Commit graph

3121 commits

Author SHA1 Message Date
Asad Saeeduddin
c6d32bebe5 Change multi-type parameters to single type
Signed-off-by: Asad Saeeduddin <masaeedu@gmail.com>
2017-10-26 06:10:24 -04:00
Kir Kolyshkin
f963500c54 ContainerWait on remove: don't stuck on rm fail
Currently, if a container removal has failed for some reason,
any client waiting for removal (e.g. `docker run --rm`) is
stuck, waiting for removal to succeed while it has failed already.
For more details and the reproducer, please check
https://github.com/moby/moby/issues/34945

This commit addresses that by allowing `ContainerWait()` with
`container.WaitCondition == "removed"` argument to return an
error in case of removal failure. The `ContainerWaitOKBody`
stucture returned to a client is amended with a pointer to `struct Error`,
containing an error message string, and the `Client.ContainerWait()`
is modified to return the error, if any, to the client.

Note that this feature is only available for API version >= 1.34.
In order for the old clients to be unstuck, we just close the connection
without writing anything -- this causes client's error.

Now, docker-cli would need a separate commit to bump the API to 1.34
and to show an error returned, if any.

[v2: recreate the waitRemove channel after closing]
[v3: document; keep legacy behavior for older clients]
[v4: convert Error from string to pointer to a struct]
[v5: don't emulate old behavior, send empty response in error case]
[v6: rename legacy* vars to include version suffix]

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2017-10-25 13:11:56 -07:00
Sebastiaan van Stijn
e309f98b84 Merge pull request #35030 from tossmilestone/34459-fix-network-create-conflict-errcode
Fix returned error code for network creation from 500 to 409
2017-10-25 14:29:20 +02:00
Kenfe-Mickael Laventure
ddae20c032
Update libcontainerd to use containerd 1.0
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2017-10-20 07:11:37 -07:00
Boaz Shuster
dfd706e1a5 Elaborate more about port allocation in docs
Describe more how host port allocation is done when
container is stopped/started in "PublishAllPorts".

Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
2017-10-17 15:19:54 +03:00
Victor Vieux
591b2eeeb3 Merge pull request #35151 from thaJeztah/always-return-version-information
Always return version and server headers
2017-10-11 18:11:35 -07:00
Sebastiaan van Stijn
1ffa10ee26 Merge pull request #35144 from Microsoft/jjh/fixdownlevel
Fix regression on inspect
2017-10-12 00:52:28 +02:00
Sebastiaan van Stijn
e9dac5ef5e
Always return version and server headers
If a 400 error is returned due to an API version mismatch, no
version and server-identification headers were returned by the API.

All information in these headers is "static", so there is no
reason to omit the information in case of an error being
returned.

This patch updates the version middleware to always
return the headers.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-11 22:06:43 +02:00
Victor Vieux
6f117e266f Merge pull request #35150 from thaJeztah/fix-api-version-check
Return 400 error if API client is too new
2017-10-11 11:26:12 -07:00
Akim Demaille
ce58cd5a34 API: minor fixes in the README
The main point is to fix a non ASCII space character that wrecks the
markdown handling.

Signed-off-by: Akim Demaille <akim.demaille@docker.com>
2017-10-11 16:12:10 +02:00
Victor Vieux
b6aa01570c Merge pull request #35064 from LK4D4/replace_timer
Replace NewTimer().C with After
2017-10-10 08:47:37 -07:00
Sebastiaan van Stijn
01f9227ec9
Return 400 error if API client is too new
Commit e98e4a7111 implemented API version
negotiation using the `/_ping` endpoint. In that change, URL validation for the
maximum supported API version was removed from the API server (validation for
the _minimum_ version was kept in place).

With this feature, clients that support version negotiation would negotiate the
maximum version supported by the daemon, and downgrade to an older API version
if the client's default API version is not supported.

However, clients that do _not_ support version negotiation can call API versions
that are higher than the maximum supported version. Due to the missing version
check, this is silently ignored, and the daemon's default API version is used.

This is a problem, because the actual API version in use is non-deterministic;
for example, calling `/v9999.9999/version` on a daemon that runs API v1.34 will
use API v1.34, but calling the same URL on an older daemon may use API version
v1.24.

This patch reverts the removal of the API check for maximum supported versions.
The documentation has been updated accordingly

Before this patch is applied, the daemon returns a 200 (success):

    $ curl -v --unix-socket /var/run/docker.sock http://localhost/v9999.9999/version
    *   Trying /var/run/docker.sock...
    * Connected to localhost (/Users/sebastiaan/Library/Containers/com.dock) port 80 (#0)
    > GET /v9999.9999/version HTTP/1.1
    > Host: localhost
    > User-Agent: curl/7.54.0
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Api-Version: 1.32
    < Content-Length: 240
    < Content-Type: application/json
    < Date: Tue, 10 Oct 2017 09:11:29 GMT
    < Docker-Experimental: true
    < Ostype: linux
    < Server: Docker/17.09.0-ce (linux)
    <
    {"Version":"17.09.0-ce","ApiVersion":"1.32","MinAPIVersion":"1.12","GitCommit":"afdb6d4","GoVersion":"go1.8.3","Os":"linux","Arch":"amd64","KernelVersion":"4.9.49-moby","Experimental":true,"BuildTime":"2017-09-26T22:45:38.000000000+00:00"}
    * Connection #0 to host localhost left intact

