jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,395 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

2395 Commits

Author SHA1 Message Date
Mrunal Patel 40f4e7873d Merge pull request #691 from crosbymichael/seccomp-log 
Remove log from seccomp package
 2016-03-25 17:45:26 -07:00
Mrunal Patel f3e5352c7f Merge pull request #688 from codido/specconv 
Export CreateLibcontainerConfig
 2016-03-25 17:44:58 -07:00
Mrunal Patel 9d2d88ca8a Merge pull request #690 from crosbymichael/lock-thread 
Move lockthread to package level
 2016-03-25 17:43:22 -07:00
Michael Crosby 8873ac26a5 Remove log from seccomp package 
Logging in packages is bad, mkay.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-03-25 14:21:30 -07:00
Michael Crosby 0698777a36 Move lockthread to package level 
Move this to be one of the first things that is done in the main if we
are executing the init.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-03-25 11:15:09 -07:00
Ido Yariv 28b21a5988 Export CreateLibcontainerConfig 
Users of libcontainer other than runc may also require parsing and
converting specification configuration files.

Since runc cannot be imported, move the relevant functions and
definitions to a separate package, libcontainer/specconv.

Signed-off-by: Ido Yariv <ido@wizery.com>
 2016-03-25 12:19:18 -04:00
Julian Friedman e91b2b8aca Set rlimits using prlimit in parent 
Fixes #680

This changes setupRlimit to use the Prlimit syscall (rather than
Setrlimit) and moves the call to the parent process. This is necessary
because Setrlimit would affect the libcontainer consumer if called in
the parent, and would fail if called from the child if the
child process is in a user namespace and the requested rlimit is higher
than that in the parent.

Signed-off-by: Julian Friedman <julz.friedman@uk.ibm.com>
 2016-03-25 15:11:44 +00:00
Qiang Huang 344b0ccaa6 Merge pull request #685 from allencloud/fix-typos 
fix typos
 2016-03-25 18:18:29 +08:00
allencloud 10cc27888c fix typos 
Signed-off-by: allencloud <allen.sun@daocloud.io>
 2016-03-25 11:11:48 +08:00
Thomas Tanaka 55aabc142c Only perform mount labelling when necessary 
Do label mqueue when mounting it with label failed/not supported.

Signed-off-by: Thomas Tanaka <thomas.tanaka@oracle.com>
 2016-03-24 13:38:18 -07:00
Michael Crosby 5439bd2d95 Merge pull request #682 from anusha-ragunathan/dont-cleanpath 
Dont cleanPath for systemd cgroup paths.
 2016-03-24 11:18:51 -07:00
Anusha Ragunathan 89abd91694 Dont cleanPath for systemd cgroup paths. 
systemd expects cgroupsPath to be of form "slice:prefix:name".
So dont call cleanPath on it anymore.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
 2016-03-24 10:52:41 -07:00
Michael Crosby 24950964ec Merge pull request #667 from mrunalp/systemd_cgroups 
Add support for enabling systemd cgroups
 2016-03-23 16:14:03 -07:00
Mrunal Patel d563bd1342 Merge pull request #677 from tonistiigi/pipe-crash-logging 
Show proper error from init process panic
 2016-03-23 09:52:57 -07:00
Mrunal Patel 0e4170849f Update man page for runc 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-22 17:09:51 -07:00
Mrunal Patel 7e91a96605 Add support for systemd cgroups in runc 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-22 17:08:07 -07:00
Mrunal Patel 24142a8514 Add a flag to enable systemd cgroups support in runc 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-22 17:07:57 -07:00
Tonis Tiigi 78ecdfe18e Show proper error from init process panic 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2016-03-22 15:57:15 -07:00
Mrunal Patel 5f182ce738 Merge pull request #673 from rajasec/error-typo 
fixing typo in device access error
 2016-03-22 14:16:33 -07:00
Mrunal Patel a35f907983 Merge pull request #668 from mrunalp/fix_exec_oom 
Set oom_score_adj before we send the config to avoid race
 2016-03-22 09:42:34 -07:00
Qiang Huang 69f8a50081 Merge pull request #669 from mrunalp/fix_test 
Fix the kmem TCP test
 2016-03-22 09:45:13 +08:00
Michael Crosby e80b6b67e6 Merge pull request #651 from mrunalp/quota_validation 
Add more information in the error messages when writing to a file
 2016-03-21 17:53:49 -07:00
Mrunal Patel 73e48633a3 Fix the kmem TCP test 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-21 15:51:42 -07:00
Mrunal Patel 69db69668e Set oom_score_adj before we send the config to avoid race 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-21 15:33:17 -07:00
Mrunal Patel 4d7929274d Merge pull request #644 from cyphar/fix-pids-max-unlimited 
libcontainer: cgroups: deal with unlimited case for pids.max
 2016-03-21 14:55:20 -07:00
Mrunal Patel 4856ed1d53 Merge pull request #665 from cyphar/cgroup-kmem-tcp-limit 
libcontainer: cgroups: add support for kmem.tcp limits
 2016-03-21 14:51:10 -07:00
rajasec 945ef1d51f fixing typo in device access error 
Signed-off-by: rajasec <rajasec79@gmail.com>

fixing typo in device access error

Signed-off-by: rajasec <rajasec79@gmail.com>

Fixed review comments

Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-03-21 22:45:53 +05:30
Mrunal Patel 35541ebcd2 Add more information in the error messages when writing to a file 
This is helpful to debug "invalid argument" errors when writing to cgroup files

