Merge pull request #83027 from liggitt/fix/gomod-error-import

Update go mod hcsshim version to fix the kube-proxy issue cannot access service by self nodeip:port on windows
2025-07-21 10:51:29 +00:00 · 2019-09-25 22:05:07 -07:00 · 2019-09-25 22:05:07 -07:00 · 14d889f6ef
commit 14d889f6ef
parent fb1db2eba7 aa2fe07da8
22 changed files with 319 additions and 212 deletions
--- a/go.mod
+++ b/go.mod
@ -15,7 +15,7 @@ require (
 	github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534
 	github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab
 	github.com/Microsoft/go-winio v0.4.11
-	github.com/Microsoft/hcsshim v0.8.6
+	github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d
 	github.com/PuerkitoBio/purell v1.1.1
 	github.com/Rican7/retry v0.1.0 // indirect
 	github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e
@ -192,7 +192,7 @@ replace (
 	github.com/JeffAshton/win_pdh => github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab
 	github.com/MakeNowJust/heredoc => github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd
 	github.com/Microsoft/go-winio => github.com/Microsoft/go-winio v0.4.11
-	github.com/Microsoft/hcsshim => github.com/Microsoft/hcsshim v0.8.6
+	github.com/Microsoft/hcsshim => github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d
 	github.com/NYTimes/gziphandler => github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46
 	github.com/PuerkitoBio/purell => github.com/PuerkitoBio/purell v1.1.1
 	github.com/PuerkitoBio/urlesc => github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578
--- a/go.sum
+++ b/go.sum
@ -33,8 +33,8 @@ github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd h1:sjQovDkwrZp
 github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E=
 github.com/Microsoft/go-winio v0.4.11 h1:zoIOcVf0xPN1tnMVbTtEdI+P8OofVk3NObnwOQ6nK2Q=
 github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
-github.com/Microsoft/hcsshim v0.8.6 h1:ZfF0+zZeYdzMIVMZHKtDKJvLHj76XCuVae/jNkjj0IA=
-github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
+github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d h1:u64+IetywsPQ0gJ/4cXBJ/KiXV9xTKRMoaCOzW9PI3g=
+github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46 h1:lsxEuwrXEAokXB9qhlbKWPpo3KMLZQ5WB5WLQRW1uq0=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
 github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=
--- a/vendor/github.com/Microsoft/hcsshim/BUILD
+++ b/vendor/github.com/Microsoft/hcsshim/BUILD
@ -49,7 +49,6 @@ filegroup(
        ":package-srcs",
        "//vendor/github.com/Microsoft/hcsshim/hcn:all-srcs",
        "//vendor/github.com/Microsoft/hcsshim/internal/cni:all-srcs",
-        "//vendor/github.com/Microsoft/hcsshim/internal/guestrequest:all-srcs",
        "//vendor/github.com/Microsoft/hcsshim/internal/guid:all-srcs",
        "//vendor/github.com/Microsoft/hcsshim/internal/hcs:all-srcs",
        "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:all-srcs",
--- a/vendor/github.com/Microsoft/hcsshim/Protobuild.toml
+++ b/vendor/github.com/Microsoft/hcsshim/Protobuild.toml
@ -0,0 +1,41 @@
+version = "unstable"
+generator = "gogoctrd"
+plugins = ["grpc", "fieldpath"]
+
+# Control protoc include paths. Below are usually some good defaults, but feel
+# free to try it without them if it works for your project.
+[includes]
+  # Include paths that will be added before all others. Typically, you want to
+  # treat the root of the project as an include, but this may not be necessary.
+  before = ["./protobuf"]
+
+  # Paths that should be treated as include roots in relation to the vendor
+  # directory. These will be calculated with the vendor directory nearest the
+  # target package.
+  packages = ["github.com/gogo/protobuf"]
+
+  # Paths that will be added untouched to the end of the includes. We use
+  # `/usr/local/include` to pickup the common install location of protobuf.
+  # This is the default.
+  after = ["/usr/local/include"]
+
+# This section maps protobuf imports to Go packages. These will become
+# `-M` directives in the call to the go protobuf generator.
+[packages]
+  "gogoproto/gogo.proto" = "github.com/gogo/protobuf/gogoproto"
+  "google/protobuf/any.proto" = "github.com/gogo/protobuf/types"
+  "google/protobuf/empty.proto" = "github.com/gogo/protobuf/types"
+  "google/protobuf/descriptor.proto" = "github.com/gogo/protobuf/protoc-gen-gogo/descriptor"
+  "google/protobuf/field_mask.proto" = "github.com/gogo/protobuf/types"
+  "google/protobuf/timestamp.proto" = "github.com/gogo/protobuf/types"
+  "google/protobuf/duration.proto" = "github.com/gogo/protobuf/types"
+
+# Lock down runhcs config
+
+[[descriptors]]
+prefix = "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
+target = "cmd/containerd-shim-runhcs-v1/options/next.pb.txt"
+ignore_files = [
+	"google/protobuf/descriptor.proto",
+	"gogoproto/gogo.proto"
+]
--- a/vendor/github.com/Microsoft/hcsshim/appveyor.yml
+++ b/vendor/github.com/Microsoft/hcsshim/appveyor.yml
@ -8,22 +8,34 @@ environment:
  GOPATH: c:\gopath
  PATH: C:\mingw-w64\x86_64-7.2.0-posix-seh-rt_v5-rev1\mingw64\bin;%GOPATH%\bin;C:\gometalinter-2.0.12-windows-amd64;%PATH%

