4b93eb25be
Merge pull request #18612 from mrunalp/update_runc
...
Update runc/libcontainer to v0.0.6
Upstream-commit: ecc3717cb17313186ee711e624b960b096a9334f
Component: engine
2015-12-14 13:05:53 -08:00
18aa0ef1ba
Merge pull request #18393 from qzio/apparmor/ptrace-ubuntu14
...
Enable ptrace in a container on apparmor below 2.9
Upstream-commit: c38aa60180792210a21f162a57958bda86f9c381
Component: engine
2015-12-14 10:07:01 -08:00
3c4fcf6b7a
Fix typos found across repository
...
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com >
Upstream-commit: 927b334ebfc786276a039e45ec097e71bf9a104c
Component: engine
2015-12-13 18:04:12 +02:00
fbb93e6251
Update runc/libcontainer to v0.0.6
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com >
Upstream-commit: e8f7d5885dad5364b25a8f1efa8bb6b29afa89b1
Component: engine
2015-12-11 15:24:32 -05:00
f628f2f8be
Enable ptrace in a container on apparmor below 2.9
...
Ubuntu 14.04 LTS is on apparmor 2.8.95.
This enables `ps` inside a container without causing
audit log entries on the host.
Signed-off-by: Joel Hansson <joel.hansson@ecraft.com >
Upstream-commit: 6480feb7668851d3878bf36eedc5fd8ffa789e25
Component: engine
2015-12-07 11:08:49 +01:00
ab6c9709f6
Merge pull request #17989 from jfrazelle/initial-seccomp-support
...
Phase 1: Initial seccomp support
Upstream-commit: 87a614ed55f2a9076d8150f846b0d27fe60095a8
Component: engine
2015-12-05 08:33:58 -08:00
7be0f9667b
Add support for blkio read/write bps device
...
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com >
Upstream-commit: 3f15a055e5c50d0f08d4c3e7cd9618d537b84f29
Component: engine
2015-12-04 09:26:03 +08:00
4f88ba8722
inital seccomp support
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: 6707f4b9b638b367a1dde6f8684a5b9817a882f0
Component: engine
2015-12-03 16:30:44 -08:00
a7b1157339
Merge pull request #16277 from runcom/add-oom-score-adj
...
Add OomScoreAdj
Upstream-commit: 8f1f53f735e278bb23bb41d9387a75786d7ec1dc
Component: engine
2015-12-02 11:49:51 -08:00
71b21cf347
This patch adds --tmpfs as a option for mounting tmpfs on directories
...
It will Tar up contents of child directory onto tmpfs if mounted over
This patch will use the new PreMount and PostMount hooks to "tar"
up the contents of the base image on top of tmpfs mount points.
Signed-off-by: Dan Walsh <dwalsh@redhat.com >
Upstream-commit: b3e527dfd242ad30c0297c8b257862116cf2c50e
Component: engine
2015-12-02 10:06:59 -05:00
d6e4b2d7b7
Merge pull request #18178 from jfrazelle/apparmor-we-meet-again
...
Fix docker-default profile handing signals
Upstream-commit: e852959fadf7ec77ffb57877806603b8c0bf523e
Component: engine
2015-11-30 11:34:34 -08:00
d3dbad3a43
check version for docker-default aa profile
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: f8db9a09e0ec9b1925839ffff4f1cc5fe3ace630
Component: engine
2015-11-30 10:18:12 -08:00
45a6d40e9f
Merge pull request #18303 from runcom/lxc-leftover
...
daemon: remove sysInitPath, lxc leftover
Upstream-commit: 360a10651188fcf79b0110265c3f2723637e11b7
Component: engine
2015-11-30 09:37:05 -08:00
132ab17e74
Merge pull request #18239 from jfrazelle/17783-fix-regex
...
Fix parsing of apparmor pcre syntax
Upstream-commit: 377e1d75f93101acbff7cf06df2c05a2df3b6760
Component: engine
2015-11-30 09:15:25 -08:00
ddf1fb3149
Add OomScoreAdj to configure container oom killer preferences
...
libcontainer v0.0.4 introduces setting `/proc/self/oom_score_adj` to
better tune oom killing preferences for container process. This patch
simply integrates OomScoreAdj libcontainer's config option and adjust
the cli with this new option.
Signed-off-by: Antonio Murdaca <amurdaca@redhat.com >
Signed-off-by: Antonio Murdaca <runcom@redhat.com >
Upstream-commit: d3af7f283d8dc0be67be48e14cd740fbeb690f7a
Component: engine
2015-11-30 11:19:04 +01:00
c116892cdb
daemon: remove sysInitPath, lxc leftover
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com >
Upstream-commit: 1b726b29b21bbc1aebfe0f6b71dfd61145bdd6af
Component: engine
2015-11-30 10:04:13 +01:00
dfeea039e6
Fix kernel memory limit
...
