beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
20892 commits 14 branches 412 tags 338 MiB
Commit graph

2751 commits

Author SHA1 Message Date
Justin Cormack
6300a08be9 Block stime in default seccomp profile 
The stime syscall is a legacy syscall on some architectures
to set the clock, should be blocked as time is not namespaced.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
 2015-12-29 15:28:05 +00:00
Jessica Frazelle
b4c14a0bb8
fix code comment 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-12-28 22:36:54 -08:00
David Calavera
78ce43bad8 Merge pull request #18780 from jfrazelle/seccomp-default 
set default seccomp profile
 2015-12-28 16:46:30 -08:00
David Calavera
1d4306d2fa Merge pull request #18905 from coolljt0725/fix_disconnect_not_save 
Fix network disconnect does not save the config to disk
 2015-12-28 12:38:16 -08:00
Arnaud Porterie
baee7ae045 Merge pull request #18715 from calavera/remove_is_paused_from_interface 
Remove `IsPaused` from backend interface.
 2015-12-28 11:25:11 -08:00
Jessica Frazelle
15674c5fb7
add docs and unconfined to run a container without the default seccomp profile 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-12-28 10:26:51 -08:00
Jessica Frazelle
947293a280
set default seccomp profile 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2015-12-28 10:18:47 -08:00
David Calavera
8669ea01ba Merge pull request #15078 from hqhq/hq_add_set_api_v2 
Implement docker update command
 2015-12-28 08:55:32 -08:00
Qiang Huang
8799c4fc0f Implemet docker update command 
It's used for updating properties of one or more containers, we only
support resource configs for now. It can be extended in the future.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-12-28 19:19:26 +08:00
Shijiang Wei
de7f6cf16b ingnore the NotExist error when removing inexistent files 
Signed-off-by: Shijiang Wei <mountkin@gmail.com>
 2015-12-25 15:19:48 +08:00
Lei Jitang
c0bde4e92c Fix network disconnect does not save the config to disk 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-12-25 02:09:37 -05:00
Brian Goff
d08ac6e256 Merge pull request #18834 from dmcgowan/layerstore-refactor-rw-layer 
Layerstore refactor rw layer
 2015-12-24 08:02:15 -05:00
Derek McGowan
54f8ba7e9e Revert create return parameter removal 
Cleanup does not happen if retErr is not set on return

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-12-23 11:21:02 -08:00
Derek McGowan
d8e090669e Fix race condition between container register and mount 
When a container is created it is registered before the mount is created. This can lead to mount does not exist errors when inspecting between create and mount.

Fixes #18753

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-12-23 11:20:51 -08:00
Derek McGowan
d04fa49a0d Refactor RWLayer to use referenced object instead of string 
RWLayer will now have more operations and be protected through a referenced type rather than always looked up by string in the layer store.
Separates creation of RWLayer (write capture layer) from mounting of the layer.
This allows mount labels to be applied after creation and allowing RWLayer objects to have the same lifespan as a container without performance regressions from requiring mount.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-12-23 11:19:17 -08:00
Daniel Nephin
83237aab2b Remove package pkg/ulimit, use go-units instead. 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
 2015-12-23 13:27:58 -05:00
Daniel Nephin
5adbea7075 Move ulimit options to runconfig opts 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
 2015-12-23 13:27:58 -05:00
Zhang Wei
26dd026bd7 Add filter for network ls to hide predefined net 
Add filter support for `network ls` to hide predefined network,
then user can use "docker network rm `docker network ls -f type=custom`"
to delete a bundle of userdefined networks.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
 2015-12-23 13:26:40 +08:00
Sebastiaan van Stijn
1105caa7f1 Merge pull request #18860 from dnephin/remove_migrate_if_downlevel 
Remove migrateIfDownlevel and aufs migration from docker pre-0.7
 2015-12-23 00:08:36 +01:00
David Calavera
eacedcbe21 Merge pull request #18831 from calavera/test_event_observer 
Extract event processing to a common function for testing.
 2015-12-22 15:04:32 -08:00
David Calavera
af51df20bd Extract event processing to a common function for testing. 
We keep only one logic to test event related behavior that will help us
diagnose flacky event errors.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 17:10:06 -05:00
Daniel Nephin
0673361ef6 Remove migrateIfDownlevel and aufs migration from docker pre-0.7 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
 2015-12-22 16:45:42 -05:00
David Calavera
7ac4232e70 Move Config and HostConfig from runconfig to types/container. 
- Make the API client library completely standalone.
- Move windows partition isolation detection to the client, so the
  driver doesn't use external types.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 13:34:30 -05:00
David Calavera
839f73c302 Move ExecConfig to types. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 13:31:46 -05:00
David Calavera
056e744903 Replace usage of pkg/nat with go-connections/nat. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 13:31:46 -05:00
David Calavera
0aab83d996 Move blkiodev package to types. 
Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 13:31:46 -05:00
David Calavera
f9b857a200 Move StrSlice to types. 
This is a very docker concept that nobody elses need.
We only maintain it to keep the API backwards compatible.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-22 13:31:43 -05:00
Qiang Huang
8498ed73f7 Move OomKillDisable to resource 
1. It's a cgroup api, fit the general defination that we take
cgroup options as kind of resource options.
2. It's common usage and very helpful as explained here:
https://github.com/docker/docker/pull/18270#issuecomment-160561316
3. It's already in `Resource` struct in
daemon/execdriver/driver_unix.go

