Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update runsc version used by gVisor addon #4482

Closed
ianlewis opened this issue Jun 13, 2019 · 6 comments
Closed

Update runsc version used by gVisor addon #4482

ianlewis opened this issue Jun 13, 2019 · 6 comments
Assignees
@ianlewis
Labels
co/runtime/containerd priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.

Comments

@ianlewis
Copy link
Contributor

Now that minikube can use containerd 1.2+ we should update containerd to use shimv2 and update the runsc version used.
@ianlewis
Copy link
Contributor Author

Currently blocked by #3512 since runsc uses pivot_root.

ianlewis added a commit to ianlewis/minikube that referenced this issue Jun 13, 2019
@ianlewis
[WIP] Update gvisor runsc version (refs kubernetes#4482)
da0498c 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
@medyagh
Copy link
Member

medyagh commented Jun 15, 2019

Thanks for creating this issue, if you don't mind could you provide more context on the reason for this request? I would be happy to review any PR that would improve the gvsior addon

@medyagh medyagh added the triage/needs-information Indicates an issue needs more information in order to work on it. label Jun 15, 2019
@ianlewis
Copy link
Contributor Author

ianlewis commented Jun 15, 2019
edited
Loading

There isn't a specific reason besides that the version currently used is 6mo+ old and containerd isn't set up to use RuntimeClass and shim v2. It's been on my back burner for a while, just haven't gotten around to it. Added an issue to track. You can assign to me if inclined.

ianlewis added a commit to ianlewis/minikube that referenced this issue Jun 15, 2019
@ianlewis
[WIP] Update gvisor runsc version (refs kubernetes#4482)
64430e1 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
ianlewis added a commit to ianlewis/minikube that referenced this issue Jun 15, 2019
@ianlewis
[WIP] Update gvisor runsc version (refs kubernetes#4482)
1bce451 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
ianlewis added a commit to ianlewis/minikube that referenced this issue Jun 15, 2019
@ianlewis
Update gvisor runsc version (refs kubernetes#4482)
07b842a 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
@afbjorklund
Copy link
Collaborator

Theoretically one could make that other program respect the legacy/vulnerable setting of --no-pivot.

@ianlewis
Copy link
Contributor Author

@afbjorklund Yeah, Though since gVisor is a sandbox runtime I'd like to avoid adding adding less secure options if possible.

ianlewis added a commit to ianlewis/minikube that referenced this issue Jun 27, 2019
@ianlewis
Update gvisor runsc version (refs kubernetes#4482)
f641bcc 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
@ianlewis ianlewis mentioned this issue Jul 4, 2019
Closed
@priyawadhwa priyawadhwa mentioned this issue Jul 8, 2019
Merged
@tstromberg tstromberg added priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. co/runtime/containerd and removed triage/needs-information Indicates an issue needs more information in order to work on it. labels Jul 17, 2019
ianlewis added a commit to ianlewis/minikube that referenced this issue Aug 26, 2019
@ianlewis
Update gvisor runsc version (refs kubernetes#4482)
594e99e 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass
@ianlewis ianlewis mentioned this issue Aug 26, 2019
Merged
ianlewis added a commit to ianlewis/minikube that referenced this issue Aug 26, 2019
@ianlewis
Update gvisor runsc version
f856177 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass

Issue kubernetes#4482
ianlewis added a commit to ianlewis/minikube that referenced this issue Aug 26, 2019
@ianlewis
Update gvisor runsc version
e217128 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass

Issue kubernetes#4482
ianlewis added a commit to ianlewis/minikube that referenced this issue Aug 26, 2019
@ianlewis
Update gvisor runsc version
d14bdbc 
- Updates the gvisor addon to use containerd shim v2
- Updates the version of runsc
- Auto-installs a gvisor RuntimeClass

Issue kubernetes#4482
@tstromberg
Copy link
Contributor

Merged in by #4494.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ianlewis ianlewis

Labels
co/runtime/containerd priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ianlewis @tstromberg @medyagh @afbjorklund