jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,002 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

1002 Commits

Author SHA1 Message Date
Michael Crosby 09809b551c Merge pull request #320 from rhatdan/pidns 
killall processes in a cgroup if you are not using the pid namespace
 2015-01-12 10:18:48 -08:00
Phil Estes 50f0faa795 Update ROADMAP.md to correctly reflect current arch status 
Adds POWER (ppc64 and ppc64le), System z (s390x), and ARM to list of
architectures currently supported by libcontainer

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
 2015-01-12 12:58:27 -05:00
Andrey Vagin 35ae1c4871 nsenter: add a macros to print errors 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Andrey Vagin 85cd86999f nsenter: use %m instead of strerror(errno) 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Andrey Vagin 0f8f0601ae nsenter: return an error if a process with specified pid is a zombie 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Andrey Vagin b6a1b88985 nsenter: return an error if a process with specified pid doesn't exist 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Andrey Vagin ecace12e5a nsenter: check errors from open(), read() and open() 
Currently if nsenter is executed without /proc, it segfaulted.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Andrey Vagin b7e54b0b41 nsenter: add tests 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-12 07:56:12 +03:00
Dan Walsh 1bd146ed82 This patch adds a test for the shared HOST Pid namespace 
It also kills all processes in a cgroup if you are not using the pid namespace

If we stop using the PID namespace, and more then one process is running
when the pid 1 exits, docker will hang since the cgroups do not disappear.

This code will kill all remaining processes

Add Tests for handing of Pid Namespaces

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
 2015-01-09 13:43:47 -05:00
Victor Marmol e30793aed7 Merge pull request #322 from mrunalp/features/add_groups 
Adds functionality to specify additional groups to join.
 2015-01-08 14:04:03 -08:00
Mrunal Patel 445bebc1b1 Adds functionality to specify additional groups to join. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
 2015-01-08 17:01:47 -05:00
Michael Crosby d7dea0e925 Merge pull request #321 from vmarmol/no-file 
Don't get stats for cgroups that don't exist.
 2015-01-08 11:26:02 -08:00
Victor Marmol e3184f97e0 Don't get stats for cgroups that don't exist. 
Signed-off-by: Victor Marmol <vmarmol@google.com>
 2015-01-08 11:17:09 -08:00
Michael Crosby be02944484 Merge pull request #318 from mrunalp/subreaper 
Use the child subreaper option only when available
 2015-01-06 15:33:37 -08:00
Mrunal Patel a1ac9b1015 Use the child subreaper option only when available 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
 2015-01-06 18:30:30 -05:00
Alexander Morozov 8067e34ec0 Merge pull request #317 from mrunalp/go1.4 
Changes Dockerfile to use go 1.4
 2015-01-05 13:37:51 -08:00
Mrunal Patel 6c285c1d49 Changes Dockerfile to use go 1.4 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
 2015-01-05 16:30:22 -05:00
Mrunal Patel 14af6755f0 Merge pull request #316 from LK4D4/fix_vet 
Fix vet errors
 2015-01-02 11:39:38 -08:00
Alexander Morozov c34b3d5ce9 Fix vet errors 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2014-12-29 10:57:01 -08:00
Andrey Vagin 195a08efbc new-api: set Cloneflags in namespace.Exec() 
This place looks more suitable.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-25 18:44:10 +03:00
Andrey Vagin d572094b75 new-api: execute a process inside an existing container 
A new constructor function (like nsenter) is added in this patch.  This
function gets arguments from environment variables and its behaviour doesn't
depend on a command line arguments.

