forked from containerd/containerd
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[pull] main from containerd:main #56
Open
pull
wants to merge
3,178
commits into
fahedouch:main
Choose a base branch
from
containerd:main
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ers/prometheus Bumps [github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus](https://github.com/grpc-ecosystem/go-grpc-middleware) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/grpc-ecosystem/go-grpc-middleware/releases) - [Commits](grpc-ecosystem/go-grpc-middleware@v1.0.0...providers/prometheus/v1.0.1) --- updated-dependencies: - dependency-name: github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
…b.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus-1.0.1 build(deps): bump github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus from 1.0.0 to 1.0.1
Bumps the k8s group with 4 updates in the / directory: [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery), [k8s.io/client-go](https://github.com/kubernetes/client-go), [k8s.io/component-base](https://github.com/kubernetes/component-base) and [k8s.io/kubelet](https://github.com/kubernetes/kubelet). Updates `k8s.io/apimachinery` from 0.29.2 to 0.30.0 - [Commits](kubernetes/apimachinery@v0.29.2...v0.30.0) Updates `k8s.io/client-go` from 0.29.2 to 0.30.0 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.29.2...v0.30.0) Updates `k8s.io/component-base` from 0.29.2 to 0.30.0 - [Commits](kubernetes/component-base@v0.29.2...v0.30.0) Updates `k8s.io/kubelet` from 0.29.2 to 0.30.0 - [Commits](kubernetes/kubelet@v0.29.2...v0.30.0) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/component-base dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/kubelet dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the otel group with 8 updates: | Package | From | To | | --- | --- | --- | | [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.50.0` | `0.51.0` | | [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.50.0` | `0.51.0` | | [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | | [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | | [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` | Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.50.0 to 0.51.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.50.0...zpages/v0.51.0) Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.50.0 to 0.51.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.50.0...zpages/v0.51.0) Updates `go.opentelemetry.io/otel` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) Updates `go.opentelemetry.io/otel/sdk` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) Updates `go.opentelemetry.io/otel/trace` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/sdk dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/trace dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel ... Signed-off-by: dependabot[bot] <[email protected]>
document usage and design of blockfile snapshotter
Signed-off-by: Ruihua Wen <[email protected]>
docs: correct the typo in the documentation
…20165af8f build(deps): bump the k8s group across 1 directory with 4 updates
Perform file sync outside of lock on Commit
container.Checkpoint(), WithRestoreImage(): use ocispec.AnnotationRefName
content: add a BlobReadSeeker to allow multipart blob uploads
sandbox: Store bootstrap parameters in sandbox metadata and shim get them from sandbox metadata rather than other shim's bootstrap.json file.
Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Allow the api to stay at the same v1 go package name and keep using a 1.x version number. This indicates the API is still at 1.x and allows sharing proto types with containerd 1.6 and 1.7 releases. Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Add api Go module and move all protos under api
Signed-off-by: Derek McGowan <[email protected]> Signed-off-by: Derek McGowan <[email protected]>
Signed-off-by: Derek McGowan <[email protected]>
Cleanup local transfer interface
This commit gets rid of the TODO by moving the check to use the pluginInfo() infrastructure. The check is only enforced for shims that return info that can be read as type runtime.Features. For shims that don't provide that, we just ignore it, as those shims might not be affected by this. Signed-off-by: Rodrigo Campos <[email protected]>
Signed-off-by: Henry Wang <[email protected]>
core/runtime: Check shim PluginInfo to enforce idmap support
Add support for ttrpc in transfer and streaming service
…2cd70c4535 build(deps): bump the otel group with 8 updates
Update ctr shim subcommand to task v3
Signed-off-by: Derek McGowan <[email protected]>
…b.com/containernetworking/cni-1.2.2 build(deps): bump github.com/containernetworking/cni from 1.2.1 to 1.2.2
…b.com/containerd/go-cni-1.1.10 build(deps): bump github.com/containerd/go-cni from 1.1.9 to 1.1.10
…351cbf957 build(deps): bump k8s.io/klog/v2 from 2.130.0 to 2.130.1 in the k8s group
…b.com/checkpoint-restore/checkpointctl-1.2.1 build(deps): bump github.com/checkpoint-restore/checkpointctl from 1.2.0 to 1.2.1
…b.com/klauspost/compress-1.17.9 build(deps): bump github.com/klauspost/compress from 1.17.8 to 1.17.9
…intf These were straight concatenations of strings; reduce some allocations by removing fmt.Sprintf for this. Signed-off-by: Sebastiaan van Stijn <[email protected]>
Before / After: BenchmarkSplitObject-10 2785656 428.1 ns/op 416 B/op 13 allocs/op BenchmarkSplitObjectNew-10 13510520 88.2 ns/op 0 B/op 0 allocs/op Signed-off-by: Sebastiaan van Stijn <[email protected]>
