Skip to content

Automated cherry pick of #102147: vendor: bump runc to rc95#102196

Merged
k8s-ci-robot merged 4 commits intokubernetes:release-1.21from
kolyshkin:automated-cherry-pick-of-#102147-upstream-release-1.21
May 21, 2021
Merged

Automated cherry pick of #102147: vendor: bump runc to rc95#102196
k8s-ci-robot merged 4 commits intokubernetes:release-1.21from
kolyshkin:automated-cherry-pick-of-#102147-upstream-release-1.21

Conversation

@kolyshkin
Copy link
Copy Markdown
Contributor

@kolyshkin kolyshkin commented May 20, 2021
edited by liggitt
Loading

Cherry pick of #102147 on release-1.21.

/kind bug

Fixes #101989

#102147: vendor: bump runc to rc95

For details on the cherry pick process, see the cherry pick requests page.

Fix a kubelet CPU regression in 1.21 and fixes resource enforcement when using systemd cgroup driver

giuseppe and others added 2 commits May 20, 2021 16:31
@giuseppe @kolyshkin
kubelet: reuse manager
dc12c60 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
@kolyshkin
pkg/kubelet/nodeshutdown/systemd: fix for dbus 5.0.4
578d22a 
dbus 5.0.4 adds StoreProperty method which needs to be implemented for
the mock.

Fixes the errors like

> pkg/kubelet/nodeshutdown/systemd/inhibit_linux_test.go:88:9: cannot use f.fakeDBusObject (variable of type *fakeDBusObject) as dbus.BusObject value in return statement: missing method StoreProperty

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@k8s-ci-robot k8s-ci-robot added this to the v1.21 milestone May 20, 2021
@k8s-ci-robot k8s-ci-robot added do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-kind Indicates a PR lacks a `kind/foo` label and requires one. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels May 20, 2021
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented May 20, 2021

Hi @kolyshkin. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-priority Indicates a PR lacks a `priority/foo` label and requires one. area/apiserver area/cloudprovider area/code-generation area/dependency Issues or PRs related to dependency changes area/kubectl area/kubelet sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. labels May 20, 2021
@k8s-ci-robot k8s-ci-robot requested review from a team, adtac and andrewsykim May 20, 2021 23:45
@k8s-ci-robot k8s-ci-robot added sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/instrumentation Categorizes an issue or PR as relevant to SIG Instrumentation. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/storage Categorizes an issue or PR as relevant to SIG Storage. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 20, 2021
@kolyshkin kolyshkin changed the title Automated cherry pick of #102147: kubelet: reuse manager Automated cherry pick of #102147: vendor: bump runc to rc95 May 21, 2021
@kolyshkin
Copy link
Copy Markdown
Contributor Author

kolyshkin commented May 21, 2021

pick looks unhappy... you might need to redo the runc bump commit using pin-dependency and update-vendor

This is what I did anyway but I screwed up 😊 Should be fixed now.

kolyshkin and others added 2 commits May 21, 2021 10:28
@kolyshkin
vendor: bump runc to rc95
5eea547 
runc rc95 contains a fix for CVE-2021-30465.

runc rc94 provides fixes and improvements.

One notable change is cgroup manager's Set now accept Resources rather
than Cgroup (see opencontainers/runc#2906).
Modify the code accordingly.

Also update runc dependencies (as hinted by hack/lint-depdendencies.sh):

        github.com/cilium/ebpf v0.5.0
        github.com/containerd/console v1.0.2
        github.com/coreos/go-systemd/v22 v22.3.1
        github.com/godbus/dbus/v5 v5.0.4
        github.com/moby/sys/mountinfo v0.4.1
        golang.org/x/sys v0.0.0-20210426230700-d19ff857e887
        github.com/google/go-cmp v0.5.4
        github.com/kr/pretty v0.2.1
        github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@odinuge @kolyshkin
Set cgroups via opencontainer
37d50b8 
This sets cgroup config via libcontainer to make sure we apply the
correct values to the systemd slices and scopes.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin kolyshkin force-pushed the automated-cherry-pick-of-#102147-upstream-release-1.21 branch from 505af36 to 37d50b8 Compare May 21, 2021 17:36
@ehashman
Copy link
Copy Markdown
Member

ehashman commented May 21, 2021

/priority critical-urgent

@k8s-ci-robot k8s-ci-robot added priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. and removed needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels May 21, 2021
@bobbypage
Copy link
Copy Markdown
Member

bobbypage commented May 21, 2021

/retest

@bobbypage
Copy link
Copy Markdown
Member

bobbypage commented May 21, 2021

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 21, 2021
@ehashman ehashman mentioned this pull request May 21, 2021
Merged
ehashman
ehashman reviewed May 21, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@ehashman ehashman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@liggitt
Copy link
Copy Markdown
Member

liggitt commented May 21, 2021

/approve

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 21, 2021
hasheddan
hasheddan approved these changes May 21, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@hasheddan hasheddan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@hasheddan hasheddan added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label May 21, 2021
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. label May 21, 2021
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented May 21, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hasheddan, kolyshkin, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kolyshkin
Copy link
Copy Markdown
Contributor Author

kolyshkin commented May 21, 2021

/kind bug

@k8s-ci-robot k8s-ci-robot added kind/bug Categorizes issue or PR as related to a bug. and removed do-not-merge/needs-kind Indicates a PR lacks a `kind/foo` label and requires one. labels May 21, 2021
@k8s-ci-robot k8s-ci-robot merged commit 133f66a into kubernetes:release-1.21 May 21, 2021
@odinuge odinuge mentioned this pull request Jun 7, 2021
Closed
@kolyshkin kolyshkin mentioned this pull request Jun 8, 2021
Closed
@odinuge odinuge mentioned this pull request Jun 24, 2021
Merged
@liggitt liggitt added the kind/regression Categorizes issue or PR as related to a regression from a prior release. label Apr 27, 2022
@k8s-ci-robot k8s-ci-robot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Sep 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adtac adtac Awaiting requested review from adtac

@andrewsykim andrewsykim Awaiting requested review from andrewsykim

2 more reviewers

@ehashman ehashman ehashman left review comments

@hasheddan hasheddan hasheddan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@bobbypage bobbypage

@ehashman ehashman

@hasheddan hasheddan

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver area/cloudprovider area/code-generation area/dependency Issues or PRs related to dependency changes area/kubectl area/kubelet cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. kind/regression Categorizes issue or PR as related to a regression from a prior release. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/instrumentation Categorizes an issue or PR as relevant to SIG Instrumentation. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/storage Categorizes an issue or PR as relevant to SIG Storage. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Projects

SIG Node: code and documentation PRs
Archived in project

Milestone

v1.21

Development

Successfully merging this pull request may close these issues.

9 participants

@kolyshkin @k8s-ci-robot @liggitt @dims @ehashman @bobbypage @hasheddan @giuseppe @odinuge