-stack: go 1.11
+stack: go 1.12.2

 build_script:
  - appveyor DownloadFile https://github.com/alecthomas/gometalinter/releases/download/v2.0.12/gometalinter-2.0.12-windows-amd64.zip
  - 7z x gometalinter-2.0.12-windows-amd64.zip -y -oC:\ > NUL
  - gometalinter.exe --config .gometalinter.json ./...
-  - go build ./cmd/wclayer
+  - go build ./cmd/containerd-shim-runhcs-v1
  - go build ./cmd/runhcs
  - go build ./cmd/tar2ext4
+  - go build ./cmd/wclayer
+  - go build ./internal/tools/grantvmgroupaccess 
+  - go build ./internal/tools/uvmboot
+  - go build ./internal/tools/zapdir
  - go test -v ./... -tags admin
+  - go test -c ./test/containerd-shim-runhcs-v1/ -tags functional
+  - go test -c ./test/cri-containerd/ -tags functional
  - go test -c ./test/functional/ -tags functional
-  - go test -c ./test/runhcs/ -tags integration
+  - go test -c ./test/runhcs/ -tags functional

 artifacts:
-  - path: 'wclayer.exe'
+  - path: 'containerd-shim-runhcs-v1.exe'
  - path: 'runhcs.exe'
  - path: 'tar2ext4.exe'
+  - path: 'wclayer.exe'
+  - path: 'grantvmgroupaccess.exe'  
+  - path: 'uvmboot.exe'
+  - path: 'zapdir.exe'
+  - path: 'containerd-shim-runhcs-v1.test.exe'
+  - path: 'cri-containerd.test.exe'
  - path: 'functional.test.exe'
  - path: 'runhcs.test.exe'
--- a/vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go
+++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go
@ -2,7 +2,7 @@ package hcn

 import (
 	"encoding/json"
-
+	"errors"
 	"github.com/Microsoft/hcsshim/internal/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
@ -299,6 +299,10 @@ func GetEndpointByName(endpointName string) (*HostComputeEndpoint, error) {
 func (endpoint *HostComputeEndpoint) Create() (*HostComputeEndpoint, error) {
 	logrus.Debugf("hcn::HostComputeEndpoint::Create id=%s", endpoint.Id)

+	if endpoint.HostComputeNamespace != "" {
+		return nil, errors.New("endpoint create error, endpoint json HostComputeNamespace is read only and should not be set")
+	}
+
 	jsonString, err := json.Marshal(endpoint)
 	if err != nil {
 		return nil, err
--- a/vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go
+++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go
@ -24,7 +24,7 @@ var (
 	// HNSVersion1803 added ACL functionality.
 	HNSVersion1803 = Version{Major: 7, Minor: 2}
 	// V2ApiSupport allows the use of V2 Api calls and V2 Schema.
-	V2ApiSupport = Version{Major: 9, Minor: 1}
+	V2ApiSupport = Version{Major: 9, Minor: 2}
 	// Remote Subnet allows for Remote Subnet policies on Overlay networks
 	RemoteSubnetVersion = Version{Major: 9, Minor: 2}
 	// A Host Route policy allows for local container to local host communication Overlay networks
--- a/vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go
+++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go
@ -2,7 +2,7 @@ package hcn

 import (
 	"encoding/json"
-
+	"errors"
 	"github.com/Microsoft/hcsshim/internal/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
@ -320,6 +320,24 @@ func GetNetworkByName(networkName string) (*HostComputeNetwork, error) {
 // Create Network.
 func (network *HostComputeNetwork) Create() (*HostComputeNetwork, error) {
 	logrus.Debugf("hcn::HostComputeNetwork::Create id=%s", network.Id)
+	for _, ipam := range network.Ipams {
+		for _, subnet := range ipam.Subnets {
+			if subnet.IpAddressPrefix != "" {
+				hasDefault := false
+				for _, route := range subnet.Routes {
+					if route.NextHop == "" {
+						return nil, errors.New("network create error, subnet has address prefix but no gateway specified")
+					}
+					if route.DestinationPrefix == "0.0.0.0/0" || route.DestinationPrefix == "::/0" {
+						hasDefault = true
+					}
+				}
+				if !hasDefault {
+					return nil, errors.New("network create error, no default gateway")
+				}
+			}
+		}
+	}

