Commit graph

145 commits

Author SHA1 Message Date
Aaron.L.Xu
e0577d5fe8 fix some typos from module contrib to man
Signed-off-by: Aaron.L.Xu <likexu@harmonycloud.cn>
2017-02-18 10:08:55 +08:00
Yong Tang
9526e5c6ae Fix duplicate mount point for --volumes-from in docker run
This fix tries to fix the issue raised in 21845. The issue with 21845
is that if multiple `--volumes-from` with the same destination has been
specified, then one volume will be overridden by the other. This will mess
up with volumes reference and prevent the overridden volume from
being removed at the end.

Issue 21845 was observed with `docker-compose` though it is possible to
emulate the same behavior with `docker` alone:
```
$ cat Dockerfile
FROM busybox
VOLUME ["/tmp/data"]
$ docker build -t vimage .
$ docker run --name=data1 vimage true
$ docker run --name=data2 vimage true
$ docker run --name=app --volumes-from=data1 --volumes-from=data2 -d busybox top
$ docker rm -f -v $(docker ps -aq)
$ docker volume ls
$ docker volume rm ...
```
NOTE: Second case:
```
$ cat Dockerfile
FROM busybox
VOLUME ["/tmp/data"]
$ docker build -t vimage .
$ docker run --name=data1 vimage true
$ docker run --name=data2 vimage true
$ docker run --name=app --volumes-from=data1 --volumes-from=data2 -v /tmp/data:/tmp/data -d busybox top
$ docker rm -f -v $(docker ps -aq)
$ docker volume ls
$ docker volume rm ...
```
NOTE: Third case: Combination of --volumes-from and `HostConfig.Mounts` (API only)

This fix tries to address the issue by return an error if duplicate
mount points was used with `--volumes-from`.

An integration test has been added.

This fix fixes 21845.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-02-07 08:30:56 -08:00
Ben Firshman
f0d55cd081
Rename Remote API to Engine API
Implementation of https://github.com/docker/docker/issues/28319

Signed-off-by: Ben Firshman <ben@firshman.co.uk>
2016-11-22 12:49:38 +00:00
Qiang Huang
e6866492c4 Fix bunch of typos
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-10-29 15:03:26 +08:00
Yong Tang
9ce8aac55e Show volume options for docker volume inspect
This fix tries to address the issue raised in 25545 where
volume options at the creation time is not showed up
in `docker volume inspect`.

This fix adds the field `Options` in `Volume` type and
persist the options in volume db so that `volume inspect`
could display the options.

This fix adds a couple of test cases to cover the changes.

This fix fixes 25545.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-10-20 05:14:27 -07:00
Kenfe-Mickael Laventure
d36952749d Move types.Volumes optional fields under a new type
This allows us to hide those fields when they are not filled.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-10-11 11:49:26 -07:00
Kenfe-Mickael Laventure
f2e11fb8d1 Add /system/df API endpoint
This endpoint return data regarding the space used by docker on disk

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-09-29 07:42:53 -07:00
Kenfe-Mickael Laventure
c6db1e9c1b Add Size and RefCount fields to types.Volume
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-09-29 07:42:53 -07:00
Vincent Demeester
e54171378c Merge pull request #26656 from miaoyq/rename-name-to-destination
Rename the variable 'name' to 'destination'
2016-09-17 16:01:02 +02:00
Yanqiang Miao
57cec5a777 Rename the variable 'name' to 'destination'
Signed-off-by: Yanqiang Miao <miao.yanqiang@zte.com.cn>
2016-09-17 10:52:11 +08:00
Daniel Nephin
c452e1bfe6 Move errors/ to api/errors
Using:
        gomvpkg -from github.com/docker/docker/errors
                -to github.com/docker/docker/api/errors
                -vcs_mv_cmd "git mv {{.Src}} {{.Dst}}"

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2016-09-16 12:27:13 -04:00
Brian Goff
29b1c1da73 Migrate old mount format to use mount specs
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-09-13 09:55:35 -04:00
Brian Goff
fc7b904dce Add new HostConfig field, Mounts.
`Mounts` allows users to specify in a much safer way the volumes they
want to use in the container.
This replaces `Binds` and `Volumes`, which both still exist, but
`Mounts` and `Binds`/`Volumes` are exclussive.
The CLI will continue to use `Binds` and `Volumes` due to concerns with
parsing the volume specs on the client side and cross-platform support
(for now).

The new API follows exactly the services mount API.

