containerd
/
rust-extensions
mirror of https://github.com/containerd/rust-extensions.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
598 Commits 9 Branches 38 Tags 2.1 MiB
Commit Graph

66 Commits

Author SHA1 Message Date
jokemanfire a345bac309 OpenOptions in blocking mod is a time-consuming operation. 
1.Prevent it from blocking a tokio thread. Change sync to async.
2.Add pipe unit test which I found error in Pipe new.

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
 2025-01-09 02:57:43 +00:00
Maksym Pavlenko e27decc5ba
Fix clippy 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2024-12-31 14:33:44 -08:00
Jiaxiao Zhou (Mossaka) f87972b9b0 runc/src/io: added the missing imports to unit tests 
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
 2024-12-03 17:58:52 +00:00
Jiaxiao Zhou (Mossaka) 474db59c81 runc/src/io: expose Io as a public API 
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
 2024-12-03 17:58:52 +00:00
Jiaxiao Zhou (Mossaka) b7de553f9e runc/Cargo: add the missing os_pipe dependency 
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
 2024-12-03 17:58:52 +00:00
jiaxiao zhou 7efe8d8390 runc: split Pipe, Io, and PipedIo to async and sync modules 
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
 2024-12-03 17:58:52 +00:00
jiaxiao zhou 857ace0e3f crates/runc: removed unused dep 
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
 2024-11-06 18:26:42 +00:00
ningmingxiao a6b4286542 fix os_pipe doesn't work with async IO 2024-10-21 23:04:57 +00:00
Bryant Biggs 6f2812f4b8 fix: Correct lint warnings, bump toolchain version due to `cargo::key=value` build directive which is reserved for future use 2024-10-05 14:55:48 +00:00
jiaxiao zhou 217f0ee935 Cargo.toml: remove unused dependnecies 
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
 2024-09-23 17:03:41 +00:00
Bryant Biggs ab17df086a chore: Fix whitespace 2024-07-30 16:54:34 +00:00
Bryant Biggs 303b2e3009 chore: Fix cargo deny failed checks and de-duplicate crates using workspace shared dependency 2024-07-30 16:54:34 +00:00
zhang yu 10307750 3a7b9ce173 feat: set THP_DISABLE=true in shim, and restore it before starting runc 
If /sys/kernel/mm/transparent_hugepage/enabled=always, the shim process
will use huge pages, which will consume a lot of memory.

Just like this:
ps -efo pid,rss,comm | grep shim
    PID   RSS COMMAND
   2614  7464 containerd-shim

I don't think shim needs to use huge pages, and if we turn off the huge
pages option, we can save a lot of memory resources.

After we set THP_DISABLE=true:
ps -efo pid,comm,rss
    PID COMMAND           RSS
1629841 containerd-shim  5648

containerd
    |
    |--shim1   --start
        |
        |--shim2    (this shim will on host)
            |
            |--runc create (when containerd send create request by ttrpc)
                |
                |--runc init (this is the pid 1 in container)

    we should set thp_disabled=1 in shim1 --start, because if we set this
    in shim 2, the huge page has been setted while func main() running,
    we set thp_disabled cannot change the setted huge pages.
    So We need to set thp_disabled=1 in shim1 so that shim2 inherits the
    settings of the parent process shim1, and shim2 has closed the
    hugepage when it starts.

    For runc processes, we need to set thp_disabled='before' in shim2 after
    fork() and before execve(). So we use cmd.pre_exec to do this.
 2024-02-20 02:43:24 +00:00
Andrew Baxter 9ac1f26516 `Runc::state()` returns wrong type with async feature 
It's a very small change so I figured it's simpler to open a PR than an issue first.

The sync `state` method returns `Container` but for async returns `Vec<usize>`, and I couldn't locate an explanation for why these might be different so I assume it's a mistake.  From a user perspective too I want Container rather than a usize vec.

Signed-off-by: Andrew Baxter <i@isandrew.com>
 2023-12-25 17:56:09 +00:00
Maksym Pavlenko e8ad07d5fd
Update nix crate 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-10-05 11:37:27 -07:00
Maksym Pavlenko 85557745e0 Make examples compilable 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-10-03 20:41:38 -07:00
Maksym Pavlenko e9910f30b8 Simplify doc management 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-10-03 20:41:38 -07:00
Bryant Biggs 5e1b7760a1 chore: Standardize Cargo.toml files, enable more workspace dependencies 2023-09-21 13:04:22 -04:00
jiaxiao zhou 5c55e352de
cargo clippy 
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
 2023-08-02 02:43:05 +00:00
Maksym Pavlenko ddf49a9a52 Fix dependencies 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-07-11 10:47:24 -07:00
Maksym Pavlenko 98754fd771 Update tokio 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-03-13 09:43:52 -07:00
dependabot[bot] 2cf2fd4a92
build(deps): update oci-spec requirement from 0.5.8 to 0.6.0 
Updates the requirements on [oci-spec](https://github.com/containers/oci-spec-rs) to permit the latest version.
- [Release notes](https://github.com/containers/oci-spec-rs/releases)
- [Changelog](https://github.com/containers/oci-spec-rs/blob/main/release.md)
- [Commits](https://github.com/containers/oci-spec-rs/compare/v0.5.8...v0.6.0)

