summaryrefslogtreecommitdiff
path: root/plugin
Commit message (Collapse)AuthorAgeFilesLines
* fixing consistent aliases for OCI spec importsJeyanthinath Muthuram2023-05-083-31/+31
| | | | Signed-off-by: Jeyanthinath Muthuram <jeyanthinath10@gmail.com>
* use consistent alias for containerd's errdefs packageSebastiaan van Stijn2023-04-081-2/+2
| | | | | | | | | | The signatures of functions in containerd's errdefs packages are very similar to those in our own, and it's easy to accidentally use the wrong package. This patch uses a consistent alias for all occurrences of this import. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Merge pull request #45032 from corhere/shim-optsSebastiaan van Stijn2023-03-021-5/+6
|\ | | | | daemon: allow shimv2 runtimes to be configured
| * daemon: allow shimv2 runtimes to be configuredCory Snider2023-02-171-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kubernetes only permits RuntimeClass values which are valid lowercase RFC 1123 labels, which disallows the period character. This prevents cri-dockerd from being able to support configuring alternative shimv2 runtimes for a pod as shimv2 runtime names must contain at least one period character. Add support for configuring named shimv2 runtimes in daemon.json so that runtime names can be aliased to Kubernetes-compatible names. Allow options to be set on shimv2 runtimes in daemon.json. The names of the new daemon runtime config fields have been selected to correspond with the equivalent field names in cri-containerd's configuration so that users can more easily follow documentation from the runtime vendor written for cri-containerd and apply it to daemon.json. Signed-off-by: Cory Snider <csnider@mirantis.com>
* | Use GetBoolOrDefault to remove duplicated invalidFilter usagesPaweł Gronowski2023-01-262-19/+7
|/ | | | | | | The pattern of parsing bool was repeated across multiple files and caused the duplication of the invalidFilter error helper. Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
* plugins: Move GlobalSpecPaths into LocalRegistryJan Garcia2023-01-101-1/+2
| | | | Signed-off-by: Jan Garcia <github-public@n-garcia.com>
* plugin: use strings.Cut()Sebastiaan van Stijn2022-12-212-10/+7
| | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* pkg/system: deprecate DefaultPathEnv, move to ociSebastiaan van Stijn2022-11-291-2/+1
| | | | | | | | | | This patch: - Deprecates pkg/system.DefaultPathEnv - Moves the implementation inside oci - Adds TODOs to align the default in the Builder with the one used elsewhere Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Fix containerd task deletion after failed startCory Snider2022-11-021-1/+1
| | | | | | | | | | | | | Deleting a containerd task whose status is Created fails with a "precondition failed" error. This is because (aside from Windows) a process is spawned when the task is created, and deleting the task while the process is running would leak the process if it was allowed. libcontainerd and the containerd plugin executor mistakenly try to clean up from a failed start by deleting the created task, which will always fail with the aforementined error. Change them to pass the `WithProcessKill` delete option so the cleanup has a chance to succeed. Signed-off-by: Cory Snider <csnider@mirantis.com>
* migrate pkg/pubsub to github.com/moby/pubsubSebastiaan van Stijn2022-09-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This package was moved to a separate repository, using the steps below: # install filter-repo (https://github.com/newren/git-filter-repo/blob/main/INSTALL.md) brew install git-filter-repo cd ~/projects # create a temporary clone of docker git clone https://github.com/docker/docker.git moby_pubsub_temp cd moby_pubsub_temp # for reference git rev-parse HEAD # --> 572ca799db4b67b7be35904e487f0cc51c3f9f06 # remove all code, except for pkg/pubsub, license, and notice, and rename pkg/pubsub to / git filter-repo --path pkg/pubsub/ --path LICENSE --path NOTICE --path-rename pkg/pubsub/: # remove canonical imports git revert -s -S 585ff0ebbe6bc25b801a0e0087dd5353099cb72e # initialize module go mod init github.com/moby/pubsub go mod tidy Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* plugin: fix empty-lines (revive)Sebastiaan van Stijn2022-09-283-3/+0