Example usage of `Mounts`:

```
$ curl -XPOST localhost:2375/containers/create -d '{
  "Image": "alpine:latest",
  "HostConfig": {
    "Mounts": [{
      "Type": "Volume",
      "Target": "/foo"
      },{
      "Type": "bind",
      "Source": "/var/run/docker.sock",
      "Target": "/var/run/docker.sock",
      },{
      "Type": "volume",
      "Name": "important_data",
      "Target": "/var/data",
      "ReadOnly": true,
      "VolumeOptions": {
	"DriverConfig": {
	  Name: "awesomeStorage",
	  Options: {"size": "10m"},
	  Labels: {"some":"label"}
	}
      }]
    }
}'
```

There are currently 2 types of mounts:

  - **bind**: Paths on the host that get mounted into the
    container. Paths must exist prior to creating the container.
  - **volume**: Volumes that persist after the
    container is removed.

Not all fields are available in each type, and validation is done to
ensure these fields aren't mixed up between types.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-09-13 09:55:35 -04:00
Michael Crosby
91e197d614 Add engine-api types to docker
This moves the types for the `engine-api` repo to the existing types
package.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-07 11:05:58 -07:00
Antonio Murdaca
756f6cef4a daemon: allow tmpfs to trump over VOLUME(s)
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-06-15 16:01:51 +02:00
Brian Goff
2f40b1b281 Add support for volume scopes
This is similar to network scopes where a volume can either be `local`
or `global`. A `global` volume is one that exists across the entire
cluster where as a `local` volume exists on a single engine.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-06-05 15:37:15 -04:00
Dan Walsh
322cc99c69 Need to create bind mount volume if it does not exist.
In order to be consistent on creation of volumes for bind mounts
we need to create the source directory if it does not exist and the
user specified he wants it relabeled.

Can not do this lower down the stack, since we are not passing in the
mode fields.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-06-02 07:14:17 -04:00
Lei Jitang
5e5e1d7ada Fix docker create with duplicate volume failed to remove
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2016-05-06 22:48:02 -04:00
Brian Goff
9e6b1852a7 Fix N+1 calling Path() on volume ls
Implements a `CachedPath` function on the volume plugin adapter that we
call from the volume list function instead of `Path.
If a driver does not implement `CachedPath` it will just call `Path`.

Also makes sure we store the path on Mount and remove the path on
Unmount.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-04-12 20:30:34 -04:00
Tibor Vass
53d2e5e9d7 Merge pull request #21270 from ehazlett/resource-labels
Add Label support for Images (build), Networks and Volumes on Creation
2016-03-22 15:12:33 -04:00
Evan Hazlett
fc214b4408 add label support for build, networks and volumes
build: implement --label

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

network: allow adding labels on create

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

volume: allow adding labels on create

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

add tests for build, network, volume

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

vendor: libnetwork and engine-api bump

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
2016-03-22 11:49:06 -04:00
Brian Goff
b0ac69b67e Add explicit flags for volume cp/no-cp
This allows a user to specify explicitly to enable
automatic copying of data from the container path to the volume path.
This does not change the default behavior of automatically copying, but
does allow a user to disable it at runtime.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-03-21 20:38:44 -04:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Dan Walsh
843a119d49 Do not relabel if user did not request it for non local volumes
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-03-01 17:09:42 -05:00
David Calavera
a793564b25 Remove static errors from errors package.
Moving all strings to the errors package wasn't a good idea after all.

Our custom implementation of Go errors predates everything that's nice
and good about working with errors in Go. Take as an example what we
have to do to get an error message:

```go
func GetErrorMessage(err error) string {
	switch err.(type) {
	case errcode.Error:
		e, _ := err.(errcode.Error)
		return e.Message

	case errcode.ErrorCode:
		ec, _ := err.(errcode.ErrorCode)
		return ec.Message()

	default:
		return err.Error()
	}
}
```

This goes against every good practice for Go development. The language already provides a simple, intuitive and standard way to get error messages, that is calling the `Error()` method from an error. Reinventing the error interface is a mistake.

Our custom implementation also makes very hard to reason about errors, another nice thing about Go. I found several (>10) error declarations that we don't use anywhere. This is a clear sign about how little we know about the errors we return. I also found several error usages where the number of arguments was different than the parameters declared in the error, another clear example of how difficult is to reason about errors.

