jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,825 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

2825 Commits

Author SHA1 Message Date
Davanum Srinivas 27915db384 Adding /proc/timer_list to the masked paths list 
/proc/timer_list seems to leak information about the host. Here is
an example from a busybox container running on docker+kubernetes.

 # cat /proc/timer_list | grep -i -e kube
 <ffff8800b8cc3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2497
 <ffff880129ac3db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3478
 <ffff8800b1b77db0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kube-proxy/3470
 <ffff8800bb6abdb0>, hrtimer_wakeup, S:01, futex_wait_queue_me, kubelet/2499

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2016-08-11 19:02:02 -04:00
Christian Brauner 7c59766049
tests: add requires cgroups_kmem 
On older kernels or kernels were CONFIG_MEMCG_KMEM is not set some cgroup tests
cannot be run. We simply test for the existence of the file
"${CGROUP_BASE_PATH}/memory/memory.kmem.limit_in_bytes" which should be
sufficient to conclude that CONFIG_MEMCG_KMEM is not set.

Signed-off-by: Christian Brauner <cbrauner@suse.de>
 2016-08-10 15:17:22 +02:00
Aleksa Sarai 0f76457138 Merge pull request #980 from LK4D4/safer_hook_run 
libcontainer/configs: make hooks run safer
 2016-08-09 22:22:04 +10:00
Alexander Morozov 7679c80be5 libcontainer/configs: make hooks run safer 
It's possible that `cmd.Process` is still nil when we reach timeout.
Start creates `Process` field synchronously, and there is no way to such
race.

Signed-off-by: Alexander Morozov <lk4d4math@gmail.com>
 2016-08-08 10:16:35 -07:00
Alexander Morozov 946d3b7c9d Merge pull request #979 from hmeng-19/fix_chdir_err 
Fix the err info of chdir(cwd) failure
 2016-08-08 09:57:53 -07:00
Alexander Morozov 6c7e43594e Merge pull request #978 from hmeng-19/fix_mount_error 
Fix the err info of mount failure
 2016-08-08 09:51:57 -07:00
Mrunal Patel 1fb47b08fc Merge pull request #974 from hqhq/fix_cgroup_test 
Use absolute cgroup path for integration test
 2016-08-08 09:32:35 -07:00
Haiyan Meng def07036a0 Fix the err info of chdir(cwd) failure 
Signed-off-by: Haiyan Meng <haiyanalady@gmail.com>
 2016-08-08 12:26:59 -04:00
Haiyan Meng f40fbcd595 Fix the err info of mount failure 
Signed-off-by: Haiyan Meng <haiyanalady@gmail.com>
 2016-08-08 11:58:28 -04:00
Qiang Huang 75f765e961 Use absolute cgroup path for integration test 
So we can pass the test in container os local or systemd
environment.

Also fixes: #967

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-08-07 10:47:09 +08:00
Mrunal Patel 142df3836b Merge pull request #968 from hqhq/cleanup_getlongbit 
Cleanup GetLongBit
 2016-08-02 09:34:53 -07:00
Qiang Huang 6ecb469b2b Fix race condition when using cgroups.Paths 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-08-02 15:43:04 +08:00
Qiang Huang 50f0a2b1e1 Merge pull request #962 from dubstack/fix_kmem_limits 
Remove kmem Initialization check while setting memory configuration
 2016-08-02 10:04:18 +08:00
Qiang Huang 777ac05e5e Cleanup GetLongBit 
Follow up: #962

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-08-02 09:04:30 +08:00
Mrunal Patel 56fc0ac9ce Merge pull request #966 from sjenning/fix-initscope-cgroup-path 
fix init.scope in cgroup paths
 2016-08-01 14:29:47 -07:00
Buddha Prakash fcd966f501 Remove kmem Initialization check 
Signed-off-by: Buddha Prakash <buddhap@google.com>
 2016-08-01 09:47:34 -07:00
Seth Jennings 4b44b98596 fix init.scope in cgroup paths 
Signed-off-by: Seth Jennings <sjenning@redhat.com>
 2016-08-01 11:14:29 -05:00
Qiang Huang 1a81e9ab1f Merge pull request #958 from dubstack/skip-devices 
Skip updates on parent Devices cgroup
 2016-07-29 10:31:49 +08:00
Buddha Prakash d4c67195c6 Add test 
Signed-off-by: Buddha Prakash <buddhap@google.com>
 2016-07-28 17:14:51 -07:00
Daniel, Dao Quang Minh 5226749985 Merge pull request #943 from johnbieren/master 
Change git -C reset to git reset
 2016-07-26 15:40:16 +01:00
Mrunal Patel 21124f6274 Merge pull request #963 from guilhermebr/master 
libcontainer: rename keyctl package to keys
 2016-07-26 07:34:57 -07:00
Johnny Bieren 2448451a18 Change git -C reset to git reset w/ wking suggestion. fix indentation 
Signed-off-by: Johnny Bieren <jbieren@redhat.com>
 2016-07-26 09:22:14 -04:00
Qiang Huang 8033a83975 Merge pull request #964 from zhaoleidd/test_fix 
UNITTEST: Bypass userns test on platform without userns support
 2016-07-26 11:30:17 +08:00
Guilherme Rezende 1cdaa709f1
libcontainer: rename keyctl package to keys 
This avoid the goimports tool from remove the libcontainer/keys import line due the package name is diferent from folder name