A program which calls factory.StartInitialization() must import the nsenter
package. It looks ugly, but I don't know another way how to enter into CT from
a go code.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-25 18:44:10 +03:00
Alexander Morozov 0f397d4e14 Merge pull request #314 from crosbymichael/use-ns-ptr 
Namespaces methods should act on pointer
 2014-12-23 19:18:50 -08:00
Michael Crosby afb167a417 Namespaces methods should act on pointer 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-23 16:57:07 -08:00
Rohit Jnagal 10d49f830b Merge pull request #313 from crosbymichael/lk4d4 
Add lk4d4 as maintainer
 2014-12-23 16:31:32 -08:00
Michael Crosby 6fae0d4fa6 Add lk4d4 as maintainer 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-23 15:29:55 -08:00
Andrey Vagin 11ce56a9e0 new-api: clean up startInitProcess() 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-24 00:19:18 +03:00
Mrunal Patel 1597c68f7b Merge pull request #312 from LK4D4/care_#302 
Add type for namespaces for better UI (replacement of #302)
 2014-12-23 11:27:51 -08:00
Alexander Morozov 5bb8146989 Add Contains wrapper for Namespaces type 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2014-12-23 11:13:45 -08:00
Mrunal Patel 6423c8d261 Merge pull request #307 from LK4D4/systemd_notify_oom 
OOM Notify refactoring
 2014-12-23 09:15:50 -08:00
Andrey Vagin 13841ef37d new-api: return the Running state only if the init process is alive 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-23 16:30:37 +03:00
Andrey Vagin 1a380ac436 nsinit: remove ticks around nsenter 
If we really need these command, we need to expand API.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-23 16:30:37 +03:00
Rohit Jnagal 9455a8ce3a Merge pull request #310 from jfrazelle/9771-non-local-mac-address 
Allow non local mac-address.
 2014-12-22 23:03:42 -08:00
Jessica Frazelle 312f997de6 Allow non local mac-address. 
Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
 2014-12-22 22:42:49 -08:00
Rohit Jnagal f61899ece3 Merge pull request #308 from LK4D4/fix_cgroups_removing 
Fix removing of cgroups if something still alive in container
 2014-12-22 17:45:41 -08:00
Alexander Morozov 6feb7bda04 Fix removing of cgroups if something still alive in container 
Now we try to remove cgroups 5 times with increased delay between
tries.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2014-12-22 14:34:58 -08:00
Alexander Morozov 9825a26db5 Refactor NotifyOnOOM a little 
Now there is function NotifyOnOOM in libcontainer package, which
receives *libcontainer.State as argument.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2014-12-22 11:44:41 -08:00
Mrunal Patel 08fdb50b03 Merge pull request #300 from dqminh/subreaper 
define PR_SET_CHILD_SUBREAPER if not set
 2014-12-19 10:44:23 -08:00
Michael Crosby 187792e35b Merge pull request #293 from gaberger/292-makefilechange 
Changed docker hub pointer to dockercore
 2014-12-19 09:46:39 -08:00
Victor Marmol e1b4ec3363 Merge pull request #306 from avagin/api-linux-2 
Use namespace.Exec() and namespace.Init() to execute processes in CT
 2014-12-19 07:44:16 -08:00
Andrey Vagin c912207636 namespaces: combine Process.Env and Container.Env 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:48:16 +03:00
Andrey Vagin 86653c66a3 libcontinaer: use new API in integration tests 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:48:16 +03:00
Andrey Vagin 540f44d3b2 process: use io.Reader instead of io.WriteCloser for standard fds 
Could someone explain why we should close this fds? Usually users
cares about closing them or not.
For example exec.Cmd declares them as io.Reader.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:48:16 +03:00
Andrey Vagin 7996829914 libcontainer: optimize updateStateFile() 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:48:15 +03:00
Andrey Vagin 5ecd29c1f2 linux_container: fork an init process in a new set of namespaces 
Use namespace.Exec() and namespace.Init() to execute processes in CT.

Now an init process is actually executed in a new container. This series
doesn't change code about creating containers, it only reworks code according
with new API.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:47:04 +03:00
Andrey Vagin c406a6b6e0 nsinit: clean up 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Andrey Vagin ce9d63376f libcontainer: move State in the configs package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Andrey Vagin 7038ddbc8c libcontainer: move Config in a separate package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Victor Marmol c44e63a62d Merge pull request #299 from avagin/api-linux 
Prepare ground for moving on new API
 2014-12-18 09:22:17 -08:00
Daniel, Dao Quang Minh d6cd7ce43f define PR_SET_CHILD_SUBREAPER if not set 
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
 2014-12-17 10:16:57 -05:00
Andrey Vagin 44024d0c47 Makefile: get the glog package 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-17 07:39:18 +03:00