Commit graph

419 commits

Author SHA1 Message Date
Justin Cormack
4549e9104c Merge pull request #28440 from cpuguy83/20740_fix_tmpfs_parsing_on_client
Don't validate platform-dep tmpfs opts on client
2016-11-16 12:04:14 +00:00
Brian Goff
b9b8d8b364 Don't validate platform-dep tmpfs opts on client
Daemon still does validation and errors out on incorrect options.

Fixes an issue where non-Linux clients attempting to pass tmpfs options
on `docker run` to a Linux daemon will incorrectly error out.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-11-15 11:01:40 -05:00
Brian Goff
5ea75bb6bf Move StreamConfig out of runconfig
`StreamConfig` carries with it a dep on libcontainerd, which is used by
other projects, but libcontainerd doesn't compile on all platforms, so
move it to `github.com/docker/docker/container/stream`

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-11-14 15:15:09 -05:00
Yong Tang
9b6b3c2076 Add --dns-option to docker run and hide --dns-opt
This fix is a follow up to #27567 based on:
https://github.com/docker/docker/pull/27567#issuecomment-259295055

In #27567, `--dns-options` has been added to `service create/update`,
together with `--dns` and `--dns-search`. The `--dns-opt` was used
in `docker run`.

This fix add `--dns-option` (not `--dns-options`) to `docker run/create`, and hide
`--dns-opt`. It is still possible to use `--dns-opt` with
`docker run/create`, though it will not show up in help output.

This fix change `--dns-options`to --dns-option` for `docker service create`
and `docker service update`.

This fix also updates the docs and bash/zsh completion scripts.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-11-09 12:13:25 -08:00
Vincent Demeester
4f7083a04f Merge pull request #27947 from milindchawre/fix_27798
Fixes #27798 : Update help for --blkio-weight parameter
2016-11-09 15:35:38 +01:00
milindchawre
ecb59a2283 Fixes #24083 : Improving cli help for flags with duration option
Signed-off-by: milindchawre <milindchawre@gmail.com>
2016-11-09 12:17:28 +00:00
Vincent Demeester
c025049c27 Merge pull request #28098 from yongtang/25099-oom_score_adj-empty-env
Fix `/proc/<pid>/oom_score_adj: invalid argument` error caused by empty env name
2016-11-09 10:39:18 +01:00
Victor Vieux
e98e4a7111 always add but hide experimental cmds and flags
Signed-off-by: Victor Vieux <vieux@docker.com>

update cobra and use Tags

Signed-off-by: Victor Vieux <vieux@docker.com>

allow client to talk to an older server

Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-08 04:55:27 -08:00
Amit Krishnan
934328d8ea Add functional support for Docker sub commands on Solaris
Signed-off-by: Amit Krishnan <krish.amit@gmail.com>

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-11-07 09:06:34 -08:00
Yong Tang
818d55c34b Fix /proc/<pid>/oom_score_adj: invalid argument error caused by empty env name
This fix is part of the fix for issue 25099. In 25099, if an env
has a empty name, then `docker run` will throw out an error:
```
ubuntu@ubuntu:~/docker$ docker run -e =A busybox true
docker: Error response from daemon: invalid header field value "oci runtime error:
container_linux.go:247: starting container process caused \"process_linux.go:295:
setting oom score for ready process caused \\\"write /proc/83582/oom_score_adj:
invalid argument\\\"\"\n".
```

This fix validates the Env in the container spec before it is sent
to containerd/runc.

Integration tests have been created to cover the changes.

This fix is part of fix for 25099 (not complete yet, non-utf case
may require a fix in `runc`).
This fix is related to 25300.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-11-07 08:15:26 -08:00
Darren Stahl
4e15420b9b Windows: Add cpu count option
Signed-off-by: Darren Stahl <darst@microsoft.com>
2016-11-04 13:38:50 -07:00
Yong Tang
846baf1fd3 Add --cpus flag to control cpu resources
This fix tries to address the proposal raised in 27921 and add
`--cpus` flag for `docker run/create`.

Basically, `--cpus` will allow user to specify a number (possibly partial)
about how many CPUs the container will use. For example, on a 2-CPU system
`--cpus 1.5` means the container will take 75% (1.5/2) of the CPU share.