| | | | | | | | plugin/v2/settable_test.go:24:29: empty-lines: extra empty line at the end of a block (revive) plugin/manager_linux.go:96:6: empty-lines: extra empty line at the end of a block (revive) plugin/backend_linux.go:373:16: empty-lines: extra empty line at the start of a block (revive) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* pkg/containerfs: alias ContainerFS to stringCory Snider2022-09-231-2/+1
| | | | | | Drop the constructor and redundant string() type-casts. Signed-off-by: Cory Snider <csnider@mirantis.com>
* Share logic to create-or-replace a containerCory Snider2022-08-241-32/+2
| | | | | | | | | The existing logic to handle container ID conflicts when attempting to create a plugin container is not nearly as robust as the implementation in daemon for user containers. Extract and refine the logic from daemon and use it in the plugin executor. Signed-off-by: Cory Snider <csnider@mirantis.com>
* Refactor libcontainerd to minimize c8d RPCsCory Snider2022-08-241-29/+103
| | | | | | | | | | | | | | | | | | | | | | | | The containerd client is very chatty at the best of times. Because the libcontained API is stateless and references containers and processes by string ID for every method call, the implementation is essentially forced to use the containerd client in a way which amplifies the number of redundant RPCs invoked to perform any operation. The libcontainerd remote implementation has to reload the containerd container, task and/or process metadata for nearly every operation. This in turn amplifies the number of context switches between dockerd and containerd to perform any container operation or handle a containerd event, increasing the load on the system which could otherwise be allocated to workloads. Overhaul the libcontainerd interface to reduce the impedance mismatch with the containerd client so that the containerd client can be used more efficiently. Split the API out into container, task and process interfaces which the consumer is expected to retain so that libcontainerd can retain state---especially the analogous containerd client objects---without having to manage any state-store inside the libcontainerd client. Signed-off-by: Cory Snider <csnider@mirantis.com>
* plugin: use types/registry.AuthConfigSebastiaan van Stijn2022-07-294-16/+18
| | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* gofmt GoDoc comments with go1.19Sebastiaan van Stijn2022-07-081-8/+6
| | | | | | | | Older versions of Go don't format comments, so committing this as a separate commit, so that we can already make these changes before we upgrade to Go 1.19. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Add Swarm cluster volume supportsDrew Erny2022-05-131-1/+1
| | | | | | Adds code to support Cluster Volumes in Swarm using CSI drivers. Signed-off-by: Drew Erny <derny@mirantis.com>
* plugin: Executor.Signal() accept syscall.SignalSebastiaan van Stijn2022-05-054-35/+25
| | | | | | | This helps reducing some type-juggling / conversions further up the stack. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* libcontainerd: SignalProcess(): accept syscall.SignalSebastiaan van Stijn2022-05-051-1/+2
| | | | | | | This helps reducing some type-juggling / conversions further up the stack. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Merge pull request #43358 from thaJeztah/plugin_EndpointResolverSebastiaan van Stijn2022-04-212-25/+9
|\ | | | | plugin: add EndpointResolver interface
| * plugin: add EndpointResolver interfaceSebastiaan van Stijn2022-03-112-7/+9