 	jsonString, err := json.Marshal(network)
 	if err != nil {
--- a/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/BUILD
+++ b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/BUILD
@ -1,24 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
-
-go_library(
-    name = "go_default_library",
-    srcs = ["types.go"],
-    importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/guestrequest",
-    importpath = "github.com/Microsoft/hcsshim/internal/guestrequest",
-    visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"],
-    deps = ["//vendor/github.com/Microsoft/hcsshim/internal/schema2:go_default_library"],
-)
-
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [":package-srcs"],
-    tags = ["automanaged"],
-    visibility = ["//visibility:public"],
-)
--- a/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/types.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/types.go
@ -1,100 +0,0 @@
-package guestrequest
-
-import (
-	"github.com/Microsoft/hcsshim/internal/schema2"
-)
-
-// Arguably, many of these (at least CombinedLayers) should have been generated
-// by swagger.
-//
-// This will also change package name due to an inbound breaking change.
-
-// This class is used by a modify request to add or remove a combined layers
-// structure in the guest. For windows, the GCS applies a filter in ContainerRootPath
-// using the specified layers as the parent content. Ignores property ScratchPath
-// since the container path is already the scratch path. For linux, the GCS unions
-// the specified layers and ScratchPath together, placing the resulting union
-// filesystem at ContainerRootPath.
-type CombinedLayers struct {
-	ContainerRootPath string            `json:"ContainerRootPath,omitempty"`
-	Layers            []hcsschema.Layer `json:"Layers,omitempty"`
-	ScratchPath       string            `json:"ScratchPath,omitempty"`
-}
-
-// Defines the schema for hosted settings passed to GCS and/or OpenGCS
-
-// SCSI. Scratch space for remote file-system commands, or R/W layer for containers
-type LCOWMappedVirtualDisk struct {
-	MountPath  string `json:"MountPath,omitempty"` // /tmp/scratch for an LCOW utility VM being used as a service VM
-	Lun        uint8  `json:"Lun,omitempty"`
-	Controller uint8  `json:"Controller,omitempty"`
-	ReadOnly   bool   `json:"ReadOnly,omitempty"`
-}
-
-type WCOWMappedVirtualDisk struct {
-	ContainerPath string `json:"ContainerPath,omitempty"`
-	Lun           int32  `json:"Lun,omitempty"`
-}
-
-type LCOWMappedDirectory struct {
-	MountPath string `json:"MountPath,omitempty"`
-	Port      int32  `json:"Port,omitempty"`
-	ShareName string `json:"ShareName,omitempty"` // If empty not using ANames (not currently supported)
-	ReadOnly  bool   `json:"ReadOnly,omitempty"`
-}
-
-// Read-only layers over VPMem
-type LCOWMappedVPMemDevice struct {
-	DeviceNumber uint32 `json:"DeviceNumber,omitempty"`
-	MountPath    string `json:"MountPath,omitempty"` // /tmp/pN
-}
-
-type LCOWNetworkAdapter struct {
-	NamespaceID     string `json:",omitempty"`
-	ID              string `json:",omitempty"`
-	MacAddress      string `json:",omitempty"`
-	IPAddress       string `json:",omitempty"`
-	PrefixLength    uint8  `json:",omitempty"`
-	GatewayAddress  string `json:",omitempty"`
-	DNSSuffix       string `json:",omitempty"`
-	DNSServerList   string `json:",omitempty"`
-	EnableLowMetric bool   `json:",omitempty"`
-	EncapOverhead   uint16 `json:",omitempty"`
-}
-
-type ResourceType string
-
-const (
-	// These are constants for v2 schema modify guest requests.
-	ResourceTypeMappedDirectory   ResourceType = "MappedDirectory"
-	ResourceTypeMappedVirtualDisk ResourceType = "MappedVirtualDisk"
-	ResourceTypeNetwork           ResourceType = "Network"
-	ResourceTypeNetworkNamespace  ResourceType = "NetworkNamespace"
-	ResourceTypeCombinedLayers    ResourceType = "CombinedLayers"
-	ResourceTypeVPMemDevice       ResourceType = "VPMemDevice"
-)
-
-// GuestRequest is for modify commands passed to the guest.
-type GuestRequest struct {
-	RequestType  string       `json:"RequestType,omitempty"`
-	ResourceType ResourceType `json:"ResourceType,omitempty"`
-	Settings     interface{}  `json:"Settings,omitempty"`
-}
-
-type NetworkModifyRequest struct {
-	AdapterId   string      `json:"AdapterId,omitempty"`
-	RequestType string      `json:"RequestType,omitempty"`
-	Settings    interface{} `json:"Settings,omitempty"`
-}
-
-type RS4NetworkModifyRequest struct {
-	AdapterInstanceId string      `json:"AdapterInstanceId,omitempty"`
-	RequestType       string      `json:"RequestType,omitempty"`
-	Settings          interface{} `json:"Settings,omitempty"`
-}
-
-// SignalProcessOptions is the options passed to either WCOW or LCOW
-// to signal a given process.
-type SignalProcessOptions struct {
-	Signal int `json:,omitempty`
-}
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/BUILD
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/BUILD
@ -21,7 +21,6 @@ go_library(
    visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"],
    deps = [
        "//vendor/github.com/Microsoft/go-winio:go_default_library",
-        "//vendor/github.com/Microsoft/hcsshim/internal/guestrequest:go_default_library",
        "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library",
        "//vendor/github.com/Microsoft/hcsshim/internal/logfields:go_default_library",
        "//vendor/github.com/Microsoft/hcsshim/internal/schema1:go_default_library",
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go
@ -1,10 +1,12 @@
 package hcs

 import (
+	"fmt"
 	"sync"
 	"syscall"

 	"github.com/Microsoft/hcsshim/internal/interop"
+	"github.com/Microsoft/hcsshim/internal/logfields"
 	"github.com/sirupsen/logrus"
 )

@ -40,16 +42,61 @@ var (
 )

 type hcsNotification uint32
+
+func (hn hcsNotification) String() string {
+	switch hn {
+	case hcsNotificationSystemExited:
+		return "SystemExited"
+	case hcsNotificationSystemCreateCompleted:
+		return "SystemCreateCompleted"
+	case hcsNotificationSystemStartCompleted:
+		return "SystemStartCompleted"
+	case hcsNotificationSystemPauseCompleted:
+		return "SystemPauseCompleted"
+	case hcsNotificationSystemResumeCompleted:
+		return "SystemResumeCompleted"
+	case hcsNotificationSystemCrashReport:
+		return "SystemCrashReport"
+	case hcsNotificationSystemSiloJobCreated:
+		return "SystemSiloJobCreated"
+	case hcsNotificationSystemSaveCompleted:
+		return "SystemSaveCompleted"
+	case hcsNotificationSystemRdpEnhancedModeStateChanged:
+		return "SystemRdpEnhancedModeStateChanged"
+	case hcsNotificationSystemShutdownFailed:
+		return "SystemShutdownFailed"
+	case hcsNotificationSystemGetPropertiesCompleted:
+		return "SystemGetPropertiesCompleted"
+	case hcsNotificationSystemModifyCompleted:
+		return "SystemModifyCompleted"
+	case hcsNotificationSystemCrashInitiated:
+		return "SystemCrashInitiated"
+	case hcsNotificationSystemGuestConnectionClosed:
+		return "SystemGuestConnectionClosed"
+	case hcsNotificationProcessExited:
+		return "ProcessExited"
+	case hcsNotificationInvalid:
+		return "Invalid"
+	case hcsNotificationServiceDisconnect:
+		return "ServiceDisconnect"
+	default:
+		return fmt.Sprintf("Unknown: %d", hn)
+	}
+}
+
 type notificationChannel chan error

