Commit graph

3007 commits

Author SHA1 Message Date
John Howard
f9b2a20819 Fix downlevel regression
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-10-09 13:47:28 -07:00
John Howard
d98ecf2d6c LCOW: API change JSON header to string POST parameter
Signed-off-by: John Howard <jhoward@microsoft.com>
2017-10-06 15:26:48 -07:00
John Howard
0380fbff37 LCOW: API: Add platform to /images/create and /build
Signed-off-by: John Howard <jhoward@microsoft.com>

This PR has the API changes described in https://github.com/moby/moby/issues/34617.
Specifically, it adds an HTTP header "X-Requested-Platform" which is a JSON-encoded
OCI Image-spec `Platform` structure.

In addition, it renames (almost all) uses of a string variable platform (and associated)
methods/functions to os. This makes it much clearer to disambiguate with the swarm
"platform" which is really os/arch. This is a stepping stone to getting the daemon towards
fully multi-platform/arch-aware, and makes it clear when "operating system" is being
referred to rather than "platform" which is misleadingly used - sometimes in the swarm
meaning, but more often as just the operating system.
2017-10-06 11:44:18 -07:00
Sebastiaan van Stijn
fd90733972
Add PortConfig.PublishMode to API documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-04 15:34:08 +02:00
Sebastiaan van Stijn
288abf0854
Bump API version to 1.34
Docker 17.10 was cut off from ab2b03a0e1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-30 01:13:20 +02:00
Vincent Demeester
a343cba40c Merge pull request #34985 from thaJeztah/remove-use-of-deprecated-filter-functions
Remove use of deprecated filter functions
2017-09-27 17:34:07 +02:00
Allen Sun
4611ecd3cd add node/service/secret/config specific event filter
Signed-off-by: Allen Sun <shlallen1990@gmail.com>
2017-09-27 00:23:51 +08:00
Sebastiaan van Stijn
74a084162c Merge pull request #34908 from thaJeztah/bump-api-version-1.33
Bump API version to 1.33
2017-09-26 18:09:50 +02:00
Sebastiaan van Stijn
a4efe66cf2
Replace uses of filters.ToParam(), FromParam() with filters.ToJSON(), FromJSON()
`filters.ToParam()` and `filters.FromParam()` were deprecated in favor of
`filters.ToJSON()` and `filters.FromJSON()` in 065118390a,
but still used in various locations.

This patch replaces uses of `filters.ToParam()` and  `filters.FromParam()` with
`filters.ToJSON()` and `filters.FromJSON()`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-26 13:59:45 +02:00
Sebastiaan van Stijn
97c5ae25c4
Replace uses of filters.Include() with filters.Contains()
The `filters.Include()` method was deprecated in favor of `filters.Contains()`
in 065118390a, but still used in various
locations.

This patch replaces uses of `filters.Include()` with `filters.Contains()`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-26 13:39:56 +02:00
Daniel Nephin
27cfa68af1 Move RFC3339NanoFixed to a more appropriate package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-25 16:07:24 -04:00
Sebastiaan van Stijn
15a59e763b
Bump API version to 1.33
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-20 15:19:16 +02:00
Akash Gupta
7a7357dae1 LCOW: Implemented support for docker cp + build
This enables docker cp and ADD/COPY docker build support for LCOW.
Originally, the graphdriver.Get() interface returned a local path
to the container root filesystem. This does not work for LCOW, so
the Get() method now returns an interface that LCOW implements to
support copying to and from the container.

Signed-off-by: Akash Gupta <akagup@microsoft.com>
2017-09-14 12:07:52 -07:00
Yong Tang
dc35a8a5d2 Merge pull request #34821 from thaJeztah/remove-enable-api-cors
Remove deprecated --enable-api-cors flag
2017-09-13 20:10:27 -07:00
Sebastiaan van Stijn
80edccda70 Merge pull request #34828 from allencloud/add-config-tags-in-swagger
add configs tag in swagger.yml
2017-09-14 02:37:28 +02:00
Allen Sun
16929d337a add configs tag in swagger.yml
Signed-off-by: Allen Sun <allensun.shl@alibaba-inc.com>
2017-09-13 09:48:05 +08:00
Daniel Nephin
f7f101d57e Add gosimple linter
Update gometalinter

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-12 12:09:59 -04:00
Sebastiaan van Stijn
7d4eab5543
Remove deprecated --enable-api-cors flag
The `--enable-api-cors` flag was deprecated in f3dd2db4ff,
and marked for removal in docker 17.09 through 85f92ef359.

