876978baea
Add shm size cap to mount
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: b07708c8de5561a43060653d4d532ee0bcd6fd96
Component: engine
2014-03-04 14:18:40 -08:00
d5fd498efb
Remove /dev tmpfs mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 57a47f5bbfe6c82f3cce32aba96fb641f7188eee
Component: engine
2014-03-04 13:21:22 -08:00
26eb6d1e5d
remove /run mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: c74a8b28cd723d6f12a54da16ff91a853958da5c
Component: engine
2014-03-04 12:32:17 -08:00
37e0bed312
Remove loopback mount bind
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 39d58129c38e8bb868a6fd9a5620837484f6d742
Component: engine
2014-03-04 12:30:52 -08:00
96a447ef42
Merge pull request #4452 from crosbymichael/small-fixes-to-libcontainer
...
Add find tests and remove panic in DEBUG
Upstream-commit: b63709c1f1292c362dbc3d482520fb7e117605f9
Component: engine
2014-03-04 14:37:41 -05:00
98c6278357
Add find tests and remove panic in DEBUG
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 7e52445f2f749ac66ee7734820d3558012833912
Component: engine
2014-03-04 08:55:12 -08:00
a4a84bcafe
libcontainer: Use pivot_root instead of chroot
...
Instead of keeping all the old mounts in the container namespace and
just using subtree as root we pivot_root so that the actual root in
the namespace is the root we want, and then we unmount the previous
mounts.
This has multiple advantages:
* The namespace mount tree is smaller (in the kernel)
* If you break out of the chroot you could previously access the host
filesystem. Now the host filesystem is fully invisible to the namespace.
* We get rid of all unrelated mounts from the parent namespace, which means
we don't hog these. This is important if we later switch to MS_PRIVATE instead
of MS_SLAVE as otherwise these mounts would be impossible to unmount from the
parent namespace.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com > (github: alexlarsson)
Upstream-commit: 5b5c884cc8266d0c2a56da0bc2df14cc9d5d85e8
Component: engine
2014-03-04 12:44:08 +01:00
71633326e7
very minor spelling
...
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au > (github: SvenDowideit)
Upstream-commit: 2e71adac9f2935abaf17741a440497e7e31388e2
Component: engine
2014-03-04 10:12:12 +10:00
e09257e20a
Factor out finalize namespace
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 5465fdf00f3ece165cbd3bb680dcc571e81510dd
Component: engine
2014-03-03 12:15:47 -08:00
11719ff90c
Update readme to remove .nspid
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 2f35f8e2a88a378d7ff8eacf5346f9711a59489a
Component: engine
2014-03-03 11:31:37 -08:00
49fbe66f4f
Allow child process to live if daemon dies
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: fdeea90fc806d8d2cccdc76a6ecb214dd03093ec
Component: engine
2014-02-27 09:33:36 -08:00
02cbc6e6b4
Code review updates
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: fb08b8b221a9a722910d63db678ffb5a8f91b517
Component: engine
2014-02-26 19:21:46 -08:00
21edb8542e
Ensure that loopback devices are mounted inside the conatiner
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 7cd224594733e5fa0560cb912e3cf2dcef168370
Component: engine
2014-02-26 17:21:09 -08:00
3258d9a2a3
Make network a slice to support multiple types
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 70820b69ec2b82ab150af9b8829e37843f67f75a
Component: engine
2014-02-26 14:20:41 -08:00
9248431c6a
Fix cross compile for make cross
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 93ed15075c43d521f05f4b8f96264efb7fe174e4
Component: engine
2014-02-25 15:19:13 -08:00
0cd1a2f6a4
Move container.json and pid file into a root specific driver dir
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 96e33a7646b3669632f48ed1071aeb61b8016be1
Component: engine
2014-02-25 12:41:31 -08:00
a70a6bdd53
Better capability/namespace management
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 91bf120c51dec3bae98a1974929e2ae8107340c0
Component: engine
2014-02-24 21:52:29 -08:00
0460b2181f
Refactor and improve libcontainer and driver
...
