Also, plugin information in docker info output.
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
Upstream-commit: aa7fd884e609d3d13df628600a1799e0e76444e9
Component: engine
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Upstream-commit: 52021ac2a4f2b32a6ad7444b182b569c616e500e
Component: engine
This change will allow us to run SELinux in a container with
BTRFS back end. We continue to work on fixing the kernel/BTRFS
but this change will allow SELinux Security separation on BTRFS.
It basically relabels the content on container creation.
Just relabling -init directory in BTRFS use case. Everything looks like it
works. I don't believe tar/achive stores the SELinux labels, so we are good
as far as docker commit.
Tested Speed on startup with BTRFS on top of loopback directory. BTRFS
not on loopback should get even better perfomance on startup time. The
more inodes inside of the container image will increase the relabel time.
This patch will give people who care more about security the option of
runnin BTRFS with SELinux. Those who don't want to take the slow down
can disable SELinux either in individual containers or for all containers
by continuing to disable SELinux in the daemon.
Without relabel:
> time docker run --security-opt label:disable fedora echo test
test
real 0m0.918s
user 0m0.009s
sys 0m0.026s
With Relabel
test
real 0m1.942s
user 0m0.007s
sys 0m0.030s
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Upstream-commit: 1716d497a420f0cd4e53a99535704c6d215e38c7
Component: engine
The docker run commands in these tests uses the -m flag,
so the tests should require that it's supported to run.
Fixes 17215 (maybe)
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
Upstream-commit: e86b79fcccb23040feea079652fd9a7bf3458f1d
Component: engine
- Logic is broken when gateway ip falls in ip-range
and ip-range is not the first block in the network
Signed-off-by: Alessandro Boch <aboch@docker.com>
Upstream-commit: c7cd65962448888ceb1cec6a355fc7fd04f3be53
Component: engine
Closes#17781
This allows for env vars in EXPOSE to be parsed for spaces so that each
"word" is then treated independently instead of as a single word/arg.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 6990f8c6162b5b05118ab54f155eb5d86c85f2d4
Component: engine
- Add a *version* file placeholder.
- Update autogen and builds to use it and an autogen build flag
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 8054a303870b81eebe05e38261c1b68197b68558
Component: engine
So we don't print those <no value> in the client and we don't fail
executing inspect templates with API field names.
Make sure those fields are initialized as empty slices when
a container is loaded from disk and their values are nil.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: f1a74a89f89affcfbe311e89aa752b3d551e0340
Component: engine
Container has private network namespace can not to connect to host
and container with host network can not be disconnected from host.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: a2d8c93fc690c2244a3bed32a2bbeb8dae449f90
Component: engine
Since --exec-driver flag has been removed, we don't need environment
DOCKER_EXECDRIVER in integration-cli and Makefile any more.
Signed-off-by: Lei Jitang <leijiang@huawei.com>
Upstream-commit: 3c4dab51d33f6e90c45de83c01474bc60aee3766
Component: engine
This patch adds the ability to run `docker stats` w/o arguments and get
statistics for all running containers by default. Also add a new
`--all` flag to list statistics for all containers (like `docker ps`).
New running containers are added to the list as they show up also.
Add integration tests for this new behavior.
Docs updated accordingly. Fix missing stuff in man/commandline
reference for `docker stats`.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Upstream-commit: ae818a820f49a9bd7ea8b753f124747fc548e501
Component: engine
