k8s already mounts /etc/hosts from /var/lib/kubelet/pods/<ID>/etc-hosts
even for host network. We shouldn't play with it unless we're running
from crictl for instance.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
The last consumer was removed in 1bf6d203 (Remove kpod code after
repository move, 2017-11-02, #1111).
Signed-off-by: W. Trevor King <wking@tremily.us>
Having a separate function holding the details of this makes reading
createSandboxContainer easier.
While I was moving the code, I've also cleaned up two things:
* The nil capabilities check is now earlier, where before it had been
between the ALL handling and the non-ALL handling.
* I've added a capPrefixed variable to avoid having multiple
toCAPPrefixed calls per capability.
Signed-off-by: W. Trevor King <wking@tremily.us>
Avoid crashing 'make' with:
No package 'devmapper' found
by disabling the devmapper driver when the library it requires is not
installed. Also give the libdm_no_deferred_remove script a more
specific name to avoid confusion.
Signed-off-by: W. Trevor King <wking@tremily.us>
Catching up with the Dockerfile change from f51b0a10 (Dockerfile: move
to containernetworking/plugins, 2017-05-25, #536). The new plugins
commit from f51b0a10 is still the current Dockerfile entry.
This commit also replaces the previous 'go get' call with a git clone
to match the Dockerfile's approach. I've added an additional 'cd'
call so I don't have to repeat $GOPATH/... more than once, but other
than that, the example matches the current Dockerfile entry.
I've also removed some line-continuation slashes we've been dragging
around since the section landed 07ccda33 (tests: Install CNI
configuration files by default, 2017-04-06, #434). I'm guessing they
were a copy/paste bug from the Dockerfile, but this example has new
prompts for each command (so it doesn't need continuation) while the
Dockerfile is using && chaining (so it does).
Signed-off-by: W. Trevor King <wking@tremily.us>
The cri-o entries are stale vs. the content currently installed by the
Makefile. This commit drops them and just references the make call
before starting the table, which lets us stay DRY.
runc is not built from the cri-o repository. The docs have claimed it
was since 983aec63 (doc: Add instruction to run cri-o with kubernetes,
2017-01-31, #353), but it's independent like the CNI plugins.
The CNI plugins were moved to containernetworking/plugins in
containernetworking/cni@bc0d09e (plugins: moved to
containernetworking/plugins, 2017-05-17, containernetworking/cni#457).
I've added a link to the in-repo policy.json example. We probably
also want to link to the docs (for the version we vendor?) [1], but
I've left that alone for now.
The CNI config examples were removed from the project README in
9088a12c (contrib: cni: provide example CNI configurations,
2016-12-24, #295). I've adjusted the reference to point to the new
location, although again, I'd rather replace this with links to
upstream docs.
[1]: 3d0304a021/docs/policy.json.md
Signed-off-by: W. Trevor King <wking@tremily.us>
'make install' hasn't installed crio.conf since 8b632729 (Install to
/usr/local to avoid conflicts with vendor binaries, 2017-01-04, #304).
And Make output is usually not particularly interesting.
Signed-off-by: W. Trevor King <wking@tremily.us>
install.config has also installed rio-umount.conf since 51b225474
(Tell oci-umount where to remove mountpoints inside container, #937,
2017-09-21). And Make output is usually not particularly interesting.
Signed-off-by: W. Trevor King <wking@tremily.us>
Where the same user had multiple entries, I mostly went with whichever
entry had the most-recent non-merge commits.
The order is alphabetical according to Emacs' sort-lines.
Signed-off-by: W. Trevor King <wking@tremily.us>
And changed the name of their binary. This commit catches the docs up
with intel/cc-oci-runtime#1065 (merged 2017-09-25).
Signed-off-by: W. Trevor King <wking@tremily.us>
If a packager wants to be able to support addititional arguments on his
hook this will allow them to setup the configuration with these arguments.
For example this would allow a hook developer to add support for a --debug
flag to change the level of debugging in his hook.
In order to complete this task, I had to vendor in the latest
github.com://opencontainers/runtime-tools, which caused me to have to fix a
Mount and Capability interface calls
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Instead of compiling all of the *.go files each time, the
-i flag will cause them to be only compiled if they changed.
This will make developers much happier.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Build image for integration test on arm64 will fail for lack of
hexdump. Add bsdmainutils tool to eliminate that failure and let
build image succussfully
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>