Commit graph

2125 commits

Author SHA1 Message Date
Matthew Heon
97ad00b708 Add labels and stop signal to libpod's container code
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-26 11:13:42 -04:00
Antonio Murdaca
584a256388
server: correctly return and close ch from exits routine
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-26 16:55:18 +02:00
Mrunal Patel
b416ee13a0 Merge pull request #1074 from umohnani8/pull_flags
Add --tls-verify, --cert-dir, and --quiet flags to kpod pull
2017-10-25 18:52:50 -07:00
umohnani8
f9992d71a3 Add --tls-verify, --cert-dir, and --quiet flags to kpod pull
Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-25 16:28:18 -04:00
Matthew Heon
1ef3e96974 Fix gofmt and golint issues
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 13:08:49 -04:00
Matthew Heon
3b60d38769 Address review comments
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 12:04:52 -04:00
Matthew Heon
9b563f7970 Update libpod logic for placing containers in pods
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 11:51:45 -04:00
Matthew Heon
88e2acdc4f Add create/start times. Add helpers for locating common files.
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
3262565d61 Add support for setting conmon sockets directory in libpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
872c59da8f Refactor container code in preparation for saving state
Also adds terminal handling code to libpod

Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
241653e152 Add container creation logic to Libpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Daniel J Walsh
8d78e3cfac Merge pull request #1072 from rhatdan/master
Copy CONTRIBUTING.md from skopeo
2017-10-25 07:30:07 -07:00
Daniel J Walsh
e92aec8b97 Merge pull request #1073 from rhatdan/readme
Add ascii cinema to README for login/logout/diff
2017-10-25 07:29:38 -07:00
Daniel J Walsh
fb804f5602 Merge pull request #1015 from umohnani8/authflag
Add authfile flag to pull and push
2017-10-25 06:16:58 -07:00
Daniel J Walsh
17ad51011e Add ascii cinema to README for login/logout/diff
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 13:10:56 +00:00
Daniel J Walsh
14f111bd8d Copy CONTRIBUTING.md from skopeo
We need to tell people about contributing to the CRI-O project

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 13:07:25 +00:00
Daniel J Walsh
a3cd7c422c Merge pull request #1052 from mheon/conmon_socket_as_arg
Make attach sockets directory an argument in Conmon
2017-10-24 21:48:33 -07:00
Daniel J Walsh
c9f837aca1 Merge pull request #1056 from literalice/patch-runcpath
fixes runc install path on Dockerfile
2017-10-24 21:47:24 -07:00
Daniel J Walsh
2e26e9b2ec Merge pull request #1050 from rhatdan/selinux
We need to release the SELinux label when we destroy the sandbox
2017-10-24 21:44:30 -07:00
Daniel J Walsh
2f43183c35 Merge pull request #1068 from nalind/default-store
libpod: set the default Store to match a Runtime
2017-10-24 21:40:56 -07:00
Mrunal Patel
e6d2d60e4d Merge pull request #1065 from nalind/mapsize
Fix a copy/paste error in libpod initializers
2017-10-24 21:02:36 -07:00
Mrunal Patel
cd04b45540 Merge pull request #1067 from nalind/secrets-test
Fixups for crio_secrets.bats
2017-10-24 21:01:56 -07:00
Mrunal Patel
5a4ffef9d3 Merge pull request #1066 from nalind/storage-opts
tests: rename $STORAGE_OPTS to $STORAGE_OPTIONS
2017-10-24 21:01:33 -07:00
Daniel J Walsh
c2c148f18d We need to release the SELinux label when we destroy the sandbox
This will release the MCS Label to be used again.  Only do this if we
don't have another sandbox using the same label.

Also vendor in the latest selinux go bindings, which fixes a leak and
properly reserves the SELinux label we are going to use.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 02:35:20 +00:00
Nalin Dahyabhai
9d0d48b2ce Rename $STORAGE_OPTS to $STORAGE_OPTIONS
Rename our $STORAGE_OPTS variable to $STORAGE_OPTIONS, so that the
storage library doesn't try to use its contents as default driver
options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:52:16 -04:00
Nalin Dahyabhai
a467615423 Fixups for crio_secrets.bats
Remove the directory named by "$MOUNT_PATH", not "MOUNT_PATH".
Run "cat /proc/mounts" instead of "mount" in the test container.
Run "grep" using the "run" helper when we want to capture its output.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:49:55 -04:00
Nalin Dahyabhai
499b2fa180 Fix a copy/paste error in libpod initializers
When copying the GID map at startup, size the map correctly.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:48:47 -04:00
Nalin Dahyabhai
a5fb2b4b11 libpod: set the default Store to match a Runtime
When initializing a Runtime, set the default Store for the
containers-storage transport in the image library to the same one that
we're using, so that the calling process sees the same set of images
in the Runtime that it sees when going through the image library.