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-12-22 16:08:04 +08:00
Sebastiaan van Stijn
312c82677b Merge pull request #15879 from Mashimiao/add-support-blkio_throtte_iops 
Add support for blkio read/write iops device
 2015-12-21 23:45:18 +01:00
David Calavera
af94f941df Remove IsPaused from backend interface. 
Move connection hijacking logic to the daemon.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-12-21 12:34:21 -05:00
Ma Shimiao
843084b08b Add support for blkio read/write iops device 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-12-21 09:14:49 +08:00
David Calavera
54f945994a Merge pull request #18651 from vbatts/dm-cleanup 
loopback (and devicemapper) cleanup
 2015-12-18 15:13:28 -08:00
Vincent Demeester
64d70de0a2 Merge pull request #18721 from tiborvass/remove-dependencies-from-builder 
Remove image and daemon dependencies from builder
 2015-12-18 17:19:55 +01:00
Phil Estes
1ca6690b4f Merge pull request #18561 from hqhq/hq_adapt_at_start 
Adapt container settings when start
 2015-12-18 11:07:43 -05:00
Vincent Batts
af59752712 loopback: separate loop logic from devicemapper 
The loopback logic is not technically exclusive to the devicemapper
driver. This reorganizes the code such that the loopback code is usable
outside of the devicemapper package and driver.

Signed-off-by: Vincent Batts <vbatts@redhat.com>
 2015-12-18 10:57:43 -05:00
Doug Davis
6bf8844f11 Merge pull request #18759 from mikedanese/doc-fix 
daemon/logger: fix typo in godoc
 2015-12-17 19:26:41 -05:00
Mike Danese
881a30c707 daemon/logger: fix typo in godoc 
Signed-off-by: Mike Danese <mikedanese@google.com>
 2015-12-17 15:52:33 -08:00
Jess Frazelle
ff69b23dc0 Merge pull request #18395 from LK4D4/default_cgroup_is_not_daemon 
Use /docker as cgroup parent instead of docker
 2015-12-17 13:59:00 -08:00
Tibor Vass
b0d9476153 builder: remove daemon dependency in ContainerAttach 
Signed-off-by: Tibor Vass <tibor@docker.com>
 2015-12-17 16:57:08 +01:00
Tibor Vass
03a170c48d builder: remove daemon dependency in ContainerCreate() 
Signed-off-by: Tibor Vass <tibor@docker.com>
 2015-12-17 16:57:08 +01:00
Vincent Demeester
0f749ad55a Merge pull request #18559 from ahmetalpbalkan/return-container-networks 
Proposal: Add container networks list to /containers/json
 2015-12-17 10:11:18 +01:00
Tibor Vass
dc81c25031 Merge pull request #18586 from tonistiigi/tag-reference-squashed 
Improve reference validation
 2015-12-16 23:08:02 +01:00
David Calavera
e21d06a972 Merge pull request #18717 from anusha-ragunathan/rm-mount-bld-iface 
Remove Mount/Unmount from Builder interface.
 2015-12-16 13:34:06 -08:00
Brian Goff
3805c29099 Merge pull request #18695 from dnephin/move_parse_link 
Move ParseLink and validators into runconfig.parse where they are used
 2015-12-16 16:15:52 -05:00
Tonis Tiigi
eeb2d4c1ad Clean up reference type switches 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2015-12-16 11:58:53 -08:00
Tonis Tiigi
ffded61dad Update Named reference with validation of conversions 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2015-12-16 11:58:52 -08:00
Tonis Tiigi
2655954c2d Add own reference package wrapper 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2015-12-16 11:58:52 -08:00
Vincent Batts
f57d56350e Merge pull request #18686 from cpuguy83/fix_btrfs_subvol_delete_panic 
Fix btrfs recursive btrfs subvol delete
 2015-12-16 14:26:40 -05:00
Daniel Nephin
233a4fc33c Move ParseLink and validators into runconfig.parse where they are used. 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
 2015-12-16 14:22:54 -05:00
David Calavera
b44b5bbc8b Merge pull request #18682 from calavera/replace_units_package 
Replace pkg/units with docker/go-units.
 2015-12-16 10:48:59 -08:00