docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,578 Commits 21 Branches 28 Tags 814 MiB
Commit Graph

2140 Commits

Author SHA1 Message Date
Brian Goff dc8a39036b Don't lookup container 4 times for stats 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-09-08 10:12:46 -04:00
David Calavera c1c4ccefcd Merge pull request #16110 from Mashimiao/daemon-create-fix-return-and-adjust 
before adjusting should check whether need return or not
 2015-09-07 09:16:23 -07:00
Ma Shimiao 49da029030 record the error of removing volumes 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-09-07 16:38:05 +08:00
Ma Shimiao 89f99343ff daemon/daemon: fix typo 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-09-07 14:43:22 +08:00
Ma Shimiao 73d8af9319 before adjusting should check whether need return or not 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-09-07 11:09:39 +08:00
Sebastiaan van Stijn 1cbf9047b3 Fix docker volume dangling filter 
The docker volume ls -f dangling=true filter was
inverted; the filtered results actually returned all
non-dangling volumes.

This fixes the filter and adds some integration tests
to test the correct behavior.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2015-09-06 20:17:56 +02:00
Vincent Demeester 6990b76a69 Lint package pkg/devicemapper 
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
 2015-09-05 23:15:13 +02:00
Jessie Frazelle 7c667f9d6e Merge pull request #15999 from cpuguy83/15994_ext_volume_bind 
Set bind driver after volume is created
 2015-09-04 09:47:10 -07:00
David Calavera 6549d6517b Move VolumeDriver to HostConfig to make containers portable. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-09-04 12:42:44 -04:00
Tibor Vass c8c1c472b2 Merge pull request #15845 from calavera/refactor_daemon_list 
Refactor daemon container list.
 2015-09-03 20:48:54 -04:00
Tibor Vass 057f53f503 Merge pull request #15846 from ZJU-SEL/11646-fix-path-validations 
fix 11646 to check volume path in server side
 2015-09-03 20:42:37 -04:00
Tibor Vass 2d605ce53b Merge pull request #16041 from runcom/portmapping-doc-cleaning 
Clean latest api doc from PortMapping and outdated error check
 2015-09-03 19:37:34 -04:00
Brian Goff 9d0eef55ea Merge pull request #16025 from sallyom/overlayfsSelinux 
selinux/overlay incompatible err
 2015-09-03 16:08:55 -04:00
Michael Crosby 288275ab60 Merge pull request #16038 from aboch/sbx 
Vendor libnetwork dc52820147f40fe424c8959987af3b396f842639
 2015-09-03 11:48:02 -07:00
Antonio Murdaca 137c12f19a Clean latest api doc from PortMapping and outdated error check 
Regarding the outdated error check, there's no `docker.PortMapping`
struct anymore and this is linked to something really old #1334

Signed-off-by: Antonio Murdaca <runcom@linux.com>
 2015-09-03 11:01:55 +02:00
Alessandro Boch 56fdb05258 Docker changes for libnetwork Sandbox 
- Ground-work for integrating with user namespace support

Signed-off-by: Alessandro Boch <aboch@docker.com>
 2015-09-02 17:24:56 -07:00
Brian Goff 39be36658d Set bind driver after volume is created 
When using a named volume without --volume-driver, the driver was
hardcoded to "local".
Even when the volume was already created by some other driver (and
visible in `docker volume ls`), the container would store in it's own
config that it was the `local` driver.
The external driver would work perfecly fine until the daemon is
restarted, at which point the `local` driver was assumed because that is
as it was set in the container config.

