Commit graph

29 commits

Author SHA1 Message Date
Sebastiaan van Stijn
cd054983ff
api/server: remove "Logging" from config
The Logging boolean was unconditionally set to true and ignored in all locations,
except for enabling the debugging middleware, which was also gated by the active
logrus logging level.

While it could make sense to have a Loglevel option configured on the API server,
we don't have this currently, and to make that actually useful, that config would
need to be tollerated by all locations that produce logs (which isn't the case
either).

Looking at the history of this option; a boolean to disable logging was originally
added in commit c423a790d6, which hard-coded it to
"disabled" in a test, and "enabled" for the API server outside of tests (before
that commit, logging was always enabled).

02ddaad5d9 and 5c42b2b512
changed the hard-coded values to be configurable through a `Logging` env-var (env-
vars were used _internally_ at the time to pass on options), which later became
a configuration struct in a0bf80fe03.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-23 23:38:30 +02:00
Daniel Nephin
4f0d95fa6e Add canonical import comment
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-02-05 16:51:57 -05:00
Derek McGowan
1009e6a40b
Update logrus to v1.0.1
Fixes case sensitivity issue

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2017-07-31 13:16:46 -07:00
mgniu
c5ecf1e6fe change comment
Signed-off-by: mgniu <mgniu@dataman-inc.com>
2016-08-26 18:30:41 +08:00
mgniu
e743ab0882 replace handleWithGlobalMiddlewares with handlerWithGlobalMiddlewares
Signed-off-by: mgniu <mgniu@dataman-inc.com>
2016-08-12 10:53:11 +08:00
David Calavera
8d3467626e
Move middleware to interfaces.
This makes separating middlewares from the core api easier.
As an example, the authorization middleware is moved to
it's own package.

Initialize all static middlewares when the server is created, reducing
allocations every time a route is wrapper with the middlewares.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-04-11 09:19:27 -07:00
David Calavera
accf28a7db Remove unnecessary hardcoded version.
The server configuration already keeps the current version
if the daemon. This patch changes the middleware logic
to use it rather than using the global value.

This removes the dockerversion package dependency from the api.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-03-24 12:33:40 -04:00
David Calavera
1ba44a832f Make server middleware standalone functions.
Removing direct dependencies from the server configuration.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-24 14:48:52 -05:00
Brent Salisbury
a499ad8e4e Fixed logrus client/server mismatch debug msg
Signed-off-by: Brent Salisbury <brent@docker.com>
2016-02-22 23:36:33 -05:00
Doug Davis
059ad5d0a9 Lower warning about old client to a debug
Ideally I would love to just remove this check entirely because its
seems pretty useless.  An old client talking to a new server isn't
an error condition, nor is it something to even worry about - its a normal
part of life.  Flooding my screen (and logs) with a warning that isn't
something I (as an admin) need to be concerned about is silly and a
distraction when I need to look for real issues.  If anything this should
be printed on the cli not the daemon since its the cli that needs to be
concerned, not the daemon.

However, since when you debug an issue it might be interesting to know the
client is old I decided to pull back a little and just change it from
a Warning to a Debug logrus call instead.

If others want it removed I still do that though  :-)

Signed-off-by: Doug Davis <dug@us.ibm.com>
2016-02-12 10:53:40 -08:00
Victor Vieux
0fd9b4067d fix error message on version too low
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-02-02 14:16:15 -08:00
Zhang Wei
98f74f8383 Change log level
Warning should be printed with real `logrus.Warn`

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-01-30 18:46:16 +08:00
Tibor Vass
59231ea6d8 Merge pull request #19312 from cpuguy83/19177_fix_debug_req_dump_size
Don't dump request body when too large
2016-01-14 09:06:02 -05:00
Brian Goff
89af3835d4 Don't dump request body to log when too large
Fixes an issue where a client can send a large body but specifiy
application/json as the content-type, and cause Docker to consume lots
of RAM while trying to buffer the body so it can be dumped to the debug
log.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-01-13 17:01:35 -05:00
Tibor Vass
5c630ea7c3 Rename authz to authorization for greater clarity
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-01-13 14:15:37 -05:00
Antonio Murdaca
5a64c8027e authZ: more fixes
- fix naming and formatting
- provide more context when erroring auth
- do not capitalize errors
- fix wrong documentation
- remove ugly remoteError{}