This fix adds a `NanoCPUs` field to `HostConfig` since swarmkit alreay
have a concept of NanoCPUs for tasks. The `--cpus` flag will translate
the number into reused `NanoCPUs` to be consistent.

This fix adds integration tests to cover the changes.

Related docs (`docker run` and Remote APIs) have been updated.

This fix fixes 27921.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-11-04 09:43:10 -07:00
Akihiro Suda
273eeb813c cli: add --mount to docker run
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2016-11-03 07:08:59 +00:00
milindchawre
51012aa0af Fixes #27798 : Update help for --blkio-weight parameter
Signed-off-by: milindchawre <milindchawre@gmail.com>
2016-11-03 06:42:15 +00:00
Yong Tang
90ce6de50b Fix issue related to duplicate identical bind mounts for docker run
This fix tries to address the issue raised in 27969 where
duplicate identical bind mounts for `docker run` caused additional volumes
to be created.

The reason was that in `runconfig`, if duplicate identical bind mounts
have been specified, the `copts.volumes.Delete(bind)` will not truly
delete the second entry from the slice. (Only the first entry is deleted).

This fix fixes the issue.

An integration test has been added to cover the changes

This fix fixes 27969.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-11-01 20:31:34 -07:00
Vincent Demeester
87ddc8b0a5 Merge pull request #26837 from AkihiroSuda/newtmpfs
api: add TypeTmpfs to api/types/mount
2016-10-28 19:21:26 +02:00
Akihiro Suda
18768fdc2e api: add TypeTmpfs to api/types/mount
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2016-10-28 08:38:32 +00:00
Vincent Demeester
2f7e907846
Small log formatting fixes
… and clise to close 👼

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-10-27 15:29:24 -07:00
Yong Tang
ee3105c68a Add --env-file flag to docker create service
This fix tries to address the issue in 24712 and add
`--env-file` file to `docker create service`.

Related documentation has been updated.

An additional integration has been added.

This fix fixes 24712.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-10-27 11:48:32 -07:00
Vincent Demeester
80d6d2e129 Merge pull request #23430 from erikstmartin/realtime-threads
Implementing support for --cpu-rt-period and --cpu-rt-runtime
2016-10-27 00:22:06 +02:00
Erik St. Martin
56f77d5ade Implementing support for --cpu-rt-period and --cpu-rt-runtime so that
containers may specify these cgroup values at runtime. This will allow
processes to change their priority to real-time within the container
when CONFIG_RT_GROUP_SCHED is enabled in the kernel. See #22380.

Also added sanity checks for the new --cpu-rt-runtime and --cpu-rt-period
flags to ensure that that the kernel supports these features and that
runtime is not greater than period.

Daemon will support a --cpu-rt-runtime flag to initialize the parent
cgroup on startup, this prevents the administrator from alotting runtime
to docker after each restart.

There are additional checks that could be added but maybe too far? Check
parent cgroups to ensure values are <= parent, inspecting rtprio ulimit
and issuing a warning.

Signed-off-by: Erik St. Martin <alakriti@gmail.com>
2016-10-26 11:33:06 -04:00
Yong Tang
01d3a16f58 Return error if env file contains non-ascii or utf8 bytes (for windows)
This fix tries to address the issue raised in 26179 where an env file
with non-ascii or utf8 bytes will crash on windows platform.

The issue is two-fold:
- Windows will adds a BOM mark at the begining with Notepad as the editor
- Non-utf8 bytes can not be handled by env file parser.

This fix removes utf8 BOM marker if exists so that utf8 encoded env file
could be processed.
This fix also returns an error (instead of a runtime CreateProcess crash)
if env file contains non-utf8 bytes, thus giving users better experiences.

Additional test cases has been added in unit tests.

This fix fixes 26179.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-10-25 12:34:25 -07:00
Tonis Tiigi
37a3be2449 Move stdio attach from libcontainerd backend to callback
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-10-24 00:20:36 -07:00
Yong Tang
cc703784f3 Update docker stop and docker restart to allow not specifying timeout and use the one specified at container creation time.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-10-17 12:53:35 -07:00
Yong Tang
e66d210891 Add config parameter to change per-container stop timeout during daemon shutdown
This fix tries to add a flag `--stop-timeout` to specify the timeout value
(in seconds) for the container to stop before SIGKILL is issued. If stop timeout
is not specified then the default timeout (10s) is used.

