p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,460 Commits 2 Branches 295 Tags
3dcdf3e0d6cc582909b3efa24eaca2da5cb95700
Commit Graph

71 Commits

Author SHA1 Message Date
Michael Crosby
3dcdf3e0d6 Improve logging for nsinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 9cb4573d33607bc32e7db19981b3e9d5eaf449a0
Component: engine
 2014-02-24 18:38:36 -08:00
Michael Crosby
f6bf4c8510 Rename namespace driver to docker 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 77f68f74c7e6fc977fb2681c7ee60ac652be983e
Component: engine
 2014-02-24 16:42:30 -08:00
Michael Crosby
b697db52c8 Fix restore container by nspid 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 9f03fd76b578f2d9d00b0a1bd76b776e20a7d681
Component: engine
 2014-02-24 16:35:11 -08:00
Michael Crosby
471c8027da Fix get pids for nsinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 9bf6cb2692a9b14cac559b4b9c9403e7f6f13ecd
Component: engine
 2014-02-24 16:26:06 -08:00
Michael Crosby
aef5af9f3c Cgroups allow devices for privileged containers 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: a76407ac61dd57429a1350f840c323f45a97b27f
Component: engine
 2014-02-24 15:47:23 -08:00
Michael Crosby
57d4919fc6 Fix kill signals and rootfs path for pid 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: a6e5e1851197ccc262c61190d5904dd410293466
Component: engine
 2014-02-24 14:35:27 -08:00
Michael Crosby
4c203f5a85 Add info for driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: cfd188e9251f5047e4fd677fe8f2921ae28b8bcc
Component: engine
 2014-02-24 14:11:09 -08:00
Michael Crosby
07cc777e62 Fix tests with dockerinit lookup path 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 01f9815b55742654b2f35d13c3aba6a9e48634c7
Component: engine
 2014-02-24 13:40:17 -08:00
Michael Crosby
54e2291890 Compile nsinit into docker for use with dockerinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 8f20058307cb30c9697b8dbee1c7bf2b1e0ba766
Component: engine
 2014-02-24 12:21:13 -08:00
Michael Crosby
0b2fdfff35 Fix tty copy for driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 172260a49be6c3516edc6869d58957e844f9c69b
Component: engine
 2014-02-22 01:28:59 -08:00
Michael Crosby
0c8ed4441e Refactor driver to use Exec function from nsini 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: fac41af25bd5f42269424a788783a4280dd7fc9c
Component: engine
 2014-02-22 01:21:26 -08:00
Michael Crosby
4fbf234237 Initial commit of libcontainer running docker 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 2419e63d243255ef38f16799ffdc64084aa18fe4
Component: engine
 2014-02-21 17:23:49 -08:00
Michael Crosby
28cc135001 Move current tty and pipe impl to lxc driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: aac702727ea02b3974a2848748b0713ac583fc84
Component: engine
 2014-02-21 13:27:34 -08:00
Michael Crosby
a3562ba47c Add CloseWriters back and do an interface cast 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 8e2284aaa2364a8e47a8058e65d60813f9cd5089
Component: engine
 2014-02-21 12:52:18 -08:00
Michael Crosby
b0992a0e99 Move term creation into driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 592c2f6f9a472bda227a03c819f73b8edc7c3320
Component: engine
 2014-02-21 12:42:37 -08:00
Michael Crosby
a808fdbf65 Change Console to Terminal 
Move creation and attach to driver
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 1e742876988546efb876f67f83de6737ee5e9cf6
Component: engine
 2014-02-21 12:32:14 -08:00
Michael Crosby
9de10592bc Move console into execdriver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 8c783c1c1336d8f2d1b08b9cbd8e2298d066750c
Component: engine
 2014-02-21 11:47:53 -08:00
Michael Crosby
a7d9996138 Cleanup some statements from exec driver work 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 9e3da87a3a6fea21194ceb9dbd30a39d043a48a4
Component: engine
 2014-02-14 17:28:50 -08:00
Guillaume J. Charmes
3dbd63bc33 Mount-bind the PTY as container console - allow for tmux/screen to run 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
Upstream-commit: 408ea0771a9cb3046b8e484dcfefe5233fcbb27a
Component: engine
 2014-02-13 17:23:09 -08:00
Michael Crosby
750f4cb5c2 Merge pull request #4059 from alexlarsson/no-netadmin-caps 
lxc: Drop NET_ADMIN capability in non-privileged containers
Upstream-commit: 3c215ba41005f225a07ebc8806216acdb746c671
Component: engine
 2014-02-11 14:20:34 -05:00
Alexander Larsson
96a42d5055 lxc: Drop NET_ADMIN capability in non-privileged containers 
With this capability set the container can e.g. change the ip address
of his devices to that of another container on the docker0 bridge. In
a quick test I was able to listen to a port on a different ip than the
one docker assigned me, but was not able to hijack an open port
redirection that another container had open. Maybe its possible with
some more knowledge of networking though.

