1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639 |
- package server
- import (
- "bufio"
- "bytes"
- "encoding/base64"
- "encoding/json"
- "expvar"
- "fmt"
- "io"
- "io/ioutil"
- "net"
- "net/http"
- "net/http/pprof"
- "os"
- "strconv"
- "strings"
- "syscall"
- "crypto/tls"
- "crypto/x509"
- "code.google.com/p/go.net/websocket"
- "github.com/docker/libcontainer/user"
- "github.com/gorilla/mux"
- log "github.com/Sirupsen/logrus"
- "github.com/docker/docker/api"
- "github.com/docker/docker/daemon/networkdriver/portallocator"
- "github.com/docker/docker/engine"
- "github.com/docker/docker/pkg/listenbuffer"
- "github.com/docker/docker/pkg/parsers"
- "github.com/docker/docker/pkg/stdcopy"
- "github.com/docker/docker/pkg/systemd"
- "github.com/docker/docker/pkg/version"
- "github.com/docker/docker/registry"
- "github.com/docker/docker/utils"
- )
- var (
- activationLock chan struct{}
- )
- type HttpServer struct {
- srv *http.Server
- l net.Listener
- }
- func (s *HttpServer) Serve() error {
- return s.srv.Serve(s.l)
- }
- func (s *HttpServer) Close() error {
- return s.l.Close()
- }
- type HttpApiFunc func(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error
- func hijackServer(w http.ResponseWriter) (io.ReadCloser, io.Writer, error) {
- conn, _, err := w.(http.Hijacker).Hijack()
- if err != nil {
- return nil, nil, err
- }
- // Flush the options to make sure the client sets the raw mode
- conn.Write([]byte{})
- return conn, conn, nil
- }
- func closeStreams(streams ...interface{}) {
- for _, stream := range streams {
- if tcpc, ok := stream.(interface {
- CloseWrite() error
- }); ok {
- tcpc.CloseWrite()
- } else if closer, ok := stream.(io.Closer); ok {
- closer.Close()
- }
- }
- }
- // Check to make sure request's Content-Type is application/json
- func checkForJson(r *http.Request) error {
- ct := r.Header.Get("Content-Type")
- // No Content-Type header is ok as long as there's no Body
- if ct == "" {
- if r.Body == nil || r.ContentLength == 0 {
- return nil
- }
- }
- // Otherwise it better be json
- if api.MatchesContentType(ct, "application/json") {
- return nil
- }
- return fmt.Errorf("Content-Type specified (%s) must be 'application/json'", ct)
- }
- //If we don't do this, POST method without Content-type (even with empty body) will fail
- func parseForm(r *http.Request) error {
- if r == nil {
- return nil
- }
- if err := r.ParseForm(); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
- return err
- }
- return nil
- }
- func parseMultipartForm(r *http.Request) error {
- if err := r.ParseMultipartForm(4096); err != nil && !strings.HasPrefix(err.Error(), "mime:") {
- return err
- }
- return nil
- }
- func httpError(w http.ResponseWriter, err error) {
- statusCode := http.StatusInternalServerError
- // FIXME: this is brittle and should not be necessary.
- // If we need to differentiate between different possible error types, we should
- // create appropriate error types with clearly defined meaning.
- errStr := strings.ToLower(err.Error())
- if strings.Contains(errStr, "no such") {
- statusCode = http.StatusNotFound
- } else if strings.Contains(errStr, "bad parameter") {
- statusCode = http.StatusBadRequest
- } else if strings.Contains(errStr, "conflict") {
- statusCode = http.StatusConflict
- } else if strings.Contains(errStr, "impossible") {
- statusCode = http.StatusNotAcceptable
- } else if strings.Contains(errStr, "wrong login/password") {
- statusCode = http.StatusUnauthorized
- } else if strings.Contains(errStr, "hasn't been activated") {
- statusCode = http.StatusForbidden
- }
- if err != nil {
- log.Errorf("HTTP Error: statusCode=%d %s", statusCode, err.Error())
- http.Error(w, err.Error(), statusCode)
- }
- }
- func writeJSON(w http.ResponseWriter, code int, v engine.Env) error {
- w.Header().Set("Content-Type", "application/json")
- w.WriteHeader(code)
- return v.Encode(w)
- }
- func streamJSON(job *engine.Job, w http.ResponseWriter, flush bool) {
- w.Header().Set("Content-Type", "application/json")
- if flush {
- job.Stdout.Add(utils.NewWriteFlusher(w))
- } else {
- job.Stdout.Add(w)
- }
- }
- func getBoolParam(value string) (bool, error) {
- if value == "" {
- return false, nil
- }
- ret, err := strconv.ParseBool(value)
- if err != nil {
- return false, fmt.Errorf("Bad parameter")
- }
- return ret, nil
- }
- func postAuth(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- var (
- authConfig, err = ioutil.ReadAll(r.Body)
- job = eng.Job("auth")
- stdoutBuffer = bytes.NewBuffer(nil)
- )
- if err != nil {
- return err
- }
- job.Setenv("authConfig", string(authConfig))
- job.Stdout.Add(stdoutBuffer)
- if err = job.Run(); err != nil {
- return err
- }
- if status := engine.Tail(stdoutBuffer, 1); status != "" {
- var env engine.Env
- env.Set("Status", status)
- return writeJSON(w, http.StatusOK, env)
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func getVersion(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- w.Header().Set("Content-Type", "application/json")
- eng.ServeHTTP(w, r)
- return nil
- }
- func postContainersKill(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := parseForm(r); err != nil {
- return err
- }
- job := eng.Job("kill", vars["name"])
- if sig := r.Form.Get("signal"); sig != "" {
- job.Args = append(job.Args, sig)
- }
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainersPause(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := parseForm(r); err != nil {
- return err
- }
