Kernel has no limit for memory reservation, but in different
kernel versions, the default behavior is different.
On kernel 3.13,
docker run --rm --memory-reservation 1k busybox cat /sys/fs/cgroup/memory/memory.soft_limit_in_bytes
the output would be 4096, but on kernel 4.1, the output is 0.
Since we have minimum limit for memory and kernel memory, we
can have this limit for memory reservation as well, to make
the behavior consistent.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
All other options we have use `=` as separator, labels,
log configurations, graph configurations and so on.
We should be consistent and use `=` for the security
options too.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Progress toward being able to run integration-cli campaign using a
client hitting a remote host.
Most of these fixes imply flagging tests that assume they are running on
the same host than the Daemon. Also fixes the `contrib/httpserver` image
that couldn't run because of a dynamically linked Go binary inside the
busybox image.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
1. Replace raw `docker inspect -f xxx` with `inspectField`, to make code
cleaner and more consistent
2. assert the error in function `inspectField*` so we don't need to
assert the return value of it every time, this will make inspect easier.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Implement configurable detach keys (for `attach`, exec`, `run` and
`start`) using the client-side configuration
- Adds a `--detach-keys` flag to `attach`, `exec`, `run` and `start`
commands.
- Adds a new configuration field (in `~/.docker/config.json`) to
configure the default escape keys for docker client.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
If you run a
docker run command with --tmpfs /mountpoint:noexec
Or certain options that get translated into mount options, the mount command can get passed "" for mount data.
So this should be valid.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
/dev/sda wasn't an invalid device and this test failed, so, hopefully
/dev/sdX isn't going to exist in other envs.
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
Since seccomp is still a configurable build-tag, add a requirements
entry for seccomp, as well as move seccomp tests to "_unix" given it
won't be applicable to other platforms at this time.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
It will Tar up contents of child directory onto tmpfs if mounted over
This patch will use the new PreMount and PostMount hooks to "tar"
up the contents of the base image on top of tmpfs mount points.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Cgroup integtaion tests should cover:
- docker can run sucessfully with these options
- these cgroup options are set to HostConfig as expected
- these cgroup options are really set to cgroup files as expected
- other cases (wrong value, combinations etc..)
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
The LXC driver was deprecated in Docker 1.8.
Following the deprecation rules, we can remove a deprecated feature
after two major releases. LXC won't be supported anymore starting on Docker 1.10.
Signed-off-by: David Calavera <david.calavera@gmail.com>
The purpose of this PR is for users to distinguish Docker errors from
contained command errors.
This PR modifies 'docker run' exit codes to follow the chroot standard
for exit codes.
Exit status:
125 if 'docker run' itself fails
126 if contained command cannot be invoked
127 if contained command cannot be found
the exit status otherwise
Signed-off-by: Sally O'Malley <somalley@redhat.com>
David Calavera
Qiang Huang
Zhang Wei
Tonis Tiigi
Shijiang Wei
Jessica Frazelle
Mrunal Patel
Yong Tang
Antonio Murdaca
Arnaud Porterie
Brian Goff
Stefan Scherer
Jess Frazelle
Vincent Demeester
Dan Walsh
Ma Shimiao
Christy Perez
Christopher Jones
Phil Estes
Michael Crosby
Srini Brahmaroutu
Solomon Hykes
Sally O'Malley