This update changes the way hcsshim invokes Windows DLLs to avoid races
with the garbage collector. It also now uses go-winio to access the
pipes used for communication with processes running in the container;
this reduces the number of threads used by docker.exe, improving
scalability.
Signed-off-by: John Starks <jostarks@microsoft.com>
Fixes#14203
This bump fixes the issue of having the container's pipes connection
reset by peer because of using the json.Encoder and having a \n added to
the output.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This removes all references to InitPath and InitSha1, as well as pulling
in a few other minor engine-api fixes.
Signed-off-by: Aleksa Sarai <asarai@suse.com>
- Fixesdocker/docker#19576
- Fixed embedded DNS to listen in TCP as well
- Fixed a race-condition in IPAM to choose non-overlapping subnet for concurrent requests
Signed-off-by: Madhu Venugopal <madhu@docker.com>
This fixes a security vulnerability in Docker, which can cause a DoS
under certain circumstances. This is from the hotfix branch, so the
vendored commit is actually bf899fef451956be4abd63de6d6141d9f9096a02 in
runc master.
Signed-off-by: Aleksa Sarai <asarai@suse.com>
Another day, another revendor.
This revision of distribution is more tolerant of incorrect Content-Type
headers when fetching manifests.
Fixes#19526
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Fixes#19400
Note that this introduces an incompatibility with Docker 1.10-rc1,
because the media type used for schema1 manifests has been corrected in
the upstream distribution code. Docker 1.10-rc1 won't be able to pull
old manifests from Registry 2.3-rc0 and up, but because of this vendor
update, Docker 1.10-rc2 won't have this problem.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Tracks source repository information for each blob in the blobsum
service, which is then used to attempt to mount blobs from another
repository when pushing instead of having to re-push blobs to the same
registry.
Signed-off-by: Brian Bland <brian.bland@docker.com>
- Removed the isNodeAlive protection when user forces an endpoint delete
- Bridge driver supporting internal network option
- Backend implementation to support "force" option to network disconnect
- Fixing a regex in etchosts package to fixdocker/docker#19080
Signed-off-by: Madhu Venugopal <madhu@docker.com>
- replace /etc/hosts based name resolution with embedded DNS for user
defined networks
- overlay veth cleanup: docker/docker#18814
- check before programming ipv6 in bridge: docker/docker#19139
- diable DAD: docker/docker#18871
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
