server.go 43 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495
  1. package server
  2. import (
  3. "bufio"
  4. "bytes"
  5. "crypto/tls"
  6. "crypto/x509"
  7. "encoding/base64"
  8. "encoding/json"
  9. "expvar"
  10. "fmt"
  11. "io"
  12. "io/ioutil"
  13. "net"
  14. "net/http"
  15. "net/http/pprof"
  16. "os"
  17. "strconv"
  18. "strings"
  19. "syscall"
  20. "code.google.com/p/go.net/websocket"
  21. "github.com/docker/libcontainer/user"
  22. "github.com/gorilla/mux"
  23. "github.com/docker/docker/api"
  24. "github.com/docker/docker/engine"
  25. "github.com/docker/docker/pkg/listenbuffer"
  26. "github.com/docker/docker/pkg/log"
  27. "github.com/docker/docker/pkg/parsers"
  28. "github.com/docker/docker/pkg/stdcopy"
  29. "github.com/docker/docker/pkg/systemd"
  30. "github.com/docker/docker/pkg/version"
  31. "github.com/docker/docker/registry"
  32. "github.com/docker/docker/utils"
  33. )
  34. var (
  35. activationLock chan struct{}
  36. )
  37. type HttpApiFunc func(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error
  38. func hijackServer(w http.ResponseWriter) (io.ReadCloser, io.Writer, error) {
  39. conn, _, err := w.(http.Hijacker).Hijack()
  40. if err != nil {
  41. return nil, nil, err
  42. }
  43. // Flush the options to make sure the client sets the raw mode
  44. conn.Write([]byte{})
  45. return conn, conn, nil
  46. }
  47. //If we don't do this, POST method without Content-type (even with empty body) will fail
  48. func parseForm(r *http.Request) error {
  49. if r == nil {
  50. return nil
  51. }
  52. if err := r.ParseForm(); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
  53. return err
  54. }
  55. return nil
  56. }
  57. func parseMultipartForm(r *http.Request) error {
  58. if err := r.ParseMultipartForm(4096); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
  59. return err
  60. }
  61. return nil
  62. }
  63. func httpError(w http.ResponseWriter, err error) {
  64. statusCode := http.StatusInternalServerError
  65. // FIXME: this is brittle and should not be necessary.
  66. // If we need to differentiate between different possible error types, we should
  67. // create appropriate error types with clearly defined meaning.
  68. if strings.Contains(err.Error(), "No such") {
  69. statusCode = http.StatusNotFound
  70. } else if strings.Contains(err.Error(), "Bad parameter") {
  71. statusCode = http.StatusBadRequest
  72. } else if strings.Contains(err.Error(), "Conflict") {
  73. statusCode = http.StatusConflict
  74. } else if strings.Contains(err.Error(), "Impossible") {
  75. statusCode = http.StatusNotAcceptable
  76. } else if strings.Contains(err.Error(), "Wrong login/password") {
  77. statusCode = http.StatusUnauthorized
  78. } else if strings.Contains(err.Error(), "hasn't been activated") {
  79. statusCode = http.StatusForbidden
  80. }
  81. if err != nil {
  82. log.Errorf("HTTP Error: statusCode=%d %s", statusCode, err.Error())
  83. http.Error(w, err.Error(), statusCode)
  84. }
  85. }
  86. func writeJSON(w http.ResponseWriter, code int, v engine.Env) error {
  87. w.Header().Set("Content-Type", "application/json")
  88. w.WriteHeader(code)
  89. return v.Encode(w)
  90. }
  91. func streamJSON(job *engine.Job, w http.ResponseWriter, flush bool) {
  92. w.Header().Set("Content-Type", "application/json")
  93. if flush {
  94. job.Stdout.Add(utils.NewWriteFlusher(w))
  95. } else {
  96. job.Stdout.Add(w)
  97. }
  98. }
  99. func getBoolParam(value string) (bool, error) {
  100. if value == "" {
  101. return false, nil
  102. }
  103. ret, err := strconv.ParseBool(value)
  104. if err != nil {
  105. return false, fmt.Errorf("Bad parameter")
  106. }
  107. return ret, nil
  108. }
  109. func postAuth(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  110. var (
  111. authConfig, err = ioutil.ReadAll(r.Body)
  112. job = eng.Job("auth")
  113. stdoutBuffer = bytes.NewBuffer(nil)
  114. )
  115. if err != nil {
  116. return err
  117. }
  118. job.Setenv("authConfig", string(authConfig))
  119. job.Stdout.Add(stdoutBuffer)
  120. if err = job.Run(); err != nil {
  121. return err
  122. }
  123. if status := engine.Tail(stdoutBuffer, 1); status != "" {
  124. var env engine.Env
  125. env.Set("Status", status)
  126. return writeJSON(w, http.StatusOK, env)
  127. }
  128. w.WriteHeader(http.StatusNoContent)
  129. return nil
  130. }
  131. func getVersion(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  132. w.Header().Set("Content-Type", "application/json")
  133. eng.ServeHTTP(w, r)
  134. return nil
  135. }
  136. func postContainersKill(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  137. if vars == nil {
  138. return fmt.Errorf("Missing parameter")
  139. }
  140. if err := parseForm(r); err != nil {
  141. return err
  142. }
  143. job := eng.Job("kill", vars["name"])
  144. if sig := r.Form.Get("signal"); sig != "" {
  145. job.Args = append(job.Args, sig)
  146. }
  147. if err := job.Run(); err != nil {
  148. return err
  149. }
  150. w.WriteHeader(http.StatusNoContent)
  151. return nil
  152. }
  153. func postContainersPause(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  154. if vars == nil {
  155. return fmt.Errorf("Missing parameter")
  156. }
  157. if err := parseForm(r); err != nil {
  158. return err
  159. }
  160. job := eng.Job("pause", vars["name"])
  161. if err := job.Run(); err != nil {
  162. return err
  163. }
  164. w.WriteHeader(http.StatusNoContent)
  165. return nil
  166. }
  167. func postContainersUnpause(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  168. if vars == nil {
  169. return fmt.Errorf("Missing parameter")
  170. }
  171. if err := parseForm(r); err != nil {
  172. return err
  173. }
  174. job := eng.Job("unpause", vars["name"])
  175. if err := job.Run(); err != nil {
  176. return err
  177. }
  178. w.WriteHeader(http.StatusNoContent)
  179. return nil
  180. }
  181. func getContainersExport(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  182. if vars == nil {
  183. return fmt.Errorf("Missing parameter")
  184. }
  185. job := eng.Job("export", vars["name"])
  186. job.Stdout.Add(w)
  187. if err := job.Run(); err != nil {
  188. return err
  189. }
  190. return nil
  191. }
  192. func getImagesJSON(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  193. if err := parseForm(r); err != nil {
  194. return err
  195. }
  196. var (
  197. err error
  198. outs *engine.Table
