archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
8,735 Commits 1,231 Branches 1,883 Tags
Commit Graph

29 Commits

Author SHA1 Message Date
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Thomas Schubart
4996abfb8a [nsinsider] Support network limit enforcement 2022-10-18 15:24:33 +02:00
Thomas Schubart
3739fbe912 [nsinsider] Accept connections 2022-08-24 14:14:40 +02:00
Thomas Schubart
801c4dc590 [nsinsider] Setup connection limit 2022-08-24 14:14:40 +02:00
Christian Weichel
7f68f2374c [nsinsider] Make veth0 match container MTU 2022-04-13 15:43:26 +05:30
Christian Weichel
274a435f11 [ws-daemon] Enable workspace IP forwarding 
to make the new nftables setup work
 2022-04-13 01:57:25 +05:30
utam0k
fa49f33dfa Use veth instead of slirp4netns while preventing impact on supervisor. 2022-04-11 16:07:24 +05:30
utam0k
f046782319 ws-dameon: implement the SetupPairVeths function. 2022-04-11 16:07:24 +05:30
Anton Kosyakov
b3ea6db43e Revert "ws-dameon: implement the SetupPairVeths function." 
This reverts commit a960121dce48a80c3e5919f4fe7f056781ef9504.
 2022-04-08 18:19:21 +05:30
Anton Kosyakov
5bdf47767e Revert "ws-daemon: Use a pair of veths instead of slirp4netns" 
This reverts commit 4fef102695684ad3e98ed90c7f368d79aa1e304d.
 2022-04-08 18:19:21 +05:30
utam0k
4fef102695 ws-daemon: Use a pair of veths instead of slirp4netns 
Pod Network Namespace(ring1)
+------------------------------------------------+
|                                                |
|       Workspace Network Namesapce(ring2)       |
| +--------------------------------------------+ |
| |                                            | |
| |              default via veth0             | |
| |                                            | |
| |                                            | |
| |     +------+  +--------------+             | |
| |     |  lo  |  |    ceth0     | 10.0.2.2/24 | |
| |     +------+  +--^--------+--+             | |
| |                  |        |                | |
| +------------------+--------+----------------+ |
|                    |        |                  |
|                 +--+--------v--+               |
|   +-----------> |    veth0     | 10.0.2.1/24   |
|   |             +-----------+--+               |
|   |                         |                  |
|   |          +--------------v-----+            |
|   |          |                    |            |
|   |          |      nftables      |            |
|   |          |   (ip masquerade)  |            |
|   |          +--------------+-----+            |
|   |                         |                  |
|   |   +------+  +-----------v--+               |
|   |   |  lo  |  |     eth0     |               |
|   |   +------+  +--^--------+--+               |
|   |                |        |                  |
|   |          +-----+--------v-----+            |
|   |          |                    |            |
|   +----------+      nftables      |            |
| if with port | (port redirecter)  |            |
|              +-----^--------+-----+            |
|                    |        |                  |
+--------------------+--------+------------------+
                     |        |
                     |        |
                     |        v
                    o u t s i d e
 2022-04-08 13:41:21 +05:30
utam0k
a960121dce ws-dameon: implement the SetupPairVeths function. 2022-04-08 13:41:21 +05:30
Christian Weichel
5702a9c74c [iws] Prepare cgroup when prearing for user NS 2022-03-04 04:08:11 +05:30
utam0k
572baded7d nsinsider: Match the usage of nsinsider to the current codebase. 2022-02-17 14:53:57 +01:00
Christian Weichel
264331a1ae [nsenter] Move nsenter to common-go 2021-10-21 21:46:59 +02:00
Manuel Alejandro de Brito Fontes
f25de2cdbf Log error changing default level 2021-09-22 10:15:47 -03:00
Manuel Alejandro de Brito Fontes
347ad95d80 Switch from fmt.Errorf to xerrors.Errorf 2021-08-30 02:47:28 -03:00
Christian Weichel
55274105ea [ws-daemon] Support sysfs mount using IWS 2021-08-02 10:16:01 +02:00
Christian Weichel
f50f9a8ab6 [nsinsider] Provide better error messages 2021-07-13 12:32:24 +02:00
Christian Weichel
f70c7420af [ws-daemon] Properly chown /dev/fuse 2021-06-25 11:02:23 +02:00
Lorenzo Fontana
7aede5bf4b [ws-daemon] mknod /dev/fuse as S_IFCHR to consider major:minor 2021-06-25 11:02:23 +02:00
Manuel Alejandro de Brito Fontes
b6eaadbf18 [ws-manager] Revert #4338 and fix /dev/net/tun permissions 2021-06-23 17:57:46 -04:00
Christian Weichel
2dbb3915de Revert "[ws-manager] mknod /dev/net/tun" 
This reverts commit 44a47ef48e5edd0d4b239138fb6ff9fb949c67bd.
 2021-05-28 17:49:44 +02:00
Manuel Alejandro de Brito Fontes
154960b52d Enable fuse-overlayfs 2021-05-18 09:12:14 -04:00
Christian Weichel
44a47ef48e [ws-manager] mknod /dev/net/tun 2021-05-07 17:50:44 +02:00
Manuel Alejandro de Brito Fontes
9e6635dbd3
[user-namespaces] Support FUSE FS shift (#3384) 
[user-namespaces] Support FUSE FS shift
 2021-03-25 08:13:30 -03:00
Manuel Alejandro de Brito Fontes
2b6a56bc40 Update go imports 2021-03-02 06:37:49 -03:00
Christian Weichel
474401433e [ws-daemon] Use nsinsider instead of nsenter 
thus no longer rely on userland commands
to perform IWS operations.
 2021-02-18 16:58:02 +01:00
Christian Weichel
2b4ae94df1 [ws-daemon] Support umount proc 2021-01-29 17:46:53 +01:00