Because we need a working CNI plugin to setup a correct netns so
sandbox_run can grab a working IP address.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
bin2img/checkseccomp/copyimg are file targets and should not be .PHONY.
This prevents to build them if not necessary.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
When the integration test image is run on a system with apparmor
enabled, it needs binaries from the 'apparmor' package, so ensure that
it's always there.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Two issues:
1) pod Namespace was always set to "", which prevents plugins from figuring out
what the actual pod is, and from getting more info about that pod from the
runtime via out-of-band mechanisms
2) the pod Name and ID arguments were switched, further preventing #1
Signed-off-by: Dan Williams <dcbw@redhat.com>
As of containernetworking/cni commit 1b9caefba5670c59e0ccbf0b008d88da52a7d498,
the script to build has changed from 'build' to 'build.sh' which broke our
integration tests. Change the integration test Dockerfile to update this path,
and update the tutorial for good measure. Pin to current master to ensure this
breakage doesn't happen again.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Use containers/storage to store images, pod sandboxes, and containers.
A pod sandbox's infrastructure container has the same ID as the pod to
which it belongs, and all containers also keep track of their pod's ID.
The container configuration that we build using the data in a
CreateContainerRequest is stored in the container's ContainerDirectory
and ContainerRunDirectory.
We catch SIGTERM and SIGINT, and when we receive either, we gracefully
exit the grpc loop. If we also think that there aren't any container
filesystems in use, we attempt to do a clean shutdown of the storage
driver.
The test harness now waits for ocid to exit before attempting to delete
the storage root directory.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add the necessary build tags and configuration so that integration tests
can properly build against device mapper and btrfs libraries.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>