Set the bind driver to the driver returned by createVolume.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-09-02 20:13:20 -04:00
Brian Goff fb4cce5e53 Merge pull request #16030 from Microsoft/fix-golint-commit 
Windows: Fix golint daemon breaking commit
 2015-09-02 20:10:33 -04:00
Jessie Frazelle c6dd451073 Merge pull request #16002 from Microsoft/10662-workdir-platformsemantics 
Windows: Ensure workdir handled in platform semantics
 2015-09-02 16:09:35 -07:00
Sally O'Malley 04329e0b3e selinux/overlay incompatible err 
Signed-off-by: Sally O'Malley <somalley@redhat.com>
 2015-09-02 18:52:10 -04:00
John Howard cfddca2bf9 Windows: Fix golint daemon breaking commit 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-09-02 14:36:45 -07:00
Antonio Murdaca db4f20404d Remove PortMapping from container NetworkSettings 
Signed-off-by: Antonio Murdaca <runcom@linux.com>
 2015-09-02 14:32:53 +02:00
John Howard 6c56f917d3 Windows: Ensure workdir handled in platform semantics 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-09-01 18:50:41 -07:00
Alexander Morozov be8e126a0f Merge pull request #15834 from Microsoft/10662-fixdockercp 
Windows: Fix docker cp
 2015-09-01 08:41:59 -07:00
Antonio Murdaca 4bb2449188 Merge pull request #15913 from mountkin/abstract 
abstract the string slice struct to stringutils package
 2015-09-01 17:06:13 +02:00
Ma Shimiao ab868ad79c daemon/commit: remove unneeded code 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-09-01 16:34:07 +08:00
David Calavera 96974170f8 Merge pull request #15606 from jlhawn/img_delete 
[daemon] Refactor image_delete.go
 2015-08-31 18:22:48 +02:00
Brian Goff 754c10430b Merge pull request #15807 from coolljt0725/remove_remove_redundant_tag_name 
Minor fix: remove redundant tag name in error message of create failed.
 2015-08-31 11:34:40 -04:00
Shishir Mahajan 4870fb36d4 Warning message for lvm devmapper running on top of loopback devices 
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
 2015-08-31 10:35:48 -04:00
David Calavera 06699f73fb Refactor daemon container list. 
Separate container iteration, filtering and reducing.
This will make easier in the future to improve the implementation of
docker ps as we know it.

The end goal is to unify the objects returned by the api for docker ps
and docker inspect, leaving all docker ps transformations to the client.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-08-31 04:24:08 -04:00
xlgao 50be74ba14 just check -v /src:dest and test it 
Signed-off-by: xlgao <xlgao@zju.edu.cn>
 2015-08-31 10:50:49 +08:00
Lei Jitang 16220e0681 Minor fix: remove redundant tag name in error message of create failed. 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-30 10:43:33 +08:00
Stephen Rust 0ef740a5bf Don't hold lock around volume driver for volume create. 
Signed-off-by: Stephen Rust <srust@blockbridge.com>
 2015-08-28 16:28:28 -04:00
Josh Hawn 111d2f3487 [daemon] Refactor image_delete.go 
This file was not well documented and had very high cyclomatic complexity.
This patch completely rearranges this file and the ImageDelete method to
be easier to follow and more maintainable in the future.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
 2015-08-28 11:01:24 -07:00
Sebastiaan van Stijn b1cb1b1df4 Merge pull request #14570 from vdemeester/13365-ps-image-filter 
Add docker ps ancestor filter for image
 2015-08-28 19:47:43 +02:00
Shijiang Wei ea4a06740b abstract the string slice struct to stringutils package 
Signed-off-by: Shijiang Wei <mountkin@gmail.com>
 2015-08-29 01:08:40 +08:00
David Calavera e6e210164e Merge pull request #15910 from mimoralea/patch-1 
Typo fix then -> than
 2015-08-28 18:09:26 +02:00
Miguel Morales 95e3a4ca6d Typo fix then -> than 
Signed-off-by: Miguel Morales <mimoralea@hp.com>
 2015-08-28 10:44:39 -05:00
David Calavera 433956cc47 Merge pull request #15310 from MHBauer/demon-lint-squash 
golint fixes for daemon/ package
 2015-08-28 17:34:36 +02:00
Alexander Morozov 6caaa8a635 Merge pull request #15023 from hqhq/hq_add_status_in_inspect 
Add status string to State field for inspect
 2015-08-28 08:27:36 -07:00
Morgan Bauer abd72d4008
golint fixes for daemon/ package 
- some method names were changed to have a 'Locking' suffix, as the
 downcased versions already existed, and the existing functions simply
 had locks around the already downcased version.
 - deleting unused functions
 - package comment
 - magic numbers replaced by golang constants
 - comments all over

