| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
* Capture and publish OOM events
We use oom notifiers on the cgroup to publish oom events to containerd.
This is passed back via CRI to Kubernetes etc. for more helpful error
reporting.
Fixes #56
|
|
* Updated configuration docs to be more consistent
* Add links to configuration docs
* Add links to top README
* Fix markdown formatting
|
|
* Updated e2e tests on travis
- Updated tests to run using Go 1.14
- Added test for containerd 1.3
- Updated release of runsc to test
* Fix release downloading in e2e tests
* Fix test targets
* Update to using Ubuntu bionic in travis tests
|
|
|
|
Change annotation from 'gvisor.dev/spec/mount/NAME/share',
which is invalid because it has more than one '/', to
'dev.gvisor.spec.mount.NAME.share'.
|
|
Adds doc to explicitly create the Kubernetes RuntimeClass object needed
to use the shim via the Kubernetes API.
|
|
|
|
|
|
* Add volume annotation support
Signed-off-by: Lantao Liu <lantaol@google.com>
* Add unit test.
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
|
|
|
|
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
|
|
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
Port shim fixes containerd/containerd#3264, containerd/containerd#3264
Update containerd to newest release/1.2 commit.
|
|
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
enable to pass a custom runtime path to gvisor-containerd-shim
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>
|
|
1. original LATEST_RELEASE is about containerd-shim-runsc-v1, we should choose the second line gvisor-containerd-shim. lol
2. should use /etc/containerd/gvisor-containerd-shim.toml not yaml : )
fixes #18
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>
|
|
When ContainerD v1.2.4 creates a task, it may pass a *runctypes.CreateOptions in the request options field. This currently causes the gvisor-containerd-shim to reject the request.
This PR allows the shim to handle requests with creation options set, and also slightly improves the error message so future failures of this kind are easier to localize to the shim.
Fixes #19
|
|
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
* Update containerd to 1.2.2
Signed-off-by: Lantao Liu <lantaol@google.com>
* Port https://github.com/containerd/containerd/pull/2803.
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
* Update vendors
Signed-off-by: Lantao Liu <lantaol@google.com>
* Add containerd shim v2 support.
Signed-off-by: Lantao Liu <lantaol@google.com>
* Add test and doc for containerd-shim-runsc-v1.
Signed-off-by: Lantao Liu <lantaol@google.com>
* Address comments.
|
|
Adds a timeout and cancel to shim fifo open
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
Use cni v0.7.0 in the integration test.
Signed-off-by: Lantao Liu <lantaol@google.com>
|
|
* Separate docs for containerd 1.1 and 1.2
The configuration for the untrusted workload annotation and runtime
class are different enough that it makes sense to separate the docs.
Commands in docs are taken from scripts in the docs/scripts directory.
These scripts can be used later for integration & doc tests (#3). The
docs can be updated using the embedmd tool:
https://github.com/campoy/embedmd
* Add basic e2e tests refs #3
Added end-to-end tests based on the quickstart workflows for
containerd 1.1 and containerd 1.2+.
|
|
Added code owners so that they are added to PRs
See: https://help.github.com/articles/about-codeowners/
|
|
|
|
Fix sandbox.json instructions for containerd 1.1
|
|
See: https://help.github.com/articles/about-codeowners/
|
|
Annotations aren't part of the PodSandboxMetadata but rather part of the
PodSandboxConfig object. crictl's parsing logic seems to ignore
extraneous fields so it silently fails to create pods using the
untrusted workload runtime.
See: https://github.com/kubernetes-sigs/cri-tools/blob/v1.13.0/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go#L775
|
|
|
