Граф коммитов

57 Коммитов

Автор SHA1 Сообщение Дата
Sebastiaan van Stijn a082f80832 Merge pull request #18736 from WeiZhang555/tiny-lock
Break big lock into some tiny locks for containerStart
2016-01-09 00:35:26 +01:00
David Calavera 907407d0b2 Modify import paths to point to the new engine-api package.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-01-06 19:48:59 -05:00
David Calavera 9d12d09300 Add volume events.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-30 17:39:33 -05:00
Derek McGowan d8e090669e Fix race condition between container register and mount
When a container is created it is registered before the mount is created. This can lead to mount does not exist errors when inspecting between create and mount.

Fixes #18753

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-12-23 11:20:51 -08:00
Zhang Wei 1326f0cba5 Break big lock into some tiny locks
Don't involve code waiting for blocking channel in locked critical
section because it has potential risk of hanging forever.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-12-23 13:23:23 +08:00
David Calavera 7ac4232e70 Move Config and HostConfig from runconfig to types/container.
- Make the API client library completely standalone.
- Move windows partition isolation detection to the client, so the
  driver doesn't use external types.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-22 13:34:30 -05:00
Phil Estes 1ca6690b4f Merge pull request #18561 from hqhq/hq_adapt_at_start
Adapt container settings when start
2015-12-18 11:07:43 -05:00
Tibor Vass c70f8b3c9c builder: remove container package dependency
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-12-15 17:24:07 +01:00
Qiang Huang f408b4f463 Adapt container settings when start
`adaptContainerSettings` is growing up, new it's only called
when create. It'll be a problem that old containers will never
have chance to adapt the latest rule. `HostConfig` of these
containers will be obsoleted.

Add this calling to start to avoid problems like #18550 and
avoid such backward compatability in the future.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-12-15 08:42:26 +08:00
Antonio Murdaca 241f6d7107 Merge pull request #18592 from hqhq/hq_fix_start
Add lock for container update
2015-12-12 12:17:18 +01:00
David Calavera d7d512bb92 Rename `Daemon.Get` to `Daemon.GetContainer`.
This is more aligned with `Daemon.GetImage` and less confusing.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-11 12:39:28 -05:00
Qiang Huang 464eefd795 Add lock for container update
Container needs to be locked when updating the fields, and
this PR also remove the redundant `parseSecurityOpt` since
it'll be done in `setHostConfig`.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-12-11 10:33:13 +08:00
David Calavera 6bb0d1816a Move Container to its own package.
So other packages don't need to import the daemon package when they
want to use this struct.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-12-03 17:39:49 +01:00
Brian Goff f411b101ac Merge pull request #18285 from hqhq/hq_fix_swappiness
Set default MemorySwappiness when adapt
2015-12-02 14:25:08 -05:00
Dan Walsh b3e527dfd2 This patch adds --tmpfs as a option for mounting tmpfs on directories
It will Tar up contents of child directory onto tmpfs if mounted over

This patch will use the new PreMount and PostMount hooks to "tar"
up the contents of the base image on top of tmpfs mount points.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2015-12-02 10:06:59 -05:00
Qiang Huang 4089b4e440 Set default MemorySwappiness when adapt
It makes the inspect result consistent between cli and REST api
when MemorySwappiness is not set.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-12-02 10:53:52 +08:00
David Calavera d7117a1b71 Make sure container start doesn't make the DNS fields nil.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-30 22:46:31 -05:00
David Calavera 9ca2e4e81c Move exec store to its own package inside the daemon.
Remove double reference between containers and exec configurations by
keeping only the container id.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-20 17:40:16 -05:00
Alexander Morozov 4dda67b801 Merge pull request #16452 from rhatdan/btrfs-selinux
Relabel BTRFS Content on container Creation
2015-11-17 11:03:40 -08:00
John Howard 8da449055f Windows: Fix regresion on first boot
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-11-14 11:06:19 -08:00
Dan Walsh 1716d497a4 Relabel BTRFS Content on container Creation
This change will allow us to run SELinux in a container with
BTRFS back end.  We continue to work on fixing the kernel/BTRFS
but this change will allow SELinux Security separation on BTRFS.

It basically relabels the content on container creation.