 type notifcationWatcherContext struct {
 	channels notificationChannels
 	handle   hcsCallback
+
+	systemID  string
+	processID int
 }

 type notificationChannels map[hcsNotification]notificationChannel

-func newChannels() notificationChannels {
+func newSystemChannels() notificationChannels {
 	channels := make(notificationChannels)

 	channels[hcsNotificationSystemExited] = make(notificationChannel, 1)
@ -57,17 +104,14 @@ func newChannels() notificationChannels {
 	channels[hcsNotificationSystemStartCompleted] = make(notificationChannel, 1)
 	channels[hcsNotificationSystemPauseCompleted] = make(notificationChannel, 1)
 	channels[hcsNotificationSystemResumeCompleted] = make(notificationChannel, 1)
+
+	return channels
+}
+
+func newProcessChannels() notificationChannels {
+	channels := make(notificationChannels)
+
 	channels[hcsNotificationProcessExited] = make(notificationChannel, 1)
-	channels[hcsNotificationServiceDisconnect] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemCrashReport] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemSiloJobCreated] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemSaveCompleted] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemRdpEnhancedModeStateChanged] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemShutdownFailed] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemGetPropertiesCompleted] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemModifyCompleted] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemCrashInitiated] = make(notificationChannel, 1)
-	channels[hcsNotificationSystemGuestConnectionClosed] = make(notificationChannel, 1)

 	return channels
 }
@ -92,12 +136,28 @@ func notificationWatcher(notificationType hcsNotification, callbackNumber uintpt
 		return 0
 	}

+	log := logrus.WithFields(logrus.Fields{
+		"notification-type": notificationType.String(),
+		"system-id":         context.systemID,
+	})
+	if context.processID != 0 {
+		log.Data[logfields.ProcessID] = context.processID
+	}
+	log.Debug("")
+
+	// The HCS notification system can grow overtime. We explicitly opt-in to
+	// the notifications we would like to handle, all others we simply return.
+	// This means that as it grows we don't have issues associated with new
+	// notification types the code didn't know about.
+	switch notificationType {
+	case hcsNotificationSystemExited, hcsNotificationSystemCreateCompleted, hcsNotificationSystemStartCompleted, hcsNotificationSystemPauseCompleted, hcsNotificationSystemResumeCompleted:
+	case hcsNotificationProcessExited:
+	default:
+		return 0
+	}
+
 	if channel, ok := context.channels[notificationType]; ok {
 		channel <- result
-	} else {
-		logrus.WithFields(logrus.Fields{
-			"notification-type": notificationType,
-		}).Warn("Received a callback of an unsupported type")
 	}

 	return 0
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go
@ -272,6 +272,13 @@ func IsNotSupported(err error) bool {
 		err == ErrVmcomputeUnknownMessage
 }

+// IsOperationInvalidState returns true when err is caused by
+// `ErrVmcomputeOperationInvalidState`.
+func IsOperationInvalidState(err error) bool {
+	err = getInnerError(err)
+	return err == ErrVmcomputeOperationInvalidState
+}
+
 func getInnerError(err error) error {
 	switch pe := err.(type) {
 	case nil:
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/hcs.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/hcs.go
@ -27,7 +27,7 @@ import (
 //sys hcsOpenProcess(computeSystem hcsSystem, pid uint32, process *hcsProcess, result **uint16) (hr error) = vmcompute.HcsOpenProcess?
 //sys hcsCloseProcess(process hcsProcess) (hr error) = vmcompute.HcsCloseProcess?
 //sys hcsTerminateProcess(process hcsProcess, result **uint16) (hr error) = vmcompute.HcsTerminateProcess?
-//sys hcsSignalProcess(process hcsProcess, options string, result **uint16) (hr error) = vmcompute.HcsTerminateProcess?
+//sys hcsSignalProcess(process hcsProcess, options string, result **uint16) (hr error) = vmcompute.HcsSignalProcess?
 //sys hcsGetProcessInfo(process hcsProcess, processInformation *hcsProcessInformation, result **uint16) (hr error) = vmcompute.HcsGetProcessInfo?
 //sys hcsGetProcessProperties(process hcsProcess, processProperties **uint16, result **uint16) (hr error) = vmcompute.HcsGetProcessProperties?
 //sys hcsModifyProcess(process hcsProcess, settings string, result **uint16) (hr error) = vmcompute.HcsModifyProcess?
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go
@ -7,7 +7,6 @@ import (
 	"syscall"
 	"time"

