Add API events stream #1

crosbymichael · 2015-12-02T18:55:21Z

No description provided.

Add a Jenkinsfile for building our changes on Linux and FreeBSD

(below is a quote from my runc commit 6f82d4b) TL;DR: check for IsExist(err) after a failed MkdirAll() is both redundant and wrong -- so two reasons to remove it. Quoting MkdirAll documentation: > MkdirAll creates a directory named path, along with any necessary > parents, and returns nil, or else returns an error. If path > is already a directory, MkdirAll does nothing and returns nil. This means two things: 1. If a directory to be created already exists, no error is returned. 2. If the error returned is IsExist (EEXIST), it means there exists a non-directory with the same name as MkdirAll need to use for directory. Example: we want to MkdirAll("a/b"), but file "a" (or "a/b") already exists, so MkdirAll fails. The above is a theory, based on quoted documentation and my UNIX knowledge. 3. In practice, though, current MkdirAll implementation [1] returns ENOTDIR in most of cases described in containerd#2, with the exception when there is a race between MkdirAll and someone else creating the last component of MkdirAll argument as a file. In this very case MkdirAll() will indeed return EEXIST. Because of containerd#1, IsExist check after MkdirAll is not needed. Because of containerd#2 and containerd#3, ignoring IsExist error is just plain wrong, as directory we require is not created. It's cleaner to report the error now. Note this error is all over the tree, I guess due to copy-paste, or trying to follow the same usage pattern as for Mkdir(), or some not quite correct examples on the Internet. [1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Use reaper for linux exit management

Add Windows Publisher and Signal Handler

…ignals_lcow Add the ability to parse signals based on a platform string

update example

Fix the Inheritable capability defaults.

CRI Sbserver: Make PodSandboxStatus friendlier to shim crashes

Add debian package building for ubuntu xenial

Update the dependency and the indirect golang.org/x/net version to align with containerd 1.7 itself, and to prevent a vulnerability being detected. This should not generally be an issue, as the API module is used by containerd 1.7 and up, which already depend on a more current version of these dependencies. full diff: containerd/ttrpc@v1.2.3...v1.2.4 Before this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === Vulnerability containerd#1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.21.0 Fixed in: golang.org/x/net@v0.23.0 Example traces found: containerd#1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error containerd#2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String containerd#3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String containerd#4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String containerd#5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String containerd#6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String containerd#7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error containerd#8: services/version/v1/version_grpc.pb.go:13:2: version.init calls status.init, which eventually calls http2.chunkWriter.Write containerd#9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error containerd#10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error containerd#11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error containerd#12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error containerd#13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error containerd#14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String Your code is affected by 1 vulnerability from 1 module. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. After this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Update the dependency and the indirect golang.org/x/net version to align with containerd itself, and to prevent a vulnerability being detected. We should keep the versions <= versions used by containerd 1.7 to prevent forcing users of containerd 1.7 in combination with the latest version of the API module from having to update all their dependencies, but this update should likely be fine (and aligns with 1.7). Before this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === Vulnerability containerd#1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.21.0 Fixed in: golang.org/x/net@v0.23.0 Example traces found: containerd#1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error containerd#2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String containerd#3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String containerd#4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String containerd#5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String containerd#6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String containerd#7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error containerd#8: services/version/v1/version_grpc.pb.go:13:2: version.init calls status.init, which eventually calls http2.chunkWriter.Write containerd#9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error containerd#10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error containerd#11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error containerd#12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error containerd#13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error containerd#14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String Your code is affected by 1 vulnerability from 1 module. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. After this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Update the dependency and the indirect golang.org/x/net version to align with containerd itself, and to prevent a vulnerability being detected. We should keep the versions <= versions used by containerd 1.7 to prevent forcing users of containerd 1.7 in combination with the latest version of the API module from having to update all their dependencies, but this update should likely be fine (and aligns with 1.7). Before this: Scanning your code and 254 packages across 15 dependent modules for known vulnerabilities... === Symbol Results === Vulnerability containerd#1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.21.0 Fixed in: golang.org/x/net@v0.23.0 Example traces found: containerd#1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error containerd#2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String containerd#3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String containerd#4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String containerd#5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String containerd#6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String containerd#7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error containerd#8: services/content/v1/content_ttrpc.pb.go:272:35: content.ttrpccontentClient.Write calls ttrpc.Client.NewStream, which eventually calls http2.chunkWriter.Write containerd#9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error containerd#10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error containerd#11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error containerd#12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error containerd#13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error containerd#14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String Your code is affected by 1 vulnerability from 1 module. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. After this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Update the dependency and the indirect golang.org/x/net version to align with containerd 1.7 itself, and to prevent a vulnerability being detected. This should not generally be an issue, as the API module is used by containerd 1.7 and up, which already depend on a more current version of these dependencies. full diff: containerd/ttrpc@v1.2.3...v1.2.5 Before this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === Vulnerability containerd#1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.21.0 Fixed in: golang.org/x/net@v0.23.0 Example traces found: containerd#1: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ConnectionError.Error containerd#2: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.ErrCode.String containerd#3: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameHeader.String containerd#4: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.FrameType.String containerd#5: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.Setting.String containerd#6: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.SettingID.String containerd#7: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.StreamError.Error containerd#8: services/version/v1/version_grpc.pb.go:13:2: version.init calls status.init, which eventually calls http2.chunkWriter.Write containerd#9: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.connError.Error containerd#10: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.duplicatePseudoHeaderError.Error containerd#11: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldNameError.Error containerd#12: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.headerFieldValueError.Error containerd#13: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.pseudoHeaderError.Error containerd#14: events/task_fieldpath.pb.go:85:20: events.TaskIO.Field calls fmt.Sprint, which eventually calls http2.writeData.String Your code is affected by 1 vulnerability from 1 module. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. After this: govulncheck ./... Scanning your code and 251 packages across 13 dependent modules for known vulnerabilities... === Symbol Results === No vulnerabilities found. Your code is affected by 0 vulnerabilities. This scan also found 0 vulnerabilities in packages you import and 3 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Use '-show verbose' for more details. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

