If we need to raise an error, make sure the internal state is clean, because
a successful driver.Get() may have its internal state changed (eg. counting,
or mounts), while callers will only do that after a succussful Mount().
Signed-off-by: shuai-z <zs.broccoli@gmail.com>
Upstream-commit: 05ff40b07a5857b41e17290e1d7cef516f122d6c
Component: engine
Stable IPs causes some regressions in the way people use Docker, see GH#8493.
Reverting it for 1.3, we'll enable it back for the next release.
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
Upstream-commit: 5b8379a4349105eb387a4b9836bbd1d83ebe6928
Component: engine
Volume refs were not being restored on daemon restart.
This made it possible to remove a volume being used by other containers
after a daemon restart.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 9acf7c765c7e074f6c75eaf162ca06ecfe40d692
Component: engine
Currently if you start the docker -d on a system with 127.0.0.1 in /etc/resolv.conf
It will set the default dns to 8.8.8.8 8.8.4.4 permanently.
This causes a problem at boot on Fedora machines where NetworkManager has not
populated /etc/resolv.conf before docker gets started.
This fix checks /etc/resolv.conf on every docker run. And only populates
daemon.config.Dns if the user specified it on the command line.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 9ced509e6d89d1ab4e0c4b49485be7931b505354
Component: engine
Stable Networking: Keep the same network settings during the entire container lifecycle.
Upstream-commit: d152a93b5f3acbd14e9176169934b83963f3ab61
Component: engine
Add support for pulling signed images from a version 2 registry.
Only official images within the library namespace will be pull from the
new registry and check the build signature.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 7c88e8f13d9f0c68de6da0cd467a541231304dd5
Component: engine
Now that the archive package does not depend on any docker-specific
packages, only those in pkg and vendor, it can be safely moved into pkg.
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: 30d5a42c1f24e26f681b7330249f04fec891aee9
Component: engine
security-opts will allow you to customise the security subsystem.
For example the labeling system like SELinux will run on a container.
--security-opt="label:user:USER" : Set the label user for the container
--security-opt="label:role:ROLE" : Set the label role for the container
--security-opt="label:type:TYPE" : Set the label type for the container
--security-opt="label:level:LEVEL" : Set the label level for the container
--security-opt="label:disabled" : Turn off label confinement for the container
Since we are passing a list of string options instead of a space separated
string of options, I will change function calls to use InitLabels instead of
GenLabels. Genlabels interface is Depracated.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 87e732a0f3503517d7a66804bb9a7f74977347e5
Component: engine
Since RemoveLocalDns patch will remove all localhost entries
from resolv.conf we no longer need anything more then
!bytes.Contains(resolvConf, []byte("nameserver")
To check for no nameserver entry in dns config.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: a297d6ab8c08a13503fd004ec1ad7ee9e23bd22a
Component: engine
We have a bug report complaining about docker dumping the contents of the
hosts resolv.conf if it container 127.0.0.1. They asked that instead
of dropping the file altogether, that we just remove the line.
This patch removes the 127.0.0.1 lines, if they exist and then
checks if any nameserver lines exist.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 65640994fda8e1667de3642d8f4daf76dd3de302
Component: engine
On Fedora and RHEL we ship selinux-enabled flag in the docker.service config,
but if people setup the /var/lib/docker as btrfs and disable SELinux,
we should not block the daemon from running.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6
Component: engine
For the cases where --bip option is used it is sometimes best to disable
IP masquerading as the provided bridge IP range may be routable.
Signed-off-by: Eugene Yakubovich <eugene.yakubovich@coreos.com>
Upstream-commit: 4dc4d56db9797159e2e329845e0b94e3e0f780a0
Component: engine
Some graphdrivers are Differs and type assertions are made
in various places throughout the project. Differ offers some
convenience in generating/applying diffs of filesystem layers
but for most graphdrivers another code path is taken.
This patch brings all of the logic related to filesystem
diffs in one place, and simplifies the implementation of some
common types like Image, Daemon, and Container.
Signed-off-by: Josh Hawn <josh.hawn@docker.com>
Upstream-commit: dee6b481fe0da1d845261ffff2e610fb05898d3c
Component: engine
1. /container/<name>/exec - Creates a new exec command instance in the daemon and container '<name>'. Returns an unique ID for each exec command.
2. /exec/<name>/start - Starts an existing exec command instance. Removes the exec command from the daemon once it completes.
Adding /exec/<name>/resize to resize tty session of an exec command.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Upstream-commit: bfebdfde78753f85d53d62634654de0b80f6872d
Component: engine
Adds support for a --registry-mirror=scheme://<host>[:port]
daemon flag. The flag may be present multiple times. If
provided, mirrors are prepended to the list of endpoints used
for image pull. Note that only mirrors of the public
index.docker.io registry are supported, and image/tag resolution
is still performed via the official index.
Docker-DCO-1.1-Signed-off-by: Tim Smith <timbot@google.com> (github: timbot)
Upstream-commit: 69a75c673ccf0aebf19c7b350243f1b0cefad8be
Component: engine
similar features in the future.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Upstream-commit: 4aa5da278f49c889d43191f82ff42d3a95266d62
Component: engine
This commit fixes following FIXMEs:
// FIXME: rename "delete" to "rm" for consistency with the CLI command
// FIXME: rename ContainerDestroy to ContainerRm for consistency with the CLI command
Signed-off-by: lim seong yeol <seongyeol37@gmail.com>
Upstream-commit: 239e932485c3e0f72a4f88ce1301ebe269eb2e27
Component: engine