-	"github.com/Microsoft/hcsshim/internal/guestrequest"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/Microsoft/hcsshim/internal/logfields"
 	"github.com/sirupsen/logrus"
@ -23,6 +22,10 @@ type Process struct {
 	callbackNumber uintptr

 	logctx logrus.Fields
+
+	closedWaitOnce sync.Once
+	waitBlock      chan struct{}
+	waitError      error
 }

 func newProcess(process hcsProcess, processID int, computeSystem *System) *Process {
@ -34,6 +37,7 @@ func newProcess(process hcsProcess, processID int, computeSystem *System) *Proce
 			logfields.ContainerID: computeSystem.ID(),
 			logfields.ProcessID:   processID,
 		},
+		waitBlock: make(chan struct{}),
 	}
 }

@ -107,7 +111,11 @@ func (process *Process) logOperationEnd(operation string, err error) {
 }

 // Signal signals the process with `options`.
-func (process *Process) Signal(options guestrequest.SignalProcessOptions) (err error) {
+//
+// For LCOW `guestrequest.SignalProcessOptionsLCOW`.
+//
+// For WCOW `guestrequest.SignalProcessOptionsWCOW`.
+func (process *Process) Signal(options interface{}) (err error) {
 	process.handleLock.RLock()
 	defer process.handleLock.RUnlock()

@ -163,33 +171,49 @@ func (process *Process) Kill() (err error) {
 	return nil
 }

-// Wait waits for the process to exit.
+// waitBackground waits for the process exit notification. Once received sets
+// `process.waitError` (if any) and unblocks all `Wait` and `WaitTimeout` calls.
+//
+// This MUST be called exactly once per `process.handle` but `Wait` and
+// `WaitTimeout` are safe to call multiple times.
+func (process *Process) waitBackground() {
+	process.waitError = waitForNotification(process.callbackNumber, hcsNotificationProcessExited, nil)
+	process.closedWaitOnce.Do(func() {
+		close(process.waitBlock)
+	})
+}
+
+// Wait waits for the process to exit. If the process has already exited returns
+// the pervious error (if any).
 func (process *Process) Wait() (err error) {
 	operation := "hcsshim::Process::Wait"
 	process.logOperationBegin(operation)
 	defer func() { process.logOperationEnd(operation, err) }()

-	err = waitForNotification(process.callbackNumber, hcsNotificationProcessExited, nil)
-	if err != nil {
-		return makeProcessError(process, operation, err, nil)
+	<-process.waitBlock
+	if process.waitError != nil {
+		return makeProcessError(process, operation, process.waitError, nil)
 	}
-
 	return nil
 }

-// WaitTimeout waits for the process to exit or the duration to elapse. It returns
-// false if timeout occurs.
+// WaitTimeout waits for the process to exit or the duration to elapse. If the
+// process has already exited returns the pervious error (if any). If a timeout
+// occurs returns `ErrTimeout`.
 func (process *Process) WaitTimeout(timeout time.Duration) (err error) {
 	operation := "hcssshim::Process::WaitTimeout"
 	process.logOperationBegin(operation)
 	defer func() { process.logOperationEnd(operation, err) }()

-	err = waitForNotification(process.callbackNumber, hcsNotificationProcessExited, &timeout)
-	if err != nil {
-		return makeProcessError(process, operation, err, nil)
+	select {
+	case <-process.waitBlock:
+		if process.waitError != nil {
+			return makeProcessError(process, operation, process.waitError, nil)
+		}
+		return nil
+	case <-time.After(timeout):
+		return makeProcessError(process, operation, ErrTimeout, nil)
 	}
-
-	return nil
 }

 // ResizeConsole resizes the console of the process.
@ -276,15 +300,20 @@ func (process *Process) ExitCode() (_ int, err error) {

 	properties, err := process.Properties()
 	if err != nil {
-		return 0, makeProcessError(process, operation, err, nil)
+		return -1, makeProcessError(process, operation, err, nil)
 	}

 	if properties.Exited == false {
-		return 0, makeProcessError(process, operation, ErrInvalidProcessState, nil)
+		return -1, makeProcessError(process, operation, ErrInvalidProcessState, nil)
 	}

 	if properties.LastWaitResult != 0 {
-		return 0, makeProcessError(process, operation, syscall.Errno(properties.LastWaitResult), nil)
+		logrus.WithFields(logrus.Fields{
+			logfields.ContainerID: process.SystemID(),
+			logfields.ProcessID:   process.processID,
+			"wait-result":         properties.LastWaitResult,
+		}).Warn("hcsshim::Process::ExitCode - Non-zero last wait result")
+		return -1, nil
 	}

 	return int(properties.ExitCode), nil
@ -397,13 +426,18 @@ func (process *Process) Close() (err error) {
 	}

 	process.handle = 0
+	process.closedWaitOnce.Do(func() {
+		close(process.waitBlock)
+	})

 	return nil
 }

 func (process *Process) registerCallback() error {
 	context := &notifcationWatcherContext{
-		channels: newChannels(),
+		channels:  newProcessChannels(),
+		systemID:  process.SystemID(),
+		processID: process.processID,
 	}

 	callbackMapLock.Lock()
@ -450,7 +484,7 @@ func (process *Process) unregisterCallback() error {
 	closeChannels(context.channels)

 	callbackMapLock.Lock()
-	callbackMap[callbackNumber] = nil
+	delete(callbackMap, callbackNumber)
 	callbackMapLock.Unlock()

 	handle = 0
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go
@ -43,6 +43,10 @@ type System struct {
 	callbackNumber uintptr

 	logctx logrus.Fields
+
+	closedWaitOnce sync.Once
+	waitBlock      chan struct{}
+	waitError      error
 }

 func newSystem(id string) *System {
@ -51,6 +55,7 @@ func newSystem(id string) *System {
 		logctx: logrus.Fields{
 			logfields.ContainerID: id,
 		},
+		waitBlock: make(chan struct{}),
 	}
 }

