Creates a `fixedBuffer` type that is used to encapsulate functionality
for reading/writing from the underlying byte slices.
Uses lazily-loaded set of sync.Pools for storing buffers that are no
longer needed so they can be re-used.
```
benchmark old ns/op new ns/op delta
BenchmarkBytesPipeWrite-8 138469 48985 -64.62%
BenchmarkBytesPipeRead-8 130922 56601 -56.77%
benchmark old allocs new allocs delta
BenchmarkBytesPipeWrite-8 18 8 -55.56%
BenchmarkBytesPipeRead-8 0 0 +0.00%
benchmark old bytes new bytes delta
BenchmarkBytesPipeWrite-8 66903 1649 -97.54%
BenchmarkBytesPipeRead-8 0 1 +Inf%
```
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 9a25b1d942da88439ec04797ff6f1c33c3b5562d
Component: engine
These fields are needed to specify the exact version of Windows that an
image can run on. They may be useful for other platforms in the future.
This also changes image.store.Create to validate that the loaded image is
supported on the current machine. This change affects Linux as well, since
it now validates the architecture and OS fields.
Signed-off-by: John Starks <jostarks@microsoft.com>
Upstream-commit: 194eaa5c0f843257e66b68bd735786308a9d93b2
Component: engine
Now that listeners is no longer an internal of the client, make it less
Docker-specific (despite there still being some open questions as how to
deal with some of the warnings that listeners has to emit). We should
move as much of the Docker-specific stuff (especially the port
allocation) to docker/ where it belongs (or maybe pass a check function).
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: 619bf56778c55813c7c9dc81052ee4a277bfd22a
Component: engine
This code will be used in containerd and is quite useful in general to
people who want a nice way of creating listeners from proto://address
arguments (even supporting socket activation). Separate it out from
docker/ so people can use it much more easily.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: e3a8c8388f8c6f1f67204cdd16b7b685fadda6c3
Component: engine
Avoids allocations and copying by using a buffer pool for intermediate
writes.
```
benchmark old ns/op new ns/op delta
BenchmarkWrite-8 996 175 -82.43%
benchmark old MB/s new MB/s speedup
BenchmarkWrite-8 4414.48 25069.46 5.68x
benchmark old allocs new allocs delta
BenchmarkWrite-8 2 0 -100.00%
benchmark old bytes new bytes delta
BenchmarkWrite-8 4616 0 -100.00%
```
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 2f3b6022858aab2d70e380d126e6dcec227c0d38
Component: engine
When a plugin is first found, it is loaded into the available plugins
even though it's not activated yet.
If activation fails it is taken out of the list.
While it is in the list, other callers may see it and try to check it's
manifest. If it is not fully activated yet, the manifest will be nil and
cause a panic.
This is especially problematic for drivers that are down and have not
been activated yet.
We could just not load the plugin into the available list until it's
fully active, however that will just cause multiple of the same plugin
to attemp to be loaded.
We could check if the manifest is nil and return early (instead of
panicing on a nil manifest), but this will cause a 2nd caller to receive
a response while the first caller is still waiting, which can be
awkward.
This change uses a condition variable to handle activation (instead of
sync.Once). If the plugin is not activated, callers will all wait until
it is activated and receive a broadcast from the condition variable
signaling that it's ok to proceed, in which case we'll check if their
was an error in activation and proceed accordingly.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: baac2f48674d42863f9fdca5ef3056b4c6ed707e
Component: engine
Since certain filesystems don't support extended attributes, ignore
errors produced (emitting a warning) when attempting to apply extended
attributes to file.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: 75a271603c761c18c7deb186d08943dcf85b739d
Component: engine
Change user/group creation to use flags to adduser/useradd to enforce it
being a system user. Use system user defaults that auto-create a
matching group. These changes allow us to remove all group creation
code, and in doing so we also removed the code that finds available uid,
gid integers and use post-creation query to gather the system-generated
uid and gid.
The only added complexity is that today distros don't auto-create
subordinate ID ranges for a new ID if it is a system ID, so we now need
to handle finding a free range and then calling the `usermod` tool to
add the ranges for that ID. Note that this requires the distro supports
the `-v` and `-w` flags on `usermod` for subordinate ID range additions.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: c18e7f3a0419e35aeab4eefa51f3c17fbd72381f
Component: engine
pkg/chrootarchive/diff_unix.go erroneously calls flush on stdout, which tries to read from stdout returning an error.
This has been fixed by removing the call and by modifying flush to return errors and checking for these errors on calls to flush.
Signed-off-by: Amit Krishnan <krish.amit@gmail.com>
Upstream-commit: a9c61691389ed373ada399d25f55a9d10405b4ea
Component: engine
In TestJSONFormatProgress, the progress string was used for comparison.
However, the progress string (progress.String()) uses time.Now().UTC()
to generate the timeLeftBox which is not a fixed value and cannot be
compared reliably.
This PR fixes the issue by stripping the timeLeftBox field before doing
the comparison.
This PR fixes#21124.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: d17bb23ae6efba6e76e7a56b856705400e26a61b
Component: engine
If the destination does not exist, it needs to be created with ownership
mapping to the remapped uid/gid ranges if user namespaces are enabled.
This fixes ADD operations, similar to the prior fixes for COPY and WORKDIR.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 06d95003b3ddd22d26121280d645e48582a4f931
Component: engine
Closes#20470
Before this PR we used to scan the entire build context when there were
exclusions in the .dockerignore file (paths that started with !). Now we
only traverse into subdirs when one of the exclusions starts with that dir
path.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 842b8d8784b132279003580eedd0e9c12b885815
Component: engine
Small refactor to be able to use custom transports
to call remote plugins.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 1a630234508bdb12d55425ceebdb0b6523a38578
Component: engine
