Commit graph

1552 commits

Author SHA1 Message Date
Daniel Hiltgen
124792a871 Add TLS support for discovery backend
This leverages recent additions to libkv enabling client
authentication via TLS so the discovery back-end can be locked
down with mutual TLS.  Example usage:

    docker daemon [other args] \
        --cluster-advertise 192.168.122.168:2376 \
        --cluster-store etcd://192.168.122.168:2379 \
        --cluster-store-opt kv.cacertfile=/path/to/ca.pem \
        --cluster-store-opt kv.certfile=/path/to/cert.pem \
        --cluster-store-opt kv.keyfile=/path/to/key.pem

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2015-10-07 16:01:00 -07:00
Alexander Morozov
ce0457a2c9 Merge pull request #16818 from runcom/rmi-perf
graph: add parent img refcount for faster rmi
2015-10-07 10:45:49 -07:00
Antonio Murdaca
292a1564dc graph: add parent img refcount for faster rmi
also fix a typo in pkg/truncindex package comment

Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
2015-10-07 19:09:44 +02:00
Alexander Morozov
8cee301874 Merge pull request #16381 from rhvgoyal/deferred_deletion
devicemapper: Implement deferred deletion capability
2015-10-07 09:27:41 -07:00
Brian Goff
2606a2e4d3 Merge pull request #16147 from tiborvass/refactor-builder
Refactor builder with new Go interfaces
2015-10-06 20:36:07 -04:00
Tibor Vass
e0ef11a4c2 Abstract builder and implement server-side dockerfile builder
This patch creates interfaces in builder/ for building Docker images.
It is a first step in a series of patches to remove the daemon
dependency on builder and later allow a client-side Dockerfile builder
as well as potential builder plugins.

It is needed because we cannot remove the /build API endpoint, so we
need to keep the server-side Dockerfile builder, but we also want to
reuse the same Dockerfile parser and evaluator for both server-side and
client-side.

builder/dockerfile/ and api/server/builder.go contain implementations
of those interfaces as a refactoring of the current code.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-10-06 19:10:19 -04:00
Vivek Goyal
d929589c1f devmapper: Implement deferred deletion functionality
Finally here is the patch to implement deferred deletion functionality.
Deferred deleted devices are marked as "Deleted" in device meta file. 

First we try to delete the device and only if deletion fails and user has
enabled deferred deletion, device is marked for deferred deletion.

When docker starts up again, we go through list of deleted devices and
try to delete these again.

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2015-10-06 17:37:21 -04:00
Antonio Murdaca
7539013436 bump libcontainer to 902c012e85cdae6bb68d8c7a0df69a42f818ce96
Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
2015-10-06 17:55:09 +02:00
Vincent Demeester
fbd0cea90c Remove use of testify mock and testify vendored lib
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-10-05 08:43:34 +02:00
Doug Davis
49066f621e Merge pull request #16582 from vdemeester/16360-dockerCmd-raceytests
Fix TestDockerCmd*Timeout racey tests
2015-10-02 20:45:41 -04:00
Jess Frazelle
24e7907bb1 Merge pull request #16733 from MHBauer/perjury
remove testify asserts from pkg/discovery
2015-10-02 16:04:56 -07:00
Morgan Bauer
eb13311129
remove testify asserts from pkg/discovery
Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
2015-10-02 13:05:15 -07:00
Jess Frazelle
134fefbaa2 Merge pull request #16490 from Microsoft/10662-mtimefix
Fixed file modified time not changing on windows
2015-10-02 12:06:03 -07:00
Jess Frazelle
698e14902a Merge pull request #16159 from runcom/validate-cpuset-cpus
Validate --cpuset-cpus, --cpuset-mems
2015-10-02 11:30:46 -07:00
Jess Frazelle
bbac09a097 Merge pull request #16367 from Morgy93/names-generator
Added some adjectives and names
2015-10-02 11:29:09 -07:00
Jess Frazelle
aa2e3247cb Merge pull request #16470 from tonistiigi/fix-aufs-opq
Add basic support for .wh..wh..opq
2015-10-02 11:28:33 -07:00
Jess Frazelle
d04fd5e0dc Merge pull request #16594 from Microsoft/sjw/unc-build-fix
Windows: Fixing longpath hanlding of UNC paths.
2015-10-02 11:24:27 -07:00
Darren Stahl
40b77af234 Fixed file modified time not changing on Windows
Signed-off-by: Darren Stahl <darst@microsoft.com>
2015-10-01 10:45:32 -07:00
Stefan J. Wernli
6d223febda Windows: Fixing longpath hanlding of UNC paths.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2015-09-30 19:36:08 -07:00
Tobias Klauser
d762dcd147 Add more amazing people to the names generator
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-09-30 16:13:51 +02:00
Brian Goff
31b882e793 Merge pull request #16642 from vdemeester/remove-question-make-in-pkg-devicemapper
Remove "(?)" from comments in pkg/devicemapper
2015-09-30 09:39:23 -04:00
Vincent Demeester
1dcb7d9e40 Remove (?) from comments in pkg/devicemapper
Got merged with it, removing it as it doesn't add anything.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-09-30 10:35:02 +02:00
Tibor Vass
b08f071e18 Revert "Merge pull request #16228 from duglin/ContextualizeEvents"
Although having a request ID available throughout the codebase is very
valuable, the impact of requiring a Context as an argument to every
function in the codepath of an API request, is too significant and was
not properly understood at the time of the review.