  199. job = eng.Job("images")
  200. )
  201. job.Setenv("filters", r.Form.Get("filters"))
  202. // FIXME this parameter could just be a match filter
  203. job.Setenv("filter", r.Form.Get("filter"))
  204. job.Setenv("all", r.Form.Get("all"))
  205. if version.GreaterThanOrEqualTo("1.7") {
  206. streamJSON(job, w, false)
  207. } else if outs, err = job.Stdout.AddListTable(); err != nil {
  208. return err
  209. }
  210. if err := job.Run(); err != nil {
  211. return err
  212. }
  213. if version.LessThan("1.7") && outs != nil { // Convert to legacy format
  214. outsLegacy := engine.NewTable("Created", 0)
  215. for _, out := range outs.Data {
  216. for _, repoTag := range out.GetList("RepoTags") {
  217. repo, tag := parsers.ParseRepositoryTag(repoTag)
  218. outLegacy := &engine.Env{}
  219. outLegacy.Set("Repository", repo)
  220. outLegacy.SetJson("Tag", tag)
  221. outLegacy.Set("Id", out.Get("Id"))
  222. outLegacy.SetInt64("Created", out.GetInt64("Created"))
  223. outLegacy.SetInt64("Size", out.GetInt64("Size"))
  224. outLegacy.SetInt64("VirtualSize", out.GetInt64("VirtualSize"))
  225. outsLegacy.Add(outLegacy)
  226. }
  227. }
  228. w.Header().Set("Content-Type", "application/json")
  229. if _, err := outsLegacy.WriteListTo(w); err != nil {
  230. return err
  231. }
  232. }
  233. return nil
  234. }
  235. func getImagesViz(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  236. if version.GreaterThan("1.6") {
  237. w.WriteHeader(http.StatusNotFound)
  238. return fmt.Errorf("This is now implemented in the client.")
  239. }
  240. eng.ServeHTTP(w, r)
  241. return nil
  242. }
  243. func getInfo(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  244. w.Header().Set("Content-Type", "application/json")
  245. eng.ServeHTTP(w, r)
  246. return nil
  247. }
  248. func getEvents(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  249. if err := parseForm(r); err != nil {
  250. return err
  251. }
  252. var job = eng.Job("events")
  253. // lineDelimited JSON events was added #7047
  254. job.SetenvBool("lineDelim", version.GreaterThanOrEqualTo("1.15"))
  255. streamJSON(job, w, true)
  256. job.Setenv("since", r.Form.Get("since"))
  257. job.Setenv("until", r.Form.Get("until"))
  258. return job.Run()
  259. }
  260. func getImagesHistory(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  261. if vars == nil {
  262. return fmt.Errorf("Missing parameter")
  263. }
  264. var job = eng.Job("history", vars["name"])
  265. streamJSON(job, w, false)
  266. if err := job.Run(); err != nil {
  267. return err
  268. }
  269. return nil
  270. }
  271. func getContainersChanges(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  272. if vars == nil {
  273. return fmt.Errorf("Missing parameter")
  274. }
  275. var job = eng.Job("container_changes", vars["name"])
  276. streamJSON(job, w, false)
  277. return job.Run()
  278. }
  279. func getContainersTop(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  280. if version.LessThan("1.4") {
  281. return fmt.Errorf("top was improved a lot since 1.3, Please upgrade your docker client.")
  282. }
  283. if vars == nil {
  284. return fmt.Errorf("Missing parameter")
  285. }
  286. if err := parseForm(r); err != nil {
  287. return err
  288. }
  289. job := eng.Job("top", vars["name"], r.Form.Get("ps_args"))
  290. streamJSON(job, w, false)
  291. return job.Run()
  292. }
  293. func getContainersJSON(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  294. if err := parseForm(r); err != nil {
  295. return err
  296. }
  297. var (
  298. err error
  299. outs *engine.Table
  300. job = eng.Job("containers")
  301. )
  302. job.Setenv("all", r.Form.Get("all"))
  303. job.Setenv("size", r.Form.Get("size"))
  304. job.Setenv("since", r.Form.Get("since"))
  305. job.Setenv("before", r.Form.Get("before"))
  306. job.Setenv("limit", r.Form.Get("limit"))
  307. job.Setenv("filters", r.Form.Get("filters"))
  308. if version.GreaterThanOrEqualTo("1.5") {
  309. streamJSON(job, w, false)
  310. } else if outs, err = job.Stdout.AddTable(); err != nil {
  311. return err
  312. }
  313. if err = job.Run(); err != nil {
  314. return err
  315. }
  316. if version.LessThan("1.5") { // Convert to legacy format
  317. for _, out := range outs.Data {
  318. ports := engine.NewTable("", 0)
  319. ports.ReadListFrom([]byte(out.Get("Ports")))
  320. out.Set("Ports", api.DisplayablePorts(ports))
  321. }
  322. w.Header().Set("Content-Type", "application/json")
  323. if _, err = outs.WriteListTo(w); err != nil {
  324. return err
  325. }
  326. }
  327. return nil
  328. }
  329. func getContainersLogs(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  330. if err := parseForm(r); err != nil {
  331. return err
  332. }
  333. if vars == nil {
  334. return fmt.Errorf("Missing parameter")
  335. }
  336. var (
  337. inspectJob = eng.Job("container_inspect", vars["name"])
  338. logsJob = eng.Job("logs", vars["name"])
  339. c, err = inspectJob.Stdout.AddEnv()
  340. )
  341. if err != nil {
  342. return err
  343. }
  344. logsJob.Setenv("follow", r.Form.Get("follow"))
  345. logsJob.Setenv("tail", r.Form.Get("tail"))
  346. logsJob.Setenv("stdout", r.Form.Get("stdout"))
  347. logsJob.Setenv("stderr", r.Form.Get("stderr"))
  348. logsJob.Setenv("timestamps", r.Form.Get("timestamps"))
  349. // Validate args here, because we can't return not StatusOK after job.Run() call
  350. stdout, stderr := logsJob.GetenvBool("stdout"), logsJob.GetenvBool("stderr")
  351. if !(stdout || stderr) {
  352. return fmt.Errorf("Bad parameters: you must choose at least one stream")
  353. }
  354. if err = inspectJob.Run(); err != nil {
  355. return err
  356. }
  357. var outStream, errStream io.Writer
  358. outStream = utils.NewWriteFlusher(w)
  359. if c.GetSubEnv("Config") != nil && !c.GetSubEnv("Config").GetBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
  360. errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
  361. outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
  362. } else {
  363. errStream = outStream
  364. }
  365. logsJob.Stdout.Add(outStream)
  366. logsJob.Stderr.Set(errStream)
  367. if err := logsJob.Run(); err != nil {
  368. fmt.Fprintf(outStream, "Error running logs job: %s\n", err)
  369. }
  370. return nil
  371. }
  372. func postImagesTag(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  373. if err := parseForm(r); err != nil {
  374. return err
  375. }
