The overlay(2) drivers were moved up in the list of storage drivers,
and are known to have problems if the backing filesystem does not
support d_type.
Commit 2e20e63da2 added a warning,
which is logged in the daemon logs, however, many users do not
check those logs, and may overlook this warning.
This patch adds the same warning to the output of `docker info`
so that the warning is more easily found.
In addition, the output of warnings printed by `docker info` is
optimized, by;
- moving all warnings to the _end_ of the output, instead of
mixing them with the regular output
- wrapping the storage-driver warnings, so that they are more
easily readable
Example output with this patch applied
============================================
devicemapper using loopback devices:
...
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
overlay2 on xfs without d_type support;
...
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: overlay2: the backing xfs filesystem is formatted without d_type support, which leads to incorrect behavior.
Reformat the filesystem with ftype=1 to enable d_type support.
Running without d_type support will not be supported in future releases.
WARNING: bridge-nf-call-iptables is disabled
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1921559798)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
In https://github.com/torvalds/linux/commit/5ca3726 (released in v4.7-rc1) the
content of the `cpuacct.usage_percpu` file in sysfs was changed to include both
online and offline cpus. This broke the arithmetic in the stats helpers used by
`docker stats`, since it was using the length of the PerCPUUsage array as a
proxy for the number of online CPUs.
Add current number of online CPUs to types.StatsJSON and use it in the
calculation.
Keep a fallback to `len(v.CPUStats.CPUUsage.PercpuUsage)` so this code
continues to work when talking to an older daemon. An old client talking to a
new daemon will ignore the new field and behave as before.
Fixes#28941.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
(cherry picked from commit 115f91d757)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
Commit 87a53468b2 cherry-picked
changes into the 17.03 branch to make the client
skip auto-removing containers on API 1.25 and up.
Some changes got lost during that cherry-pick,
resulting in 17.03 clients to not fall back to
the old behavior when connecting to API version
1.24 or below.
This patch addresses this issue for the 17.03
branch by copying the `HostConfig.AutoRemove` property
to a local variable before it is overridden
in `ContainerCreate()`.
This change is not needed on "master" (17.04-dev),
which does not have this problem.
Thanks to Josh Hawn for finding this bug.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows a plugin to be upgraded without requiring to
uninstall/reinstall a plugin.
Since plugin resources (e.g. volumes) are tied to a plugin ID, this is
important to ensure resources aren't lost.
The plugin must be disabled while upgrading (errors out if enabled).
This does not add any convenience flags for automatically
disabling/re-enabling the plugin during before/after upgrade.
Since an upgrade may change requested permissions, the user is required
to accept permissions just like `docker plugin install`.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 03c6949739)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This fix tries to address the issue raised in 29291 where
the output of `--replicas` in `service create/update`:
```
--replicas uint Number of tasks (default none)
```
is misleading. User might incorrectly assume the number of replicas
would be `0` (`none`) by default, while the actual default is `1`.
The issue comes from the fact that some of the default values are
from daemon and it is not possible for client to find out the default
value.
In this case, it might be better to just simply not displaying `(default none)`.
This fix returns "" for `Uint64Opt` so that `(default none)` is hidden.
In addition to `--replicas`, this fix also changes
`--restart-delay`, `--restart-max-attempts`, `--stop-grace-period`,
`--health-interval`, `--health-timeout`, and `--restart-window`
in a similiar fashion.
New Output:
```
--health-interval duration Time between running the check (ns|us|ms|s|m|h)
--health-timeout duration Maximum time to allow one check to run (ns|us|ms|s|m|h)
...
--replicas uint Number of tasks
...
--restart-delay duration Delay between restart attempts (ns|us|ms|s|m|h)
--restart-max-attempts uint Maximum number of restarts before giving up
--restart-window duration Window used to evaluate the restart policy (ns|us|ms|s|m|h)
...
--stop-grace-period duration Time to wait before force killing a container (ns|us|ms|s|m|h)
```
The docs has been updated. Note the docs for help output of `service create/update`
is out of sync with the current master. This fix replace with the update-to-date
help output.
This fix fixes 29291.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit acc93db32b)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
This fix tries to fix the issue in 30279 where `docker ps --format`
fails if `.Label` has args. For example:
```
docker ps --format '{{.ID}}\t{{.Names}}\t{{.Label "some.label"}}'
```
The reason for the failure is that during the preprocessing phase
to detect the existance of `.Size`, the `listOptionsProcessor`
does not has a method of `Label(name string) string`.
This results in the failure of
```
template: :1:24: executing "" at <.Label>: Label is not a method but has arguments
```
This fix fixes the issue by adding needed method of `Label(name string) string`.
This fix fixes 30279.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 2cd4ba1e56)
Signed-off-by: Victor Vieux <vieux@docker.com>
The top-level `docker inspect` command could return
an error if the nodes Swarm certificates were expired.
In situations where the user did not explicitly
ask for an object-type (`--type=foo`), we should
ignore these errors, and consider them equal to
"node is not a swarm manager".
This change makes `docker inspect` ignore these
errors if no type was specified.
As a further optimization, the "swarm status"
result is now stored in a variable, so that
other swarm-specific API calls can be skipped.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 66cf4cc7f7)
Signed-off-by: Victor Vieux <vieux@docker.com>
When Size was reverted to be equal to VirtualSize, the df command
formatter was not correctly updated to account for the change.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit dcc1b4baf6)
Signed-off-by: Victor Vieux <vieux@docker.com>
The prune PR changed the meaning of the file to mean "space on disk
only unique to this image", this PR revert this change.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit be20dc15af)
Signed-off-by: Victor Vieux <vieux@docker.com>
- default network is only created if needed
- it's possible to override default network configuration
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
This fix tries to address the issue raised in 28581 and 28927
where it is not possible to create a secret from a file (only
through STDIN).
This fix add a flag `--file` to `docker secret create` so that
it is possible to create a secret from a file with:
```
docker secret create --file secret.in secret.name
```
or
```
echo TEST | docker secret create --file - secret.name
```
Related docs has been updated.
An integration test has been added to cover the changes.
This fix fixes 28581.
This fix is related to 28927.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit c6f0b7f448)
Signed-off-by: Victor Vieux <vieux@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
In #28507 and #28885, `docker service/node ps -a` has been removed so that
information about slots are show up even without `-a` flag.
The output of `docker stack ps` reused the same output as `docker service/node ps`.
However, the `-a` was still there. It might make sense to remove `docker stack ps -a`
as well to bring consistency with `docker service/node ps`.
This fix is related to #28507, #28885, and #25983.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 9155e14e77)
Signed-off-by: Victor Vieux <vieux@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit abe32de6b4)
Signed-off-by: Victor Vieux <vieux@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
The current validation only checked for the
number of elements in the volume-spec, however,
did not validate if the elements were empty.
Because of this, an empty volume-spec (""),
or volume spec only containing separators ("::")
would not be invalidated.
This adds a simple check for empty elements in
the volume-spec, and returns an error if
the spec is invalid.
A unit-test is also added to verify the behavior.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
