Commit graph

64 commits

Author SHA1 Message Date
Thomas Leonard
b6c7becbfe
Add support for user-defined healthchecks
This PR adds support for user-defined health-check probes for Docker
containers. It adds a `HEALTHCHECK` instruction to the Dockerfile syntax plus
some corresponding "docker run" options. It can be used with a restart policy
to automatically restart a container if the check fails.

The `HEALTHCHECK` instruction has two forms:

* `HEALTHCHECK [OPTIONS] CMD command` (check container health by running a command inside the container)
* `HEALTHCHECK NONE` (disable any healthcheck inherited from the base image)

The `HEALTHCHECK` instruction tells Docker how to test a container to check that
it is still working. This can detect cases such as a web server that is stuck in
an infinite loop and unable to handle new connections, even though the server
process is still running.

When a container has a healthcheck specified, it has a _health status_ in
addition to its normal status. This status is initially `starting`. Whenever a
health check passes, it becomes `healthy` (whatever state it was previously in).
After a certain number of consecutive failures, it becomes `unhealthy`.

The options that can appear before `CMD` are:

* `--interval=DURATION` (default: `30s`)
* `--timeout=DURATION` (default: `30s`)
* `--retries=N` (default: `1`)

The health check will first run **interval** seconds after the container is
started, and then again **interval** seconds after each previous check completes.

If a single run of the check takes longer than **timeout** seconds then the check
is considered to have failed.

It takes **retries** consecutive failures of the health check for the container
to be considered `unhealthy`.

There can only be one `HEALTHCHECK` instruction in a Dockerfile. If you list
more than one then only the last `HEALTHCHECK` will take effect.

The command after the `CMD` keyword can be either a shell command (e.g. `HEALTHCHECK
CMD /bin/check-running`) or an _exec_ array (as with other Dockerfile commands;
see e.g. `ENTRYPOINT` for details).

The command's exit status indicates the health status of the container.
The possible values are:

- 0: success - the container is healthy and ready for use
- 1: unhealthy - the container is not working correctly
- 2: starting - the container is not ready for use yet, but is working correctly

If the probe returns 2 ("starting") when the container has already moved out of the
"starting" state then it is treated as "unhealthy" instead.

For example, to check every five minutes or so that a web-server is able to
serve the site's main page within three seconds:

    HEALTHCHECK --interval=5m --timeout=3s \
      CMD curl -f http://localhost/ || exit 1

To help debug failing probes, any output text (UTF-8 encoded) that the command writes
on stdout or stderr will be stored in the health status and can be queried with
`docker inspect`. Such output should be kept short (only the first 4096 bytes
are stored currently).

When the health status of a container changes, a `health_status` event is
generated with the new status. The health status is also displayed in the
`docker ps` output.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-06-02 23:58:34 +02:00
Akihiro Suda
8bce6265fc daemon: Rename copy to copyFunc
"copy" can be misleading for humans because Go has its own builtin "copy" function

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2016-06-02 13:30:20 +09:00
Stefan J. Wernli
a5b64f2847 Fixing Windows update logic.
Removing the call to Shutdown from within Signal in order to rely on waitExit handling the exit of the process.

Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2016-05-12 17:45:53 -07:00
Sebastiaan van Stijn
eaa1e8a8c4 Merge pull request #21839 from WeiZhang555/add-start-event
Add missing "start" event back for auto-restart container
2016-04-08 17:52:22 -07:00
Zhang Wei
fdfaaeb9aa Add missing "start" event back for auto-restart container
When container is automatically restarted based on restart policy,
docker events can't get "start" event but only get "die" event, this is
not consistent with previous behavior. This commit will add "start"
event back.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-04-08 11:40:32 +08:00
Stefan J. Wernli
818a5198e4 Adding postRunProcessing infrastructure for hanlding Windows Update.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2016-04-06 14:03:05 -07:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
David Calavera
6bb0d1816a Move Container to its own package.
So other packages don't need to import the daemon package when they
want to use this struct.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-12-03 17:39:49 +01:00
David Calavera
3f5b8f712d Extract StreamConfig struct out of the daemon package.
This is a small configuration struct used in two scenarios:

