This repository was archived by the owner on May 12, 2021. It is now read-only.
virtcontainers: apply devices constraints#657
Merged
Conversation
Author
|
Depends-on: kata-containers/packaging#157 |
This was referenced Aug 28, 2018
Closed
Contributor
|
PSS Measurement: Memory inside container: |
Codecov Report
@@ Coverage Diff @@
## master #657 +/- ##
=========================================
Coverage ? 65.34%
=========================================
Files ? 85
Lines ? 9878
Branches ? 0
=========================================
Hits ? 6455
Misses ? 2766
Partials ? 657 |
|
Build failed (third-party-check pipeline) integration testing with
|
|
lgtm |
devimc
force-pushed
the
topic/applyConstraints
branch
from
0530f4e to
286ee90
Compare
devimc
changed the title
Apply devices constraints to the container in the virtual machine fixes kata-containers#656 Signed-off-by: Julio Montes <julio.montes@intel.com>
devimc
force-pushed
the
topic/applyConstraints
branch
from
286ee90 to
137769a
Compare
Author
|
pr updated, as we agreed in kata-containers/packaging#157, blockIO constraints should be applied in the host, not in the VM @kata-containers/runtime |
Member
|
lgtm |
|
Build failed (third-party-check pipeline) integration testing with
|
Author
|
the test for this change kata-containers/tests#666 |
|
Build failed (third-party-check pipeline) integration testing with
|
Contributor
|
PSS Measurement: Memory inside container: |
|
Merging! |
jcvenegas
pushed a commit
to jcvenegas/runtime
that referenced
this pull request
Aug 30, 2018
…ints virtcontainers: apply devices constraints
GabyCT
added a commit
to GabyCT/tests-1
that referenced
this pull request
Aug 30, 2018
Now that kata-containers/runtime#657 has been solved, the device passed as volume should also needs to be passed as device. Fixes kata-containers#684 Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
egernst
pushed a commit
to egernst/runtime
that referenced
this pull request
Feb 9, 2021
Includes significant fixes including change to allow proc mount only if it is rootfs. Shortlog: d736ef14 (tag: v1.0.0-rc9) VERSION: update to 1.0.0-rc9 d463f648 *: verify that operations on /proc/... are on procfs 9aef5044 vendor: update github.com/opencontainers/selinux 84373aaa Add SCMP_ACT_LOG as a valid Seccomp action (kata-containers#1951) 331692ba Only allow proc mount if it is procfs af7b6547 libcontainer/nsenter: Don't import C in non-cgo file 718a566e cgroup: support mount of cgroup2 115d4b9e bump golang/protobuf v1.0.0 85c02f3f bump coreos/go-systemd v19, godbus/dbus v5.0.1 21498b8e bump mrunalp/fileutils 7d4729fb36185a7c1719923406c9d40e54fb93c7 eb86f603 bump syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2 1150ce9c bump urfave/cli v1.20.0 8e4f645f bump docker/go-units v0.3.3 0fc06623 bump cyphar/filepath-securejoin v0.2.2 414a39de bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f de24d733 bump github.com/pkg/errors 0.8.1 4be3c48e Reformat vendor.conf and pin all deps by git-sha 524cb7c3 libcontainer: add systemd.UnifiedManager ec111368 libcontainer, cgroups: rename systemd.Manager to LegacyManager 1932917b libcontainer: add initial support for cgroups v2 4316e4d0 Bump x/sys and update syscall to start Risc-V support 0bc069d7 nsenter: fix clang-tidy warning b225ef58 nsenter: minor clean up e4aa7342 Rename cgroups_windows.go to cgroups_unsupported.go c740965a libcontainer: update masked paths of /proc 518c8558 Remove libcontainer detection for systemd features 4ca00773 Update vendored dependencies to remove go-systemd/util 588f040a Avoid the dependency on cgo through go-systemd/util package afc24792 Make get devices function public 9c822e48 cgroups/fs: check nil pointers in cgroup manager 1712af0e man: fix man-pages f08cdaee Skip searching /dev/.udev for device nodes. 808e809f doc: First process in container needs `Init: true` 351bfb4b integration: remove blkio.weight (unavailable in kernel 5.0) 7e678625 Bump CRIU to 3.12 68cc1a77 Update busybox source and fix runc exec bug 371d13c9 Update bash completion for v1.0.0 release 7a9ffa89 Change the permissions of the notify listener socket to rwx for everyone e7831f2a Update to Go 1.12 and drop obsolete versions 472fe623 criu image path permission error in rootless checkpoint Fixes kata-containers#657 Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Apply devices constraints to the container in the virtual machine
fixes #656
Signed-off-by: Julio Montes julio.montes@intel.com