  376. if vars == nil {
  377. return fmt.Errorf("Missing parameter")
  378. }
  379. job := eng.Job("tag", vars["name"], r.Form.Get("repo"), r.Form.Get("tag"))
  380. job.Setenv("force", r.Form.Get("force"))
  381. if err := job.Run(); err != nil {
  382. return err
  383. }
  384. w.WriteHeader(http.StatusCreated)
  385. return nil
  386. }
  387. func postCommit(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  388. if err := parseForm(r); err != nil {
  389. return err
  390. }
  391. var (
  392. config engine.Env
  393. env engine.Env
  394. job = eng.Job("commit", r.Form.Get("container"))
  395. stdoutBuffer = bytes.NewBuffer(nil)
  396. )
  397. if err := config.Decode(r.Body); err != nil {
  398. log.Errorf("%s", err)
  399. }
  400. if r.FormValue("pause") == "" && version.GreaterThanOrEqualTo("1.13") {
  401. job.Setenv("pause", "1")
  402. } else {
  403. job.Setenv("pause", r.FormValue("pause"))
  404. }
  405. job.Setenv("repo", r.Form.Get("repo"))
  406. job.Setenv("tag", r.Form.Get("tag"))
  407. job.Setenv("author", r.Form.Get("author"))
  408. job.Setenv("comment", r.Form.Get("comment"))
  409. job.SetenvSubEnv("config", &config)
  410. job.Stdout.Add(stdoutBuffer)
  411. if err := job.Run(); err != nil {
  412. return err
  413. }
  414. env.Set("Id", engine.Tail(stdoutBuffer, 1))
  415. return writeJSON(w, http.StatusCreated, env)
  416. }
  417. // Creates an image from Pull or from Import
  418. func postImagesCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  419. if err := parseForm(r); err != nil {
  420. return err
  421. }
  422. var (
  423. image = r.Form.Get("fromImage")
  424. repo = r.Form.Get("repo")
  425. tag = r.Form.Get("tag")
  426. job *engine.Job
  427. )
  428. authEncoded := r.Header.Get("X-Registry-Auth")
  429. authConfig := &registry.AuthConfig{}
  430. if authEncoded != "" {
  431. authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
  432. if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
  433. // for a pull it is not an error if no auth was given
  434. // to increase compatibility with the existing api it is defaulting to be empty
  435. authConfig = &registry.AuthConfig{}
  436. }
  437. }
  438. if image != "" { //pull
  439. if tag == "" {
  440. image, tag = parsers.ParseRepositoryTag(image)
  441. }
  442. metaHeaders := map[string][]string{}
  443. for k, v := range r.Header {
  444. if strings.HasPrefix(k, "X-Meta-") {
  445. metaHeaders[k] = v
  446. }
  447. }
  448. job = eng.Job("pull", image, tag)
  449. job.SetenvBool("parallel", version.GreaterThan("1.3"))
  450. job.SetenvJson("metaHeaders", metaHeaders)
  451. job.SetenvJson("authConfig", authConfig)
  452. } else { //import
  453. if tag == "" {
  454. repo, tag = parsers.ParseRepositoryTag(repo)
  455. }
  456. job = eng.Job("import", r.Form.Get("fromSrc"), repo, tag)
  457. job.Stdin.Add(r.Body)
  458. }
  459. if version.GreaterThan("1.0") {
  460. job.SetenvBool("json", true)
  461. streamJSON(job, w, true)
  462. } else {
  463. job.Stdout.Add(utils.NewWriteFlusher(w))
  464. }
  465. if err := job.Run(); err != nil {
  466. if !job.Stdout.Used() {
  467. return err
  468. }
  469. sf := utils.NewStreamFormatter(version.GreaterThan("1.0"))
  470. w.Write(sf.FormatError(err))
  471. }
  472. return nil
  473. }
  474. func getImagesSearch(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  475. if err := parseForm(r); err != nil {
  476. return err
  477. }
  478. var (
  479. authEncoded = r.Header.Get("X-Registry-Auth")
  480. authConfig = &registry.AuthConfig{}
  481. metaHeaders = map[string][]string{}
  482. )
  483. if authEncoded != "" {
  484. authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
  485. if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
  486. // for a search it is not an error if no auth was given
  487. // to increase compatibility with the existing api it is defaulting to be empty
  488. authConfig = &registry.AuthConfig{}
  489. }
  490. }
  491. for k, v := range r.Header {
  492. if strings.HasPrefix(k, "X-Meta-") {
  493. metaHeaders[k] = v
  494. }
  495. }
  496. var job = eng.Job("search", r.Form.Get("term"))
  497. job.SetenvJson("metaHeaders", metaHeaders)
  498. job.SetenvJson("authConfig", authConfig)
  499. streamJSON(job, w, false)
  500. return job.Run()
  501. }
  502. func postImagesPush(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  503. if vars == nil {
  504. return fmt.Errorf("Missing parameter")
  505. }
  506. metaHeaders := map[string][]string{}
  507. for k, v := range r.Header {
  508. if strings.HasPrefix(k, "X-Meta-") {
  509. metaHeaders[k] = v
  510. }
  511. }
  512. if err := parseForm(r); err != nil {
  513. return err
  514. }
  515. authConfig := &registry.AuthConfig{}
  516. authEncoded := r.Header.Get("X-Registry-Auth")
  517. if authEncoded != "" {
  518. // the new format is to handle the authConfig as a header
  519. authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
  520. if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
  521. // to increase compatibility to existing api it is defaulting to be empty
  522. authConfig = &registry.AuthConfig{}
  523. }
  524. } else {
  525. // the old format is supported for compatibility if there was no authConfig header
  526. if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
  527. return err
  528. }
  529. }
  530. job := eng.Job("push", vars["name"])
  531. job.SetenvJson("metaHeaders", metaHeaders)
  532. job.SetenvJson("authConfig", authConfig)
  533. job.Setenv("tag", r.Form.Get("tag"))
  534. if version.GreaterThan("1.0") {
  535. job.SetenvBool("json", true)
  536. streamJSON(job, w, true)
  537. } else {
  538. job.Stdout.Add(utils.NewWriteFlusher(w))
  539. }
  540. if err := job.Run(); err != nil {
  541. if !job.Stdout.Used() {
  542. return err
  543. }
  544. sf := utils.NewStreamFormatter(version.GreaterThan("1.0"))
  545. w.Write(sf.FormatError(err))
  546. }
  547. return nil
  548. }
  549. func getImagesGet(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  550. if vars == nil {
  551. return fmt.Errorf("Missing parameter")
  552. }
  553. if err := parseForm(r); err != nil {
  554. return err
  555. }
  556. if version.GreaterThan("1.0") {
  557. w.Header().Set("Content-Type", "application/x-tar")
  558. }
  559. var job *engine.Job
  560. if name, ok := vars["name"]; ok {
  561. job = eng.Job("image_export", name)
  562. } else {
  563. job = eng.Job("image_export", r.Form["names"]...)