The behavior of this function is quite counter-intuitive, as it preserves the delimiter in the result. This function should probably have been an internal function, as its use for external consumers would be very limited, but let's at least document the (surprising) behavior for those that are considering to use it. It appears that BuildKit is currently the only (publicly visible) external consumer of this function; I am planning to inline its functionality in Spec.Digest() and to deprecate this function so that it can be removed. Signed-off-by: Sebastiaan van Stijn <[email protected]>
Inline the relevant code from SplitObject, as we're only interested in the digest portion. Signed-off-by: Sebastiaan van Stijn <[email protected]>
pkg/reference: reduce allocations and improve GoDoc
The behavior of this function is quite counter-intuitive, as it preserves the delimiter in the result, and its use for external consumers would be very limited. Spec.Digest no longer uses this function, and it appears that BuildKit is currently the only (publicly visible) external consumer of it. This patch deprecates the function. Signed-off-by: Sebastiaan van Stijn <[email protected]>
Implement calls to the fsverity kernel module, allowing containerd to enable fsverity on blob data in the content store. This causes fsverity to veirfy the integrity of blob data when the blob is read. Signed-off-by: James Jenkins <[email protected]>
Signed-off-by: Sebastiaan van Stijn <[email protected]>
A nil CRIImplementation field can cause a nil pointer dereference and panic during startup recovery. Prior to this change, the nri.API struct would have a nil cri (CRIImplementation) field after nri.NewAPI until nri.Register was called. Register is called mid-way through initialization of the CRI plugin, but recovery for containers occurs prior to that. Container recovery includes establishing new exit monitors for existing containers that were discovered. When a container exits, NRI plugins are given the opportunity to be notified about the lifecycle event, and this is done by accessing that CRIImplementation field inside the nri.API. If a container exits prior to nri.Register being called, access to the CRIImplementation field can cause a panic. Here's the call-path: * The CRI plugin starts running [here](https://github.com/containerd/containerd/blob/ae71819c4f5e67bb4d5ae76a6b735f29cc25774e/pkg/cri/server/service.go#L222) * It then [calls into](https://github.com/containerd/containerd/blob/ae71819c4f5e67bb4d5ae76a6b735f29cc25774e/pkg/cri/server/service.go#L227) `recover()` to recover state from previous runs of containerd * `recover()` then attempts to recover all containers through [`loadContainer()`](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/server/restart.go#L175) * When `loadContainer()` finds a container that is still running, it waits for the task (internal containerd object) to exit and sets up [exit monitoring](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/server/restart.go#L391) * Any exit that then happens must be [handled](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/server/events.go#L145) * Handling an exit includes [deleting the Task](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/server/events.go#L188) and specifying [`nri.WithContainerExit`](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/nri/nri_api_linux.go#L348) to [notify](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/nri/nri_api_linux.go#L356) any subscribed NRI plugins * NRI plugins need to know information about the pod (not just the sandbox), so before a plugin is notified the NRI API package [queries the Sandbox Store](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/nri/nri_api_linux.go#L232) through the CRI implementation * The `cri` implementation member field in the `nri.API` struct is set as part of the [`Register()`](https://github.com/containerd/containerd/blob/ae7d74b9e21bd08260586db104a1fe04af754545/internal/cri/nri/nri_api_linux.go#L66) method * The `nri.Register()` method is only called [much further down in the CRI `Run()` method](https://github.com/containerd/containerd/blob/ae71819c4f5e67bb4d5ae76a6b735f29cc25774e/pkg/cri/server/service.go#L279) Signed-off-by: Samuel Karp <[email protected]>
commit 149ca68 updated the hcsshim module to v0.12.4, but did not add a commit to also update the runhcs binary version. full diff: microsoft/hcsshim@v0.12.3...v0.12.4 These versions are decoupled since 15b13fb to allow updating the binary version without updating the module, in cases where the module doesn't require updates. Signed-off-by: Sebastiaan van Stijn <[email protected]>
pkg/reference: deprecate SplitObject, and remove for v2.0
Fsverity content verification
sandbox: Add Update API for sandbox controller
update runhcs binary to v0.12.4
This reduces latency of calling ListPodSandboxStats() by avoiding calling shim API Task(). Signed-off-by: Eric Lin <[email protected]>
This functionality is not directly related to containerd and could move to external package at some point. Signed-off-by: Derek McGowan <[email protected]>
cri: ensure NRI API never has nil CRI
Move fsverity package to internal
cri: get pid count from container metrics
Signed-off-by: Akhil Mohan <[email protected]>
update go version to 1.22.5
Signed-off-by: Akihiro Suda <[email protected]>
CI: update Fedora to 40
Bumps the golang-x group with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/mod` from 0.18.0 to 0.19.0 - [Commits](golang/mod@v0.18.0...v0.19.0) Updates `golang.org/x/sys` from 0.21.0 to 0.22.0 - [Commits](golang/sys@v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <[email protected]>
…g-x-8115ffb80d build(deps): bump the golang-x group with 2 updates
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )