hcsshim

Windows - Host Compute Service Shim

MIT License

Stars
571
Committers
116
View Code on GitHub View on X
Ecosystems: VS Code Extension, Windows, Playwright, Windows UI Library (WinUI), TypeScript

Bot releases are visible (Hide)

hcsshim - v0.9.2

Published by dcantah over 2 years ago

What's Changed

New Contributors

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.9.1...v0.9.2

hcsshim - v0.8.23

Published by dcantah almost 3 years ago

What's Changed

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.8.22...v0.8.23

hcsshim - v0.9.1

Published by dcantah almost 3 years ago

What's Changed

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.9.0...v0.9.1

hcsshim - v0.9.0

Published by dcantah about 3 years ago

What's New

  • The runhcs containerd shim now supports launching Host Process containers.
  • LCOW layers can now be encrypted via dmverity.
  • Process dumps can now be generated for WCOW and LCOW via an OCI annotation.
  • LCOW container execs now run as whatever user the container was launched as, unless the spec was overridden with a different user.
  • Shared memory is now configurable via an OCI annotation.
  • WCOW supports extensible virtual disks as data disks.
  • LCOW supports hugepage mounts if the kernel used is built with this support.

See the Changelog for the full list of changes!

Bug Fixes

  • Fix duplicate "failed" in HCS error strings.
  • Get rid of redundant logs in HCN version range checks.
  • HNS v1 policy schemas now have correct omitEmpty fields.

See the Changelog for the full list of changes!

Changelog

Full changelog: https://github.com/microsoft/hcsshim/compare/v0.8.22...v0.9.0

hcsshim - v0.8.22

Published by dcantah about 3 years ago

Dependencies

hcsshim - v0.8.21

Published by dcantah about 3 years ago

Packages

  • Adjusted behavior in the github.com/microsoft/hcsshim/hcn package where logs were being generated on every invocation of any of the hcn.XSupported methods or hcn.GetSupportedFeatures. There's now only one log printed on the first invocation of any of the methods.
  • Add a new GetCachedSupportedFeatures to the github.com/microsoft/hcsshim/hcn package. This optimizes for scenarios where multiple calls are made to check if certain features are supported by caching the very first result from HCN.
  • Add a new GetHNSEndpointStats function to the github.com/microsoft/hcsshim/ package. This allows statistics about the hns endpoint to be queried.

Bug Fixes/Misc.

hcsshim - v0.8.20

Published by kevpar over 3 years ago

Packages

  • Fixed an issue in the github.com/Microsoft/hcsshim package where IsAlreadyStopped and IsNotExist would erroneously return true for ERROR_PROC_NOT_FOUND (#1065).
hcsshim - v0.8.18

Published by dcantah over 3 years ago

Shim

  • Fix behavior when the shim is invoked with the "delete" command line argument. Previously we would try and delete the bundle directory ourselves as well as shutdown a sandbox container for a pod in the delete path. This unveiled an issue where if delete was called on an application container in a pod, it would bring down the whole pod.
hcsshim - v0.8.17

Published by dcantah over 3 years ago

Shim

  • Fix an issue where a goroutine could be leaked if using the binary cmd option (Thanks @hex0punk!)
  • Optimize osversion.Build() and Get() to only get invoked once and cache the result. (Thanks @thaJeztah!)
  • Fixed a bug in the tar2ext4 code to correctly handle unordered tars not starting with a root folder. (Thanks @estebanreyl!)
  • Add support for assigning a Utility VM to a cpu group at creation time of the VM on supported builds.
  • Support passing in propagation flags for SCSI mounts for LCOW.
  • Close individual stdio IO relay pipes when the relay is finished. This fixes some unwanted behavior if the shim's IO relay is severed on the write end.

Hns/Hcn

  • Add the definition for VmEndpointRequest
  • Add Ipv6 flag to HCN OutBoundNatPolicySetting
  • Add proxy exceptions to L4WFP Proxy Policy
  • Fix the supported version range for HNS Ipv6 Dual Stack support (HNS 11.10+).
  • Add support for the TierAclPolicy.

