Commit graph

2544 commits

Author SHA1 Message Date
Tibor Vass
83b2782ea9 plugins: rename DeviceCreation to AllowAllDevices
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit f265727bdf)
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-01-10 15:21:46 -08:00
Victor Vieux
4e9dd0e51c replace no-remove by sample-volume-plugin in docs
Signed-off-by: Victor Vieux <vieux@docker.com>
(cherry picked from commit bcead9282e)
Signed-off-by: Victor Vieux <vieux@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-01-04 12:44:55 +01:00
Tobias Gesellchen
97b0bb730e fix swagger description for DELETE /plugin/{name}
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
(cherry picked from commit e6b2829a7f)
Signed-off-by: Victor Vieux <vieux@docker.com>
2017-01-04 12:42:40 +01:00
Tonis Tiigi
38d914cc96 Implement content addressability for plugins
Move plugins to shared distribution stack with images.

Create immutable plugin config that matches schema2 requirements.

Ensure data being pushed is same as pulled/created.

Store distribution artifacts in a blobstore.

Run init layer setup for every plugin start.

Fix breakouts from unsafe file accesses.

Add support for `docker plugin install --alias`

Uses normalized references for default names to avoid collisions when using default hosts/tags.

Some refactoring of the plugin manager to support the change, like removing the singleton manager and adding manager config struct.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
(cherry picked from commit 3d86b0c79b)
2016-12-27 13:31:14 -08:00
Anusha Ragunathan
2039ea6adc Enforce zero plugin refcount during disable.
When plugins have a positive refcount, they were not allowed to be
removed. However, plugins could still be disabled when volumes
referenced it and containers using them were running.

This change fixes that by enforcing plugin refcount during disable.
A "force" disable option is also added to ignore reference refcounting.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 8cb2229cd1)
2016-12-27 13:19:25 -08:00
Akihiro Suda
0c19045523 api: allow creating a network of which name is the prefix of the ID of a swarm network
Previously, it doesn't allow creating such a network:

e.g.

    $ docker network inspect -f '{{.Id}}' ingress
    84xh9knigj6zyt00u31e26nj3
    $ docker network create 84
    Error response from daemon: network with name 84 already exists

Fix #27866

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit edfbc3b876)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-15 22:59:42 -08:00
Victor Vieux
1b521547f0 Merge pull request #29229 from vieux/1.13.0-rc4-cherrypicks
1.13.0-rc4 cherry-picks: part1
2016-12-14 17:18:17 -08:00
Alessandro Boch
fa9618550a Fix buildIpamResources()
- Can no longer assume IPv6 operational data to be present

Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-12-14 10:36:44 -08:00
Ben Firshman
20dc482b10 Add display name for tags in swagger.yaml
In #29071, we made the tags the correct name for generating types,
at the expense of the menu in the documentation looking good.

ReDoc now has support for tag display names
( https://github.com/Rebilly/ReDoc/pull/152 ), so we can assign
a more human-friendly name to the menu items.

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 0caa6c218c)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-13 23:48:22 -08:00
allencloud
4aa72cb5a9 add missing status code 403 for services/create in docs
Signed-off-by: allencloud <allen.sun@daocloud.io>
(cherry picked from commit 19654fd71e)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-13 17:08:53 -08:00
Doug Davis
64aac182d6 Fix processing of unset build-args during build
This reverts 26103.  26103 was trying to make it so that if someone did:
  docker build --build-arg FOO .
and FOO wasn't set as an env var then it would pick-up FOO from the
Dockerfile's ARG cmd.  However, it went too far and removed the ability
to specify a build arg w/o any value. Meaning it required the --build-arg
param to always be in the form "name=value", and not just "name".

This PR does the right fix - it allows just "name" and it'll grab the value
from the env vars if set. If "name" isn't set in the env then it still needs
to send "name" to the server so that a warning can be printed about an
unused --build-arg. And this is why buildArgs in the options is now a
*string instead of just a string - 'nil' == mentioned but no value.

Closes #29084

Signed-off-by: Doug Davis <dug@us.ibm.com>
(cherry picked from commit cdb8ea90b0)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-09 14:24:00 -08:00
Tibor Vass
3a571b72fd plugins: container-rootfs-relative paths
Legacy plugins expect host-relative paths (such as for Volume.Mount).
However, a containerized plugin cannot respond with a host-relative
path. Therefore, this commit modifies new volume plugins' paths in Mount
and List to prepend the container's rootfs path.

