docker/docs - docs - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Solomon Hykes	5833e78887	beam/examples/beamsh: miniserver.ds demo Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	70d3262161	beam: improve the API with Sender/Receiver interfaces and utilities: Copy/SendPipe/SendPair Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Alexander Larsson	b0228d94be	beam: Make extracted Fds CloseOnExec Grab forklock to make sure no forks accidentally inherit the new fds before they are made CLOEXEC There is a slight race condition between ReadMsgUnix returns and when we grap the lock, so this is not perfect. Unfortunately There is no way to pass MSG_CMSG_CLOEXEC to recvmsg() nor any way to implement non-blocking i/o in go, so this is hard to fix. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-04-22 15:50:21 -07:00
Solomon Hykes	207e604bad	beam/examples/beamsh: add a few example dockerscripts Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	29ddf2be1e	beam/examples/beamsh: simplify code by using sendWPipe utility Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	1dc449e11d	beam/examples/beamsh: move code around for readability Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	3a2b31a30b	beam/examples/beamsh: 'exec' adds 'fromcmd' field to its output Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	7534f7a34b	beam/examples/beamsh: simple 'log' command tees streams to a local directory Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:21 -07:00
Solomon Hykes	4f5b94d369	beam/examples/beamsh: 'render' and 'beamsh -x' Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	4ebe7aab91	beam/examples/beamsh: run commands in an implicit context of pre-loaded 'plugins' Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	cd85af06fe	beam/examples/beamsh: convenience commands 'devnull', 'echo' and 'stdio' Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	6d9cdbf24f	beam/examples/beamsh: 'emit' supports key=value syntax to compose arbitrary objects Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	2b81fb8424	dockerscript: '=' is not a special character Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	6e0a156d90	beam/examples/beamsh: support for background commands with '&' terminator Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	08686f1d21	beam/data: Message.Parse creates a message from shell-style 'key=value' arguments Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	ffe19414b1	dockerscript: support '#' line comments Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	e1c8dbba97	beam/examples/beamsh: scripts can be passed as filenames Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	222fc87ade	beam/examples/beamsh: remote communication over beam (experimental). Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:20 -07:00
Solomon Hykes	371f6fc63d	beam/examples/beamsh: 'in' chdirs to a directory. 'pass' does simple passthrough Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	6d5c75a224	beam/examples/beamsh: 'beamsend' command serializes all messages and sends them over a network connection Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	5ddf673851	beam/examples/beamsh: 'exec' command correctly closes stdout and stderr when the process exists Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	e512fef425	beam/examples/beamsh: don't print discarded messages in Devnull This avoids false alarms when process exits without printing. Devnull doesn't require synchronization. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	34c5724b89	beam/examples/beamsh: more useful debugging Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	a5bc75d406	beam/data: expose EncodeString for convenience access to the underlying netstring primitive Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	fb1af1f0bc	beam/examples/beamsh: utility function 'fileToConn' Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	74b90c25d9	beam/examples/beamsh: 'connect' command Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	dff9854305	beam/examples/beamsh: 'exec' and 'listen' commands Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:19 -07:00
