moby/hack/make/run
Albin Kerouanton 68c0cec772
Disable tls when launching dockerd through hack/make.sh
The daemon sleeps for 15 seconds at start up when the API binds to a TCP
socket with no TLS certificate set. That's what the hack/make/run script
does, but it doesn't explicitly disable tls, thus we're experiencing
this annoying delay every time we use this script.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
(cherry picked from commit 6b1b71ced4)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-15 00:58:32 +02:00

96 lines
2 KiB
Bash

#!/usr/bin/env bash
set -e
rm -rf "$DEST"
if ! command -v dockerd &> /dev/null; then
echo >&2 'error: binary-daemon or dynbinary-daemon must be run before run'
false
fi
DOCKER_COMMAND="$(command -v dockerd)"
DOCKER_GRAPHDRIVER=${DOCKER_GRAPHDRIVER:-vfs}
DOCKER_USERLANDPROXY=${DOCKER_USERLANDPROXY:-true}
# example usage: DOCKER_STORAGE_OPTS="dm.basesize=20G,dm.loopdatasize=200G"
storage_params=""
if [ -n "$DOCKER_STORAGE_OPTS" ]; then
IFS=','
for i in ${DOCKER_STORAGE_OPTS}; do
storage_params="--storage-opt $i $storage_params"
done
unset IFS
fi
listen_port=2375
if [ -n "$DOCKER_PORT" ]; then
listen_port="${DOCKER_PORT##*:}"
fi
if [ -n "$DELVE_PORT" ]; then
delve_listen_port="${DELVE_PORT##*:}"
fi
extra_params="$DOCKERD_ARGS"
if [ "$DOCKER_REMAP_ROOT" ]; then
extra_params="$extra_params --userns-remap $DOCKER_REMAP_ROOT"
fi
if [ -n "$DOCKER_EXPERIMENTAL" ]; then
extra_params="$extra_params --experimental"
fi
socket=/var/run/docker.sock
if [ -n "$DOCKER_ROOTLESS" ]; then
user="unprivilegeduser"
uid=$(id -u $user)
# shellcheck disable=SC2174
mkdir -p -m 700 "/tmp/docker-${uid}"
chown $user "/tmp/docker-${uid}"
socket=/tmp/docker-${uid}/docker.sock
fi
# shellcheck disable=SC2206
args=(
--debug
--host="tcp://0.0.0.0:${listen_port}"
--host="unix://${socket}"
--storage-driver="${DOCKER_GRAPHDRIVER}"
--userland-proxy="${DOCKER_USERLANDPROXY}"
--tls=false
$storage_params
$extra_params
)
dockerd=("$DOCKER_COMMAND")
if [ -n "$DELVE_PORT" ]; then
dockerd=(
dlv
--listen="0.0.0.0:$delve_listen_port"
--headless=true
--log
--api-version=2
--only-same-user=false
--check-go-version=false
--accept-multiclient
exec "${dockerd[@]}" --
)
fi
if [ -n "$DOCKER_ROOTLESS" ]; then
dockerd=(
sudo -u "$user"
-E DOCKERD="${dockerd[*]}"
-E XDG_RUNTIME_DIR="/tmp/docker-${uid}"
-E XDG_CONFIG_HOME="/home/${user}/.config"
-E HOME="/home/${user}"
--
dockerd-rootless.sh
)
fi
set -x
# shellcheck disable=SC2086
exec "${dockerd[@]}" "${args[@]}"