Since there are other users of pkg/listeners, it doesn't make sense to
contain Docker-specific semantics and warnings inside it. To that end,
move the scary warning about -tlsverify and the libnetwork port
allocation code to CmdDaemon (where they belong). This helps massively
reduce the dependency tree for users of pkg/listeners.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
@nwt noticed that the media type specified in the config section of a
schema2 manifest is application/octet-stream, instead of the correct
value application/vnd.docker.container.image.v1+json.
This brings in https://github.com/docker/distribution/pull/1622 to fix
this.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This change supports the importing of layers that contain utility VM
images. This is necessary to support Hyper-V containers running on a
non-centrally-managed image.
Signed-off-by: John Starks <jostarks@microsoft.com>
This improves getting the source for the binaries that are compiled on
the system so that they can be copied into the bundles output.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
If aufs is already modprobe'd but we are in a user namespace, the
aufs driver will happily load but then get eperm when it actually tries
to do something. So detect that condition.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This makes separating middlewares from the core api easier.
As an example, the authorization middleware is moved to
it's own package.
Initialize all static middlewares when the server is created, reducing
allocations every time a route is wrapper with the middlewares.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Currently if you restart docker daemon, all the containers with restart
policy `on-failure` regardless of its `RestartCount` will be started,
this will make daemon cost more extra time for restart.
This commit will stop these containers to do unnecessary start on
daemon's restart.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
This fix tries to fix the issue in #21848 where `docker stats` will not correctly
display the container stats in case the container reuse another container's
network stack.
The issue is that when `stats` is performed, the daemon will check for container
network setting's `SandboxID`. Unfortunately, for containers that reuse another
container's network stack (`NetworkMode.IsConnected()`), SandboxID is not assigned.
Therefore, the daemon thinks the id is invalid and remote API will never return.
This fix tries to resolve the SandboxID by iterating through connected containers
and identify the appropriate SandboxID.
A test case for `stats` remote API has been added to check if `stats` will return
within the timeout.
This fix fixes#21848.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This fix tries to fix the incorrect request json body for
`/containers/create` in remote API docs.
When using the example json request for `/containers/create`, there are two
errors:
(1). `invalid character '"' after object key:value pair`
This is because a `,` is missing after `"Volumes": {}`
This issue exists in v1.20-v1.24
(2). `Invalid --security-opt: ""`
This is becasue in `"SecurityOpt": [""]` line, an empty string
`""` is passed yet `""` is not a valid `SecurityOpt`. Either no string,
or a valid string (e.g., "no-new-privileges") could be used.
This issue exists in v1.15-v1.24
This fix updates the docs and correct the above two issues.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Tibor Vass
Lei Jitang
Brian Goff
Aaron Lehmann
Alexander Morozov
David Calavera
John Howard
Phil Estes
Rodolfo Carvalho
Vincent Demeester
Aleksa Sarai
John Starks
Tianon Gravi
Michael Crosby
Serge Hallyn
Shishir Mahajan
Sebastiaan van Stijn
Akihiro Suda
Mihai Borobocea
Steve Durrheimer
Zhang Wei
Yong Tang
Santhosh Manohar
allencloud