| | | | | | | | | | | | | | This defines the interface that the package expects in order to lookup pull endpoints, instead of requiring the whole registry.Service interface. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
| * plugin: remove unused pluginRegistryServiceSebastiaan van Stijn2022-03-111-18/+0
| | | | | | | | | | | | | | It wrapped the regular registry service, but the ResolveRepository() function was not called anywhere. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* | daemon: move default namespaces to daemon/configSebastiaan van Stijn2022-04-171-3/+0
| | | | | | | | | | | | | | Keeping the defaults in a single location, which also reduces the list of imports needed. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* | filters: lowercase errorSebastiaan van Stijn2022-03-181-1/+1
|/ | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* remove unneeded "digest" alias for "go-digest"Sebastiaan van Stijn2022-03-045-5/+5
| | | | | | | | I think this was there for historic reasons (may have been goimports expected this, and we used to have a linter that wanted it), but it's not needed, so let's remove it (to make my IDE less complaining about unneeded aliases). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* pkg/system: move EnsureRemoveAll() to pkg/containerfsSebastiaan van Stijn2022-03-033-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pkg/system historically has been a bit of a kitchen-sink of things that were somewhat "system" related, but didn't have a good place for. EnsureRemoveAll() is one of those utilities. EnsureRemoveAll() is used to both unmount and remove a path, for which it depends on both github.com/moby/sys/mount, which in turn depends on github.com/moby/sys/mountinfo. pkg/system is imported in the CLI, but neither EnsureRemoveAll(), nor any of its moby/sys dependencies are used on the client side, so let's move this function somewhere else, to remove those dependencies from the CLI. I looked for plausible locations that were related; it's used in: - daemon - daemon/graphdriver/XXX/ - plugin I considered moving it into a (e.g.) "utils" package within graphdriver (but not a huge fan of "utils" packages), and given that it felt (mostly) related to cleaning up container filesystems, I decided to move it there. Some things to follow-up on after this: - Verify if this function is still needed (it feels a bit like a big hammer in a "YOLO, let's try some things just in case it fails") - Perhaps it should be integrated in `containerfs.Remove()` (so that it's used automatically) - Look if there's other implementations (and if they should be consolidated), although (e.g.) the one in containerd is a copy of ours: https://github.com/containerd/containerd/blob/v1.5.9/pkg/cri/server/helpers_linux.go#L200 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* refactor: move from io/ioutil to io and os packageEng Zer Jun2021-08-274-18/+14
| | | | | | | | The io/ioutil package has been deprecated in Go 1.16. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
* Update to Go 1.17.0, and gofmt with Go 1.17Sebastiaan van Stijn2021-08-242-0/+2
| | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* if-return: redundant if ...; err != nil check (revive)Sebastiaan van Stijn2021-06-101-4/+1
| | | | | | | | | | | | | | builder/builder-next/adapters/snapshot/snapshot.go:386:3: if-return: redundant if ...; err != nil check, just return error instead. (revive) if err := b.Put(keyIsCommitted, []byte{}); err != nil { return err } plugin/fetch_linux.go:112:2: if-return: redundant if ...; err != nil check, just return error instead. (revive) if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil { return err } Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* gosec: G601: Implicit memory aliasing in for loopSebastiaan van Stijn2021-06-101-1/+3