@ -121,6 +126,8 @@ func CreateComputeSystem(id string, hcsDocumentInterface interface{}) (_ *System
 		return nil, makeSystemError(computeSystem, operation, hcsDocument, err, events)
 	}

+	go computeSystem.waitBackground()
+
 	return computeSystem, nil
 }

@ -153,6 +160,7 @@ func OpenComputeSystem(id string) (_ *System, err error) {
 	if err = computeSystem.registerCallback(); err != nil {
 		return nil, makeSystemError(computeSystem, operation, "", err, nil)
 	}
+	go computeSystem.waitBackground()

 	return computeSystem, nil
 }
@ -280,7 +288,7 @@ func (computeSystem *System) Shutdown() (err error) {
 	operation := "hcsshim::ComputeSystem::Shutdown"
 	computeSystem.logOperationBegin(operation)
 	defer func() {
-		if IsAlreadyStopped(err) {
+		if IsAlreadyClosed(err) || IsAlreadyStopped(err) || IsPending(err) {
 			computeSystem.logOperationEnd(operation, nil)
 		} else {
 			computeSystem.logOperationEnd(operation, err)
@ -312,7 +320,7 @@ func (computeSystem *System) Terminate() (err error) {
 	operation := "hcsshim::ComputeSystem::Terminate"
 	computeSystem.logOperationBegin(operation)
 	defer func() {
-		if IsPending(err) {
+		if IsAlreadyClosed(err) || IsAlreadyStopped(err) || IsPending(err) {
 			computeSystem.logOperationEnd(operation, nil)
 		} else {
 			computeSystem.logOperationEnd(operation, err)
@ -335,48 +343,67 @@ func (computeSystem *System) Terminate() (err error) {
 	return nil
 }

-// Wait synchronously waits for the compute system to shutdown or terminate.
+// waitBackground waits for the compute system exit notification. Once received
+// sets `computeSystem.waitError` (if any) and unblocks all `Wait`,
+// `WaitExpectedError`, and `WaitTimeout` calls.
+//
+// This MUST be called exactly once per `computeSystem.handle` but `Wait`,
+// `WaitExpectedError`, and `WaitTimeout` are safe to call multiple times.
+func (computeSystem *System) waitBackground() {
+	computeSystem.waitError = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, nil)
+	computeSystem.closedWaitOnce.Do(func() {
+		close(computeSystem.waitBlock)
+	})
+}
+
+// Wait synchronously waits for the compute system to shutdown or terminate. If
+// the compute system has already exited returns the previous error (if any).
 func (computeSystem *System) Wait() (err error) {
 	operation := "hcsshim::ComputeSystem::Wait"
 	computeSystem.logOperationBegin(operation)
 	defer func() { computeSystem.logOperationEnd(operation, err) }()

-	err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, nil)
-	if err != nil {
-		return makeSystemError(computeSystem, "Wait", "", err, nil)
+	<-computeSystem.waitBlock
+	if computeSystem.waitError != nil {
+		return makeSystemError(computeSystem, "Wait", "", computeSystem.waitError, nil)
 	}

 	return nil
 }

 // WaitExpectedError synchronously waits for the compute system to shutdown or
-// terminate, and ignores the passed error if it occurs.
+// terminate and returns the error (if any) as long as it does not match
+// `expected`. If the compute system has already exited returns the previous
+// error (if any) as long as it does not match `expected`.
 func (computeSystem *System) WaitExpectedError(expected error) (err error) {
 	operation := "hcsshim::ComputeSystem::WaitExpectedError"
 	computeSystem.logOperationBegin(operation)
 	defer func() { computeSystem.logOperationEnd(operation, err) }()

-	err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, nil)
-	if err != nil && getInnerError(err) != expected {
-		return makeSystemError(computeSystem, "WaitExpectedError", "", err, nil)
+	<-computeSystem.waitBlock
+	if computeSystem.waitError != nil && getInnerError(computeSystem.waitError) != expected {
+		return makeSystemError(computeSystem, "WaitExpectedError", "", computeSystem.waitError, nil)
 	}
-
 	return nil
 }

-// WaitTimeout synchronously waits for the compute system to terminate or the duration to elapse.
-// If the timeout expires, IsTimeout(err) == true
+// WaitTimeout synchronously waits for the compute system to terminate or the
+// duration to elapse. If the timeout expires, `IsTimeout(err) == true`. If
+// the compute system has already exited returns the previous error (if any).
 func (computeSystem *System) WaitTimeout(timeout time.Duration) (err error) {
 	operation := "hcsshim::ComputeSystem::WaitTimeout"
 	computeSystem.logOperationBegin(operation)
 	defer func() { computeSystem.logOperationEnd(operation, err) }()

-	err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, &timeout)
-	if err != nil {
-		return makeSystemError(computeSystem, "WaitTimeout", "", err, nil)
+	select {
+	case <-computeSystem.waitBlock:
+		if computeSystem.waitError != nil {
+			return makeSystemError(computeSystem, "WaitTimeout", "", computeSystem.waitError, nil)
+		}
+		return nil
+	case <-time.After(timeout):
+		return makeSystemError(computeSystem, "WaitTimeout", "", ErrTimeout, nil)
 	}
-
-	return nil
 }

 func (computeSystem *System) Properties(types ...schema1.PropertyType) (_ *schema1.ContainerProperties, err error) {
@ -387,18 +414,19 @@ func (computeSystem *System) Properties(types ...schema1.PropertyType) (_ *schem
 	computeSystem.logOperationBegin(operation)
 	defer func() { computeSystem.logOperationEnd(operation, err) }()