This patch removes the deprecated flag.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-12 12:43:34 +02:00
Brian Goff
c8400bf24d Merge pull request #34756 from dnephin/better-filters
Improve docs and interface for api/types/filters
2017-09-07 17:00:59 -04:00
Yong Tang
2dcb77b24c Merge pull request #34738 from wgliang/optimization1
Optimize some wrong usage and spelling
2017-09-07 09:45:14 -07:00
wangguoliang
94cefa2145 Optimize some wrong usage and spelling
Signed-off-by: wgliang <liangcszzu@163.com>
2017-09-07 09:44:08 +08:00
Daniel Nephin
065118390a Cleanup filter package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 16:41:47 -04:00
Daniel Nephin
2f007e46d0 Remove libtrust dep from api
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 12:05:19 -04:00
Daniel Nephin
22b246417f Move names to a more appropriate package.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-09-06 12:05:16 -04:00
Daniel Nephin
2f5f0af3fd Add unconvert linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-24 15:08:31 -04:00
Daniel Nephin
709bf8b7bc Add interfacer linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-24 15:08:26 -04:00
Yong Tang
6540d55814 Merge pull request #34588 from dnephin/more-linters
Add deadcode and goimports linters
2017-08-22 05:12:50 -07:00
Yong Tang
28362f11d7 Merge pull request #34572 from krizalys/hyphenless-bind-mount
Dropped hyphen in bind mount where appropriate
2017-08-22 05:11:46 -07:00
Daniel Nephin
62c1f0ef41 Add deadcode linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-21 18:18:50 -04:00
Christophe Vidal
dffa5d6df2 Dropped hyphen in bind mount where appropriate
Signed-off-by: Christophe Vidal <kriss@krizalys.com>
2017-08-19 21:25:07 +07:00
Daniel Nephin
9b47b7b151 Fix golint errors.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-18 14:23:44 -04:00
Yong Tang
2afb3efaa6 Merge pull request #34188 from cpuguy83/32144_api_error_handling
Remove string checking in API error handling
2017-08-16 08:53:15 -07:00
Sebastiaan van Stijn
18b23067be
Create definition for SystemInfo response
The `/info` endpoint was badly documented, missing various
fields and incorrectly describing others.

This patch defines a type for the endpoint, based on the
API types in the source.

Also removing the response example in favor of
per-field examples, as this prevents an incorrectly
formatted response from masking omissions in the
actual type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:29 +02:00
Sebastiaan van Stijn
2720cefbb2
Remove redundant example for Node
All example values are now documented per field,
so are automatically used to generate responses.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:19 +02:00
Sebastiaan van Stijn
5b017ef45d
Add definition for Swarm inspect response
Also remove inline response examples

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:14 +02:00
Sebastiaan van Stijn
33e2c99401
Extract NodeDescription to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:09 +02:00
Sebastiaan van Stijn
7cb4a97ae1
Extract EngineDescription to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:11:04 +02:00
Sebastiaan van Stijn
a2de2681a6
Extract Platform to a separate definition
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:58 +02:00
Sebastiaan van Stijn
3f1ad79faf
Add missing definition for Node.ManagerStatus
The `Node.ManagerStatus`  property was only present in
the example, but not in the definition.

This patch adds definitions for `ManagerStatus`
and `Reachability`, similar to what is used in the
code;
f02a5b50c4/api/types/swarm/node.go (L84-L101)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:53 +02:00
Sebastiaan van Stijn
26b247e706
Add missing definition for Node.Status
The `Node.Status`  property was only present in
the example, but not in the definition.

This patch adds definitions for `NodeStatus`
and `NodeState`, similar to what is used in the
code;

- f02a5b50c4/api/types/swarm/node.go (L77-L82)
- f02a5b50c4/api/types/swarm/node.go (L103-L115)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:47 +02:00
Sebastiaan van Stijn
b2de157a41
Fix TLSInfo in Node specification
- `TLSInfo` is part of `Node.Description`, but was documented as a
  direct child of `Node`
- `Node.TLSInfo` incorrectly was using the `SwarmSpec` type,
  instead of `TLSInfo`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:42 +02:00
Sebastiaan van Stijn
93e324e2a7
Update incorrect types in Swagger
- `ObjectVersion.Index` is an `uint64` 0fd90c4d5d/api/types/swarm/common.go (L5-L15)
- `ClusterInfo` is nullable in the `/info` output (see ff4f700f74/api/types/swarm/swarm.go (L203))
- `CAConfig.ForceRotate` was missing a type, therefore treated as an `object` in Swagger: ff4f700f74/api/types/swarm/swarm.go (L121)
- `Raft.SnapshotInterval`, `Raft.KeepOldSnapshots`, and `Raft.LogEntriesForSlowFollowers` are an `uint64` not an `int64`
- Various fields in `swarm.Info` are nullable; added `x-nullable`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:32 +02:00
Sebastiaan van Stijn
934378bee3
Update / add extra description fields to Swagger
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:27 +02:00
Sebastiaan van Stijn
fa05a53426
Add extra example values to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:22 +02:00
Sebastiaan van Stijn
f720f9cc33
Reformat definitions - add some whitespace
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-16 11:10:14 +02:00
Brian Goff
ebcb7d6b40 Remove string checking in API error handling
Use strongly typed errors to set HTTP status codes.
Error interfaces are defined in the api/errors package and errors
returned from controllers are checked against these interfaces.

