TEST ONLY: Port forwarding in 1.6#1
Open
dmcgowan wants to merge 2 commits intorelease/1.6from
Open
Conversation
Allows users of the task manager plugin to directly access the underlying shim manager and ttrpc connection for shims. Signed-off-by: Derek McGowan <derek@mcg.dev>
dmcgowan
force-pushed
the
port-forward-1.6
branch
from
465b0b9 to
5af2d21
Compare
Adds an API which can be implemented by shims and used by CRI for port forwarding. This is useful for runtimes which cannot support port forwarding via the network namespace. Signed-off-by: Derek McGowan <derek@mcg.dev>
dmcgowan
force-pushed
the
port-forward-1.6
branch
from
5af2d21 to
5b3c335
Compare
|
hi Derek, I am curious what your plan is for the PR. I am working on gVisor's portforwarding, I also chat with ppl who work on the feature for Kata at kata-containers/kata-containers#5979 I would like to have a unified interface for port forwarding at runtimes. let me know what you think and what i can help with |
1 task
dmcgowan
pushed a commit
that referenced
this pull request
Jun 25, 2024
Update the dependency and the indirect golang.org/x/net version to align with containerd 1.7 itself, and to prevent a vulnerability being detected. This should not generally be an issue, as the API module is used by containerd 1.7 and up, which already depend on a more current version of these dependencies. full diff: containerd/ttrpc@v1.2.3...v1.2.5 Before this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === Vulnerability #1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.21.0 Fixed in: golang.org/x/net@v0.23.0 Example traces found: #1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error #2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String #3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String #4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String #5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String #6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String #7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error #8: services/version/v1/version_grpc.pb.go:13:2: version.init calls status.init, which eventually calls http2.chunkWriter.Write #9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error #10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error #11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error #12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error #13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error #14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String Your code is affected by 1 vulnerability from 1 module. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. After this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
dmcgowan
pushed a commit
that referenced
this pull request
Jul 1, 2024
Update the dependency and the indirect golang.org/x/net version to align
with containerd itself, and to prevent a vulnerability being detected.
We should keep the versions <= versions used by containerd 1.7 to prevent
forcing users of containerd 1.7 in combination with the latest version
of the API module from having to update all their dependencies, but
this update should likely be fine (and aligns with 1.7).
Before this:
Scanning your code and 254 packages across 15 dependent modules for known vulnerabilities...
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.21.0
Fixed in: golang.org/x/net@v0.23.0
Example traces found:
#1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error
#2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String
#3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String
#4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String
#5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String
#6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String
#7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error
#8: services/content/v1/content_ttrpc.pb.go:272:35: content.ttrpccontentClient.Write calls ttrpc.Client.NewStream, which eventually calls http2.chunkWriter.Write
#9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error
#10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error
#11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error
#12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error
#13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error
#14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String
Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
After this:
govulncheck ./...
Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities...
=== Symbol Results ===
No vulnerabilities found.
Your code is affected by 0 vulnerabilities.
This scan also found 0 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
dmcgowan
pushed a commit
that referenced
this pull request
Jul 26, 2025
