Commit graph

2033 commits

Author SHA1 Message Date
Samuel Ortiz
29121c8c0c oci: Remove useless crio-conmon- cgroup deletion
It always fails because conmon is still there.
But more importantly it adds a 2 seconds delay to the container
creation as we're trying to delete a cgroup but we can't.

With this patch a container creation is down to typically less than
150ms instead of 2+ seconds.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-13 11:58:23 +02:00
Nalin Dahyabhai
ddb8fb30cc Correct our usage of the bats run helper
The bats "run" helper function sets "$status", so there's no point to
checking the value of "$status" when we haven't used the "run" helper to
run a command, and we almost always want to be checking the value after
we have used the helper.

There's no need to run commands like 'sleep' or 'rm -f' with the helper,
since they're not expected to fail, and if they do, it's probably
indicative of a larger problem that we want to allow to cause tests to
fail.

Helper functions like start_crio already check "$status" when they call
"run", so we don't need to check it again after they return.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-12 17:54:47 -04:00
Nalin Dahyabhai
a88f6840d8 Look up the container's name for kpod-stop-by-name
In the kpod-stop-by-name test, use 'kpod inspect' to look up the name of
the container, rather than predicting the name that crio will assign.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-12 17:54:47 -04:00
Mrunal Patel
436194290a Merge pull request #1004 from umohnani8/secrets_patch
Follow up changes on secrets patch
2017-10-12 14:40:46 -07:00
umohnani8
d1aea31786 Follow up changes on secrets patch
Deleted mounts.conf file and moved the secrets mount paths
to a list (default-mounts) in crio.conf

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-12 15:10:07 -04:00
Daniel J Walsh
5b41729b6c Merge pull request #942 from umohnani8/secrets_patch
Add secrets support to crio
2017-10-12 11:04:20 -04:00
Daniel J Walsh
a8224f8be1 Merge pull request #1002 from mrunalp/lint_fix
test: Modify Fatal to Fatalf as we have a specifier
2017-10-12 09:27:40 -04:00
umohnani8
d5b5028cb9 Add secrets patch to crio
Allows the user to define secret paths in /etc/containers/mounts.conf
These are then volume mounted into the container

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-11 20:00:38 -04:00
Mrunal Patel
bb4b2e9fea test: Modify Fatal to Fatalf as we have a specifier
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-10-11 14:51:11 -07:00
Daniel J Walsh
d7cbdfce76 Merge pull request #886 from baude/kpod_json
Return Valid JSON for empty data
2017-10-11 16:26:23 -04:00
baude
3907e0d346 Return Valid JSON for empty data
For commands that ask for JSON results, if the input to the Go JSON
marshaller is empty, it will return a byte array with a literal
"null" in it.  If that is the case, we should output [] instead
as at least that is valid JSON and will not break consumers of the
data.

Signed-off-by: baude <bbaude@redhat.com>
2017-10-11 13:28:18 -05:00
Daniel J Walsh
3363064622 Merge pull request #996 from mrunalp/fix_format
test: Fix format specifier
2017-10-11 13:03:16 -04:00
Matthew Heon
92def27645 Working in-memory state implementation
Signed-off-by: Matthew Heon <mheon@redhat.com>
2017-10-11 12:56:17 -04:00
Daniel J Walsh
915f918907 Merge pull request #998 from rhatdan/cleanup
Add information on kpod login/logout
2017-10-11 11:08:56 -04:00
Daniel J Walsh
436a803542 Add information on kpod login/logout
Add video for kpod-export

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-11 13:37:13 +00:00
Daniel J Walsh
3991a0531c Merge pull request #810 from umohnani8/kpod_login
Add "kpod login" command
2017-10-11 09:13:21 -04:00
Mrunal Patel
7c2c9a8c85 test: Fix format specifier
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-10-10 16:23:54 -07:00
Mrunal Patel
8c83014476 Merge pull request #994 from edsantiago/safe_netcat
nc (netcat): don't block when run interactively
2017-10-10 16:23:07 -07:00
Daniel J Walsh
132dae4094 Merge pull request #989 from umohnani8/flag_change
Changed debug flag to log-level in kpod/main.go
2017-10-10 17:05:29 -04:00
umohnani8
5d48e1aca5 Vendor in latest containers/image
Add support for kpod login/logout

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 17:02:57 -04:00
umohnani8
d664a58a6d Add 'kpod login' and 'kpod logout' commands
Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 17:02:57 -04:00
umohnani8
b21a3e36ac Add docker/config package to containers/image/pkg
This package is used in authenticating a user for kpod login
and can be used for authentication in kpod push, pull etc.

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 16:58:40 -04:00
Daniel J Walsh
772f4b1515 Merge pull request #988 from umohnani8/libpod-part2
Continue switching from libkpod to libpod
2017-10-10 16:55:53 -04:00
Daniel J Walsh
680f3a09e1 Merge pull request #953 from edsantiago/parameterize_cni_plugin
Parameterize CRIO_CNI_PLUGIN
2017-10-10 16:55:03 -04:00
Ed Santiago
d54a139f6d nc (netcat): don't block when run interactively
When running the test suite interactively, "Connect to pod
hostport from the host" test hangs because nc thinks it's
got a bidirectional connection. Running with </dev/null
closes the connection after receiving the expected data,
letting the tests proceed.