- job := eng.Job("pause", vars["name"])
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainersUnpause(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := parseForm(r); err != nil {
- return err
- }
- job := eng.Job("unpause", vars["name"])
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func getContainersExport(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- job := eng.Job("export", vars["name"])
- job.Stdout.Add(w)
- if err := job.Run(); err != nil {
- return err
- }
- return nil
- }
- func getImagesJSON(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var (
- err error
- outs *engine.Table
- job = eng.Job("images")
- )
- job.Setenv("filters", r.Form.Get("filters"))
- // FIXME this parameter could just be a match filter
- job.Setenv("filter", r.Form.Get("filter"))
- job.Setenv("all", r.Form.Get("all"))
- if version.GreaterThanOrEqualTo("1.7") {
- streamJSON(job, w, false)
- } else if outs, err = job.Stdout.AddListTable(); err != nil {
- return err
- }
- if err := job.Run(); err != nil {
- return err
- }
- if version.LessThan("1.7") && outs != nil { // Convert to legacy format
- outsLegacy := engine.NewTable("Created", 0)
- for _, out := range outs.Data {
- for _, repoTag := range out.GetList("RepoTags") {
- repo, tag := parsers.ParseRepositoryTag(repoTag)
- outLegacy := &engine.Env{}
- outLegacy.Set("Repository", repo)
- outLegacy.SetJson("Tag", tag)
- outLegacy.Set("Id", out.Get("Id"))
- outLegacy.SetInt64("Created", out.GetInt64("Created"))
- outLegacy.SetInt64("Size", out.GetInt64("Size"))
- outLegacy.SetInt64("VirtualSize", out.GetInt64("VirtualSize"))
- outsLegacy.Add(outLegacy)
- }
- }
- w.Header().Set("Content-Type", "application/json")
- if _, err := outsLegacy.WriteListTo(w); err != nil {
- return err
- }
- }
- return nil
- }
- func getImagesViz(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if version.GreaterThan("1.6") {
- w.WriteHeader(http.StatusNotFound)
- return fmt.Errorf("This is now implemented in the client.")
- }
- eng.ServeHTTP(w, r)
- return nil
- }
- func getInfo(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- w.Header().Set("Content-Type", "application/json")
- eng.ServeHTTP(w, r)
- return nil
- }
- func getEvents(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var job = eng.Job("events")
- streamJSON(job, w, true)
- job.Setenv("since", r.Form.Get("since"))
- job.Setenv("until", r.Form.Get("until"))
- job.Setenv("filters", r.Form.Get("filters"))
- return job.Run()
- }
- func getImagesHistory(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var job = eng.Job("history", vars["name"])
- streamJSON(job, w, false)
- if err := job.Run(); err != nil {
- return err
- }
- return nil
- }
- func getContainersChanges(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var job = eng.Job("container_changes", vars["name"])
- streamJSON(job, w, false)
- return job.Run()
- }
- func getContainersTop(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if version.LessThan("1.4") {
- return fmt.Errorf("top was improved a lot since 1.3, Please upgrade your docker client.")
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := parseForm(r); err != nil {
- return err
- }
- job := eng.Job("top", vars["name"], r.Form.Get("ps_args"))
- streamJSON(job, w, false)
- return job.Run()
- }
- func getContainersJSON(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var (
- err error
- outs *engine.Table
- job = eng.Job("containers")
- )
- job.Setenv("all", r.Form.Get("all"))
- job.Setenv("size", r.Form.Get("size"))
- job.Setenv("since", r.Form.Get("since"))
- job.Setenv("before", r.Form.Get("before"))
- job.Setenv("limit", r.Form.Get("limit"))
- job.Setenv("filters", r.Form.Get("filters"))
- if version.GreaterThanOrEqualTo("1.5") {
- streamJSON(job, w, false)
- } else if outs, err = job.Stdout.AddTable(); err != nil {
- return err
- }
- if err = job.Run(); err != nil {
- return err
- }
- if version.LessThan("1.5") { // Convert to legacy format
- for _, out := range outs.Data {
- ports := engine.NewTable("", 0)
- ports.ReadListFrom([]byte(out.Get("Ports")))
- out.Set("Ports", api.DisplayablePorts(ports))
- }
- w.Header().Set("Content-Type", "application/json")
- if _, err = outs.WriteListTo(w); err != nil {
- return err
- }
- }
- return nil
- }
- func getContainersLogs(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var (
- inspectJob = eng.Job("container_inspect", vars["name"])
- logsJob = eng.Job("logs", vars["name"])
- c, err = inspectJob.Stdout.AddEnv()
- )
- if err != nil {
- return err
- }
- logsJob.Setenv("follow", r.Form.Get("follow"))
- logsJob.Setenv("tail", r.Form.Get("tail"))
- logsJob.Setenv("stdout", r.Form.Get("stdout"))
- logsJob.Setenv("stderr", r.Form.Get("stderr"))
- logsJob.Setenv("timestamps", r.Form.Get("timestamps"))
- // Validate args here, because we can't return not StatusOK after job.Run() call
- stdout, stderr := logsJob.GetenvBool("stdout"), logsJob.GetenvBool("stderr")
- if !(stdout || stderr) {
- return fmt.Errorf("Bad parameters: you must choose at least one stream")
- }
- if err = inspectJob.Run(); err != nil {
- return err
- }
- var outStream, errStream io.Writer
- outStream = utils.NewWriteFlusher(w)
- if c.GetSubEnv("Config") != nil && !c.GetSubEnv("Config").GetBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
- errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
- outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
- } else {
- errStream = outStream
- }
- logsJob.Stdout.Add(outStream)
- logsJob.Stderr.Set(errStream)
- if err := logsJob.Run(); err != nil {
- fmt.Fprintf(outStream, "Error running logs job: %s\n", err)
- }
- return nil
- }
- func postImagesTag(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- job := eng.Job("tag", vars["name"], r.Form.Get("repo"), r.Form.Get("tag"))
- job.Setenv("force", r.Form.Get("force"))
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusCreated)
- return nil
- }
- func postCommit(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var (
- config engine.Env
- env engine.Env
- job = eng.Job("commit", r.Form.Get("container"))
- stdoutBuffer = bytes.NewBuffer(nil)
- )
- if err := checkForJson(r); err != nil {
- return err
- }
- if err := config.Decode(r.Body); err != nil {
- log.Errorf("%s", err)
- }
- if r.FormValue("pause") == "" && version.GreaterThanOrEqualTo("1.13") {
- job.Setenv("pause", "1")
- } else {
- job.Setenv("pause", r.FormValue("pause"))
- }
- job.Setenv("repo", r.Form.Get("repo"))
- job.Setenv("tag", r.Form.Get("tag"))
- job.Setenv("author", r.Form.Get("author"))
- job.Setenv("comment", r.Form.Get("comment"))
- job.SetenvSubEnv("config", &config)
- job.Stdout.Add(stdoutBuffer)
- if err := job.Run(); err != nil {
- return err
- }
- env.Set("Id", engine.Tail(stdoutBuffer, 1))
- return writeJSON(w, http.StatusCreated, env)
- }
- // Creates an image from Pull or from Import
- func postImagesCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var (
- image = r.Form.Get("fromImage")
- repo = r.Form.Get("repo")
- tag = r.Form.Get("tag")
- job *engine.Job
- )
- authEncoded := r.Header.Get("X-Registry-Auth")
- authConfig := ®istry.AuthConfig{}
- if authEncoded != "" {
- authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
- if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
- // for a pull it is not an error if no auth was given
- // to increase compatibility with the existing api it is defaulting to be empty
- authConfig = ®istry.AuthConfig{}
- }
- }
- if image != "" { //pull
- if tag == "" {
- image, tag = parsers.ParseRepositoryTag(image)
- }
- metaHeaders := map[string][]string{}
- for k, v := range r.Header {
- if strings.HasPrefix(k, "X-Meta-") {
- metaHeaders[k] = v
- }
- }
- job = eng.Job("pull", image, tag)
- job.SetenvBool("parallel", version.GreaterThan("1.3"))
- job.SetenvJson("metaHeaders", metaHeaders)
- job.SetenvJson("authConfig", authConfig)
- } else { //import
- if tag == "" {
- repo, tag = parsers.ParseRepositoryTag(repo)
- }
- job = eng.Job("import", r.Form.Get("fromSrc"), repo, tag)
- job.Stdin.Add(r.Body)
- }
- if version.GreaterThan("1.0") {
- job.SetenvBool("json", true)
- streamJSON(job, w, true)
- } else {
- job.Stdout.Add(utils.NewWriteFlusher(w))
- }
- if err := job.Run(); err != nil {
- if !job.Stdout.Used() {
- return err
- }
- sf := utils.NewStreamFormatter(version.GreaterThan("1.0"))
- w.Write(sf.FormatError(err))
- }
- return nil
- }
- func getImagesSearch(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- var (
- authEncoded = r.Header.Get("X-Registry-Auth")
- authConfig = ®istry.AuthConfig{}
- metaHeaders = map[string][]string{}
- )
- if authEncoded != "" {
- authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
- if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
- // for a search it is not an error if no auth was given
- // to increase compatibility with the existing api it is defaulting to be empty
- authConfig = ®istry.AuthConfig{}
- }
- }
- for k, v := range r.Header {
- if strings.HasPrefix(k, "X-Meta-") {
- metaHeaders[k] = v
- }
- }
- var job = eng.Job("search", r.Form.Get("term"))
- job.SetenvJson("metaHeaders", metaHeaders)
- job.SetenvJson("authConfig", authConfig)
- streamJSON(job, w, false)
- return job.Run()
- }
- func postImagesPush(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- metaHeaders := map[string][]string{}
- for k, v := range r.Header {
- if strings.HasPrefix(k, "X-Meta-") {
- metaHeaders[k] = v
- }
- }
- if err := parseForm(r); err != nil {
- return err
- }
- authConfig := ®istry.AuthConfig{}
- authEncoded := r.Header.Get("X-Registry-Auth")
- if authEncoded != "" {
- // the new format is to handle the authConfig as a header
- authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
- if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
- // to increase compatibility to existing api it is defaulting to be empty
- authConfig = ®istry.AuthConfig{}
- }
- } else {
- // the old format is supported for compatibility if there was no authConfig header
- if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
- return err
- }
- }
- job := eng.Job("push", vars["name"])
- job.SetenvJson("metaHeaders", metaHeaders)
- job.SetenvJson("authConfig", authConfig)
- job.Setenv("tag", r.Form.Get("tag"))
- if version.GreaterThan("1.0") {
- job.SetenvBool("json", true)
- streamJSON(job, w, true)
- } else {
- job.Stdout.Add(utils.NewWriteFlusher(w))
- }
- if err := job.Run(); err != nil {
- if !job.Stdout.Used() {
- return err
- }
- sf := utils.NewStreamFormatter(version.GreaterThan("1.0"))
- w.Write(sf.FormatError(err))
- }
- return nil
- }
- func getImagesGet(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := parseForm(r); err != nil {
- return err
- }
- if version.GreaterThan("1.0") {
- w.Header().Set("Content-Type", "application/x-tar")
- }
- var job *engine.Job
- if name, ok := vars["name"]; ok {
- job = eng.Job("image_export", name)
- } else {
- job = eng.Job("image_export", r.Form["names"]...)