After this patch is applied, a 400 (Bad Request) is returned:

    $ curl -v --unix-socket /var/run/docker.sock http://localhost/v9999.9999/version
    *   Trying /var/run/docker.sock...
    * Connected to localhost (/var/run/docker.sock) port 80 (#0)
    > GET /v9999.9999/info HTTP/1.1
    > Host: localhost
    > User-Agent: curl/7.52.1
    > Accept: */*
    >
    < HTTP/1.1 400 Bad Request
    < Content-Type: application/json
    < Date: Tue, 10 Oct 2017 08:08:34 GMT
    < Content-Length: 89
    <
    {"message":"client version 9999.9999 is too new. Maximim supported API version is 1.34"}
    * Curl_http_done: called premature == 0
    * Connection #0 to host localhost left intact

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-10 11:17:48 +02:00
John Howard
f9b2a20819 Fix downlevel regression
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-10-09 13:47:28 -07:00
He Xiaoxi
ab1871872d Fix returned error code for network creation from 500 to 409
Signed-off-by: He Xiaoxi <tossmilestone@gmail.com>
2017-10-08 16:00:00 +08:00
John Howard
d98ecf2d6c LCOW: API change JSON header to string POST parameter
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-10-06 15:26:48 -07:00
John Howard
0380fbff37 LCOW: API: Add platform to /images/create and /build
Signed-off-by: John Howard <jhoward@microsoft.com>

This PR has the API changes described in https://github.com/moby/moby/issues/34617.
Specifically, it adds an HTTP header "X-Requested-Platform" which is a JSON-encoded
OCI Image-spec `Platform` structure.

In addition, it renames (almost all) uses of a string variable platform (and associated)
methods/functions to os. This makes it much clearer to disambiguate with the swarm
"platform" which is really os/arch. This is a stepping stone to getting the daemon towards
fully multi-platform/arch-aware, and makes it clear when "operating system" is being
referred to rather than "platform" which is misleadingly used - sometimes in the swarm
meaning, but more often as just the operating system.
2017-10-06 11:44:18 -07:00
Alexander Morozov
1a517a4a42 Replace NewTimer().C with After
It is the same thing

Signed-off-by: Alexander Morozov <lk4d4math@gmail.com>
2017-10-04 14:24:19 -07:00
Sebastiaan van Stijn
fd90733972
Add PortConfig.PublishMode to API documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-04 15:34:08 +02:00
Sebastiaan van Stijn
288abf0854
Bump API version to 1.34
Docker 17.10 was cut off from ab2b03a0e1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-30 01:13:20 +02:00
Vincent Demeester
a343cba40c Merge pull request #34985 from thaJeztah/remove-use-of-deprecated-filter-functions
Remove use of deprecated filter functions
2017-09-27 17:34:07 +02:00
Allen Sun
4611ecd3cd add node/service/secret/config specific event filter
Signed-off-by: Allen Sun <shlallen1990@gmail.com>
2017-09-27 00:23:51 +08:00
Sebastiaan van Stijn
74a084162c Merge pull request #34908 from thaJeztah/bump-api-version-1.33
Bump API version to 1.33
2017-09-26 18:09:50 +02:00
Sebastiaan van Stijn
a4efe66cf2
Replace uses of filters.ToParam(), FromParam() with filters.ToJSON(), FromJSON()
`filters.ToParam()` and `filters.FromParam()` were deprecated in favor of
`filters.ToJSON()` and `filters.FromJSON()` in 065118390a,
but still used in various locations.

This patch replaces uses of `filters.ToParam()` and  `filters.FromParam()` with
`filters.ToJSON()` and `filters.FromJSON()`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-26 13:59:45 +02:00
Sebastiaan van Stijn
97c5ae25c4
Replace uses of filters.Include() with filters.Contains()
The `filters.Include()` method was deprecated in favor of `filters.Contains()`
in 065118390a, but still used in various
locations.

This patch replaces uses of `filters.Include()` with `filters.Contains()`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-26 13:39:56 +02:00
Daniel Nephin
27cfa68af1 Move RFC3339NanoFixed to a more appropriate package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-25 16:07:24 -04:00
Sebastiaan van Stijn
15a59e763b
Bump API version to 1.33
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-20 15:19:16 +02:00
Akash Gupta
7a7357dae1 LCOW: Implemented support for docker cp + build
This enables docker cp and ADD/COPY docker build support for LCOW.
Originally, the graphdriver.Get() interface returned a local path
to the container root filesystem. This does not work for LCOW, so
the Get() method now returns an interface that LCOW implements to
support copying to and from the container.

