archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
5,102 Commits 1,231 Branches 1,883 Tags
Commit Graph

111 Commits

Author SHA1 Message Date
utam0k
99bb9442a3 workspackit: put the workspace id into seccomp handler's log to trace. 2022-06-03 01:07:51 +05:30
utam0k
f5b1475e7c workspackit: put the workspace id into log to trace. 2022-06-03 01:07:51 +05:30
utam0k
3486caa40b seccomp notify: correction of system call name in log. 2022-05-19 07:27:33 +05:30
utam0k
6b5f345e2d workspacekit: Record the errors of connecting to ws-daemon. 2022-05-16 11:56:31 +05:30
Pavel Tumik
791163b5cc [workspacekit] improve logging when not able to connect to daemon 2022-05-12 11:23:27 +05:30
utam0k
a766836727 workspacekitp: Remove slirp4netns codes where it affects the supervisor. 2022-05-10 00:35:25 +05:30
Pavel Tumik
0ffc77d16a PR feedback fixes 2022-05-04 03:08:19 +05:30
Pavel Tumik
301190db53 Add persistent volume support for workspaces 
fix
 2022-05-04 03:08:19 +05:30
Christian Weichel
314833cdc2 [common-go] Add keyed gRPC rate limits 2022-04-29 16:01:15 +05:30
Manuel Alejandro de Brito Fontes
21e549d2ba [workspacekit] Increase rin0 ws-daemon socket timeout 2022-04-26 18:10:38 +05:30
Manuel Alejandro de Brito Fontes
1b88c8058e Update go modules 2022-04-25 15:52:37 +05:30
utam0k
fa49f33dfa Use veth instead of slirp4netns while preventing impact on supervisor. 2022-04-11 16:07:24 +05:30
utam0k
f046782319 ws-dameon: implement the SetupPairVeths function. 2022-04-11 16:07:24 +05:30
Anton Kosyakov
b3ea6db43e Revert "ws-dameon: implement the SetupPairVeths function." 
This reverts commit a960121dce48a80c3e5919f4fe7f056781ef9504.
 2022-04-08 18:19:21 +05:30
Anton Kosyakov
5bdf47767e Revert "ws-daemon: Use a pair of veths instead of slirp4netns" 
This reverts commit 4fef102695684ad3e98ed90c7f368d79aa1e304d.
 2022-04-08 18:19:21 +05:30
utam0k
4fef102695 ws-daemon: Use a pair of veths instead of slirp4netns 
Pod Network Namespace(ring1)
+------------------------------------------------+
|                                                |
|       Workspace Network Namesapce(ring2)       |
| +--------------------------------------------+ |
| |                                            | |
| |              default via veth0             | |
| |                                            | |
| |                                            | |
| |     +------+  +--------------+             | |
| |     |  lo  |  |    ceth0     | 10.0.2.2/24 | |
| |     +------+  +--^--------+--+             | |
| |                  |        |                | |
| +------------------+--------+----------------+ |
|                    |        |                  |
|                 +--+--------v--+               |
|   +-----------> |    veth0     | 10.0.2.1/24   |
|   |             +-----------+--+               |
|   |                         |                  |
|   |          +--------------v-----+            |
|   |          |                    |            |
|   |          |      nftables      |            |
|   |          |   (ip masquerade)  |            |
|   |          +--------------+-----+            |
|   |                         |                  |
|   |   +------+  +-----------v--+               |
|   |   |  lo  |  |     eth0     |               |
|   |   +------+  +--^--------+--+               |
|   |                |        |                  |
|   |          +-----+--------v-----+            |
|   |          |                    |            |
|   +----------+      nftables      |            |
| if with port | (port redirecter)  |            |
|              +-----^--------+-----+            |