Solomon Hykes	3686d50429	beam/examples/beamsh: prettier devnull Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	c9b8e0fcac	beam/data: prettier Message.Pretty() Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	d7a2ae8e13	beam/examples/beamsh: prettier 'trace' command Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	eca6fecb59	beam/data: convenience Message.Pretty() function Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	d4920b3fff	beam/examples/beamsh: basic implementation of the pipeline design, with static handlers for now. In the pipeline design, several beam commands can be run concurrently, with their respective inputs and outputs connected in such a way that beam messages flow from the first to last. This is similar to the way a unix shell executes commands in a pipeline: instead of STDIN and STDOUT, each beam command has a "BEAMIN" and "BEAMOUT". Since beam allows for richer communication than plain byte streams, beam pipelines can express more powerful computation, while retaining the fundamental elegance and ease of use of unix-style composition. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	ec288895e5	beam/examples/beamsh: better debugging messages Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	ab2010cfd3	beam/examples/beamsh: simple 'exec' command Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	5689792171	beam/examples/beamsh: catch introspection calls from jobs for proper nesting Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	bcd31405cf	beam: fix FD leaks in SendPipe This fixes file descriptor leaks in the SendPipe function. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:18 -07:00
Solomon Hykes	1737063904	beam: more hooks for interactive debugging This inserts low-level hooks for interactive step-by-step debugging. Hooks are triggered by setting the TEST environment variable. This is particularly useful for tracking down file descriptor leaks, double-closing, or other issues which are difficult to debug with the usual toolbox. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	6072dec9e7	beam/examples/beamsh: first try at nested execution The "wiring" is broken because engine does not keep a reference for handling introspection calls. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	8697490740	beam/examples/beamsh: fix a bug in the log command Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	488fe61354	beam/data: convenience Message.Get Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	460c98d92d	beam/examples/beamsh: use beam/data Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	5bcf2a736c	beam/data: Message.Bytes() convenience method Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	99dda11d45	beam/data: fix a bug in encoding of multi-value maps Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	276fb1918d	beam/data: convenience Message type for chained manipulation Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	916372c76f	Beam: remove leftover debugging messages Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	cb66e8c136	beam/examples/beamsh: hide debug messages in examples/beamsh by default Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:17 -07:00
Solomon Hykes	97a2c0ebe6	beam/data: a simple format for sending structured data over beam Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	771e493457	beam/examples/beamsh: more bells and whistles for demos * Automatically switch to interactive mode when stdin is a terminal * Basic implementation of "responses" Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	851c1b05d0	Beam: fix bug in beamsh which 'swapped' FDs because of underlying implementation of net.FileConn Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	4481e80636	pkg/dockerscript: <!> is not a special character Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	07c03944ff	Beam: don't close the attachment FD when closing superfluous FDs Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	8875cdf561	Beam: debugging hooks for easy step-by-step inspection of the FD table Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	f586dcf307	beam/examples/beamsh: use 'log' command to pass stdout Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	d00a6b7648	beam/examples/beamsh: basic execution of commands, with in-process beam and dummy handlers Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	f0933a91b0	pkg/dockerscript: remove debug messages Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:16 -07:00
Solomon Hykes	5c14c3ada5	pkg/dockerscript: '.' is not a special character Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	f94a18677a	Beam: Send: pass the underlying error unchanged to allow io.EOF detection Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	11f2531da6	pkg/dockerscript: expose a simple, clean API with a single Parse method Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	7f00a3b665	beam/examples/beamsh: correctly parse nested commands Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	fd890136a9	dockerscript: patch text/scanner to use a shell-like syntax instead of the default go-like syntax Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	cd8ddacdc7	pkg/dockerscript: a simple shell-like syntax to express docker operations Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	be470f2497	Beam: beamsh is a mini-shell which runs processes and communicates with them over beam Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	0e42c7d889	Beam: basic test harness for the unix socket implementation. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	59853c188d	Beam: USocketPair returns a *net.UnixConn socket pair for convenience. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	c401c43cae	Beam: fix file descriptor leaks * Close all file descriptors successfully sent as attachment * Close duplicate file descriptors created by net.FileCon and net.UnixConn.File Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:15 -07:00