1. To attach I/O pipes to a running containers.
2. To attach to execution processes inside running containers.

Although they are similar, keeping the struct in the same package
than exec and container can generate cycled dependencies if we
move any of them outside the daemon, like we want to do
with the container.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-20 15:04:27 -05:00
mqliang
d71eeb1c05 move defer statement for readability
Signed-off-by: mqliang <mqliang.zju@gmail.com>
2015-11-11 11:28:23 +08:00
John Howard
2ff68910e2 Typo s/contained/container
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-11-08 18:29:34 -08:00
Antonio Murdaca
77826333fe Fix errors format
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-11-05 18:17:37 +01:00
Sally O'Malley
41de7a18d8 Change 'docker run' exit codes to distinguish docker/contained errors
The purpose of this PR is for users to distinguish Docker errors from
contained command errors.
This PR modifies 'docker run' exit codes to follow the chroot standard
for exit codes.
Exit status:
125 if 'docker run' itself fails
126 if contained command cannot be invoked
127 if contained command cannot be found
the exit status otherwise

Signed-off-by: Sally O'Malley <somalley@redhat.com>
2015-11-04 15:18:50 -05:00
David Calavera
63efc12070 Remove further references to the daemon within containers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:28:54 -05:00
David Calavera
c412300dd9 Decouple daemon and container to configure logging drivers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:49 -05:00
David Calavera
019c337b93 Decouple daemon and container to cleanup containers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:48 -05:00
David Calavera
ca5ede2d0a Decouple daemon and container to log events.
Create a supervisor interface to let the container monitor to emit events.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:48 -05:00
Tibor Vass
b08f071e18 Revert "Merge pull request #16228 from duglin/ContextualizeEvents"
Although having a request ID available throughout the codebase is very
valuable, the impact of requiring a Context as an argument to every
function in the codepath of an API request, is too significant and was
not properly understood at the time of the review.

Furthermore, mixing API-layer code with non-API-layer code makes the
latter usable only by API-layer code (one that has a notion of Context).

This reverts commit de41640435, reversing
changes made to 7daeecd42d.

Signed-off-by: Tibor Vass <tibor@docker.com>

Conflicts:
	api/server/container.go
	builder/internals.go
	daemon/container_unix.go
	daemon/create.go
2015-09-29 14:26:51 -04:00
Doug Davis
26b1064967 Add context.RequestID to event stream
This PR adds a "request ID" to each event generated, the 'docker events'
stream now looks like this:

```
2015-09-10T15:02:50.000000000-07:00 [reqid: c01e3534ddca] de7c5d4ca927253cf4e978ee9c4545161e406e9b5a14617efb52c658b249174a: (from ubuntu) create
```
Note the `[reqID: c01e3534ddca]` part, that's new.

Each HTTP request will generate its own unique ID. So, if you do a
`docker build` you'll see a series of events all with the same reqID.
This allow for log processing tools to determine which events are all related
to the same http request.

I didn't propigate the context to all possible funcs in the daemon,
I decided to just do the ones that needed it in order to get the reqID
into the events. I'd like to have people review this direction first, and
if we're ok with it then I'll make sure we're consistent about when
we pass around the context - IOW, make sure that all funcs at the same level
have a context passed in even if they don't call the log funcs - this will
ensure we're consistent w/o passing it around for all calls unnecessarily.

ping @icecrime @calavera @crosbymichael

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-24 11:56:37 -07:00
Hu Keping
f05bacbe50 Events for OOM needs to be shift to an earlier time
It's worth to warn user as soon as possilbe when OOM happend.

Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-09-21 10:18:08 +08:00
Madhu Venugopal
e148e763b8 Update native execdriver to exploit libcontainer hooks
Using @mavenugo's patch for enabling the libcontainer pre-start hook to
be used for network namespace initialization (correcting the conflict
with user namespaces); updated the boolean check to the more generic
SupportsHooks() name, and fixed the hook state function signature.

Signed-off-by: Madhu Venugopal <madhu@docker.com>
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2015-09-16 12:51:14 -04:00
Morgan Bauer
abd72d4008
golint fixes for daemon/ package
- some method names were changed to have a 'Locking' suffix, as the
 downcased versions already existed, and the existing functions simply
 had locks around the already downcased version.
 - deleting unused functions
 - package comment
 - magic numbers replaced by golang constants
 - comments all over

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
2015-08-27 22:07:42 -07:00
Tonis Tiigi
10305dc5e8 Add unless-stopped restart policy
Fixes #11008

