This makes the "Buffering to disk" part of `docker push` 70% faster in
my use-case (having already applied #12833).
fsync'ing here serves no valuable purpose: if the drive's operation is
interrupted, so it the program's, and this archive has no value other
than the immediate and transient one.
Signed-off-by: Burke Libbey <burke.libbey@shopify.com>
Upstream-commit: 236dbc2e59f5b665f9fa30f3f7ba1fe6c8483b24
Component: engine
The `--userland-proxy` daemon flag makes it possible to rely on hairpin
NAT and additional iptables routes instead of userland proxy for port
publishing and inter-container communication.
Usage of the userland proxy remains the default as hairpin NAT is
unsupported by older kernels.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Upstream-commit: f42348e18f73d1d775d77ac75bc96466aae56d7c
Component: engine
Add cgroup support for disable OOM killer.
Signed-off-by: Hu Keping <hukeping@huawei.com>
Upstream-commit: a4a924e1b6c50f0f02460489259d73468a6c282e
Component: engine
This includes a fix for the minor v2 API change introduced by 341a37095f. 👍
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: b447fef7ecb740bc0f9ece75e10926fc5f121b5c
Component: engine
It was possible that signalHandler won't start because connections is
not assigned.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: a05bcd12c44b4daada51267d89fd9ac53812be02
Component: engine
Make use of iptablesPath variable which has the path of iptables, instea...
Upstream-commit: 5221fd2ba5fbf78ad7a5d4edf039d54ae32141ef
Component: engine
We encountered a situation where concurrent invocations of the docker daemon on a machine with an older version of iptables led to nondeterministic errors related to simultaenous invocations of iptables.
While this is best resolved by upgrading iptables itself, the particular situation would have been avoided if the docker daemon simply took care not to concurrently invoke iptables. Of course, external processes could also cause iptables to fail in this way, but invoking docker in parallel seems like a pretty common case.
Signed-off-by: Aaron Davidson <aaron@databricks.com>
Upstream-commit: c271c61feea7d3ea3fcbb3af9f0d9c1f641a8d82
Component: engine
Add tests on:
- changes.go
- archive.go
- wrap.go
Should fix#11603 as the coverage is now 81.2% on the ``pkg/archive``
package. There is still room for improvement though :).
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: c21d408ad24cf8e2b5bd761d562fae7e3ae1bc54
Component: engine
If memory cgroup is mounted, memory limit is always supported,
no need to check if these files are exist.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: 667b1e220cf82fb77fd776426a4b712ae5fee0ae
Component: engine
And warning is not supposed to have a prefix WARNING.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: f3dc35169780e1555b4116986649b729cb80b5d1
Component: engine
Deferred reove functionality was added to library later. So in old version
of library it did not report deferred_remove field.
Create a new function which also gets deferred_remove field and it will be
called only on newer version of library.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Upstream-commit: 4986ce7cfbe74610d4fa2c4e79ceefe49c1aa155
Component: engine
If a device has been scheduled for deferred deactivation and container
is started again and we need to activate device again, we need to cancel
the deferred deactivation which is already scheduled on the device.
Create a method for the same.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Upstream-commit: 20b38f427aa05186bd09c8c4201dcc95ed56aa46
Component: engine
A lot of time device mapper devices leak across mount namespace which docker
does not know about and when docker tries to deactivate/delete device,
operation fails as device is open in some mount namespace.
Create a mechanism where one can defer the device deactivation/deletion
so that docker operation does not fail and device automatically goes
away when last reference to it is dropped.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Upstream-commit: 6964ab94befd8723585556e560219e0eef48a488
Component: engine