Anyway, network setup is meant to be handled by docker, not the apps,
so I believe denying this is generally in the spirit of docker, and
it closes down potential security issues.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 02fddffd51da782f912e2709ea814c330269515b
Component: engine
 2014-02-11 11:17:34 +01:00
Victor Vieux
3665663666 Merge pull request #3524 from tianon/supplementary-groups 
Add supplementary groups lookup in sysinit
Upstream-commit: 2dcb48af0fa9bba2fb47b08dd2c9747acf09ea44
Component: engine
 2014-02-10 14:42:14 -08:00
Victor Vieux
79c6233460 Merge pull request #3871 from jdef/patch-1 
Update lxc_template.go
Upstream-commit: 036900a63adf9621c4e0f4c162f89da2f4171453
Component: engine
 2014-02-10 14:38:39 -08:00
Guillaume J. Charmes
29b4f1c123 Remove panic in lxc driver. 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
Upstream-commit: 7c06d5e34e2ebf5006ce3a34438f18c071153e97
Component: engine
 2014-02-07 19:09:52 -08:00
James DeFelice
c7f0c458df Update lxc_template.go 
If networking is disabled, but then pipework is used later to add nics, the network still doesn't function. Using flags=up for empty networking fixes this.
Docker-DCO-1.1-Signed-off-by: James DeFelice <james.defelice@ishisystems.com> (github: jdef)
Upstream-commit: 17c124baf6a0f3725615b22aa52ca96ac5b95326
Component: engine
 2014-02-03 16:14:15 -05:00
Tianon Gravi
1ed42315f3 Move UserLookup functionality into a separate pkg/user submodule that implements proper parsing of /etc/passwd and /etc/group, and use that to add support for "docker run -u user:group" and for getting supplementary groups (if ":group" is not specified) 
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: ee93f6185be3ae73c16cf41ae397bae3ce2f6c55
Component: engine
 2014-01-31 20:15:24 -07:00
Victor Vieux
df82456ed9 Merge pull request #3857 from creack/remove_darwin_files 
Remove all darwin specific files and use more generic _unsupported with build tags.
Upstream-commit: 523341d994265b9f72e4869f0fd094fd15f1b480
Component: engine
 2014-01-31 11:48:10 -08:00
Michael Crosby
db540896bd Merge pull request #3844 from clkao/lxc-kill-deprecation 
Use lxc-stop -k instead of lxc-kill
Upstream-commit: f267938fb8db682eb34a9c221a1b8c2288995206
Component: engine
 2014-01-31 10:57:40 -08:00
Tianon Gravi
e8f6d5eb59 Update/fix build tags, Dockerfile, and release.sh for proper building and releasing of linux/386 and linux/arm cross-compiled client binaries 
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: 065dd231dd7d7858df982a8decfade9df936cf63
Component: engine
 2014-01-31 03:16:42 -07:00
Guillaume J. Charmes
185286d85e Remove all darwin specific files and use more generic _unsupported with build tags. 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
Upstream-commit: 45dd051e8ee2e0e18d8ffec99f65878c20bd11e9
Component: engine
 2014-01-30 23:10:56 +00:00
Victor Vieux
38ee88c4ce fix TestExitCode 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
Upstream-commit: 720f64af1855235b6f518ad97dbb89eb61191222
Component: engine
 2014-01-30 22:59:21 +00:00
Chia-liang Kao
113400b4e9 Use lxc-stop -k when lxc-kill is not found 
lxc-kill was removed in lxc/lxc@33ddfc2

Docker-DCO-1.1-Signed-off-by: Chia-liang Kao <clkao@clkao.org> (github: clkao)
Upstream-commit: b111fc364611d755ac791c5c51c82c5754fe545b
Component: engine
 2014-01-31 03:22:22 +08:00
Michael Crosby
87c7be2925 Merge pull request #3808 from alexlarsson/execdriver-get-pids-for-container 
execdriver: Make GetPidsForContainer() a driver call
Upstream-commit: c00cb1aca15c4dea4198c4e488a986fa6ad9636c
Component: engine
 2014-01-29 10:38:10 -08:00
Alexander Larsson
494e7dcbd4 exexdriver: Make Command.GetExitCode an internal call 
This code only works for backends that directly spawn the child
via the Command. It will not work for the libvirt backend. So
we move this code into the individual backends that need it.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 9ad70528b723810d98e77368458408e85eebdfee
Component: engine
 2014-01-28 19:20:35 +01:00
Alexander Larsson
4729a480ab execdriver: Make GetPidsForContainer() a driver call 
The current implementation is lxc specific.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 335bc39c9a5abfdbd07914ae1b8667a9d8590a6e
Component: engine
 2014-01-28 16:21:49 +01:00
Victor Vieux
225e97e755 Merge pull request #3724 from creack/extract-lxc-phase-2 
Refactor process to command
Upstream-commit: 0dd856ee7f636c82e9420ebbd9e2d0b3aeea5136
Component: engine
 2014-01-23 15:28:45 -08:00
Michael Crosby
b038ed039d Compile driver interface changes 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: ba8ca598625215499713a9b65001164b672e69ab
Component: engine
 2014-01-22 14:05:01 -08:00
Guillaume J. Charmes
3467e8dad5 Populate Command self cointainer (toward Restore()) 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
Upstream-commit: 75e0357d691499b20dc903b702bc44c444f85005
Component: engine
 2014-01-22 14:04:55 -08:00
Alexander Larsson
62292fd956 Fix handling of shared roots 
If rootIsShared() is detected we apply the shell stuff to early, before
the real command and arguments are added to the parameters. This
means they get passed on to unshare rather than docker-init, breaking
docker on e.g. fedora like:

