Add cgroup support for disable OOM killer.
Signed-off-by: Hu Keping <hukeping@huawei.com>
Upstream-commit: a4a924e1b6c50f0f02460489259d73468a6c282e
Component: engine
This patch modifies the journald log driver to store the container ID in
a field named CONTAINER_ID, rather than (ab)using the MESSAGE_ID field.
Additionally, this adds the CONTAINER_ID_FULL field containing the
complete container ID and CONTAINER_NAME, containing the container name.
When using the journald log driver, this permits you to see log messages
from a particular container like this:
# journalctl CONTAINER_ID=a9238443e193
Example output from "journalctl -o verbose" includes the following:
CONTAINER_ID=27aae7361e67
CONTAINER_ID_FULL=27aae7361e67e2b4d3864280acd2b80e78daf8ec73786d8b68f3afeeaabbd4c4
CONTAINER_NAME=web
Closes: #12864
Signed-off-by: Lars Kellogg-Stedman <lars@redhat.com>
Upstream-commit: 869ecba652294e069874c83591d6f1b469d7cc32
Component: engine
Also re-arranged the description of CTRL-c to make it clearer.
Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
Upstream-commit: 5ad15479a0f3ce804a44a6931b716b0fae22ac6d
Component: engine
Syslog was a heading-2, but should be heading-3;
changed the headings to heading-4 to match the
"network settings" section.
Also changed "Log driver" to "logging driver" for JSON.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: f855d5dde70f1f3e4390e53576a3ca9b5a9db8ba
Component: engine
We now have instructions in our Unix installs about setting up
docker group to avoid sudo. Also, Mac/Windows shouldn't use
sudo. So, I've removed sudo from our examples and added a
section at the top reminding them that if they have to use
sudo to run docker they can change that.
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: a4609a1dfbcfb2fea10aa2be15124e0809528d04
Component: engine
Add ability to refer to an image by repository name and digest using the
format repository@digest. Works for pull, push, run, build, and rmi.
Signed-off-by: Andy Goldstein <agoldste@redhat.com>
Upstream-commit: a2b0c9778feac970524b98ef7a91b5528fdeb9d5
Component: engine
This adds two more tables to the run reference documentation.
- the list of 'modes' for Network settings is now a table.
- the "note" for `--net="host"` was moved from the list to the detailed
description.
- the 'options' for "Runtime constraints on CPU and memory" are
now a table
- slightly re-worded the description for "memory" options, e.g.
"It is not allowed..." was rewriten to "The *container* is not allowed..."
- fix example in "Runtime privilege, Linux capabilities, and LXC configuration"
being indented twice
- slightly reduced indenting in some `usage` output to be better readable.
- fixes a typo `/ets/hosts` -> `/etc/hosts`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 37d856db14280a35bcc4b53009db5a286f1ef9b6
Component: engine
Read `/proc/sys/net/ipv4/ip_local_port_range` kernel parameter to obtain
ephemeral port range that now sets the boundaries of port allocator
which finds free host ports for those exported by containers.
Signed-off-by: Michal Minar <miminar@redhat.com>
Upstream-commit: 0eb3544c43cb8e9488d6bf329ceecc11fa0db6f1
Component: engine
This moves some information on restart-policies from
the "command line" page to "run reference".
Also fixes some minor typos and adds a "NOTE"
about --rm and --restart not allowed to be combined.
Also removes inline CSS styles from tables,
which will be styled by the stylesheet, and fixes
some minor MarkDown errors (`<` -> <)
depends on https://github.com/docker/docs-base/pull/1resolves#11069
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 8833779ae0384f3f9a995f94e42478451107a5ed
Component: engine
The original description has some mistakes and lack of many useful
information, I rewrite them to make it accurate and complete.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: e8dc07dabc962e02876cadfe5f7b508a2453bec1
Component: engine
This modifies the "docker help" text so that it is no wider than 80 chars
and each description fits on one line. This will also try to use ~ when
possible
Added a test to make sure we don't go over 80 chars again.
Added a test to make sure we use ~
Applied rules/tests to all docker commands - not just main help text
Closes#10214
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 2203b37733e76d653cfe3b0ec5870786076adce7
Component: engine
We want to be able to use container without the PID namespace. We basically
want containers that can manage the host os, which I call Super Privileged
Containers. We eventually would like to get to the point where the only
namespace we use is the MNT namespace to bring the Apps userspace with it.
By eliminating the PID namespace we can get better communication between the
host and the clients and potentially tools like strace and gdb become easier
to use. We also see tools like libvirtd running within a container telling
systemd to place a VM in a particular cgroup, we need to have communications of the PID.
I don't see us needing to share PID namespaces between containers, since this
is really what docker exec does.
So currently I see us just needing docker run --pid=host
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 23feaaa240853c0e7f9817f8c2d272dd1c93ac3f
Component: engine