`govulncheck -mode=binary` detected the following vulns, but `-mode=source` says "your code doesn't appear to call these vulnerabilities." ``` === Symbol Results === Vulnerability #1: GO-2025-3503 HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net More info: https://pkg.go.dev/vuln/GO-2025-3503 Module: golang.org/x/net Found in: golang.org/x/net@v0.33.0 Fixed in: golang.org/x/net@v0.36.0 Vulnerable symbols found: #1: httpproxy.config.useProxy #2: httpproxy.domainMatch.match #3: proxy.Dial #4: proxy.FromEnvironment #5: proxy.FromEnvironmentUsing Use '-show traces' to see the other 3 found symbols Vulnerability #2: GO-2025-3488 Unexpected memory consumption during token parsing in golang.org/x/oauth2 More info: https://pkg.go.dev/vuln/GO-2025-3488 Module: golang.org/x/oauth2 Found in: golang.org/x/oauth2@v0.11.0 Fixed in: golang.org/x/oauth2@v0.27.0 Vulnerable symbols found: #1: jws.Verify Vulnerability #3: GO-2025-3487 Potential denial of service in golang.org/x/crypto More info: https://pkg.go.dev/vuln/GO-2025-3487 Module: golang.org/x/crypto Found in: golang.org/x/crypto@v0.31.0 Fixed in: golang.org/x/crypto@v0.35.0 Vulnerable symbols found: #1: ssh.Client.Dial #2: ssh.Client.DialContext #3: ssh.Client.DialTCP #4: ssh.Client.Listen #5: ssh.Client.ListenTCP Use '-show traces' to see the other 48 found symbols Your code is affected by 3 vulnerabilities from 3 modules. This scan found no other vulnerabilities in packages you import or modules you require. Use '-show verbose' for more details. ``` NOTE: Go version requirement is now bumped up from 1.21 to 1.23 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
dmcgowan
pushed a commit
that referenced
this pull request
Jul 26, 2025
Silences a false govulncheck alert ``` Vulnerability #1: GO-2025-3595 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net More info: https://pkg.go.dev/vuln/GO-2025-3595 Module: golang.org/x/net Found in: golang.org/x/net@v0.36.0 Fixed in: golang.org/x/net@v0.38.0 ``` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
dmcgowan
pushed a commit
that referenced
this pull request
Oct 29, 2025
Silence a govulncheck noise: ``` Vulnerability #1: GO-2025-3595 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net More info: https://pkg.go.dev/vuln/GO-2025-3595 Module: golang.org/x/net Found in: golang.org/x/net@v0.37.0 Fixed in: golang.org/x/net@v0.38.0 Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 1 vulnerability in modules you require, but your code doesn't appear to call these vulnerabilities. ``` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
dmcgowan
added a commit
that referenced
this pull request
Nov 5, 2025
[Carry #1] fix goroutine leak of container Attach
dmcgowan
pushed a commit
that referenced
this pull request
Nov 6, 2025
Silences a false govulncheck alert ``` Vulnerability #1: GO-2025-3595 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net More info: https://pkg.go.dev/vuln/GO-2025-3595 Module: golang.org/x/net Found in: golang.org/x/net@v0.37.0 Fixed in: golang.org/x/net@v0.38.0 ``` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
dmcgowan
pushed a commit
that referenced
this pull request
Feb 9, 2026
This change sets the AppArmor policy used by containerd to indicate it is `abi/3.0`. This was chosen based on some code archeology which indicated that containerd 1.7 came out in March 2023, before the AppArmor 4.0 ABI. The AppArmor policies themselves date to much older; the last apparmor version-checks were removed in 4baa187 and c990e3f, and both were looking for AppArmor 2.8.96 or older, pointing to abi/3.0 being the "correct" one to pick. Nothing is preventing containerd from migrating to a newer AppArmor ABI; note, however, that anything newer than `abi/4.0` will need modifications to preserve UNIX domain sockets. This was tested by building a custom k3s v1.35.0+k3s3, with the following modification: ``` diff --git a/go.mod b/go.mod index 4e7bacd204..0fcaf76b8f 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ replace ( github.com/cilium/ebpf => github.com/cilium/ebpf v0.12.3 github.com/cloudnativelabs/kube-router/v2 => github.com/k3s-io/kube-router/v2 v2.6.3-k3s1 github.com/containerd/containerd/api => github.com/containerd/containerd/api v1.9.0 - github.com/containerd/containerd/v2 => github.com/k3s-io/containerd/v2 v2.1.5-k3s1 + github.com/containerd/containerd/v2 => github.com/achernya/containerd/v2 v2.0.0-20260206214308-5e0dce89c422 github.com/containerd/imgcrypt => github.com/containerd/imgcrypt v1.1.11 github.com/containerd/stargz-snapshotter => github.com/k3s-io/stargz-snapshotter v0.17.0-k3s1 github.com/docker/distribution => github.com/docker/distribution v2.8.3+incompatible ``` to use a precursor to this commit. Once built, the resulting k3s was tested on a brand-new Proxmox