Update the kpod_push test so that it no longer has to specify a location
in the destination image reference, since the default should already be
passed to kpod as global options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:47:10 -04:00
Mrunal Patel
863e137bde Merge pull request #1039 from runcom/fix-process-exec
oci: respect process spec on exec
2017-10-24 17:23:58 -07:00
Matthew Heon
e66da6046d Rename conmon argument to socket-dir-path
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 18:28:53 -04:00
Masatoshi Hayashi
9191a994fc fixes runc install path on Dockerfile
In the config file (/etc/crio/crio.conf) installed by `make install.config` , runc runtime path is specified "/usr/bin/runc"

Signed-off-by: Masatoshi Hayashi <literalice@monochromeroad.com>
2017-10-25 07:23:13 +09:00
Nalin Dahyabhai
4af9ae4bc2 kpod_kill.bats: drop redundant variables
Drop duplicate definitions of variables that are already defined in
helpers.bash.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 18:17:15 -04:00
Antonio Murdaca
c316e5d8cf
oci: respect process spec on exec
This patch fixes exec to use the original (start-time) process exec
configuration. Otherwise, we were creating a brand new spec process w/o
additional groups for instance.
Spotted while integrating CRI-O with cri-test...The test was failing
with:
```
• Failure [10.640 seconds]
[k8s.io] Security Context
/home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/framework/framework.go:72
  bucket
  /home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/validate/security_context.go:407
    runtime should support SupplementalGroups [It]
    /home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/validate/security_context.go:272

    Expected
        <[]string | len:1, cap:1>: ["0"]
    to contain element matching
        <string>: 1234
```

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-24 22:39:17 +02:00
umohnani8
d855e2c8ad Add authfile flag to pull and push
Push and pull can now access any cached registry credentials from the auth file

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-24 16:32:09 -04:00
Antonio Murdaca
0914a7a667 Merge pull request #1053 from mrunalp/update_godbus_dep
vendor: Update godbus dependency to a389bd
2017-10-24 21:59:33 +02:00
Matthew Heon
042f31fe68 Add default CRI-O socket path back to conmon
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 15:42:23 -04:00
Matthew Heon
ae5fc471ea Make attach sockets directory an argument in Conmon
This is required to enable ongoing work in libpod

Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 15:42:23 -04:00
Antonio Murdaca
e95f75e8f2 Merge pull request #1058 from mrunalp/revert_swap
Revert "integration-playbook: Idempotent Swapping"
2017-10-24 21:10:33 +02:00
Antonio Murdaca
26ca82b23d Merge pull request #1054 from mrunalp/oom_test_loop
test: Test for OOM condition in a loop
2017-10-24 20:25:41 +02:00
Chris Evich
61c643330e Revert "integration-playbook: Idempotent Swapping"
This reverts commit b198c57cfb.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-24 09:36:56 -07:00
Mrunal Patel
56cda43444 test: Test for OOM condition in a loop
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-23 21:07:22 -07:00
Mrunal Patel
9ec09fa3ae vendor: Update godbus dependency to a389bdde4dd695d414e47b755e95e72b7826432c
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-23 12:34:05 -07:00
Antonio Murdaca
7ab9c55a12 Merge pull request #1042 from rhatdan/Makefile
Makefile
2017-10-21 12:21:53 +02:00
Mrunal Patel
d7d2ce7ce2 Merge pull request #1044 from runcom/fix-host-pid
fix host pid handling for containers and share uts ns
2017-10-19 14:11:41 -07:00
Daniel J Walsh
fd43871187 Merge pull request #1037 from mrunalp/revert_move_sock
Revert "Move crio default sock to /var/run/crio/crio.sock"
2017-10-19 15:41:16 -04:00
Daniel J Walsh
c46b875fe7 Merge pull request #1001 from cevich/fix_reswap
integration-playbook: Don't re-swap
2017-10-19 15:17:23 -04:00
Antonio Murdaca
da725f3e5f
fix host pid handling for containers and share uts ns
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-19 21:13:28 +02:00
Daniel J Walsh
655b47fdc4 Strip out debuginfo and other content to make images smaller
This can be overriden by passing in the

make SHRINKFLAGS=

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-19 17:34:24 +00:00
Daniel J Walsh
6835afaa54 Change buildtags based on installed environment.
Determine if selinux is available before building cri-o with support.
Don't add ostree support to crio or any tools other then kpod.
cri-o does not use ostree.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-19 17:34:24 +00:00
Mrunal Patel
b0e9f0eba8 Revert "Move crio default sock to /var/run/crio/crio.sock"
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-19 10:13:49 -07:00