- }
- job.Stdout.Add(w)
- return job.Run()
- }
- func postImagesLoad(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- job := eng.Job("load")
- job.Stdin.Add(r.Body)
- return job.Run()
- }
- func postContainersCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return nil
- }
- var (
- out engine.Env
- job = eng.Job("create", r.Form.Get("name"))
- outWarnings []string
- stdoutBuffer = bytes.NewBuffer(nil)
- warnings = bytes.NewBuffer(nil)
- )
- if err := checkForJson(r); err != nil {
- return err
- }
- if err := job.DecodeEnv(r.Body); err != nil {
- return err
- }
- // Read container ID from the first line of stdout
- job.Stdout.Add(stdoutBuffer)
- // Read warnings from stderr
- job.Stderr.Add(warnings)
- if err := job.Run(); err != nil {
- return err
- }
- // Parse warnings from stderr
- scanner := bufio.NewScanner(warnings)
- for scanner.Scan() {
- outWarnings = append(outWarnings, scanner.Text())
- }
- out.Set("Id", engine.Tail(stdoutBuffer, 1))
- out.SetList("Warnings", outWarnings)
- return writeJSON(w, http.StatusCreated, out)
- }
- func postContainersRestart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- job := eng.Job("restart", vars["name"])
- job.Setenv("t", r.Form.Get("t"))
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainerRename(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- newName := r.URL.Query().Get("name")
- job := eng.Job("container_rename", vars["name"], newName)
- job.Setenv("t", r.Form.Get("t"))
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func deleteContainers(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- job := eng.Job("rm", vars["name"])
- job.Setenv("forceRemove", r.Form.Get("force"))
- job.Setenv("removeVolume", r.Form.Get("v"))
- job.Setenv("removeLink", r.Form.Get("link"))
- if err := job.Run(); err != nil {
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func deleteImages(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var job = eng.Job("image_delete", vars["name"])
- streamJSON(job, w, false)
- job.Setenv("force", r.Form.Get("force"))
- job.Setenv("noprune", r.Form.Get("noprune"))
- return job.Run()
- }
- func postContainersStart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var (
- name = vars["name"]
- job = eng.Job("start", name)
- )
- // If contentLength is -1, we can assumed chunked encoding
- // or more technically that the length is unknown
- // http://golang.org/src/pkg/net/http/request.go#L139
- // net/http otherwise seems to swallow any headers related to chunked encoding
- // including r.TransferEncoding
- // allow a nil body for backwards compatibility
- if r.Body != nil && (r.ContentLength > 0 || r.ContentLength == -1) {
- if err := checkForJson(r); err != nil {
- return err
- }
- if err := job.DecodeEnv(r.Body); err != nil {
- return err
- }
- }
- if err := job.Run(); err != nil {
- if err.Error() == "Container already started" {
- w.WriteHeader(http.StatusNotModified)
- return nil
- }
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainersStop(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- job := eng.Job("stop", vars["name"])
- job.Setenv("t", r.Form.Get("t"))
- if err := job.Run(); err != nil {
- if err.Error() == "Container already stopped" {
- w.WriteHeader(http.StatusNotModified)
- return nil
- }
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainersWait(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var (
- env engine.Env
- stdoutBuffer = bytes.NewBuffer(nil)
- job = eng.Job("wait", vars["name"])
- )
- job.Stdout.Add(stdoutBuffer)
- if err := job.Run(); err != nil {
- return err
- }
- env.Set("StatusCode", engine.Tail(stdoutBuffer, 1))
- return writeJSON(w, http.StatusOK, env)
- }
- func postContainersResize(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := eng.Job("resize", vars["name"], r.Form.Get("h"), r.Form.Get("w")).Run(); err != nil {
- return err
- }
- return nil
- }
- func postContainersAttach(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var (
- job = eng.Job("container_inspect", vars["name"])
- c, err = job.Stdout.AddEnv()
- )
- if err != nil {
- return err
- }
- if err = job.Run(); err != nil {
- return err
- }
- inStream, outStream, err := hijackServer(w)
- if err != nil {
- return err
- }
- defer closeStreams(inStream, outStream)
- var errStream io.Writer
- if _, ok := r.Header["Upgrade"]; ok {
- fmt.Fprintf(outStream, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n")
- } else {
- fmt.Fprintf(outStream, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
- }
- if c.GetSubEnv("Config") != nil && !c.GetSubEnv("Config").GetBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
- errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
- outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
- } else {
- errStream = outStream
- }
- job = eng.Job("attach", vars["name"])
- job.Setenv("logs", r.Form.Get("logs"))
- job.Setenv("stream", r.Form.Get("stream"))
- job.Setenv("stdin", r.Form.Get("stdin"))
- job.Setenv("stdout", r.Form.Get("stdout"))
- job.Setenv("stderr", r.Form.Get("stderr"))
- job.Stdin.Add(inStream)
- job.Stdout.Add(outStream)
- job.Stderr.Set(errStream)
- if err := job.Run(); err != nil {
- fmt.Fprintf(outStream, "Error attaching: %s\n", err)
- }
- return nil
- }