Additional test cases have been added to cover the change.

This fix is related to #22471. Another pull request will add `--shutdown-timeout`
to daemon for #22471.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-10-17 12:28:46 -07:00
Sebastiaan van Stijn
21a79b503a Merge pull request #27366 from morelena/use_contains
all: use strings.Contains instead Index
2016-10-13 18:44:30 -07:00
Elena Morozova
a37027f6bd all: use strings.Contains instead Index
Signed-off-by: Elena Morozova <lelenanam@gmail.com>
2016-10-13 15:55:41 -07:00
Elena Morozova
64238fef8c all: replace loop with single append
Signed-off-by: Elena Morozova <lelenanam@gmail.com>
2016-10-13 13:31:52 -07:00
John Howard
e85867cb68 Windows: Support credential specs
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-10-06 09:32:22 -07:00
Antonio Murdaca
6a12685bb7
configure docker-init binary path
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-27 14:49:17 +02:00
Michael Crosby
ee3ac3aa66 Add init process for zombie fighting
This adds a small C binary for fighting zombies.  It is mounted under
`/dev/init` and is prepended to the args specified by the user.  You
enable it via a daemon flag, `dockerd --init`, as it is disable by
default for backwards compat.

You can also override the daemon option or specify this on a per
container basis with `docker run --init=true|false`.

You can test this by running a process like this as the pid 1 in a
container and see the extra zombie that appears in the container as it
is running.

```c

int main(int argc, char ** argv) {
	pid_t pid = fork();
	if (pid == 0) {
		pid = fork();
		if (pid == 0) {
			exit(0);
		}
		sleep(3);
		exit(0);
	}
	printf("got pid %d and exited\n", pid);
	sleep(20);
}
```

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-19 17:33:50 -07:00
Daniel Nephin
c452e1bfe6 Move errors/ to api/errors
Using:
        gomvpkg -from github.com/docker/docker/errors
                -to github.com/docker/docker/api/errors
                -vcs_mv_cmd "git mv {{.Src}} {{.Dst}}"

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2016-09-16 12:27:13 -04:00
Brian Goff
fc7b904dce Add new HostConfig field, Mounts.
`Mounts` allows users to specify in a much safer way the volumes they
want to use in the container.
This replaces `Binds` and `Volumes`, which both still exist, but
`Mounts` and `Binds`/`Volumes` are exclussive.
The CLI will continue to use `Binds` and `Volumes` due to concerns with
parsing the volume specs on the client side and cross-platform support
(for now).

The new API follows exactly the services mount API.

Example usage of `Mounts`:

```
$ curl -XPOST localhost:2375/containers/create -d '{
  "Image": "alpine:latest",
  "HostConfig": {
    "Mounts": [{
      "Type": "Volume",
      "Target": "/foo"
      },{
      "Type": "bind",
      "Source": "/var/run/docker.sock",
      "Target": "/var/run/docker.sock",
      },{
      "Type": "volume",
      "Name": "important_data",
      "Target": "/var/data",
      "ReadOnly": true,
      "VolumeOptions": {
	"DriverConfig": {
	  Name: "awesomeStorage",
	  Options: {"size": "10m"},
	  Labels: {"some":"label"}
	}
      }]
    }
}'
```

There are currently 2 types of mounts:

  - **bind**: Paths on the host that get mounted into the
    container. Paths must exist prior to creating the container.
  - **volume**: Volumes that persist after the
    container is removed.