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
 2015-08-27 22:07:42 -07:00
Vincent Demeester 0bd016b1c3 Finish linting opts and trust package. 
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
 2015-08-27 17:36:11 +02:00
Sevki Hasirci 5572148477 golint: trust 
contributes to #14756

Signed-off-by: Sevki Hasirci <s@sevki.org>
 2015-08-27 11:40:27 +02:00
Alexander Morozov 459c2c66c3 Merge pull request #15801 from jfrazelle/btrfs-rm-subvolume-recursion 
remove btrfs subvolumes when destroying containers (recursive)
 2015-08-26 14:00:53 -07:00
Vincent Demeester c1af0ac082 Add 'ancestor' ps filter for image 
Makes it possible to filter containers by image, using
--filter=ancestor=busybox and get all the container running busybox
image and image based on busybox (to the bottom).

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
 2015-08-26 22:59:48 +02:00
Alexander Morozov 47cdae243a Merge pull request #15865 from Microsoft/10662-isabs 
Windows: Fix use of IsAbs check
 2015-08-26 13:29:24 -07:00
Sebastiaan van Stijn fa13f7cde8 Merge pull request #14242 from cpuguy83/add_volume_api 
Add volume api
 2015-08-26 21:57:12 +02:00
John Howard f11ba3135b Windows: Fix use of IsAbs check 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-08-26 12:38:28 -07:00
Brian Goff b3b7eb2723 Add volume API/CLI 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-08-26 13:37:52 -04:00
Jessie Frazelle 5dadfa8b69 Merge pull request #15848 from calavera/revert_ipc_mounts 
DO NOT MERGE: Check if these commits broke the builds.
 2015-08-26 10:29:25 -07:00
Brian Goff 2cec06fbcd Merge pull request #13304 from coolljt0725/restart_daemon_with_paused_containers 
Fix restart docker daemon with paused containers
 2015-08-26 09:04:14 -04:00
David Calavera 688dd8477e Revert "Add support for sharing /dev/shm/ and /dev/mqueue between containers" 
This reverts commit d88fe447df.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-08-26 05:23:00 -04:00
John Howard f950de5754 Windows: Fix docker cp 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-08-25 13:26:49 -07:00
Jessica Frazelle bd06432ba3 cleanup and fix btrfs subvolume recursion deletion 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-08-25 13:00:41 -07:00
David Calavera 6f8c4480e4 Merge pull request #14665 from coolljt0725/fix_build_with_resource_limit 
Fix build with resource limit which system not support.
 2015-08-25 16:42:13 +02:00
Lei Jitang 9a9724ad56 Fix docker daemon restart with paused container. 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-25 09:42:58 +08:00
Jessie Frazelle 903cd2b9e3 Merge pull request #12159 from mrunalp/feature/ipc_share_dev 
ipc: Share /dev/shm and /dev/mqueue when --ipc container:<id/name> is used
 2015-08-24 17:55:03 -07:00
Brian Goff 562cc6254f Merge pull request #15702 from LK4D4/fix_events_tests_15 
Make events test more deterministic in go1.5
 2015-08-24 20:15:09 -04:00
Ma Shimiao dea78fc2ce fix 9939: docker does not remove btrfs subvolumes when destroying container 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-08-24 14:52:07 -07:00
Alexander Morozov 6b21e98432 Merge pull request #15766 from hqhq/hq_fix_device 
Add mode check for device
 2015-08-24 10:58:49 -07:00
Brian Goff fd8b25c802 Merge pull request #15348 from tonistiigi/11008-always-unless-stopped-restart-policy 
Add always-unless-stopped restart policy
 2015-08-24 13:48:56 -04:00
Alexander Morozov 1544c5edb6 Merge pull request #15735 from tonistiigi/graph-register-readcloser 
Make graph.Register take in io.Reader
 2015-08-24 10:40:04 -07:00
Alexander Morozov 386aefb9fc Make events test more deterministic in go1.5 
Now scheduler makes order of events pretty random, so I added little
sleeps to make order intact. Also I renamed to test so name better
describes its nature.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-08-24 09:35:11 -07:00
Brian Goff e14eaba784 Merge pull request #12918 from thieman/tnt-issue-12595 
Use image ID in ps if tag has been updated
 2015-08-24 12:24:42 -04:00
Qiang Huang c99ed5ae5d Change return value for ValidateMountMode 
1. rename it from ValidateMountMode to ValidMountMode
Because it's a function simply check mount mode is valid or not.
2. remove the rw check return value
It's not supposed to be combined into this function, and we already
have a function for that check.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-08-24 17:28:19 +08:00
David Calavera 9bac520c12 Merge pull request #15571 from ewindisch/apparmor_denywproc 
AppArmor: Deny w to /proc/* files
 2015-08-24 11:03:41 +02:00
Travis Thieman 2167f40a76 Use image ID if tag has been updated 
Fixes #12595