Internal

  • Move around HCS schema and resource path definitions to all be collocated under the hcs package.
  • Add a new ttrpc service to facilitate talking to other virt stacks to launch hypervisor isolated containers.
  • Revert grpc and genproto libraries to a prior version to avoid a panic in ttrpc.
  • Add new vm package to abstract away direct HCS interactions to assist in talking to other virtstacks.
  • Change from a hcsshim:: prefix to hcs:: in the internal/hcs packages logging to make log messages clearer in where the logs are originating from.
  • Add a utility function to execute a command in a Utility VM for the cri-containerd test suite.
hcsshim - v0.8.16

Published by katiewasnothere over 3 years ago

Shim

  • add implementation of network configuration proxy (ncproxy)
  • support modifying device IOV settings for ncproxy
  • add implementation of job containers (host process containers)
  • remove "extra info" from error logs
  • fix issue in tar2ext4 when a file is listed before its parent directory

Repository

  • switch CI to Github Actions
  • switch from deprecated gometalinter to golangci/golangci-lint-action in CI
hcsshim - v0.8.15

Published by kevpar over 3 years ago

Shim

  • Added support for containerd logging binaries
  • Stats calls no longer return an error when the container does not exist or when querying stats fails due to permissions
  • Resolve mount source path before passing it to HCS (fixes containerd/containerd#4915)
  • When the shim is called with delete action, it will look for and log panic.log in the bundle directory

Packages

  • Added pkg/ociwclayer package with support for working with Windows container layers
hcsshim - v0.8.14

Published by dcantah almost 4 years ago

New Features

  • shim: Add ability to share files from the host into a Utility VM

Misc.

  • Convert to LF line endings everywhere
hcsshim - v0.8.13

Published by dcantah almost 4 years ago

New Features

  • shim: Add ability to update the cpu limits for a UVM.
  • shim: Add ability to assign a UVM to a cpu group after start.

Bug fixes

  • shim: Fix nil pointer dereference when creating a task with no shim options were passed.
hcsshim - v0.8.12

Published by dcantah almost 4 years ago

New Features

  • hcn package: Updated L4WfpProxyPolicy struct to include specifying an inbound and outbound port.
  • computestorage package: Added helper functions to make setting up a container/uvm layer easier.
  • shim - Add UVM call to update cpu limits for the vm.

Bug Fixes

  • shim: Fix panic that would occur for LCOW if no network namespace was specified.
hcsshim - v0.8.11

Published by dcantah almost 4 years ago

New Features

  • shim: Add option to scale Windows container CPU limit based on UVM CPUs via toml override.
  • shim: Add SetJobCompartmentId binding and expose CompartmentId on hns Namespace object.
  • shim: Added support for GMSA in HCS schema v2 hypervisor-isolated Windows containers.
  • shim: Add new diagnostic function to execute a command on the host system.
  • shim: Add a high level job object wrapper.
  • hcn package: Updating the supported version ranges for the Network L4proxy policy
  • computestorage package: Add computestorage.dll bindings. Allows finer grained control over Windows layer creation.

Bug Fixes/Misc.

  • shim: Improve logging for LCOW layer operations
  • shim: Add registry key for WCOW to deal with containment for a GNS.dll change in 20H1 container images.
  • shim: Force disable VSMB direct map when the volume does not support it. This fixes an issue seen on certain versions of Windows where instead of falling back to non-direct map when FileIdInfo is not supported, VSMB will just return errors when files are accessed on the share.
  • shim: Revendor go-winio at d1ffc52c73318019ce58aaa5282588c52df029b7
  • shim: Remove support for automanaged vhd functionality
hcsshim - v0.8.10

Published by kevpar about 4 years ago

Highlights

  • shim: Added support for GMSA in HCS schema v2 process-isolated Windows containers.
  • shim: Added support for assigning host devices into process-isolated Windows containers.
  • shim: Correctly calculate cap for UVM CPU count when there are multiple processor groups on the host.
  • shim: Switched to connect directly to the GCS for hypervisor-isolated Windows containers. This should improve reliability and allow future innovations.
  • shim: Removed code that blocked processor weight/maximum to be set for processor QoS for process-isolated Windows containers. Previously there was an OS issue preventing this from working, but that has been fixed.
  • hcsshim package: Fixed an issue that could cause Windows container layers to have incorrect modification timestamps. This could lead to a case impacting container start time due to directory timestamps not matching the expected value. #830.
hcsshim - v0.8.9

Published by dcantah over 4 years ago

New Features

  • Added version support for IPv6 Dual stack in HNS.
  • Updated HNS session affinity version check for load balancing.