- func wsContainersAttach(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := eng.Job("container_inspect", vars["name"]).Run(); err != nil {
- return err
- }
- h := websocket.Handler(func(ws *websocket.Conn) {
- defer ws.Close()
- job := eng.Job("attach", vars["name"])
- job.Setenv("logs", r.Form.Get("logs"))
- job.Setenv("stream", r.Form.Get("stream"))
- job.Setenv("stdin", r.Form.Get("stdin"))
- job.Setenv("stdout", r.Form.Get("stdout"))
- job.Setenv("stderr", r.Form.Get("stderr"))
- job.Stdin.Add(ws)
- job.Stdout.Add(ws)
- job.Stderr.Set(ws)
- if err := job.Run(); err != nil {
- log.Errorf("Error attaching websocket: %s", err)
- }
- })
- h.ServeHTTP(w, r)
- return nil
- }
- func getContainersByName(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var job = eng.Job("container_inspect", vars["name"])
- if version.LessThan("1.12") {
- job.SetenvBool("raw", true)
- }
- streamJSON(job, w, false)
- return job.Run()
- }
- func getExecByID(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter 'id'")
- }
- var job = eng.Job("execInspect", vars["id"])
- streamJSON(job, w, false)
- return job.Run()
- }
- func getImagesByName(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var job = eng.Job("image_inspect", vars["name"])
- if version.LessThan("1.12") {
- job.SetenvBool("raw", true)
- }
- streamJSON(job, w, false)
- return job.Run()
- }
- func postBuild(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if version.LessThan("1.3") {
- return fmt.Errorf("Multipart upload for build is no longer supported. Please upgrade your docker client.")
- }
- var (
- authEncoded = r.Header.Get("X-Registry-Auth")
- authConfig = ®istry.AuthConfig{}
- configFileEncoded = r.Header.Get("X-Registry-Config")
- configFile = ®istry.ConfigFile{}
- job = eng.Job("build")
- )
- // This block can be removed when API versions prior to 1.9 are deprecated.
- // Both headers will be parsed and sent along to the daemon, but if a non-empty
- // ConfigFile is present, any value provided as an AuthConfig directly will
- // be overridden. See BuildFile::CmdFrom for details.
- if version.LessThan("1.9") && authEncoded != "" {
- authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
- if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
- // for a pull it is not an error if no auth was given
- // to increase compatibility with the existing api it is defaulting to be empty
- authConfig = ®istry.AuthConfig{}
- }
- }
- if configFileEncoded != "" {
- configFileJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(configFileEncoded))
- if err := json.NewDecoder(configFileJson).Decode(configFile); err != nil {
- // for a pull it is not an error if no auth was given
- // to increase compatibility with the existing api it is defaulting to be empty
- configFile = ®istry.ConfigFile{}
- }
- }
- if version.GreaterThanOrEqualTo("1.8") {
- job.SetenvBool("json", true)
- streamJSON(job, w, true)
- } else {
- job.Stdout.Add(utils.NewWriteFlusher(w))
- }
- if r.FormValue("forcerm") == "1" && version.GreaterThanOrEqualTo("1.12") {
- job.Setenv("rm", "1")
- } else if r.FormValue("rm") == "" && version.GreaterThanOrEqualTo("1.12") {
- job.Setenv("rm", "1")
- } else {
- job.Setenv("rm", r.FormValue("rm"))
- }
- if r.FormValue("pull") == "1" && version.GreaterThanOrEqualTo("1.16") {
- job.Setenv("pull", "1")
- }
- job.Stdin.Add(r.Body)
- job.Setenv("remote", r.FormValue("remote"))
- job.Setenv("dockerfile", r.FormValue("dockerfile"))
- job.Setenv("t", r.FormValue("t"))
- job.Setenv("q", r.FormValue("q"))
- job.Setenv("nocache", r.FormValue("nocache"))
- job.Setenv("forcerm", r.FormValue("forcerm"))
- job.SetenvJson("authConfig", authConfig)
- job.SetenvJson("configFile", configFile)
- if err := job.Run(); err != nil {
- if !job.Stdout.Used() {
- return err
- }
- sf := utils.NewStreamFormatter(version.GreaterThanOrEqualTo("1.8"))
- w.Write(sf.FormatError(err))
- }
- return nil
- }
- func postContainersCopy(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- var copyData engine.Env
- if err := checkForJson(r); err != nil {
- return err
- }
- if err := copyData.Decode(r.Body); err != nil {
- return err
- }
- if copyData.Get("Resource") == "" {
- return fmt.Errorf("Path cannot be empty")
- }
- origResource := copyData.Get("Resource")
- if copyData.Get("Resource")[0] == '/' {
- copyData.Set("Resource", copyData.Get("Resource")[1:])
- }
- job := eng.Job("container_copy", vars["name"], copyData.Get("Resource"))
- job.Stdout.Add(w)
- w.Header().Set("Content-Type", "application/x-tar")
- if err := job.Run(); err != nil {
- log.Errorf("%s", err.Error())
- if strings.Contains(strings.ToLower(err.Error()), "no such container") {
- w.WriteHeader(http.StatusNotFound)
- } else if strings.Contains(err.Error(), "no such file or directory") {
- return fmt.Errorf("Could not find the file %s in container %s", origResource, vars["name"])
- }
- }
- return nil
- }
- func postContainerExecCreate(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return nil
- }
- var (
- out engine.Env
- name = vars["name"]
- job = eng.Job("execCreate", name)
- stdoutBuffer = bytes.NewBuffer(nil)
- )
- if err := job.DecodeEnv(r.Body); err != nil {
- return err
- }
- job.Stdout.Add(stdoutBuffer)
- // Register an instance of Exec in container.
