This repository has been archived by the owner on Feb 8, 2021. It is now read-only.
A draft commit of Kata support #727
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Fupan Li <[email protected]>
Signed-off-by: Fupan Li <[email protected]>
Signed-off-by: Fupan Li <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
|
Can one of the admins verify this patch? |
bergwolf
reviewed
Jun 18, 2018
daemon/pod/decommission.go
Outdated
| func(sb *hypervisor.Vm) error { | ||
| return sb.KillContainer(id, syscall.Signal(sig)) | ||
| func(sb *vc.Sandbox) error { | ||
| return vc.KillContainer(sb.ID(), id, syscall.Signal(sig), true) |
There was a problem hiding this comment.
Should call sb.SignalProcess() instead. Whenever we have a sandbox pointer, we should be calling sb operations directly instead of the vc APIs.
daemon/pod/decommission.go
Outdated
| @@ -532,7 +531,8 @@ func (p *XPod) waitVMStop() { | |||
| } | |||
| p.statusLock.RUnlock() | |||
|
|
|||
| _, _ = <-p.sandbox.WaitVm(-1) | |||
| monitor, _ := p.sandbox.Monitor() | |||
using the sandbox api instead of vc api to send signal to container; To check the returned err for monitoring the vm. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
When do sandbox release action, it will stop the sandbox monitor, once received this monitor stop notification, it shouldn't do the pod clean action. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
If we send multiple grpcs at once before a client is created, we end up creating multiple connections to the agent and that breaks when using builtin proxy since only one connection is allowed. Signed-off-by: Peng Tao <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: Fupan Li <[email protected]>
Since there is a bug in kata-agent to support sharepidns, thus set it to false temporarily. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
… in FetchSandbox api When do sandbox release, the kataBuiltInProxy will be closed, and it will stop the watch of vm's console; Thus it needs to restart the proxy to monitor the vm console once to restore the sandbox. Signed-off-by: fupan <[email protected]>
|
Travis report a build error
|
Since the ContainerConfig info is not used in restoring a container, there is no need to save it into db. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
lifupan
force-pushed
the
kata-support
branch
6 times, most recently
from
16bec09 to
6748eae
Compare
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
lifupan
force-pushed
the
kata-support
branch
2 times, most recently
from
53bf002 to
994950e
Compare
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Only keep the pidns and mntns for those containers in sandbox/pod. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Since the network hasn't been supported, thus comment out those cases temporarily. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
lifupan
force-pushed
the
kata-support
branch
2 times, most recently
from
e815653 to
7ae5ddd
Compare
The image irssi:1 didn't have 'ps' command, thus using 'whoami' to verify the user. Signed-off-by: fupan <[email protected]>
Kata's wait process will do the process cleanup once the process exit. If some io contents hasn't been read out before the process's cleanup, it will be lost forever. Thus it's better to do the wait process after the IO terminated. Signed-off-by: fupan <[email protected]>
Only when both of stdio and stderr reach to closed, then call cleanup, otherwise, we'll lose some contents in stdio or stderr. Signed-off-by: fupan <[email protected]>
exec command didn't support spec user overrides, thus makes it use root as the default user. Signed-off-by: fupan <[email protected]>
The latest irssi:1 image missed the ps command, thus use irssi:1.0 image which contains ps command. Signed-off-by: fupan <[email protected]>
Since the container json's mounts have been merged to container spec's mounts, thus those mounts needn't to be dealt. Signed-off-by: fupan <[email protected]>
Signed-off-by: fupan <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.