-	queryj, err := json.Marshal(schema1.PropertyQuery{types})
+	queryBytes, err := json.Marshal(schema1.PropertyQuery{PropertyTypes: types})
 	if err != nil {
 		return nil, makeSystemError(computeSystem, "Properties", "", err, nil)
 	}

+	queryString := string(queryBytes)
 	logrus.WithFields(computeSystem.logctx).
-		WithField(logfields.JSON, queryj).
+		WithField(logfields.JSON, queryString).
 		Debug("HCS ComputeSystem Properties Query")

 	var resultp, propertiesp *uint16
 	syscallWatcher(computeSystem.logctx, func() {
-		err = hcsGetComputeSystemProperties(computeSystem.handle, string(queryj), &propertiesp, &resultp)
+		err = hcsGetComputeSystemProperties(computeSystem.handle, string(queryString), &propertiesp, &resultp)
 	})
 	events := processHcsResult(resultp)
 	if err != nil {
@ -519,6 +547,7 @@ func (computeSystem *System) CreateProcess(c interface{}) (_ *Process, err error
 	if err = process.registerCallback(); err != nil {
 		return nil, makeSystemError(computeSystem, "CreateProcess", "", err, nil)
 	}
+	go process.waitBackground()

 	return process, nil
 }
@ -557,6 +586,7 @@ func (computeSystem *System) OpenProcess(pid int) (_ *Process, err error) {
 	if err = process.registerCallback(); err != nil {
 		return nil, makeSystemError(computeSystem, "OpenProcess", "", err, nil)
 	}
+	go process.waitBackground()

 	return process, nil
 }
@ -587,13 +617,17 @@ func (computeSystem *System) Close() (err error) {
 	}

 	computeSystem.handle = 0
+	computeSystem.closedWaitOnce.Do(func() {
+		close(computeSystem.waitBlock)
+	})

 	return nil
 }

 func (computeSystem *System) registerCallback() error {
 	context := &notifcationWatcherContext{
-		channels: newChannels(),
+		channels: newSystemChannels(),
+		systemID: computeSystem.id,
 	}

 	callbackMapLock.Lock()
@ -640,7 +674,7 @@ func (computeSystem *System) unregisterCallback() error {
 	closeChannels(context.channels)

 	callbackMapLock.Lock()
-	callbackMap[callbackNumber] = nil
+	delete(callbackMap, callbackNumber)
 	callbackMapLock.Unlock()

 	handle = 0
--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go
@ -17,6 +17,11 @@ func processAsyncHcsResult(err error, resultp *uint16, callbackNumber uintptr, e

 func waitForNotification(callbackNumber uintptr, expectedNotification hcsNotification, timeout *time.Duration) error {
 	callbackMapLock.RLock()
+	if _, ok := callbackMap[callbackNumber]; !ok {
+		callbackMapLock.RUnlock()
+		logrus.Errorf("failed to waitForNotification: callbackNumber %d does not exist in callbackMap", callbackNumber)
+		return ErrHandleClose
+	}
 	channels := callbackMap[callbackNumber].channels
 	callbackMapLock.RUnlock()

--- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/zsyscall_windows.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/zsyscall_windows.go
@ -56,13 +56,13 @@ var (
 	procHcsOpenProcess                     = modvmcompute.NewProc("HcsOpenProcess")
 	procHcsCloseProcess                    = modvmcompute.NewProc("HcsCloseProcess")
 	procHcsTerminateProcess                = modvmcompute.NewProc("HcsTerminateProcess")
-
-	procHcsGetProcessInfo            = modvmcompute.NewProc("HcsGetProcessInfo")
-	procHcsGetProcessProperties      = modvmcompute.NewProc("HcsGetProcessProperties")
-	procHcsModifyProcess             = modvmcompute.NewProc("HcsModifyProcess")
-	procHcsGetServiceProperties      = modvmcompute.NewProc("HcsGetServiceProperties")
-	procHcsRegisterProcessCallback   = modvmcompute.NewProc("HcsRegisterProcessCallback")
-	procHcsUnregisterProcessCallback = modvmcompute.NewProc("HcsUnregisterProcessCallback")
+	procHcsSignalProcess                   = modvmcompute.NewProc("HcsSignalProcess")
+	procHcsGetProcessInfo                  = modvmcompute.NewProc("HcsGetProcessInfo")
+	procHcsGetProcessProperties            = modvmcompute.NewProc("HcsGetProcessProperties")
+	procHcsModifyProcess                   = modvmcompute.NewProc("HcsModifyProcess")
+	procHcsGetServiceProperties            = modvmcompute.NewProc("HcsGetServiceProperties")
+	procHcsRegisterProcessCallback         = modvmcompute.NewProc("HcsRegisterProcessCallback")
+	procHcsUnregisterProcessCallback       = modvmcompute.NewProc("HcsUnregisterProcessCallback")
 )

 func hcsEnumerateComputeSystems(query string, computeSystems **uint16, result **uint16) (hr error) {
@ -417,10 +417,10 @@ func hcsSignalProcess(process hcsProcess, options string, result **uint16) (hr e
 }

 func _hcsSignalProcess(process hcsProcess, options *uint16, result **uint16) (hr error) {
-	if hr = procHcsTerminateProcess.Find(); hr != nil {
+	if hr = procHcsSignalProcess.Find(); hr != nil {
 		return
 	}
-	r0, _, _ := syscall.Syscall(procHcsTerminateProcess.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result)))
+	r0, _, _ := syscall.Syscall(procHcsSignalProcess.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result)))
 	if int32(r0) < 0 {
 		if r0&0x1fff0000 == 0x00070000 {
 			r0 &= 0xffff
--- a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go
@ -2,9 +2,9 @@ package hns

 import (
 	"encoding/json"
-	"net"
-
+	"errors"
 	"github.com/sirupsen/logrus"
+	"net"
 )