|                    |        |                  |
+--------------------+--------+------------------+
                     |        |
                     |        |
                     |        v
                    o u t s i d e
 2022-04-08 13:41:21 +05:30
utam0k
a960121dce ws-dameon: implement the SetupPairVeths function. 2022-04-08 13:41:21 +05:30
Christian Weichel
01c257f1e8 [supervisor] Mount custom CA in ring2 
if it exists
 2022-04-05 21:28:19 +05:30
Thomas Schubart
948080914e Discard log output from slirp4netns 2022-03-16 16:44:23 +05:30
Christian Weichel
4085202362 [workspacekit] Establish ring1 cgroup namespace 2022-03-04 04:08:11 +05:30
Manuel Alejandro de Brito Fontes
a563242ef3 Update go dependencies 2022-03-03 18:46:10 +05:30
Thomas Schubart
bf1100bc2a Update readme 2022-02-15 19:57:55 +01:00
Thomas Schubart
4f9e294b8a Add overview of namespaces 2022-02-15 19:57:55 +01:00
utam0k
9b630550a6 docs: Add a diagram of the worksapce architecture to the README.md 2022-02-15 19:57:55 +01:00
Thomas Schubart
4af0e0dfb4 Ensure docker in workspace works with fuse 2022-02-14 10:14:35 +01:00
utam0k
149ca15a1a workspacekit: Enable scmpid check. 2022-02-10 14:13:31 +01:00
Pudong Zheng
0c31ecd7a8 modify supervisor entry to init 2022-02-09 17:35:31 +01:00
mustard
877e8b7fa9 [workspacekit] make /etc/hosts modifiable 2022-02-08 13:28:29 +01:00
Mads Hartmann
dd8b5b728a Remove OWNERS related files 
Fixes https://github.com/gitpod-io/ops/issues/844
 2022-02-08 09:15:30 +01:00
Thomas Schubart
4eefd2ab71 Switch to our own libseccomp bindings 2022-02-04 08:46:26 +01:00
Christian Weichel
af763f2254 Revert "Bump libseccomp-golang" 
This reverts commit bc182ae63aec4be329e40fb4217177cebbeb78ea.
 2022-01-20 12:12:12 +01:00
Pavel Tumik
a1505511f3 improve error logging for receiveSeccmpFd 
Fixes #7696
 2022-01-20 10:49:12 +01:00
Christian Weichel
bc182ae63a Bump libseccomp-golang 2022-01-18 15:07:11 +01:00
Christian Weichel
3fd571bc2a [workspacekit] Don't shadow /.supervisor 2021-12-10 17:11:35 +01:00
Christian Weichel
5494e87450 [workspacekit] Make independent of supervisor 2021-12-10 09:21:35 +01:00
Christian Weichel
cff922bf8a [workspacekit] Make the enclave join ring2 netns 2021-12-08 18:42:33 +01:00
Manuel Alejandro de Brito Fontes
537672b058 Enable experimentalNetwork by default 2021-12-07 16:53:33 +01:00
Christian Weichel
2810f844ab [image-builder-mk3] Add push ring2 proxy 2021-11-12 10:58:09 +01:00
Pudong Zheng
c55bdc265f [supervisor] use internal slirp4netns 
Co-authored-by: Christian Weichel <chris@gitpod.io>
 2021-11-11 15:06:09 +01:00
Cornelius A. Ludmann
a7166daa72 Set version in Go components during build time 2021-11-11 10:23:08 +01:00
Christian Weichel
c159a86f42 [docker-up] Sligh wrap netns cleanup 2021-11-09 17:47:07 +01:00
Pudong Zheng
53e22ed692 remove slirp4netns in ExperimentalNetwork 2021-11-08 20:13:07 +01:00
Christian Weichel
ec744db335 [workspacekit] Make resolv.conf writeable 2021-10-31 16:06:08 +01:00
Christian Weichel
cc38b8caff [workspacekit] Support workspace-wide netns 2021-10-26 20:42:04 +02:00
Christian Weichel
a996c987ea [workspacekit] Add ring2 enclave support 2021-10-21 21:46:59 +02:00
Manuel Alejandro de Brito Fontes
1854bfae70 Update controller-runtime and k8s go dependencies 2021-10-14 12:14:01 -03:00
Simon Emms
64cb84b1cc [installer]: configure leeway to build installer 2021-10-12 10:44:59 -03:00
Christian Weichel
8efac73cba [prow] Add labels to OWNERS files 2021-10-12 09:01:58 -03:00
Manuel Alejandro de Brito Fontes
7ede29579c Update go dependencies 2021-09-30 11:31:47 -03:00
Manuel Alejandro de Brito Fontes
f25de2cdbf Log error changing default level 2021-09-22 10:15:47 -03:00