Signed-off-by: Akash Gupta <akagup@microsoft.com>
2017-09-14 12:07:52 -07:00
Yong Tang
dc35a8a5d2 Merge pull request #34821 from thaJeztah/remove-enable-api-cors
Remove deprecated --enable-api-cors flag
2017-09-13 20:10:27 -07:00
Sebastiaan van Stijn
80edccda70 Merge pull request #34828 from allencloud/add-config-tags-in-swagger
add configs tag in swagger.yml
2017-09-14 02:37:28 +02:00
Allen Sun
16929d337a add configs tag in swagger.yml
Signed-off-by: Allen Sun <allensun.shl@alibaba-inc.com>
2017-09-13 09:48:05 +08:00
Daniel Nephin
f7f101d57e Add gosimple linter
Update gometalinter

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-12 12:09:59 -04:00
Sebastiaan van Stijn
7d4eab5543
Remove deprecated --enable-api-cors flag
The `--enable-api-cors` flag was deprecated in f3dd2db4ff,
and marked for removal in docker 17.09 through 85f92ef359.

This patch removes the deprecated flag.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-12 12:43:34 +02:00
Brian Goff
c8400bf24d Merge pull request #34756 from dnephin/better-filters
Improve docs and interface for api/types/filters
2017-09-07 17:00:59 -04:00
Yong Tang
2dcb77b24c Merge pull request #34738 from wgliang/optimization1
Optimize some wrong usage and spelling
2017-09-07 09:45:14 -07:00
wangguoliang
94cefa2145 Optimize some wrong usage and spelling
Signed-off-by: wgliang <liangcszzu@163.com>
2017-09-07 09:44:08 +08:00
Daniel Nephin
065118390a Cleanup filter package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 16:41:47 -04:00
Daniel Nephin
2f007e46d0 Remove libtrust dep from api
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 12:05:19 -04:00
Daniel Nephin
22b246417f Move names to a more appropriate package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 12:05:16 -04:00
Daniel Nephin
2f5f0af3fd Add unconvert linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-24 15:08:31 -04:00
Daniel Nephin
709bf8b7bc Add interfacer linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-24 15:08:26 -04:00
Yong Tang
6540d55814 Merge pull request #34588 from dnephin/more-linters
Add deadcode and goimports linters
2017-08-22 05:12:50 -07:00
Yong Tang
28362f11d7 Merge pull request #34572 from krizalys/hyphenless-bind-mount
Dropped hyphen in bind mount where appropriate
2017-08-22 05:11:46 -07:00
Daniel Nephin
62c1f0ef41 Add deadcode linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-21 18:18:50 -04:00
Christophe Vidal
dffa5d6df2 Dropped hyphen in bind mount where appropriate
Signed-off-by: Christophe Vidal <kriss@krizalys.com>
2017-08-19 21:25:07 +07:00
Daniel Nephin
9b47b7b151 Fix golint errors.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-18 14:23:44 -04:00
Yong Tang
2afb3efaa6 Merge pull request #34188 from cpuguy83/32144_api_error_handling
Remove string checking in API error handling
2017-08-16 08:53:15 -07:00
Sebastiaan van Stijn
18b23067be
Create definition for SystemInfo response
The `/info` endpoint was badly documented, missing various
fields and incorrectly describing others.

This patch defines a type for the endpoint, based on the
API types in the source.

Also removing the response example in favor of
per-field examples, as this prevents an incorrectly
formatted response from masking omissions in the
actual type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:29 +02:00
Sebastiaan van Stijn
2720cefbb2
Remove redundant example for Node
All example values are now documented per field,
so are automatically used to generate responses.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:19 +02:00
Sebastiaan van Stijn
5b017ef45d
Add definition for Swarm inspect response
Also remove inline response examples

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:14 +02:00
Sebastiaan van Stijn
33e2c99401
Extract NodeDescription to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:09 +02:00
Sebastiaan van Stijn
7cb4a97ae1
Extract EngineDescription to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:04 +02:00
Sebastiaan van Stijn
a2de2681a6
Extract Platform to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:58 +02:00
Sebastiaan van Stijn
3f1ad79faf
Add missing definition for Node.ManagerStatus
The `Node.ManagerStatus`  property was only present in
the example, but not in the definition.

This patch adds definitions for `ManagerStatus`
and `Reachability`, similar to what is used in the
code;
f02a5b50c4/api/types/swarm/node.go (L84-L101)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:53 +02:00
Sebastiaan van Stijn
26b247e706
Add missing definition for Node.Status
The `Node.Status`  property was only present in
the example, but not in the definition.

