this prevents the copier from sending messages in the buffer to the closed
driver. If the copied took longer than the timeout to drain the buffer, this
aborts the copier read loop and return back so we can cleanup resources
properly.
Signed-off-by: Daniel Dao <dqminh@cloudflare.com>
Currently builder.Backend is implemented by daemonbuilder.Docker{} for
the daemon. This registration happens in the API/server code. However,
this is too implementation specific. Ideally we should be able to specify
that docker daemon (or any other) is implementing the Backend and abstract
the implementation details. So we should remove package daemonbuilder
dependency in build_routes.go
With this change, daemonbuilder.Docker is nothing more than the daemon.
A follow on change will remove the daemonbuilder package and move relevant
methods under daemon, so that API only knows about the backend.
Also cleanup code in api/client/build.go. docker cli always performs build
context tar download for remoteURLs and sends an empty remoteContext. So
remove relevant dead code.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Fixes: #18890
This fix add same filter validation logic as images. We should
add such check to make sure filters work make sense to end-users
Right now, we keep old use 1 as filter, but in long term, it should
be have same interface checking as images, it could be improved in
other patches.
Signed-off-by: Kai Qiang Wu(Kennan) <wkqwu@cn.ibm.com>
Issue was caused when exec is tarted, exits, then stated again.
In this case, `Close` is called twice, which closes a channel twice.
Changes execConfig.ExitCode to a pointer so we can test if the it has
been set or not.
This allows us to return early when the exec has already been run.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Read configuration after flags making this the priority:
1- Apply configuration from file.
2- Apply configuration from flags.
Reload configuration when a signal is received, USR2 in Linux:
- Reload router if the debug configuration changes.
- Reload daemon labels.
- Reload cluster discovery.
Signed-off-by: David Calavera <david.calavera@gmail.com>
This is related image fix for Propose #19153
for volume related change, would use another patch
to fix that.
Signed-off-by: Kai Qiang Wu(Kennan) <wkqwu@cn.ibm.com>
docker's network disconnect api now supports `Force` option which can be
used to force cleanup an endpoint from any host in the cluster.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Instead of warning the caller who is disabling OOM killer that the
feature isn't available, only warn if they are trying to **enable** OOM
killer and it can't be done.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Fixes: #19278
The issue seems existed since we add support for OomKillDisable,
OomKillDisable support should not be hard request, we just
discard it if not support and move on.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Rather than using 2 different functions for different
types of conflicts use a bitmask to specify what
conflicts need to be checked. This allows a better way
to make exceptions.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Currently on daemon start volumes are "created" which involves invoking
a volume driver if needed. If this process fails the mount is left in a
bad state in which there is no source or Volume set. This now becomes
an unrecoverable state in which that container can not be started. The
only way to fix is to restart the daemon and hopefully you don't get
another error on startup.
This change moves "createVolume" to be done at container start. If the
start fails it leaves it in the state in which you can try another
start. If the second start can contact the volume driver everything
will recover fine.
Signed-off-by: Darren Shepherd <darren@rancher.com>
This brings in the container-local alias functionality for containers
connected to u ser-defined networks.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
When pulling an image with content trust enabled, two references are
created: a digest reference and a tag reference. Deleting by tag
wouldn't actually remove the image, because the digest reference keeps
it alive.
This change modifies the rmi logic so that digest references don't keep
an image alive. If the last tag referencing a given image is deleted,
any digest references to it will be removed as well, so the image can
actually get deleted. This fixes the usability problem with deletions
when content trust is in use, so something like "docker pull busybox;
docker rmi busybox" will work as expected.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
It's like `MemorySwappiness`, the default value has specific
meaning (default false means enable oom kill).
We need to change it to pointer so we can update it after
container is created.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
(cherry picked from commit 9c2ea42329179c589f5a8991ccf0253eb10fc897)
Conflicts:
vendor/src/github.com/docker/engine-api/types/container/host_config.go
- In case --fixed-cidr-v6 is specified and docker0 bridge already
has a global scope IPv6 address belonging to that v6 network
(likely from a previous daemon instance), to maintain consistency
with what done for the docker0 IPv4 address, daemon has to pass it
down to libnetwork in the IPAMConfig as network gateway to make
sure that the address is not given to some container.
Signed-off-by: Alessandro Boch <aboch@docker.com>
This prevents strange errors and clarifies which namespace options are
incompatible with user namespaces (at this time).
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Instead of just showing the number of containers this patch will
show the number of running, paused and stopped containers as well.
Signed-off-by: Kim Eik <kim@heldig.org>
(cherry picked from commit a9804ab1cb117a132cbf460067d55f5146d50956)
Right now if somebody has enabled deferred device deletion, then
deleteTransaction() returns success even if device could not be deleted. It
has been marked for deferred deletion. Right now we will mark device ID free
and potentially use it again when somebody tries to create new container. And
that's wrong. Device ID is not free yet. It will become free once devices
has actually been deleted by the goroutine later.
So move the location of call to markDeviceIDFree() to a place where we know
device actually got deleted and was not marked for deferred deletion.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Before #16032, once links were setup
in the sqlite db, hostConfig.Links was cleared out.
This means that we need to migrate data back out of the sqlite db and
put it back into hostConfig.Links so that links specified on older
daemons can be used.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
CreateEndpoint will check if the endpoint exist or not, so there is no
need to check before call CreatEndpoint in connectToNetwork since
checking the existence of the endpoint could take much time especially
if we use external K-V store, this would slow down the staring of container.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
if create a container with -w to specify the working directory and
the directory does not exist in the container rootfs, the directory
will be created until the container start. It make docker export of
a created container and a running container inconsistent.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Make sure btrfs mounted subvolumes are owned properly when a remapped
root exists (user namespaces are enabled, for example)
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Don't rely on sqlite db for name registration and linking.
Instead register names and links when the daemon starts to an in-memory
store.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Makes `docker volume ls` and `docker volume inspect` ask the volume
drivers rather than only using what is cached locally.
Previously in order to use a volume from an external driver, one would
either have to use `docker volume create` or have a container that is
already using that volume for it to be visible to the other volume
API's.
For keeping uniqueness of volume names in the daemon, names are bound to
a driver on a first come first serve basis. If two drivers have a volume
with the same name, the first one is chosen, and a warning is logged
about the second one.
Adds 2 new methods to the plugin API, `List` and `Get`.
If a plugin does not implement these endpoints, a user will not be able
to find the specified volumes as well requests go through the drivers.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Merge was used by builder and daemon. With this commit, the builder
call has been inlined and the function moved to the daemon package,
which is the only other caller.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Antonio Murdaca
Brian Goff
Daniel Dao
Anusha Ragunathan
Kai Qiang Wu(Kennan)
Vincent Demeester
Daniel Nephin
Sebastiaan van Stijn
Tibor Vass
David Calavera
Ryan Belgrave
Madhu Venugopal
Lei Jitang
Phil Estes
Tibor Vass
Shishir Mahajan
Alexander Morozov
Jessica Frazelle
Chun Chen
Qiang Huang
Tonis Tiigi
Darren Shepherd
Jess Frazelle
Aaron Lehmann
Alessandro Boch
Kim Eik
Alexander Morozov
Vivek Goyal
Justin Cormack
Arnaud Porterie
Santhosh Manohar
Stephen Rust
Michael Crosby
Srini Brahmaroutu
Phil Estes