`Mounts` allows users to specify in a much safer way the volumes they
want to use in the container.
This replaces `Binds` and `Volumes`, which both still exist, but
`Mounts` and `Binds`/`Volumes` are exclussive.
The CLI will continue to use `Binds` and `Volumes` due to concerns with
parsing the volume specs on the client side and cross-platform support
(for now).
The new API follows exactly the services mount API.
Example usage of `Mounts`:
```
$ curl -XPOST localhost:2375/containers/create -d '{
"Image": "alpine:latest",
"HostConfig": {
"Mounts": [{
"Type": "Volume",
"Target": "/foo"
},{
"Type": "bind",
"Source": "/var/run/docker.sock",
"Target": "/var/run/docker.sock",
},{
"Type": "volume",
"Name": "important_data",
"Target": "/var/data",
"ReadOnly": true,
"VolumeOptions": {
"DriverConfig": {
Name: "awesomeStorage",
Options: {"size": "10m"},
Labels: {"some":"label"}
}
}]
}
}'
```
There are currently 2 types of mounts:
- **bind**: Paths on the host that get mounted into the
container. Paths must exist prior to creating the container.
- **volume**: Volumes that persist after the
container is removed.
Not all fields are available in each type, and validation is done to
ensure these fields aren't mixed up between types.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Writing the profile to /etc/apparmor.d, while also manually loading it
into the kernel results in quite a bit of confusion. In addition, it
means that people using apparmor but have /etc mounted read-only cannot
use apparmor at all on a Docker host.
Fix this by writing the profile to a temporary directory and deleting it
after it's been inserted.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
When `docker inspect` is invoked, it is possible to pass a flag of
`-s` for container types to display size information. If `-s` is used
for non-container types then a warning `WARNING: --size ignored for volume`
will show up.
However, currently `WARNING: --size ignored for volume` will show up even
when `-s` is not passed to `docker inspect` for non-container types.
This fix fixes this issue by checking if `-s` has been passed or not (`getSize`).
Also, since image inspect does not support `-s`, `IsSizeSupported` has been changed
to false for images.
This fix is tested manually.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Triaging issues has become a little challenging since the meat
of the information is below a large amount of unstructured
command line output. These changes add a description and move
the reproduction and expected/received results above the
unstructured output.
This should help for initial triaging, as well as self-triaging.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
A test failed expecting 200, but received -1, which is an err rc,
not an HTTP status code, so move these checks up.
Also log the output an not just check for a nil err.
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
When the `-t` flag is passed on exec make sure to add the TERM env var
to mirror the expected configuration from run.
Fixes#9299
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
