firecracker-containerd

firecracker-containerd copied to clipboard

Improve VSock dialing timeout

9

Our current vsock dialer implementation does exponential backoff from 100ms to 1.6s before giving up. I encountered a situation in the real world in which this timeout was too short...

sipsma

Runtime should support networking

1

- [ ] runtime should support DNS config - [ ] runtime should support port mapping with host port and container port - [ ] runtime should support port mapping...

xibz

Expose firecracker errors more clearly

2

Right now, if `firecracker` has an error, we show a pretty cryptic message like `ctr: Put http://localhost/machine-config: dial unix /tmp/firecracker.sock: connect: no such file or directory: unknown`. I've been using...

samuelkarp

Consider supporting external container grouping OCI annotations

1

As mentioned in the comments on #160 we should consider whether we want to support the other OCI annotations that exist for grouping containers under a single shim or in...

sipsma

- [ ] runtime should support starting container - [ ] runtime should support execSync - [ ] runtime should support execSync with timeout - [ ] runtime should support...

xibz

- [ ] should allow privilege escalation when false - [ ] should not allow privilege escalation when true

xibz

- [ ] runtime should support starting container with volume when host path is a symlink - [ ] runtime should support starting container with volume

xibz

- [ ] should support container log - [ ] should support network - [ ] should support container exec

xibz

- [ ] runtime should support starting container with log - [ ] runtime should support reopening container log

xibz

- [ ] runtime should not block setting host name with unconfined seccomp and SYS_ADMIN - [ ] should support seccomp unconfined on the container - [ ] should support...

xibz