Just relabling -init directory in BTRFS use case. Everything looks like it
works. I don't believe tar/achive stores the SELinux labels, so we are good
as far as docker commit.

Tested Speed on startup with BTRFS on top of loopback directory. BTRFS
not on loopback should get even better perfomance on startup time.  The
more inodes inside of the container image will increase the relabel time.

This patch will give people who care more about security the option of
runnin BTRFS with SELinux.  Those who don't want to take the slow down
can disable SELinux either in individual containers or for all containers
by continuing to disable SELinux in the daemon.

Without relabel:

> time docker run --security-opt label:disable fedora echo test
test

real    0m0.918s
user    0m0.009s
sys    0m0.026s

With Relabel

test

real    0m1.942s
user    0m0.007s
sys    0m0.030s

Signed-off-by: Dan Walsh <dwalsh@redhat.com>

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2015-11-11 14:49:27 -05:00
Sally O'Malley 41de7a18d8 Change 'docker run' exit codes to distinguish docker/contained errors
The purpose of this PR is for users to distinguish Docker errors from
contained command errors.
This PR modifies 'docker run' exit codes to follow the chroot standard
for exit codes.
Exit status:
125 if 'docker run' itself fails
126 if contained command cannot be invoked
127 if contained command cannot be found
the exit status otherwise

Signed-off-by: Sally O'Malley <somalley@redhat.com>
2015-11-04 15:18:50 -05:00
David Calavera 63efc12070 Remove further references to the daemon within containers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:28:54 -05:00
David Calavera 669949d6b4 Decouple daemon and container to manage networks.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:48 -05:00
David Calavera 019c337b93 Decouple daemon and container to cleanup containers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:48 -05:00
David Calavera ca5ede2d0a Decouple daemon and container to log events.
Create a supervisor interface to let the container monitor to emit events.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:48 -05:00
David Calavera 3a49765046 Decouple daemon and container to mount and unmount filesystems.
Side effects:
- Decouple daemon and container to start containers.
- Decouple daemon and container to copy files.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-11-04 12:27:47 -05:00
Tibor Vass b08f071e18 Revert "Merge pull request #16228 from duglin/ContextualizeEvents"
Although having a request ID available throughout the codebase is very
valuable, the impact of requiring a Context as an argument to every
function in the codepath of an API request, is too significant and was
not properly understood at the time of the review.

Furthermore, mixing API-layer code with non-API-layer code makes the
latter usable only by API-layer code (one that has a notion of Context).

This reverts commit de41640435, reversing
changes made to 7daeecd42d.

Signed-off-by: Tibor Vass <tibor@docker.com>

Conflicts:
	api/server/container.go
	builder/internals.go
	daemon/container_unix.go
	daemon/create.go
2015-09-29 14:26:51 -04:00
Doug Davis 26b1064967 Add context.RequestID to event stream
This PR adds a "request ID" to each event generated, the 'docker events'
stream now looks like this:

```
2015-09-10T15:02:50.000000000-07:00 [reqid: c01e3534ddca] de7c5d4ca927253cf4e978ee9c4545161e406e9b5a14617efb52c658b249174a: (from ubuntu) create
```
Note the `[reqID: c01e3534ddca]` part, that's new.

Each HTTP request will generate its own unique ID. So, if you do a
`docker build` you'll see a series of events all with the same reqID.
This allow for log processing tools to determine which events are all related
to the same http request.

I didn't propigate the context to all possible funcs in the daemon,
I decided to just do the ones that needed it in order to get the reqID
into the events. I'd like to have people review this direction first, and
if we're ok with it then I'll make sure we're consistent about when
we pass around the context - IOW, make sure that all funcs at the same level
have a context passed in even if they don't call the log funcs - this will
ensure we're consistent w/o passing it around for all calls unnecessarily.

ping @icecrime @calavera @crosbymichael

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-24 11:56:37 -07:00
Doug Davis a283a30fb0 Move api/errors/ to errors/
Per @calavera's suggestion: https://github.com/docker/docker/pull/16355#issuecomment-141139220

