Commit graph

32 commits

Author SHA1 Message Date
Anusha Ragunathan
4d1edcb2cc Add pid host support
Tested using global-net-plugin-ipc which sets PidHost in config.json.

Plugins might need access to host pid namespace. Add support for that.
Tested using aragunathan/global-net-plugin-ipc which sets "pidhost" in
config.json. Observed using `readlink /proc/self/ns/pid` that plugin and
host have the same ns.

Signed-off-by: Anusha Ragunathan <anusha.ragunathan@docker.com>
2017-03-21 13:39:01 -07:00
Anusha Ragunathan
6d6185c257 Add support in plugin config for accessing host ipc namespace.
Plugins might need access to host ipc namespace. A good usecase is
a volume plugin running iscsi multipath commands that need access to
host kernel locks.
Tested with a custom plugin (aragunathan/global-net-plugin-full) that's
built with `"ipchost" : true` in config.json. Observed using
`readlink /proc/self/ns/ipc` that plugin and host have the same ns.

Signed-off-by: Anusha Ragunathan <anusha.ragunathan@docker.com>
2017-03-21 13:39:01 -07:00
Tibor Vass
26d0bac895 plugin: use pkg/errors in more places
Also provide stack trace output in daemon logs.

Signed-off-by: Tibor Vass <tibor@docker.com>
2017-01-31 16:45:26 -08:00
Tibor Vass
696ef7a19e Merge pull request #30014 from tiborvass/plugin-devices-redone-master
Plugins: Rename DeviceCreation to AllowAllDevices
2017-01-10 17:24:38 -08:00
Tibor Vass
f265727bdf plugins: rename DeviceCreation to AllowAllDevices
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-01-10 13:50:30 -08:00
Vincent Demeester
9c96768eae Merge pull request #29564 from aaronlehmann/getter-types
plugingetter: Avoid all caps for constant declarations
2017-01-10 09:35:19 +01:00
Stephen J Day
7a85579917
*: use opencontainers/go-digest package
The `digest` data type, used throughout docker for image verification
and identity, has been broken out into `opencontainers/go-digest`. This
PR updates the dependencies and moves uses over to the new type.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-01-06 18:48:41 -08:00
Aaron Lehmann
428600108c plugingetter: Avoid all caps for constant declarations
Go style calls for mixed caps instead of all caps:
https://golang.org/doc/effective_go.html#mixed-caps

Change LOOKUP, ACQUIRE, and RELEASE to Lookup, Acquire, and Release.

This vendors a fork of libnetwork for now, to deal with a cyclic
dependency issue. The change will be upstream to libnetwork once this is
merged.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-01-04 10:19:04 -08:00
Tonis Tiigi
3d86b0c79b Implement content addressability for plugins
Move plugins to shared distribution stack with images.

Create immutable plugin config that matches schema2 requirements.

Ensure data being pushed is same as pulled/created.

Store distribution artifacts in a blobstore.

Run init layer setup for every plugin start.

Fix breakouts from unsafe file accesses.

Add support for `docker plugin install --alias`

Uses normalized references for default names to avoid collisions when using default hosts/tags.

Some refactoring of the plugin manager to support the change, like removing the singleton manager and adding manager config struct.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2016-12-23 13:29:58 -08:00
Victor Vieux
6f00601c9f fix devices in plugins
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-12-15 15:35:53 -08:00
Brian Goff
f29bbd16f5 Refcount graphdriver plugins properly
Adds 2 new methods to v2 plugin `Acquire` and `Release` which allow
refcounting directly at the plugin level instead of just the store.
Since a graphdriver is initialized exactly once, and is really managed
by a separate object, it didn't really seem right to call
`getter.Get()` to refcount graphdriver plugins.
On shutdown it was particularly weird where we'd either need to keep a
driver reference in daemon, or keep a reference to the pluggin getter in
the layer store, and even then still store extra details on if the
graphdriver is a plugin or not.

Instead the plugin proxy itself will handle calling the neccessary
refcounting methods directly on the plugin object.

Also adds a new interface in `plugingetter` to account for these new
functions which are not going to be implemented by v1 plugins.

Changes terms `plugingetter.CREATE` and `plugingetter.REMOVE` to
`ACQUIRE` and `RELEASE` respectively, which seems to be better
adjectives for what we're doing.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-12-09 19:46:28 -05:00
Anusha Ragunathan
0a072e93df Merge pull request #26398 from tiborvass/plugin-fixes
plugins: container-rootfs-relative paths
2016-12-09 12:48:59 -08:00
Tibor Vass
c54b717caf plugins: container-rootfs-relative paths
Legacy plugins expect host-relative paths (such as for Volume.Mount).
However, a containerized plugin cannot respond with a host-relative
path. Therefore, this commit modifies new volume plugins' paths in Mount
and List to prepend the container's rootfs path.

