Sarai
35a6403604
*: build with C99
It's 2017, let's not stick with C89 (also for some reason the Travis
environment has a different -std= default value than my local machine).

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-12 21:59:16 +10:00
Mrunal Patel
5589f929c0 Merge pull request #443 from runcom/expose-mount-cstatus
server: expose mounts in container status
2017-04-11 09:01:37 -07:00
Mrunal Patel
7d329bcfde Merge pull request #436 from cyphar/conmon-sane-line-endings
conmon: handle multi-line logging
2017-04-11 08:36:30 -07:00
Antonio Murdaca
7081620128
server: expose mounts in container status
Fix 5 more tests from k8s's conformance tests
```
Ran 5 of 213 Specs in 76.068 seconds
SUCCESS! -- 5 Passed | 0 Failed | 0 Pending | 208 Skipped PASS
```

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-04-11 16:51:09 +02:00
Aleksa Sarai
afadd0aab9
conmon: handle multi-line logging
The CRI requires us to prepend (timestamp, stream) to every line of the
output, and it's quite likely (especially in the !terminal case) that we
will read more than one line of output in the read loop.

So, we need to write out each line separately with the prepended
timestamps. Doing this the simple way (the final part of the buffer is
written partially if it doesn't end in a newline) makes the code much
simpler, with the downside that if we ever switch to multiple streams
for output we'll have to rewrite parts of this.

In addition, drop the debugging output of cri-o for each chunk read so
we stop spamming stderr. We can do this now because 8a928d06e7
("oci: make ExecSync with ExitCode != 0 act properly") actually fixed
how ExecSync was being handled (especially in regards to this patch).

Fixes: 1dc4c87c93 ("conmon: add timestamps to logs")
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-11 20:32:24 +10:00
Aleksa Sarai
8a928d06e7
oci: make ExecSync with ExitCode != 0 act properly
Previously we returned an internal error result when a program had a
non-zero exit code, which was incorrect. Fix this as well as change the
tests to actually check the "ExitCode" response from ExecSync (rather
than expecting ocic-ctr to return an internal error).

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2017-04-11 20:32:18 +10:00
Mrunal Patel
32750cd3f3 Merge pull request #440 from runcom/image-pull-secret
server: add auth info to image pull
2017-04-10 09:42:21 -07:00
Samuel Ortiz
07ccda3395 tests: Install CNI configuration files by default
Since we no longer fall back to the noop plugin when
CNI configuration files are missing, and since the default
sandbox_config.json test file is running without host
networking, we must install the bridge and loopback
configuration files by default for tests to pass.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-10 17:36:34 +02:00
Samuel Ortiz
63c7a7c99b ocicni: Support asynchronous network config creation
We need to support cases where InitCNI() is called before
any CNI configuration files have been installed. This is
for example happening when deploying a k8s cluster with kubeadm.
kubeadm will start the DNS pod and it is left to the caller to
pick a network overlay and create the corresponding pods, that
will typically install a CNI configuration file first.

Here we address that issue by doing 2 things:

- Not returning an error when the default CNI config files
  directory is empty.
- If it is empty, we start a monitoring thread (fsnotify based)
  that will synchronize the network configuration when a CNI
  file is installed there.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-10 17:36:28 +02:00
Antonio Murdaca
05cde3e759
server: add auth info to image pull
Fix the following upstream k8s's e2e-node test:
```
should be able to pull from private registry with secret [Conformance]
```

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-04-10 17:09:56 +02:00
Samuel Ortiz
bc4ac7ce04 vendor: Add fsnotify and remove glog
fsnotify is needed by the new ocicni monitoring implementation.
As ocicni switched to logrus, glog is no longer needed.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-06 23:06:36 +02:00
Samuel Ortiz
71cfd850f7 ocicni: Convert logs to logrus
To be consistent with the rest of the CRI-O logs, and to be able
to set the ocicni verbosity, we convert it from glog to logrus.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-06 23:06:36 +02:00
Antonio Murdaca
88be3a2f91 Merge pull request #435 from surajssd/print-pid-int
Print received container pid as int
2017-04-06 18:49:32 +02:00