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-21 09:27:24 -07:00
Qiang Huang e32651842a Merge pull request #650 from november-eleven/master 
Export user and group lookup errors as variables.
 2016-03-21 09:41:56 +08:00
Qiang Huang 37ff49b9d1 Merge pull request #661 from mikebrow/spec-help 
adds detail to runc start and spec help text
 2016-03-21 09:16:13 +08:00
Aleksa Sarai f5e60cf775 libcontainer: cgroups: add statistics for kmem.tcp 
Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-03-20 22:04:02 +11:00
Aleksa Sarai 1448fe9568 libcontainer: cgroups: add support for kmem.tcp limits 
Kernel TCP memory has its own special knobs inside the cgroup.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-03-20 22:03:52 +11:00
Mike Brown fdf9ef46b2 adds detail to runc start and spec help text 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2016-03-18 13:54:06 -05:00
Mrunal Patel 54a6e56004 Merge pull request #647 from rajasec/valid-id 
Fixing valid-id in regex
 2016-03-18 09:38:56 -07:00
Mrunal Patel b336a84aeb Merge pull request #658 from hqhq/hq_fix_init_help_info 
Fix help info of init command
 2016-03-18 09:38:17 -07:00
Qiang Huang c82ec8e898 Fix help info of init command 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-03-18 14:02:42 +08:00
Mrunal Patel 62470e0bd8 Merge pull request #653 from jfrazelle/remove-deadcode 
remove deadcode
 2016-03-17 16:50:45 -07:00
Michael Crosby 541725b6ef Merge pull request #655 from mrunalp/sync_pid 
Sync on the pid file to ensure the write is persisted
 2016-03-17 16:15:30 -07:00
Mrunal Patel c85f24fda2 Sync on the pid file to ensure the write is persisted 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-17 15:12:35 -07:00
Aleksa Sarai a6d5179f60 libcontainer: cgroups: add tests for pids.max == "max" 
Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-03-18 08:46:24 +11:00
Aleksa Sarai 087b953dc5 libcontainer: cgroups: deal with unlimited case for pids.max 
Make sure we don't error out collecting statistics for cases where
pids.max == "max". In that case, we can use a limit of 0 which means
"unlimited".

In addition, change the name of the stats attribute (Max) to mirror the
name of the resources attribute in the spec (Limit) so that it's
consistent internally.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-03-18 08:46:24 +11:00
Mrunal Patel d6c22f29e3 Merge pull request #652 from crosbymichael/atomic-pid 
Create pid-file atomically
 2016-03-17 14:44:30 -07:00
Michael Crosby d26cd4da40 Create pid-file atomically 
For things that depend or watch for this pid file to know when the
container is started we need to create this file atomically.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-03-17 14:41:18 -07:00
Jessica Frazelle 2c5b10189c
remove deadcode 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-17 13:36:28 -07:00
Thomas LE ROUX 570deee7ac Export user and group lookup errors as variables. 
Export errors as variables when no matching entries are found in passwd or group file.

Signed-off-by: Thomas LE ROUX <thomas@november-eleven.fr>
 2016-03-17 21:03:27 +01:00
Alexander Morozov bbde9c426f Merge pull request #646 from crosbymichael/pid-host-block 
Destroy container along with processes before stdio
 2016-03-17 09:51:59 -07:00
Mrunal Patel 015fad9fa8 Merge pull request #604 from hqhq/hq_clean_force_remove 
Don't link runc every time
 2016-03-16 18:53:51 -07:00
Qiang Huang a719ea5c61 Don't link runc every time 
So we won't see the link message every time we make
runc. Also it use force remove when make clean, so
we don't see annoying error when do extra make clean.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-03-17 08:24:24 +08:00
Mrunal Patel 53ca128353 Merge pull request #648 from mrunalp/cgroups_delegate 
Set Delegate to true for cgroups transient units
 2016-03-16 14:44:02 -07:00
Mrunal Patel 93d1a1a6ea Set Delegate to true for cgroups transient units 
This is required because we manage some of the cgroups ourselves.
This recommendation came from talking with systemd devs about
some of the issues that we see when using the systemd cgroups driver.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-03-16 09:44:27 -07:00