Commit graph

2037 commits

Author SHA1 Message Date
TomSweeneyRedHat
cbb380c974 Change runc location of runc in tutorial.md
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
2017-10-30 09:50:49 -04:00
Daniel J Walsh
e22a3c9aea
Merge pull request #1090 from runcom/cmux-http-read-timeout
cmd: crio: set ReadTimeout on the info endpoint
2017-10-30 09:08:36 -04:00
Antonio Murdaca
158d53e62a
cmd: crio: set ReadTimeout on the info endpoint
This will avoid the goroutines leak we've been seeing during
performance tests. Goroutines count returns to normal after containers
cleanup.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-29 21:56:55 +01:00
Antonio Murdaca
15afc4d3de
container_create: sort mounts before adding them to the spec
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-29 12:31:18 +01:00
Antonio Murdaca
3ae3c41256
Merge pull request #1086 from mrunalp/lint_fix
lint fixes
2017-10-29 06:13:21 +01:00
Mrunal Patel
03f9350a15 lint fixes
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-28 13:17:00 -07:00
Daniel J Walsh
c269bf7b99
Merge pull request #1081 from mheon/libpod_labels
Update libpod to support labels
2017-10-27 12:34:14 -07:00
Mrunal Patel
c54658cb7b
Merge pull request #1083 from lsm5/unitfile-fixes
expand limits for tests
2017-10-27 10:25:12 -07:00
Lokesh Mandvekar
74f744dc34
systemd: expand limits for tests
Borrowed from:
https://github.com/projectatomic/atomic-system-containers/pull/136

From: Antonio Murdaca <runcom@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2017-10-27 10:50:02 -04:00
Matthew Heon
90b44cbf34 Shut down libpod runtime's store if error occurs in NewRuntime
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-27 09:50:09 -04:00
Daniel J Walsh
596a97119b Merge pull request #1043 from mheon/kpod_container_skeleton
Libpod container creation logic
2017-10-26 16:26:06 -07:00
Mrunal Patel
1442bb7ed7 Merge pull request #1076 from runcom/close-ch
server: correctly return and close ch from exits routine
2017-10-26 11:00:42 -07:00
Matthew Heon
97ad00b708 Add labels and stop signal to libpod's container code
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-26 11:13:42 -04:00
Antonio Murdaca
584a256388
server: correctly return and close ch from exits routine
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-26 16:55:18 +02:00
Mrunal Patel
b416ee13a0 Merge pull request #1074 from umohnani8/pull_flags
Add --tls-verify, --cert-dir, and --quiet flags to kpod pull
2017-10-25 18:52:50 -07:00
umohnani8
f9992d71a3 Add --tls-verify, --cert-dir, and --quiet flags to kpod pull
Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-25 16:28:18 -04:00
Matthew Heon
1ef3e96974 Fix gofmt and golint issues
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 13:08:49 -04:00
Matthew Heon
3b60d38769 Address review comments
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 12:04:52 -04:00
Matthew Heon
9b563f7970 Update libpod logic for placing containers in pods
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 11:51:45 -04:00
Matthew Heon
88e2acdc4f Add create/start times. Add helpers for locating common files.
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
3262565d61 Add support for setting conmon sockets directory in libpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
872c59da8f Refactor container code in preparation for saving state
Also adds terminal handling code to libpod

Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Matthew Heon
241653e152 Add container creation logic to Libpod
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-25 10:45:32 -04:00
Daniel J Walsh
8d78e3cfac Merge pull request #1072 from rhatdan/master
Copy CONTRIBUTING.md from skopeo
2017-10-25 07:30:07 -07:00
Daniel J Walsh
e92aec8b97 Merge pull request #1073 from rhatdan/readme
Add ascii cinema to README for login/logout/diff
2017-10-25 07:29:38 -07:00
Daniel J Walsh
fb804f5602 Merge pull request #1015 from umohnani8/authflag
Add authfile flag to pull and push
2017-10-25 06:16:58 -07:00
Daniel J Walsh
17ad51011e Add ascii cinema to README for login/logout/diff
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 13:10:56 +00:00
Daniel J Walsh
14f111bd8d Copy CONTRIBUTING.md from skopeo
We need to tell people about contributing to the CRI-O project

