This adds a more meaningful error on the client side so the "bad
certificate" error coming from the TLS dial code has some context for
the user.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
make error message when running commands while daemon is down more user-friendly.
```
docker@54.175.201.239 ~: sudo service docker stop
docker stop/waiting
docker@54.175.201.239 ~: docker images
Get http:///var/run/docker.sock/v1.19/images/json: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
```
Signed-off-by: Damien Nozay <damien.nozay@gmail.com>
With the 1.7 release, we introduced a change to how we store registry
credentials, but the build API endpoint did not expect a change in the format
of that file. This patch fixes this problem so that you can again pull private
images during `docker build`.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
This commit also brings in the ability to specify a default network and its
corresponding driver as daemon flags. This helps in existing clients to
make use of newer networking features provided by libnetwork.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Export image/container metadata stored in graph driver. Right now 3 fields
DeviceId, DeviceSize and DeviceName are being exported from devicemapper.
Other graph drivers can export fields as they see fit.
This data can be used to mount the thin device outside of docker and tools
can look into image/container and do some kind of inspection.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
This patch creates a new `tlsconfig` package to handle creation of
secure-enough TLS configurations for clients and servers.
The package was created by refactoring TLS code in the client and the
daemon. After this patch, it is expected that all code creating TLS
configurations use this `tlsconfig` package for greater security,
consistency and readability.
On the server side, this fixes a bug where --tlsverify was not taken
into account. Now, if specified, it will require the client to
authenticate.
Signed-off-by: Tibor Vass <tibor@docker.com>
Previous versions of libcontainer allowed CpuShares that were greater
than the maximum or less than the minimum supported by the kernel, and
relied on the kernel to do the right thing. Newer libcontainer fails
after creating the container if the requested CpuShares is different
from what was actually created by the kernel, which breaks compatibility
with earlier Docker Remote API versions. This change explicitly adjusts
the requested CpuShares in API versions < 1.20.
Signed-off-by: Samuel Karp <skarp@amazon.com>
Fixes#13107. This change enables Go duration strings
computed relative to the client machine’s time to be used
as input parameters to `docker events --since/--until`
and `docker logs --since` arguments.
Added unit tests for pkg/timeutils.GetTimestamp as well.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Phil Estes
John Howard
Alexander Morozov
Damien Nozay
Josh Hawn
David Calavera
Vincent Batts
Shijiang Wei
Sujith Haridasan
Arnaud Porterie
Sebastiaan van Stijn
Gildas Cuisinier
Madhu Venugopal
Antonio Murdaca
Lei Jitang
Tibor Vass
Josh Hawn
Vivek Goyal
Antonio Murdaca
Brian Goff
Darren Shepherd
Samuel Karp
Jessica Frazelle
Alexander Morozov
Qiang Huang
Antonio Murdaca
Ahmet Alp Balkan