Signed-off-by: Guilherme Rezende <guilhermebr@gmail.com>
 2016-07-25 20:59:26 -03:00
Buddha Prakash ef4ff6a8ad Skip updates on parent Devices cgroup 
Signed-off-by: Buddha Prakash <buddhap@google.com>
 2016-07-25 10:30:46 -07:00
Zhao Lei bac8b4f0b4 UNITTEST: Bypass userns test on platform without userns support 
We should bypass userns test instead of show fail in platform
without userns support.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
 2016-07-25 15:35:04 +08:00
Mrunal Patel fb221651e5 Merge pull request #850 from hqhq/fix_help_msg 
Fix help message for memory-swap
 2016-07-21 06:54:37 -07:00
Daniel, Dao Quang Minh f0e17e9a46 Merge pull request #961 from hqhq/revert_935 
Revert "Use update time to detect if kmem limits have been set"
 2016-07-21 14:51:21 +01:00
Daniel, Dao Quang Minh ff88baa42f Merge pull request #611 from mrunalp/fix_set 
Fix cgroup Set when Paths are specified
 2016-07-21 14:00:22 +01:00
Qiang Huang 9ebf816d03 Fix help message for memory-swap 
Back quotes are the placeholder feature described here:
https://github.com/urfave/cli#placeholder-values

Without this, cli will take `-1` as default value as:
```
   --memory-swap -1             Total memory usage (memory + swap); set `-1` to enable unlimited swap
```

After this patch, it'll act correctly
```
   --memory-swap value          Total memory usage (memory + swap); set '-1' to enable unlimited swap
```

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-07-21 19:37:36 +08:00
Qiang Huang 15c93ee9e0 Revert "Use update time to detect if kmem limits have been set" 
Revert: #935
Fixes: #946

I can reproduce #946 on some machines, the problem is on
some machines, it could be very fast that modify time
of `memory.kmem.limit_in_bytes` could be the same as
before it's modified.

And now we'll call `SetKernelMemory` twice on container
creation which cause the second time failure.

Revert this before we find a better solution.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-07-21 19:14:38 +08:00
Mrunal Patel 0ae6018eb9 Merge pull request #956 from dubstack/skip-pid 
Allow cgroup creation without attaching a pid
 2016-07-20 16:40:13 -07:00
Aleksa Sarai 19d517da6d Merge pull request #954 from hqhq/add_list_man_change 
Add runc list man change
 2016-07-21 08:10:26 +10:00
Buddha Prakash ebe85bf180 Allow cgroup creation without attaching a pid 
Signed-off-by: Buddha Prakash <buddhap@google.com>
 2016-07-20 13:49:48 -07:00
Mrunal Patel 7b06cc02c7 Merge pull request #957 from zhaoleidd/fix_exec_test_output 
integration_testing: Fix a output typo
 2016-07-20 08:35:45 -07:00
Zhao Lei f2c4c4ad35 integration_testing: Fix a output typo 
s/destory/destroy for error message output.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
 2016-07-20 11:17:13 +08:00
Mrunal Patel bd1d3ac048 Merge pull request #951 from hmeng-19/fix_nsener_readme 
Fix libcontainer/nsenter/README.md
 2016-07-19 13:40:34 -04:00
Haiyan Meng 6d14dd67b2 Fix nsenter/README.md 
Signed-off-by: Haiyan Meng <haiyanalady@gmail.com>
 2016-07-19 12:11:33 -04:00
Qiang Huang 7e3eb32561 Add runc list man change 
Follow up https://github.com/opencontainers/runc/pull/939

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-07-19 08:56:25 +08:00
Mrunal Patel 4dedd09396 Merge pull request #937 from hushan/net_cls-classid 
fix setting net_cls classid
 2016-07-18 17:18:23 -04:00
Mrunal Patel a0dccbd174 Merge pull request #947 from hencrice/patch-1 
Fixed typo in build constraint.
 2016-07-18 12:47:37 -04:00
Mrunal Patel ff9cb9b42d Merge pull request #949 from cyphar/fix-cgroup-rt-json 
configs: fix json tags for CpuRt* options
 2016-07-18 12:47:09 -04:00
Aleksa Sarai aa029491be
configs: fix json tags for CpuRt* options 
Previously we used the same JSON tag name for the regular and realtime
versions of the CpuRt* fields, which causes issues when you want to use
two different values for the fields.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-07-18 17:02:30 +10:00
Qiang Huang 1b49d9b4db Merge pull request #936 from macrosheep/set-criupath-helper 
libcontainer: Add a helper func to set CriuPath
 2016-07-18 09:37:47 +08:00
Yen-Lin Chen a318a2ae1b Fixed typo in build constraint. 
Signed-off-by: Yenlin Chen <hencrice@gmail.com>
 2016-07-15 19:24:22 -07:00
Qiang Huang 41b12c095b Merge pull request #913 from cloudfoundry-incubator/addgroupsnocompatible 
Let the user explicitly specify `additionalGids` on `runc exec`
 2016-07-15 10:12:31 +08:00
Mrunal Patel ec01ae5f10 Merge pull request #942 from ggaaooppeenngg/fix-typo 
Fix typo
 2016-07-14 11:18:06 -04:00
Daniel, Dao Quang Minh 7446e70f42 Merge pull request #939 from mikebrow/additional-list-docs 
address issue #797 by adding additional documentation
 2016-07-14 11:06:01 +01:00
Peng Gao 765df7eed0 Fix typo 
Signed-off-by: Peng Gao <peng.gao.dut@gmail.com>
 2016-07-13 23:32:38 +08:00
Mike Brown 50dbe5f474 address issue #797 by adding additional documentation 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2016-07-11 09:31:07 -05:00