- if err := job.Run(); err != nil {
- fmt.Fprintf(os.Stderr, "Error setting up exec command in container %s: %s\n", name, err)
- return err
- }
- // Return the ID
- out.Set("Id", engine.Tail(stdoutBuffer, 1))
- return writeJSON(w, http.StatusCreated, out)
- }
- // TODO(vishh): Refactor the code to avoid having to specify stream config as part of both create and start.
- func postContainerExecStart(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return nil
- }
- var (
- name = vars["name"]
- job = eng.Job("execStart", name)
- errOut io.Writer = os.Stderr
- )
- if err := job.DecodeEnv(r.Body); err != nil {
- return err
- }
- if !job.GetenvBool("Detach") {
- // Setting up the streaming http interface.
- inStream, outStream, err := hijackServer(w)
- if err != nil {
- return err
- }
- defer closeStreams(inStream, outStream)
- var errStream io.Writer
- if _, ok := r.Header["Upgrade"]; ok {
- fmt.Fprintf(outStream, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n")
- } else {
- fmt.Fprintf(outStream, "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n")
- }
- if !job.GetenvBool("Tty") && version.GreaterThanOrEqualTo("1.6") {
- errStream = stdcopy.NewStdWriter(outStream, stdcopy.Stderr)
- outStream = stdcopy.NewStdWriter(outStream, stdcopy.Stdout)
- } else {
- errStream = outStream
- }
- job.Stdin.Add(inStream)
- job.Stdout.Add(outStream)
- job.Stderr.Set(errStream)
- errOut = outStream
- }
- // Now run the user process in container.
- job.SetCloseIO(false)
- if err := job.Run(); err != nil {
- fmt.Fprintf(errOut, "Error starting exec command in container %s: %s\n", name, err)
- return err
- }
- w.WriteHeader(http.StatusNoContent)
- return nil
- }
- func postContainerExecResize(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- if err := parseForm(r); err != nil {
- return err
- }
- if vars == nil {
- return fmt.Errorf("Missing parameter")
- }
- if err := eng.Job("execResize", vars["name"], r.Form.Get("h"), r.Form.Get("w")).Run(); err != nil {
- return err
- }
- return nil
- }
- func optionsHandler(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- w.WriteHeader(http.StatusOK)
- return nil
- }
- func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
- w.Header().Add("Access-Control-Allow-Origin", "*")
- w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
- w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
- }
- func ping(eng *engine.Engine, version version.Version, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
- _, err := w.Write([]byte{'O', 'K'})
- return err
- }
- func makeHttpHandler(eng *engine.Engine, logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, enableCors bool, dockerVersion version.Version) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- // log the request
- log.Debugf("Calling %s %s", localMethod, localRoute)
- if logging {
- log.Infof("%s %s", r.Method, r.RequestURI)
- }
- if strings.Contains(r.Header.Get("User-Agent"), "Docker-Client/") {
- userAgent := strings.Split(r.Header.Get("User-Agent"), "/")
- if len(userAgent) == 2 && !dockerVersion.Equal(version.Version(userAgent[1])) {
- log.Debugf("Warning: client and server don't have the same version (client: %s, server: %s)", userAgent[1], dockerVersion)
- }
- }
- version := version.Version(mux.Vars(r)["version"])
- if version == "" {
- version = api.APIVERSION
- }
- if enableCors {
- writeCorsHeaders(w, r)
- }
- if version.GreaterThan(api.APIVERSION) {
- http.Error(w, fmt.Errorf("client and server don't have same version (client : %s, server: %s)", version, api.APIVERSION).Error(), http.StatusNotFound)
- return
- }
- if err := handlerFunc(eng, version, w, r, mux.Vars(r)); err != nil {
- log.Errorf("Handler for %s %s returned error: %s", localMethod, localRoute, err)
- httpError(w, err)
- }
- }
- }
- // Replicated from expvar.go as not public.