| | | | | | | | | | | | | | | | | | | | | | | plugin/v2/plugin.go:141:50: G601: Implicit memory aliasing in for loop. (gosec) updateSettingsEnv(&p.PluginObj.Settings.Env, &s) ^ libcontainerd/remote/client.go:572:13: G601: Implicit memory aliasing in for loop. (gosec) cpDesc = &m ^ distribution/push_v2.go:400:34: G601: Implicit memory aliasing in for loop. (gosec) (metadata.CheckV2MetadataHMAC(&mountCandidate, pd.hmacKey) || ^ builder/dockerfile/builder.go:261:84: G601: Implicit memory aliasing in for loop. (gosec) currentCommandIndex = printCommand(b.Stdout, currentCommandIndex, totalCommands, &meta) ^ builder/dockerfile/builder.go:278:46: G601: Implicit memory aliasing in for loop. (gosec) if err := initializeStage(dispatchRequest, &stage); err != nil { ^ daemon/container.go:283:40: G601: Implicit memory aliasing in for loop. (gosec) if err := parser.ValidateMountConfig(&cfg); err != nil { ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* vendor: github.com/containerd/containerd v1.5.2Sebastiaan van Stijn2021-06-041-2/+2
| | | | | | full diff: https://github.com/containerd/containerd/compare/19ee068f93c91f7b9b2a858457f1af2cabc7bc06...v1.5.2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Use docker media type for plugin layersBrian Goff2021-04-051-1/+1
| | | | | | | | This was changed as part of a refactor to use containerd dist code. The problem is the OCI media types are not compatible with older versions of Docker. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
* Merge pull request #41485 from thaJeztah/remove_dead_argAkihiro Suda2021-02-271-3/+3
|\
| * plugin.Manager.setupNewPlugin() remove unused blobsums argumentSebastiaan van Stijn2020-09-301-3/+3
| | | | | | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* | plugin/manager_linux_test: Skip privileged tests when non-rootArnaud Rebillout2020-12-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This test fail when run by a non-root user === CONT TestPluginAlreadyRunningOnStartup === RUN TestPluginAlreadyRunningOnStartup/live-restore-disabled === PAUSE TestPluginAlreadyRunningOnStartup/live-restore-disabled === RUN TestPluginAlreadyRunningOnStartup/live-restore-enabled === PAUSE TestPluginAlreadyRunningOnStartup/live-restore-enabled === CONT TestPluginAlreadyRunningOnStartup/live-restore-disabled === CONT TestPluginAlreadyRunningOnStartup/live-restore-enabled time="2020-12-15T02:23:03Z" level=error msg="failed to enable plugin" error="chown /tmp/TestPluginAlreadyRunningOnStartup898689032/live-restore-disabled/manager/b6106d4d8937398ec8ec5e7092897ca4dd2eab6aa8043640095ef92b860b1417/rootfs/dev: operation not permitted" id=b6106d4d8937398ec8ec5e7092897ca4dd2eab6aa8043640095ef92b860b1417 === CONT TestPluginAlreadyRunningOnStartup/live-restore-disabled manager_linux_test.go:250: plugin client should not be nil panic: test timed out after 10m0s goroutine 41 [running]: testing.(*M).startAlarm.func1() /usr/lib/go-1.15/src/testing/testing.go:1618 +0xe5 created by time.goFunc /usr/lib/go-1.15/src/time/sleep.go:167 +0x45 goroutine 1 [chan receive, 9 minutes]: testing.tRunner.func1(0xc000001500) /usr/lib/go-1.15/src/testing/testing.go:1088 +0x24d testing.tRunner(0xc000001500, 0xc0001dfde0) /usr/lib/go-1.15/src/testing/testing.go:1127 +0x125 testing.runTests(0xc00000e2c0, 0xeade80, 0xa, 0xa, 0xbfee25f7d50c4ace, 0x8bb30f7348, 0xebb2c0, 0x40f710) /usr/lib/go-1.15/src/testing/testing.go:1437 +0x2fe testing.(*M).Run(0xc000394100, 0x0) /usr/lib/go-1.15/src/testing/testing.go:1345 +0x1eb main.main() _testmain.go:61 +0x138 goroutine 11 [chan receive, 9 minutes]: testing.tRunner.func1(0xc000412180) /usr/lib/go-1.15/src/testing/testing.go:1088 +0x24d testing.tRunner(0xc000412180, 0xad9b38) /usr/lib/go-1.15/src/testing/testing.go:1127 +0x125 created by testing.(*T).Run /usr/lib/go-1.15/src/testing/testing.go:1168 +0x2b3 goroutine 16 [chan receive, 9 minutes]: testing.runTests.func1.1(0xc000001500) /usr/lib/go-1.15/src/testing/testing.go:1444 +0x3b created by testing.runTests.func1 /usr/lib/go-1.15/src/testing/testing.go:1444 +0xac goroutine 34 [chan send, 9 minutes]: github.com/docker/docker/plugin.