Set the PATH to what appears to be the standard on latest Ubuntu (18.04)
and Debian (9), fixing the following two issues:
1. PATH did not contain /bin (leading to ContainerTop/ps not working
on newer distros, among the other things).
2. $PATH can't be specified in Environment directives in .service files.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Upstream-commit: 62d9a0d1253049a2fab10f938542a8e09dd0804a
Component: packaging
devicemapper cannot be enabled on a statically compiled binary so we
dynamically compile it on a rhel based distribution in order to enable
devicemapper usage.
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 7cb8d358947974abae3e3c346b09523904030609)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: c80ac56dfa393c405c2cd33af94ad6ac1366ece2
Component: packaging
iptables is sometimes placed in `/usr/sbin`
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit c86a958d6d344d6bf568523c28d6643d7b49ba43)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 36a08784a0b7bc49487005d323bf4e41fd50d36d
Component: packaging
osusergo build tag is needed for better chances to have
a proper static binary when Go >= 1.11 is used, and is
harmless otherwise.
seccomp build tag is needed so the resulting dockerd binary
has seccomp support.
[v2: add libseccomp-dev installation]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Upstream-commit: 97596405f4300a7ae6eb7664f6c58785955dd8d3
Component: packaging
Should generate correct bits whether or not the suffix is present.
Working example:
❯ ./gen-deb-ver . 18.09.0-beta1
18.09.0~1.1.beta1 18.09.0-beta1
❯ ./gen-deb-ver . 18.09.0-ce-beta1
18.09.0~ce~1.1.beta1 18.09.0-ce-beta1
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 9de3f6fb573806abc2e546447c41552ff90731a4)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: cc336d0804076b31d6d059b164e9b4e3b3cec886
Component: packaging
Includes fixes related to upgrade cycles
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 83a20d53f14adcd2bcc9e932435aa66b6e056afa)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: befa3c61954d12f2413df56a384989d7ae2cb9b3
Component: packaging
A bit overdue
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 11643a30e0bdde4016afe42ab5f1f85e0fc83ecf)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: f38206fa477c59ec39b06b8ddde40be1f65c7cf0
Component: packaging
docker load doesn't support OCI based tar files so we have to make 2
different ones.
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 696cdc009ca73b070d8877ee5cdd13c4b0e4a39b)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: ea811c67ee1e558ecec1b394fc591458b57f7ed1
Component: packaging
This is set in a top-level makefile, but apparently
isn't getting passed all the way through as expected.
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: a5ad5471419cb2a0935148f891c5ada8b13b4779
Component: packaging
Also cleans up the target in rpm and deb Makfiles because
the tar target already output a tar.
Signed-off-by: Jose Bigio <jose.bigio@docker.com>
(cherry picked from commit 8a4744f48aa13bea0b4e9174165be4add0a5a42f)
Signed-off-by: Jose Bigio <jose.bigio@docker.com>
Upstream-commit: 8e4a92dc667e2143b6d5707e19c5564b7da46ba1
Component: packaging
This will make it easier for anybody to build with a specific version of a distro they want to build on.
They could lock into a specific sha of a docker image if they wanted, as an example.
Signed-off-by: corbin-coleman <corbin.coleman@docker.com>
Upstream-commit: 7afc35b95ac46bfef383788341ddb0b157af14eb
Component: packaging
This should accomodate the new versioning fix
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: be00095e1d0d5674665a63b6e5932178632feb0e
Component: packaging
Removes the need for the offline installer to install the shim process
and instead installs the shim process as part of the packaging.
May be easier in the future to just package the shim process on it's own
but that'll come after this 18.09 release
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit f8bd366d58f8bdf8a82b9a033353ca5bf4eda948)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 31d0cb047b98ab43f661bd026bdd63deef62543d
Component: packaging
It's generally bad-form to generate two identically named package files
that are actually different, so we should name our packages based on
the distro and version, not just the distro.
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
(cherry picked from commit 13bde85f0067a751f775d31919705645ecc0a6d7)
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: 3c757b281bb623d9622c74143340fd892c8655ad
Component: packaging
Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229
(6bf0f408e4)
both the old, and new location are accepted by systemd 229 and up, so using the old location
to make them work for either version of systemd.
StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230
(f0367da7d1)
both the old, and new name are accepted by systemd 230 and up, so using the old name to make
this option work for either version of systemd.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2c2bfea5d009fb884f5c61b62e3c85bd88e7909e)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 5963decd1502e5012692a1f958bfdc5403f02920
Component: packaging
This adds support for reloading the docker daemon
(SIGHIUP) so that changes in '/etc/docker/daemon.json'
can be loaded at runtime by reloading the service
through systemd ('systemctl reload docker')
Before this change, systemd would output an error
that "reloading" is not supported for the docker
service;
systemctl reload docker
Failed to reload docker.service: Job type reload is not applicable for unit docker.service.
After this change, the docker daemon can be reloaded
through 'systemctl reload docker', which reloads
the configuration;
journalctl -f -u docker.service
May 02 03:49:20 testing systemd[1]: Reloading Docker Application Container Engine.
May 02 03:49:20 testing docker[28496]: time="2016-05-02T03:49:20.143964103-04:00" level=info msg="Got signal to reload configuration, reloading from: /etc/docker/daemon.json"
May 02 03:49:20 testing systemd[1]: Reloaded Docker Application Container Engine.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3e1b508e5f70b35869d9c8417d3b65a141820af9)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 127426fc693a882b670339391da5d12f08c1438d
Component: packaging
Change the kill mode to process so that systemd does not kill container
processes when the daemon is shutdown but only the docker daemon
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d736ae9da7401f582469fa7e943adde9f2163024)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 784c5936ec984b5525ac71eca3b7731e49eb6b37
Component: packaging
We need to add delegate yes to docker's service file so that it can
manage the cgroups of the processes that it launches without systemd
interfering with them and moving the processes after it is reloaded.
Delegate=
Turns on delegation of further resource control partitioning to
processes of the unit. For unprivileged services (i.e. those
using the User= setting), this allows processes to create a
subhierarchy beneath its control group path. For privileged
services and scopes, this ensures the processes will have all
control group controllers enabled.
This is the proper fix for issue moby/moby#20152
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e134e666a585b1f13e9e5e371dd93e5ce04a4b34)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 1120496ca0492d29731befd1460a934ac115e7f8
Component: packaging
Systemd sets a default of 512 tasks, which is far
too low to run many containers.
Note that TasksMax is only supported on systemd 226
and above.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 82fe96733f551d36018c3840cf21d813807e9b76)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: c42e4736e055c472284fd09ca05d405d31c4516a
Component: packaging
There is a not-insignificant performance overhead for all containers (if
containerd is a child of Docker, which is the current setup) if systemd
sets rlimits on the main Docker daemon process (because the limits
propogate to all children).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 68e15413dce8d6e8f428ac286641a9482d30aabc)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 1246dedcd55058a2856c7042509fb0badcefbf91
Component: packaging
set LimitCORE=infinity to ensure complete core creation,
allows extraction of as much information as possible.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit da69663b9ccd72d95ec60007ef707d82a35324fa)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: f93f4525173e3a32d315794344d44bae780de00e
Component: packaging
Includes fixes to the go command, linker, and the net/http, mime/multipart,
ld/macho, bytes, and strings packages. See the Go 1.10.4 milestone on the
issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 11b4630f4c73885123336b7917cc139c43cf413a)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
Upstream-commit: 3920ea81ea2cab8e1f5f17fb16e133cfb87d9c98
Component: packaging