Signed-off-by: Travis Thieman <travis.thieman@gmail.com>
 2015-08-23 12:11:24 -04:00
Lei Jitang ce5bbed858 Docs: remove networkdriver from README.md in daemon 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-22 10:09:07 +08:00
Jessie Frazelle 90801ab939 Merge pull request #15708 from Microsoft/sjw/graphdriver_missing_parent 
Windows: Graphdriver should reject create of layer w/o parent
 2015-08-21 16:34:03 -07:00
Jessie Frazelle 9bd8a9b66b Merge pull request #14006 from hqhq/hq_add_kmem_limit 
Add support for kernel memory limit
 2015-08-21 14:34:27 -07:00
Jessie Frazelle ecff4badcd Merge pull request #15125 from WeiZhang555/golint-stdcopy-system 
fix golint warnings/errors on pkg/system and pkg/stdcopy
 2015-08-21 14:27:59 -07:00
Jessie Frazelle 19f7bfcda9 Merge pull request #15507 from clintonskitson/patch_issue_15467 
added check for bind on create to determine local volume driver
 2015-08-21 14:23:44 -07:00
Jessie Frazelle 9b8cfb6c79 Merge pull request #15709 from Mashimiao/state-separate-part-of-SetRestarting 
daemon/state: separate part of SetRestarting to setRestarting
 2015-08-21 14:21:10 -07:00
Stefan J. Wernli a456f20b44 Windows: Graphdriver should reject create of layer w/o parent 
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
 2015-08-21 13:23:04 -07:00
Tonis Tiigi 2d1158790d Make graph.Register take in io.Reader 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2015-08-20 20:37:11 -07:00
Lei Jitang c8a46cb0b2 Fix docker daemon start with old running container which user volume plugin. Fixes #15720 
Signed-off-by: Lei Jitang <leijitang@huawei>
 2015-08-21 11:29:53 +08:00
Doug Davis 90ebc3b455 Merge pull request #14928 from brahmaroutu/lint_daemon_graphdriver 
daemon/graphdriver fix lint errors/warnings
 2015-08-20 03:25:00 -07:00
Clinton Kitson 6b8129d1fe added check for bind on create to determine local volume driver 
Signed-off-by: Clinton Kitson <clintonskitson@gmail.com>
 2015-08-20 01:40:04 -07:00
Ma Shimiao a6ed990593 daemon/state: separate part of SetRestarting to setRestarting 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-08-20 11:14:28 +08:00
Mrunal Patel d88fe447df Add support for sharing /dev/shm/ and /dev/mqueue between containers 
This changeset creates /dev/shm and /dev/mqueue mounts for each container under
/var/lib/containers/<id>/ and bind mounts them into the container. When --ipc:container<id/name>
is used, then the /dev/shm and /dev/mqueue of the ipc container are used instead of creating
new ones for the container.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
 2015-08-19 12:36:52 -04:00
Qiang Huang b6f1b4ad35 Add support for kernel memory limit 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-08-19 23:56:55 +08:00
Qiang Huang 87959dbfac Add CheckKernelVersion so we can check any specific version 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-08-19 23:49:52 +08:00
Phil Estes 70c4b6e619 Merge pull request #15695 from lmesz/deviceset_warn_fix 
deviceset.go: fixed link in warning about udex sync is not supported
 2015-08-19 08:05:27 -07:00
Sebastiaan van Stijn 59e49e1db0 Merge pull request #12927 from lindenlab/custom-host-port-ranges 
Proposal: Change --publish=SPEC to allow binding to custom host port ranges
 2015-08-19 17:04:23 +02:00
Laszlo Meszaros 78676f19c1 deviceset.go: fixed link in warning about udex sync is not supported 
Signed-off-by: Laszlo Meszaros <lacienator@gmail.com>
 2015-08-19 14:16:40 +02:00
David Calavera 215a1136f7 Merge pull request #15662 from cpuguy83/noisy_blkio_warning 
Quiet sysinfo warnings on container create/start
 2015-08-18 11:47:17 -07:00
Tonis Tiigi 10305dc5e8 Add unless-stopped restart policy 
Fixes #11008

