Since it is possible to request a specific IP, IPAllocator has to verify
that the request is within boundaries.
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
Upstream-commit: a471eb4d9388dc44be0a9c81fa2f15061df636c5
Component: engine
There were a new areas in the brige driver that did not need to have log
output. Those were removed. Also set the engine's logging to false
when running the integration tests.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 8a9e827216eb5db4fcbe67c3c638f9e85f4de9bf
Component: engine
For the cases where --bip option is used it is sometimes best to disable
IP masquerading as the provided bridge IP range may be routable.
Signed-off-by: Eugene Yakubovich <eugene.yakubovich@coreos.com>
Upstream-commit: 4dc4d56db9797159e2e329845e0b94e3e0f780a0
Component: engine
This PR moves the userland proxies for TCP and UDP traffic out of the
main docker daemon's process ( from goroutines per proxy ) to be a
separate reexec of the docker binary. This reduces the cpu and memory
needed by the daemon and if the proxy processes crash for some reason
the daemon is unaffected. This also displays in the standard process
tree so that a user can clearly see if there is a userland proxy that is
bound to a certain ip and port.
```bash
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d349506feb6 busybox:buildroot-2014.02 "sh" 13 minutes ago Up 1 seconds 0.0.0.0:49153->81/tcp, 0.0.0.0:49154->90/tcp hungry_pike
root@1cbfdcedc5a7:/go/src/github.com/docker/docker# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 18168 3100 ? Ss 21:09 0:00 bash
root 8328 0.7 0.6 329072 13420 ? Sl 22:03 0:00 docker -d -s vfs
root 8373 1.0 0.5 196500 10548 ? Sl 22:03 0:00 userland-proxy -proto tcp -host-ip 0.0.0.0 -host-port 49153 -container-ip 10.0.0.2 -container-port 81
root 8382 1.0 0.5 270232 10576 ? Sl 22:03 0:00 userland-proxy -proto tcp -host-ip 0.0.0.0 -host-port 49154 -container-ip 10.0.0.2 -container-port 90
root 8385 1.2 0.0 3168 184 pts/0 Ss+ 22:03 0:00 sh
root 8408 0.0 0.1 15568 2112 ? R+ 22:03 0:00 ps aux
```
This also helps us to cleanly cleanup the proxy processes by stopping
these commands instead of trying to terminate a goroutine.
Signed-off-by: Michael Crosby <michael@docker.com>
Upstream-commit: b4e2f5ed962f8ef81dbc2cbb1ff2a06bb64f8211
Component: engine
functions to pkg/parsers/kernel, and parsing filters to
pkg/parsers/filter. Adjust imports and package references.
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
Upstream-commit: 4398108433121ce2ac9942e607da20fa1680871a
Component: engine
Defining err as named return parameter will make sure the variable gets
assigned before returning and thus avoid masking
Docker-DCO-1.1-Signed-off-by: Johannes 'fish' Ziemke <github@freigeist.org> (github: discordianfish)
Upstream-commit: 32bc8658793b278c793cb8755b94df3b210bea5d
Component: engine
Select masquerade by outgoing interface rather than by destination subne...
Upstream-commit: bcec0f30e8d7dbb9fcdd6a85fa4b8e4953ba66ff
Component: engine
Faster, more documented, less code.
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
Upstream-commit: f387cc1205b79ffbe30b28f5df13da034d8221fd
Component: engine
adjust tests to fit.
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
Upstream-commit: ffd68badc0a3d70fbd063903702355a387621b10
Component: engine
Port allocation status is stored in a global map: a port detected in use will remain as such for the lifetime of the daemon. Change the behavior to only mark as allocated ports which are claimed by Docker itself (which we can trust to properly remove from the allocation map once released). Ports allocated by other applications will always be retried to account for the eventually of the port having been released.
Docker-DCO-1.1-Signed-off-by: Arnaud Porterie <icecrime@gmail.com> (github: icecrime)
Upstream-commit: dafddf461eeabd792d9ced6caced75ad6961c1d7
Component: engine
We don't need ordered set anymore, also some cleanings and simple
benchmark.
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
Upstream-commit: ef94ac7d2fd42a09c99567b0393fb48b9d782a9e
Component: engine
Now IP reuses only after all IPs from network was allocated
Fixes#5729
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
Upstream-commit: 80fca061e7661549a05b2696488db3fea008e2dd
Component: engine