Bug Fixes

  • Fixed a bug when an LCOW container used SCSI for layers. If a second container was started that shared a layer with an existing container, it would fail to start.
hcsshim - v0.8.8

Published by dcantah over 4 years ago

New Features

  • Add support for uvm processor and memory override via toml
  • Added assigned device support
  • Add Nvidia gpu support for LCOW
  • Add shim implementation to support SDN routes
  • Allow mounting VHD's inside multiple WCOW/LCOW containers

Bug Fixes/Misc.

  • Fix crashes when cleaning up resources for process isolated containers
  • Remove cgo dependency
  • Fix read-only VSMB mount bug that would cause container activation to fail
  • Fix issue with repeated calls to GrantVmAccess causing an 'Incorrect Parameter' error
  • Remove kubernetes/kubernetes dependency and have tests directory have its own go.mod
hcsshim - v0.8.7 release for Docker and containerd

Published by jterry75 almost 5 years ago

This is the v0.8.7 release of hcsshim for Docker

hcsshim v1

  • Improves internal wait patterns reducing HCS syscall overhead.
  • Changes the syscall interface to properly contain call context.
  • Improves error handling for process/container based patterns.

hcn

  • Adds outbound NAT policies.
  • Improves failure cases when a namespace is not found.
  • Fixes the L4ProxyPolicySetting CompartmentID field.
  • Added NatFlags to PortMappings.

This is the v0.8.7 release of containerd-shim-runhcs-v1.exe for containerd

There are significant changes since the last official release of hcsshim.

The most important change is that we are officially deprecating runhcs.exe as the containerd runtime of choice and have removed the v1 runtime bindings for it from containerd. It is now expected that for containerd on Windows you use Runtime V2 shim implemented in the cmd/containerd-shim-runhcs-v1 section of the repo.

containerd-shim-runhcs-v1.exe

With the move to containerd the containerd-shim-runhcs-v1.exe binary now replaces all OS level interaction with the gRPC interface implemented by the Runtime V2 interface as defined by containerd. This allows us to fully implement Windows process and Hyper-V containers on RS1+ with support for Windows v2 containers as well as LCOW on RS5+ releases of Windows.

The implementation is as follows for your HOST OS version of Windows:

RS1 - RS4 RS5+
Windows Process Container v1 (Argon) v2
Windows Hyper-V (Server) Container v1 (Xenon) v2
LCOW Not Supported v2

The main difference with Windows v2 containers and LCOW v2 is the ability of the shim to support true Kubernetes pod's. On Windows this means a shared network namespace for process containers in the pod. For Windows hypervisor (including LCOW) containers it additionally means shared processor, memory, and storage for all containers in the pod within a single UtilityVM. This single UtilityVM provides higher performance and density while also providing greater lifetime guarantees for the set.

hcsshim - Pre-release of the v2 hcsshim package and runhcs.exe

Published by lowenna over 5 years ago

Bug Fixes

  • Plan9 case sensitivity can only be set if the source Windows directory supports it
  • Shrink the size of the create-scratch utility VM (256MB/1 VPMem device)
  • Fix race in endoperation logging
Package Rankings
Top 0.94% on Proxy.golang.org
Badges
Extracted from project README
Build status
Related Projects
chat-copilot

17 Jul 2023 2,031
Docker-Provider

Azure Monitor for Containers

17 Mar 2016 139
winget-create

The Windows Package Manager Manifest Creator command-line tool (aka wingetcreate)

03 May 2021 499
confidential-sidecar-containers

This is a collection of sidecar containers that can be incorporated within confidential container...

17 Jul 2023 25
cookie-doh

Cookie-doh is a repository template for creating single Python package projects.

07 May 2024 12
cppgraphqlgen

C++ GraphQL schema service generator

27 Jul 2018 323
rats

Rats is a collection of tools to help researchers define and run experiments. It is designed to b...

19 Oct 2023 13
vscode

Visual Studio Code

03 Sep 2015 163,353
vcpkg-tool

Components of microsoft/vcpkg's binary.

08 Dec 2020 421
azure-orbital-space-sdk-setup

04 Jun 2024 2
FactoryOrchestrator

A cross-platform system service which provides a simple way to run and manage factory line valid...

26 Jun 2020 40
typescript-error-deltas

Test popular repos on new versions of TypeScript: display new compiler errors

25 Jan 2022 22
opensource-management-portal

Microsoft's monolithic, opinionated Open Source Management Portal enabling enterprise scale self-...

13 Nov 2015 486
go-infra-images

Docker images to support the Microsoft build of Go

30 Nov 2021 3
hnslib

Windows - Host Networking Service Shim

19 Sep 2024 0