Update our "registry" install to use the included Godeps libraries so that it
doesn't require anything from our current source (hence moving it up for
better caching too)
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
v2 ping now checks for a Docker-Distribution-API-Version
header that identifies the endpoint as "registry/2.0"
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Due to the iptables package being `init`ed at start of the docker
runtime, this means the iptables --wait command listing all rules
is run, no matter if the command is simply "docker -h". It makes
more sense to both locate the iptables command and check for the
wait flag support at the time iptables is actually used, as it
may not be used at all if certain network support is off/configured
differently.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Also, this decouples the emptyfs script from the busybox one -- they're now functionally separate thanks to the scratch no-op change. 👍
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
unshare the mount namespace of the docker daemon to avoid other pids
outside the daemon holding mount references of docker containers.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Fixes#9629#9768
A couple of issues:
1) Volume config is not restored if we couldn't find it with the graph
driver, but bind-mounts would never be found by the graph driver since
they aren't in that dir
2) container volumes were only being restored if they were found in the
volumes repo, but volumes created by old daemons wouldn't be in the
repo until the container is at least started.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This systemd.exec setting will construct a new mount namespace for the
docker daemon, and use slave shared-subtree mounts so that volume mounts
propogate correctly into containers.
By having an unshared mount namespace for the daemon it ensures that
mount references are not held by other pids outside of the docker
daemon. Frequently this can be seen in EBUSY or "device or resource
busy" errors.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
This is literally the only failing test on Go 1.3.3: 🎉
```
--- FAIL: TestBuildWithTabs (0.43 seconds)
docker_cli_build_test.go:4307: Missing tabs.
Got:["/bin/sh","-c","echo\u0009one\u0009\u0009two"]
Exp:["/bin/sh","-c","echo\tone\t\ttwo"]
```
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Addresses #5811
This cleans up an error in the logic which removes localhost resolvers
from the host resolv.conf at container creation start time. Specifically
when the determination is made if any nameservers are left after
removing localhost resolvers, it was using a string match on the word
"nameserver", which could have been anywhere (including commented out)
leading to incorrect situations where no nameservers were left but the
default ones were not added.
This also adds some complexity to the regular expressions for finding
nameservers in general, as well as matching on localhost resolvers due
to the recent addition of IPv6 support. Because of IPv6 support now
available in the Docker daemon, the resolvconf code is now aware of
IPv6 enable/disable state and uses that for both filter/cleaning of
nameservers as well as adding default Google DNS (IPv4 only vs. IPv4
and IPv6 if IPv6 enabled). For all these changes, tests have been
added/strengthened to test these additional capabilities.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
DM_UDEV_DISABLE_LIBRARY_FALLBACK is disabled by most applications today
when using device-mapper, and ensuring that device-mapper is in sync
with udev. This flag instructs devicemapper to not fallback to creating
the device nodes itself. In the case of udev sync not being supported,
devicemapper will attempt to create the devices in a timely manner,
regardless of udev.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
when initializing the devmapper driver, attempt to sync udev and device
mapper. If udev sync is not supported, print a warning. Eventually we'll
likely bail here to avoid unpredictable behavior for users.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Michael Crosby
Alexander Morozov
Tianon Gravi
Josh Hawn
Phil Estes
Michael Crosby
Fred Lifton
Vincent Batts
James Turnbull
Vincent Batts
Brian Goff
Jessie Frazelle
Daniel, Dao Quang Minh
Alexander Morozov
Jessica Frazelle
Sven Dowideit
Tibor Vass
unclejack
Arnaud Porterie
Ian Babrou