- func expvarHandler(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "application/json; charset=utf-8")
- fmt.Fprintf(w, "{\n")
- first := true
- expvar.Do(func(kv expvar.KeyValue) {
- if !first {
- fmt.Fprintf(w, ",\n")
- }
- first = false
- fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
- })
- fmt.Fprintf(w, "\n}\n")
- }
- func AttachProfiler(router *mux.Router) {
- router.HandleFunc("/debug/vars", expvarHandler)
- router.HandleFunc("/debug/pprof/", pprof.Index)
- router.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline)
- router.HandleFunc("/debug/pprof/profile", pprof.Profile)
- router.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
- router.HandleFunc("/debug/pprof/block", pprof.Handler("block").ServeHTTP)
- router.HandleFunc("/debug/pprof/heap", pprof.Handler("heap").ServeHTTP)
- router.HandleFunc("/debug/pprof/goroutine", pprof.Handler("goroutine").ServeHTTP)
- router.HandleFunc("/debug/pprof/threadcreate", pprof.Handler("threadcreate").ServeHTTP)
- }
- func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion string) *mux.Router {
- r := mux.NewRouter()
- if os.Getenv("DEBUG") != "" {
- AttachProfiler(r)
- }
- m := map[string]map[string]HttpApiFunc{
- "GET": {
- "/_ping": ping,
- "/events": getEvents,
- "/info": getInfo,
- "/version": getVersion,
- "/images/json": getImagesJSON,
- "/images/viz": getImagesViz,
- "/images/search": getImagesSearch,
- "/images/get": getImagesGet,
- "/images/{name:.*}/get": getImagesGet,
- "/images/{name:.*}/history": getImagesHistory,
- "/images/{name:.*}/json": getImagesByName,
- "/containers/ps": getContainersJSON,
- "/containers/json": getContainersJSON,
- "/containers/{name:.*}/export": getContainersExport,
- "/containers/{name:.*}/changes": getContainersChanges,
- "/containers/{name:.*}/json": getContainersByName,
- "/containers/{name:.*}/top": getContainersTop,
- "/containers/{name:.*}/logs": getContainersLogs,
- "/containers/{name:.*}/attach/ws": wsContainersAttach,
- "/exec/{id:.*}/json": getExecByID,
- },
- "POST": {
- "/auth": postAuth,
- "/commit": postCommit,
- "/build": postBuild,
- "/images/create": postImagesCreate,
- "/images/load": postImagesLoad,
- "/images/{name:.*}/push": postImagesPush,
- "/images/{name:.*}/tag": postImagesTag,
- "/containers/create": postContainersCreate,
- "/containers/{name:.*}/kill": postContainersKill,
- "/containers/{name:.*}/pause": postContainersPause,
- "/containers/{name:.*}/unpause": postContainersUnpause,
- "/containers/{name:.*}/restart": postContainersRestart,
- "/containers/{name:.*}/start": postContainersStart,
- "/containers/{name:.*}/stop": postContainersStop,
- "/containers/{name:.*}/wait": postContainersWait,
- "/containers/{name:.*}/resize": postContainersResize,
- "/containers/{name:.*}/attach": postContainersAttach,
- "/containers/{name:.*}/copy": postContainersCopy,
- "/containers/{name:.*}/exec": postContainerExecCreate,
- "/exec/{name:.*}/start": postContainerExecStart,
- "/exec/{name:.*}/resize": postContainerExecResize,
- "/containers/{name:.*}/rename": postContainerRename,
- },
- "DELETE": {
- "/containers/{name:.*}": deleteContainers,
- "/images/{name:.*}": deleteImages,
- },
- "OPTIONS": {
- "": optionsHandler,
- },
- }
- for method, routes := range m {
- for route, fct := range routes {
- log.Debugf("Registering %s, %s", method, route)
- // NOTE: scope issue, make sure the variables are local and won't be changed
- localRoute := route
- localFct := fct
- localMethod := method
- // build the handler function
- f := makeHttpHandler(eng, logging, localMethod, localRoute, localFct, enableCors, version.Version(dockerVersion))
- // add the new route
- if localRoute == "" {
- r.Methods(localMethod).HandlerFunc(f)
- } else {
- r.Path("/v{version:[0-9.]+}" + localRoute).Methods(localMethod).HandlerFunc(f)
- r.Path(localRoute).Methods(localMethod).HandlerFunc(f)
- }
- }
- }
- return r
- }
- // ServeRequest processes a single http request to the docker remote api.
- // FIXME: refactor this to be part of Server and not require re-creating a new
- // router each time. This requires first moving ListenAndServe into Server.
- func ServeRequest(eng *engine.Engine, apiversion version.Version, w http.ResponseWriter, req *http.Request) {
- router := createRouter(eng, false, true, "")
- // Insert APIVERSION into the request as a convenience
- req.URL.Path = fmt.Sprintf("/v%s%s", apiversion, req.URL.Path)
- router.ServeHTTP(w, req)
- }
- // serveFd creates an http.Server and sets it up to serve given a socket activated
- // argument.
- func serveFd(addr string, job *engine.Job) error {
- r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
- ls, e := systemd.ListenFD(addr)
- if e != nil {
- return e
- }
- chErrors := make(chan error, len(ls))
- // We don't want to start serving on these sockets until the
- // daemon is initialized and installed. Otherwise required handlers
- // won't be ready.
