Commit graph

43911 commits

Author SHA1 Message Date
Sebastiaan van Stijn
2b1dcf4cbf
Merge pull request #43509 from thaJeztah/daemon_fix_hosts_validation_step1a
cmd/dockerd: improve validation to allow early exit
2022-04-27 11:13:38 +02:00
Sebastiaan van Stijn
0603f87fab
cmd/dockerd: validate API configuration as part of --validate
Previously, the API server configuration would be initialized and
validated when starting the API. Because of this, invalid configuration
(e.g. missing or invalid TLS certificates) would not be detected
when using `dockerd --validate`.

This patch moves creation of the validation earlier, so that it's
validated as part of `dockerd --validate`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:24 +02:00
Sebastiaan van Stijn
e16c3616e2
cmd/dockerd: change newAPIServerConfig() to only receive config.Config
This function took the whole daemon cli as argument but only needed the config

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:22 +02:00
Sebastiaan van Stijn
57c20c1b79
cmd/dockerd: normalize hosts when loading config
Previously, hosts were de-duplicated and normalized when starting
the API server (in `loadListeners()`), which meant that errors could
occur in that step (but not detected when using `dockerd --validate`),
as well as the list of hosts in the config not matching what would
actually be used (i.e., if duplicates were present).

This patch extracts the de-duplicating to a separate function, and
executes it as part of loading the daemon configuration, so that we
can fail early.

Moving this code also showed that some of this validation depended
on `newAPIServerConfig()` modifying the configuration (adding an
empty host if none was set) in order to have the parsing set a
default. This code was moved elsewhere, but a TODO comment added
as this logic is somewhat sketchy.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:20 +02:00
Sebastiaan van Stijn
7b3463f2c5
cmd/dockerd: loadDaemonCliConfig(): minor cleanup
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:19 +02:00
Sebastiaan van Stijn
d9d0683862
cmd/dockerd: un-export config methods, and don't pass flags "twice"
- un-export `daemonOptions.InstallFlags()`; `daemonOptions` itself isn't exported,
  not exported, and `InstallFlags()` isn't matching any interface and only used
  internally.
- un-export `daemonOptions.SetDefaultOptions()` and remove the `flags` argument
  as we were passing `daemonOptions.flags` as argument on a method attached to
  `daemonOptions`, which was somewhat backwards. While at it, also removing an
  intermediate variable that wasn't needed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:17 +02:00
Sebastiaan van Stijn
390c7d6871
daemon/config: Validate(): validate log-level
Log-level validation was previously performed when configuring the daemon-logs;
this moves the validation to config.Validate() so that we can catch invalid
settings when running dockerd --validate.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-27 00:34:14 +02:00
Sebastiaan van Stijn
787257f767
Merge pull request #43332 from thaJeztah/api_swagger_move_definitions
api: swagger: use explicit definitions for some response types, and move examples per-field
2022-04-26 23:46:49 +02:00
Sebastiaan van Stijn
9184f0b5e4
Merge pull request #43365 from thaJeztah/cleanup_distribution
distribution: remove v1 leftovers, and refactor to reduce public api/interface
2022-04-26 23:45:38 +02:00
Sebastiaan van Stijn
104ac2ca49
Merge pull request #43521 from thaJeztah/rootless_fixups
minor rootless fix-ups
2022-04-26 11:00:28 +02:00
Sebastiaan van Stijn
c045fab537
Merge pull request #43519 from thaJeztah/daemon_fix_hosts_validation_step1d
daemon: daemon.networkOptions(): don't pass Config as argument
2022-04-26 10:54:52 +02:00
Akihiro Suda
8b03343ed0
Merge pull request #43520 from thaJeztah/daemon_fix_hosts_validation_step1e
api/server: remove "Logging" from config
2022-04-26 13:24:50 +09:00
Sebastiaan van Stijn
63ea9eb594
cmd/dockerd: don't call registry.SetCertsDir() twice
This was introduced in 85572cac14, where I
probably forgot to remove this code from an earlier iteration (I decided
that having an explicit `configureCertsDir()` function call for this would
make it more transparent that we're re-configuring a default).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-25 14:09:25 +02:00
Sebastiaan van Stijn
350fadbdd4
rootless: remove redundant sync.Once
This was added in ec87479b7e, but it's unclear
why a sync.Once was used just for reading an environment-variable. The
related PR had a lot of review comments, so perhaps an earlier implementation
used something more heavy-weight, or it was just overlooked.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-25 13:53:32 +02:00
Sebastiaan van Stijn
cd054983ff
api/server: remove "Logging" from config
The Logging boolean was unconditionally set to true and ignored in all locations,
except for enabling the debugging middleware, which was also gated by the active
logrus logging level.

While it could make sense to have a Loglevel option configured on the API server,
we don't have this currently, and to make that actually useful, that config would
need to be tollerated by all locations that produce logs (which isn't the case
either).

Looking at the history of this option; a boolean to disable logging was originally
added in commit c423a790d6, which hard-coded it to
"disabled" in a test, and "enabled" for the API server outside of tests (before
that commit, logging was always enabled).

