Commit graph

296 commits

Author SHA1 Message Date
umohnani8
156e21ddf9 Enable per pod PID namespace setting
If the pid namespace mode is set to POD, then the container's namespace
should be set to the namespace of the pod infra container.

Signed-off-by: umohnani8 <umohnani@redhat.com>
2018-03-02 12:04:02 -05:00
Daniel J Walsh
b8e5769652 Change all references to kpod to podman
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2018-03-01 04:14:31 -08:00
Mrunal Patel
5f7ac28059 Update code for latest k8s
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2018-02-21 11:03:56 -08:00
Mrunal Patel
d0fd1f5fa8 Bump up cri-tools to f1a58d681c056f259802f5cae2fe1fbcc6b28667
We need this to pick up a fix for attach test.
This change brings in changes to the crictl CLI
requiring changes to the integration tests.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2018-01-29 19:25:49 -08:00
W. Trevor King
080b84dfcd test/namespaces: Factor out pid_namespace_test helper
DRY up this code.  The ${parameter:-word} syntax is in POSIX [1].

[1]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_02

Signed-off-by: W. Trevor King <wking@tremily.us>
2018-01-20 15:58:47 -08:00
Antonio Murdaca
77561e95cf
Merge pull request #1264 from wking/test-readme-plugins-moved-from-cni
test/README: Update the CNI plugins instructions for /cni → /plugins
2018-01-18 23:58:08 +01:00
W. Trevor King
282b900433 test/README: Update the CNI plugins instructions for /cni -> /plugins
Catching up with the Dockerfile change from f51b0a10 (Dockerfile: move
to containernetworking/plugins, 2017-05-25, #536).  The new plugins
commit from f51b0a10 is still the current Dockerfile entry.

This commit also replaces the previous 'go get' call with a git clone
to match the Dockerfile's approach.  I've added an additional 'cd'
call so I don't have to repeat $GOPATH/... more than once, but other
than that, the example matches the current Dockerfile entry.

I've also removed some line-continuation slashes we've been dragging
around since the section landed 07ccda33 (tests: Install CNI
configuration files by default, 2017-04-06, #434).  I'm guessing they
were a copy/paste bug from the Dockerfile, but this example has new
prompts for each command (so it doesn't need continuation) while the
Dockerfile is using && chaining (so it does).

Signed-off-by: W. Trevor King <wking@tremily.us>
2018-01-18 14:12:33 -08:00
W. Trevor King
e124834b0d test/README: Clear Containers moved to clearcontainers/runtime
And changed the name of their binary.  This commit catches the docs up
with intel/cc-oci-runtime#1065 (merged 2017-09-25).

Signed-off-by: W. Trevor King <wking@tremily.us>
2018-01-18 09:47:56 -08:00
Antonio Murdaca
de0be63495
container_create: set cpuset cpus|mems
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-12-20 19:20:57 +01:00
Nalin Dahyabhai
6a456d1502 Use crictl instead of crioctl in image integration tests
Use crictl instead of crioctl in some of the integration tests that
exercise image handling.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-12-14 14:23:53 -05:00
Nalin Dahyabhai
ff7bbb4f0d Switch to ImageServer.UntagImage in RemoveImage handler
Add an UntagImage() method to pkg/storage/ImageServer, which will check
if the passed-in NameOrID is a name.  If so, it merely removes that name
from the image, removing the image only if it was the last name that the
image had.  If the NameOrID is an image ID, the image is removed, as
RemoveImage() does.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-12-14 14:23:53 -05:00
Nalin Dahyabhai
f3b7065bd8 Return image references from the storage package
The image's canonical reference is a name with a digest of the image's
manifest, so in imageService.ImageStatus() and
imageService.ListImages(), divide the image's name list into tagged and
digested values, and if we have names, add canonical versions.

In Server.ContainerStatus(), return the image name as it was given to us
as the image, and the image digested reference as the image reference.

