Commit graph

145 commits

Author SHA1 Message Date
Kenfe-Mickael Laventure
7e12c3bb99 Update containerd and runc
containerd: 837e8c5e1cad013ed57f5c2090c8591c10cbbdae
runc: 02f8fa7863dd3f82909a73e2061897828460d52f

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-10-05 14:47:15 -07:00
Michael Crosby
0b86ca9ad0 Merge pull request #26509 from LK4D4/commits_from_vendor
project: move go binaries installation to separate script
2016-10-05 13:15:30 -07:00
Alexander Morozov
1b41125ad9 project: move go binaries installation to separate script
It should allow easier updates for containerd and runc

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-09-23 09:21:29 -07:00
Lei Jitang
a94067c07f Merge pull request #26803 from YuPengZTE/devFirstLetter
Capitalizes the first letter in notes of dockerfile
2016-09-23 04:27:52 -05:00
YuPengZTE
bd31b24336 Capitalizes the first letter in notes of dockerfile
Signed-off-by: YuPengZTE <yu.peng36@zte.com.cn>
2016-09-23 09:20:27 +08:00
Vincent Demeester
758a809f54 Merge pull request #26538 from LK4D4/update_grpc
Update grpc to v1.0.1-GA
2016-09-20 23:19:26 +02:00
Alexander Morozov
eeceb0ccc8 vendor: update containerd and swarmkit
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-09-20 09:24:36 -07:00
Michael Crosby
ee3ac3aa66 Add init process for zombie fighting
This adds a small C binary for fighting zombies.  It is mounted under
`/dev/init` and is prepended to the args specified by the user.  You
enable it via a daemon flag, `dockerd --init`, as it is disable by
default for backwards compat.

You can also override the daemon option or specify this on a per
container basis with `docker run --init=true|false`.

You can test this by running a process like this as the pid 1 in a
container and see the extra zombie that appears in the container as it
is running.

```c

int main(int argc, char ** argv) {
	pid_t pid = fork();
	if (pid == 0) {
		pid = fork();
		if (pid == 0) {
			exit(0);
		}
		sleep(3);
		exit(0);
	}
	printf("got pid %d and exited\n", pid);
	sleep(20);
}
```

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-19 17:33:50 -07:00
Alexander Morozov
e4ddcb37c1 libcontainerd: use healthcheck to track containerd conn
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-09-12 14:22:38 -07:00
boucher
6bc9a2d563 Update containerd to fix unkillable restored containers.
Signed-off-by: boucher <rboucher@gmail.com>
2016-09-08 21:31:56 -04:00
unclejack
1668894d04 Dockerfile*: bump Go to 1.7.1
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
2016-09-08 00:42:35 +03:00
boucher
e0123adafd Upgrade containerd to latest version.
Necessary for merging in #22049.

Signed-off-by: Ross Boucher <rboucher@gmail.com>
2016-08-26 14:17:35 -04:00
Antonio Murdaca
12e2c2687e
Bump go to 1.7
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-08-21 19:04:15 +02:00
Kenfe-Mickael Laventure
d5cbc57eff Harmonize containerd commit used by all Dockerfile
When #24648 was merged, only the main Dockerfile was updated with the
new containerd commit, this commit brings the other Dockerfile up to
speed.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-07-21 10:34:30 -07:00
Arnaud Porterie
ffba13f435 Merge pull request #24648 from mlaventure/fix-kill-test
Fix TestDaemonRestartWithKilledRunningContainer failures on RHEL systems
2016-07-19 18:24:34 +00:00
Sebastiaan van Stijn
589bafddf3
bump Go to 1.6.3
following the announcement;
https://groups.google.com/forum/m/#!topic/golang-announce/7JTsd70ZAT0

> [security] Go 1.6.3 and Go 1.7rc2 pre-announcement
>
> Hello gophers,
> We plan to issue Go 1.6.3 and Go 1.7rc2 on Monday July 18 at approximately 2am UTC.
> These are minor release to fix a security issue.
>
> Following our policy at https://golang.org/security, this is the pre-announcement of those releases.
>
> Because we are so late in the release cycle for Go 1.7, we will not issue a minor release of Go 1.5.
> Additionally, we plan to issue Go 1.7rc3 later next week, which will include any changes between 1.7rc1 and tip.
>
> Cheers,
> Chris on behalf of the Go team

**Note:**
the man/Dockerfile is not yet updated, because
the official image for Go 1.6.2 has not yet
been updated.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-07-18 23:15:03 +02:00
Kenfe-Mickael Laventure
29b2714580 Vendor in new containerd
This version introduces the following:
 - uses nanosecond timestamps for event
 - ensure events are sent once their effect is "live"

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-07-18 11:44:24 -07:00
Kenfe-Mickael Laventure
2685c82c2e Vendor containerd 1b3a81545ca79456086dc2aa424357be98b962ee
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-07-01 11:46:48 -07:00
Michael Crosby
7db7e04631 Update containerd to b93a33be39bc4ef0fb00bfcb79147
This updates containerd to b93a33be39bc4ef0fb00bfcb79147a28c33d9d43
fixing the start sync issues.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-06-27 11:45:05 -07:00
Kenfe-Mickael Laventure
b675124cf5 Vendor in runc cc29e3dded8e27ba8f65738f40d251c885030a28
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-06-15 15:11:50 -07:00
Kenfe-Mickael Laventure
1aec3bacfd Vendor in new runc binary with userns fix
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-06-14 07:47:31 -07:00
Kenfe-Mickael Laventure
2e9ea5c194 Update containerd and runc vendoring
containerd: 860f3a94940894ac0a106eff4bd1616a67407ee2
runc: 85873d917e86676e44ccb80719fcb47a794676a1
runtime-specs: v1.0.0-rc1

