Commit graph

44 commits

Author SHA1 Message Date
Tibor Vass
c3fe4226f3 vendor runc to fix issue#21808
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-04-12 15:35:43 -04:00
Tonis Tiigi
3f81b49352 Define readonly/mask paths in spec
This vendors in new spec/runc that supports
setting readonly and masked paths in the 
configuration. Using this allows us to make an
exception for `—-privileged`.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-04-04 18:55:55 -07:00
Tonis Tiigi
8a4225cd5a Bring back support for DOCKER_RAMDISK
Fixes #21631

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-03-31 10:29:32 -07:00
Sebastiaan van Stijn
71cab5b0dc Merge pull request #21629 from thaJeztah/bump-runc
Bump runC to 40f4e7873d88a4f4d12c15d9536bb1e34aa2b7fa
2016-03-29 23:07:12 -07:00
Tibor Vass
d800be743d Merge pull request #21591 from riyazdf/hardware-signing-non-experimental
move hardware signing out of experimental, remove yubico-piv-tool deps
2016-03-30 00:09:22 -04:00
Sebastiaan van Stijn
752b31d3fe Bump runC to 40f4e7873d88a4f4d12c15d9536bb1e34aa2b7fa
This includes fixes for;

- outputing errors for missing seccomp options on seccomp versions < 2.3
- cap set apply EPERM errors on ARM systems

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-03-29 17:10:05 -07:00
David Calavera
99adcaebc0 Merge pull request #21592 from anusha-ragunathan/docker-systemd
When using systemd, pass expected cgroupsPath and cli options to runc.
2016-03-29 17:00:10 -07:00
Anusha Ragunathan
7ed3d265a4 When using systemd, pass expected cgroupsPath and cli options to runc.
runc expects a systemd cgroupsPath to be in slice:scopePrefix:containerName
format and the "--systemd-cgroup" option to be set. Update docker accordingly.

Fixes 21475

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-29 14:20:10 -07:00
David Calavera
d78f8f2796 Merge pull request #21608 from albers/build-clone-https
Use https for `git clone` in build
2016-03-29 11:30:35 -07:00
Harald Albers
a7e9bf6cb7 Use https for git clone in build
Signed-off-by: Harald Albers <github@albersweb.de>
2016-03-29 09:35:42 +02:00
Riyaz Faizullabhoy
8d18e6b30f move hardware signing out of experimental, remove dependencies to yubico-piv-tool
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-28 14:33:06 -07:00
Christopher Jones
3e3ac8abea ppc64le: bump golang back to 1.6
Despite the current issue with unix sockets and golang, I'm bumping this back up to 1.6.
Go <1.6 has major compatibility issues on ppc64* including not supporting dynamic binding,
so we would have to go back to gccgo, which is worse in a lot of other categories. Ultimately for us,
the amount of people affected by this issue isn't worth switching compilers.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-03-28 15:10:42 -04:00
Alexander Morozov
d5019972e5 Merge pull request #21499 from cyli/hardware-signing-experimental-again
Move hardware signing back to experimental again
2016-03-24 23:03:13 -07:00
cyli
dd33d18045 Revert "Merge pull request #21003 from riyazdf/hardware-signing-ga"
This reverts commit e6d3a9849c, reversing
changes made to d3afe34b51.

Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-03-24 21:12:52 -07:00
David Calavera
3e0bd74a3d Downgrade to Go 1.5.3.
To not hit the issue with the request Host header.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-03-24 19:15:10 -04:00
Arnaud Porterie
b64627b798 Merge pull request #21457 from tonistiigi/update-runc
Update runc/containerd
2016-03-23 19:56:27 -07:00
Tonis Tiigi
22d997b374 Update runc/containerd
Contains fixes for:
- pid.max fix that is causing hang on network stats test.
- fix for early stdin close containerd-shim
- better logging for `could not synchronise with container process`

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-03-23 15:38:33 -07:00
Christopher Jones
2caf09d37b ppc64le: remove seccomp from Dockerfile
Removes the seccomp buildtag when building runc.
Because seccomp isn't currently being built, this would cause
the build to fail.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-03-23 12:11:08 -04:00
Tibor Vass
009399dc8e Add docker- prefix to runc and containerd binaries
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-03-23 00:52:16 -04:00
Riyaz Faizullabhoy
ab3772f72f vendor notary for docker1.11
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-22 11:28:19 -07:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Tibor Vass
e6d3a9849c Merge pull request #21003 from riyazdf/hardware-signing-ga
Move hardware signing out of experimental
2016-03-17 14:16:40 -04:00
Christopher Jones
2bcf50bdd4 ppc64le: update dockerfile hashes and notary
Now that we are using gc/go 1.6, update a few hashes as well
as actually building the notary binary