This patch adds definitions for `NodeStatus`
and `NodeState`, similar to what is used in the
code;

- f02a5b50c4/api/types/swarm/node.go (L77-L82)
- f02a5b50c4/api/types/swarm/node.go (L103-L115)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:47 +02:00
Sebastiaan van Stijn
b2de157a41
Fix TLSInfo in Node specification
- `TLSInfo` is part of `Node.Description`, but was documented as a
  direct child of `Node`
- `Node.TLSInfo` incorrectly was using the `SwarmSpec` type,
  instead of `TLSInfo`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:42 +02:00
Sebastiaan van Stijn
93e324e2a7
Update incorrect types in Swagger
- `ObjectVersion.Index` is an `uint64` 0fd90c4d5d/api/types/swarm/common.go (L5-L15)
- `ClusterInfo` is nullable in the `/info` output (see ff4f700f74/api/types/swarm/swarm.go (L203))
- `CAConfig.ForceRotate` was missing a type, therefore treated as an `object` in Swagger: ff4f700f74/api/types/swarm/swarm.go (L121)
- `Raft.SnapshotInterval`, `Raft.KeepOldSnapshots`, and `Raft.LogEntriesForSlowFollowers` are an `uint64` not an `int64`
- Various fields in `swarm.Info` are nullable; added `x-nullable`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:32 +02:00
Sebastiaan van Stijn
934378bee3
Update / add extra description fields to Swagger
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:27 +02:00
Sebastiaan van Stijn
fa05a53426
Add extra example values to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:22 +02:00
Sebastiaan van Stijn
f720f9cc33
Reformat definitions - add some whitespace
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:14 +02:00
Brian Goff
ebcb7d6b40 Remove string checking in API error handling
Use strongly typed errors to set HTTP status codes.
Error interfaces are defined in the api/errors package and errors
returned from controllers are checked against these interfaces.

Errors can be wraeped in a pkg/errors.Causer, as long as somewhere in the
line of causes one of the interfaces is implemented. The special error
interfaces take precedence over Causer, meaning if both Causer and one
of the new error interfaces are implemented, the Causer is not
traversed.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-08-15 16:01:11 -04:00
Sebastiaan van Stijn
b98ceb7121
Update NetworkConfig definition in Swagger
This patch updates the definition of `NetworkConfig` to match the code, and
renames to the definition to `NetworkSettings` (also to match the type in
the code).

Add definitions for:

- `Address`
- `PortMap`
- `PortBinding`
- `EndpointIPAMConfig`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-15 09:39:41 +02:00
Kir Kolyshkin
7120976d74 Implement none, private, and shareable ipc modes
Since the commit d88fe447df ("Add support for sharing /dev/shm/ and
/dev/mqueue between containers") container's /dev/shm is mounted on the
host first, then bind-mounted inside the container. This is done that
way in order to be able to share this container's IPC namespace
(and the /dev/shm mount point) with another container.

Unfortunately, this functionality breaks container checkpoint/restore
(even if IPC is not shared). Since /dev/shm is an external mount, its
contents is not saved by `criu checkpoint`, and so upon restore any
application that tries to access data under /dev/shm is severily
disappointed (which usually results in a fatal crash).

This commit solves the issue by introducing new IPC modes for containers
(in addition to 'host' and 'container:ID'). The new modes are:

 - 'shareable':	enables sharing this container's IPC with others
		(this used to be the implicit default);

 - 'private':	disables sharing this container's IPC.

In 'private' mode, container's /dev/shm is truly mounted inside the
container, without any bind-mounting from the host, which solves the
issue.

While at it, let's also implement 'none' mode. The motivation, as
eloquently put by Justin Cormack, is:

> I wondered a while back about having a none shm mode, as currently it is
> not possible to have a totally unwriteable container as there is always
> a /dev/shm writeable mount. It is a bit of a niche case (and clearly
> should never be allowed to be daemon default) but it would be trivial to
> add now so maybe we should...

...so here's yet yet another mode:

 - 'none':	no /dev/shm mount inside the container (though it still
		has its own private IPC namespace).

Now, to ultimately solve the abovementioned checkpoint/restore issue, we'd
need to make 'private' the default mode, but unfortunately it breaks the
backward compatibility. So, let's make the default container IPC mode
per-daemon configurable (with the built-in default set to 'shareable'
for now). The default can be changed either via a daemon CLI option
(--default-shm-mode) or a daemon.json configuration file parameter
of the same name.

Note one can only set either 'shareable' or 'private' IPC modes as a
daemon default (i.e. in this context 'host', 'container', or 'none'
do not make much sense).

Some other changes this patch introduces are:

1. A mount for /dev/shm is added to default OCI Linux spec.

2. IpcMode.Valid() is simplified to remove duplicated code that parsed
   'container:ID' form. Note the old version used to check that ID does
   not contain a semicolon -- this is no longer the case (tests are
   modified accordingly). The motivation is we should either do a
   proper check for container ID validity, or don't check it at all
   (since it is checked in other places anyway). I chose the latter.

3. IpcMode.Container() is modified to not return container ID if the
   mode value does not start with "container:", unifying the check to
   be the same as in IpcMode.IsContainer().

3. IPC mode unit tests (runconfig/hostconfig_test.go) are modified
   to add checks for newly added values.

[v2: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-51345997]
[v3: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-53902833]
[v4: addressed the case of upgrading from older daemon, in this case
     container.HostConfig.IpcMode is unset and this is valid]
[v5: document old and new IpcMode values in api/swagger.yaml]
[v6: add the 'none' mode, changelog entry to docs/api/version-history.md]

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2017-08-14 10:50:39 +03:00
Victor Vieux
4930020210 hide swarm plugins behind experimental flag
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2017-08-08 18:33:25 -07:00
John Starks
54354db850 Windows: Add named pipe mount support
Current insider builds of Windows have support for mounting individual
named pipe servers from the host to the guest. This allows, for example,
exposing the docker engine's named pipe to a container.