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-06-14 07:47:31 -07:00
Michael Crosby
d17b9f3da0 Update containerd to cf554d59dd96e459544748290eb91
This bumps containerd to cf554d59dd96e459544748290eb9167f4bcde509 and
includes various fixes and updates the grpc package and types generated
for use.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-06-07 15:27:23 -07:00
Christy Perez
d864a14620 Bump the seccomp versions to pull in fixes and new commits
enabling s390 and ppc64le function

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2016-05-27 11:12:47 -04:00
Antonio Murdaca
40b21745cc Upgrade to golang 1.6.2
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-05-25 11:58:48 +02:00
Michael Crosby
cfb9764386 Update runc and containerd deps
containerd:     57b7c3da915ebe943bd304c00890959b191e5264
runc:           d49ece5a83da3dcb820121d6850e2b61bd0a5fbe

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-05-09 15:05:44 -07:00
Mrunal Patel
e0f98c698b Update runc and spec dependencies for mount label
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

Set up the mount label in the spec for a container

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-04-25 14:26:49 -07:00
Michael Crosby
199472c75a Bump containerd to v0.2.1
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-22 09:39:02 -07:00
Qiang Huang
e67c758ec3 Remove template code for runc and containerd
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-04-15 12:45:35 +08:00
Tibor Vass
c3fe4226f3 vendor runc to fix issue#21808
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-04-12 15:35:43 -04:00
Tonis Tiigi
3f81b49352 Define readonly/mask paths in spec
This vendors in new spec/runc that supports
setting readonly and masked paths in the 
configuration. Using this allows us to make an
exception for `—-privileged`.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-04-04 18:55:55 -07:00
Tonis Tiigi
8a4225cd5a Bring back support for DOCKER_RAMDISK
Fixes #21631

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-03-31 10:29:32 -07:00
Sebastiaan van Stijn
752b31d3fe Bump runC to 40f4e7873d88a4f4d12c15d9536bb1e34aa2b7fa
This includes fixes for;

- outputing errors for missing seccomp options on seccomp versions < 2.3
- cap set apply EPERM errors on ARM systems

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-03-29 17:10:05 -07:00
David Calavera
99adcaebc0 Merge pull request #21592 from anusha-ragunathan/docker-systemd
When using systemd, pass expected cgroupsPath and cli options to runc.
2016-03-29 17:00:10 -07:00
Anusha Ragunathan
7ed3d265a4 When using systemd, pass expected cgroupsPath and cli options to runc.
runc expects a systemd cgroupsPath to be in slice:scopePrefix:containerName
format and the "--systemd-cgroup" option to be set. Update docker accordingly.

Fixes 21475

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-29 14:20:10 -07:00
Harald Albers
a7e9bf6cb7 Use https for git clone in build
Signed-off-by: Harald Albers <github@albersweb.de>
2016-03-29 09:35:42 +02:00
Akihiro Suda
4bf770a4c6 Update Dockerfile.simple so that it can be successfuly built
* build-essential is needed by `make`
 * libapparmor-dev is needed by runc
 * seccomp is needed by runc
 * Go is neeeded by runc

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2016-03-25 16:59:07 +09:00
Tonis Tiigi
22d997b374 Update runc/containerd
Contains fixes for:
- pid.max fix that is causing hang on network stats test.
- fix for early stdin close containerd-shim
- better logging for `could not synchronise with container process`

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-03-23 15:38:33 -07:00
Tibor Vass
009399dc8e Add docker- prefix to runc and containerd binaries
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-03-23 00:52:16 -04:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Anusha Ragunathan
2b766a455c Include xfsprogs in build environment.
devmapper uses xfs by default now. So include xfsprogs in build
environment. Also update docs to reflect the new default.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2015-11-11 14:42:08 -08:00
David Calavera
3b5fac462d Remove LXC support.
The LXC driver was deprecated in Docker 1.8.
Following the deprecation rules, we can remove a deprecated feature
after two major releases. LXC won't be supported anymore starting on Docker 1.10.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-05 17:09:57 -05:00
Tianon Gravi
b5763f8fa7 Fail explicitly if curl is missing in contrib/download-frozen-image.sh
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-03-17 23:10:02 -06:00
Tianon Gravi
ece4b5bde8 Update Dockerfile.simple to include aufs-tools
This also updates the comments at the top of the file to note that `-v /var/lib/docker` should be supplied for running `test-integration-cli` and that `hack/dind` is actually also required for `test-unit`.

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-03-09 18:24:49 -06:00
Tianon Gravi
5118f1431c Add secondary "simple" Dockerfile
This is the absolute bare minimum necessary to compile and test Docker -- this is going to be especially useful for testing and verifying assumptions.

With this, we can setup a Jenkins job that tests to ensure that all the work we do to make sure our build scripts and tests don't contain assumptions is not effort spent in vain.

This is important because this is the kind of bare-bones stock environment our packagers build in.  Additionally, this verifies that our scripts will work reasonably on other platforms (such as Darwin and Windows) as well.

Assumptions existing tests make that currently fail:

- `registry-v2` exists as a binary in `$PATH` (FIXED IN #11005 🎉)
- `unprivilegeduser` exists as a user in `/etc/passwd`

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-03-02 15:20:16 -07:00