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2015-08-18 11:39:06 -07:00
David Calavera 8aa520b8c0 Merge pull request #15649 from LK4D4/syslog_validation 
Syslog validation
 2015-08-18 11:14:31 -07:00
Brian Goff e9d8e38c47 Quiet sysinfo warnings on container create/start 
This was making logrus warn on each container create and start.
These warnings are not needed as the code below already warns when these
various cgroup settings aren't supported but have been set.
Warnings were originally introduced by #15381, which appear to be a
side-effect of that change and not the intention.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-08-18 10:01:52 -04:00
Lei Jitang 770daa15f3 Fix build with resource limit which system is not support. 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-18 11:54:00 +08:00
Zhang Kun 1ed15550f5 fix in daemon side 
Signed-off-by: Zhang Kun <zkazure@gmail.com>

goformat

Signed-off-by: Zhang Kun <zkazure@gmail.com>

fix small

Signed-off-by: Zhang Kun <zkazure@gmail.com>

change to rm

Signed-off-by: Zhang Kun <zkazure@gmail.com>

handler other error

Signed-off-by: Zhang Kun <zkazure@gmail.com>

unique ERR

Signed-off-by: Zhang Kun <zkazure@gmail.com>

setHostConfig_fail_test

Signed-off-by: Zhang Kun <zkazure@gmail.com>

format

Signed-off-by: Zhang Kun <zkazure@gmail.com>

err handle and modify test

Signed-off-by: Zhang Kun <zkazure@gmail.com>

golint error

Signed-off-by: Zhang Kun <zkazure@gmail.com>
 2015-08-18 10:06:36 +08:00
Brian Goff fd2e945d15 Merge pull request #15650 from LK4D4/fix_max_file_error 
Fix error message in max-file validation
 2015-08-17 20:27:12 -04:00
Brian Goff 1c916dbd83 Merge pull request #15632 from mountkin/fix-15626 
a quick fix to #15626
 2015-08-17 20:26:47 -04:00
Alexander Morozov cde607108b Fix error message in max-file validation 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-08-17 15:34:39 -07:00
Alexander Morozov 3f61002b05 Fix LogConfig.Config in inspect 
Also add test for daemon-wide log-opt.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-08-17 15:27:44 -07:00
Alexander Morozov 960791ba60 Check syslog config on daemon start 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-08-17 14:29:45 -07:00
Alexander Morozov b7a6d14bdc Do not allow corrupted syslog-address 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-08-17 14:19:06 -07:00
Srini Brahmaroutu 9e1a41aae5 daemon/graphdriver fix lint errors/warnings 
Addresses #14756

Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
 2015-08-17 19:27:36 +00:00
Alexander Morozov 5aeb48af77 Merge pull request #15635 from cpuguy83/15633_allow_logconfig_empty_driver 
Fix `inspect` output when no log driver specified
 2015-08-17 11:03:37 -07:00
David Calavera 2e7b088164 Merge pull request #15579 from Microsoft/10662-graph 
Windows: Graph remove custom interface, add central store
 2015-08-17 10:45:48 -07:00
Brian Goff 2f2779b6a5 Fix `inspect` output when no log driver specified 
Config options were being ignored in the inspect output when no driver
was specified.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-08-17 11:35:34 -04:00
Shijiang Wei 3977f30869 a quick fix to #15626 
Signed-off-by: Shijiang Wei <mountkin@gmail.com>
 2015-08-17 21:35:57 +08:00
Sebastiaan van Stijn e1f3a5ad0a Merge pull request #14113 from dit4c/10348-exec-privileged 
Remerge of `docker exec --privileged` with better tests
 2015-08-16 00:20:41 +02:00
Stefan J. Wernli dfbb5520e3 Windows: Graph remove custom interface and add central store 
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>

Windows: add support for images stored in alternate location.

Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
 2015-08-14 23:45:53 -07:00
Don Kjer 47272f9cc5 Adding support to publish on custom host port ranges 
Signed-off-by: Don Kjer <don.kjer@gmail.com>

Changing vendor/src/github.com/docker/libnetwork to match lindenlab/libnetwork custom-host-port-ranges-1.7 branch
 2015-08-15 02:41:29 +00:00
Tibor Vass 3e523ae015 Merge pull request #14530 from Microsoft/10662-serversidevalidation 
Windows: [TP3] Move netmode validation to server
 2015-08-14 16:05:59 -04:00
John Howard f6ed590596 Move netmode validation to server 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-08-14 12:17:41 -07:00
Madhu Venugopal 703e2264ba Vendoring in libnetwork 22dc04d06067b40a9e7ef575aee6d1bb69d4dcc3 
Notable changes include :
- #285 : Fix required for https://github.com/docker/docker/pull/12927
- #283 : Code re-architecture/tech-debt in bridge driver
- Upgraded to latest Netlink library
- Fixed certain race-conditions

Signed-off-by: Madhu Venugopal <madhu@docker.com>
 2015-08-14 05:57:47 -07:00
John Starks ec5a73d18e Windows: new hcsshim stdin/out/err handling 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-08-13 13:09:42 -07:00
Eric Windisch 7342d59114 AppArmor: Deny w to /proc/* files 
Introduce a write denial for files at the root of /proc.

This prohibits root users from performing a chmod of those
files. The rules for denials in proc are also cleaned up,
making the rules better match their targets.

Locally tested on:
- Ubuntu precise (12.04) with AppArmor 2.7
- Ubuntu trusty (14.04) with AppArmor 2.8.95

Signed-off-by: Eric Windisch <eric@windisch.us>
 2015-08-13 15:39:25 -04:00
Zhang Wei 7e420ad850 fix golint warnings/errors on `pkg/system` and `pkg/stdcopy` 
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
 2015-08-13 18:47:13 +08:00
Tim Dettrick 03f65b3d0d Revert "Revert "Add docker exec run a command in privileged mode"" 
This reverts commit 40b71adee3.

Original commit (for which this is effectively a rebased version) is
72a500e9e5 and was provided by Lei Jitang
<leijitang@huawei.com>.

Signed-off-by: Tim Dettrick <t.dettrick@uq.edu.au>
 2015-08-13 16:36:44 +10:00
Arnaud Porterie 72e55cb0ec Merge pull request #15399 from Microsoft/10662-portmapping 
Windows: [TP3] Enable NAT port mapping
 2015-08-12 19:07:14 -07:00
John Howard 4393be7100 Windows: Enable NAT port mapping 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2015-08-12 13:17:27 -07:00
Alexander Morozov d8ff9ef2b5 Merge pull request #15504 from kolyshkin/zfs-nitpicks 
zfs nitpicks
 2015-08-12 11:54:35 -07:00
Jessie Frazelle d3198fa8c4 Merge pull request #15446 from cpuguy83/better_err_on_exec_err 
Return better errors from exec
 2015-08-12 11:13:29 -07:00
Kir Kolyshkin 15a232fd06 graphdriver/zfs: fix GetMetadata() comment 
Commit e27c904 added a wrong and misleading comment
to GetMetadata(). Fix it using the wording from
commit 407a626 which introduced GetMetadata().