This change allows the user to request such a mount via the normal bind
mount syntax in the CLI:

  docker run -v \\.\pipe\docker_engine:\\.\pipe\docker_engine <args>

Signed-off-by: John Starks <jostarks@microsoft.com>
2017-08-07 11:34:36 -07:00
Alessandro Boch
beebfc0cf6 Fix api server null pointer def on inspect/ls null ipam-driver networks
- When a network is created with the null ipam driver, docker api server
  thread will deference a nil pointer on `docker network ls` and on
  `docker network inspect <nw>`. This because buildIpamResource()
  assumes a gateway address is always present, which is not correct.

Signed-off-by: Alessandro Boch <aboch@tetrationanalytics.com>
2017-08-03 13:35:58 -07:00
John Howard
8af4db6f00 Merge pull request #34272 from dmcgowan/update-logrus
Update logrus to v1.0.1 (Sirupsen -> sirupsen)
2017-08-01 18:53:33 -07:00
Sebastiaan van Stijn
1a0fbc4a6f Merge pull request #34287 from thaJeztah/bump-api-version
Bump API version to 1.32
2017-08-01 12:18:26 +02:00
Vincent Demeester
0fd90c4d5d Merge pull request #34202 from thaJeztah/swagger-external-secrets-store
Add API documentation for plugable secret backends
2017-08-01 10:59:08 +02:00
Victor Vieux
3364e7da3f Merge pull request #34302 from abhinandanpb/predefinednet
Changing the get network request to return swarm scope predefined net…
2017-07-31 17:08:04 -07:00
Derek McGowan
1009e6a40b
Update logrus to v1.0.1
Fixes case sensitivity issue

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2017-07-31 13:16:46 -07:00
Abhinandan Prativadi
5bfefb2d36 Changing the get network request to return swarm scope predefined networks
Starting 17.06 swarm service create supports service creates with predefined
networks like host and bridge. Due to the nature of the feature, swarm manager
has a swarm scope predefined networks in addition to local scoped
predefined networks on all nodes. However network inspects for swarm scoped
predefined networks was not possible. The fix adds support for network inspect
for swarm scoped predefined networks.

Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
2017-07-31 13:05:30 -07:00
Sebastiaan van Stijn
c8dad44c32
Add API documentation for plugable secret backends
Documents the API changes introduced in

0304c98d85 and
08f7cf0526

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-28 00:00:53 +02:00
Sebastiaan van Stijn
05121d5554
Bump API version to 1.32
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-27 18:50:31 +02:00
Sebastiaan van Stijn
4735c76632
Update API plugin response examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-27 18:43:13 +02:00
Sebastiaan van Stijn
36e4e952f8 Merge pull request #34247 from thaJeztah/fix-restartpolicy-default
Fix RestartPolicy default value
2017-07-27 00:21:48 +02:00
Brian Goff
1ea52c4812 Merge pull request #34249 from thaJeztah/remove-unused-constants
Remove unused constants in plugin_responses
2017-07-26 16:44:51 -04:00
Brian Goff
9319a8a2dd Merge pull request #33440 from RenaudWasTaken/genericresource
Added support for Generic Resources
2017-07-25 15:32:25 -04:00
Sebastiaan van Stijn
9bb57aa3fe
Remove unused constants in plugin_responses
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-25 17:07:04 +02:00
Sebastiaan van Stijn
fc48b5529d
Fix RestartPolicy default value
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-25 16:14:59 +02:00
Renaud Gaubert
87e1464c43 Added support for Generic Resources
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
2017-07-24 17:49:56 -07:00
Sebastiaan van Stijn
901fe35bd3 Merge pull request #34174 from aaronlehmann/logattributes
Avoid using a map for log attributes
2017-07-21 22:31:51 +02:00
Sebastiaan van Stijn
a14f06a865 Merge pull request #34186 from thaJeztah/api-update-example-data
Improve API docs for UsageData
2017-07-20 09:38:28 +02:00
Sebastiaan van Stijn
8299f17278 Merge pull request #34183 from thaJeztah/api-changelog-add-volume-created-at
Update API history and example response for volume CreatedAt
2017-07-19 22:13:34 +02:00
Aaron Lehmann
ea1d14a189 api: Update swagger.yaml for configs
Also fix bad reference to ServiceSpec.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-07-19 09:52:25 -07:00
Sebastiaan van Stijn
194f635ce7
Improve API docs for UsageData
The docs did not mention when this information
was set, and what the `-1` value indicated.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-19 16:25:38 +02:00
Sebastiaan van Stijn
48a83a3a18
Update API history and example response for volume CreatedAt
This adds the new `CreatedAt` field to the API version history
and updates some examples to show this information.

