Commit graph

140 commits

Author SHA1 Message Date
Brian Goff
1d87f788b1 Merge pull request #23030 from Microsoft/jjh/xenonworkdir
Windows: Default isolation and workdir
2016-05-27 11:31:36 -04:00
John Howard
6952135fc8 Windows: Default isolation and workdir
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-05-26 13:24:22 -07:00
Alessandro Boch
f198dfd856 Update port info on network connect/disconnect
Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-05-25 17:02:50 -07:00
Vincent Demeester
0fb6190243
Fix escape-keys by preserving input if invalid
Currently, using a custom detach key with an invalid sequence, eats a
part of the sequence, making it weird and difficult to enter some key
sequence.

This fixes by keeping the input read when trying to see if it's the key
sequence or not, and "writing" then is the key sequence is not the right
one, preserving the initial input.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-05-24 17:14:48 +02:00
Yong Tang
38c49d9987 Remove docker/ prefix from log messages tag.
This fix tries to address the issue raised in #22358 where syslog's
message tag always starts with `docker/` and can not be removed
by changing the log tag templates.

The issue is that syslog driver hardcodes `path.Base(os.Args[0])`
as the prefix, which is the binary file name of the daemon (`dockerd`).
This could be an issue for certain situations (e.g., #22358) where
user may prefer not to have a dedicated prefix in syslog messages.
There is no way to override this behavior in the current verison of
the docker.

This fix tries to address this issue without making changes in the
default behavior of the syslog driver. An additional
`{{.DaemonName}}` has been introduced in the syslog tag. This is
assigned as the `docker` when daemon starts. The default log tag
template has also been changed from
`path.Base(os.Args[0]) + "/{{.ID}}"` to `{{.DaemonName}}/{{.ID}}`.
Therefore, there is no behavior changes when log-tag is not provided.

In order to be consistent, the default log tag for fluentd has been
changed from `docker.{{.ID}}` to `{{DaemonName}}.{{.ID}}` as well.

The documentation for log-tag has been updated to reflect this change.

Additional test cases have been added to cover changes in this fix.

This fix fixes #22358.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-05-12 22:29:30 -07:00
Dan Walsh
3894773d6e We should always return the MountLabel
We need to have labels applied even if a container is running in privileged
mode.  On an tightly locked down SELinux system, this will cause running
without labels will cause SELinux to block privileged mode containers.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-04-30 05:46:56 -04:00
Michael Crosby
2b97201e0c Merge pull request #22181 from Microsoft/jjh/workdir
Windows: Consistent build workdir handling
2016-04-26 16:51:09 -07:00
John Howard
0433801093 Windows: Consistent build workdir handling
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-04-26 15:32:52 -07:00
Vincent Demeester
17d5c97c90 Merge pull request #22125 from crosbymichael/restart-timeout
Reset restart timeout if execution longer than 10s
2016-04-25 19:15:32 +02:00
Michael Crosby
b6db56b5eb Reset restart timeout if execution longer than 10s
Restore the 1.10 logic that will reset the restart manager's timeout or
backoff delay if a container executes longer than 10s reguardless of
exit status or policy.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-22 10:37:34 -07:00
Tonis Tiigi
ea3cbd3274 Safer file io for configuration files
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-04-21 11:31:15 -07:00
Akihiro Suda
d231260868 Clean up unused code
Signed-off-by: Akihiro Suda <suda.kyoto@gmail.com>
2016-04-14 07:04:10 +00:00
Zhang Wei
51e42e6ee0 Fix ShouldRestart for on-failure handle
Currently if you restart docker daemon, all the containers with restart
policy `on-failure` regardless of its `RestartCount` will be started,
this will make daemon cost more extra time for restart.

