Fixing user namespaces (again) with a vendor update from runc
(specifically, the remount() only if special flags change)
Other changes are very minimal.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Use `pkg/discovery` to provide nodes discovery between daemon instances.
The functionality is driven by two different command-line flags: the
experimental `--cluster-store` (previously `--kv-store`) and
`--cluster-advertise`. It can be used in two ways by interested
components:
1. Externally by calling the `/info` API and examining the cluster store
field. The `pkg/discovery` package can then be used to hit the same
endpoint and watch for appearing or disappearing nodes. That is the
method that will for example be used by Swarm.
2. Internally by using the `Daemon.discoveryWatcher` instance. That is
the method that will for example be used by libnetwork.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Absorb Swarm's discovery package in order to provide a common node
discovery mechanism to be used by both Swarm and networking code.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
- Libnetwork brings in :
* Default Gateway as a service for network drivers
* Persistence for local scoped networks using libkv
* BATS based Multi-host Integration-test infra and end-to-end tests
* libnetwork fixes for zookeeper and etcd backend
- Libkv upgrade brings in :
* boltdb support for local kv persistence
* other general bug fixes
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Pull in version e5fea92a6c8a5968bdb8005bf959c6e23113b689
Fixes libnetwork regressions that stopped drivers that set routes from working.
Pulls in libnetwork PRs #546#543
Signed-off-by: Tom Denham <tom@tomdee.co.uk>
To fix an issue with experimental multihost networking.
git hash: 00a92f066e628e4c6d50979c070df377575aad18
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
* libkv upgrade is required for the docker discovery PR
* vendor-in libnetwork contains an update to network plugin api
(Thanks @WeiZhang555 : https://github.com/docker/libnetwork/pull/516)
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Changes include :
* libnetwork support for userns
* driver api change to have 1 interface per endpoint
Signed-off-by: Madhu Venugopal <madhu@docker.com>
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
Noteworthy changes:
- Add Prestart/Poststop hook support
- Fix bug finding cgroup mount directory
- Add OomScoreAdj as a container configuration option
- Ensure the cleanup jobs in the deferrer are executed on error
- Don't make modifications to /dev when it is bind mounted
Other changes in runc:
https://github.com/opencontainers/runc/compare/v0.0.3...v0.0.4
Signed-off-by: David Calavera <david.calavera@gmail.com>
This PR makes a user visible behavior change with userland
proxy disabled by default and rely on hairpin NAT to be enabled
by default. This may not work in older (unsupported) kernels
where the user will be forced to enable userlandproxy if needed.
- Updated the Docs
- Changed the integration-cli to start with userlandproxy
desiabled by default.
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
+ Fix a couple of bugs introduced by previous vendoring:
- in bitseq which prevents to use experimental overlay networking
- in docker service ls cli o/p
+ Add missing http subrouter for newly introduced sandboxes
+ Fix fragmentation issue on vxlan header addition for overlay network driver
+ Remove libnetwork test code utilities from vendoring
Signed-off-by: Alessandro Boch <aboch@docker.com>