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-18 16:29:01 +01:00
Zhang Wei
aaf65a47a7 Better debug message for post form data
Print json format instead of default `%q`

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-12-17 15:55:39 +08:00
Doug Davis
6287ec9095 Add a DOCKER_API_VERSION env var
Closes: #11486

Just for @ahmetalpbalkan  :-)

Fixed some comment formatting too while in there.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-12-14 12:45:34 -08:00
Justas Brazauskas
927b334ebf Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2015-12-13 18:04:12 +02:00
Liron Levin
75c353f0ad Docker authorization plug-in infrastructure enables extending the functionality of the Docker daemon with respect to user authorization. The infrastructure enables registering a set of external authorization plug-in. Each plug-in receives information about the user and the request and decides whether to allow or deny the request. Only in case all plug-ins allow accessing the resource the access is granted.
Each plug-in operates as a separate service, and registers with Docker
through general (plug-ins API)
[https://blog.docker.com/2015/06/extending-docker-with-plugins/]. No
Docker daemon recompilation is required in order to add / remove an
authentication plug-in. Each plug-in is notified twice for each
operation: 1) before the operation is performed and, 2) before the
response is returned to the client. The plug-ins can modify the response
that is returned to the client.

The authorization depends on the authorization effort that takes place
in parallel [https://github.com/docker/docker/issues/13697].

This is the official issue of the authorization effort:
https://github.com/docker/docker/issues/14674

(Here)[https://github.com/rhatdan/docker-rbac] you can find an open
document that discusses a default RBAC plug-in for Docker.

Signed-off-by: Liron Levin <liron@twistlock.com>
Added container create flow test and extended the verification for ps
2015-12-08 17:34:15 +02:00
David Calavera
82323294db Unify both debug logging middlewares.
We can remove one function from the stack by injecting the middleware
only when logging in enabled and the level is debug.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-01 14:33:33 -05:00
Dan Walsh
cf4fb15088 The loggingMiddleware function is adding lots of messages to the log
When tools like kubernetes and cockpit are talking to the docker daemon
actively, we are seeing large number of log messages that look like debug
information.

For example

docker info adds the following line to journald.

Nov 26 07:09:23 dhcp-10-19-62-196.boston.devel.redhat.com docker[32686]: time="2015-11-26T07:09:23.124503455-05:00" level=info msg="GET /v1.22/info"

We think this should be Debug level not Info level.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2015-11-26 07:10:38 -05:00
Vincent Demeester
8054a30387 dockerversion placeholder for library import
- Add a *version* file placeholder.
- Update autogen and builds to use it and an autogen build flag

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-11-09 19:32:46 +01:00
Brian Goff
b78ca243d9 Revert "dockerversion placeholder for library-import"
This reverts commit d5cd032a86.

Commit caused issues on systems with case-insensitive filesystems.
Revert for now

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-10-27 21:23:53 -04:00
Vincent Demeester
d5cd032a86 dockerversion placeholder for library-import
- Move autogen/dockerversion to version
- Update autogen and "builds" to use this package and a build flag

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-10-27 20:36:07 +01:00
Brian Goff
37dbe07519 Dump request when daemon is set to debug
Uses a new middleware which calls httputils.DumpRequest which is output
to `logrus.Debug`.
This is implemented in a separate middleare so that we only have to
check the logging level when the router is instantiated rather than at
every request.
If this was just `logrus.Debug(httputil.DumpRequest(...))`, the
DumpRequest would be called on each request requardless of logging
level set on the daemon.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-10-23 09:04:32 -04:00
David Calavera
da982cf551 Separate API router from server.
Implement basic interfaces to write custom routers that can be plugged
to the server. Remove server coupling with the daemon.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-29 19:43:03 -04:00
Tibor Vass
94e3b0f428 Use golang.org/x/net/context in api/server/
This patch removes the internal context package and uses golang's
package instead.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-09-29 17:40:55 -04:00
David Calavera
0fea04d27e Organize server pre-func logic in middlewares.
It defines global middlewares for every request.
This makes the server slightly more composable.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-21 14:27:06 -04:00