  564. }
  565. job.Stdout.Add(w)
  566. return job.Run()
  567. }
  568. func postImagesLoad(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  569. job := eng.Job("load")
  570. job.Stdin.Add(r.Body)
  571. return job.Run()
  572. }
  573. func postContainersCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  574. if err := parseForm(r); err != nil {
  575. return nil
  576. }
  577. var (
  578. out engine.Env
  579. job = eng.Job("create", r.Form.Get("name"))
  580. outWarnings []string
  581. stdoutBuffer = bytes.NewBuffer(nil)
  582. warnings = bytes.NewBuffer(nil)
  583. )
  584. if err := job.DecodeEnv(r.Body); err != nil {
  585. return err
  586. }
  587. // Read container ID from the first line of stdout
  588. job.Stdout.Add(stdoutBuffer)
  589. // Read warnings from stderr
  590. job.Stderr.Add(warnings)
  591. if err := job.Run(); err != nil {
  592. return err
  593. }
  594. // Parse warnings from stderr
  595. scanner := bufio.NewScanner(warnings)
  596. for scanner.Scan() {
  597. outWarnings = append(outWarnings, scanner.Text())
  598. }
  599. out.Set("Id", engine.Tail(stdoutBuffer, 1))
  600. out.SetList("Warnings", outWarnings)
  601. return writeJSON(w, http.StatusCreated, out)
  602. }
  603. func postContainersRestart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  604. if err := parseForm(r); err != nil {
  605. return err
  606. }
  607. if vars == nil {
  608. return fmt.Errorf("Missing parameter")
  609. }
  610. job := eng.Job("restart", vars["name"])
  611. job.Setenv("t", r.Form.Get("t"))
  612. if err := job.Run(); err != nil {
  613. return err
  614. }
  615. w.WriteHeader(http.StatusNoContent)
  616. return nil
  617. }
  618. func deleteContainers(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  619. if err := parseForm(r); err != nil {
  620. return err
  621. }
  622. if vars == nil {
  623. return fmt.Errorf("Missing parameter")
  624. }
  625. job := eng.Job("rm", vars["name"])
  626. job.Setenv("forceRemove", r.Form.Get("force"))
  627. job.Setenv("removeVolume", r.Form.Get("v"))
  628. job.Setenv("removeLink", r.Form.Get("link"))
  629. if err := job.Run(); err != nil {
  630. return err
  631. }
  632. w.WriteHeader(http.StatusNoContent)
  633. return nil
  634. }
  635. func deleteImages(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  636. if err := parseForm(r); err != nil {
  637. return err
  638. }
  639. if vars == nil {
  640. return fmt.Errorf("Missing parameter")
  641. }
  642. var job = eng.Job("image_delete", vars["name"])
  643. streamJSON(job, w, false)
  644. job.Setenv("force", r.Form.Get("force"))
  645. job.Setenv("noprune", r.Form.Get("noprune"))
  646. return job.Run()
  647. }
  648. func postContainersStart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  649. if vars == nil {
  650. return fmt.Errorf("Missing parameter")
  651. }
  652. var (
  653. name = vars["name"]
  654. job = eng.Job("start", name)
  655. )
  656. // allow a nil body for backwards compatibility
  657. if r.Body != nil && r.ContentLength > 0 {
  658. if !api.MatchesContentType(r.Header.Get("Content-Type"), "application/json") {
  659. return fmt.Errorf("Content-Type of application/json is required")
  660. }
  661. if err := job.DecodeEnv(r.Body); err != nil {
  662. return err
  663. }
  664. }
  665. if err := job.Run(); err != nil {
  666. if err.Error() == "Container already started" {
  667. w.WriteHeader(http.StatusNotModified)
  668. return nil
  669. }
  670. return err
  671. }
  672. w.WriteHeader(http.StatusNoContent)
  673. return nil
  674. }
  675. func postContainersStop(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  676. if err := parseForm(r); err != nil {
  677. return err
  678. }
  679. if vars == nil {
  680. return fmt.Errorf("Missing parameter")
  681. }
  682. job := eng.Job("stop", vars["name"])
  683. job.Setenv("t", r.Form.Get("t"))
  684. if err := job.Run(); err != nil {
  685. if err.Error() == "Container already stopped" {
  686. w.WriteHeader(http.StatusNotModified)
  687. return nil
  688. }
  689. return err
  690. }
  691. w.WriteHeader(http.StatusNoContent)
  692. return nil
  693. }
  694. func postContainersWait(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  695. if vars == nil {
  696. return fmt.Errorf("Missing parameter")
  697. }
  698. var (
  699. env engine.Env
  700. stdoutBuffer = bytes.NewBuffer(nil)
  701. job = eng.Job("wait", vars["name"])
  702. )
  703. job.Stdout.Add(stdoutBuffer)
  704. if err := job.Run(); err != nil {
  705. return err
  706. }
  707. env.Set("StatusCode", engine.Tail(stdoutBuffer, 1))
  708. return writeJSON(w, http.StatusOK, env)
  709. }