In Server.ListImages(), be sure to only return tagged names in the
RepoTags field.  In Server.ImageStatus(), also return canonical
references in the RepoDigests field.

In Server.PullImage(), be sure that we consistently return the same
image reference for an image, whether we ended up pulling it or not.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-12-14 14:23:52 -05:00
Samuel Ortiz
a2e08d5dc4 test: Add timeout before checking for status
Under some slow environment (nested VMs) or with some
not as fast runtimes (Clear Containers), asking for a
status right away is racy.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-12-01 10:21:50 +01:00
Antonio Murdaca
ea0bf448fe
test: add exec/execsync env conflict test
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-30 12:54:58 +01:00
Mrunal Patel
d10490bccf test: Add an integration test for partial line in logs
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-11-28 18:57:26 -08:00
Mrunal Patel
4cf4137be0 conmon: Add support for partial/newline log tags
This is for ttps://github.com/kubernetes/kubernetes/pull/55922

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-11-28 18:57:21 -08:00
Antonio Murdaca
b3f59f31ad
Merge pull request #1159 from weiwei04/replace_crioctl_with_crictl_wip
Replace crioctl with crictl
2017-11-20 15:27:30 +01:00
Wei Wei
25dfde9044 replace crioctl with crictl
Signed-off-by: Wei Wei <weiwei.inf@gmail.com>
2017-11-20 13:46:52 +08:00
Mrunal Patel
946307e5c2 Make pid namespace sharing optional and disabled by default
We reverse the logic so that pid ns sharing is disabled by default.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-11-18 06:47:06 -08:00
Mrunal Patel
d68da8929a
Merge pull request #1149 from weiwei04/share_pid_namespace
share pid namespace for Pod container
2017-11-17 08:12:49 -10:00
Wei Wei
702ab3ee3a share pid namespace for Pod container
Signed-off-by: Wei Wei <weiwei.inf@gmail.com>
2017-11-17 09:56:33 +08:00
Wei Wei
b0b6611bdf replace crioctl in e2e with crictl
Signed-off-by: Wei Wei <weiwei.inf@gmail.com>
2017-11-15 16:15:54 +08:00
DeShuai Ma
e90e0c7062 fix typo for test/README.md
Signed-off-by: DeShuai Ma <dma@redhat.com>
2017-11-14 15:29:27 +08:00
Antonio Murdaca
e99a78edff
*: add crictl.yaml
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-12 01:54:19 +01:00
Antonio Murdaca
befd719812
Revert "Merge pull request #654 from nalind/storage-update"
This reverts commit 4c06116c18, reversing
changes made to c5e73ba65f.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-12 01:54:19 +01:00
Daniel J Walsh
e9200aacba
Merge pull request #1110 from edsantiago/more_testing_fixes
Various test-scaffolding fixes
2017-11-10 08:22:06 -05:00
Daniel J Walsh
c9b3d3df28
Merge pull request #1111 from mheon/remove_kpod
Remove kpod code after repository move
2017-11-07 14:44:40 -05:00
Ed Santiago
b7697672f0 Various test-scaffolding fixes
* Skip some tests if the bridge-custom plugin is
  unavailable. This CNI plugin is not distributed in
  any RPM, it is only available by compiling from a
  side branch in runcom's private github. We can't
  use it in a real integration-test setting.

* Don't use `run()` inside cleanup handlers. It will
  override $status, which is a double whammy:
   - successful cleanup will mask a test failure
   - when a test is `skip()`ed, crictl may fail,
     and $status will indicate failure.

