Commit graph

25485 commits

Author SHA1 Message Date
Daniel Nephin
c5531b033a
Make manpages in a conatiner.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 7004f219f5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-07-26 14:43:11 +02:00
Tibor Vass
4ed7f63f0d Merge pull request #25058 from tiborvass/additional-cherrypicks-for-1.12.0-rc5
[bump_v1.12.0] Additional cherrypicks for 1.12.0 rc5
2016-07-26 05:01:51 -07:00
Aaron Lehmann
e16a20d11a service update: Don't assume existing pointers in spec are valid
When updating values in the spec according to CLI flags, don't write
into the existing pointers. They may be nil. Instead, update them to
point to the new value we're writing.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit f9c920a126)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 04:37:31 -07:00
Tibor Vass
0e2d7c996c Address some displaying issues in docker info
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 8ad9438ede)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 04:37:31 -07:00
Vincent Demeester
a91bc28e62 Remove swarm inspect and use info instead
Remove the swarm inspect command and use docker info instead to display
swarm information if the current node is a manager.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit e6923f6d75)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 04:37:31 -07:00
Tibor Vass
0ffa19daa8 vendor engine-api to a52656d77f09d394104c1639824eada038bfdb89
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit e3c150bd47)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 04:37:31 -07:00
Stephen J Day
c3574dd1ec container/controller: avoid cancellation with forked pull context
Context cancellations were previously causing `Prepare` to fail
completely on re-entrant calls. To prevent this, we filtered out cancels
and deadline errors. While this allowed the service to proceed without
errors, it had the possibility of interrupting long pulls, causing the
pull to happen twice.

This PR forks the context of the pull to match the lifetime of
`Controller`, ensuring that for each task, the pull is only performed
once. It also ensures that multiple calls to `Prepare` are re-entrant,
ensuring that the pull resumes from its original position.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit d8d71ad5b9)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 04:37:26 -07:00
Madhu Venugopal
fe1d39cc96 Vendoring libnetwork to remove stale xfrm states
When using encrypted vxlan network, some of the xfrm states are left
stale. This fix also filters out self advertise-addr rules.

Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 6a754a4eef)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 03:51:44 -07:00
Tibor Vass
45c8a3ddd5 Prevent panic on update --container-label-add
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit e462b4507a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 03:51:43 -07:00
Vincent Demeester
8fe03baa41 Add container labels to service create/update
Swarm mode makes it possible through the API to set labels to containers
but not through command line. This tries to fix it.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 4031d70d1b)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 03:51:43 -07:00
Tibor Vass
05444a56af Merge pull request #25045 from tiborvass/cherry-picks-1.12.0-rc5
Cherry picks for 1.12.0 rc5
2016-07-26 03:29:52 -07:00
Derek McGowan
86670cced9 Fix untag without force while container running
With digests being added by default, all images have multiple references.
The check for whether force is required to remove the reference should use the new check for single reference which accounts for digest references.
This change restores pre-1.12 behavior and ensures images are not accidentally left dangling while a container is running.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
(cherry picked from commit 1f7a9b1ab3)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 01:53:17 -07:00
Aaron Lehmann
4b986851f7 Vendor swarmkit for 1.12.0-rc5
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 60496af711)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 01:52:07 -07:00
Derek McGowan
e111f0c7b2 Fix calculation of relative path for symlink on docker save
Relative paths are now calculated from a base path rather than from the file path, which gets treated like a directory.
Symlinks will now properly point to the file as "../<layer dir>/layer.tar" rather the incorrect "../../<layer dir>/layer.tar".

Fixes #24951

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
(cherry picked from commit 5487881e12)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 01:49:29 -07:00
Nishant Totla
25cf7999fa Using map to list plugins in node description
Signed-off-by: Nishant Totla <nishanttotla@gmail.com>
(cherry picked from commit feedb7ab5a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-26 01:49:29 -07:00
Madhu Venugopal
678a19ef6b improve error message when using ineligible network with service create
Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 40c88b8c54)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:27:41 -07:00
Stephen J Day
027de801a8 swarm/controller: allow cancellation to propagate
Ensure that cancellation of a pull propagates rather than continuing to
container creation. This ensures that the `Prepare` method is properly
re-entrant.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit d99c6b837f)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:26:42 -07:00
Brian Goff
07735b4f0c fix panic on --label-add
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 85bc3194aa)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:47 -07:00
runshenzhu
84eae5d69f extend health check to start service
Signed-off-by: runshenzhu <runshen.zhu@gmail.com>
Signed-off-by: Runshen Zhu <runshen.zhu@gmail.com>
(cherry picked from commit a99db84b4a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:47 -07:00
Tibor Vass
0df31ff193 healthcheck: do not interpret exit code 2 as "starting"
Instead reserve exit code 2 to be future proof, document that it should
not be used. Implementation-wise, it is considered as unhealthy, but
users should not rely on this as it may change in the future.

Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 91e9f38313)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:47 -07:00
Nishant Totla
bf024205b7 Sort plugin names in node description
Signed-off-by: Nishant Totla <nishanttotla@gmail.com>
(cherry picked from commit 227c7e4e8d)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:47 -07:00
Alexandre Beslic
365d16ed6d swarm docs: add administration guide for Managers and Raft
This adds a guide with recommendations on how to setup
Managers and keep the Swarm cluster healthy.

Signed-off-by: Alexandre Beslic <alexandre.beslic@gmail.com>
(cherry picked from commit 24f87f26e7)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:46 -07:00
Charles Smith
bd31863ba7 add run swarm mode guide
Signed-off-by: Charles Smith <charles.smith@docker.com>
(cherry picked from commit c406711cc0)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:46 -07:00
Aaron Lehmann
a3639e6ac6 Add failure action for rolling updates
This changes the default behavior so that rolling updates will not
proceed once an updated task fails to start, or stops running during the
update. Users can use docker service inspect --pretty servicename to see
the update status, and if it pauses due to a failure, it will explain
that the update is paused, and show the task ID that caused it to pause.
It also shows the time since the update started.

A new --update-on-failure=(pause|continue) flag selects the
behavior. Pause means the update stops once a task fails, continue means
the old behavior of continuing the update anyway.

In the future this will be extended with additional behaviors like
automatic rollback, and flags controlling parameters like how many tasks
need to fail for the update to stop proceeding. This is a minimal
solution for 1.12.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 57ae29aa74)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:43 -07:00
Aaron Lehmann
92cbdfece9 Revendor engine-api
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 3585026c3a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:37 -07:00
Josh Horwitz
c166b2c9da Treat HEALTHCHECK NONE the same as not setting a healthcheck
Signed-off-by: Josh Horwitz <horwitzja@gmail.com>
(cherry picked from commit 4016038bd3)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:37 -07:00
Aanand Prasad
a688a0ae9d Add note about --entrypoint overriding default command
Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
(cherry picked from commit 2b7548f972)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:37 -07:00
Anusha Ragunathan
52b078fb37 Handle plugin shutdown when liveRestore is set.
When daemon has liveRestore set, daemon shutdown should not shutdown
plugins. Fixes #24759

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 4a44cf1d4c)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:37 -07:00
Kenfe-Mickael Laventure
47b7cf5ceb Fix missing unlock in libcontainerd.Restore()
This was preventing the "exit" event to be correctly processed during
the restore process without live-restore enabled.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit ac068a1f9d)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:24:37 -07:00
Kenfe-Mickael Laventure
6142557cba Prepend libcontainerd log message with "libcontainerd:"
This will make it easier to pinpoint error messages in the daemon
logs.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit 5231c55346)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:21:14 -07:00
Andrea Luzzardi
42e97d23e2 service tasks: Improve error reporting
- Tasks will display all tasks (`-a` is the default and was removed)
- Nest tasks to help display history
- Display task errors inline

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
(cherry picked from commit edd67fd4ad)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:29 -07:00
Sebastiaan van Stijn
ec241bfeaf make network errors less DRY
There's existing code to generate these
kind of errors, so make the errors added
in commit cc493a52a4
less DRY.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3fa9d77bf3)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:28 -07:00
Zhang Wei
861fa09131 small nit: fix unmeaningful log
Truncated dir name can't give any useful information, print whole dir
name will.

Bad debug log is like this:

```
DEBU[2449] aufs error unmounting /var/lib/doc: no such file or directory
```

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
(cherry picked from commit af8359562c)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:28 -07:00
Sebastiaan van Stijn
e9190e0764 Add new error to API docs
Commit cc493a52a4 added
a constraint to network connect/disconnect operations
on "Swarm scoped" networks.