  710. func postContainersResize(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  711. if err := parseForm(r); err != nil {
  712. return err
  713. }
  714. if vars == nil {
  715. return fmt.Errorf("Missing parameter")
  716. }
  717. if err := eng.Job("resize", vars["name"], r.Form.Get("h"), r.Form.Get("w")).Run(); err != nil {
  718. return err
  719. }
  720. return nil
  721. }
  722. func postContainersAttach(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  723. if err := parseForm(r); err != nil {
  724. return err
  725. }
  726. if vars == nil {
  727. return fmt.Errorf("Missing parameter")
  728. }
  729. var (
  730. job = eng.Job("container_inspect", vars["name"])
  731. c, err = job.Stdout.AddEnv()
  732. )
  733. if err != nil {
  734. return err
  735. }
  736. if err = job.Run(); err != nil {
  737. return err
  738. }
  739. inStream, outStream, err := hijackServer(w)
  740. if err != nil {
  741. return err
  742. }
  743. defer func() {
  744. if tcpc, ok := inStream.(*net.TCPConn); ok {
  745. tcpc.CloseWrite()
  746. } else {
  747. inStream.Close()
  748. }
  749. }()
  750. defer func() {
  751. if tcpc, ok := outStream.(*net.TCPConn); ok {
  752. tcpc.CloseWrite()
  753. } else if closer, ok := outStream.(io.Closer); ok {
  754. closer.Close()
  755. }
  756. }()
  757. var errStream io.Writer
  758. fmt.Fprintf(outStream, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
  759. if c.GetSubEnv("Config") != nil && !c.GetSubEnv("Config").GetBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
  760. errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
  761. outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
  762. } else {
  763. errStream = outStream
  764. }
  765. job = eng.Job("attach", vars["name"])
  766. job.Setenv("logs", r.Form.Get("logs"))
  767. job.Setenv("stream", r.Form.Get("stream"))
  768. job.Setenv("stdin", r.Form.Get("stdin"))
  769. job.Setenv("stdout", r.Form.Get("stdout"))
  770. job.Setenv("stderr", r.Form.Get("stderr"))
  771. job.Stdin.Add(inStream)
  772. job.Stdout.Add(outStream)
  773. job.Stderr.Set(errStream)
  774. if err := job.Run(); err != nil {
  775. fmt.Fprintf(outStream, "Error attaching: %s\n", err)
  776. }
  777. return nil
  778. }
  779. func wsContainersAttach(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  780. if err := parseForm(r); err != nil {
  781. return err
  782. }
  783. if vars == nil {
  784. return fmt.Errorf("Missing parameter")
  785. }
  786. if err := eng.Job("container_inspect", vars["name"]).Run(); err != nil {
  787. return err
  788. }
  789. h := websocket.Handler(func(ws *websocket.Conn) {
  790. defer ws.Close()
  791. job := eng.Job("attach", vars["name"])
  792. job.Setenv("logs", r.Form.Get("logs"))
  793. job.Setenv("stream", r.Form.Get("stream"))
  794. job.Setenv("stdin", r.Form.Get("stdin"))
  795. job.Setenv("stdout", r.Form.Get("stdout"))
  796. job.Setenv("stderr", r.Form.Get("stderr"))
  797. job.Stdin.Add(ws)
  798. job.Stdout.Add(ws)
  799. job.Stderr.Set(ws)
  800. if err := job.Run(); err != nil {
  801. log.Errorf("Error attaching websocket: %s", err)
  802. }
  803. })
  804. h.ServeHTTP(w, r)
  805. return nil
  806. }
  807. func getContainersByName(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  808. if vars == nil {
  809. return fmt.Errorf("Missing parameter")
  810. }
  811. var job = eng.Job("container_inspect", vars["name"])
  812. if version.LessThan("1.12") {
  813. job.SetenvBool("raw", true)
  814. }
  815. streamJSON(job, w, false)
  816. return job.Run()
  817. }
  818. func getImagesByName(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  819. if vars == nil {
  820. return fmt.Errorf("Missing parameter")
  821. }
  822. var job = eng.Job("image_inspect", vars["name"])
  823. if version.LessThan("1.12") {
  824. job.SetenvBool("raw", true)
  825. }
  826. streamJSON(job, w, false)
  827. return job.Run()
  828. }
  829. func postBuild(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  830. if version.LessThan("1.3") {
  831. return fmt.Errorf("Multipart upload for build is no longer supported. Please upgrade your docker client.")
  832. }
  833. var (
  834. authEncoded = r.Header.Get("X-Registry-Auth")
  835. authConfig = &registry.AuthConfig{}
  836. configFileEncoded = r.Header.Get("X-Registry-Config")
  837. configFile = &registry.ConfigFile{}
  838. job = eng.Job("build")
  839. )
  840. // This block can be removed when API versions prior to 1.9 are deprecated.
  841. // Both headers will be parsed and sent along to the daemon, but if a non-empty
  842. // ConfigFile is present, any value provided as an AuthConfig directly will
  843. // be overridden. See BuildFile::CmdFrom for details.