02ddaad5d9 and 5c42b2b512
changed the hard-coded values to be configurable through a `Logging` env-var (env-
vars were used _internally_ at the time to pass on options), which later became
a configuration struct in a0bf80fe03.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-23 23:38:30 +02:00
Sebastiaan van Stijn
3b56c0663d
daemon: daemon.networkOptions(): don't pass Config as argument
This is a method on the daemon, which itself holds the Config, so
there's no need to pass the same configuration as an argument.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-23 23:34:13 +02:00
Sebastiaan van Stijn
2b0da89366
distribution: move newPusher() and newPuller() together with definition
Also moving writeStatus() to the puller, which is where it's used, and makes
it slightly easier to consume.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 23:13:39 +02:00
Sebastiaan van Stijn
566c8db66d
distribution: add GetRepository(), un-export NewV2Repository, ValidateRepoName
These were only exported to facilitate ImageService.GetRepository() (used for
the `GET /distribution/{name:.*}/json` endpoint.

Moving the core functionality of that to the distribution package makes it
more consistent with (e.g.) "pull" operations, and allows us to keep more things
internal.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 23:12:02 +02:00
Sebastiaan van Stijn
572c7e0184
distribution: remove RootFSFromConfig(), PlatformFromConfig() from ImageConfigStore
These functions did not require the ImageConfigStore, so could just be local
utilities.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 23:12:00 +02:00
Sebastiaan van Stijn
1e75ab0ab9
distribution: remove Pusher interface, NewPusher(), and redundant V1 checks
It's only used internally, so we can refer to the implementation itself. Given
that RegistryService.LookupPushEndpoints now only returns V2 endpoints, we
no longer need to check if an endpoint is possibly V1.

Also rename some types that had "v2" in their name, now that we only support v2.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 23:11:54 +02:00
Sebastiaan van Stijn
41999abcbe
distribution: remove Puller interface, remove redundant V1 checks
It's only used internally, so we can refer to the implementation itself. Given
that RegistryService.LookupPullEndpoints now only returns V2 endpoints, we
no longer need to check if an endpoint is possibly V1.

Also rename some types that had "v2" in their name, now that we only support v2.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 23:11:07 +02:00
Sebastiaan van Stijn
074e41679d
distribution: un-export internal errors and error-utilities
un-exports errors that were only used internally:

- Remove ErrNoSupport as it was not emitted anywhere
- ImageConfigPullError -> imageConfigPullError
- TranslatePullError() -> translatePullError()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 22:53:02 +02:00
Sebastiaan van Stijn
fb5485f5d0
distribution: un-export ImageTypes, make ImagePullConfig.Schema2Types optional
Use the default list of accepted mediaTypes if none were passed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 22:36:56 +02:00
Tianon Gravi
e78f6f9c68
Merge pull request #43510 from thaJeztah/daemon_fix_hosts_validation_step1b
opts: remove hacks for old go versions, and improve coverage
2022-04-21 12:33:57 -07:00
Sebastiaan van Stijn
a189651b4c
Merge pull request #43358 from thaJeztah/plugin_EndpointResolver
plugin: add EndpointResolver interface
2022-04-21 20:49:56 +02:00
Samuel Karp
ccb691a427
Merge pull request #43511 from thaJeztah/no_logrus_fatal 2022-04-21 11:33:43 -07:00
Sebastiaan van Stijn
176f66df9c
api/types: replace uses of deprecated types.Volume with volume.Volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:50:59 +02:00
Sebastiaan van Stijn
54386f0c8f
api: docs: move VolumeListResponse to definitions (v1.39-v1.41)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:49:56 +02:00
Sebastiaan van Stijn
cd635e465d
api: swagger: move VolumeListResponse to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:49:53 +02:00
Sebastiaan van Stijn
f19ef20a44
api: move types.Volume to volume.Volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:49:50 +02:00
Sebastiaan van Stijn
1a0c15abbb
Merge pull request #43206 from thaJeztah/having_such_a_good_time_im_having_a_ball
API: add "signal" parameter to container stop and restart endpoints
2022-04-21 16:08:43 +02:00
Sebastiaan van Stijn
0e4f473a9f
pkg/chrootarchive: remove redundant init() stub for Windows
The package already has some windows files (so it's not empty), and
this init was not needed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 12:16:23 +02:00
Sebastiaan van Stijn
df650a1aeb
panic() instead of logrus.Fatal() in init funcs
Some packages were using `logrus.Fatal()` in init functions (which logs the error,
and (by default) calls `os.Exit(1)` after logging).

Given that logrus formatting and outputs have not yet been configured during the
initialization stage, it does not provide much benefits over a plain `panic()`.

This patch replaces some instances of `logrus.Fatal()` with `panic()`, which has
the added benefits of not introducing logrus as a dependency in some of these
packages, and also produces a stacktrace, which could help locating the problem
in the unlikely event an `init()` fails.