(*executorWithRunning).Signal(0xc0003e31e0, 0xc0000317c0, 0x40, 0xf, 0x3f, 0x3f) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:171 +0x73 github.com/docker/docker/plugin.shutdownPlugin(0xc0003e6840, 0xc000096360, 0xb6dfc0, 0xc0003e31e0) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux.go:157 +0x8a github.com/docker/docker/plugin.(*Manager).Shutdown(0xc0003e80c0) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux.go:211 +0x1a7 runtime.Goexit() /usr/lib/go-1.15/src/runtime/panic.go:617 +0x1e5 testing.(*common).FailNow(0xc000412a80) /usr/lib/go-1.15/src/testing/testing.go:732 +0x3c testing.(*common).Fatal(0xc000412a80, 0xc00015ddc8, 0x1, 0x1) /usr/lib/go-1.15/src/testing/testing.go:800 +0x78 github.com/docker/docker/plugin.TestPluginAlreadyRunningOnStartup.func3(0xc000412a80) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:250 +0x919 testing.tRunner(0xc000412a80, 0xc0003e4f90) /usr/lib/go-1.15/src/testing/testing.go:1123 +0xef created by testing.(*T).Run /usr/lib/go-1.15/src/testing/testing.go:1168 +0x2b3 goroutine 35 [chan send, 9 minutes]: testing.tRunner.func1(0xc000412d80) /usr/lib/go-1.15/src/testing/testing.go:1113 +0x373 testing.tRunner(0xc000412d80, 0xc0003e4fc0) /usr/lib/go-1.15/src/testing/testing.go:1127 +0x125 created by testing.(*T).Run /usr/lib/go-1.15/src/testing/testing.go:1168 +0x2b3 goroutine 50 [IO wait, 9 minutes]: internal/poll.runtime_pollWait(0x7f7b26d75e70, 0x72, 0x0) /usr/lib/go-1.15/src/runtime/netpoll.go:222 +0x55 internal/poll.(*pollDesc).wait(0xc000518018, 0x72, 0x0, 0x0, 0xab05ec) /usr/lib/go-1.15/src/internal/poll/fd_poll_runtime.go:87 +0x45 internal/poll.(*pollDesc).waitRead(...) /usr/lib/go-1.15/src/internal/poll/fd_poll_runtime.go:92 internal/poll.(*FD).Accept(0xc000518000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) /usr/lib/go-1.15/src/internal/poll/fd_unix.go:394 +0x1fc net.(*netFD).accept(0xc000518000, 0x64298f, 0xc000394080, 0x0) /usr/lib/go-1.15/src/net/fd_unix.go:172 +0x45 net.(*UnixListener).accept(0xc00050c0f0, 0xc000394080, 0x0, 0x0) /usr/lib/go-1.15/src/net/unixsock_posix.go:162 +0x32 net.(*UnixListener).Accept(0xc00050c0f0, 0x0, 0x0, 0x0, 0x0) /usr/lib/go-1.15/src/net/unixsock.go:260 +0x65 github.com/docker/docker/plugin.listenTestPlugin.func1(0xb6be00, 0xc00050c0f0) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:266 +0x3d created by github.com/docker/docker/plugin.listenTestPlugin /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:264 +0x105 goroutine 51 [chan receive, 9 minutes]: github.com/docker/docker/plugin.listenTestPlugin.func2(0xc000516000, 0xb6be00, 0xc00050c0f0, 0xc000514000, 0x65) /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:274 +0x34 created by github.com/docker/docker/plugin.listenTestPlugin /<<PKGBUILDDIR>>/_build/src/github.com/docker/docker/plugin/manager_linux_test.go:273 +0x14f FAIL github.com/docker/docker/plugin 600.013s Signed-off-by: Arnaud Rebillout <elboulangero@gmail.com>
* | Do not call mount.RecursiveUnmount() on WindowsSebastiaan van Stijn2020-10-293-5/+10
|/ | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Remove redundant "os.IsNotExist" checks on os.RemoveAll()Sebastiaan van Stijn2020-09-232-3/+3
| | | | | | | | `os.RemoveAll()` should never return this error. From the docs: > If the path does not exist, RemoveAll returns nil (no error). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Merge pull request #41207 from thaJeztah/remove_whitelistTibor Vass2020-07-281-4/+4
|\ | | | | Remove some outdated terminology where possible
| * Replace uses of blacklist/whitelistSebastiaan van Stijn2020-07-141-4/+4
| | | | | | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* | Configure shims from runtime configBrian Goff2020-07-131-9/+7
