This fix tries to address the inconsistency in #22036 where labels
set on the command line will not override labels specified in
Dockerfile, but will override labels inherited from `FROM` images.
The fix add a LABEL with command line options at the end of the
processed Dockerfile so that command line options labels always
override the LABEL in Dockerfiles (or through `FROM`).
An integration test has been added for test cases specified in #22036.
This fix fixes#22036.
NOTE: Some changes are from #22266 (@tiborvass).
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This fix tries to address the issue in #22244 where the remote
API `/auth` will not set the default value of `serveraddress`
if not provided. This behavior happens after only in 1.11.0
and is a regression as in 1.10.3 `serveraddress` will be assigned
with `IndexServer` if no value is provided.
The default value `IndexServer` is assigned to `serveraddress` if
no value provided in this fix.
An integration test `TestAuthApi` has been added to cover this change
This fix fixes#22244.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Restore the 1.10 logic that will reset the restart manager's timeout or
backoff delay if a container executes longer than 10s reguardless of
exit status or policy.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
With gcc 5 version 1.4.2 of go is included. This version does not support
go's "native vendoring" which is needed to build notary since git commit
51dc1747e4 ("Move the godeps workspace to the vendor directory to be
compliant with Go 1.6").
As a workaround create a symlink "vendor/src" that points to "vendor/".
This allows to compile notary with gcc 5.
Closes#22007
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
This avoid an extra bind mount within /var/run/docker/libcontainerd
This should resolve situations where a container having the host
/var/run bound prevents other containers from being cleanly removed
(e.g. #21969).
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
For each language, if there is one library which is clearly the
best or most active, I've removed the other libraries so users
aren't mislead.
I've removed the web UIs because they're not really client
libraries.
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
Add a proxy to support 'docker daemon'
Fix configFile option, and remove a test that is no longer relevant.
Remove daemon build tag.
Remove DOCKER_CLIENTONLY from build scripts.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Change docker-daemon to dockerd.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
This functionality has been fixed by
7bca932182 but then it has been broken
again by a793564b25 and finally refixed
here.
Basically the functionality was to prompt for login when trying to pull
from the official docker hub.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
There was an error in validation logic before, should use period
instead of quota, and also add check for negative
number here, if not with that, it would had cpu.cfs_period_us: invalid argument
which is not good for users.
Signed-off-by: Kai Qiang Wu(Kennan) <wkqwu@cn.ibm.com>
These syscalls are already blocked by the default capabilities:
mlock mlock2 mlockall require CAP_IPC_LOCK
vhangup requires CAP_SYS_TTY_CONFIG
There is therefore no reason to allow them in the default profile
as they cannot be used anyway.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This makes sure fsdiff doesn't try to unmount things that shouldn't be.
**Note**: This is intended as a temporary solution to have as minor a
change as possible for 1.11.1. A bigger change will be required in order
to support container re-attach.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Right now there is no way to know what's the minimum free space threshold
daemon is applying. It would be good to export it through docker info and
then user knows what's the current value. Also this could be useful to
higher level management tools which can look at this value and setup their
own internal thresholds for image garbage collection etc.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
This fix tries to fix the http panics caused by container deletion
with empty names in #22210.
The issue was because when an empty string was passed, `GetByName()`
tried to access the first element of the name string without checking
the length. A length check has been added.
A test case for #22210 has been added.
This fix fixes#22210.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Yong Tang
John Howard
Tibor Vass
Daniel Nephin
Sebastiaan van Stijn
Florian
Antonio Murdaca
David Calavera
Sebastiaan van Stijn
Brian Goff
Alexander Morozov
Michael Crosby
Tibor Vass
Michael Holzheu
Kenfe-Mickael Laventure
Ben Firshman
Antonio Murdaca
Sven Dowideit
Kai Qiang Wu(Kennan)
Tonis Tiigi
Justin Cormack
Vivek Goyal
Vincent Demeester
Ken Cochrane
Dimitry Andric
Ke Xu
搏通