Errors can be wraeped in a pkg/errors.Causer, as long as somewhere in the
line of causes one of the interfaces is implemented. The special error
interfaces take precedence over Causer, meaning if both Causer and one
of the new error interfaces are implemented, the Causer is not
traversed.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-08-15 16:01:11 -04:00
Sebastiaan van Stijn
b98ceb7121
Update NetworkConfig definition in Swagger
This patch updates the definition of `NetworkConfig` to match the code, and
renames to the definition to `NetworkSettings` (also to match the type in
the code).

Add definitions for:

- `Address`
- `PortMap`
- `PortBinding`
- `EndpointIPAMConfig`

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-15 09:39:41 +02:00
Kir Kolyshkin
7120976d74 Implement none, private, and shareable ipc modes
Since the commit d88fe447df ("Add support for sharing /dev/shm/ and
/dev/mqueue between containers") container's /dev/shm is mounted on the
host first, then bind-mounted inside the container. This is done that
way in order to be able to share this container's IPC namespace
(and the /dev/shm mount point) with another container.

Unfortunately, this functionality breaks container checkpoint/restore
(even if IPC is not shared). Since /dev/shm is an external mount, its
contents is not saved by `criu checkpoint`, and so upon restore any
application that tries to access data under /dev/shm is severily
disappointed (which usually results in a fatal crash).

This commit solves the issue by introducing new IPC modes for containers
(in addition to 'host' and 'container:ID'). The new modes are:

 - 'shareable':	enables sharing this container's IPC with others
		(this used to be the implicit default);

 - 'private':	disables sharing this container's IPC.

In 'private' mode, container's /dev/shm is truly mounted inside the
container, without any bind-mounting from the host, which solves the
issue.

While at it, let's also implement 'none' mode. The motivation, as
eloquently put by Justin Cormack, is:

> I wondered a while back about having a none shm mode, as currently it is
> not possible to have a totally unwriteable container as there is always
> a /dev/shm writeable mount. It is a bit of a niche case (and clearly
> should never be allowed to be daemon default) but it would be trivial to
> add now so maybe we should...

...so here's yet yet another mode:

 - 'none':	no /dev/shm mount inside the container (though it still
		has its own private IPC namespace).

Now, to ultimately solve the abovementioned checkpoint/restore issue, we'd
need to make 'private' the default mode, but unfortunately it breaks the
backward compatibility. So, let's make the default container IPC mode
per-daemon configurable (with the built-in default set to 'shareable'
for now). The default can be changed either via a daemon CLI option
(--default-shm-mode) or a daemon.json configuration file parameter
of the same name.

Note one can only set either 'shareable' or 'private' IPC modes as a
daemon default (i.e. in this context 'host', 'container', or 'none'
do not make much sense).

Some other changes this patch introduces are:

1. A mount for /dev/shm is added to default OCI Linux spec.

2. IpcMode.Valid() is simplified to remove duplicated code that parsed
   'container:ID' form. Note the old version used to check that ID does
   not contain a semicolon -- this is no longer the case (tests are
   modified accordingly). The motivation is we should either do a
   proper check for container ID validity, or don't check it at all
   (since it is checked in other places anyway). I chose the latter.

3. IpcMode.Container() is modified to not return container ID if the
   mode value does not start with "container:", unifying the check to
   be the same as in IpcMode.IsContainer().

3. IPC mode unit tests (runconfig/hostconfig_test.go) are modified
   to add checks for newly added values.

[v2: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-51345997]
[v3: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-53902833]
[v4: addressed the case of upgrading from older daemon, in this case
     container.HostConfig.IpcMode is unset and this is valid]
[v5: document old and new IpcMode values in api/swagger.yaml]
[v6: add the 'none' mode, changelog entry to docs/api/version-history.md]

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2017-08-14 10:50:39 +03:00
Victor Vieux
4930020210 hide swarm plugins behind experimental flag
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2017-08-08 18:33:25 -07:00
John Starks
54354db850 Windows: Add named pipe mount support
Current insider builds of Windows have support for mounting individual
named pipe servers from the host to the guest. This allows, for example,
exposing the docker engine's named pipe to a container.

This change allows the user to request such a mount via the normal bind
mount syntax in the CLI:

  docker run -v \\.\pipe\docker_engine:\\.\pipe\docker_engine <args>

Signed-off-by: John Starks <jostarks@microsoft.com>
2017-08-07 11:34:36 -07:00