Moreover, our custom implementation didn't really make easier for people to return custom HTTP status code depending on the errors. Again, it's hard to reason about when to set custom codes and how. Take an example what we have to do to extract the message and status code from an error before returning a response from the API:

```go
	switch err.(type) {
	case errcode.ErrorCode:
		daError, _ := err.(errcode.ErrorCode)
		statusCode = daError.Descriptor().HTTPStatusCode
		errMsg = daError.Message()

	case errcode.Error:
		// For reference, if you're looking for a particular error
		// then you can do something like :
		//   import ( derr "github.com/docker/docker/errors" )
		//   if daError.ErrorCode() == derr.ErrorCodeNoSuchContainer { ... }

		daError, _ := err.(errcode.Error)
		statusCode = daError.ErrorCode().Descriptor().HTTPStatusCode
		errMsg = daError.Message

	default:
		// This part of will be removed once we've
		// converted everything over to use the errcode package

		// FIXME: this is brittle and should not be necessary.
		// If we need to differentiate between different possible error types,
		// we should create appropriate error types with clearly defined meaning
		errStr := strings.ToLower(err.Error())
		for keyword, status := range map[string]int{
			"not found":             http.StatusNotFound,
			"no such":               http.StatusNotFound,
			"bad parameter":         http.StatusBadRequest,
			"conflict":              http.StatusConflict,
			"impossible":            http.StatusNotAcceptable,
			"wrong login/password":  http.StatusUnauthorized,
			"hasn't been activated": http.StatusForbidden,
		} {
			if strings.Contains(errStr, keyword) {
				statusCode = status
				break
			}
		}
	}
```

You can notice two things in that code:

1. We have to explain how errors work, because our implementation goes against how easy to use Go errors are.
2. At no moment we arrived to remove that `switch` statement that was the original reason to use our custom implementation.

This change removes all our status errors from the errors package and puts them back in their specific contexts.
IT puts the messages back with their contexts. That way, we know right away when errors used and how to generate their messages.
It uses custom interfaces to reason about errors. Errors that need to response with a custom status code MUST implementent this simple interface:

```go
type errorWithStatus interface {
	HTTPErrorStatusCode() int
}
```

This interface is very straightforward to implement. It also preserves Go errors real behavior, getting the message is as simple as using the `Error()` method.

I included helper functions to generate errors that use custom status code in `errors/errors.go`.

By doing this, we remove the hard dependency we have eeverywhere to our custom errors package. Yes, you can use it as a helper to generate error, but it's still very easy to generate errors without it.

Please, read this fantastic blog post about errors in Go: http://dave.cheney.net/2014/12/24/inspecting-errors

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-26 15:49:09 -05:00
Brian Goff
00ec6102d9 Probe all drivers if volume driver not specified
This fixes an issue where `docker run -v foo:/bar --volume-driver
<remote driver>` -> daemon restart -> `docker run -v foo:/bar` would
make a `local` volume after the restart instead of using the existing
volume from the remote driver.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-02-10 20:43:15 -05:00
Brian Goff
dd7d1c8a02 On container rm, don't remove named mountpoints
This makes it so when calling `docker run --rm`, or `docker rm -v`, only
volumes specified without a name, e.g. `docker run -v /foo` instead of
`docker run -v awesome:/foo` are removed.

Note that all volumes are named, some are named by the user, some get a
generated name. This is specifically about how the volume was specified
on `run`, assuming that if the user specified it with a name they expect
it to persist after the container is cleaned up.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-01-25 15:51:28 -05:00
Brian Goff
d85b9f8580 Fix loading of containerized plugins
During daemon startup, all containers are registered before any are
started.
During container registration it was calling out to initialize volumes.
If the volume uses a plugin that is running in a container, this will
cause the restart of that container to fail since the plugin is not yet
running.
This also slowed down daemon startup since volume initialization was
happening sequentially, which can be slow (and is flat out slow since
initialization would fail but take 8 seconds for each volume to do it).

This fix holds off on volume initialization until after containers are
restarted and does the initialization in parallel.

The containers that are restarted will have thier volumes initialized
because they are being started. If any of these containers are using a
plugin they will just keep retrying to reach the plugin (up to the
timeout, which is 8seconds) until the container with the plugin is up
and running.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-01-20 12:23:17 -05:00
David Calavera
aab3596397 Remove duplicated lazy volume initialization.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-13 11:22:31 -05:00
David Calavera
907407d0b2 Modify import paths to point to the new engine-api package.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-06 19:48:59 -05:00
Brian Goff
d3eca4451d Move responsibility of ls/inspect to volume driver
Makes `docker volume ls` and `docker volume inspect` ask the volume
drivers rather than only using what is cached locally.