- <-activationLock
- // Since ListenFD will return one or more sockets we have
- // to create a go func to spawn off multiple serves
- for i := range ls {
- listener := ls[i]
- go func() {
- httpSrv := http.Server{Handler: r}
- chErrors <- httpSrv.Serve(listener)
- }()
- }
- for i := 0; i < len(ls); i++ {
- err := <-chErrors
- if err != nil {
- return err
- }
- }
- return nil
- }
- func lookupGidByName(nameOrGid string) (int, error) {
- groupFile, err := user.GetGroupPath()
- if err != nil {
- return -1, err
- }
- groups, err := user.ParseGroupFileFilter(groupFile, func(g user.Group) bool {
- return g.Name == nameOrGid || strconv.Itoa(g.Gid) == nameOrGid
- })
- if err != nil {
- return -1, err
- }
- if groups != nil && len(groups) > 0 {
- return groups[0].Gid, nil
- }
- return -1, fmt.Errorf("Group %s not found", nameOrGid)
- }
- func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) {
- tlsCert, err := tls.LoadX509KeyPair(cert, key)
- if err != nil {
- return nil, fmt.Errorf("Couldn't load X509 key pair (%s, %s): %s. Key encrypted?",
- cert, key, err)
- }
- tlsConfig := &tls.Config{
- NextProtos: []string{"http/1.1"},
- Certificates: []tls.Certificate{tlsCert},
- // Avoid fallback on insecure SSL protocols
- MinVersion: tls.VersionTLS10,
- }
- if ca != "" {
- certPool := x509.NewCertPool()
- file, err := ioutil.ReadFile(ca)
- if err != nil {
- return nil, fmt.Errorf("Couldn't read CA certificate: %s", err)
- }
- certPool.AppendCertsFromPEM(file)
- tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
- tlsConfig.ClientCAs = certPool
- }
- return tls.NewListener(l, tlsConfig), nil
- }
- func newListener(proto, addr string, bufferRequests bool) (net.Listener, error) {
- if bufferRequests {
- return listenbuffer.NewListenBuffer(proto, addr, activationLock)
- }
- return net.Listen(proto, addr)
- }
- func changeGroup(addr string, nameOrGid string) error {
- gid, err := lookupGidByName(nameOrGid)
- if err != nil {
- return err
- }
- log.Debugf("%s group found. gid: %d", nameOrGid, gid)
- return os.Chown(addr, 0, gid)
- }
- func setSocketGroup(addr, group string) error {
- if group == "" {
- return nil
- }
- if err := changeGroup(addr, group); err != nil {
- if group != "docker" {
- return err
- }
- log.Debugf("Warning: could not chgrp %s to docker: %v", addr, err)
- }
- return nil
- }
- func setupUnixHttp(addr string, job *engine.Job) (*HttpServer, error) {
- r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
- if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
- return nil, err
- }
- mask := syscall.Umask(0777)
- defer syscall.Umask(mask)
- l, err := newListener("unix", addr, job.GetenvBool("BufferRequests"))
- if err != nil {
- return nil, err
- }
- if err := setSocketGroup(addr, job.Getenv("SocketGroup")); err != nil {
- return nil, err
- }
- if err := os.Chmod(addr, 0660); err != nil {
- return nil, err
- }
- return &HttpServer{&http.Server{Addr: addr, Handler: r}, l}, nil
- }
- func allocateDaemonPort(addr string) error {
- host, port, err := net.SplitHostPort(addr)
- if err != nil {
- return err
- }
- intPort, err := strconv.Atoi(port)
- if err != nil {
- return err
- }
- var hostIPs []net.IP
- if parsedIP := net.ParseIP(host); parsedIP != nil {
- hostIPs = append(hostIPs, parsedIP)
- } else if hostIPs, err = net.LookupIP(host); err != nil {
- return fmt.Errorf("failed to lookup %s address in host specification", host)
- }
- for _, hostIP := range hostIPs {
- if _, err := portallocator.RequestPort(hostIP, "tcp", intPort); err != nil {
- return fmt.Errorf("failed to allocate daemon listening port %d (err: %v)", intPort, err)
- }
- }
- return nil
- }
- func setupTcpHttp(addr string, job *engine.Job) (*HttpServer, error) {
- if !strings.HasPrefix(addr, "127.0.0.1") && !job.GetenvBool("TlsVerify") {
- log.Infof("/!\\ DON'T BIND ON ANOTHER IP ADDRESS THAN 127.0.0.1 IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
- }
- r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
- l, err := newListener("tcp", addr, job.GetenvBool("BufferRequests"))
- if err != nil {
- return nil, err
- }
- if err := allocateDaemonPort(addr); err != nil {
- return nil, err
- }
- if job.GetenvBool("Tls") || job.GetenvBool("TlsVerify") {
- var tlsCa string
- if job.GetenvBool("TlsVerify") {
- tlsCa = job.Getenv("TlsCa")
- }
- l, err = setupTls(job.Getenv("TlsCert"), job.Getenv("TlsKey"), tlsCa, l)
- if err != nil {
- return nil, err
- }
- }
- return &HttpServer{&http.Server{Addr: addr, Handler: r}, l}, nil
- }
- // NewServer sets up the required Server and does protocol specific checking.
- func NewServer(proto, addr string, job *engine.Job) (Server, error) {
- // Basic error and sanity checking
- switch proto {
- case "fd":
- return nil, serveFd(addr, job)
- case "tcp":
- return setupTcpHttp(addr, job)
- case "unix":
- return setupUnixHttp(addr, job)
- default:
- return nil, fmt.Errorf("Invalid protocol format.")
- }
- }
- type Server interface {
- Serve() error
- Close() error
- }
- // ServeApi loops through all of the protocols sent in to docker and spawns
- // off a go routine to setup a serving http.Server for each.
- func ServeApi(job *engine.Job) engine.Status {
- if len(job.Args) == 0 {
- return job.Errorf("usage: %s PROTO://ADDR [PROTO://ADDR ...]", job.Name)
- }
- var (
- protoAddrs = job.Args
- chErrors = make(chan error, len(protoAddrs))
- )
- activationLock = make(chan struct{})
- for _, protoAddr := range protoAddrs {
- protoAddrParts := strings.SplitN(protoAddr, "://", 2)
- if len(protoAddrParts) != 2 {
- return job.Errorf("usage: %s PROTO://ADDR [PROTO://ADDR ...]", job.Name)
- }
- go func() {
- log.Infof("Listening for HTTP on %s (%s)", protoAddrParts[0], protoAddrParts[1])
- srv, err := NewServer(protoAddrParts[0], protoAddrParts[1], job)
- if err != nil {
- chErrors <- err
- return
- }
- chErrors <- srv.Serve()
- }()
- }
- for i := 0; i < len(protoAddrs); i++ {
- err := <-chErrors
- if err != nil {
- return job.Error(err)
- }
- }
- return engine.StatusOK
- }
- func AcceptConnections(job *engine.Job) engine.Status {
- // Tell the init daemon we are accepting requests
- go systemd.SdNotify("READY=1")
- // close the lock so the listeners start accepting connections
- if activationLock != nil {
- close(activationLock)
- }
- return engine.StatusOK
- }
|