  844. if version.LessThan("1.9") && authEncoded != "" {
  845. authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
  846. if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
  847. // for a pull it is not an error if no auth was given
  848. // to increase compatibility with the existing api it is defaulting to be empty
  849. authConfig = &registry.AuthConfig{}
  850. }
  851. }
  852. if configFileEncoded != "" {
  853. configFileJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(configFileEncoded))
  854. if err := json.NewDecoder(configFileJson).Decode(configFile); err != nil {
  855. // for a pull it is not an error if no auth was given
  856. // to increase compatibility with the existing api it is defaulting to be empty
  857. configFile = &registry.ConfigFile{}
  858. }
  859. }
  860. if version.GreaterThanOrEqualTo("1.8") {
  861. job.SetenvBool("json", true)
  862. streamJSON(job, w, true)
  863. } else {
  864. job.Stdout.Add(utils.NewWriteFlusher(w))
  865. }
  866. if r.FormValue("forcerm") == "1" && version.GreaterThanOrEqualTo("1.12") {
  867. job.Setenv("rm", "1")
  868. } else if r.FormValue("rm") == "" && version.GreaterThanOrEqualTo("1.12") {
  869. job.Setenv("rm", "1")
  870. } else {
  871. job.Setenv("rm", r.FormValue("rm"))
  872. }
  873. job.Stdin.Add(r.Body)
  874. job.Setenv("remote", r.FormValue("remote"))
  875. job.Setenv("t", r.FormValue("t"))
  876. job.Setenv("q", r.FormValue("q"))
  877. job.Setenv("nocache", r.FormValue("nocache"))
  878. job.Setenv("forcerm", r.FormValue("forcerm"))
  879. job.SetenvJson("authConfig", authConfig)
  880. job.SetenvJson("configFile", configFile)
  881. if err := job.Run(); err != nil {
  882. if !job.Stdout.Used() {
  883. return err
  884. }
  885. sf := utils.NewStreamFormatter(version.GreaterThanOrEqualTo("1.8"))
  886. w.Write(sf.FormatError(err))
  887. }
  888. return nil
  889. }
  890. func postContainersCopy(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  891. if vars == nil {
  892. return fmt.Errorf("Missing parameter")
  893. }
  894. var copyData engine.Env
  895. if contentType := r.Header.Get("Content-Type"); api.MatchesContentType(contentType, "application/json") {
  896. if err := copyData.Decode(r.Body); err != nil {
  897. return err
  898. }
  899. } else {
  900. return fmt.Errorf("Content-Type not supported: %s", contentType)
  901. }
  902. if copyData.Get("Resource") == "" {
  903. return fmt.Errorf("Path cannot be empty")
  904. }
  905. origResource := copyData.Get("Resource")
  906. if copyData.Get("Resource")[0] == '/' {
  907. copyData.Set("Resource", copyData.Get("Resource")[1:])
  908. }
  909. job := eng.Job("container_copy", vars["name"], copyData.Get("Resource"))
  910. job.Stdout.Add(w)
  911. w.Header().Set("Content-Type", "application/x-tar")
  912. if err := job.Run(); err != nil {
  913. log.Errorf("%s", err.Error())
  914. if strings.Contains(err.Error(), "No such container") {
  915. w.WriteHeader(http.StatusNotFound)
  916. } else if strings.Contains(err.Error(), "no such file or directory") {
  917. return fmt.Errorf("Could not find the file %s in container %s", origResource, vars["name"])
  918. }
  919. }
  920. return nil
  921. }
  922. func postContainerExecCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  923. if err := parseForm(r); err != nil {
  924. return nil
  925. }
  926. var (
  927. out engine.Env
  928. name = vars["name"]
  929. job = eng.Job("execCreate", name)
  930. stdoutBuffer = bytes.NewBuffer(nil)
  931. )
  932. if err := job.DecodeEnv(r.Body); err != nil {
  933. return err
  934. }
  935. job.Stdout.Add(stdoutBuffer)
  936. // Register an instance of Exec in container.
  937. if err := job.Run(); err != nil {
  938. fmt.Fprintf(os.Stderr, "Error setting up exec command in container %s: %s\n", name, err)
  939. return err
  940. }
  941. // Return the ID
  942. out.Set("Id", engine.Tail(stdoutBuffer, 1))
  943. return writeJSON(w, http.StatusCreated, out)
  944. }
  945. func postContainerExecStart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  946. if err := parseForm(r); err != nil {
  947. return nil
  948. }
  949. var (
  950. name = vars["name"]
  951. job = eng.Job("execStart", name)
  952. errOut io.Writer = os.Stderr
  953. )
  954. if err := job.DecodeEnv(r.Body); err != nil {
  955. return err
  956. }
  957. if !job.GetenvBool("Detach") {
  958. // Setting up the streaming http interface.
  959. inStream, outStream, err := hijackServer(w)
  960. if err != nil {
  961. return err
  962. }
  963. defer func() {
  964. if tcpc, ok := inStream.(*net.TCPConn); ok {
  965. tcpc.CloseWrite()
  966. } else {
  967. inStream.Close()
  968. }
  969. }()
  970. defer func() {
  971. if tcpc, ok := outStream.(*net.TCPConn); ok {
  972. tcpc.CloseWrite()
  973. } else if closer, ok := outStream.(io.Closer); ok {
  974. closer.Close()
  975. }
  976. }()
  977. var errStream io.Writer
  978. fmt.Fprintf(outStream, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
  979. if !job.GetenvBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
  980. errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
  981. outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
  982. } else {
  983. errStream = outStream
  984. }
  985. job.Stdin.Add(inStream)
  986. job.Stdout.Add(outStream)
  987. job.Stderr.Set(errStream)
  988. errOut = outStream
  989. }
  990. // Now run the user process in container.
  991. job.SetCloseIO(false)
  992. if err := job.Run(); err != nil {
  993. fmt.Fprintf(errOut, "Error starting exec command in container %s: %s\n", name, err)
  994. return err
  995. }
  996. w.WriteHeader(http.StatusNoContent)
  997. return nil
  998. }
  999. func postContainerExecResize(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  1000. if err := parseForm(r); err != nil {
  1001. return err
  1002. }
  1003. if vars == nil {
  1004. return fmt.Errorf("Missing parameter")
  1005. }
  1006. if err := eng.Job("execResize", vars["name"], r.Form.Get("h"), r.Form.Get("w")).Run(); err != nil {
  1007. return err
  1008. }
  1009. return nil
  1010. }
  1011. func optionsHandler(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  1012. w.WriteHeader(http.StatusOK)
  1013. return nil
  1014. }
  1015. func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
  1016. w.Header().Add("Access-Control-Allow-Origin", "*")
  1017. w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
  1018. w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
  1019. }
  1020. func ping(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
  1021. _, err := w.Write([]byte{'O', 'K'})
  1022. return err
  1023. }
  1024. func makeHttpHandler(eng *engine.Engine, logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, enableCors bool, dockerVersion version.Version) http.HandlerFunc {
  1025. return func(w http.ResponseWriter, r *http.Request) {
  1026. // log the request
  1027. log.Debugf("Calling %s %s", localMethod, localRoute)
  1028. if logging {
  1029. log.Infof("%s %s", r.Method, r.RequestURI)
  1030. }
  1031. if strings.Contains(r.Header.Get("User-Agent"), "Docker-Client/") {
  1032. userAgent := strings.Split(r.Header.Get("User-Agent"), "/")
  1033. if len(userAgent) == 2 && !dockerVersion.Equal(version.Version(userAgent[1])) {
  1034. log.Debugf("Warning: client and server don't have the same version (client: %s, server: %s)", userAgent[1], dockerVersion)
  1035. }
  1036. }
  1037. version := version.Version(mux.Vars(r)["version"])
  1038. if version == "" {
  1039. version = api.APIVERSION
  1040. }
  1041. if enableCors {
  1042. writeCorsHeaders(w, r)
  1043. }
  1044. if version.GreaterThan(api.APIVERSION) {
  1045. http.Error(w, fmt.Errorf("client and server don't have same version (client : %s, server: %s)", version, api.APIVERSION).Error(), http.StatusNotFound)
  1046. return
  1047. }
  1048. if err := handlerFunc(eng, version, w, r, mux.Vars(r)); err != nil {
  1049. log.Errorf("Handler for %s %s returned error: %s", localMethod, localRoute, err)
  1050. httpError(w, err)
  1051. }
  1052. }
  1053. }
  1054. // Replicated from expvar.go as not public.