Before this change, an error would look like:

    $ dockerd
    FATA[0000] something bad happened

After this change, the same error looks like:

    $ dockerd
    panic: something bad happened

    goroutine 1 [running]:
      github.com/docker/docker/daemon/logger/awslogs.init.0()
        /go/src/github.com/docker/docker/daemon/logger/awslogs/cloudwatchlogs.go:128 +0x89

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 12:15:20 +02:00
Sebastiaan van Stijn
ab5ebefa0d
opts: TestParseHost(): also check the error
This test was only validating that "an" error occurred, but failed
to check if the error was for the expected reason.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 11:20:41 +02:00
Sebastiaan van Stijn
fc83834ebb
opts: use subtests, and split checks
Some checks combined all possible comparisons in a single "assert",
making it hard to see in the output what failed (output, error?)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 11:16:04 +02:00
Sebastiaan van Stijn
83b71e0ed0
opts: re-order test-cases and use more consistent values
Re-order some test-cases to make it easier to find if we cover all variants,
and add some missing variants.

Also change tests to not use default ports where needed, so that we are sure
the code is taking the provided value, and didn't fall back to use the defaults.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 11:14:00 +02:00
Samuel Karp
c5f18aac9f
Merge pull request #43505 from thaJeztah/libnetwork_no_string_fields
libnetwork: don't use strings.Fields() to improve performance
2022-04-21 00:57:55 -07:00
Sebastiaan van Stijn
eebd8d3c0c
opts: ParseTCPAddr(): remove workaround for go1.5
Current versions of Go no longer have a problem with the trailing
colon when using url.Parse() or net.SplitHostPort(), so we can remove
this workaround.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 22:29:18 +02:00
Sebastiaan van Stijn
c66271f4da
opts: TestParseDockerDaemonHost(), TestParseTCP() remove workaround
This was added in 683766613a, to workaround
changes in error between go 1.12.8 / go 1.11.13, causing the test to fail.

We no longer test against those versions, so we can remove this workaround.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 22:29:15 +02:00
Sebastiaan van Stijn
7d9c114fd4
Merge pull request #43502 from olljanat/fix-hns-policylist-error
Fix HNS policylist error "network not found" during network removal
2022-04-20 22:02:13 +02:00
Sebastiaan van Stijn
603c64fff0
Merge pull request #43461 from thaJeztah/api_document_ContainerConfig
api: improve documentation of ContainerConfig type
2022-04-20 21:50:19 +02:00
Sebastiaan van Stijn
90647e22b2
api/types/time: remove DurationToSecondsString() utility as it's no longer used
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:36 +02:00
Sebastiaan van Stijn
e8fa708ae5
client: ContainerStop(), ContainerRestart(): support stop-signal
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:34 +02:00
Sebastiaan van Stijn
9060126639
client, integration-cli: remove unneeded import aliases
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:33 +02:00
Sebastiaan van Stijn
83a185897d
API: add "signal" parameter to container stop and restart endpoints
Containers can have a default stop-signal (`--stop-signal` / `STOPSIGNAL`) and
timeout (`--stop-timeout`). It is currently not possible to update either of
these after the container is created (`docker update` does not allow updating
them), and while either of these can be overridden through some commands, we
currently do not have a command that can override *both*:

command         | stop-signal | stop-timeout | notes
----------------|-------------|--------------|----------------------------
docker kill     | yes         | DNA          | only sends a single signal
docker restart  | no          | yes          |
docker stop     | no          | yes          |

As a result, if a user wants to stop a container with a custom signal and
timeout, the only option is to do this manually:

    docker kill -s <custom signal> mycontainer
    # wait <desired timeout>
    # press ^C to cancel the graceful stop
    # forcibly kill the container
    docker kill mycontainer

This patch adds a new `signal` query parameter to the container "stop" and
"restart" endpoints. This parameter can be added as a new flag on the CLI,
which would allow stopping and restarting with a custom timeout and signal,
for example:

    docker stop --signal=SIGWINCH --time=120 mycontainer

    docker restart --signal=SIGWINCH --time=120 mycontainer

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:31 +02:00
Sebastiaan van Stijn
90de570cfa
backend: add StopOptions to ContainerRestart and ContainerStop
While we're modifying the interface, also add a context to both.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:30 +02:00
Sebastiaan van Stijn
952902efbc
daemon: containerStop(): use a regular "defer" to log container event
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:27 +02:00
Sebastiaan van Stijn
5edf9acf9c
daemon: move default stop-timeout to containerStop()
This avoids having to determine what the default is in various
parts of the code. If no custom timeout is passed (nil), the
default will be used.

Also remove the named return variable from cleanupContainer(),
as it wasn't used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:15 +02:00
Sebastiaan van Stijn
f3bce92a24
daemon: cleanupContainer(): pass ContainerRmConfig as parameter
We already have this config, so might as well pass it, instead of passing
each option as a separate argument.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:27:24 +02:00
Sebastiaan van Stijn
4430992af8
daemon: rename some variables, import-aliases and receivers
- daemon/delete: rename var that collided with import, remove output var
- daemon: fix inconsistent receiver name and package aliases
- daemon/stop: rename imports and variables to standard naming
  This is in preparation of some changes, but keeping it in  a
  separate commit to make review of other changes easier.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:22:28 +02:00