Previously in order to use a volume from an external driver, one would
either have to use `docker volume create` or have a container that is
already using that volume for it to be visible to the other volume
API's.

For keeping uniqueness of volume names in the daemon, names are bound to
a driver on a first come first serve basis. If two drivers have a volume
with the same name, the first one is chosen, and a warning is logged
about the second one.

Adds 2 new methods to the plugin API, `List` and `Get`.
If a plugin does not implement these endpoints, a user will not be able
to find the specified volumes as well requests go through the drivers.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-01-05 16:28:38 -05:00
David Calavera
7ac4232e70 Move Config and HostConfig from runconfig to types/container.
- Make the API client library completely standalone.
- Move windows partition isolation detection to the client, so the
  driver doesn't use external types.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-22 13:34:30 -05:00
Brian Goff
ce0b1841c8 Merge pull request #17034 from rhvgoyal/volume-propagation
Capability to specify per volume mount propagation mode
2015-12-15 12:14:41 -05:00
Vivek Goyal
a2dc4f79f2 Add capability to specify mount propagation per volume
Allow passing mount propagation option shared, slave, or private as volume
property.

For example.
docker run -ti -v /root/mnt-source:/root/mnt-dest:slave fedora bash

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2015-12-14 10:39:53 -05:00
Justas Brazauskas
927b334ebf Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2015-12-13 18:04:12 +02:00
David Calavera
d7d512bb92 Rename Daemon.Get to Daemon.GetContainer.
This is more aligned with `Daemon.GetImage` and less confusing.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-11 12:39:28 -05:00
David Calavera
6bb0d1816a Move Container to its own package.
So other packages don't need to import the daemon package when they
want to use this struct.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-12-03 17:39:49 +01:00
Dan Walsh
b3e527dfd2 This patch adds --tmpfs as a option for mounting tmpfs on directories
It will Tar up contents of child directory onto tmpfs if mounted over

This patch will use the new PreMount and PostMount hooks to "tar"
up the contents of the base image on top of tmpfs mount points.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2015-12-02 10:06:59 -05:00
David Calavera
060f4ae617 Remove the container initializers per platform.
By removing deprecated volume structures, now that windows mount volumes we don't need a initializer per platform.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-18 08:41:46 -05:00
Dan Walsh
d9011b3617 Fix relabel for SELinux
With the changes merged into runc/libcontainer, are now causing
SELinux to attempt a relabel always, even if the user did not
request the relabel.

If the user does not specify Z or z on the volume mount we should
not attempt a relabel.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2015-11-09 14:04:57 -05:00
John Howard
a7e686a779 Windows: Add volume support
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-10-22 10:42:53 -07:00
David Calavera
72bb56618b Move volume ref counting store to a package.
- Add unit tests to make sure the functionality is correct.
- Add FilterByDriver to allow filtering volumes by driver, for future
  `volume ls` filtering and whatnot.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-21 12:46:49 -04:00
Lei Jitang
5746eb9501 Cleanup: remove unnecessary return at the end of block in volumes.go
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-09-21 04:32:37 -04:00
David Calavera
e61abac5fa Merge pull request #16349 from cpuguy83/16302_deprecate_autocreate_binds
deprecate bind path auto-create
2015-09-18 12:53:06 -07:00
Brian Goff
249f45bcfe deprecate bind path auto-create
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-09-18 10:28:38 -04:00
Doug Davis
a283a30fb0 Move api/errors/ to errors/
Per @calavera's suggestion: https://github.com/docker/docker/pull/16355#issuecomment-141139220

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-17 11:54:14 -07:00
Jess Frazelle
828e4ac45a Merge pull request #16355 from duglin/DaemonErrors
Convert some "daemon" static error strings to the new errocode package format
2015-09-17 11:48:37 -07:00
Doug Davis
f7d4b4fe2b Convert some "daemon" static error strings to the new errocode package format
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-16 16:16:42 -07:00
Alexander Morozov
2d21996eec volumes: add synchronization to Count and List
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-15 10:38:53 -07:00
David Calavera
2c6c07752c Remove volume references when container creation fails.
Volumes are accounted when a container is created.
If the creation fails we should remove the reference from the counter.
Do not log ErrVolumeInUse as an error, having other volume references is
not an error.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-14 16:16:46 -04:00