This fixes IP masquerading on systems with reject rules at the end of
the POSTROUTING table, by inserting the rule at the beginning of the
table instead of adding it at the end.
Docker-DCO-1.1-Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> (github: jpoimboe)
Upstream-commit: cc382ec62848855f6fe7302fe7a37ac62af35a9c
Component: engine
contrib: systemd: make socket-activation Restart same as the main service file
Upstream-commit: ab50985ac944bc6ae427b6331908ad0441ab364d
Component: engine
Do as was done to f09a78cd219b24d4308034c8dd13410cfe5fbec7 in the
socket-activation example.
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: 4dab34c2045b7bcc735227867126f0796cbb09c1
Component: engine
Add a few small tweaks to mkimage-debootstrap, especially to help with lucid
Upstream-commit: e1b210bee95b894c21f74f1df0efdfe0d6e93c56
Component: engine
Docker-DCO-1.1-Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com> (github: lsm5)
systemd service no longer does '/bin/mount/ --make-rprivate /'.
Core issue fixed by Alex Larsson (commit 157d99a).
ip forwarding enabled.
Upstream-commit: f09a78cd219b24d4308034c8dd13410cfe5fbec7
Component: engine
Now that docker sets /proc/sys/net/ipv4/ip_forward by default, remove
the step to enable it in the installation docs.
Docker-DCO-1.1-Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> (github: jpoimboe)
Upstream-commit: aeb2f479fa1c063867475a610ddbfe4f8883dfda
Component: engine
Now that docker sets /proc/sys/net/ipv4/ip_forward by default (unless
the user manually specifies "-ip-forward=false"), there's no need to
warn if its disabled.
Docker-DCO-1.1-Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> (github: jpoimboe)
Upstream-commit: ef6c0d53410c0be6f33d049e7998b54804497350
Component: engine
Allow publicly mapped ports to be made public beyond the host. This is
needed for distros like Fedora and RHEL which have a reject all rule at
the end of their FORWARD table.
Docker-DCO-1.1-Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> (github: jpoimboe)
Upstream-commit: db250f709ad5bcee313710d34e0b6ef02abdc326
Component: engine
This code only works for backends that directly spawn the child
via the Command. It will not work for the libvirt backend. So
we move this code into the individual backends that need it.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 9ad70528b723810d98e77368458408e85eebdfee
Component: engine
The current implementation is lxc specific.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 335bc39c9a5abfdbd07914ae1b8667a9d8590a6e
Component: engine
I was getting the following error:
```
$ bundles/0.7.6-dev/binary/docker-0.7.6-dev run -rm -v=/var/run:/foo base echo hi
hi
2014/01/28 14:24:46 Error: container_delete: No such id: run
```
This commit makes the true origin of the error clearer. Issue #3806 is
tracking the cause of the error.
Docker-DCO-1.1-Signed-off-by: Peter Waller <p@pwaller.net> (github: pwaller)
Upstream-commit: 70c1781e073287a0b012ce94ea1b233fd6628dfa
Component: engine
Use this Listeners() API that was exposed to save a few more lines of
boiler plate code.
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: def09526066001eefe16dbc6475b93bc1a9af0a2
Component: engine
tests now work in the Docker tree with
`go test github.com/coreos/go-systemd/activation`
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: f82d1291cc850b39d872d022feac6b9eb7773d64
Component: engine
I noticed that travis was failing, go fmt to make it happy.
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: 1603039a7150e0510853efc9a9733ef64508dbb0
Component: engine
Docker does this now via 157d99a72786c454dfaad8b0800914cc80879aa8
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: 1f44921c51883e923ed82ed4e30eca6f79702cfb
Component: engine
as suggested by SvenDowideit expand the docs to have more information on
socket activation.
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: 4a90f00ab7ec9e534c97611dbbdc412ed5966602
Component: engine
This adds the ability to socket activate docker by passing in
`-H fd://*` along with examples systemd configuration files.
The fastest way to test this is to run:
```
/usr/lib/systemd/systemd-activate -l 127.0.0.1:2001 /usr/bin/docker -d -H 'fd://*'
docker -H tcp://127.0.0.1:2001 ps
```
Docker-DCO-1.1-Signed-off-by: Brandon Philips <brandon.philips@coreos.com> (github: philips)
Upstream-commit: 87fb2c973d8f9a8a1868ab0c2da504095d04715b
Component: engine
Update Dockerfile to be based on 13.10 instead of 12.04, add linux-libc-dev dep, remove s3cmd backports nonsense
Upstream-commit: eaca205942d861e28957f7c3e1bbf690af8197d4
Component: engine
In addition, we've now hard-coded LXC version 0.8 compiled from source so that we can have the most stable dev environment possible.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: 94566b748e69a57cf88ef4acbe18ecbe76bb2f54
Component: engine