goroutine 1 [running]:
runtime.panic(0x678340, 0x9b3fd7)
	/usr/lib64/golang/src/pkg/runtime/panic.c:266 +0xb6
github.com/dotcloud/docker/execdriver/lxc.func·001(0xc21000a1b0, 0xc21001eab0, 0x7fff24715faf)
	/home/alex/vcs/go/src/github.com/dotcloud/docker/execdriver/lxc/driver.go:41 +0x525
github.com/dotcloud/docker/sysinit.executeProgram(0xc21000a1b0, 0xc21000a1b0, 0xa)
	/home/alex/vcs/go/src/github.com/dotcloud/docker/sysinit/sysinit.go:34 +0xca
github.com/dotcloud/docker/sysinit.SysInit()
	/home/alex/vcs/go/src/github.com/dotcloud/docker/sysinit/sysinit.go:88 +0x791
main.main()
	/home/alex/vcs/go/src/github.com/dotcloud/docker/dockerinit/dockerinit.go:14 +0x1a

The fix is to construct the full params array before escaping it.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 08ab55419549374742bc879261f1d55b19af7265
Component: engine
 2014-01-21 10:22:13 +01:00
Guillaume J. Charmes
5b95959a09 Rename Process to Command 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
Upstream-commit: 12468f2bc8a72a6bedfd681084863ea95b48713b
Component: engine
 2014-01-20 16:05:07 -08:00
Paul Nasrat
5de2521000 Don't expose cgroups via the execdriver API. 
Use Resources to represent container limits rather than a cgroup specific field.

Docker-DCO-1.1-Signed-off-by: Paul Nasrat <pnasrat@gmail.com> (github: pnasrat)
Upstream-commit: 71c1646ba33da9b2567ad7a2f4cda0433c9718dd
Component: engine
 2014-01-20 17:06:24 -05:00
Paul Nasrat
c8d1294225 Extract cgroups pkg. 
Initial move before enhancing cgroups package.

Docker-DCO-1.1-Signed-off-by: Paul Nasrat <pnasrat@gmail.com> (github: pnasrat)
Upstream-commit: 2553029959929184696e25ebdba4631ba7aeb8a6
Component: engine
 2014-01-20 14:15:44 -05:00
Paul Nasrat
20e6d0be01 Extract mount into pkg. 
Mount is self contained and generic, it should be in pkg, to allow other pkg modules to use it.

Docker-DCO-1.1-Signed-off-by: Paul Nasrat <pnasrat@gmail.com> (github: pnasrat)
Upstream-commit: 2e094db6390dde57263c07665290b1477bb6df7e
Component: engine
 2014-01-20 13:59:29 -05:00
Michael Crosby
ce11258e8e Fix rebase for init error 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: d5112ffce60625e470515578ccd446a191dd9e88
Component: engine
 2014-01-17 17:42:58 -08:00
Michael Crosby
95062bc2c2 Add todos for driver changes 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 5c30c4379af20b3cbd2d20cc9f0ccb6f04ac63ab
Component: engine
 2014-01-17 17:42:58 -08:00
Michael Crosby
96611d5300 Make sure drivers are registerd within sysinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 97c84507054a7379c8f8b461773b9c8d4972902b
Component: engine
 2014-01-17 17:42:58 -08:00
Michael Crosby
3a041a0663 Change drvier name to append version 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: cdfebc2a20e76d4ea81eb154b748e0547a7e7ab5
Component: engine
 2014-01-17 17:42:58 -08:00
Michael Crosby
8771a3eaee Move lxc template into lxc driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: 70a5cb95b31c7596886b7f94d292444654b9af8d
Component: engine
 2014-01-17 17:42:58 -08:00
Michael Crosby
d65bec8d4a Small fixes to type names 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Upstream-commit: ca8dd73fbfa7aca0768278ff1ff9671f80c48138
Component: engine
 2014-01-17 17:42:22 -08:00
Guillaume J. Charmes
ae872300fb Cleanup + add Info to driver in order to have specific IsRunning() 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)

Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: crosbymichael)
Upstream-commit: 889b4b10ae3ec1d6e7879c30860aafd7674cb576
Component: engine
 2014-01-17 17:42:22 -08:00