Solomon Hykes	b637e5f04a	Beam: change the prototype of SendPipe() to return a *net.UnixSocket Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:14 -07:00
Solomon Hykes	188c2ef806	Beam: allow sending messages without attachments. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:14 -07:00
Solomon Hykes	3960da04c8	Beam: convenience functions Listen and Connect These convenience functions expose a familiar face to the unknown and bizarre world of beam networking. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:14 -07:00
Solomon Hykes	5957e6b385	Beam: a simple stream-oriented communication protocol for distributed systems. This patch includes a stripped down implementation with a bare minimum unix socket transport. It relies on fd passing for stream multiplexing. The purpose of this first patch is to allow implementation of dynamic linking, which will allow advanced service discovery. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-04-22 15:50:14 -07:00
Guillaume J. Charmes	7816712457	Merge pull request #5328 from crosbymichael/refactor-cgroups Refactor cgroups into subsystems and support metrics	2014-04-21 14:06:17 -07:00
unclejack	c0d5eac120	Merge pull request #5223 from crosbymichael/load-profile Use apparmor parser directly	2014-04-21 21:50:59 +03:00
Guillaume J. Charmes	813cebc64f	Merge branch 'master' into load-profile Conflicts: daemon/execdriver/native/create.go daemon/execdriver/native/driver.go Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)	2014-04-21 10:32:13 -07:00
Guillaume J. Charmes	ac814ee3c7	Make sure @proc is defined Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)	2014-04-21 10:28:04 -07:00
Michael Crosby	004cf556e8	Use cgo to get systems clock ticks for metrics Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-21 10:26:22 -07:00
Michael Crosby	f59be989dc	Refactor stat parsing to use only 8 fields Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 20:45:08 -07:00
Evan Hazlett	2f24b5a9dc	work on cpu stats Docker-DCO-1.1-Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> (github: ehazlett)	2014-04-21 00:07:05 -04:00
Michael Crosby	bce49dff0d	Add freezer stats This one is a problem because the most useful stat is a string and not a float like verything else. We may have to change the return type Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 18:35:33 -07:00
Michael Crosby	3bfe13de2c	Reuse cpuacct stats for cpu subsystem Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 18:20:44 -07:00
Michael Crosby	37248039e1	Fix parsing of blkio files Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 18:18:17 -07:00
Michael Crosby	7f12260fd1	Add external function to get cgroup stats Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 17:36:20 -07:00
Michael Crosby	9b65f16355	Refactor stats and add them to all subsystems Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 12:02:39 -07:00
Michael Crosby	86e34ce59f	Squashed commit of the following: commit 75af1649b063abbc5d662fd2f8bc4ff62c927687 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 01:32:42 2014 -0400 more refactor commit 43b36d0f15d634497127bcb17dacaa70ae92e903 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 01:11:49 2014 -0400 refactored cgroup param parsing to util func commit e3738b0168a075bd92ec828879b0e46bdbbe3845 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:57:19 2014 -0400 dat error checking commit 57872bcc59403ecd308cfe97c78f73d6ca58d165 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:43:25 2014 -0400 proper use of fmt.Errorf commit 43dad6acc0cb21aac2b04ce074699879898ee820 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:36:45 2014 -0400 proper placement of defer commit b7f20b934b2bc92cd39397dbc608b77bff28493c Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:34:39 2014 -0400 defers, error checking, panic avoidance commit 7a9a6ff267f8806dfe6676486f73fe89b72968fb Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:22:00 2014 -0400 data param to use container info instead of host commit 0e0cf7309be1644687160d6519db792b23cd26e9 Author: Evan Hazlett <ejhazlett@gmail.com> Date: Sun Apr 20 00:11:29 2014 -0400 added stats for cpuacct, memory, and blkio Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-20 11:34:28 -07:00
Michael Crosby	7fdeda8717	Add remove method to subsystems Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-18 22:17:31 -07:00
Michael Crosby	e92f2fd395	Break down groups into subsystems Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-18 22:10:30 -07:00