This introduces a new PropagatedMount field in the Plugin Config.
When it is set for volume plugins, RootfsPropagation is set to rshared
and the path specified by PropagatedMount is bind-mounted with rshared
prior to launching the container. This is so that the daemon code can
access the paths returned by the plugin from the host mount namespace.

Signed-off-by: Tibor Vass <tibor@docker.com>
2016-12-09 10:16:24 -08:00
Anusha Ragunathan
4c088d1e2e Fix race in setting plugin refcounts.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-12-09 09:34:30 -08:00
Anusha Ragunathan
b35490a8ba Make v2/Plugin accesses safe.
v2/Plugin struct had fields that were
- purely used by the manager.
- unsafely exposed without proper locking.
This change fixes this, by moving relevant fields to the manager as well
as making remaining fields as private and providing proper accessors for
them.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-12-06 13:23:41 -08:00
Victor Vieux
fa3b61a28f refactor plugin install
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2016-12-02 15:23:08 -08:00
Anusha Ragunathan
23ea9e45fd Merge pull request #28601 from tiborvass/plugin-misc-fixes
Plugin miscellaneous fixes
2016-11-22 16:12:37 -08:00
Tibor Vass
6547609870 plugins: misc fixes
Rename variable to reflect manifest -> config renaming
Populate Description fields when computing privileges.
Refactor/reuse code from daemon/oci_linux.go

Signed-off-by: Tibor Vass <tibor@docker.com>
2016-11-22 14:32:07 -08:00
Tibor Vass
53b9b99e5c plugins: support for devices
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-11-22 09:54:45 -08:00
Tibor Vass
99124c055a plugins: support for host networking
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-11-21 14:52:14 -08:00
Tibor Vass
9f239281b1 plugins: linux capabilities and device creation
In the plugin manifest, Capabilities has been moved to
Linux.Capabilities to avoid confusion with Interface.Types[i].Capability

A DeviceCreation boolean has also been added to the manifest. This could
be changed in the future to be specific to a major number.

Signed-off-by: Tibor Vass <tibor@docker.com>
2016-11-21 14:52:14 -08:00
Anusha Ragunathan
83ca993c15 Add HTTP client timeout.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-11-21 13:11:40 -08:00
Victor Vieux
fc7a265258 support mounts, devices and args for docker plugin set
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-10 11:55:48 -08:00
Victor Vieux
49ca91fbeb rename plugin manifest
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-10 00:09:23 -08:00
Victor Vieux
efbed4500e support env for docker plugin set
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-07 16:59:29 -08:00
Anusha Ragunathan
4db753c017 Fix stack overflow in ErrInAdequateCapacity.
fmt package formats an error by calling its Error() method.
This results in recursion. Fix this. Also remove dead code.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-10-28 10:02:48 -07:00
Kenfe-Mickael Laventure
7781a1bf0f Make experimental a runtime flag
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-10-24 15:20:01 -07:00
Tonis Tiigi
a452d1fccb Remove restartmanager from plugins
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-10-07 12:10:13 -07:00
Anusha Ragunathan
fefea805e9 Make graphdrivers work with pluginv2.
As part of making graphdrivers support pluginv2, a PluginGetter
interface was necessary for cleaner separation and avoiding import
cycles.

This commit creates a PluginGetter interface and makes pluginStore
implement it. Then the pluginStore object is created in the daemon
(rather than by the plugin manager) and passed to plugin init as
well as to the different subsystems (eg. graphdrivers, volumedrivers).
A side effect of this change was that some code was moved out of
experimental. This is good, since plugin support will be stable soon.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-09-20 08:49:48 -07:00
Victor Vieux
b22d07f515 add check plugin is not used before rm
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-09-15 13:50:57 -07:00
Michael Crosby
91e197d614 Add engine-api types to docker
This moves the types for the `engine-api` repo to the existing types
package.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-07 11:05:58 -07:00
Anusha Ragunathan
27a55fba28 Reorganize plugin package into sub packages.
Split plugin package into `store` and `v2/plugin`. Now the functionality
is clearly delineated:
- Manager: Manages the global state of the plugin sub-system.
- PluginStore: Manages a collection of plugins (in memory and on-disk)
- Plugin: Manages the single plugin unit.

This also facilitates splitting the global PluginManager lock into:
- PluginManager lock to protect global states.
- PluginStore lock to protect store states.
- Plugin lock to protect individual plugin states.

Importing "github.com/docker/docker/plugin/store" will provide access
to plugins and has lesser dependencies when compared to importing the
original monolithic `plugin package`.

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-08-27 11:08:08 -07:00