Remove logging for now because it is complicating things
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: f8453cd0499a51f5d3ffd2c2a6012972aef7f69f
Component: engine
2014-02-24 21:11:52 -08:00
3dcdf3e0d6
Improve logging for nsinit
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 9cb4573d33607bc32e7db19981b3e9d5eaf449a0
Component: engine
2014-02-24 18:38:36 -08:00
aef5af9f3c
Cgroups allow devices for privileged containers
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: a76407ac61dd57429a1350f840c323f45a97b27f
Component: engine
2014-02-24 15:47:23 -08:00
3e4914e9af
Honor user passed on container in nsinit
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 1c79b747bb10a389249aba90ad217ca0128afb74
Component: engine
2014-02-24 13:52:56 -08:00
07cc777e62
Fix tests with dockerinit lookup path
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 01f9815b55742654b2f35d13c3aba6a9e48634c7
Component: engine
2014-02-24 13:40:17 -08:00
0c8ed4441e
Refactor driver to use Exec function from nsini
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: fac41af25bd5f42269424a788783a4280dd7fc9c
Component: engine
2014-02-22 01:21:26 -08:00
db3809fb13
Abstract out diff implementations for importing
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: ae423a036e6f884572491b1ff5ef8a626b1592aa
Component: engine
2014-02-22 00:29:21 -08:00
5daf4091ff
Add syncpipe for passing context
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 2412656ef54cb4df36df2f8122e1fda24ec8e8a4
Component: engine
2014-02-21 22:58:30 -08:00
3e12f802f5
Refactor exec method
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: dd59f7fb286f2abff6cee2699e62fff564425149
Component: engine
2014-02-21 22:37:09 -08:00
5eca2c008a
Refactor network creation and initialization into strategies
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 5a4069f3aacd0dc30ee7c5dd97f0dc9a6e416f35
Component: engine
2014-02-21 22:26:07 -08:00
7b25c9e59d
Export functions of nsinit
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 9876e5b8901199bad2ab424593131d574b582bf9
Component: engine
2014-02-21 21:14:21 -08:00
4fbf234237
Initial commit of libcontainer running docker
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 2419e63d243255ef38f16799ffdc64084aa18fe4
Component: engine
2014-02-21 17:23:49 -08:00
dd4492ebc4
Pass tty master to Exec
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 332755b99d345a8ffbf4fb636ca8fed604a233c0
Component: engine
2014-02-21 16:40:32 -08:00
e38028e81a
Pass pipes into Exec function
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: c8fd81c27821576f339ccf4fd85c47375ba34042
Component: engine
2014-02-21 16:28:43 -08:00
e210f44a11
Use lookup path for init
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: a352ecb01a788eff3446fe12191ca0434fce1eed
Component: engine
2014-02-21 16:17:18 -08:00
eb2bb513c8
User os.Args[0] as name to reexec
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: ba025cb75cceaa8536d0d512889ea86f13349950
Component: engine
2014-02-21 15:32:50 -08:00
2c3593d92d
Add good logging support to both sides
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 50c752fcb06497e9e597049a1007c53d77032d17
Component: engine
2014-02-21 14:56:17 -08:00
8be796c4b1
Move tty into container.json
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 7f247e7006761ac8922a58651a76b194a4655ffa
Component: engine
2014-02-21 14:56:17 -08:00
71f9b20db7
Refactor the flag management for main
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 6b2e963ce0aef802e60eafe0e895f24abb294a07
Component: engine
2014-02-21 14:56:17 -08:00
3ec79ee252
Make nsinit a proper go pkg and add the main in another dir
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 1316007e54e0c5a25f0d67675df7dec40286f5e8
Component: engine
2014-02-21 14:56:17 -08:00
a4597085bf
Make sure to close the pipe upon ctrl-d
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 66baa0653b636180b8b5c57c58f4bbc805aca8c5
Component: engine
2014-02-21 14:56:17 -08:00
24e3f599c0
Handle non-tty mode
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 1a4fb0921919720ab379bc82b7508580057770ee
Component: engine
2014-02-21 14:56:17 -08:00
961a3fcf13
Minor cleanup
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 83dfdd1d9587a7335bbf3a4656572baefae4f28d
Component: engine
2014-02-21 14:56:17 -08:00
60d018051a
Use a custom pipe instead of stdin for sync net namespace
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 8dec4adcb3fd905eb05f07678fa7f5bb47d8242f
Component: engine
2014-02-21 14:56:16 -08:00
ee2c282f60
Use flag for init
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: b519d3ea5a50ad7c15d576a89ec9846c4fc123fa
Component: engine
2014-02-21 14:56:16 -08:00
3b343c063f
Move rest of cgroups functions into cgroups pkg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 7020e208c70dfca5ebc97d699553e4bf1c6ab0bb
Component: engine
2014-02-21 14:56:16 -08:00
9aba82e1b2
Change IP to address because it includes the subnet
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 3cb698125da7b55a7d7ec43b33858f35844a6143
Component: engine
2014-02-21 14:56:16 -08:00
680db4b285
Refactory cgroups into general pkg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: c44258630575f70231b11fb55bc4edc3fb677cab
Component: engine
2014-02-21 14:56:16 -08:00
dc9b9ecbcc
Remove clone_vfork
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: f00f37413826e31e9eb87096b67c609fdfa457b9
Component: engine
2014-02-21 14:56:16 -08:00
02c5334532
Revert "WIP for setup kmsg"
...
This reverts commit 80db9a918337c4ae80ffa9a001da13bd24e848c8.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 5f84738ef139f696e339afb8280eb74917f2167c
Component: engine
2014-02-21 14:56:16 -08:00
d2ac05db40
libcontainer: Initial version of cgroups support
...
This is a minimal version of raw cgroup support for libcontainer.
It has only enough for what docker needs, and it has no support
for systemd yet.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com > (github: alexlarsson)
Upstream-commit: 664fc54e65ebc14ca9dd5bfc55e3dfe1796e51c8
Component: engine
2014-02-21 14:56:16 -08:00
f93f48e322
WIP for setup kmsg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: f0b4dd6e5883a65dc23121934b6eed7e70ac2515
Component: engine
2014-02-21 14:56:16 -08:00
99ce69e4d5
Remove privileged.json config
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: e133d895a6934e650f64f391f9f26b29b0379457
Component: engine
2014-02-21 14:56:16 -08:00