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-08-18 11:39:06 -07:00
Brian Goff
c0391bf554 Split reader interface from logger interface
Implement new reader interface on jsonfile.
Moves jsonlog decoding from daemon to jsonfile logger.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-21 20:47:31 -04:00
Qiang Huang
af7f81878f Show error message when todisk failed
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-07-02 18:24:35 +08:00
Antonio Murdaca
624bf81fdb Add RestartPolicy methods instead of using strings checking
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-05-16 14:15:28 +02:00
Antonio Murdaca
6f4d847046 Replace aliased imports of logrus, fixes #11762
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-03-26 23:22:04 +01:00
Antonio Murdaca
b80fae7356 Refactor pkg/common, Fixes #11599
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-03-24 18:19:59 +01:00
Alexander Morozov
b6a42673ab Wait for copier finishing it's work before closing logger
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-18 13:48:01 -07:00
Alexander Morozov
47a6afb93f Default 'json-file' logging driver and none logging driver
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-13 12:13:21 -07:00
Yuan Sun
906974b185 correct some daemon spelling mistakes
Signed-off-by: Yuan Sun <sunyuan3@huawei.com>
2015-03-13 05:14:56 -04:00
Srini Brahmaroutu
7a9c944b82 Removing dependencies from pkg into Docker internal code
Closes #10922

Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-02-23 18:43:10 +00:00
Alexander Morozov
e7f6433109 Remove explicit setting of ExitCode
That will be set in defer anyway. Also there was race between setting
ExitCode and inspect.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-01-29 14:50:42 -08:00
HuKeping
e721ed9b53 restart: Fix the compare of restart policy
Since the failure count of container will increase by 1 every time it
exits successfully, the compare in function shouldRestart() will stop
container to restart by the last time.

Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-01-13 13:05:30 +08:00
HuKeping
af053ccf6b restart: Fix an error about arguments missing
Function shouldRestart() checks the restart policy and records the
debug info and there should be two arguments in the log.Debugf().

Prior to the this patch, the logs were something like this:
- client: $ docker run --restart=on-failure:3 ubuntu /bin/sh -c 'exit 1'
- daemon: INFO[0168] ...
	  DEBU[0168] stopping restart of container %!s(int=3) because maximum
	  failure could of %!d(MISSING) has been reached
	  INFO[0086] ...

Btw, fix a spelling error in the same file:
- cotnainer -> container

----------------------------------------

Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-01-06 12:25:39 +08:00
Phil Estes
44cab4a4ff Add "OOM killed" event based on OOM state information
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2014-12-23 18:22:31 -05:00
Vishnu Kannan
46f2944977 Address comments.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-11-08 00:14:08 +00:00
Vishnu Kannan
f96e04ffc7 This patch adds ability in docker to detect out of memory conditions in containers.
Since the containers can handle the out of memory kernel kills gracefully, docker
will only provide out of memory information as an additional metadata as part of
container status.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-11-08 00:14:08 +00:00
Doug Davis
69a5b827dc See #8379 - if the container doesn't start I added code to make sure that if no other processing sets the container.exitCode to a non-zero value when we make sure its done before we return. I also made sure that while trying to start the CMD/ENTRYPOINT, if it fails, then we set the container.exitCode to the exitStatus from the exec().
Closes #8379

Signed-off-by: Doug Davis <dug@us.ibm.com>
2014-11-05 18:23:42 -08:00
Alexandr Morozov
ee7dd44c01 Mass gofmt
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-10-24 15:11:48 -07:00
Alexandr Morozov
7c62cee51e Use logrus everywhere for logging
Fixed #8761

Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-10-24 15:03:06 -07:00
ArikaChen
bfc9d8bbea Fix typo:betweem->between and PtySlace->PtySlave
Signed-off-by: Arika Chen <eaglesora@gmail.com>
2014-09-30 07:22:09 -04:00
Alexandr Morozov
e0339d4b88
Use State as embedded to Container
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-09-03 00:01:11 +04:00
Vishnu Kannan
3a7e07355a Rename 'StdConfig' to 'StreamConfig'.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-09-01 14:31:01 -07:00
Vishnu Kannan
4aa5da278f Refactoring execdriver.Command and Container structs to support 'docker exec' and other
similar features in the future.

Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-09-01 14:30:16 -07:00
Alexandr Morozov
517ba44e37
Merge Container and State mutexes
Resolved all deadlocks and fixed race between kill and
monitor.resetContainer
Fixes #7600

Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-29 12:56:04 +04:00
Alexandr Morozov
12ff89a390
Fix race condition between cleanup and Start
There was problem when Start might be before cleanup

Fixes #6904

Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-26 20:57:12 +04:00
Alexandr Morozov
0d4d7e4a28
Cleanup: Make channels unbuffered
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-14 21:51:25 +04:00
Alexandr Morozov
93d6adf8a1
Fix race between container cleanup and inspect/ps
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-14 21:51:06 +04:00
Alexandr Morozov
1480168e9f
Fix race condition in sending started signal from monitor
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-14 21:50:56 +04:00