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
 2015-08-11 18:16:11 -07:00
Kir Kolyshkin f5f7fee2ec graphdriver/zfs: privatize mountPath and zfsPath 
These functions are not part of the graphdriver.Driver
interface and should therefore be private.

Also, remove comments added by commit e27c904 as they are
* pretty obvious
* no longer required by golint

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
 2015-08-11 18:16:08 -07:00
Alexander Morozov 0bfad28b86 Merge pull request #15422 from kolyshkin/graphtest-fix 
graphtest: filter out lost+found dir entry
 2015-08-10 12:21:21 -07:00
Alexander Morozov 6f89a8ee1b Merge pull request #15404 from vbatts/vbatts-dm-zero-sized-field 
devicemapper: fix zero-sized field access
 2015-08-10 09:16:11 -07:00
Vincent Batts f83d05c3be devicemapper: fix zero-sized field access 
Fixes: #15279

Due to
7904946eeb
the devices field is dropped.

This solution works on go1.4 and go1.5

Signed-off-by: Vincent Batts <vbatts@redhat.com>
 2015-08-10 11:11:58 -04:00
Brian Goff 51249a3aa0 Merge pull request #15445 from hqhq/hq_use_docker_daemon 
Change all docker -d to docker daemon
 2015-08-10 10:35:19 -04:00
Brian Goff f078f75bf2 Return better errors from exec 
Also cleans up some of the API side of exec.
Was writing the header twice (two different headers).

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-08-10 09:53:19 -04:00
David Calavera 650d5d5d7a Merge pull request #15437 from calavera/remove_wrong_doc 
Remove doc that doesn't apply to Journald.
 2015-08-10 08:44:08 -05:00
Qiang Huang 81cc8ebc93 Change all docker -d to docker daemon 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-08-10 20:48:08 +08:00
Yibai Zhang fa9e54fbf1 fix typo mistake 
Signed-off-by: Yibai Zhang <xm1994@gmail.com>
 2015-08-10 16:30:48 +08:00
David Calavera f1412f2942 Remove doc that doesn't apply to Journald. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-08-09 22:12:42 -05:00
Kir Kolyshkin 158c536267 graphtest: filter out lost+found dir entry 
Ploop graph driver provides its own ext4 filesystem to every
container. It so happens that ext4 root comes with lost+found
directory, causing failures from DriverTestCreateEmpty() and
DriverTestCreateBase() tests on ploop.

While I am not yet ready to submit ploop graph driver for review,
this change looks simple enough to push.

Note that filtering is done without any additional allocations,
as described in https://github.com/golang/go/wiki/SliceTricks.

[v2: added a comment about lost+found]