This adds those errors to the API documentation. Also
changes the error to lowercase for consistency.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b0089e4827)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:23 -07:00
Tianyi Wang
14038215d3 Fix high cpu usage caused by docker stats.
Signed-off-by: Tianyi Wang <capkurmagati@gmail.com>
(cherry picked from commit 54e8beec9b)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:16 -07:00
Tadej Janež
82219c7727 Expand instructions on using systemd to manage containers
Signed-off-by: Tadej Janež <tadej.j@nez.si>
(cherry picked from commit c8a99a5054)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:16 -07:00
Madhu Venugopal
c6ff464d43 Vendoring libnetwork for rc5
Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 56b78ab2f2)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:15 -07:00
Madhu Venugopal
71d54a4bd3 Prevent network connect/disconnect on swarm scoped networks
Swarm handles service updates quite differently and also it doesnt
support worker driver network operations. Hence prevent containers from
connecting to swarm scoped networks

Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 8f9066c468)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:15 -07:00
Everett Toews
beffc3e8c0 Fix AuthzPlugin URL fragment in docs
These docs have AuthzPlugin with a lower case 'z'. What the plugin
api is actually looking for is AuthZPlugin with an upper case 'Z'.

See 46e3a249a1/pkg/authorization/api.go (L5-L8)

Signed-off-by: Everett Toews <everett.toews@rackspace.com>
(cherry picked from commit c42fbc6b09)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:15 -07:00
John Starks
43193233f8 Windows: Restore console mode on set mode failure
SetConsoleMode() on input handles appears to remember invalid bits that
were set, causing problems for other programs (such as xcopy.exe) trying
to set the console mode after docker.exe has exited. Always restore
the input console mode on set failure.

Signed-off-by: John Starks <jostarks@microsoft.com>
(cherry picked from commit 83c186fdd4)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:15 -07:00
allencloud
4cd455a8d9 fix typos
Signed-off-by: allencloud <allen.sun@daocloud.io>
(cherry picked from commit 4e959ef2f7)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:15 -07:00
Steve Durrheimer
5aef7cc12d Add zsh completion for 'docker swarm join-token' command
Signed-off-by: Steve Durrheimer <s.durrheimer@gmail.com>
(cherry picked from commit a04bba8b89)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:14 -07:00
Madhu Venugopal
1cc85c1726 Daemon changes to pass exec-root to libnetwork
This is required to make the libnetwork's namespace mgmt
directory configurable

Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit d3af5e3d4b)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:14 -07:00
Aaron Lehmann
a0d1201e02 Require listen address and advertise address to be an IP address or an interface name
Hostnames are not supported for now because libnetwork can't use them
for overlay networking yet.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit fca0b18dcb)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:12 -07:00
Aaron Lehmann
762a73bf7f Split advertised address from listen address
There are currently problems with "swarm init" and "swarm join" when an
explicit --listen-addr flag is not provided. swarmkit defaults to
finding the IP address associated with the default route, and in cloud
setups this is often the wrong choice.

Introduce a notion of "advertised address", with the client flag
--advertise-addr, and the daemon flag --swarm-default-advertise-addr to
provide a default. The default listening address is now 0.0.0.0, but a
valid advertised address must be detected or specified.

If no explicit advertised address is specified, error out if there is
more than one usable candidate IP address on the system. This requires a
user to explicitly choose instead of letting swarmkit make the wrong
choice. For the purposes of this autodetection, we ignore certain
interfaces that are unlikely to be relevant (currently docker*).

The user is also required to choose a listen address on swarm init if
they specify an explicit advertise address that is a hostname or an IP
address that's not local to the system. This is a requirement for
overlay networking.

Also support specifying interface names to --listen-addr,
--advertise-addr, and the daemon flag --swarm-default-advertise-addr.
This will fail if the interface has multiple IP addresses (unless it has
a single IPv4 address and a single IPv6 address - then we resolve the
tie in favor of IPv4).

This change also exposes the node's externally-reachable address in
docker info, as requested by #24017.

Make corresponding API and CLI docs changes.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit a0ccd0d42f)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:18:03 -07:00
Aaron Lehmann
38beb3d9ab Vendor libnetwork and github.com/vishvananda/netlink
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 24d2d53f5d)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:17:35 -07:00
Aaron Lehmann
ea9d74b755 Revendor swarmkit
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit d626875a94)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:17:34 -07:00
Vincent Demeester
6db1c73da7 Update swarm init task-history-limit docs
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 180f8c61bb)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:17:34 -07:00
Andrea Luzzardi
e6464aa5ab CLI: Change default Swarm task history retention limit.
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
(cherry picked from commit d97c0a1f25)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:17:34 -07:00
Sebastiaan van Stijn
723073bccb bump engine-api to ebb728a1346926edc2ad9418f9b6045901810b20
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9a3e47511a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:17:34 -07:00