* seccomp test: use existing $SECCOMP_PROFILE instead of
  assuming a path under $CRIO_ROOT

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-11-06 07:14:33 -07:00
Mrunal Patel
3f9e539bde
Merge pull request #1117 from runcom/setup-cwd
container_create: setup cwd for containers
2017-11-04 05:21:26 -07:00
Matthew Heon
1bf6d20309 Remove kpod code after repository move
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-11-03 14:37:42 -04:00
Antonio Murdaca
140f85df72
container_create: setup cwd for containers
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-03 19:23:44 +01:00
Mrunal Patel
c44c712a42 test: Add a test for HOSTNAME env
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-11-02 20:25:07 -07:00
Mrunal Patel
815bb7652b
sandbox: Use first class sysctls instead of annotations
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Antonio Murdaca
c25530ac0b
server: implement update container resources
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Antonio Murdaca
7d7024999b
sandbox, ctrs: fixup seccomp for 1.8
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Daniel J Walsh
fe69289566
Merge pull request #1080 from baude/kpod_create.pr
Kpod create.pr
2017-11-01 13:44:28 -04:00
baude
b85fe5ab90 Fix conmon and runc paths for kpod tests
Tests for kpod create and run were failing because the conmon
binary was being hardcoded.  We added a  --conmon global optioni
for kpod so we could pass in the conmon path from the helpers
file during tests

Signed-off-by: baude <bbaude@redhat.com>
2017-11-01 10:53:52 -05:00
Daniel J Walsh
063b25cef5 Report error when arguments given to crio command
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-31 16:15:54 -04:00
baude
c6cc205b78 Reviewer comments and suggestions incorporated.
Signed-off-by: baude <bbaude@redhat.com>
2017-10-31 14:10:47 -05:00
Nalin Dahyabhai
2e5e92730a Switch to ImageServer.UntagImage in RemoveImage handler
Add an UntagImage() method to pkg/storage/ImageServer, which will check
if the passed-in NameOrID is a name.  If so, it merely removes that name
from the image, removing the image only if it was the last name that the
image had.  If the NameOrID is an image ID, the image is removed, as
RemoveImage() does.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:30:18 -04:00
Nalin Dahyabhai
3f2bc09231 Return image references in ImageStatus()
The image's canonical reference is a name with a digest of the image's
manifest, so compute and return that value as the image's reference in
ImageStatus() and in ContainerStatus().

We don't auto-store a name based on the image digest when we pull one by
tag, but then CRI doesn't need us to do that.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:29:06 -04:00
Nalin Dahyabhai
beef44840e Update kpod push test
Since we've got stable image IDs now, pushing an image from local
storage to local storage ends up attaching the both names to a single
image, so we need to update the test's expectations.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:29:05 -04:00
Daniel J Walsh
dbaf500c0b
Merge pull request #1094 from runcom/makefile-fixes
Makefile: output binaries under bin/
2017-10-31 09:07:40 -04:00
Antonio Murdaca
63b1706de8
Makefile: output binaries under bin/
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-30 17:48:29 +01:00
Antonio Murdaca
15afc4d3de
container_create: sort mounts before adding them to the spec
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-29 12:31:18 +01:00
Daniel J Walsh
fb804f5602 Merge pull request #1015 from umohnani8/authflag
Add authfile flag to pull and push
2017-10-25 06:16:58 -07:00
Daniel J Walsh
2f43183c35 Merge pull request #1068 from nalind/default-store
libpod: set the default Store to match a Runtime
2017-10-24 21:40:56 -07:00
Mrunal Patel
cd04b45540 Merge pull request #1067 from nalind/secrets-test
Fixups for crio_secrets.bats
2017-10-24 21:01:56 -07:00
Mrunal Patel
5a4ffef9d3 Merge pull request #1066 from nalind/storage-opts
tests: rename $STORAGE_OPTS to $STORAGE_OPTIONS
2017-10-24 21:01:33 -07:00
Nalin Dahyabhai
9d0d48b2ce Rename $STORAGE_OPTS to $STORAGE_OPTIONS
Rename our $STORAGE_OPTS variable to $STORAGE_OPTIONS, so that the
storage library doesn't try to use its contents as default driver
options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:52:16 -04:00