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 13:07:25 +00:00
Daniel J Walsh
a3cd7c422c Merge pull request #1052 from mheon/conmon_socket_as_arg
Make attach sockets directory an argument in Conmon
2017-10-24 21:48:33 -07:00
Daniel J Walsh
c9f837aca1 Merge pull request #1056 from literalice/patch-runcpath
fixes runc install path on Dockerfile
2017-10-24 21:47:24 -07:00
Daniel J Walsh
2e26e9b2ec Merge pull request #1050 from rhatdan/selinux
We need to release the SELinux label when we destroy the sandbox
2017-10-24 21:44:30 -07:00
Daniel J Walsh
2f43183c35 Merge pull request #1068 from nalind/default-store
libpod: set the default Store to match a Runtime
2017-10-24 21:40:56 -07:00
Mrunal Patel
e6d2d60e4d Merge pull request #1065 from nalind/mapsize
Fix a copy/paste error in libpod initializers
2017-10-24 21:02:36 -07:00
Mrunal Patel
cd04b45540 Merge pull request #1067 from nalind/secrets-test
Fixups for crio_secrets.bats
2017-10-24 21:01:56 -07:00
Mrunal Patel
5a4ffef9d3 Merge pull request #1066 from nalind/storage-opts
tests: rename $STORAGE_OPTS to $STORAGE_OPTIONS
2017-10-24 21:01:33 -07:00
Daniel J Walsh
c2c148f18d We need to release the SELinux label when we destroy the sandbox
This will release the MCS Label to be used again.  Only do this if we
don't have another sandbox using the same label.

Also vendor in the latest selinux go bindings, which fixes a leak and
properly reserves the SELinux label we are going to use.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 02:35:20 +00:00
Nalin Dahyabhai
9d0d48b2ce Rename $STORAGE_OPTS to $STORAGE_OPTIONS
Rename our $STORAGE_OPTS variable to $STORAGE_OPTIONS, so that the
storage library doesn't try to use its contents as default driver
options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:52:16 -04:00
Nalin Dahyabhai
a467615423 Fixups for crio_secrets.bats
Remove the directory named by "$MOUNT_PATH", not "MOUNT_PATH".
Run "cat /proc/mounts" instead of "mount" in the test container.
Run "grep" using the "run" helper when we want to capture its output.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:49:55 -04:00
Nalin Dahyabhai
499b2fa180 Fix a copy/paste error in libpod initializers
When copying the GID map at startup, size the map correctly.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:48:47 -04:00
Nalin Dahyabhai
a5fb2b4b11 libpod: set the default Store to match a Runtime
When initializing a Runtime, set the default Store for the
containers-storage transport in the image library to the same one that
we're using, so that the calling process sees the same set of images
in the Runtime that it sees when going through the image library.

Update the kpod_push test so that it no longer has to specify a location
in the destination image reference, since the default should already be
passed to kpod as global options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:47:10 -04:00
Mrunal Patel
863e137bde Merge pull request #1039 from runcom/fix-process-exec
oci: respect process spec on exec
2017-10-24 17:23:58 -07:00
Matthew Heon
e66da6046d Rename conmon argument to socket-dir-path
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 18:28:53 -04:00
Masatoshi Hayashi
9191a994fc fixes runc install path on Dockerfile
In the config file (/etc/crio/crio.conf) installed by `make install.config` , runc runtime path is specified "/usr/bin/runc"

Signed-off-by: Masatoshi Hayashi <literalice@monochromeroad.com>
2017-10-25 07:23:13 +09:00
Nalin Dahyabhai
4af9ae4bc2 kpod_kill.bats: drop redundant variables
Drop duplicate definitions of variables that are already defined in
helpers.bash.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 18:17:15 -04:00
Antonio Murdaca
c316e5d8cf
oci: respect process spec on exec
This patch fixes exec to use the original (start-time) process exec
configuration. Otherwise, we were creating a brand new spec process w/o
additional groups for instance.
Spotted while integrating CRI-O with cri-test...The test was failing
with:
```
• Failure [10.640 seconds]
[k8s.io] Security Context
/home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/framework/framework.go:72
  bucket
  /home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/validate/security_context.go:407
    runtime should support SupplementalGroups [It]
    /home/amurdaca/go/src/github.com/kubernetes-incubator/cri-tools/pkg/validate/security_context.go:272

    Expected
        <[]string | len:1, cap:1>: ["0"]
    to contain element matching
        <string>: 1234
```

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-24 22:39:17 +02:00
umohnani8
d855e2c8ad Add authfile flag to pull and push
Push and pull can now access any cached registry credentials from the auth file

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-24 16:32:09 -04:00
Antonio Murdaca
0914a7a667 Merge pull request #1053 from mrunalp/update_godbus_dep
vendor: Update godbus dependency to a389bd
2017-10-24 21:59:33 +02:00
Matthew Heon
042f31fe68 Add default CRI-O socket path back to conmon
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 15:42:23 -04:00
Matthew Heon
ae5fc471ea Make attach sockets directory an argument in Conmon
This is required to enable ongoing work in libpod

Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-24 15:42:23 -04:00
Antonio Murdaca
e95f75e8f2 Merge pull request #1058 from mrunalp/revert_swap
Revert "integration-playbook: Idempotent Swapping"
2017-10-24 21:10:33 +02:00