This introduces a new PropagatedMount field in the Plugin Config.
When it is set for volume plugins, RootfsPropagation is set to rshared
and the path specified by PropagatedMount is bind-mounted with rshared
prior to launching the container. This is so that the daemon code can
access the paths returned by the plugin from the host mount namespace.

Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit c54b717caf)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-09 14:16:04 -08:00
Evan Hazlett
f081b22a4a add headers when using exec
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

ensure headers are properly sanitized

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
(cherry picked from commit f86db80b5f)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-09 14:12:09 -08:00
allencloud
51b83ae8fb add 403 for endpoint network create
Signed-off-by: allencloud <allen.sun@daocloud.io>
(cherry picked from commit 0d21e24b9f)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:15:45 -08:00
Vincent Demeester
0f2364f73c Handle logging in compose to swarm
Logging configuration was completely ignore when deploy a compose file
to swarm. This fixes it.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 806cc1e0f8)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:14:20 -08:00
erxian
487fad2a2c refine api swagger.yaml towards image create status code
Signed-off-by: erxian <evelynhsu21@gmail.com>
(cherry picked from commit 15be050fb3)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:11:20 -08:00
Victor Vieux
8bed67c368 update docs
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
(cherry picked from commit 30db51c169)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:10:31 -08:00
Victor Vieux
728296b9ea refactor plugin install
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
(cherry picked from commit fa3b61a28f)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:10:24 -08:00
Yong Tang
d1d6357beb Convert DanglingOnly to Filters for docker image prune
This fix convert DanglingOnly in ImagesPruneConfig to Filters,
so that it is possible to maintain API compatibility in the future.

Several integration tests have been added to cover changes.

This fix is related to 28497.

A follow up to this PR will be done once this PR is merged.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit a6be56b54e)
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-07 16:08:18 -08:00
Vincent Demeester
1b310cd47c Remove hostname validation as it seems to break users
Validation is still done by swarmkit on the service side.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit ef39256dfb)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-12-05 00:40:19 -08:00
Ben Firshman
94f3ccc31e Use singular tag names in swagger.yaml
This is required to make the type generation put things in the
correct directory, but unfortunately makes the names in the
documentation menu look a bit crap.

I think the best solution would be to add a `x-display-name`
extension to tags to determine how the tags show up in the menu,
rather than it depend on the name of the tag. I shall do this in
a follow-up PR - for now, let's fix the breakage.

Fixes #29045

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 30a9249e15)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-12-02 13:42:15 -08:00
Ben Firshman
766e6ab07f Make swagger.yaml operationIds consistent
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit bf6a790f00)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:25:52 -08:00
Ben Firshman
fba707ee1f Make docs URLs in swagger.yaml absolute
This makes the swagger.yaml useful outside of the documentation.
For background:
https://github.com/docker/docker.github.io/pull/606#issuecomment-261389645

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 54051b18a1)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:25:40 -08:00
Ben Firshman
76f4793290 Improve tags in swagger.yaml
- Consistent naming (plural, etc)
- Add section descriptions
- Add docs in swagger.yaml about how to maintain them

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 2aea9ad56b)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:24:09 -08:00
Ben Firshman
0e1721f09f Add intro to swagger.yaml to explain what it's for
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit be52738a2c)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:24:04 -08:00
lixiaobing10051267
f5c429bea2 modify some urls related to reference path
Signed-off-by: lixiaobing10051267 <li.xiaobing1@zte.com.cn>
(cherry picked from commit b069690827)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:15:19 -08:00
erxian
375e970991 correct the http return code of secret remove
Signed-off-by: erxian <evelynhsu21@gmail.com>
(cherry picked from commit 21768933fb)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-30 14:12:22 -08:00
Vincent Demeester
936499e1ff Fixes ImageList to be retro-compatible with older API
Make sure current client code can talk for ImageList can still talk to
older daemon.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit c6e31454ba)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-29 14:10:44 -08:00
Dong Chen
bee66467cd Fix network attachable option.
Signed-off-by: Dong Chen <dongluo.chen@docker.com>
(cherry picked from commit abcb699ad1)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-29 14:06:31 -08:00
cyli
38b0c93954 Update docs to reflect no longer displaying secret digest or size.
Signed-off-by: cyli <cyli@twistedmatrix.com>
(cherry picked from commit fe127b7eae)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:54:55 -08:00
cyli
aa6211e153 Do not display the digest or size of swarm secrets
Signed-off-by: cyli <cyli@twistedmatrix.com>
(cherry picked from commit 2c0613540a)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:54:50 -08:00
Ben Firshman
fad605e8c5 Add documentation for working on Engine API
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 109c54c481)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:52:48 -08:00
Ben Firshman
8738566853 Update swagger.yaml with changes to API
Up to and including 673c5ee559

