Classify blobs into three categories based on size.
Use a very limited number of mount attempts and no existence check for
small blobs. Use more attempts for bigger blobs.
Also remember blob associations during layer existence check.
Blob digests are now checked in the target repository from newest to
latest. If the blob exists and the metadata entry does not, it will be
created. If the blob is not found, the metadata entry will be removed.
Signed-off-by: Michal Minář <miminar@redhat.com>
Upstream-commit: 81f7b1f1e50252e9fdd52111f0899d59f19ecb87
Component: engine
Don't fallback back immediately to blob upload if the cross-repo mount
fails and layer upload is initiated by registry.
Instead cancel the upload and re-try cross-repo mount from different
source repository before doing full re-upload.
Signed-off-by: Michal Minář <miminar@redhat.com>
Upstream-commit: c6dd51c32cfccc06e77b4f7cb2358f788753df72
Component: engine
to avoid unnecessary blob re-uploads.
Cross repository mount from particular repo will most probably fail if
the user pushing to the registry is not the same as the one who pulled
or pushed to the source repo.
This PR attempts first to cross-repo mount from the source repositories
associated with the pusher's auth config. Then it falls back to other
repositories sorted from the most similar to the target repo to the
least.
It also prevents metadata deletion in cases where cross-repo mount fails
and the auth config hashes differ.
Signed-off-by: Michal Minář <miminar@redhat.com>
Upstream-commit: 0928f3f2e3eda75a295b651d27f9dd992fd951a4
Component: engine
Writing the profile to /etc/apparmor.d, while also manually loading it
into the kernel results in quite a bit of confusion. In addition, it
means that people using apparmor but have /etc mounted read-only cannot
use apparmor at all on a Docker host.
Fix this by writing the profile to a temporary directory and deleting it
after it's been inserted.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: 2f7596aaef3a9f8ec1f2d0937462d9263bee8b6b
Component: engine
Triaging issues has become a little challenging since the meat
of the information is below a large amount of unstructured
command line output. These changes add a description and move
the reproduction and expected/received results above the
unstructured output.
This should help for initial triaging, as well as self-triaging.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: be3bc483c684be2b5e84914695372aa1b5054ada
Component: engine
When the `-t` flag is passed on exec make sure to add the TERM env var
to mirror the expected configuration from run.
Fixes#9299
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 4633f15f13d51530de2438c298a1084c55e4fedf
Component: engine
… taken from the old engine-api project.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: a00106f9a5cf58cced011c93e98fbe1d7f65c4e7
Component: engine
The indexing of steps in the output of `docker build` starts with `Step 1`.
However, there are several places in the docs that start with `Step 0`.
This fix addresses the issue and changes `Step 0` to `Step 1` (and subsequent steps).
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 256dbe4b752ba1fde88e6fad76e3a6b08e4a8816
Component: engine
The "Stream details" sections are currently a part of the Status codes list.
This change moves them out to the same level as other surrounding sections.
Use () for a paramaters
Remove query param from end point heading
Signed-off-by: Matt Hoyle <matt@deployable.co>
Upstream-commit: e0a552504e64192946c86d3bdd517ae7b3af348f
Component: engine
- So that swarm init will still work w/o specifying the advertise
address when the daemon is running inside a container
Signed-off-by: Alessandro Boch <aboch@docker.com>
Upstream-commit: c0b24c600e30656144522f85b053f015525022da
Component: engine