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
 2015-08-09 10:23:36 -07:00
David Calavera f1f6738d97 Fix typo in Overlay documentation. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-08-08 15:11:09 -07:00
Brian Goff 764aa1a583 Merge pull request #15074 from coolljt0725/14756_enable_golint_2 
Enable golint in pkg/jsonlog and pkg/jsonmessage part of #14756
 2015-08-08 07:14:53 -04:00
Arnaud Porterie bf892dcfcc Merge pull request #15420 from vlajos/typofixes-vlajos-20150807 
typofix - https://github.com/vlajos/misspell_fixer
 2015-08-08 01:08:49 -07:00
Lei Jitang 5220f3b535 Enable golint in pkg/jsonlog and pkg/jsonmessage. 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-08 11:28:22 +08:00
David Calavera 196aa6d62d Merge pull request #14965 from stefanberger/nohidevols2 
Have network files mounted read-only when -v parameter has 'ro' passed
 2015-08-07 19:10:59 -07:00
Veres Lajos 5146232723 typofix - https://github.com/vlajos/misspell_fixer 
Signed-off-by: Veres Lajos <vlajos@gmail.com>
 2015-08-07 23:25:49 +01:00
Srini Brahmaroutu de3944219f daemon/graphdriver/overlay/ fix lint errors/warnings 
Addresses #14756
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
 2015-08-07 18:34:59 +00:00
David Calavera 0a0e9701f7 Merge pull request #14897 from WeiZhang555/golint-api-types 
fix golint warnings/errors on package api/types/
 2015-08-07 10:51:27 -07:00
David Calavera 10d30c6457 Add platformSupported flag to enable daemon mode by platform. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-08-07 09:45:24 -07:00
David Calavera b9094633f3 Merge pull request #15386 from jfrazelle/remove-docker-unconfined-profile 
remove docker-unconfined profile we were not using it
 2015-08-06 20:06:33 -07:00
Zhang Wei 3d6617ffe7 fix golint warnings/errors on package api/types/ 
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
 2015-08-07 09:43:43 +08:00
Stefan Berger 38295d4b48 Have network files mounted read-only when -v parameter has 'ro' passed 
Have network files mounted read-only when mounted using the -v
open and -v parameter has 'ro' passed.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2015-08-06 20:37:28 -04:00
Jessica Frazelle e542238f2a remove docker-unconfined profile we were not using it and it breaks apparmor on wheezy 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-08-06 16:51:01 -07:00
Antonio Murdaca 4177b0bae0 Add hostConfig check before starting a container 
It may happen that host system settings are changed while the daemon is running.
This will cause errors at libcontainer level when starting a container with a
particular hostConfig (e.g. hostConfig with memory swappiness but the memory
cgroup was umounted).
This patch adds an hostConfig check on container start to prevent the daemon
from even calling libcontainer with the wrong configuration as we're already
doing on container's creation).

Signed-off-by: Antonio Murdaca <runcom@linux.com>
(cherry picked from commit 0d2628cdf19783106ae8723f51fae0a7c7f361c6)
 2015-08-06 15:46:10 -07:00
Antonio Murdaca b2d06b6fba Move sysinfo out of daemon struct 
sysinfo struct was initialized at daemon startup to make sure
kernel configs such as device cgroup are present and error out if not.
The struct was embedded in daemon struct making impossible to detect
if some system config is changed at daemon runtime (i.e. someone
umount the memory cgroup). This leads to container's starts failure if
some config is changed at daemon runtime.
This patch moves sysinfo out of daemon and initilize and check it when
needed (daemon startup, containers creation, contaienrs startup for
now).

Signed-off-by: Antonio Murdaca <runcom@linux.com>
(cherry picked from commit 472b6f66e03f9a85fe8d23098dac6f55a87456d8)
 2015-08-06 15:46:09 -07:00
David Calavera 9ce0a20c01 Merge pull request #15320 from hqhq/hq_add_cgroup_check 
Check sysinfo for Cpuset cpu.shares and blkio
 2015-08-06 14:23:37 -07:00
Jessica Frazelle ed248207d7 revert apparmor changes back to how it was in 1.7.1, but keep tests 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-08-06 12:49:25 -07:00
Lei Jitang 08b3dc8d9f Adapt container settings after verify platform container settings. 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-06 19:56:51 +08:00
Tibor Vass 3273209a9c Merge pull request #15075 from hqhq/hq_move_cpushare_change 
Cleanup: Merge adjustCpuShares to adoptContainerSettings
 2015-08-05 21:53:58 -04:00
Lei 6a0050d0f0 Remove redundant ip_forward check 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-08-06 09:06:31 +08:00
Qiang Huang e0af23dc18 Cleanup: Merge adjustCPUShares to adoptContainerSettings 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-08-06 08:15:14 +08:00
Antonio Murdaca 044c4e00a0 Merge pull request #15334 from Mashimiao/change-name-check-for-image-delete 
image_delete: move name check first
 2015-08-06 02:07:34 +02:00