Commit Graph

2625 Commits

Author SHA1 Message Date
Michael Crosby 75fb70be01 Rename start to run
`runc run` is the command that will create and start a container in one
single command.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-05-31 11:06:41 -07:00
Mrunal Patel 88bb59e35f Merge pull request #853 from hqhq/fix_set_kernel_memory
Remove use_hierarchy check when set kernel memory
2016-05-31 08:31:42 -07:00
Mrunal Patel 1df636ae24 Merge pull request #855 from rajasec/readme-oci
Changing OCF to OCI in README
2016-05-31 08:30:00 -07:00
Michael Holzheu bae23b67f8 seccomp: Add ppc and s390x to seccomp/config.go
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
2016-05-31 08:56:07 -04:00
Qiang Huang 71511dc155 Improve update memory
Support update memory with:
runc update --memory 50M container-id

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-30 18:56:10 +08:00
Qiang Huang 152ee95380 Add VERSION file to contain the version info
We need this because we need to get version info out of
go code, eg. build rpm package.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-30 10:24:22 +08:00
rajasec b3503c3516 Changing OCF to OCI in README
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-05-28 14:28:17 +05:30
rajasec e31a1ae0f1 bash completion step for update command
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-05-28 13:22:28 +05:30
Qiang Huang 6fa490c664 Remove use_hierarchy check when set kernel memory
Kernel memory cannot be set in these circumstances (before kernel 4.6):
1. kernel memory is not initialized, and there are tasks in cgroup
2. kernel memory is not initialized, and use_hierarchy is enabled,
   and there are sub-cgroups

While we don't need to cover case 2 because when we set kernel
memory in runC, it's either:
- in Apply phase when we create the container, and in this case,
  set kernel memory would definitely be valid;
- or in update operation, and in this case, there would be tasks
  in cgroup, we only need to check if kernel memory is initialized
  or not.

Even if we want to check use_hierarchy, we need to check sub-cgroups
as well, but for here, we can just leave it aside.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-28 15:22:58 +08:00
Qiang Huang 468428fe3d README: Destroy container before fatal
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-28 14:41:06 +08:00
Qiang Huang 392a659733 Merge pull request #843 from zhaoleidd/update_manuals
Update manuals
2016-05-28 14:10:43 +08:00
Qiang Huang b63321be6a Merge pull request #837 from cyphar/cleanup-integration
Integration framework cleanup
2016-05-28 14:07:41 +08:00
Qiang Huang 3b447f8da5 Merge pull request #849 from avagin/emptyns
checkpoint: add the empty-ns option
2016-05-28 14:01:15 +08:00
Qiang Huang 2503fca35d Update man pages to refect the latest cli change
The major change is the description of options, change
it as the latest cli help message shows, which specify
a "value" after an option if it takes value, and add
(default: xxx) if the option has a default value.

This also includes some other minor consistency fixes.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-28 13:33:57 +08:00
Andrew Vagin 22d60d9874 checkpoint: add the empty-ns option
For example:
./runc checkpoint --empty-ns network CTID

In this case criu creates a network namespace, but doesn't restore it.

We are going to use this option to restore docker containers and
Docker sets a hook to restore a network namespace.

https://github.com/xemul/criu/issues/165
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
2016-05-28 06:21:17 +03:00
Andrew Vagin c161e65ac6 cr: don't fill veth devices if netns is in EmptyNs
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
2016-05-28 01:19:54 +03:00
Daniel, Dao Quang Minh 1ce23a5bb1 Merge pull request #848 from cyphar/fix-pullapprove
pullapprove: use the right team
2016-05-27 11:24:09 +01:00
Aleksa Sarai cb35e42dad pullapprove: use the right team
On GitHub the maintainers of runC are *not* the same as the maintainers
of runtime-spec. Fix this, and use the right team.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-27 13:18:42 +10:00
Michael Crosby 807d11d0fa Merge pull request #847 from caniszczyk/add-pull-approve
Add PullApprove support
2016-05-26 18:00:32 -07:00
Chris Aniszczyk e2fd7c1184 Add PullApprove support
Enforce 2 LGTMs for pull requests.

Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2016-05-26 17:35:02 -05:00
Aleksa Sarai 72ee54918f integration: add requires() function
This is similar to the testRequires() function in the Docker test suite.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-26 19:17:39 +10:00
Aleksa Sarai 4fd8a7aafa bats: refactor run "$RUNC" -> runc
This makes it much simpler to write tests, and you don't have to worry
about some of the oddness with bats.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-26 19:17:39 +10:00
Alexander Morozov 57b997243d Merge pull request #817 from rhatdan/completions
Add bash completion support
2016-05-25 12:37:08 -07:00
Dan Walsh 8b81b10397 Add bash completion support
I have taken the docker command completions code and reworked it for runc
support.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-05-25 15:18:43 -04:00
Alexander Morozov d57898610b Merge pull request #675 from pankit/master
Allow + in container ID
2016-05-25 10:35:08 -07:00
Mrunal Patel dcb075020c Merge pull request #844 from zhaoleidd/unify_logsetting_errorhandle
Unify log setting's error output
2016-05-25 09:19:10 -07:00
Zhao Lei 34d100f970 manual: add manual for ps command
This patch add manual for ps command, and remove remove example
for --format command, which is not necessary.

Suggested-by: Aleksa Sarai <asarai@suse.de>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 17:32:14 +08:00
Zhao Lei 935eba1cc1 manual: update: Add kernelTCP configuration into code's --help
To make --help option output same example with man.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 17:23:07 +08:00
Zhao Lei f5b674c914 manual: restore: Update contents with source
This patch add losted --no-subreaper and --no-pivot options in
manual:
 # ./runc restore --help
 ..
 OPTIONS:
   ...
   --no-subreaper               disable the use of the subreaper used to reap reparented processes
   --no-pivot                   do not use pivot root to jail process inside rootfs.  This should be used whenever the rootfs is on top of a ramdisk
 #

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 17:23:07 +08:00
Zhao Lei 7d5779fdee manual: list: Move description contents into OPTIONS field
The description contents in manual is for --format argument
actually, see:
 # ./runc list --help
 ...
 OPTIONS:
    --format, -f         select one of: table or json.

 The default format is table.  The following will output the list of containers
 in json format:

     # runc list -f json
    --quiet, -q  display only container IDs
 #

This patch move above content into right place, and remove the command
example which is not necessary.

Suggested-by: Aleksa Sarai <asarai@suse.de>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 17:18:30 +08:00
Zhao Lei f79716d6cf Unify log setting's error output
When we set a wrong --log-format value, runc exit without any
message:
 # ./runc --log-format aaa list
 #
It is again "no news is good news" rule.

And it is not unified with the case when we set a wrong --log
value:
 # ./runc --log / list
 ERRO[0000] open /: is a directory
 open /: is a directory
 #

This patch unified action for above two error-setting.

After patch:
 # ./runc --log-format aaa list
 unknown log-format: "aaa"
 #

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 16:10:30 +08:00
Aleksa Sarai fa5ce1e2d0 Merge pull request #842 from cyphar/update-seccomp
godeps: update seccomp to 60c9953736798c4a04e90d0f3da2f933d44fd4c4
2016-05-25 14:49:07 +10:00
Zhao Lei aedafa9965 manual: runc-exec: Add losted --no-subreaper argument
--no-subreaper's description exist in code but not in manual:
 # ./runc exec --help
 ...
 OPTIONS:
   ...
   --no-subreaper                               disable the use of the subreaper used to reap reparented processes
 #

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 10:48:11 +08:00
Zhao Lei f6e4d7ba7c manual: Update runc-events.8.md with source
--events argument's usage was updated by:
commit:a62dbf48b0fe5e2e28e3cc9dc80a70d2ec5ebc25
We need to update manual together.