  1055. func expvarHandler(w http.ResponseWriter, r *http.Request) {
  1056. w.Header().Set("Content-Type", "application/json; charset=utf-8")
  1057. fmt.Fprintf(w, "{\n")
  1058. first := true
  1059. expvar.Do(func(kv expvar.KeyValue) {
  1060. if !first {
  1061. fmt.Fprintf(w, ",\n")
  1062. }
  1063. first = false
  1064. fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
  1065. })
  1066. fmt.Fprintf(w, "\n}\n")
  1067. }
  1068. func AttachProfiler(router *mux.Router) {
  1069. router.HandleFunc("/debug/vars", expvarHandler)
  1070. router.HandleFunc("/debug/pprof/", pprof.Index)
  1071. router.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
  1072. router.HandleFunc("/debug/pprof/profile", pprof.Profile)
  1073. router.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
  1074. router.HandleFunc("/debug/pprof/heap", pprof.Handler("heap").ServeHTTP)
  1075. router.HandleFunc("/debug/pprof/goroutine", pprof.Handler("goroutine").ServeHTTP)
  1076. router.HandleFunc("/debug/pprof/threadcreate", pprof.Handler("threadcreate").ServeHTTP)
  1077. }
  1078. func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion string) (*mux.Router, error) {
  1079. r := mux.NewRouter()
  1080. if os.Getenv("DEBUG") != "" {
  1081. AttachProfiler(r)
  1082. }
  1083. m := map[string]map[string]HttpApiFunc{
  1084. "GET": {
  1085. "/_ping": ping,
  1086. "/events": getEvents,
  1087. "/info": getInfo,
  1088. "/version": getVersion,
  1089. "/images/json": getImagesJSON,
  1090. "/images/viz": getImagesViz,
  1091. "/images/search": getImagesSearch,
  1092. "/images/get": getImagesGet,
  1093. "/images/{name:.*}/get": getImagesGet,
  1094. "/images/{name:.*}/history": getImagesHistory,
  1095. "/images/{name:.*}/json": getImagesByName,
  1096. "/containers/ps": getContainersJSON,
  1097. "/containers/json": getContainersJSON,
  1098. "/containers/{name:.*}/export": getContainersExport,
  1099. "/containers/{name:.*}/changes": getContainersChanges,
  1100. "/containers/{name:.*}/json": getContainersByName,
  1101. "/containers/{name:.*}/top": getContainersTop,
  1102. "/containers/{name:.*}/logs": getContainersLogs,
  1103. "/containers/{name:.*}/attach/ws": wsContainersAttach,
  1104. },
  1105. "POST": {
  1106. "/auth": postAuth,
  1107. "/commit": postCommit,
  1108. "/build": postBuild,
  1109. "/images/create": postImagesCreate,
  1110. "/images/load": postImagesLoad,
  1111. "/images/{name:.*}/push": postImagesPush,
  1112. "/images/{name:.*}/tag": postImagesTag,
  1113. "/containers/create": postContainersCreate,
  1114. "/containers/{name:.*}/kill": postContainersKill,
  1115. "/containers/{name:.*}/pause": postContainersPause,
  1116. "/containers/{name:.*}/unpause": postContainersUnpause,
  1117. "/containers/{name:.*}/restart": postContainersRestart,
  1118. "/containers/{name:.*}/start": postContainersStart,
  1119. "/containers/{name:.*}/stop": postContainersStop,
  1120. "/containers/{name:.*}/wait": postContainersWait,
  1121. "/containers/{name:.*}/resize": postContainersResize,
  1122. "/containers/{name:.*}/attach": postContainersAttach,
  1123. "/containers/{name:.*}/copy": postContainersCopy,
  1124. "/containers/{name:.*}/exec": postContainerExecCreate,
  1125. "/exec/{name:.*}/start": postContainerExecStart,
  1126. "/exec/{name:.*}/resize": postContainerExecResize,
  1127. },
  1128. "DELETE": {
  1129. "/containers/{name:.*}": deleteContainers,
  1130. "/images/{name:.*}": deleteImages,
  1131. },
  1132. "OPTIONS": {
  1133. "": optionsHandler,
  1134. },
  1135. }
  1136. for method, routes := range m {
  1137. for route, fct := range routes {
  1138. log.Debugf("Registering %s, %s", method, route)
  1139. // NOTE: scope issue, make sure the variables are local and won't be changed
  1140. localRoute := route
  1141. localFct := fct
  1142. localMethod := method
  1143. // build the handler function
  1144. f := makeHttpHandler(eng, logging, localMethod, localRoute, localFct, enableCors, version.Version(dockerVersion))
  1145. // add the new route
  1146. if localRoute == "" {
  1147. r.Methods(localMethod).HandlerFunc(f)
  1148. } else {
  1149. r.Path("/v{version:[0-9.]+}" + localRoute).Methods(localMethod).HandlerFunc(f)
  1150. r.Path(localRoute).Methods(localMethod).HandlerFunc(f)
  1151. }
  1152. }
  1153. }
  1154. return r, nil
  1155. }
  1156. // ServeRequest processes a single http request to the docker remote api.
  1157. // FIXME: refactor this to be part of Server and not require re-creating a new
  1158. // router each time. This requires first moving ListenAndServe into Server.
  1159. func ServeRequest(eng *engine.Engine, apiversion version.Version, w http.ResponseWriter, req *http.Request) error {
  1160. router, err := createRouter(eng, false, true, "")
  1161. if err != nil {
  1162. return err
  1163. }
  1164. // Insert APIVERSION into the request as a convenience
  1165. req.URL.Path = fmt.Sprintf("/v%s%s", apiversion, req.URL.Path)
  1166. router.ServeHTTP(w, req)
  1167. return nil
  1168. }
  1169. // ServeFD creates an http.Server and sets it up to serve given a socket activated
  1170. // argument.
  1171. func ServeFd(addr string, handle http.Handler) error {
  1172. ls, e := systemd.ListenFD(addr)
  1173. if e != nil {
  1174. return e
  1175. }
  1176. chErrors := make(chan error, len(ls))
  1177. // We don't want to start serving on these sockets until the
  1178. // daemon is initialized and installed. Otherwise required handlers
  1179. // won't be ready.