The `CreatedAt` field was implemented in a46f757c40

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-19 16:18:08 +02:00
Sebastiaan van Stijn
eb9e5cd14b Merge pull request #32453 from cpuguy83/default_enable_pprof
Enable pprof/debug endpoints by default
2017-07-19 16:13:12 +02:00
Aaron Lehmann
b642b3f21f Avoid using a map for log attributes
Having a map per log entry seemed heavier than necessary. These
attributes end up being sorted and serialized, so storing them in a map
doesn't add anything (there's no random access element). In SwarmKit,
they originate as a slice, so there's an unnecessary conversion to a map
and back.

This also fixes the sort comparator, which used to inefficiently split
the string on each comparison.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-07-18 19:01:20 -07:00
Sebastiaan van Stijn
f6954bea9f
Fix API docs for GET /secrets/{id}, GET /secrets
The swagger.yml defined these endpoints to return
a "ServiceSpec" instead of a "SecretSpec".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-19 00:22:05 +02:00
Sebastiaan van Stijn
0304c98d85 Merge pull request #34157 from twistlock/plugable_secrets_backend
plugable secret backend
2017-07-18 18:07:27 +02:00
Sebastiaan van Stijn
32ada4dcf1 Merge pull request #34002 from thaJeztah/carry-32483
Service privileges: API docs
2017-07-18 13:09:08 +02:00
Liron Levin
e3f920d2f1 pluggable secret backend
Fixing secret driver serialization issue from
08f7cf0526

Signed-off-by: Liron Levin <liron@twistlock.com>
2017-07-18 12:45:44 +03:00
Brian Goff
408c7ade70 Enable pprof/debug endpoints by default
Makes sure that debug endpoints are always available, which will aid in
debugging demon issues.

Wraps debug endpoints in the middleware chain so the can be blocked by
authz.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-07-17 15:01:30 -04:00
Liron Levin
7d45cafd57 pluggable secret backend
This commit extends SwarmKit secret management with pluggable secret
backends support.

Updating the work in
[swarmkit](docker/swarmkit@eebac27434) for
pluggable secret backend and adding the
driver parameter to `SecretSpec`.

Remaining work:
- [ ] CLI support (docker/cli)
- [ ] api in [plugin helpers](docker/go-plugins-helpers))
- [ ] Reference plugin
- [ ] Documenation (after cli work)

Signed-off-by: Liron Levin <liron@twistlock.com>
2017-07-15 16:50:02 +03:00
Sebastiaan van Stijn
d0a8e73e7b
Service privileges: API docs
This documents the Service privileges
API changes, that were added in:
091b5e68ea

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-14 17:04:26 -07:00
allencloud
c8d6477e5a add config event in swagger.yml
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-07-12 08:48:14 +08:00
allencloud
ed916a233c make engine support cluster config event
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-07-11 17:21:15 +08:00
Victor Vieux
6978a6e25a Merge pull request #34035 from allencloud/add-cluster-event-details-in-swagger
add cluster events details in swagger.yml
2017-07-11 11:04:27 +02:00
allencloud
f596fb7683 add cluster events details in swagger.yml
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-07-11 11:54:22 +08:00
allencloud
87b4dc2002 return prune data when context canceled
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-07-10 10:06:24 +08:00
Brian Goff
72c3bcf2a5 Make plugin emit strongly typed, consumable events
Enables other subsystems to watch actions for a plugin(s).

This will be used specifically for implementing plugins on swarm where a
swarm controller needs to watch the state of a plugin.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-07-06 14:26:06 -04:00
Sebastiaan van Stijn
9d95740dbf Merge pull request #33941 from thaJeztah/update-api-docs
Add missing API documentatoin for DataPathAddr
2017-07-05 18:35:45 -07:00
Vincent Demeester
ff4f700f74 Merge pull request #33322 from jsoref/spelling
Spelling
2017-07-04 15:46:34 +02:00
Sebastiaan van Stijn
c79c16910c
Add missing API documentatoin for DataPathAddr
COmmit 0307fe1a0b added
a new `DataPathAddr` property to the swarm/init and swarm/join
endpoints. This property was not yet added to the
documentation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-04 03:11:40 -07:00
Sebastiaan van Stijn
b9f248d0ea Merge pull request #33884 from aaronlehmann/redact-secret-payload
middleware: Redact secret data on "secret create"
2017-07-03 14:18:32 -07:00
Josh Soref
39bcaee47b
Spelling fixes
* additional
* ambiguous
* anonymous
* anything
* application
* because
* before
* building
* capabilities
* circumstances
* commit
* committer
* compresses
* concatenated
* config
* container
* container's
* current
* definition
* delimiter
* disassociates
* discovery
* distributed
* doesnotexist
* downloads
* duplicates
* either
* enhancing
* enumerate
* escapable
* exactly
* expect
* expectations
* expected
* explicitly
* false
* filesystem
* following
* forbidden
* git with
* healthcheck
* ignore
* independent
* inheritance
* investigating
* irrelevant
* it
* logging
* looking
* membership
* mimic
* minimum
* modify
* mountpoint
* multiline
* notifier
* outputting
* outside
* overridden
* override
* parsable
* plugins
* precedence
* propagation
* provided
* provides
* registries
* repositories
* returning
* settings
* should
* signals
* someone
* something
* specifically
* successfully
* synchronize
* they've
* thinking
* uninitialized
* unintentionally
* unmarshaling
* unnamed
* unreferenced
* verify