Furthermore, mixing API-layer code with non-API-layer code makes the
latter usable only by API-layer code (one that has a notion of Context).

This reverts commit de41640435, reversing
changes made to 7daeecd42d.

Signed-off-by: Tibor Vass <tibor@docker.com>

Conflicts:
	api/server/container.go
	builder/internals.go
	daemon/container_unix.go
	daemon/create.go
2015-09-29 14:26:51 -04:00
Tonis Tiigi
2fb5d0c323 Add constants for AUFS whiteout files
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-09-29 11:21:45 -07:00
Brian Goff
252af0ae2f Merge pull request #16570 from duglin/ReaderFix
Make Close() on simpleReaderCloser actually close the reader
2015-09-29 12:55:03 -04:00
Tonis Tiigi
00e3277107 Add basic support for .wh..wh..opq
This fixes the case where directory is removed in
aufs and then the same layer is imported to a
different graphdriver.

Currently when you do `rm -rf /foo && mkdir /foo`
in a layer in aufs the files under `foo` would
only be be hidden on aufs.

The problems with this fix:

1) When a new diff is recreated from non-aufs driver
the `opq` files would not be there. This should not
mean layer differences for the user but still
different content in the tar (one would have one
`opq` file, the others would have `.wh.*` for every
file inside that folder). This difference also only
happens if the tar-split file isn’t stored for the
layer.

2) New files that have the filenames before `.wh..wh..opq`
when they are sorted do not get picked up by non-aufs
graphdrivers. Fixing this would require a bigger
refactoring that is planned in the future.


Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-09-29 08:22:25 -07:00
Vincent Demeester
7eab3db324 Fix TestDockerCmd*Timeout racey tests
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-09-29 14:50:22 +02:00
Antonio Murdaca
94464e3a5e Validate --cpuset-cpus, --cpuset-mems
Before this patch libcontainer badly errored out with `invalid
argument` or `numerical result out of range` while trying to write
to cpuset.cpus or cpuset.mems with an invalid value provided.
This patch adds validation to --cpuset-cpus and --cpuset-mems flag along with
validation based on system's available cpus/mems before starting a container.

Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-09-27 16:38:58 +02:00
Arnaud Porterie
166e082be3 Add pkg/discovery for nodes discovery
Absorb Swarm's discovery package in order to provide a common node
discovery mechanism to be used by both Swarm and networking code.

Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-09-25 13:33:23 -07:00
Jess Frazelle
7a1dbd17fc Merge pull request #16569 from brahmaroutu/ioutil_hang_gccgo
goroutine fairness is not guaranteed causing the hang with GCCGO (x86 GCCGO CI)
2015-09-25 10:24:13 -07:00
Srini Brahmaroutu
7c52fcce85 goroutine fairness is not guaranteed causing the hang with GCCGO
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-09-25 14:40:16 +00:00
Doug Davis
b5265fe7ad Make Close() on simpleReaderCloser actually close the reader
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-24 20:22:59 -07:00
David Calavera
de41640435 Merge pull request #16228 from duglin/ContextualizeEvents
Add context.RequestID to event stream
2015-09-24 14:16:22 -07:00
Jess Frazelle
7daeecd42d Merge pull request #16559 from Microsoft/10662-fix16556
Fixes 16556 CI failures
2015-09-24 12:31:36 -07:00
Jess Frazelle
84b53c8d87 Merge pull request #14579 from hqhq/hq_add_softlimit
Add support for memory reservation
2015-09-24 12:11:36 -07:00
Doug Davis
26b1064967 Add context.RequestID to event stream
This PR adds a "request ID" to each event generated, the 'docker events'
stream now looks like this:

```
2015-09-10T15:02:50.000000000-07:00 [reqid: c01e3534ddca] de7c5d4ca927253cf4e978ee9c4545161e406e9b5a14617efb52c658b249174a: (from ubuntu) create
```
Note the `[reqID: c01e3534ddca]` part, that's new.

Each HTTP request will generate its own unique ID. So, if you do a
`docker build` you'll see a series of events all with the same reqID.
This allow for log processing tools to determine which events are all related
to the same http request.

I didn't propigate the context to all possible funcs in the daemon,
I decided to just do the ones that needed it in order to get the reqID
into the events. I'd like to have people review this direction first, and
if we're ok with it then I'll make sure we're consistent about when
we pass around the context - IOW, make sure that all funcs at the same level
have a context passed in even if they don't call the log funcs - this will
ensure we're consistent w/o passing it around for all calls unnecessarily.

ping @icecrime @calavera @crosbymichael

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-24 11:56:37 -07:00
John Howard
e65a7dabb9 Fixes 16556 CI failures
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-09-24 11:19:00 -07:00
John Howard
5d630abbab TestRandomUnixTmpDirPath platform agnostic
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-09-24 09:37:07 -07:00
Morgy93
f2823f64a5 Added some names
Signed-off-by: Thomas Hauschild <thomas@ulfertsprygoda.de>
2015-09-24 17:15:47 +02:00
Jess Frazelle
8c33c6c737 Merge pull request #16190 from LK4D4/drain_refactor
Refactoring of bufReader
2015-09-24 01:54:40 -07:00
Brian Goff
40e8560412 Merge pull request #16415 from HuKeping/dockerinfo
Format output of docker info
2015-09-23 21:15:23 -04:00
Tonis Tiigi
c5b23337c3 Make bytesPipe use linear allocations
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-09-23 17:12:54 -07:00
Alexandre Beslic
a1573dffee Merge pull request #16494 from calavera/fix_plugin_url_scheme
Do not hardcode http as plugin URL scheme for secure connections.
2015-09-23 16:18:00 -07:00
Alexander Morozov
56b70bf84e Refactor bufReader to use BytesPipe
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-23 16:00:28 -07:00
Alexander Morozov
24310b5b4a Add BytesPipe datastructure to ioutils
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-23 16:00:27 -07:00
Jess Frazelle
04b171a632 Merge pull request #16500 from sergeyevstifeev/11584-pkg-stdcopy-test-coverage
Adding some more coverage to StdCopy to address #11584
2015-09-23 15:51:21 -07:00
Tibor Vass
8f7f0f8deb Merge pull request #16493 from cpuguy83/doc_plugin_rpcgen
Add README for pluginrpc-gen
2015-09-23 15:36:05 -04:00
Sergey Evstifeev
6335c90d4a Add StdCopy happy path test: both reading and writing
Signed-off-by: Sergey Evstifeev <sergey.evstifeev@gmail.com>
2015-09-23 17:27:32 +02:00
Hu Keping
141e91c480 Format output of docker info
Format those info which will only be displayed when daemon is
in debug mode.

Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-09-23 14:35:13 +08:00
qhuang
aa1780997f Add support for memory reservation
Signed-off-by: qhuang <qhuang@10.0.2.15>
2015-09-23 14:02:45 +08:00