installation: ``` root@containerd-test:~# uname -a Linux containerd-test 6.17.2-1-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.2-1 (2025-10-21T11:55Z) x86_64 GNU/Linux root@containerd-test:~# pveversion pve-manager/9.1.1/42db4a6cf33dac83 (running kernel: 6.17.2-1-pve) ``` Files were copied over: ``` achernya@achernya-dev:~/src/k3s$ scp -r dist/artifacts/ root@containerd-test: ``` and installed ``` root@containerd-test:~# mkdir -p /var/lib/rancher/k3s/agent/images/ /usr/local/bin root@containerd-test:~# cp artifacts/k3s /usr/local/bin/ root@containerd-test:~# cp artifacts/k3s-airgap-images-amd64.tar.zst /var/lib/rancher/k3s/agent/images/ ``` then finally started with `k3s server`. Argo CD was then installed: ``` root@containerd-test:~# k3s kubectl create namespace argocd namespace/argocd created root@containerd-test:~# k3s kubectl apply -n argocd --server-side --force-conflicts -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml [elided] root@containerd-test:~# k3s kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE argocd argocd-application-controller-0 1/1 Running 0 31s argocd argocd-applicationset-controller-77475dfcf-6b4cb 1/1 Running 0 32s argocd argocd-dex-server-6485c5ddf5-ckp5s 1/1 Running 0 32s argocd argocd-notifications-controller-758f795776-djx69 1/1 Running 0 32s argocd argocd-redis-6cc4bb5db5-lt9fh 1/1 Running 0 32s argocd argocd-repo-server-c76cf57cd-mr4mc 1/1 Running 0 32s argocd argocd-server-6f85b59c87-w6cns 0/1 Running 0 32s kube-system coredns-6b4688786f-pnds2 1/1 Running 0 4m1s kube-system helm-install-traefik-crd-cn28g 0/1 Completed 0 4m1s kube-system helm-install-traefik-hc9gp 0/1 Completed 2 4m1s kube-system local-path-provisioner-6bc6568469-7wglx 1/1 Running 0 4m1s kube-system metrics-server-77dbbf84b-nqzsc 1/1 Running 0 4m1s kube-system svclb-traefik-fe6d3a0b-z7jsp 2/2 Running 0 3m14s kube-system traefik-5fdc878c8d-cjhx5 1/1 Running 0 3m15s ``` Fixes: containerd#12726 Signed-off-by: Alex Chernyakhovsky <alex@achernya.com>
dmcgowan
pushed a commit
that referenced
this pull request
Apr 14, 2026
This change sets the AppArmor policy used by containerd to indicate it is `abi/3.0`. This was chosen based on some code archeology which indicated that containerd 1.7 came out in March 2023, before the AppArmor 4.0 ABI. The AppArmor policies themselves date to much older; the last apparmor version-checks were removed in 4baa187 and c990e3f, and both were looking for AppArmor 2.8.96 or older, pointing to abi/3.0 being the "correct" one to pick. Nothing is preventing containerd from migrating to a newer AppArmor ABI; note, however, that anything newer than `abi/4.0` will need modifications to preserve UNIX domain sockets. This was tested by building a custom k3s v1.35.0+k3s3, with the following modification: ``` diff --git a/go.mod b/go.mod index 4e7bacd204..0fcaf76b8f 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ replace ( github.com/cilium/ebpf => github.com/cilium/ebpf v0.12.3 github.com/cloudnativelabs/kube-router/v2 => github.com/k3s-io/kube-router/v2 v2.6.3-k3s1 github.com/containerd/containerd/api => github.com/containerd/containerd/api v1.9.0 - github.com/containerd/containerd/v2 => github.com/k3s-io/containerd/v2 v2.1.5-k3s1 + github.com/containerd/containerd/v2 => github.com/achernya/containerd/v2 v2.0.0-20260206214308-5e0dce89c422 github.com/containerd/imgcrypt => github.com/containerd/imgcrypt v1.1.11 github.com/containerd/stargz-snapshotter => github.com/k3s-io/stargz-snapshotter v0.17.0-k3s1 github.com/docker/distribution => github.com/docker/distribution v2.8.3+incompatible ``` to use a precursor to this commit. Once built, the resulting k3s was tested on a brand-new Proxmox installation: ``` root@containerd-test:~# uname -a Linux containerd-test 6.17.2-1-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.2-1 (2025-10-21T11:55Z) x86_64 GNU/Linux root@containerd-test:~# pveversion pve-manager/9.1.1/42db4a6cf33dac83 (running kernel: 6.17.2-1-pve) ``` Files were copied over: ``` achernya@achernya-dev:~/src/k3s$ scp -r dist/artifacts/ root@containerd-test: ``` and installed ``` root@containerd-test:~# mkdir -p /var/lib/rancher/k3s/agent/images/ /usr/local/bin root@containerd-test:~# cp artifacts/k3s /usr/local/bin/ root@containerd-test:~# cp artifacts/k3s-airgap-images-amd64.tar.zst /var/lib/rancher/k3s/agent/images/ ``` then finally started with `k3s server`. Argo CD was then installed: ``` root@containerd-test:~# k3s kubectl create namespace argocd namespace/argocd created root@containerd-test:~# k3s kubectl apply -n argocd --server-side --force-conflicts -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml [elided] root@containerd-test:~# k3s kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE argocd argocd-application-controller-0 1/1 Running 0 