Commit graph

21 commits

Author SHA1 Message Date
Tibor Vass
8ff913e45f vendor runc to fix issue#21808
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-04-12 15:35:04 -04:00
Tibor Vass
a573ab1f81 Merge pull request #21822 from tiborvass/cherry-picks-1.11.0-rc4
Cherry picks 1.11.0 rc4
2016-04-06 20:14:27 -04:00
Tonis Tiigi
cc5c9013d9 Define readonly/mask paths in spec
This vendors in new spec/runc that supports
setting readonly and masked paths in the
configuration. Using this allows us to make an
exception for `—-privileged`.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 3f81b49352)
2016-04-06 18:15:37 -04:00
Sebastiaan van Stijn
38c206f97b bump containerd binary for 1.11.0-rc4
this bumps the containerd binary in the Dockerfiles
for 1.11.0-rc4, to include https://github.com/docker/containerd/pull/184

NOTE: the hack/vendor.sh commit is NOT updated in this
      patch; there's no reason to update containerd there

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-04-06 14:09:37 -07:00
Tonis Tiigi
bab77d4991 Bring back support for DOCKER_RAMDISK
Fixes #21631

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 8a4225cd5a)
2016-03-31 18:35:50 -04:00
Sebastiaan van Stijn
cd062fd3b3 Bump runC to 40f4e7873d88a4f4d12c15d9536bb1e34aa2b7fa
This includes fixes for;

- outputing errors for missing seccomp options on seccomp versions < 2.3
- cap set apply EPERM errors on ARM systems

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 752b31d3fe)
2016-03-31 18:35:21 -04:00
Anusha Ragunathan
f97f3e98fc When using systemd, pass expected cgroupsPath and cli options to runc.
runc expects a systemd cgroupsPath to be in slice:scopePrefix:containerName
format and the "--systemd-cgroup" option to be set. Update docker accordingly.

Fixes 21475

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 7ed3d265a4)
2016-03-31 18:35:03 -04:00
Tonis Tiigi
1987d6e5df Update runc/containerd
Contains fixes for:
- pid.max fix that is causing hang on network stats test.
- fix for early stdin close containerd-shim
- better logging for `could not synchronise with container process`

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 22d997b374)
2016-03-25 13:43:06 -04:00
Tibor Vass
009399dc8e Add docker- prefix to runc and containerd binaries
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-03-23 00:52:16 -04:00
Tonis Tiigi
9c4570a958 Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Justin Cormack
68bda672dc Update statically linked libseccomp to 2.3.0
Fixes #20550

This update to libseccomp supports the new versions of socket
system calls that can be called directly rather than via the
socketcall syscall in kernel versions 4.3 or later with new glibc.

Note this library version now supports s390x and ppc64le, so
seccomp can be potentially be enabled for these architectures now.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2016-03-11 13:01:30 +00:00
Tibor Vass
f27b5dda4a Switch Dockerfile to debian:jessie
Fixes broken-pipe issue when piping s3cmd to grep -q, by removing the -q
flag and redirecting to /dev/null instead.

Add net-tools for ifconfig, because some tests rely on ifconfig.

Harmonize all Dockerfiles in this direction.

Signed-off-by: Tibor Vass <tibor@docker.com>
2016-02-12 21:49:54 -05:00
Jessica Frazelle
9b8d328666
update comment
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2016-02-02 10:03:52 -08:00
Aleksa Sarai
4357ed4a73 *: purge dockerinit from source code
dockerinit has been around for a very long time. It was originally used
as a way for us to do configuration for LXC containers once the
container had started. LXC is no longer supported, and /.dockerinit has
been dead code for quite a while. This removes all code and references
in code to dockerinit.

Signed-off-by: Aleksa Sarai <asarai@suse.com>
2016-01-26 23:47:02 +11:00
David Calavera
db41c5f5a5 Update docker-py commit to the latest HEAD.
To fix issues with IPAM options.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-12 13:19:17 -05:00
Christy Perez
fab75bffb0 Update gcc from 5.2 to 5.3
gcc 5.3 is out, so let's use the new one!

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2015-12-17 13:37:50 -06:00
Christy Perez
8ce5d05492 Add seccomp stuff for gccgo
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2015-12-07 19:40:55 -06:00
Srini Brahmaroutu
50814a2bc0 fix the Dockerfile.gccgo for new dependency
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-12-02 16:44:07 +00:00
unclejack
92756bdcdd Dockerfile: add python-dev to fix Python.h errors
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
2015-11-22 12:32:10 +02:00
David Calavera
3b5fac462d Remove LXC support.
The LXC driver was deprecated in Docker 1.8.
Following the deprecation rules, we can remove a deprecated feature
after two major releases. LXC won't be supported anymore starting on Docker 1.10.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-05 17:09:57 -05:00
Srini Brahmaroutu
2c53643b33 adding a Dockerfile.gccgo to use gccgo compiler instead of go compiler.
temporarily disabling registry builds as crypto package is broken with gccgo.

Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-09-16 18:56:01 +00:00