crosbymichael modified the milestone: alpha Dec 8, 2015

crosbymichael closed this as completed Dec 10, 2015

rtyler pushed a commit to rtyler/containerd that referenced this issue Sep 6, 2017

Merge pull request containerd#1 from rtyler/jenkinsfile

be68e6e

Add a Jenkinsfile for building our changes on Linux and FreeBSD

romfreiman mentioned this issue Oct 30, 2017

Docker daemon fails to start if events.log is corrupted #1699

Closed

kolyshkin mentioned this issue Nov 30, 2017

MkdirAll: fix usage #1840

Merged

tswift242 mentioned this issue Jun 12, 2018

Checkpoint/restore: add support for cloning processes with open sockets #2398

Open

crosbymichael pushed a commit to crosbymichael/containerd that referenced this issue Jul 23, 2018

Merge pull request containerd#1 from crosbymichael/process

6c3e782

Use reaper for linux exit management

crosbymichael pushed a commit to crosbymichael/containerd that referenced this issue Jul 27, 2018

Merge pull request containerd#1 from crosbymichael/runtime-v2-windows

965cca6

Add Windows Publisher and Signal Handler

pinacoelho mentioned this issue Feb 18, 2019

runc init goes into a loop with containerd.io 1.2.2-3.3 #3027

Closed

katiewasnothere added a commit to katiewasnothere/containerd that referenced this issue Dec 2, 2020

Merge pull request containerd#1 from katiewasnothere/parse_platform_s…

eceadbd

…ignals_lcow Add the ability to parse signals based on a platform string

airadier mentioned this issue Jun 11, 2021

Missing content blob on new cluster #5600

Open

alakesh mentioned this issue Jul 22, 2021

make integration fails with missing entry error in go.sum #5782

Closed

perezjasonr mentioned this issue Aug 12, 2021

selinux keycreate issue #5864

Closed

ralfv mentioned this issue Oct 26, 2021

containerd deletes pause image when running crictl rmi --prune even if pause is used by running Kubernetes Pod #6160

Open

brycechesternewman mentioned this issue Oct 28, 2021

Randomly no log file being created in /var/log/containers. #6172

Closed

yxxhero mentioned this issue Nov 2, 2021

containerd allow delete to image in use #6192

Closed

pontaoski mentioned this issue Nov 4, 2021

issue creating containers due to seccomp failure (error adding seccomp filter rule for syscall clone3: permission denied: unknown, Docker 20.10.10) #6203

Closed

jepio pushed a commit to jepio/containerd that referenced this issue Dec 3, 2021

Merge pull request containerd#1 from ianwoolf/update_example

f8b73eb

update example

epubreader mentioned this issue Dec 7, 2021

addrConn.createTransport failed to connect to {unix:///run/containerd/containerd.sock #6342