Michael Crosby	06db0604e5	Move raw cgroups into fs package (filesystem) Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-18 21:34:26 -07:00
Michael Crosby	ec43ec50b4	Move systemd code into pkg Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-18 21:30:08 -07:00
Michael Crosby	42fb2973c6	Refactor cgroups file locations Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-18 21:14:58 -07:00
Kato Kazuyoshi	92ea101bc4	SQLite is also available in FreeBSD Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)	2014-04-17 07:19:30 +09:00
Michael Crosby	3061a6a2ab	Generate imports based on what is avaliable Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-14 05:22:45 +00:00
Michael Crosby	184728e7bc	Ignore not exist errors for joining default subsystems Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-14 00:07:48 +00:00
Victor Vieux	5fc1b4d2cd	Merge pull request #5132 from crosbymichael/fix-cgroup-hiar Setup cgroups for supported subsystems	2014-04-14 10:56:15 -07:00
Guillaume J. Charmes	f98ed28c1d	Merge pull request #4878 from kzys/freebsd-utimes Support FreeBSD on pkg/system/utimes_*.go	2014-04-14 10:39:25 -07:00
Michael Crosby	6c26a87901	Ignore is not exist error Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-14 00:03:35 +00:00
Michael Crosby	052cc5a637	Move apparmor to top level pkg Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-13 23:33:25 +00:00
Michael Crosby	5f4bc4f916	Use apparmor_parser directly The current load script does alot of things. If it does not find the parser loaded on the system it will just exit 0 and not load the profile. We think it should fail loudly if it cannot load the profile and apparmor is enabled on the system. Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-13 23:31:10 +00:00
Alexander Larsson	4ddfffcab3	Join memory and cpu cgroup in systemd too Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson) Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: crosbymichael)	2014-04-11 17:29:40 +00:00
Michael Crosby	505184d2dc	Join cpuacct, freezer, perf_event, and blkio groups Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-11 17:28:27 +00:00
Michael Crosby	031fcb31d3	Setup cgroups for all subsystems Fixes #5117 Fixes #5118 Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-11 17:28:27 +00:00
Victor Vieux	b8c10d8af2	Merge pull request #5143 from kzys/ns-nil Avoid "invalid memory address or nil pointer dereference" panic	2014-04-10 11:07:35 -07:00
Guillaume J. Charmes	042a50a8fe	Merge pull request #5131 from crosbymichael/shm-mode Change shm mode to 1777	2014-04-10 07:50:32 -07:00
Guillaume J. Charmes	5b242c95da	Merge pull request #5115 from alexlarsson/fix-libcontainer-network-rhel6 Fix libcontainer network support on rhel6	2014-04-10 07:45:12 -07:00
Kato Kazuyoshi	c5226d94fa	Avoid "invalid memory address or nil pointer dereference" panic libcontainer.GetNamespace returns nil on FreeBSD because libcontainer.namespaceList is empty. In this case, Namespaces#Get should return nil instead of being panic. Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)	2014-04-10 22:07:29 +09:00
Kato Kazuyoshi	1c90a4dd9a	Support FreeBSD on pkg/system/utimes_*.go Implement system.LUtimesNano and system.UtimesNano. The latter might be removed in future because it's basically same as os.Chtimes. That's why the test is mainly focusing LUtimesNano. Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)	2014-04-10 07:34:37 +09:00
Alexander Larsson	59c1b2880b	Fix libcontainer network support on rhel6 It seems that netlink in older kernels, including RHEL6, does not support RTM_SETLINK with IFLA_MASTER. It just silently ignores it, reporting no error, causing netlink.NetworkSetMaster() to not do anything yet return no error. We fix this by introducing and using AddToBridge() in a very similar manner to CreateBridge(), which use the old ioctls directly. This fixes https://github.com/dotcloud/docker/issues/4668 Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-04-09 15:44:18 +02:00
Michael Crosby	63c303eecd	Revert "Support hairpin NAT without going through docker server" This reverts commit `b39d02b611`. Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-09 11:55:08 +00:00
Michael Crosby	986cf931c3	Change shm mode to 1777 Fixes #5126 Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-09 10:53:32 +00:00
Michael Crosby	87f0d63fb2	Check for apparmor enabled on host to populate profile Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-09 10:22:17 +00:00
Guillaume J. Charmes	4f828d67f0	Backup current docker apparmor profile and replace it with the new one Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)	2014-04-08 11:09:31 -07:00
Guillaume J. Charmes	8cfbc44661	Merge pull request #5049 from Supermathie/aa-fix apparmor: docker-default: Include base abstraction	2014-04-07 21:34:01 -07:00