Not all fields are available in each type, and validation is done to
ensure these fields aren't mixed up between types.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-09-13 09:55:35 -04:00
sakeven
5426510bea validate build-arg
Signed-off-by: sakeven <jc5930@sina.cn>
2016-09-12 18:02:21 +08:00
Michael Crosby
91e197d614 Add engine-api types to docker
This moves the types for the `engine-api` repo to the existing types
package.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-07 11:05:58 -07:00
Daniel Nephin
fb83394714 Convert dockerd to use cobra and pflag
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2016-08-25 13:09:03 -04:00
Vincent Demeester
d13ad3ef76 Merge pull request #24073 from johnharris85/move-restart-policy-check-to-daemon
Move restart-policy validation from client to daemon.
2016-08-25 17:02:30 +02:00
allencloud
8ed657d09e remove fl prefix in containerOptions
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-08-11 11:20:00 +08:00
Zhang Wei
6dd8e10d6e Wait container's removal via Events API
If AutoRemove is set, wait until client get `destroy` events, or get
`detach` events that implies container is detached but not stopped.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-08-08 22:46:53 +08:00
Zhang Wei
3c2886d8a4 Move --rm to daemon side
`--rm` is a client side flag which caused lots of problems:
1. if client lost connection to daemon, including client crash or be
killed, there's no way to clean garbage container.
2. if docker stop a `--rm` container, this container won't be
autoremoved.
3. if docker daemon restart, container is also left over.
4. bug: `docker run --rm busybox fakecmd` will exit without cleanup.

In a word, client side `--rm` flag isn't sufficient for garbage
collection. Move the `--rm` flag to daemon will be more reasonable.

What this commit do is:
1. implement a `--rm` on daemon side, adding one flag `AutoRemove` into
HostConfig.
2. Allow `run --rm -d`, no conflicting `--rm` and `-d` any more,
auto-remove can work on detach mode.
3. `docker restart` a `--rm` container will succeed, the container won't
be autoremoved.

This commit will help a lot for daemon to do garbage collection for
temporary containers.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-08-08 22:46:53 +08:00
johnharris85
94e95e4711 Move restart-policy validation from client to daemon.
Signed-off-by: John Harris <john@johnharris.io>
2016-08-06 20:09:47 -07:00
Yong Tang
c8d3ee8093 Allow unset --entrypoint in docker run or docker create
This fix tries to address the issue raised in #23498 to allow unset
`--entrypoint` in `docker run` or `docker create`.

This fix checks the flag `--entrypoint` and, in case `--entrypoint=` (`""`)
is passed, unset the Entrypoint during the container run.

Additional integration tests have been created to cover changes in this fix.

This fix fixes #23498.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-08-05 16:35:20 -07:00
lixiaobing10051267
51ee3dfade It should be volume not binds for first arg in callDecodeContainerConfig()
Signed-off-by: lixiaobing10051267 <li.xiaobing1@zte.com.cn>
2016-08-02 22:29:34 +08:00
Arnaud Porterie
de64324109 Merge pull request #24705 from thaJeztah/update-flag-descriptions
Improve flag help consistency, and update docs
2016-07-18 16:07:23 +00:00
allencloud
d0081a0f47 better command docker network create -h output
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-07-16 15:32:17 +08:00
Sebastiaan van Stijn
64a8317a5a Improve flag help consistency, and update docs
This adds the `--live-restore` option to the documentation.

Also synched usage description in the documentation
with the actual description, and re-phrased some
flag descriptions to be a bit more consistent.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-07-16 01:58:01 +02:00
Arnaud Porterie (icecrime)
c0c7d5e715
Rename --net to --network
Add a `--network` flag which replaces `--net` without deprecating it
yet. The `--net` flag remains hidden and supported.

Add a `--network-alias` flag which replaces `--net-alias` without deprecating
it yet. The `--net-alias` flag remains hidden and supported.

Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
2016-07-12 13:01:35 -07:00
Arnaud Porterie (icecrime)
5b21c8a408
Organize run flags into categories
Flatten the list of `docker run` flags and group them loosely by
category (general purpose, security, networking, ...).

Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
2016-07-12 11:35:41 -07:00
Kenfe-Mickael Laventure
69af7d0d13 Use "docker-runc" as alias for the default runtime
This also moves the variable holding the default runtime name from the
engine-api repository into docker repository

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-06-22 11:59:26 -07:00
Michael Crosby
c97fdbe3c5 Merge pull request #23415 from aboch/ll
Allow user to specify container's link-local addresses
2016-06-14 15:47:54 -07:00