 // Subnet is assoicated with a network and represents a list
@ -98,6 +98,12 @@ func (network *HNSNetwork) Create() (*HNSNetwork, error) {
 	title := "hcsshim::HNSNetwork::" + operation
 	logrus.Debugf(title+" id=%s", network.Id)

+	for _, subnet := range network.Subnets {
+		if (subnet.AddressPrefix != "") && (subnet.GatewayAddress == "") {
+			return nil, errors.New("network create error, subnet has address prefix but no gateway specified")
+		}
+	}
+
 	jsonString, err := json.Marshal(network)
 	if err != nil {
 		return nil, err
--- a/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9_share.go
+++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9_share.go
@ -10,7 +10,6 @@
 package hcsschema

 type Plan9Share struct {
-
 	Name string `json:"Name,omitempty"`

 	//  The name by which the guest operation system can access this share, via  the aname parameter in the Plan9 protocol.
@ -30,4 +29,6 @@ type Plan9Share struct {
 	ReadOnly bool `json:"ReadOnly,omitempty"`

 	UseShareRootIdentity bool `json:"UseShareRootIdentity,omitempty"`
+
+	AllowedFiles []string `json:"AllowedFiles,omitempty"`
 }
--- a/vendor/github.com/Microsoft/hcsshim/vendor.conf
+++ b/vendor/github.com/Microsoft/hcsshim/vendor.conf
@ -1,13 +1,20 @@
 github.com/blang/semver v3.1.0
 github.com/containerd/console c12b1e7919c14469339a5d38f2f8ed9b64a9de23
+github.com/containerd/containerd faec567304bbdf6864b1663d4f813641b5880a4a
 github.com/containerd/go-runc 5a6d9f37cfa36b15efba46dc7ea349fa9b7143c3
+github.com/containerd/ttrpc 2a805f71863501300ae1976d29f0454ae003e85a
+github.com/containerd/typeurl a93fcdb778cd272c6e9b3028b2f42d813e785d40
+github.com/gogo/protobuf v1.0.0
+github.com/golang/protobuf v1.1.0
 github.com/hashicorp/errwrap 7554cd9344cec97297fa6649b055a8c98c2a1e55
 github.com/hashicorp/go-multierror ed905158d87462226a13fe39ddf685ea65f1c11f
 github.com/konsorten/go-windows-terminal-sequences v1.0.1
 github.com/linuxkit/virtsock 8e79449dea0735c1c056d814934dd035734cc97c
-github.com/Microsoft/go-winio 16cfc975803886a5e47c4257a24c8d8c52e178b2
+github.com/Microsoft/go-winio 84b4ab48a50763fe7b3abcef38e5205c12027fac
 github.com/Microsoft/opengcs v0.3.9
-github.com/opencontainers/runtime-spec eba862dc2470385a233c7507392675cbeadf7353
+github.com/opencontainers/go-digest c9281466c8b2f606084ac71339773efd177436e7
+github.com/opencontainers/runc 12f6a991201fdb8f82579582d5e00e28fba06d0a
+github.com/opencontainers/runtime-spec 29686dbc5559d93fb1ef402eeda3e35c38d75af4
 github.com/opencontainers/runtime-tools 1d69bd0f9c39677d0630e50664fbc3154ae61b88
 github.com/pkg/errors v0.8.1
 github.com/sirupsen/logrus v1.3.0
@ -17,5 +24,10 @@ github.com/xeipuuv/gojsonpointer 4e3ac2762d5f479393488629ee9370b50873b3a6
 github.com/xeipuuv/gojsonreference bd5ef7bd5415a7ac448318e64f11a24cd21e594b
 github.com/xeipuuv/gojsonschema 1d523034197ff1f222f6429836dd36a2457a1874
 golang.org/x/crypto ff983b9c42bc9fbf91556e191cc8efb585c16908
+golang.org/x/net ed066c81e75eba56dd9bd2139ade88125b855585
 golang.org/x/sync 37e7f081c4d4c64e13b10787722085407fe5d15f
-golang.org/x/sys e5ecc2a6747ce8d4af18ed98b3de5ae30eb3a5bb
+golang.org/x/sys e5ecc2a6747ce8d4af18ed98b3de5ae30eb3a5bb
+golang.org/x/text d14c52b222ee852cdba8b07206ca0c614b389876
+google.golang.org/genproto d80a6e20e776b0b17a324d0ba1ab50a39c8e8944
+google.golang.org/grpc v1.12.0
+k8s.io/kubernetes v1.13.0
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -40,11 +40,10 @@ github.com/JeffAshton/win_pdh
 github.com/MakeNowJust/heredoc
 # github.com/Microsoft/go-winio v0.4.11 => github.com/Microsoft/go-winio v0.4.11
 github.com/Microsoft/go-winio
-# github.com/Microsoft/hcsshim v0.8.6 => github.com/Microsoft/hcsshim v0.8.6
+# github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d => github.com/Microsoft/hcsshim v0.0.0-20190417211021-672e52e9209d
 github.com/Microsoft/hcsshim
 github.com/Microsoft/hcsshim/hcn
 github.com/Microsoft/hcsshim/internal/cni
-github.com/Microsoft/hcsshim/internal/guestrequest
 github.com/Microsoft/hcsshim/internal/guid
 github.com/Microsoft/hcsshim/internal/hcs
 github.com/Microsoft/hcsshim/internal/hcserror