Guillaume J. Charmes	1d2126be6c	Merge pull request #5025 from dstine/readme-fix fixed two readme typos	2014-04-07 19:31:16 -07:00
Dan Stine	9c4d10b9a9	fixed three more typos	2014-04-07 22:09:15 -04:00
Michael Crosby	b6042f252d	Ensure that ro mounts are remounted Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-07 18:23:22 -07:00
Michael Crosby	028d44d126	Remove and unexport selinux functions Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-07 14:59:44 -07:00
Michael Crosby	82f37b874e	Ensure that selinux is disabled by default This also includes some portability changes so that the package can be imported with the top level runtime. Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-07 14:44:53 -07:00
Michael Crosby	aaf018017c	Add more label checks for selinux enabled Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-07 14:44:53 -07:00
Michael Brown	726206f2aa	apparmor: pull in variables from tunables/global The variables that were defined at the top of the apparmor profile are best pulled in via the <tunables/global> include. Docker-DCO-1.1-Signed-off-by: Michael Brown <michael.brown@discourse.org> (github: Supermathie)	2014-04-07 03:04:27 -04:00
Michael Brown	320b3e0d21	apparmor: abstractions/base expects pid variable Add 'pid' variable pointing to 'self' to allow parsing of profile to succeed Docker-DCO-1.1-Signed-off-by: Michael Brown <michael.brown@discourse.org> (github: Supermathie)	2014-04-07 02:47:43 -04:00
Michael Brown	e35c23311f	apparmor: docker-default: Include base abstraction Encountered problems on 14.04 relating to signals between container processes being blocked by apparmor. The base abstraction contains appropriate rules to allow this communication. Docker-DCO-1.1-Signed-off-by: Michael Brown <michael.brown@discourse.org> (github: Supermathie)	2014-04-07 02:19:38 -04:00
Dan Stine	bea71245c8	fixed two readme typos	2014-04-04 08:12:17 -04:00
unclejack	a255849129	Merge pull request #5002 from crosbymichael/rhatdan-selinux Improve selinux label handling	2014-04-04 04:43:16 +03:00
Victor Vieux	a278656330	Merge pull request #4991 from ruphin/fix_name_typo Fix typo in names-generator	2014-04-03 16:24:14 -07:00
Goffert van Gool	6cf1378601	Fix typo in names-generator Docker-DCO-1.1-Signed-off-by: Goffert van Gool <ruphin@ruphin.net> (github: ruphin)	2014-04-04 00:57:43 +02:00
Victor Vieux	9687c087ab	Merge pull request #4953 from rhatdan/selinux These two patches should fix problems we see with running docker in the wild.	2014-04-02 16:36:41 -07:00
Michael Crosby	94233a204f	Fix lxc label handleing This also improves the logic around formatting the labels for selinux Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-02 16:52:49 +00:00
Michael Crosby	6e7a93628b	Merge branch 'selinux' of https://github.com/rhatdan/docker into rhatdan-selinux Conflicts: pkg/selinux/selinux.go runtime/execdriver/lxc/lxc_template.go Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-02 16:11:35 +00:00
Dan Walsh	d76ac4d429	In certain cases, setting the process label will not happen. When the code attempts to set the ProcessLabel, it checks if SELinux Is enabled. We have seen a case with some of our patches where the code is fooled by the container to think that SELinux is not enabled. Calling label.Init before setting up the rest of the container, tells the library that SELinux is enabled and everything works fine. Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)	2014-04-03 09:32:29 -04:00
Dan Walsh	32ad78b043	Remove hard coding of SELinux labels on systems without proper selinux policy. If a system is configured for SELinux but does not know about docker or containers, then we want the transitions of the policy to work. Hard coding the labels causes docker to break on older Fedora and RHEL systems Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)	2014-04-03 09:32:29 -04:00
Michael Crosby	18ef3cc24a	Remove loopback setup for native driver Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-02 13:12:52 +00:00
Kevin Wallace	c94111b619	Allow non-privileged containers to create device nodes. Such nodes could already be created by importing a tarball to a container; now they can be created from within the container itself. This gives non-privileged containers the mknod kernel capability, and modifies their cgroup settings to allow creation of any node, not just whitelisted ones. Use of such nodes is still controlled by the existing cgroup whitelist. Docker-DCO-1.1-Signed-off-by: Kevin Wallace <kevin@pentabarf.net> (github: kevinwallace)	2014-04-03 18:44:13 +00:00
Victor Vieux	93bb208164	Merge pull request #4961 from creack/update_version_pkg Update Version to not use string anymore	2014-04-01 18:37:25 -07:00
Victor Vieux	431046e0f5	Merge pull request #4902 from shykes/wozniak_is_not_boring Steve Wozniak is not boring.	2014-04-01 16:49:56 -07:00