  1180. <-activationLock
  1181. // Since ListenFD will return one or more sockets we have
  1182. // to create a go func to spawn off multiple serves
  1183. for i := range ls {
  1184. listener := ls[i]
  1185. go func() {
  1186. httpSrv := http.Server{Handler: handle}
  1187. chErrors <- httpSrv.Serve(listener)
  1188. }()
  1189. }
  1190. for i := 0; i < len(ls); i++ {
  1191. err := <-chErrors
  1192. if err != nil {
  1193. return err
  1194. }
  1195. }
  1196. return nil
  1197. }
  1198. func lookupGidByName(nameOrGid string) (int, error) {
  1199. groups, err := user.ParseGroupFilter(func(g *user.Group) bool {
  1200. return g.Name == nameOrGid || strconv.Itoa(g.Gid) == nameOrGid
  1201. })
  1202. if err != nil {
  1203. return -1, err
  1204. }
  1205. if groups != nil && len(groups) > 0 {
  1206. return groups[0].Gid, nil
  1207. }
  1208. return -1, fmt.Errorf("Group %s not found", nameOrGid)
  1209. }
  1210. func changeGroup(addr string, nameOrGid string) error {
  1211. gid, err := lookupGidByName(nameOrGid)
  1212. if err != nil {
  1213. return err
  1214. }
  1215. log.Debugf("%s group found. gid: %d", nameOrGid, gid)
  1216. return os.Chown(addr, 0, gid)
  1217. }
  1218. // ListenAndServe sets up the required http.Server and gets it listening for
  1219. // each addr passed in and does protocol specific checking.
  1220. func ListenAndServe(proto, addr string, job *engine.Job) error {
  1221. var l net.Listener
  1222. r, err := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
  1223. if err != nil {
  1224. return err
  1225. }
  1226. if proto == "fd" {
  1227. return ServeFd(addr, r)
  1228. }
  1229. if proto == "unix" {
  1230. if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
  1231. return err
  1232. }
  1233. }
  1234. var oldmask int
  1235. if proto == "unix" {
  1236. oldmask = syscall.Umask(0777)
  1237. }
  1238. if job.GetenvBool("BufferRequests") {
  1239. l, err = listenbuffer.NewListenBuffer(proto, addr, activationLock)
  1240. } else {
  1241. l, err = net.Listen(proto, addr)
  1242. }
  1243. if proto == "unix" {
  1244. syscall.Umask(oldmask)
  1245. }
  1246. if err != nil {
  1247. return err
  1248. }
  1249. if proto != "unix" && (job.GetenvBool("Tls") || job.GetenvBool("TlsVerify")) {
  1250. tlsCert := job.Getenv("TlsCert")
  1251. tlsKey := job.Getenv("TlsKey")
  1252. cert, err := tls.LoadX509KeyPair(tlsCert, tlsKey)
  1253. if err != nil {
  1254. return fmt.Errorf("Couldn't load X509 key pair (%s, %s): %s. Key encrypted?",
  1255. tlsCert, tlsKey, err)
  1256. }
  1257. tlsConfig := &tls.Config{
  1258. NextProtos: []string{"http/1.1"},
  1259. Certificates: []tls.Certificate{cert},
  1260. }
  1261. if job.GetenvBool("TlsVerify") {
  1262. certPool := x509.NewCertPool()
  1263. file, err := ioutil.ReadFile(job.Getenv("TlsCa"))
  1264. if err != nil {
  1265. return fmt.Errorf("Couldn't read CA certificate: %s", err)
  1266. }
  1267. certPool.AppendCertsFromPEM(file)
  1268. tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
  1269. tlsConfig.ClientCAs = certPool
  1270. }
  1271. l = tls.NewListener(l, tlsConfig)
  1272. }
  1273. // Basic error and sanity checking
  1274. switch proto {
  1275. case "tcp":
  1276. if !strings.HasPrefix(addr, "127.0.0.1") && !job.GetenvBool("TlsVerify") {
  1277. log.Infof("/!\\ DON'T BIND ON ANOTHER IP ADDRESS THAN 127.0.0.1 IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
  1278. }
  1279. case "unix":
  1280. socketGroup := job.Getenv("SocketGroup")
  1281. if socketGroup != "" {
  1282. if err := changeGroup(addr, socketGroup); err != nil {
  1283. if socketGroup == "docker" {
  1284. // if the user hasn't explicitly specified the group ownership, don't fail on errors.
  1285. log.Debugf("Warning: could not chgrp %s to docker: %s", addr, err.Error())
  1286. } else {
  1287. return err
  1288. }
  1289. }
  1290. }
  1291. if err := os.Chmod(addr, 0660); err != nil {
  1292. return err
  1293. }
  1294. default:
  1295. return fmt.Errorf("Invalid protocol format.")
  1296. }
  1297. httpSrv := http.Server{Addr: addr, Handler: r}
  1298. return httpSrv.Serve(l)
  1299. }
  1300. // ServeApi loops through all of the protocols sent in to docker and spawns
  1301. // off a go routine to setup a serving http.Server for each.
  1302. func ServeApi(job *engine.Job) engine.Status {
  1303. if len(job.Args) == 0 {
  1304. return job.Errorf("usage: %s PROTO://ADDR [PROTO://ADDR ...]", job.Name)
  1305. }
  1306. var (
  1307. protoAddrs = job.Args
  1308. chErrors = make(chan error, len(protoAddrs))
  1309. )
  1310. activationLock = make(chan struct{})
  1311. for _, protoAddr := range protoAddrs {
  1312. protoAddrParts := strings.SplitN(protoAddr, "://", 2)
  1313. if len(protoAddrParts) != 2 {
  1314. return job.Errorf("usage: %s PROTO://ADDR [PROTO://ADDR ...]", job.Name)
  1315. }
  1316. go func() {
  1317. log.Infof("Listening for HTTP on %s (%s)", protoAddrParts[0], protoAddrParts[1])
  1318. chErrors <- ListenAndServe(protoAddrParts[0], protoAddrParts[1], job)
  1319. }()
  1320. }
  1321. for i := 0; i < len(protoAddrs); i++ {
  1322. err := <-chErrors
  1323. if err != nil {
  1324. return job.Error(err)
  1325. }
  1326. }
  1327. return engine.StatusOK
  1328. }
  1329. func AcceptConnections(job *engine.Job) engine.Status {
  1330. // Tell the init daemon we are accepting requests
  1331. go systemd.SdNotify("READY=1")
  1332. // close the lock so the listeners start accepting connections
  1333. if activationLock != nil {
  1334. close(activationLock)
  1335. }
  1336. return engine.StatusOK
  1337. }