Temporarily include a fork of golang/net package
that includes a performance patch. Measured performance
gain is ~60ms for every `docker run` command.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 07fe6947a4)
Some fixes in the changelog were not regressions
since 1.10.x, but only present in 1.11 release candidates
so don't need to be mentioned for the release.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
btrfs-progs-4.5 introduces device delete by devid
for this reason btrfs_ioctl_vol_args_v2's name was encapsulated
in a union
this patch is for setting btrfs_ioctl_vol_args_v2's name
using a C function in order to preserve compatibility
with all btrfs-progs versions
Signed-off-by: Julio Montes <imc.coder@gmail.com>
(cherry picked from commit a038cccf88)
This fix tries to address the issue mentioned in Docker Remote API where
the examples for creating a container (`POST /containers/create`) with
volumes were incorrect. In the previous remote API document, the `Mounts`
fields was used for volume creation yet since v1.20 `Volumes` should be
used.
This fix fixes#21335.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 4ed2040258)
This vendors in new spec/runc that supports
setting readonly and masked paths in the
configuration. Using this allows us to make an
exception for `—-privileged`.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 3f81b49352)
Show a different message if a dynamic binary
is running, but doesn't have udev sync support.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b8f38747e6)
this bumps the containerd binary in the Dockerfiles
for 1.11.0-rc4, to include https://github.com/docker/containerd/pull/184
NOTE: the hack/vendor.sh commit is NOT updated in this
patch; there's no reason to update containerd there
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Fixed some http status codes and decreased site-order for docker_remote_api_v1.24.md to appear in the right order in the menu
Signed-off-by: Robin Naundorf <r.naundorf@fh-muenster.de>
(cherry picked from commit 5d2f6b3ea3)
Close could be called twice on a temporary download file, which could
have bad side effects.
This fixes the problem by setting to ld.tmpFile to nil when the download
completes sucessfully. Then the call to ld.Close will have no effect,
and only the download manager will close the temporary file when it's
done extracting the layer from it. ld.Close will be responsible for
closing the file if we hit the retry limit and there is still a partial
download present.
Fixes#21675
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 930ae3dbcb)
Get was calling getReference without layerL held. This meant writes to
the references map could race. Such races are dangerous because they can
corrupt the map and crash the process.
Fixes#21616Fixes#21674
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 0538981c31)
- Refactor generic and path based cleanup functions into a single function.
- Include aufs and zfs mounts in the mounts cleanup.
- Containers that receive exit event on restore don't require manual cleanup.
- Make missing sandbox id message a warning because currently sandboxes are always cleared on startup. libnetwork#975
- Don't unmount volumes for containers that don't have base path. Shouldn't be needed after #21372
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 05cc737f54)
Fix unmount issues in the daemon crash and restart lifecycle, w.r.t
graph drivers. This change sets a live container RWLayer's activity
count to 1, so that the RWLayer is aware of the mount. Note that
containerd has experimental support for restore live containers.
Added/updated corresponding tests.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 511a70583f)
Its useful to have containerd logs as part of docker.
Containerd metrics are too chatty, so set interval to 0.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit d9c3b653c0)
Following a journal log almost always requires a descriptor to be
allocated. In cases where we're running out of descriptors, this means
we might get stuck while attempting to start following the journal, at a
point where it's too late to report it to the client and clean up
easily. The journal reading context will cache the value once it's
allocated, so here we move the check earlier, so that we can detect a
problem when we can still report it cleanly.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
(cherry picked from commit ab62ecf393)
When we set up to start following a journal, if we get error results
from sd_journal_get_fd() or sd_journal_get_events() that prevent us from
following the journal, report the error instead of just mysteriously
failing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
(cherry picked from commit 8d597d25a8)
Auto-creation of host-directories was marked deprecated in
Docker 1.9, but was decided to be too much of an backward-incompatible
change, so it was decided to keep the feature.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0f70f53826)
Currently the directory inside of the tgz files is /usr/local/bin
and this is causing some confusion, and problems with people who already
have stuff in those directories. This commit changes the directory
to /docker to help remove the confusion.
Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
(cherry picked from commit 7df5b32834)