Signed-off-by: Josh Soref <jsoref@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-03 13:13:09 -07:00
Josh Soref
6284cf5e9a
gofmt: 5 files
gofmt from go1.8.3

hg locate '*.go' |xargs ~/go/bin/gofmt -s -w

Signed-off-by: Josh Soref <jsoref@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-03 10:32:47 -07:00
Vincent Demeester
b8766fe793 Merge pull request #33824 from ijc/build-iidfile-with-squash
builder: Emit a BuildResult after squashing.
2017-06-30 16:42:23 +02:00
Aaron Lehmann
3fbc352cbb middleware: Redact secret data on "secret create"
With debug logging turned on, we currently log the base64-encoded secret
payload.

Change the middleware code to redact this. Since the field is called
"Data", it requires some context-sensitivity. The URI path is examined
to see which route is being invoked.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-06-29 16:04:47 -07:00
John Howard
950d472c9c Merge pull request #33826 from Microsoft/jjh/lcownits
LCOW: Fix nits from 33241
2017-06-27 22:56:38 -07:00
John Howard
4ec9766a27 LCOW: Fix nits from 33241
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-27 11:59:49 -07:00
Daniel Nephin
016eea004b
Set a LastUpdated time in image metadata when an image tag is updated.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-26 12:16:26 -07:00
Ian Campbell
9777ec3be0 builder: Emit a BuildResult after squashing.
This ensures that the final BuildResult is the actual tagged image.

Fixes #33822.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-26 13:19:25 +01:00
Vincent Demeester
d311a3a681 Merge pull request #33798 from vdemeester/move-some-api-code-away
Move some `api` package functions away
2017-06-24 14:30:25 +02:00
Vincent Demeester
565aa41392
Move some api package functions away
- DisplayablePorts is a `cli` function, moving to `docker/cli`
- Move MatchesContentType to the only package using it,
  `api/server/httputils` (and remove the deps on logrus for `api` package)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-23 19:37:26 +02:00
Sebastiaan van Stijn
b8b8a9c837
Documentation updates for interactive sessions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-22 15:36:56 -07:00
Tonis Tiigi
5c3d2d552b Implement incremental file sync using client session
Also exposes shared cache and garbage collection/prune
for the source data.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-06-22 11:52:35 -07:00
Tonis Tiigi
4f51ca1e82 session: update swagger yaml
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-06-22 11:22:42 -07:00
Tonis Tiigi
ec7b6238c3 Add long-running client session endpoint
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-06-22 11:22:41 -07:00
John Stephens
930e689668 Merge pull request #33241 from Microsoft/jjh/multi-layerstore
LCOW: Support most operations excluding remote filesystem
2017-06-21 15:45:23 -07:00
John Howard
ed10ac6ee9 LCOW: Create layer folders with correct ACL
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-20 19:50:12 -07:00
John Howard
3d5cec70b4 LCOW: Plumb through platform on Import
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-20 19:49:54 -07:00
John Howard
08252bc963 LCOW: Builder plumbing
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-20 19:49:53 -07:00
John Howard
a1fe1dc791 LCOW: pull goes to correct stores
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-20 19:49:52 -07:00
John Howard
3aa4a00715 LCOW: Move daemon stores to per platform
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-06-20 19:49:52 -07:00
Tonis Tiigi
c268d9da4b builder: fix copy —from conflict with force pull
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-06-20 15:45:33 -07:00
Vincent Demeester
99c72eb268 Merge pull request #33454 from dnephin/refactor-builder-remove-copy-on-build
[Builder] Move file coping from the daemon to the builder
2017-06-20 10:12:57 +02:00
Boaz Shuster
6bfd0f6b5d Remove Go 1.6 code from moby
Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
2017-06-19 15:59:00 +03:00
Aaron Lehmann
4310f7da7e Merge pull request #33630 from yongtang/167-cli-network-inspect-scope
Add `scope` filter in `GET /networks/(id or name)`
2017-06-12 18:27:24 -07:00
Sebastiaan van Stijn
f4bf61c79d Merge pull request #33005 from alfred-landrum/denied-error
Suggest login on pull denial
2017-06-13 01:51:18 +02:00
Yong Tang
158b2a1875 Add scope filter in /networks/<id>
This fix tries to add a `scope` in the query of `/networks/<id>`
(`NetworkInspect`) so that in case of duplicate network names,
it is possible to locate the network ID based on the network
scope (`local`, 'swarm', or `global`).

Multiple networks might exist in different scopes, which is a legitimate case.
For example, a network name `foo` might exists locally and in swarm network.

However, before this PR it was not possible to query a network name `foo`
in a specific scope like swarm.

This fix fixes the issue by allowing a `scope` query in `/networks/<id>`.

Additional test cases have been added to unit tests and integration tests.