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-17 11:54:14 -07:00
Doug Davis f7d4b4fe2b Convert some "daemon" static error strings to the new errocode package format
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-09-16 16:16:42 -07:00
Morgan Bauer abd72d4008
golint fixes for daemon/ package
- some method names were changed to have a 'Locking' suffix, as the
 downcased versions already existed, and the existing functions simply
 had locks around the already downcased version.
 - deleting unused functions
 - package comment
 - magic numbers replaced by golang constants
 - comments all over

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
2015-08-27 22:07:42 -07:00
Veres Lajos 5146232723 typofix - https://github.com/vlajos/misspell_fixer
Signed-off-by: Veres Lajos <vlajos@gmail.com>
2015-08-07 23:25:49 +01:00
Antonio Murdaca 4177b0bae0 Add hostConfig check before starting a container
It may happen that host system settings are changed while the daemon is running.
This will cause errors at libcontainer level when starting a container with a
particular hostConfig (e.g. hostConfig with memory swappiness but the memory
cgroup was umounted).
This patch adds an hostConfig check on container start to prevent the daemon
from even calling libcontainer with the wrong configuration as we're already
doing on container's creation).

Signed-off-by: Antonio Murdaca <runcom@linux.com>
(cherry picked from commit 0d2628cdf19783106ae8723f51fae0a7c7f361c6)
2015-08-06 15:46:10 -07:00
John Howard 39ad38ccf9 Windows: hostconfig on start
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-16 15:33:13 -07:00
Lei Jitang b37832e353 Add verify config to verifyContainerSettings
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-06-13 09:31:19 +08:00
Lei Jitang 67552fb22d Cleanup: remove some useless code and change verifyHostConfig to verifyContainerSetting
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-06-08 09:06:58 +08:00
Doug Davis 8232312c1e Cleanup container LogEvent calls
Move some calls to container.LogEvent down lower so that there's
less of a chance of them being missed. Also add a few more events
that appear to have been missed.

Added testcases for new events: commit, copy, resize, attach, rename, top

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-01 12:39:28 -07:00
Ma Shimiao dde0cc78bd Move setHostConfig to daemon file
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2015-04-23 10:23:02 +08:00
Srini Brahmaroutu 1a35b16b08 Port test from integration tests
Addresses #12255
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-04-20 17:57:53 +00:00
David Calavera 767df67e31 Decode container configurations into typed structures.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-04-15 10:22:07 -07:00
David Calavera 610c436e07 Remove engine.Job from Start action.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-04-14 15:33:12 -07:00
Antonio Murdaca c79b9bab54 Remove engine.Status and replace it with standard go error
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-03-25 22:32:08 +01:00
Matthew Mayer 08d75bc450 Squashed commit of the following:
commit d379f7645026001ce57fd6421c819f6c7df77964
Author: Matthew Mayer <matthewkmayer@gmail.com>
Date:   Mon Mar 23 22:13:06 2015 -0700

    Removes unused imports.

    Signed-off-by: Matthew Mayer <matthewkmayer@gmail.com>

commit 6e1f77c7f1566c8719087d88fbe06bade122691c
Author: Matthew Mayer <matthewkmayer@gmail.com>
Date:   Mon Mar 23 20:41:16 2015 -0700

    Removes bind dir creation in daemon start.

    Signed-off-by: Matthew Mayer <matthewkmayer@gmail.com>

Signed-off-by: Matthew Mayer <matthewkmayer@gmail.com>
2015-03-24 14:56:45 -07:00
Michal Minar 210ab030bc Format error by value
- Use `%v` verb to format errors.
- Give `param` constant in portallocator some better name.

Signed-off-by: Michal Minar <miminar@redhat.com>
2015-03-16 12:05:53 +01:00
Brian Goff 3f39050637 Allow setting ulimits for containers
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-02-25 19:37:43 -05:00
Andrew C. Bodine d25a65375c Closes #9311 Handles container id/name collisions against daemon functionalities according to #8069
Signed-off-by: Andrew C. Bodine <acbodine@us.ibm.com>
2015-01-21 17:11:31 -08:00
Brian Goff 811b138f7e Fix call to nil stat
Fixes #10242

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-01-21 14:25:35 -05:00
Jessica Frazelle 02246d2d9f Error should show when trying to start a paused container.
Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
2015-01-14 16:49:08 -08:00
Alexandr Morozov 862952c8d4 Fix race condition between parseSecurityOpt and container.Mount
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-12-11 17:22:59 -08:00