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit 44c50807c6)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:52:40 -08:00
Ben Firshman
f67b380325 Add version information to swagger.yaml
- Tidied up copy
- API version is now mandatory
- Links to previous API versions

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit c97f67dbab)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:51:14 -08:00
Ben Firshman
520e601dc2 Rename Remote API to Engine API
Implementation of https://github.com/docker/docker/issues/28319

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
(cherry picked from commit f0d55cd081)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:49:58 -08:00
Andrea Luzzardi
43e6479fd4 service logs: Support no-follow mode
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
(cherry picked from commit c2d435e4f0)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:18:09 -08:00
Tibor Vass
561f2b27cb plugins: support for devices
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 53b9b99e5c)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:16:33 -08:00
Tibor Vass
c28c63472a plugins: linux capabilities and device creation
In the plugin manifest, Capabilities has been moved to
Linux.Capabilities to avoid confusion with Interface.Types[i].Capability

A DeviceCreation boolean has also been added to the manifest. This could
be changed in the future to be specific to a major number.

Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 9f239281b1)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 16:16:04 -08:00
Anusha Ragunathan
0403addc5f Add HTTP client timeout.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 83ca993c15)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 11:23:20 -08:00
allencloud
abc0eea899 update secret create url for consistency
Signed-off-by: allencloud <allen.sun@daocloud.io>
(cherry picked from commit 86d7682843)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-22 11:22:39 -08:00
Evan Hazlett
01aab8baa3 do not force target type for secret references
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

use secret store interface instead of embedded secret data into container

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
(cherry picked from commit bebd472e40)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-21 14:45:39 -08:00
Antonio Murdaca
0a5732d1cf api: types: keep info.SecurityOptions a string slice
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
(cherry picked from commit 514ca09426)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-21 14:45:05 -08:00
Yanqiang Miao
4acf6aa456 The type of 'ExportdPorts' should be 'nat.PortSet'
Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
(cherry picked from commit c44c542d95)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-21 13:23:16 -08:00
Victor Vieux
4edaaeb671 fix a few golint errors
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
(cherry picked from commit 9c559e6d0b)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-19 23:50:06 -08:00
Andrea Luzzardi
0d94260458 router: Return explicit error rather than 404 for experimental.
Instead of not adding experimental routes at all, fail with an explicit
message if the daemon is not running in experimental mode.

Added the `router.Experimental` which does this automatically.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
(cherry picked from commit 3976a33c1a)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-19 23:47:12 -08:00
Aaron Lehmann
d4392659f7 Return warnings from service create and service update when digest pinning fails
Modify the service update and create APIs to return optional warning
messages as part of the response. Populate these messages with an
informative reason when digest resolution fails.

This is a small API change, but significantly improves the UX. The user
can now get immediate feedback when they've specified a nonexistent
image or unreachable registry.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 948e60691e)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-18 13:57:11 -08:00
Stephen J Day
ce22bc39dc api/server/httputils: service unavailable for disable swarm
When swarm-mode is disabled, we need to return an error indicating this.
406 was chosen for the "Not Acceptable" verbiage, but this code has
specific semantics in relation to the `Accept` header, which aren't
applicable here.

We now use a 503 for this case. While it is not a perfect match, it does
make it clear that the particular "service" (read: API endpoint) is not
available. The body of the message provides the user with enough
information to take action on it by enabling swarm-mode and ensuring the
service is available.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit 1d90d76048)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-18 13:44:36 -08:00
Aaron Lehmann
48c2da3cd5 api: Remove omitempty tag on Parallelism
It doesn't make sense to use omitempty here. 0 is a meaningful value and
it's different from the default. If someone sets Parallelism to 0, we
want to show that Parallelism is 0, not hide the field.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit d8b8b12994)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-18 13:35:33 -08:00
Stephen J Day
8b9b8bd930 api/server/httputils: ensure consistent status code
Error code resolution is powered by string matching. Not the greatest
thing in the world and I hope no one is proud of this code, but it
works. However, because a map is used, the iteration order of the map is
random, such that if an error matches two of the snippets, it may return
a different error code depending on the seed of the hashmap. This change
converts it to use a slice instead.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit 3484e02590)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-18 13:34:05 -08:00
allencloud
0b8f8876b9 fix typo
Signed-off-by: allencloud <allen.sun@daocloud.io>
(cherry picked from commit 1f039a66ac)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-11-18 13:27:01 -08:00