Andrew Pilloud
e4e982d78a
test: hostport network test
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 15:46:15 -07:00
Dan Walsh
a9a1b04510
Vendor in latest opencontainers/runtime-tools
...
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2017-06-22 13:32:30 -04:00
Mrunal Patel
7cb47aeb21
Merge pull request #622 from alexlarsson/conmon-cleanup
...
Conmon cleanup
2017-06-22 10:05:35 -07:00
Mrunal Patel
59820df8e1
Merge pull request #619 from mrunalp/tty_logging_check
...
test: Tighten the grep for logging with tty
2017-06-22 10:02:54 -07:00
Andrew Pilloud
afc731d3a6
testdata: Remove hostport from sandbox_config
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Andrew Pilloud
17359e34a6
server: init iptables without kube
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Andrew Pilloud
a0e15abf5e
vendor: add hostport and deps
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Andrew Pilloud
28cd8bde49
server: Hookup kubelet hostport
...
Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>
2017-06-22 08:51:50 -07:00
Mrunal Patel
91ea67a8ff
Merge pull request #618 from runcom/standard-names
...
server: standardize on naming
2017-06-22 07:16:39 -07:00
Alexander Larsson
c39868ad55
conmon: Add fds to mainloop where they are created
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
7b91005b36
conmon: Rename global fd variables to longer names
...
Since these are global, its nice if they are a bit more descriptive.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
4cb4de6cda
conmon: Move OOM setup to helper function
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
34b75c20c2
conmon: Move terminal control fifo setup to a helper function
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
640ebeafb3
conmon: Break out attach socket setup to helper function
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
cc3a1615fb
conmon: Break out connection socket setup to a separate function
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
b269969216
conmon: Don't use fixed size string buffers
...
We build paths using g_build_filename and g_strdup_printf() instead
which means we don't have any arbitrary pathname lenght issue, and
the code becomes cleaner.
We also convert asprintf to g_strdup_printf so that we can use
the glib OOM checker instead of open coding it everywhere.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
a7c61e4f9f
conmon: Remove unused variables
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
215ef485df
conmon: Add add_argv() helper
...
This makes adding the arguments to runtime_argv somewhat nicer.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
6aa1075ab6
conmon: Add (and use) get_pipe_fd_from_env helper
...
This avoids duplicating this code in two places.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Alexander Larsson
4838d6eb80
conmon: Rename all commandline option variables opt_*
...
This makes it easier to figure out where they come from
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-22 16:09:27 +02:00
Mrunal Patel
791d646695
Merge pull request #620 from alexlarsson/conmon-cleanup-exitsync
...
conmon: Clean up execsync
2017-06-22 07:07:37 -07:00
Antonio Murdaca
6035cff9e4
server: standardize on naming
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-22 11:55:03 +02:00
Alexander Larsson
81cb788004
conmon: Clean up execsync
...
This moves the timeout handling from the go code to conmon, whic
removes some of the complexity from criod, and additionally it will
makes it possible to do the double-fork in the exec case too.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-21 21:03:17 +02:00
Mrunal Patel
db337699f2
test: Tighten the grep for logging with tty
...
This tests that our ONLCR takes effect as we match \r\n
in the logs
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-21 10:10:16 -07:00
Antonio Murdaca
774c47d00c
Merge pull request #615 from mrunalp/test_creation_failure
...
test: Ensure we get error messages back on creation failure
2017-06-21 11:34:23 +02:00
Antonio Murdaca
5dcbdc05e5
Merge pull request #613 from mrunalp/bump_1_alpha_0
...
version: Bump up version to 1.0.0-alpha.0
2017-06-21 00:36:24 +02:00
Mrunal Patel
3b3a2929e1
test: Ensure we get error messages back on creation failure
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-06-20 15:07:34 -07:00
Mrunal Patel
b82df188c6
version: Bump up version to 1.0.0-alpha.0
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-20 09:48:12 -07:00
Mrunal Patel
88037b143b
Merge pull request #583 from alexlarsson/conmon-reap-zombies
...
conmon: Don't leave zombies and fix cgroup race
2017-06-20 07:53:52 -07:00
Alexander Larsson
d57ad7af3d
RunUnderSystemdScope: Wait until scope is started before we return
...
We need to do this, because otherwise we will continue and exit the
pid before systemd has a chance to look at it.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-20 13:56:03 +02:00
Alexander Larsson
72686c78b4
fixup! conmon: Don't leave zombies and fix cgroup race
...