This is just a suggestion for n00b-friendliness. Running
interactively is rare, but it's exactly where a n00b
will begin, and the hang costs a little time and energy
to track down.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-10-10 13:03:08 -06:00
umohnani8
b4d3b560d3 Changed debug flag to log-level in kpod/main.go
The change in flag from debug to log-level was causing cri-o to fail when started
There was a reference to the debug flag in kpod/main.go that had not been changed

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 14:55:14 -04:00
umohnani8
356df5d18e Continue switching from libkpod to libpod
Refactored rmi, images, diff, and history.
Made fixes to kpod images in the way it was handing the templates as well as printing the image names

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 11:22:09 -04:00
Mrunal Patel
bbd7321a7a Merge pull request #991 from runcom/kube-1.7.8
bump to kube v1.7.8
2017-10-10 07:41:40 -07:00
Daniel J Walsh
cfd7aec1c3 Merge pull request #960 from ashcrow/rebase-895
kpod rmi by ID untagged: %name incorrect
2017-10-10 07:56:43 -04:00
Antonio Murdaca
b6be0f0bd7
bump to kube v1.7.8
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-10 10:58:44 +02:00
Daniel J Walsh
19df68605b Merge pull request #990 from TomSweeneyRedHat/dev/tsweeney/fixread
Add video for pause/unpause to README.md
2017-10-09 16:31:56 -04:00
Daniel J Walsh
7efeada9df Merge pull request #983 from rhatdan/docs
Add documentation on kpod attach
2017-10-09 16:14:19 -04:00
TomSweeneyRedHat
0f31a61113 Add video for pause/unpause to README.md
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
2017-10-09 14:57:37 -04:00
Daniel J Walsh
825f7f290b Merge pull request #949 from mrunalp/test_fix_kube_dns
test: Fix kube dns bring up in cluster
2017-10-07 05:59:01 -04:00
Daniel J Walsh
df5110dfd5 Add documentation on kpod attach
Add a man page on how to achieve the same user experience as using
kpod attach by using either the kpod logs or kpod exec commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-06 20:56:05 +00:00
Mrunal Patel
8c9fcfce0d Merge pull request #984 from mrunalp/readme_fixes
readme: Fix rc version and specify cgroup driver for k8s
2017-10-06 13:20:37 -07:00
Mrunal Patel
93af568246 readme: Fix rc version and specify cgroup driver for k8s
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-06 11:52:14 -07:00
Mrunal Patel
9c518dc03b test: Fix kube dns bring up in cluster
We have to call hack/local-up-cluster from kubernetes directory
as it makes relative calls to cluster/kubectl.sh. The failure
of these calls led to kube-dns not coming up.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-06 11:50:27 -07:00
Daniel J Walsh
19f37f5c14 Merge pull request #955 from sameo/topic/delete_container
Handle container creation failures gracefully
2017-10-06 11:54:10 -04:00
Daniel J Walsh
974bafe012 Merge pull request #950 from sameo/topic/loglevel
main: Define -log-level option
2017-10-06 09:51:07 -04:00
Daniel J Walsh
e5d2c0af5f Merge pull request #979 from mrunalp/log_size_min
Make sure log-size-max is atleast as big as read buffer
2017-10-06 09:23:48 -04:00
Mrunal Patel
f17f122ef3 Merge pull request #906 from dcbw/net-test
test: add test for network teardown on sandbox error
2017-10-05 21:18:09 -07:00
Mrunal Patel
309a744075 Merge pull request #976 from mrunalp/bump_go_1.8.4
test: Update go to 1.8.4
2017-10-05 18:06:48 -07:00
Mrunal Patel
067cbff207 Make sure log-size-max is atleast as big as read buffer
We need log-size-max to be bigger than the read buffer in conmon
to accurately truncate it.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-05 15:06:38 -07:00
Dan Williams
cc2b27132e test/network: clean up tests
Signed-off-by: Dan Williams <dcbw@redhat.com>
2017-10-05 16:41:54 -05:00
Dan Williams
8392f5f757 test: add test for network teardown on sandbox setup errors
Signed-off-by: Dan Williams <dcbw@redhat.com>
2017-10-05 16:41:54 -05:00
Samuel Ortiz
f9bad6cc32 oci: Use error logs for container creation failures
They are more critical than simple debug strings.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-05 22:53:20 +02:00
Samuel Ortiz
a5e5ccb365 main: Replace -debug with -log-level
Running crio with -debug is very verbose. Having more granularity
on the log level can be useful when e.g. only looking for errors.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-05 22:53:20 +02:00
Samuel Ortiz
d27451029b oci: Increase the container creation timeout
Under very heavy loads (e.g. 100 pods created at the same time), VM
based runtimes can take more than 10 seconds to create a pod.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-05 22:52:33 +02:00
Samuel Ortiz
eae1b7d6bd oci: Delete container resources upon creation failure
When cri-o assumes the container creation failed, we need to let the
runtime know that we're bailing out so that it cancels all ongoing
operation.
In container creation timeout situations for example, failing to
explictly request the runtime for container deletion can lead to large
resource leaks as kubelet re-creates a failing container, while the
runtime finishes creating the previous one(s).

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-05 22:52:33 +02:00