OSSInnovation
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,013 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

44 Commits

Author SHA1 Message Date
Michael Crosby afa8443118 Remove userns sidecar process 
Move the network setup back into the standard init even for user
namespaces now that mounts are fully supported and working.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-18 15:47:26 -08:00
Michael Crosby f4cf808a3d Merge branch 'master' into api 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Conflicts:
	MAINTAINERS
	cgroups/cgroups.go
	cgroups/fs/apply_raw.go
	cgroups/fs/notify_linux.go
	cgroups/fs/notify_linux_test.go
	cgroups/systemd/apply_systemd.go
	config.go
	configs/config_test.go
	console/console.go
	integration/exec_test.go
	integration/init_test.go
	integration/template_test.go
	integration/utils_test.go
	linux_notify.go
	linux_notify_test.go
	mount/init.go
	mount/mount_config.go
	mount/pivotroot.go
	mount/ptmx.go
	namespaces/create.go
	namespaces/exec.go
	namespaces/execin.go
	namespaces/init.go
	namespaces/nsenter/nsenter.c
	namespaces/nsenter/nsenter.go
	namespaces/utils.go
	network/network.go
	network/types.go
	network/veth.go
	notify_linux.go
	notify_linux_test.go
	nsinit/exec.go
	nsinit/main.go
	nsinit/nsenter.go
	nsinit/oom.go
	sample_configs/host-pid.json
	sample_configs/userns.json
	security/capabilities/capabilities.go
	update-vendor.sh
 2015-02-16 15:09:42 -08:00
Michael Crosby 4c43b0f498 Add mutex around stateful container operations 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-16 09:59:02 -08:00
Mrunal Patel a1d509759b Fixed some typos and tried to make comments read better. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-13 19:06:17 -05:00
Alexander Morozov fe9f766895 Fix compilation with golang 1.3(uid/gid mappings is unsupported) 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-12 13:28:07 -08:00
Michael Crosby c2403c32db Add GetPath on namespace config 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-12 10:38:43 -08:00
Michael Crosby 91a3f162af Implement nsinit state command 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 18:49:28 -08:00
Michael Crosby d909440c48 Unexport certain internal funcs and types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 17:12:03 -08:00
Michael Crosby 5c246d038f Persist container state to disk 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 16:52:28 -08:00
Michael Crosby 31327166e5 Rename OOM to NotifyOOM 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 15:09:54 -08:00
Michael Crosby 7fff13632e Add state method to return container's runtime state 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 14:45:07 -08:00
Michael Crosby fde0b7aa0d Refactor network and veth creation 
Remove veth interfaces on the host if an error occurs.
Provide the host interface name, temporary peer interface name and the
name of the peer once it is inside the container's namespace in the
Network config.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 13:33:58 -08:00
Michael Crosby ad49d71504 Remove network package 
Also add ability to get network stats from multiple interfaces.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 9dcbc4f3f8 Implement container signaling 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 0c1919c427 Refactor parent processes into types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 21bb5ccc4f Move environment configuration to Process 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 58023ad32f Add parent death signal to the container config 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 8850636eb3 Refactor init actions into separate types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:08 -08:00
Michael Crosby 5fc19e8db5 Rename Fs fields to fs 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:08 -08:00
Michael Crosby ab76a88d6b Remove Wait() on container interface 
Since we return the pid for the started process we do not need this
method on the interface.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-03 10:50:18 -08:00
Michael Crosby bbeae7445a Remove namespaces package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-02 15:41:32 -08:00
Michael Crosby 8191d4d60f Refactory container interface 
This removes a new unused methods from the container interface and types
parameters such as os.Signal and WaitStatus

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-01-31 20:51:12 -08:00
Michael Crosby 935d81f23d Flatten configuration structs 
Change the various config structs into one package and have a flatter
structure for easier use.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-01-31 19:56:27 -08:00
Andrew Vagin 61fef16f4a new-api: implement Wait, WaitProcess 
Signed-off-by: Andrew Vagin <avagin@openvz.org>
 2015-01-21 18:46:01 +03:00
Andrey Vagin 9c50d819ae new-api: implement Pause() and Resume() 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-19 17:38:26 +03:00
Andrey Vagin 76d395eff2 new-api: add Console to ProcessConfig 
Add ability to execute a process with a specified terminal.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-15 18:22:47 +03:00
Andrey Vagin 6dd7552537 new-api: implement fs and systemd cgroup managers 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-15 00:43:13 +03:00
Andrey Vagin 195a08efbc new-api: set Cloneflags in namespace.Exec() 
This place looks more suitable.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-25 18:44:10 +03:00
Andrey Vagin d572094b75 new-api: execute a process inside an existing container 
A new constructor function (like nsenter) is added in this patch.  This
function gets arguments from environment variables and its behaviour doesn't
depend on a command line arguments.

A program which calls factory.StartInitialization() must import the nsenter
package. It looks ugly, but I don't know another way how to enter into CT from
a go code.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-25 18:44:10 +03:00
Andrey Vagin 11ce56a9e0 new-api: clean up startInitProcess() 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-24 00:19:18 +03:00
Andrey Vagin 13841ef37d new-api: return the Running state only if the init process is alive 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-23 16:30:37 +03:00
Andrey Vagin 7996829914 libcontainer: optimize updateStateFile() 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:48:15 +03:00
Andrey Vagin 5ecd29c1f2 linux_container: fork an init process in a new set of namespaces 
Use namespace.Exec() and namespace.Init() to execute processes in CT.

Now an init process is actually executed in a new container. This series
doesn't change code about creating containers, it only reworks code according
with new API.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 14:47:04 +03:00
Andrey Vagin ce9d63376f libcontainer: move State in the configs package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Andrey Vagin 7038ddbc8c libcontainer: move Config in a separate package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Andrey Vagin 8e9a6d28d2 linux_container: execute an init process in a new CT 
Here is a first step to implement a new API. Currently the init
processes is executed without namespaces and cgroups.

Signed-off-by: Andrew Vagin <avagin@openvz.org>
 2014-12-17 07:39:18 +03:00
Andrey Vagin bce773a8c4 linux_container: ct.Destroy() returns error if CT isn't stopped 
Signed-off-by: Andrew Vagin <avagin@openvz.org>
 2014-12-16 09:19:12 +03:00
Victor Marmol 646ca2ba11 Minor refactorings to fix build. 
Signed-off-by: Victor Marmol <vmarmol@google.com>
 2014-12-05 17:13:25 -08:00
Victor Marmol e5636543cc Switch from logrus to glog. 
Signed-off-by: Victor Marmol <vmarmol@google.com>
 2014-12-05 17:06:58 -08:00
Michael Crosby 47b41a6f5d Add logger to container and factory 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-05 15:24:42 -08:00
Michael Crosby d5b8418f75 Remove ContainerInfo interface 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-05 15:24:42 -08:00
Michael Crosby ccb83a1e83 Add cgroup manage for mocking of package resources 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-05 15:24:42 -08:00
Michael Crosby 926ab56ea8 Add testing for linux factory Load 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-05 15:24:42 -08:00
Michael Crosby 6310a958e6 Implement linux factory and container with readonly interface 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2014-12-05 15:24:42 -08:00