This commit will stop these containers to do unnecessary start on
daemon's restart.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-04-10 15:44:47 +08:00
LingFaKe
d0344731ef fix typo
Signed-off-by: Ling FaKe <lingfake@huawei.com>
2016-04-08 22:08:58 +08:00
Tonis Tiigi
20390f65c4 Fix restart monitor stopping on manual restart
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-04-07 16:12:05 -07:00
Brian Goff
b0ac69b67e Add explicit flags for volume cp/no-cp
This allows a user to specify explicitly to enable
automatic copying of data from the container path to the volume path.
This does not change the default behavior of automatically copying, but
does allow a user to disable it at runtime.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-03-21 20:38:44 -04:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Sebastiaan van Stijn
68ca76320f Merge pull request #21190 from runcom/cleanup
*: remove unused stuff
2016-03-15 11:13:10 +01:00
Antonio Murdaca
59648fc1e9 *: remove unused stuff
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-14 18:41:30 +01:00
David Calavera
8e74cf59d0 Merge pull request #21048 from LK4D4/fix_attach_leak
daemon: fix hanging attaches on initial start failures
2016-03-14 10:16:45 -07:00
Alexander Morozov
7bb815e296 daemon: fix hanging attaches on initial start failures
Attach can hang forever if there is no data to send. This PR adds notification
of Attach goroutine about container stop.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-03-10 07:38:46 -08:00
msabansal
e8026d8a98 Windows libnetwork integration
Signed-off-by: msabansal <sabansal@microsoft.com>
2016-03-09 20:33:21 -08:00
Phil Estes
799a6b94ee Ensure WORKDIR is created with remapped root ownership
Correct creation of a non-existing WORKDIR during docker build to use
remapped root uid/gid on mkdir

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-03-08 11:58:55 -05:00
Vincent Demeester
b65fd8e879 Merge pull request #20858 from mountkin/validate-log-opts-again
validate log-opt when creating containers AGAIN (fixing drunkard's code)
2016-03-02 18:27:00 +01:00
Shijiang Wei
068085005e validate log-opt when creating containers AGAIN
Signed-off-by: Shijiang Wei <mountkin@gmail.com>
2016-03-02 20:30:26 +08:00
John Howard
5849a55376 Windows: Don't create working dir for Hyper-V Containers
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-03-01 14:10:40 -08:00
David Calavera
a793564b25 Remove static errors from errors package.
Moving all strings to the errors package wasn't a good idea after all.

Our custom implementation of Go errors predates everything that's nice
and good about working with errors in Go. Take as an example what we
have to do to get an error message:

```go
func GetErrorMessage(err error) string {
	switch err.(type) {
	case errcode.Error:
		e, _ := err.(errcode.Error)
		return e.Message

	case errcode.ErrorCode:
		ec, _ := err.(errcode.ErrorCode)
		return ec.Message()

	default:
		return err.Error()
	}
}
```

This goes against every good practice for Go development. The language already provides a simple, intuitive and standard way to get error messages, that is calling the `Error()` method from an error. Reinventing the error interface is a mistake.

Our custom implementation also makes very hard to reason about errors, another nice thing about Go. I found several (>10) error declarations that we don't use anywhere. This is a clear sign about how little we know about the errors we return. I also found several error usages where the number of arguments was different than the parameters declared in the error, another clear example of how difficult is to reason about errors.

Moreover, our custom implementation didn't really make easier for people to return custom HTTP status code depending on the errors. Again, it's hard to reason about when to set custom codes and how. Take an example what we have to do to extract the message and status code from an error before returning a response from the API:

```go
	switch err.(type) {
	case errcode.ErrorCode:
		daError, _ := err.(errcode.ErrorCode)
		statusCode = daError.Descriptor().HTTPStatusCode
		errMsg = daError.Message()

	case errcode.Error:
		// For reference, if you're looking for a particular error
		// then you can do something like :
		//   import ( derr "github.com/docker/docker/errors" )
		//   if daError.ErrorCode() == derr.ErrorCodeNoSuchContainer { ... }

		daError, _ := err.(errcode.Error)
		statusCode = daError.ErrorCode().Descriptor().HTTPStatusCode
		errMsg = daError.Message

	default:
		// This part of will be removed once we've
		// converted everything over to use the errcode package

		// FIXME: this is brittle and should not be necessary.
		// If we need to differentiate between different possible error types,
		// we should create appropriate error types with clearly defined meaning
		errStr := strings.ToLower(err.Error())
		for keyword, status := range map[string]int{
			"not found":             http.StatusNotFound,
			"no such":               http.StatusNotFound,
			"bad parameter":         http.StatusBadRequest,
			"conflict":              http.StatusConflict,
			"impossible":            http.StatusNotAcceptable,
			"wrong login/password":  http.StatusUnauthorized,
			"hasn't been activated": http.StatusForbidden,
		} {
			if strings.Contains(errStr, keyword) {
				statusCode = status
				break
			}
		}
	}
```