---
updated-dependencies:
- dependency-name: oci-spec
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 01:44:43 +00:00
dependabot[bot] 7558fe4c49
build(deps): update nix requirement from 0.25 to 0.26 
Updates the requirements on [nix](https://github.com/nix-rust/nix) to permit the latest version.
- [Release notes](https://github.com/nix-rust/nix/releases)
- [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nix-rust/nix/compare/v0.25.0...v0.26.1)

---
updated-dependencies:
- dependency-name: nix
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 21:09:10 +00:00
Maksym Pavlenko 80e7945674 Use workspace inheritance to describe crates 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-04 14:34:49 -07:00
Maksym Pavlenko 5ddd3e37bb Run fmt 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-09-29 11:55:31 -07:00
Maksym Pavlenko 51a27ee268 Update nix dependency (fix #93) 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-09-21 11:32:39 -07:00
Maksym Pavlenko cfe09e2227 Update nix dependency 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-05-05 14:55:34 -07:00
Yuna Tomida f9ae07236d
removed unsafe codes on runc client and shim 
Signed-off-by: Yuna Tomida <ytomida.mmm@gmail.com>
 2022-05-04 15:39:41 +09:00
dependabot[bot] 9193b476c2
build(deps): update uuid requirement from 0.8.2 to 1.0.0 
Updates the requirements on [uuid](https://github.com/uuid-rs/uuid) to permit the latest version.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/0.8.2...1.0.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-20 21:37:17 +00:00
Maksym Pavlenko 21e298aef3 Bump versions 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-03-10 15:58:28 -08:00
Zhang Tianyang 3ff1fc0a6d bugfix: return a tmp dir when 'XDG_RUNTIME_DIR' was not set 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-03-09 23:46:47 +08:00
Feng Shaobao 1e1a6a8d97 change Executor to Spawner and make it trait object 2022-03-08 15:39:43 +08:00
Feng Shaobao 777fe2ad23 support async feature for runc shim 
Signed-off-by: Feng Shaobao <fshb1988@gmail.com>
 2022-03-07 16:38:19 +08:00
Zhang Tianyang a06ec3df2d runc-shim: implement pids task 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-03-01 19:04:12 +08:00
Zhang Tianyang dd90a9180f runc: Set piped stdio as default 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-28 21:36:03 +08:00
Zhang Tianyang cdb93f2358 runc-shim: implement update task 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-27 18:12:33 +08:00
Liu Jiang 33e940b9c8 runc: refine the way to setup Io 
Refine the way to setup Io drivers for runC.

The capability to capture output/error messages from runc depends on
the Io driver used. Some add two more Io drivers: InheritedStdIo and
PipedStdIo. Also document whether the Io driver supports capturing
output/error messages.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:47:08 +08:00
Liu Jiang 41c2083eac runc: simple syntax improvments 
Simple syntax only improvements.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:46:38 +08:00
Liu Jiang fc50adf2dc runc: implement sync version of ps() and stats() 
Implement sync version of ps() and stats().

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:46:37 +08:00
Liu Jiang 95cda30597 runc: fix two bugs in preparing command line arguments 
1) it should use "runc resume" instead of "runc pause" for resume()
2) the order of arguments to run() is wrong, other options may appear
   between "--bundle" and "bundle_id".

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:46:36 +08:00
Liu Jiang 6c6fa1ac09 runc: make async version of Runc::create() to return Response 
Make async version of Runc::create() to return `Response` instead of
`()`, to keep symmetry with sync version.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:46:35 +08:00
Liu Jiang f5f18ec52b runc: avoid unwrap() in runc::launch() 
In runc::launch(), it does
        let stdout = String::from_utf8(result.stdout).unwrap();
        let stderr = String::from_utf8(result.stderr).unwrap();

This is risk of DoS attack because the content result.stdout/sterr may
contain contents generated by the container, so it may contain malicious
non-UTF8 characters.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-24 18:46:33 +08:00
Zhang Tianyang b08e4090ea runc: fix bug that exec command leaks files 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-23 21:16:16 +08:00
Zhang Tianyang 117263d9be Move Io and Console 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-17 23:06:35 +08:00
Zhang Tianyang 620ce26d59 Remove extern use and refactor naming 
Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-17 23:02:26 +08:00
Zhang Tianyang 0a33f3e867 Runc shim implementation 
Implement shim cli commands and some basic task APIs to run a runc container

Co-authored-by: Feng Shaobao fshb1988@gmail.com
Co-authored-by: Zhang Tianyang burning9699@gmail.com
Co-authored-by: Yu Qitao yuqitao1024@qq.com

Signed-off-by: Zhang Tianyang <burning9699@gmail.com>
 2022-02-17 23:02:14 +08:00
Maksym Pavlenko 464af70dfa Remove IO impl for Arc 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-02-15 10:44:18 -08:00
Liu Jiang d453f1e38a runc: implement Io for Arc<T: Io> 
Add an implementation of `impl<T: Io> Io for Arc<T>`.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-15 14:08:13 +08:00
Liu Jiang 0dc9705d7e runc: add unit test cases for io.rs 
Add unit test cases for io.rs to avoid mistake.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-15 14:08:12 +08:00
Liu Jiang a52bcd0c7e runc: add helper PipedIo::create_pipe() 
Add helper PipedIo::create_pipe() to reduce duplicated code.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
 2022-02-15 14:08:11 +08:00