This patch also removes last useless blank line
in manual.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 10:48:11 +08:00
Zhao Lei 8cd952f0a2 manual: Unify EXAMPLE title in code and manual
There are 3 types of EXAMPLE title in manual and code:
1: "# EXAMPLE"
   runc-delete.8.md
   runc-exec.8.md
   runc-kill.8.md
2: "EXAMPE:"
   runc-spec.8.md
3: EXAMPLE title exist in manual, but not exist in code's --help output
   delete.go
   exec.go
   kill.go

This patch unified above format, and deleted some useless blanks.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 10:48:11 +08:00
Zhao Lei a6a0cdf53d manual: Use SYNOPSIS instead of USAGE in man/runc-checkpoint.8.md
Reason1:
 other runc manual are using word of "SYNOPSIS"
 # grep USAGE man/*
 # man/runc-checkpoint.8.md:#USAGE
 #
 # grep SYNOPSIS man/*
 man/runc-checkpoint.8.md:# SYNOPSIS
 man/runc-delete.8.md:# SYNOPSIS
 man/runc-events.8.md:# SYNOPSIS
 man/runc-exec.8.md:# SYNOPSIS
 man/runc-kill.8.md:# SYNOPSIS
 man/runc-list.8.md:# SYNOPSIS
 man/runc-pause.8.md:# SYNOPSIS
 man/runc-restore.8.md:# SYNOPSIS
 man/runc-resume.8.md:# SYNOPSIS
 man/runc-spec.8.md:# SYNOPSIS
 man/runc-start.8.md:# SYNOPSIS
 man/runc-state.8.md:# SYNOPSIS
 man/runc-update.8.md:# SYNOPSIS
 man/runc.8.md:# SYNOPSIS
 #

Reason2:
 Most linux commands are using word of "SYNOPSIS"
 # man ls
 # man find
 # ...

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-25 10:48:11 +08:00
Aleksa Sarai 089b05a512 godeps: update seccomp to 60c9953736798c4a04e90d0f3da2f933d44fd4c4
This update allows more distributions to build runC with seccomp out of
the box (the include path and library paths are not always the Go
defaults).  In addition, update the test's Dockerfile to have pkg-config
installed.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-25 07:58:28 +10:00
Mrunal Patel aa7e27eac9 Merge pull request #828 from hqhq/hq_fix_update_kmem
Fix update kernel memory test
2016-05-24 09:58:09 -07:00
Qiang Huang d2d09b9bcd Merge pull request #836 from cyphar/console-chown
*: correctly chown() consoles
2016-05-23 10:25:45 +08:00
Aleksa Sarai 1a913c7b89 *: correctly chown() consoles
In user namespaces, we need to make sure we don't chown() the console to
unmapped users. This means we need to get both the UID and GID of the
root user in the container when changing the owner.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-22 22:37:13 +10:00
Mrunal Patel 60eb77dd3c Merge pull request #810 from hqhq/hq_update_cli
Update cli package
2016-05-20 20:46:59 -07:00
Qiang Huang 153b12921c Merge pull request #835 from zhaoleidd/fix_outdated_comment
Fix outdated comment for loadSpec
2016-05-20 20:46:13 -05:00
Zhao Lei 198e2771ac Fix outdated comment for loadSpec
loadSpec() is not support blank path now, remove relative comments.

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-20 19:05:00 +08:00
Qiang Huang c8b20e7706 Merge pull request #833 from zhaoleidd/fix_manual_spelling_typo
Fix some spelling typo in manual
2016-05-20 02:23:05 -05:00
Zhao Lei a0096535a6 Fix some spelling typo in manual and source
infomation -> information
transfered -> transferred

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-05-20 15:04:40 +08:00
Alexander Morozov e574996911 Merge pull request #832 from valasabk/fuxofrunccomment
libcontainer: Fix Running Comment
2016-05-19 13:42:26 -07:00
Bhanu Valasa 32c2d48a6f libcontainer: Fix Running Comment
Signed-off-by: Bhanu Valasa <valasabk@yahoo.com>
2016-05-19 16:30:29 -04:00
Mrunal Patel 419d5be191 Merge pull request #830 from rajasec/spec-descr
Updated description in SPEC
2016-05-19 08:00:36 -07:00
Mrunal Patel d1997d99cd Merge pull request #826 from hqhq/hq_add_check_config
Add check_config.sh for runc
2016-05-18 16:42:30 -07:00
Qiang Huang 396c88215c Fix update kernel memory test
Since kernel 4.6, we can update kernel memory without
initialization, because it's accounted by default.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-17 20:51:02 -04:00