Dan Walsh
cd12a4acfe
Can't use SELinux separation when sharing the host pid/ipc namespace
...
SELinux will cause breakage when sharing these namespaces. For example it
will block processes inside of the container from looking at the hosts /proc
in hosts Pid Namespace. It will also block all access to semaphores and
shared memory defined outside of the pod.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-07 07:28:12 -04:00
Antonio Murdaca
fbcd609644
Merge pull request #109 from mrunalp/get_sb
...
Refactor to use helper method to get sandbox from request
2016-10-07 09:44:00 +02:00
Mrunal Patel
d7e72cb3a2
Refactor to use helper method get sandbox object
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:34:05 -07:00
Mrunal Patel
ec0b27fffc
Add a helper method to get sandbox from request
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:34:05 -07:00
Mrunal Patel
77afd34a27
Container state fixes
...
Move Container State constants to oci package
and fixup where strings were used instead of
the status constants
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-06 15:16:21 -07:00
Dan Walsh
be77b841fa
Add SELinux support to OCID
...
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-06 14:13:06 -04:00
Mrunal Patel
0482a4281a
Separate container IDs from container names
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-10-04 16:57:12 -07:00
Aleksa Sarai
bac579a9e5
server: create pause rootfs manually without Docker
...
This lessens the Docker requirement for creating sandboxes (with the
requirement only existing for the actual image pulling that is done when
adding a container to a pod). The interface was chosen to match the
--conmon interface, so that the location of the pause binary can be
chosen by a user.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-02 20:11:07 +11:00
Antonio Murdaca
3697a61db9
Merge pull request #84 from mrunalp/pod_attempt
...
Include attempt in the pod name
2016-10-01 01:06:00 +02:00
Mrunal Patel
d5a8d1bae3
Add annotations for pods
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 15:48:31 -07:00
Mrunal Patel
581c17169c
Include attempt in the pod name
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 15:23:38 -07:00
Mrunal Patel
50bea08c50
Remove containers from state on pod remove
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-30 12:23:48 -07:00
Mrunal Patel
1b3d172377
Ensure containers are stopped on RemovePod
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-28 13:12:38 -07:00
Antonio Murdaca
4578cc93d1
server: fix panic when listing sandboxes
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-27 10:46:45 +02:00
Antonio Murdaca
f7d3f7a69a
Merge pull request #59 from mrunalp/pod_create_bug
...
Pod create bug
2016-09-27 09:13:40 +02:00
Antonio Murdaca
df2eebbbcd
Merge pull request #58 from mrunalp/sb_short_id
...
Pod short ID
2016-09-27 07:51:54 +02:00
Mrunal Patel
4606f2a61a
Fix the build for ocid to cri-o rename
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 16:55:12 -07:00
Mrunal Patel
3245810bd6
Release pod name when pod is removed
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:42:08 -07:00
Mrunal Patel
2e387072ac
Allow specifying pod IDs by unique prefixes
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 15:24:23 -07:00
Mrunal Patel
ecda01c284
Add server impl of list pod sandboxes
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 12:45:53 -07:00
Mrunal Patel
204b2a645b
Populate state in pod status
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 11:18:35 -07:00
Antonio Murdaca
ab05a4526b
vendor: bump k8s@5fe2495588425a6613e28a048d8cc7bcb7513c7f
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-26 10:07:46 +02:00
Antonio Murdaca
857aaa7816
cmd/server: provide a flag to set ocid root dir
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-24 00:38:06 +02:00
Mrunal Patel
5475f6b32b
Fix lint error
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:06:12 -07:00
Mrunal Patel
99a7a53309
Cleanup comments
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:05:23 -07:00
Mrunal Patel
b839ff1093
Fixup pod sandbox status
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:05:18 -07:00
Mrunal Patel
6eab35c6b5
Fixup remove sandbox logic
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:04:45 -07:00
Mrunal Patel
2066b68791
Fixup stop sandbox logic
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 15:04:07 -07:00
Mrunal Patel
688f689736
Include pod namespace in the pod name
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-23 11:42:45 -07:00
Antonio Murdaca
97f5f809a4
server/sandbox: return id after creation
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:18:58 +02:00
Antonio Murdaca
569183030f
fix vendored deps
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
e269cb8b7e
new vendoring
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
32029aaba6
id and name indexes for pods
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Mrunal Patel
0ba5dfc15a
Automate the creation of the pod sandbox rootfs
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-20 15:45:46 -07:00
Mrunal Patel
19926bc905
Check if container in a pod is already stopped before stopping it
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-19 14:01:48 -07:00
Antonio Murdaca
22d434c1e6
restructure and make lint
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:56:13 +02:00