This fix is related to docker/cli#167, moby/moby#30897, moby/moby#33561, moby/moby#30242

This fix fixes docker/cli#167

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-06-12 09:54:25 -07:00
Sebastiaan van Stijn
3f6b6c2981 Merge pull request #33612 from thaJeztah/bump-api-version
Bump API version
2017-06-10 02:00:45 +02:00
Alfred Landrum
8d9f51ea55
Suggest login on pull denial
Signed-off-by: Alfred Landrum <alfred.landrum@docker.com>
2017-06-09 12:43:21 -07:00
Vincent Demeester
c9f26eaaf8 Merge pull request #33609 from thaJeztah/backport-29418
backport #29418 "Fix buildIpamResources()" to master
2017-06-09 19:18:50 +02:00
Sebastiaan van Stijn
7839ff2244
Bump API version
With the Moby/Docker split, no decisions have been
made yet how, and when to bump the API version.

Although these decisions should not be lead
by Docker releases, I'm bumping the API version
to not complicate things for now; after this bump
we should make a plan how to handle this in future
(for example, using SemVer for the REST api, and
bump with every change).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-09 14:58:01 +02:00
Sebastiaan van Stijn
27ca921db1 Merge pull request #32122 from allencloud/choose-rpc-code-to-determine-status-code
choose rpc code to determine status code
2017-06-09 14:32:24 +02:00
Victor Vieux
27498a3c60
Merge pull request #29418 from aboch/p66
[1.13.x] Fix buildIpamResources()
(cherry picked from commit 4d2be03b68)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-09 13:51:43 +02:00
Daniel Nephin
5136096520 Fix copy when used with scratch and images with empty RootFS
Commit the rwLayer to get the correct DiffID
Refacator copy in thebuilder
move more code into exportImage
cleanup some windows tests
Release the newly commited layer.
Set the imageID on the buildStage after exporting a new image.
Move archiver to BuildManager.
Have ReleaseableLayer.Commit return a layer
and store the Image from exportImage in the local imageSources cache
Remove NewChild from image interface.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-06-08 15:07:16 -04:00
Boaz Shuster
e8a1d99afb Describe the differences between container-inspect and container-list
Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
2017-06-06 21:33:08 +03:00
allencloud
f257f77c6c choose rpc code to determine status code
Signed-off-by: allencloud <allen.sun@daocloud.io>
2017-06-06 10:08:50 +08:00
Ying Li
d60f182049 Do not log the CA config CA signing key in debug mode.
Signed-off-by: Ying Li <ying.li@docker.com>
2017-05-31 18:15:33 -07:00
Sebastiaan van Stijn
d192db0d93 Merge pull request #33423 from gesellix/swagger-docs-typo
Fix typo in swagger doc
2017-05-29 15:58:50 +02:00
Sebastiaan van Stijn
79b19c2e16 Merge pull request #33257 from mtesselH/master
Add CreatedAt filed to volume. Display when volume is inspected.
2017-05-29 10:48:07 +01:00
Tobias Gesellchen
56da4f2fb2 Fix typo in swagger doc
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2017-05-27 22:37:36 +02:00
Marianna
a46f757c40 Add CreatedAt filed to volume. Display when volume is inspected.
Closes #32663 by adding CreatedAt field when volume is created.
Displaying CreatedAt value when volume is inspected
Adding tests to verfiy the new field is correctly populated

Signed-off-by: Marianna <mtesselh@gmail.com>

Moving CreatedAt tests from the CLI

Moving the tests added for the newly added CreatedAt field for Volume, from CLI to API tests

Signed-off-by: Marianna <mtesselh@gmail.com>
2017-05-26 11:47:02 -07:00
Stanislav Bondarenko
92291a7355 Stop referring CLI flags in error messages if API client is unknown
Signed-off-by: Stanislav Bondarenko <stanislav.bondarenko@gmail.com>
2017-05-22 18:50:49 -04:00
Evan Hazlett
8eeba75198
remove RuntimeData from cluster and types
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
2017-05-19 17:10:32 -04:00
Sebastiaan van Stijn
f888a25ff5 Merge pull request #33261 from aaronlehmann/empty-platform
api: Only return a Platform when relevant information is available
2017-05-19 20:05:07 +02:00
Sebastiaan van Stijn
b654b6244d
Improve description of Running and Paused booleans
Commit abd72d4008 added
a "FIXME" comment to the container "State", mentioning
that a container cannot be both "Running" and "Paused".

This comment was incorrect, because containers on
Linux actually _must_ be running in order to be
paused.

This patch adds additional information both in a
comment, and in the API documentation to clarify
that these booleans are not mutually exclusive.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-05-19 12:29:54 +02:00
Abhinandan Prativadi
fe11de0177 Adding network specific options to service create/update
The commit adds capability to accept csv parameters
for network option in service create/update commands.The change
includes name,alias driver options specific to the network.
With this the following will be supported

docker service create --name web --network name=docknet,alias=web1,driver-opt=field1=value1 nginx
docker service create --name web --network docknet nginx
docker service update web --network-add name=docknet,alias=web1,driver-opt=field1=value1
docker service update web --network-rm docknet

Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
2017-05-17 18:46:34 -07:00