You can notice two things in that code:

1. We have to explain how errors work, because our implementation goes against how easy to use Go errors are.
2. At no moment we arrived to remove that `switch` statement that was the original reason to use our custom implementation.

This change removes all our status errors from the errors package and puts them back in their specific contexts.
IT puts the messages back with their contexts. That way, we know right away when errors used and how to generate their messages.
It uses custom interfaces to reason about errors. Errors that need to response with a custom status code MUST implementent this simple interface:

```go
type errorWithStatus interface {
	HTTPErrorStatusCode() int
}
```

This interface is very straightforward to implement. It also preserves Go errors real behavior, getting the message is as simple as using the `Error()` method.

I included helper functions to generate errors that use custom status code in `errors/errors.go`.

By doing this, we remove the hard dependency we have eeverywhere to our custom errors package. Yes, you can use it as a helper to generate error, but it's still very easy to generate errors without it.

Please, read this fantastic blog post about errors in Go: http://dave.cheney.net/2014/12/24/inspecting-errors

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-26 15:49:09 -05:00
Zhang Wei
ff3ea4c90f Update RestartPolicy of container
Add `--restart` flag for `update` command, so we can change restart
policy for a container no matter it's running or stopped.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-02-20 17:06:32 +08:00
Darren Stahl
6791230320 Combine SetupWorkingDirectory for Linux and Windows
Signed-off-by: Darren Stahl <darst@microsoft.com>
2016-02-05 10:27:10 -08:00
John Howard
54320d8d18 Signed-off-by: John Howard <jhoward@microsoft.com>
Revert "Combine SetupWorkingDirectory for Linux and Windows"

This reverts commit ec31741ca1.
2016-01-29 20:49:39 -08:00
Darren Stahl
ec31741ca1 Combine SetupWorkingDirectory for Linux and Windows
Signed-off-by: Darren Stahl <darst@microsoft.com>
2016-01-27 16:17:35 -08:00
Tibor Vass
47074030f6 Merge pull request #19121 from WeiZhang555/tty-resize
Check nil Terminal to avoid panic
2016-01-11 11:29:15 -05:00
Zhang Wei
7f0d304f37 Check nil Terminal to avoid panic
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-01-07 10:07:12 +08:00
David Calavera
907407d0b2 Modify import paths to point to the new engine-api package.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-06 19:48:59 -05:00
Vincent Demeester
15aa2a663b Implement configurable detach key
Implement configurable detach keys (for `attach`, exec`, `run` and
`start`) using the client-side configuration

- Adds a `--detach-keys` flag to `attach`, `exec`, `run` and `start`
  commands.
- Adds a new configuration field (in `~/.docker/config.json`) to
  configure the default escape keys for docker client.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-01-03 23:03:39 +01:00
David Calavera
7ac4232e70 Move Config and HostConfig from runconfig to types/container.
- Make the API client library completely standalone.
- Move windows partition isolation detection to the client, so the
  driver doesn't use external types.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-22 13:34:30 -05:00
David Calavera
056e744903 Replace usage of pkg/nat with go-connections/nat.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-22 13:31:46 -05:00
Justas Brazauskas
927b334ebf Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2015-12-13 18:04:12 +02:00
Qiang Huang
464eefd795 Add lock for container update
Container needs to be locked when updating the fields, and
this PR also remove the redundant `parseSecurityOpt` since
it'll be done in `setHostConfig`.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-12-11 10:33:13 +08:00
David Calavera
6bb0d1816a Move Container to its own package.
So other packages don't need to import the daemon package when they
want to use this struct.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-12-03 17:39:49 +01:00
Renamed from daemon/container.go (Browse further)