This pulls together #6061 and #6125
Docker-DCO-1.1-Signed-off-by: Chris Alfonso <calfonso@redhat.com> (github: calfonso)
Upstream-commit: 26246ebd5379a83b2ed656668bd985c652e98167
Component: engine
This patch adds pause/unpause to the command line, api, and drivers
for use on containers. This is implemented using the cgroups/freeze
utility in libcontainer and lxc freeze/unfreeze.
Co-Authored-By: Eric Windisch <ewindisch@docker.com>
Co-Authored-By: Chris Alfonso <calfonso@redhat.com>
Docker-DCO-1.1-Signed-off-by: Ian Main <imain@redhat.com> (github: imain)
Upstream-commit: b054569cde788b2111ddbc4080b215dcda89f06e
Component: engine
Move duplicated FS "magic" values to the graphdriver package so they can be shared
Upstream-commit: dccf3362041b4c8f450428f34ec7b4d365b2feaa
Component: engine
This only works if the file or dir is already created in
the image before setting it to be a volume. There is no way around this
because we don't have the data avaliable to set the volume at the
beginning of the dockerfile
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: f41ced96af9dba56dd368e213e6e83fd02b85b03
Component: engine
This is a fix for a race condition in the LXC driver. This is described
more in issue #6092.
Closes#6092
Docker-DCO-1.1-Signed-off-by: Shane Canon <scanon@lbl.gov> (github: scanon)
Upstream-commit: f9705477d023c63fb316a30204761aa1e3cb3e6d
Component: engine
This also makes sure that devices are pointers to avoid copies
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 69989b7c06b0ca6737e83ddf8fcfa2dfccc57a7c
Component: engine
We now have one place that keeps track of (most) devices that are allowed and created within the container. That place is pkg/libcontainer/devices/devices.go
This fixes several inconsistencies between which devices were created in the lxc backend and the native backend. It also fixes inconsistencies between wich devices were created and which were allowed. For example, /dev/full was being created but it was not allowed within the cgroup. It also declares the file modes and permissions of the default devices, rather than copying them from the host. This is in line with docker's philosphy of not being host dependent.
Docker-DCO-1.1-Signed-off-by: Timothy Hobbs <timothyhobbs@seznam.cz> (github: https://github.com/timthelion)
Upstream-commit: 608702b98064a4dfd70b5ff0bd6fb45d2429f45b
Component: engine
There are two cases where we can't use a graphdriver:
1) the graphdriver itself isn't supported by the system
2) the graphdriver is supported by some configuration/prerequisites are
missing
This introduces a new error for the 2) case and uses it when trying to
run docker with btrfs backend on a non-btrfs filesystem.
Docker-DCO-1.1-Signed-off-by: Johannes 'fish' Ziemke <github@freigeist.org> (github: discordianfish)
Upstream-commit: 75754e69f6cce80c34ebc72817ada0a807fd635a
Component: engine
We don't need ordered set anymore, also some cleanings and simple
benchmark.
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
Upstream-commit: ef94ac7d2fd42a09c99567b0393fb48b9d782a9e
Component: engine
This patch fixes the incorrect handling of paths which contain a
symlink as a path component when copying data from a container.
Essentially, this patch changes the container.Copy() method to
first "resolve" the resource by resolving all of symlinks encountered
in the path relative to the container's rootfs (using pkg/symlink).
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
Upstream-commit: 328d2cba116067a2ad0f161b9ee098ed024825b3
Component: engine
Fixes#2586
This fixes a few races where the name generator asks if a name is free
but another container takes the name before it can be reserved. This
solves this by generating the name and setting it. If the set fails
with a non unique error then we try again.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 6ec86cb6e517bfb5ded818244b9db9510a2ed0b9
Component: engine
Currently we are leaving it bind mounted on stop.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: a3ff8a98f770ae35103e3ce3c4221c00b4efcb7f
Component: engine
There is no reason to do discard durink mkfs, as the filesystem
is on a newly allocated device anyway. Discard is a slow operation,
so this may help initial startup a bit, especially if you use a larger
thin pool.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 42708181b1976a768428568e664c566717ade8c4
Component: engine