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-03-14 14:36:20 -04:00
Riyaz Faizullabhoy
37fa75b344 Move pkcs11 out of experimental, into GA
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-07 10:07:40 -08:00
Riyaz Faizullabhoy
84dc2d9e70 Vendor in notary v0.2.0
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-25 13:40:00 -08:00
Jess Frazelle
3b62a610ec Merge pull request #20288 from tiborvass/debian-jessie
Switch Dockerfile to debian:jessie ... AGAIN
2016-02-19 13:51:30 -07:00
Christophe Mehay
7f0ca59ec2 Update to Golang 1.6 in Power8 Dockerfile
Signed-off-by: Christophe Mehay <cmehay@online.net>
2016-02-18 14:42:19 +01:00
Tibor Vass
f27b5dda4a Switch Dockerfile to debian:jessie
Fixes broken-pipe issue when piping s3cmd to grep -q, by removing the -q
flag and redirecting to /dev/null instead.

Add net-tools for ifconfig, because some tests rely on ifconfig.

Harmonize all Dockerfiles in this direction.

Signed-off-by: Tibor Vass <tibor@docker.com>
2016-02-12 21:49:54 -05:00
Christophe Mehay
b8a9812b92 Build golang 1.6 in power8 Dockerfile
Signed-off-by: Christophe Mehay <cmehay@online.net>
2016-02-10 10:08:53 +01:00
David Calavera
d38cee5e0d Merge pull request #19516 from tophj-ibm/update-registry-on-dockerfile-ppc64le
Update registry version in Dockerfile.ppc64le
2016-01-29 11:53:42 -08:00
cyli
71a1caddf0 Include a new version of notary with less verbose INFO+ logging
Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-01-27 09:46:26 -08:00
cyli
8fd2c8791d Re-vendor notary, as well as change jfrazelle/go to docker/go.
Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-01-26 18:02:00 -08:00
Sebastiaan van Stijn
589c8a879f Update notary to 1.10-3 in all Dockerfiles
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-01-26 11:51:22 -08:00
Christopher Jones
3aa778d6a0 Update registry in Dockerfile.ppc64le
This updates the Dockerfile registry version on ppc64le to be
consistent with 6309947718

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-01-20 16:57:18 -05:00
Jess Frazelle
afa9b75c7c Merge pull request #19310 from tophj-ibm/add-registry-remove-notary-on-power
update registry and remove notary on ppc64le
2016-01-18 09:51:02 -08:00
Tianon Gravi
9b2aab3fc8 Switch "syscall-test" image from "debian:jessie" to "buildpack-deps:jessie" so that "gcc" is already included
This results in a significant time savings during repeated builds (since we don't have to re-download gcc for every test run).

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2016-01-14 13:51:30 -08:00
Christopher Jones
7465a3149f update registry and remove notary on ppc64le
ppc64le now installs the second registry used for
f11b6a2ab3

Also, removed notary until the change to go 1.5.1+

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-01-13 13:55:29 -05:00
David Calavera
db41c5f5a5 Update docker-py commit to the latest HEAD.
To fix issues with IPAM options.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-12 13:19:17 -05:00
Tianon Gravi
91201678c6 Refactor multi-arch support (especially for new mostly-official multi-arch official images)
See 99433d2ca2/README.md (architectures-other-than-amd64) for some context of where these images come from.

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2016-01-06 14:34:29 -08:00
Christy Perez
fab75bffb0 Update gcc from 5.2 to 5.3
gcc 5.3 is out, so let's use the new one!

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2015-12-17 13:37:50 -06:00
Christopher Jones
a796eea2b5 Added ppc64le ensure image to the Dockerfile
Adds ppc64le image to the Dockerfile,
should be with 03fc212b6d

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2015-12-08 20:07:11 -05:00
Christopher Jones
03fc212b6d Fixes for ppc64le and 390x frozen-images
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2015-12-08 14:26:34 -05:00
unclejack
92756bdcdd Dockerfile: add python-dev to fix Python.h errors
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
2015-11-22 12:32:10 +02:00
Srini Brahmaroutu
b1cc78b8f5 Build and test Docker on IBM Power and Z using gccgo. Enable CI on Power and Z.
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-11-14 03:16:45 +00:00