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In dockerd we already have a concept of a "runtime", which specifies the OCI runtime to use (e.g. runc). This PR extends that config to add containerd shim configuration. This option is only exposed within the daemon itself (cannot be configured in daemon.json). This is due to issues in supporting unknown shims which will require more design work. What this change allows us to do is keep all the runtime config in one place. So the default "runc" runtime will just have it's already existing shim config codified within the runtime config alone. I've also added 2 more "stock" runtimes which are basically runc+shimv1 and runc+shimv2. These new runtime configurations are: - io.containerd.runtime.v1.linux - runc + v1 shim using the V1 shim API - io.containerd.runc.v2 - runc + shim v2 These names coincide with the actual names of the containerd shims. This allows the user to essentially control what shim is going to be used by either specifying these as a `--runtime` on container create or by setting `--default-runtime` on the daemon. For custom/user-specified runtimes, the default shim config (currently shim v1) is used. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
* Merge pull request #40867 from BurtonQin/double-lockSebastiaan van Stijn2020-05-151-3/+1
|\ | | | | plugin: Add No-Lock version of resolvePluginID to fix double Rlock
| * plugin: remove Rlock in resolvePluginID to fix double RlockBurtonQin2020-05-151-3/+1
| | | | | | | | Signed-off-by: BurtonQin <bobbqqin@gmail.com>
* | Replace errors.Cause() with errors.Is() / errors.As()Sebastiaan van Stijn2020-04-292-3/+4
|/ | | | Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Use containerd dist libs for plugin pull/pullBrian Goff2020-04-028-523/+750
| | | | | | | | | | | | This removes the use of the old distribution code in the plugin packages and replaces it with containerd libraries for plugin pushes and pulls. Additionally it uses a content store from containerd which seems like it's compatible with the old "basicBlobStore" in the plugin package. This is being used locally isntead of through the containerd client for now. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
* Really switch to moby/sys/mount*Kir Kolyshkin2020-03-204-5/+6
| | | | | | | | | | | | | | | | | | | | Switch to moby/sys/mount and mountinfo. Keep the pkg/mount for potential outside users. This commit was generated by the following bash script: ``` set -e -u -o pipefail for file in $(git grep -l 'docker/docker/pkg/mount"' | grep -v ^pkg/mount); do sed -i -e 's#/docker/docker/pkg/mount"#/moby/sys/mount"#' \ -e 's#mount\.\(GetMounts\|Mounted\|Info\|[A-Za-z]*Filter\)#mountinfo.\1#g' \ $file goimports -w $file done ``` Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* plugin: fix a double RLock bugZiheng Liu2020-02-251-2/+0
| | | | Signed-off-by: Ziheng Liu <lzhfromustc@gmail.com>
* bump gotest.tools v3.0.1 for compatibility with Go 1.14Sebastiaan van Stijn2020-02-111-1/+1
| | | | | | full diff: https://github.com/gotestyourself/gotest.tools/compare/v2.3.0...v3.0.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* cgroup2: use shim V2Akihiro Suda2020-01-011-2/+2
| | | | | | | | | | * Requires containerd binaries from containerd/containerd#3799 . Metrics are unimplemented yet. * Works with crun v0.10.4, but `--security-opt seccomp=unconfined` is needed unless using master version of libseccomp ( containers/crun#156, seccomp/libseccomp#177 ) * Doesn't work with master runc yet * Resource limitations are unimplemented Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* plugin/setupNewPlugin: rm dead codeKir Kolyshkin2019-09-181-3/+0
| | | | | | | | > plugin/manager_linux.go:285:9: nilness: impossible condition: nil != nil (govet) > if err != nil { > ^ Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* goimports: fix importsSebastiaan van Stijn2019-09-1813-21/+21
| | | | | | | Format the source according to latest goimports. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
View Lorry Controller Status