Closed

alexamy mentioned this issue Feb 17, 2022

"containerd": executable file not found in $PATH (Arch Linux) #6561

Closed

vsxen mentioned this issue Mar 21, 2022

container stop without any reason #6704

Closed

C-Higgins mentioned this issue Mar 21, 2022

1.5.10 causes memory leak in mysql container; regression from 1.4.13 #6707

Open

arpadmuller mentioned this issue Mar 28, 2022

yum install, transation freeze with containerd.io 1.5.11 #6741

Closed

yongxiu mentioned this issue Apr 4, 2022

Failed to write in VOLUME of Dockerfile in rhel 8.4 #6773

Open

neoakris mentioned this issue Apr 26, 2022

trying to use ctr run to host registry:2 results in freezing #6861

Closed

henry652341974 mentioned this issue May 22, 2022

kubeadm init failed:" list all containers using your preferred container runtimes CLI." #6970

Closed

thaJeztah added a commit to thaJeztah/containerd that referenced this issue Aug 30, 2022

Merge pull request containerd#1 from moby/1.5_CVE-2022-24769

7cfa023

Fix the Inheritable capability defaults.

lgalfaso mentioned this issue Sep 11, 2022

Pulling images uses Content-Type from the wrong response #7390

Open

blowfishpro mentioned this issue Jun 3, 2023

Image-defined volumes with lots of files cause high I/O load at container start #8639

Open

abel-von pushed a commit to abel-von/containerd that referenced this issue Jun 11, 2023

Merge pull request containerd#1 from Burning1020/fix-status-error

8c791aa

CRI Sbserver: Make PodSandboxStatus friendlier to shim crashes

GuillaumeDorschner mentioned this issue Jun 19, 2023

Containerd Not Redirecting to the set Mirror Specified in Config.toml #8707

Closed

V0idk mentioned this issue Jun 25, 2023

AppArmor parser error for /tmp/cri-containerd.apparmor.test in /tmp/cri-containerd.apparmor.test at line 16: syntax error, unexpected TOK_OPENPAREN, expecting TOK_MOD #8737

Closed

leecha mentioned this issue Jul 3, 2023

Unable to remove sandbox when cni plugin not initialized #8774

Closed

bpfoster mentioned this issue Jul 20, 2023

Filesystem userxattr check in overlayfs snapshotter can fail due to improper mount call #8851

Closed

nitinkumar4 mentioned this issue Jul 21, 2023

Pulling image fails - failed to unmount temp mount - device or resource busy: unknown #5538

Closed

dylanrhysscott mentioned this issue Aug 5, 2023

netns.NewNetNS() creates an invalid namespace that can't be used by libcni - Error: Peer netns reference is invalid. #8923

Closed

HamzaMalik95 mentioned this issue Aug 11, 2023

Container Not working on Port 80 #8956

Closed

charugarg2810 mentioned this issue Aug 16, 2023

Containerd Image pull fails intermittently with EOF error for Harbor private registry #8971

Open

jseba pushed a commit to jseba/containerd that referenced this issue Aug 25, 2023

Merge pull request containerd#1 from seemethere/xenial

da474d7

Add debian package building for ubuntu xenial

royanirban76 mentioned this issue Sep 4, 2023

After an ungracefull reboot of VM based worker node, POD is missing the secondary interface #9053

Closed

houyn9 mentioned this issue Sep 13, 2023

Residual /usr/local/bin/containerd-shim-runc-v2 and runc init processes in containerd #9092

Open

den-is mentioned this issue Sep 30, 2023

Hubble Pods got IPs from unknown 10.88.0.0 subnet #9171

Open

dmcgowan mentioned this issue Oct 5, 2023

[release/1.7] Prepare release notes for v1.7.7 #9194

Merged

marcodalcin mentioned this issue Oct 11, 2023

OCI runtime create failed #9222

Closed

BartJansseune mentioned this issue Nov 16, 2023

Hash reported by after import does not correspond with the hash of the tar file of a container #9389

Open

kwangabc mentioned this issue Dec 8, 2023

ctr: failed to mount /run/user/0/containerd-mount2678399194: no such device #9493

Closed

sandeepbudanur mentioned this issue Mar 8, 2024

Containerd appears to get stuck occasionally while creating/removing a sandbox pod after which retry attempts to create the sandbox pod fails. #9947

Open

pnmatich mentioned this issue Mar 26, 2024

Bizarre unauthorised image pull errors for mirror registry #9997

Open

system51 mentioned this issue Apr 25, 2024

ctr pull images err archive/tar: invalid tar header: unknown #10134

Closed

sg893052 mentioned this issue May 15, 2024

containerd crash - containerd[501]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x129a0 pc=0x563a4cdd0d6f] #10230

Open

willthames mentioned this issue May 17, 2024

ImagePull failure - can't unmount tmpmount #10239

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add API events stream #1

Add API events stream #1

crosbymichael commented Dec 2, 2015

Add API events stream #1

Add API events stream #1

Comments

crosbymichael commented Dec 2, 2015