unclejack	ceed9382d0	Merge pull request #4931 from crosbymichael/gen-mac-addr-for-bridge Set bridge mac addr on supported kernels	2014-04-02 02:47:56 +03:00
unclejack	30ff3fa954	Merge pull request #4867 from crosbymichael/clean-shutdown Cleanly shutdown docker	2014-04-02 01:48:03 +03:00
Guillaume J. Charmes	3ee37f547f	Update Version to not use string anymore Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)	2014-04-01 15:46:52 -07:00
Michael Crosby	9cf89f8542	Merge pull request #4942 from vieux/cleanup_dev_libcontainer remove setupDev from libcontainer	2014-04-01 14:28:17 -07:00
Guillaume J. Charmes	b4b87413d8	Merge pull request #4833 from crosbymichael/pluginflag Add opts flag for fine grained control over drivers	2014-04-01 13:34:08 -07:00
Dan Walsh	2224e0d65a	In certain cases, setting the process label will not happen. When the code attempts to set the ProcessLabel, it checks if SELinux Is enabled. We have seen a case with some of our patches where the code is fooled by the container to think that SELinux is not enabled. Calling label.Init before setting up the rest of the container, tells the library that SELinux is enabled and everything works fine. Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)	2014-04-01 13:30:10 -04:00
Dan Walsh	f9b8161c60	Remove hard coding of SELinux labels on systems without proper selinux policy. If a system is configured for SELinux but does not know about docker or containers, then we want the transitions of the policy to work. Hard coding the labels causes docker to break on older Fedora and RHEL systems Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)	2014-04-01 13:29:54 -04:00
Michael Crosby	283daced0c	Don't send prctl to be consistent with other drivers Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-01 07:12:50 +00:00
Michael Crosby	5bb82f6313	Ensure a reliable way to kill ghost containers on reboot Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-04-01 07:11:41 +00:00
Victor Vieux	d52d24dd80	remove setupDev from libcontainer Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)	2014-04-01 00:28:44 +00:00
Michael Crosby	4cdcea2047	Set bridge mac addr on supported kernels Fixes #3200 Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)	2014-03-31 22:56:23 +00:00
Johannes 'fish' Ziemke	7808886744	Add more women Added Adele Goldstine, Erna Schneider Hoover, Grace Hopper, Jean Bartik, Jean E. Sammet, Karen Spärck Jones, Radia Perlman and Sophie Wilson. Thanks to @jamtur01 for Sophie Kowalevski, Hypatia, Jane Goodall, Maria Mayer, Rosalind Franklin, Gertrude Elion, Elizabeth Blackwell, Marie-Jeanne de Lalande, Maria Kirch, Maria Ardinghelli, Jane Colden, June Almeida, Mary Leakey, Lise Meitner, Johanna Mestorf. Thanks to @xamebax for Françoise Barré-Sinoussi, Rachel Carson, Barbara McClintock, Ada Yonath. Docker-DCO-1.1-Signed-off-by: Johannes 'fish' Ziemke <github@freigeist.org> (github: discordianfish)	2014-03-31 19:44:57 +02:00
Solomon Hykes	04f5c75239	Steve Wozniak is not boring. Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)	2014-03-29 00:48:47 +00:00
Victor Vieux	d2327006d6	Merge pull request #4442 from ibuildthecloud/hairpin-nat Support hairpin NAT without going through docker server	2014-03-27 18:09:42 -07:00
Alexander Larsson	6c7835050e	cgroups: Add systemd implementation of cgroups This implements cgroup.Apply() using the systemd apis. We create a transient unit called "docker-$id.scope" that contains the container processes. We also have a way to set unit specific properties, currently only defining the Slice to put the scope in. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-03-27 22:44:31 +01:00
Alexander Larsson	1296d5ce9a	Add systemd.SdBooted() This is a conversion of sd_booted() from libsystemd to go and checks if the system was booted with systemd. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-03-27 22:44:31 +01:00
Alexander Larsson	cb43fd0071	pkg/systemd: Drop our copy-pasted version of go-systemd/activation Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-03-27 22:44:31 +01:00
Alexander Larsson	9294d7f2af	cgroups: Join groups by writing to cgroups.procs, not tasks cgroups.procs moves all the threads of the process, and "tasks" just the one thread. I believe there is a risk that we move the main thread, but then we accidentally fork off one of the other threads if the go scheduler randomly switched to another thread. So, it seems safer (and more correct) to use cgroups.procs. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-03-27 21:47:47 +01:00
Alexander Larsson	7f7d8419a7	cgroups: Splity out Apply/Cleanup to separate file/interface This leaves only the generic cgroup helper functions in cgroups.go and will allow easy implementations of other cgroup managers. This also wires up the call to Cleanup the cgroup which was missing before. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)	2014-03-27 21:47:47 +01:00

1 2 3 4 5 ...

480 Commits