31s argocd argocd-applicationset-controller-77475dfcf-6b4cb 1/1 Running 0 32s argocd argocd-dex-server-6485c5ddf5-ckp5s 1/1 Running 0 32s argocd argocd-notifications-controller-758f795776-djx69 1/1 Running 0 32s argocd argocd-redis-6cc4bb5db5-lt9fh 1/1 Running 0 32s argocd argocd-repo-server-c76cf57cd-mr4mc 1/1 Running 0 32s argocd argocd-server-6f85b59c87-w6cns 0/1 Running 0 32s kube-system coredns-6b4688786f-pnds2 1/1 Running 0 4m1s kube-system helm-install-traefik-crd-cn28g 0/1 Completed 0 4m1s kube-system helm-install-traefik-hc9gp 0/1 Completed 2 4m1s kube-system local-path-provisioner-6bc6568469-7wglx 1/1 Running 0 4m1s kube-system metrics-server-77dbbf84b-nqzsc 1/1 Running 0 4m1s kube-system svclb-traefik-fe6d3a0b-z7jsp 2/2 Running 0 3m14s kube-system traefik-5fdc878c8d-cjhx5 1/1 Running 0 3m15s ``` Fixes: containerd#12726 Signed-off-by: Alex Chernyakhovsky <alex@achernya.com> (cherry picked from commit a6f03a7) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
dmcgowan
pushed a commit
that referenced
this pull request
Apr 14, 2026
This change sets the AppArmor policy used by containerd to indicate it is `abi/3.0`. This was chosen based on some code archeology which indicated that containerd 1.7 came out in March 2023, before the AppArmor 4.0 ABI. The AppArmor policies themselves date to much older; the last apparmor version-checks were removed in 4baa187 and c990e3f, and both were looking for AppArmor 2.8.96 or older, pointing to abi/3.0 being the "correct" one to pick. Nothing is preventing containerd from migrating to a newer AppArmor ABI; note, however, that anything newer than `abi/4.0` will need modifications to preserve UNIX domain sockets. This was tested by building a custom k3s v1.35.0+k3s3, with the following modification: ``` diff --git a/go.mod b/go.mod index 4e7bacd204..0fcaf76b8f 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ replace ( github.com/cilium/ebpf => github.com/cilium/ebpf v0.12.3 github.com/cloudnativelabs/kube-router/v2 => github.com/k3s-io/kube-router/v2 v2.6.3-k3s1 github.com/containerd/containerd/api => github.com/containerd/containerd/api v1.9.0 - github.com/containerd/containerd/v2 => github.com/k3s-io/containerd/v2 v2.1.5-k3s1 + github.com/containerd/containerd/v2 => github.com/achernya/containerd/v2 v2.0.0-20260206214308-5e0dce89c422 github.com/containerd/imgcrypt => github.com/containerd/imgcrypt v1.1.11 github.com/containerd/stargz-snapshotter => github.com/k3s-io/stargz-snapshotter v0.17.0-k3s1 github.com/docker/distribution => github.com/docker/distribution v2.8.3+incompatible ``` to use a precursor to this commit. Once built, the resulting k3s was tested on a brand-new Proxmox installation: ``` root@containerd-test:~# uname -a Linux containerd-test 6.17.2-1-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.2-1 (2025-10-21T11:55Z) x86_64 GNU/Linux root@containerd-test:~# pveversion pve-manager/9.1.1/42db4a6cf33dac83 (running kernel: 6.17.2-1-pve) ``` Files were copied over: ``` achernya@achernya-dev:~/src/k3s$ scp -r dist/artifacts/ root@containerd-test: ``` and installed ``` root@containerd-test:~# mkdir -p /var/lib/rancher/k3s/agent/images/ /usr/local/bin root@containerd-test:~# cp artifacts/k3s /usr/local/bin/ root@containerd-test:~# cp artifacts/k3s-airgap-images-amd64.tar.zst /var/lib/rancher/k3s/agent/images/ ``` then finally started with `k3s server`. Argo CD was then installed: ``` root@containerd-test:~# k3s kubectl create namespace argocd namespace/argocd created root@containerd-test:~# k3s kubectl apply -n argocd --server-side --force-conflicts -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml [elided] root@containerd-test:~# k3s kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE argocd argocd-application-controller-0 1/1 Running 0 31s argocd argocd-applicationset-controller-77475dfcf-6b4cb 1/1 Running 0 32s argocd argocd-dex-server-6485c5ddf5-ckp5s 1/1 Running 0 32s argocd argocd-notifications-controller-758f795776-djx69 1/1 Running 0 32s argocd argocd-redis-6cc4bb5db5-lt9fh 1/1 Running 0 32s argocd argocd-repo-server-c76cf57cd-mr4mc 1/1 Running 0 32s argocd argocd-server-6f85b59c87-w6cns 0/1 Running 0 32s kube-system coredns-6b4688786f-pnds2 1/1 Running 0 4m1s kube-system helm-install-traefik-crd-cn28g 0/1 Completed 0 4m1s kube-system helm-install-traefik-hc9gp 0/1 Completed 2 4m1s kube-system local-path-provisioner-6bc6568469-7wglx 1/1 Running 0 4m1s kube-system metrics-server-77dbbf84b-nqzsc 1/1 Running 0 4m1s kube-system svclb-traefik-fe6d3a0b-z7jsp 2/2 Running 0 3m14s kube-system traefik-5fdc878c8d-cjhx5 1/1 Running 0 3m15s ``` Fixes: containerd#12726 Signed-off-by: Alex Chernyakhovsky <alex@achernya.com> (cherry picked from commit a6f03a7) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebase of port forward PR