Fixes an issue where a client can send a large body but specifiy
application/json as the content-type, and cause Docker to consume lots
of RAM while trying to buffer the body so it can be dumped to the debug
log.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 89af3835d483fe758f301aa8f3b1062a0ab712fb
Component: engine
This fixes Bash 3.x compatibility (where associative arrays are not available).
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: 5c161f4e1a7e25abedefb6d40dfe7f355077773a
Component: engine
- Removed the isNodeAlive protection when user forces an endpoint delete
- Bridge driver supporting internal network option
- Backend implementation to support "force" option to network disconnect
- Fixing a regex in etchosts package to fixdocker/docker#19080
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 537089481fd9f6859d851a76b67a4f80e0e3691e
Component: engine
Fixes: #19278
The issue seems existed since we add support for OomKillDisable,
OomKillDisable support should not be hard request, we just
discard it if not support and move on.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: 7b616d4743c94f8be3eb59f8c23ed7a19fb2786d
Component: engine
Rather than using 2 different functions for different
types of conflicts use a bitmask to specify what
conflicts need to be checked. This allows a better way
to make exceptions.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 883be4893049aa97cb874d239cf6b06325fc74f2
Component: engine
Do not untag image if it would later get a hard conflict because of running containers.
Fixes#18873
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 38a45eed8850a15d2f737ce7455f29c5ae53ab49
Component: engine
This brings in the container-local alias functionality for containers
connected to u ser-defined networks.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: e221b8a3d64c13178e156fc3ece5e9894dac1603
Component: engine
When pulling an image with content trust enabled, two references are
created: a digest reference and a tag reference. Deleting by tag
wouldn't actually remove the image, because the digest reference keeps
it alive.
This change modifies the rmi logic so that digest references don't keep
an image alive. If the last tag referencing a given image is deleted,
any digest references to it will be removed as well, so the image can
actually get deleted. This fixes the usability problem with deletions
when content trust is in use, so something like "docker pull busybox;
docker rmi busybox" will work as expected.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 2f048f73e122ab90b8f35a088b4be52bd255caad
Component: engine
To fix issues with IPAM options.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: db41c5f5a5fe78aaf851f1c652661ab32e77c788
Component: engine
It's like `MemorySwappiness`, the default value has specific
meaning (default false means enable oom kill).
We need to change it to pointer so we can update it after
container is created.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
(cherry picked from commit 9c2ea42329179c589f5a8991ccf0253eb10fc897)
Conflicts:
vendor/src/github.com/docker/engine-api/types/container/host_config.go
Upstream-commit: f4a687334b1d026c84809fd005e1a82225d1c86f
Component: engine
Let that for a future flag.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 0627bf1a8383ef18146f6a4caa4e212353b1158f
Component: engine
- In case --fixed-cidr-v6 is specified and docker0 bridge already
has a global scope IPv6 address belonging to that v6 network
(likely from a previous daemon instance), to maintain consistency
with what done for the docker0 IPv4 address, daemon has to pass it
down to libnetwork in the IPAMConfig as network gateway to make
sure that the address is not given to some container.
Signed-off-by: Alessandro Boch <aboch@docker.com>
Upstream-commit: cfa3682ca4e04f4311bc9b1c6186069c9d4f5a90
Component: engine
This allows to define clearly what is mutable or not in a container
and remove the use of the internal HostConfig struct to be used.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: a4f6920731c6af27a7e89c3da8d0e6fd309de90a
Component: engine
Remove the experimental docs for user namespaces and add similar content
to the `docker daemon` command documentation.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: cc63db4fd19f99372a84cc97a87a023fa9193734
Component: engine
This prevents strange errors and clarifies which namespace options are
incompatible with user namespaces (at this time).
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: d5743a3a5c0864686a300b1fe5f58b89a36bb2f6
Component: engine