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-20 12:18:07 +02:00
Mrunal Patel
0413088ffb
Merge pull request #612 from runcom/fixies-profiling
...
Fixies profiling + conflict run pod sandbox
2017-06-18 22:07:47 -07:00
Antonio Murdaca
94a457d46a
sandbox_run: need to stop sandbox before removing it on conflict
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-18 11:42:07 +02:00
Antonio Murdaca
20e11e3b90
cmd: crio: enable remote profiler
...
This patch also hides the profile under the debug flag as there's
runtime cost to enable the profiler.
This removes the old way of profiling (CPU) as that's not really
needed.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-18 11:42:04 +02:00
Antonio Murdaca
b01a7719cb
Merge pull request #609 from mrunalp/minor_fixes
...
Add missing error checks and simplify bool check
2017-06-17 13:48:15 +02:00
Antonio Murdaca
5fc6a0098c
Merge pull request #611 from mrunalp/fix_irc_channel
...
travis: Fix the IRC channel
2017-06-17 10:53:07 +02:00
Mrunal Patel
8fb98a7a73
travis: Fixup the IRC channel
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-16 16:27:03 -07:00
Mrunal Patel
bd40bbc30b
Add missing error checks and simplify bool check
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-16 15:49:16 -07:00
Mrunal Patel
784d03809e
Merge pull request #530 from runcom/fix-mounts-leak
...
server: adhere to CRI for sandbox stop/remove
2017-06-16 15:10:41 -07:00
Mrunal Patel
d2aa49a87b
Merge pull request #603 from runcom/test-calico
...
test: add a test for /etc/resolv.conf in rw/ro mode
2017-06-16 12:16:55 -07:00
Antonio Murdaca
8b4e3036ea
test: add a test for /etc/resolv.conf in rw/ro mode
...
This patch isn't adding a test for /etc/hosts as that requires host
network and we don't want to play with host's /etc/hosts when running
make localintegration on our laptops. That may change in the future
moving to some sort of in-container testing.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-16 11:01:12 +02:00
Antonio Murdaca
2014f0e14f
Merge pull request #568 from mrunalp/fix_terminal_settings
...
conmon: Set ONLCR for console
2017-06-16 10:17:15 +02:00
Mrunal Patel
2212d34899
Merge pull request #598 from sameo/topic/cni
...
sandbox_remove: Do not error out when CNI tear down fails
2017-06-15 14:23:17 -07:00
Antonio Murdaca
9f68cb4507
server: adhere to CRI for sandbox stop/remove
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-15 23:08:30 +02:00
Mrunal Patel
5fb4c99884
Merge pull request #604 from runcom/kube-v1.6.5
...
vendor: update kube to v1.6.5
2017-06-15 12:07:16 -07:00
Mrunal Patel
2b8e3a0d0f
Merge pull request #602 from runcom/busy-loop
...
oci: remove busy loop
2017-06-15 10:29:33 -07:00
Mrunal Patel
bfd1b83f51
conmon: Modify console terminal settings to match kube settings
...
We enable ONLCR on the console to match kube's terminal settings.
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-06-15 07:54:12 -07:00
Antonio Murdaca
e36a2a4c83
vendor: update kube to v1.6.5
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-15 15:20:25 +02:00
Alexander Larsson
af4fbcd942
conmon: Don't leave zombies and fix cgroup race
...
Currently, when creating containers we never call Wait on the
conmon exec.Command, which means that the child hangs around
forever as a zombie after it dies.
However, instead of doing this waitpid() in the parent we instead
do a double-fork in conmon, to daemonize it. That makes a lot of
sense, as conmon really is not tied to the launcher, but needs
to outlive it if e.g. the cri-o daemon restarts.
However, this makes even more obvious a race condition which we
already have. When crio-d puts the conmon pid in a cgroup there
is a race where conmon could already have spawned a child, and
it would then not be part of the cgroup. In order to fix this
we add another synchronization pipe to conmon, which we block
on before we create any children. The parent then makes sure the
pid is in the cgroup before letting it continue.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
2017-06-15 14:20:40 +02:00
Antonio Murdaca
b9f3435bf6
Merge pull request #555 from sameo/topic/workload-trust
...
oci: Support mixing trusted and untrusted workloads
2017-06-15 13:01:34 +02:00