Unfortunately, combining a job as CTO and maintaining
Docker is too much to combine, so David asked to be
moved to the alumni section.
Thanks for all the awesome work on Docker!
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This fix tries to improve error messages when IP address
autodetection fails, as is specified in 25141.
Previously, error messages only indicate that multiple IPs
exist when autodetection fails. In this fix, if one
interface consists of multiple addresses or multiple
interfaces consist of addresses, the error messages output
the address names and interface names so that end user could
take notice.
This fix is verified manually.
When multiple addresses exist on multiple interfaces:
```
$ sudo docker swarm init
Error response from daemon: could not choose an IP address
to advertise since this system has multiple addresses on different
interfaces (192.168.186.128 on ens33 and 192.168.100.199 on eth10)
- specify one with --advertise-addr
```
When multiple addresses exist on single interface:
```
$ sudo docker swarm init
Error response from daemon: could not choose an IP address
to advertise since this system has multiple addresses
on interface ens33 (192.168.186.128 and 192.168.55.199)
- specify one with --advertise-addr
```
This fix fixes 25141.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Since 24237 has been merged, it is not necessary to require network
for swarm integration tests (`integration-cli/docker_api_swarm_test.go`)
any more.
This fix removes testRequires(c, Network) from swarm integration
tests.
This fix could be verified by disable networking, and all related
tests pass.
This fix is related to 24547, 24490, 24237.
This fix fixes 24547.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Using the environment variable here also has the advantage that it can be copied and pasted directly in a terminal and it will work.
Signed-off-by: David Lechner <david@lechnology.com>
On Ubuntu and Debian there is a sysctl which allows to block
clone(CLONE_NEWUSER) via "sysctl kernel.unprivileged_userns_clone=0"
for unprivileged users that do not have CAP_SYS_ADMIN.
See: https://lists.ubuntu.com/archives/kernel-team/2016-January/067926.html
The DockerSuite.TestRunSeccompUnconfinedCloneUserns testcase fails if
"kernel.unprivileged_userns_clone" is set to 0:
docker_cli_run_unix_test.go:1040:
c.Fatalf("expected clone userns with --security-opt seccomp=unconfined
to succeed, got %s: %v", out, err)
... Error: expected clone userns with --security-opt seccomp=unconfined
to succeed, got clone failed: Operation not permitted
: exit status 1
So add a check and skip the testcase if kernel.unprivileged_userns_clone is 0.
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
A kernel may support any of these, but an admin may have unmounted
certain cgroups, so let's include that possibility in the error so
as to avoid users thinking they have a kernel issue.
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
Michael Crosby
Sebastiaan van Stijn
Brian Goff
Vincent Demeester
Sebastiaan van Stijn
Yong Tang
allencloud
David Lechner
Charles Smith
Tibor Vass
John Howard
Alexander Morozov
Tibor Vass
Michael Holzheu
Christy Perez
Yanqiang Miao
Steve Durrheimer
Akihiro Suda