docker-cli

Author	SHA1	Message	Date
Michael Crosby	842270ca38	Send sigterm to child instead of sigkill Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 39037a91f85a4a072e5aa7e585d8c2f6b211df8a Component: engine	2014-03-14 15:42:05 -07:00
Alexander Larsson	746b307c72	Move all bind-mounts in the container inside the namespace This moves the bind mounts like /.dockerinit, /etc/hostname, volumes, etc into the container namespace, by setting them up using lxc. This is useful to avoid littering the global namespace with a lot of mounts that are internal to each container and are not generally needed on the outside. In particular, it seems that having a lot of mounts is problematic wrt scaling to a lot of containers on systems where the root filesystem is mounted --rshared. Note that the "private" option is only supported by the native driver, as lxc doesn't support setting this. This is not a huge problem, but it does mean that some mounts are unnecessarily shared inside the container if you're using the lxc driver. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson) Upstream-commit: 6c266c4b42eeabe2d433a994753d86637fe52a0b Component: engine	2014-03-13 20:01:29 +01:00
Michael Crosby	957f74b876	Add env var to toggle pivot root or ms_move Use the DOCKER_RAMDISK env var to tell the native driver not to use a pivot root when setting up the rootfs of a container. Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 36dd124b16a76704a88142fa96bb4bb6260dd821 Component: engine	2014-03-06 19:30:52 -08:00
Michael Crosby	c896586b70	Ensure that native containers die with the parent Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: ea9bce8724303656c87c05e9049272258c9827b3 Component: engine	2014-03-06 16:30:56 -08:00
Michael Crosby	936f96cce5	Remove the ghosts and kill everything Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 772ef99d2816b629d084e11fe7fba5953687b620 Component: engine	2014-03-06 15:30:26 -08:00
Guillaume J. Charmes	9f58f80f28	Use CGO for apparmor profile switch Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack) Upstream-commit: f0f833c6d795fc8b3fb4bb379f9916745f5c7ac9 Component: engine	2014-03-06 11:10:58 -08:00
Michael Crosby	53277b63e3	Some cleanup around logs Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 37f137c8221be07943babeb9b107e5aee9a736d5 Component: engine	2014-03-05 13:50:49 -08:00
Guillaume J. Charmes	c1e434e543	Add AppArmor support to native driver + change pipe/dup logic Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack) Upstream-commit: cb4189a292dc181e26e0506a3a0dc67936c5401b Component: engine	2014-03-05 13:08:24 -08:00
Michael Crosby	e09257e20a	Factor out finalize namespace Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 5465fdf00f3ece165cbd3bb680dcc571e81510dd Component: engine	2014-03-03 12:15:47 -08:00
Michael Crosby	49fbe66f4f	Allow child process to live if daemon dies Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: fdeea90fc806d8d2cccdc76a6ecb214dd03093ec Component: engine	2014-02-27 09:33:36 -08:00
Michael Crosby	3258d9a2a3	Make network a slice to support multiple types Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 70820b69ec2b82ab150af9b8829e37843f67f75a Component: engine	2014-02-26 14:20:41 -08:00
Michael Crosby	0460b2181f	Refactor and improve libcontainer and driver Remove logging for now because it is complicating things Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: f8453cd0499a51f5d3ffd2c2a6012972aef7f69f Component: engine	2014-02-24 21:11:52 -08:00
Michael Crosby	3dcdf3e0d6	Improve logging for nsinit Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 9cb4573d33607bc32e7db19981b3e9d5eaf449a0 Component: engine	2014-02-24 18:38:36 -08:00
Michael Crosby	aef5af9f3c	Cgroups allow devices for privileged containers Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: a76407ac61dd57429a1350f840c323f45a97b27f Component: engine	2014-02-24 15:47:23 -08:00
Michael Crosby	3e4914e9af	Honor user passed on container in nsinit Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 1c79b747bb10a389249aba90ad217ca0128afb74 Component: engine	2014-02-24 13:52:56 -08:00
Michael Crosby	5daf4091ff	Add syncpipe for passing context Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 2412656ef54cb4df36df2f8122e1fda24ec8e8a4 Component: engine	2014-02-21 22:58:30 -08:00
Michael Crosby	5eca2c008a	Refactor network creation and initialization into strategies Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 5a4069f3aacd0dc30ee7c5dd97f0dc9a6e416f35 Component: engine	2014-02-21 22:26:07 -08:00
Michael Crosby	e210f44a11	Use lookup path for init Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: a352ecb01a788eff3446fe12191ca0434fce1eed Component: engine	2014-02-21 16:17:18 -08:00
Michael Crosby	2c3593d92d	Add good logging support to both sides Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 50c752fcb06497e9e597049a1007c53d77032d17 Component: engine	2014-02-21 14:56:17 -08:00
Michael Crosby	71f9b20db7	Refactor the flag management for main Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 6b2e963ce0aef802e60eafe0e895f24abb294a07 Component: engine	2014-02-21 14:56:17 -08:00
Michael Crosby	3ec79ee252	Make nsinit a proper go pkg and add the main in another dir Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 1316007e54e0c5a25f0d67675df7dec40286f5e8 Component: engine	2014-02-21 14:56:17 -08:00
Guillaume J. Charmes	24e3f599c0	Handle non-tty mode Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack) Upstream-commit: 1a4fb0921919720ab379bc82b7508580057770ee Component: engine	2014-02-21 14:56:17 -08:00
Guillaume J. Charmes	60d018051a	Use a custom pipe instead of stdin for sync net namespace Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack) Upstream-commit: 8dec4adcb3fd905eb05f07678fa7f5bb47d8242f Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	9aba82e1b2	Change IP to address because it includes the subnet Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 3cb698125da7b55a7d7ec43b33858f35844a6143 Component: engine	2014-02-21 14:56:16 -08:00
Alexander Larsson	d2ac05db40	libcontainer: Initial version of cgroups support This is a minimal version of raw cgroup support for libcontainer. It has only enough for what docker needs, and it has no support for systemd yet. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson) Upstream-commit: 664fc54e65ebc14ca9dd5bfc55e3dfe1796e51c8 Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	4441df6975	Add comments to many functions Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 70593be139647cdedca0130250626ea6e0b8a277 Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	e501c61ed3	Refactor to remove cmd from container Pass the container's command via args Remove execin function and just look for an existing nspid file to join the namespace Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: d84feb8fe5e40838c81321249189f1f0a02825bb Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	ec270e1bfb	Refactor large funcs Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 5d62916c48cb97320b37640592805d97badfd8ff Component: engine	2014-02-21 14:56:16 -08:00
Guillaume J. Charmes	92c44382e1	OSX compilation Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@dotcloud.com> (github: creack) Upstream-commit: f3c48ec584707a9acaf9d79c2e161dadf1d2c99b Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	3c99ad7033	General cleanup of libcontainer Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 61a119220d88d20bb1cca111e9c8ba7cdb45d4f6 Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	10d46be0ea	Add dynamic veth name Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 5428964400ece4cd79cc5d482307df5e8913469f Component: engine	2014-02-21 14:56:16 -08:00
Michael Crosby	3f67fdb8ed	Implement init veth creation Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 34671f20103fb975fed31a03705e04bc65aed239 Component: engine	2014-02-21 14:56:15 -08:00
Michael Crosby	05ed3c19b6	Simplify namespaces with only nsinit Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael) Upstream-commit: 7bc3c012507edcfc5e8ab8523b240ac2bb03fe19 Component: engine	2014-02-21 14:56:15 -08:00

33 Commits