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com >
Upstream-commit: dd7b4fd651a6f9354efb991f6ce547a03729fa18
Component: engine
2015-11-28 09:47:25 +08:00
1fccc71442
Fix parsing of apparmor pcre syntax
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: c0f7fdc025da69283eb00d80bf47f4d47eeb0a65
Component: engine
2015-11-25 10:38:18 -08:00
9a375b7073
Adjust docker-default profile when docker daemon is confined
...
Adjust the docker-default profile for when the docker daemon is running in
AppArmor confinement. To enable 'docker kill' we need to allow the container
to receive kill signals from the daemon.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com >
Upstream-commit: 5cd6b3eca236df06e66777b15932b1a7fbb2e954
Component: engine
2015-11-23 15:20:01 -08:00
12f51add56
Merge pull request #17704 from LK4D4/default_cgroupfs
...
Use fs cgroups by default
Upstream-commit: c32f8bb36a5f1b2fe0586a1e080c14d8a6b68610
Component: engine
2015-11-19 14:01:13 +01:00
92c9b9e9d4
Use fs cgroups by default
...
Our implementation of systemd cgroups is mixture of systemd api and
plain filesystem api. It's hard to keep it up to date with systemd and
it already contains some nasty bugs with new versions. Ideally it should
be replaced with some daemon flag which will allow to set parent systemd
slice.
Signed-off-by: Alexander Morozov <lk4d4@docker.com >
Upstream-commit: 419fd7449fe1a984f582731fcd4d9455000846b0
Component: engine
2015-11-18 16:16:13 -08:00
1d5287a6dd
Merge pull request #16639 from mrunalp/skip_dev_setup
...
Skip /dev setup in container when it is bind mounted in
Upstream-commit: 91876563052a1d84902e365cbe8b9eaf96846e91
Component: engine
2015-11-17 11:36:00 -08:00
567557144f
Merge pull request #18025 from Microsoft/10662-ArgumentEscaping
...
Windows: Fix docker exec
Upstream-commit: 6f1bc096a64efb592b56dbdefc5bfce1fa7935d3
Component: engine
2015-11-17 11:14:54 +01:00
05e1d2c256
Typo in previous PR processConfig, not c.ProcessConfig
...
Signed-off-by: Darren Stahl <darst@microsoft.com >
Upstream-commit: d7692b02bdeafc2837bf4269527c2eaa8be254b1
Component: engine
2015-11-16 11:56:01 -08:00
6f1a30b2e2
Merge pull request #17851 from Microsoft/10662-ArgumentEscaping
...
Prevent double escaping of Dockerfile commands on Windows
Upstream-commit: ad8a66573c61483b9a0721470438dfc8bd01993f
Component: engine
2015-11-14 17:25:53 +01:00
f06cbc085f
This fixes the case where arguments are escaped twice from Dockerfiles on
...
Windows
Signed-off-by: Darren Stahl <darst@microsoft.com >
Upstream-commit: 9db5db1b94bc1000d151315851096dcc6cd3512d
Component: engine
2015-11-13 10:43:06 -08:00
32490eabee
Merge pull request #17949 from Microsoft/jjh/cpuweighttp4
...
Windows: TP4 fix cpu weight
Upstream-commit: 588fedef4af1550f631a71ef1bd98998bc031613
Component: engine
2015-11-12 21:13:09 +01:00
c0d8796b26
Merge pull request #13959 from Mashimiao/add-support-blkio_weight_device
...
Add support for blkio.weight_device
Upstream-commit: 812a1c149a4a6db09eb59af29bed2713821e696e
Component: engine
2015-11-12 20:42:13 +01:00
95bf21f468
Windows: TP4 fix cpu weight
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 90eac6b48baac2b74b4721456fee4b3f2a0527b8
Component: engine
2015-11-12 11:08:24 -08:00
c1e130b932
Merge pull request #17589 from Microsoft/jjh/refactorprocessconfig
...
Refactor ProcessConfig
Upstream-commit: 8cf38b6a8b031bd0d39d80d0a1d1b6e860a43acb
Component: engine
2015-11-12 07:28:32 -08:00
1a0735060a
Add support for blkio.weight_device
...
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com >
Upstream-commit: 0fbfa1449d917ee0778266139d6035fb0782f7c2
Component: engine
2015-11-11 23:06:36 +08:00
37b87b6310
Merge pull request #17613 from Microsoft/10662-isolationexecopt
...
Windows: Add default isolation exec driver option
Upstream-commit: d4c4557b1af794c4d7e4a9833b20119c0a4c091c
Component: engine
2015-11-10 19:55:46 +00:00
328de5870b
Windows: Add default isolation exec driver option
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: a429ad1e35691fb01f3f80461964030d2197a0eb
Component: engine
2015-11-10 11:39:05 -08:00
2f262fa249
Merge pull request #17431 from vdemeester/hope-it-does-not-broke-everything-again
...
Another try at dockerversion placeholder for library import
Upstream-commit: 58b270c338e831ac6668a29788c72d202f9fc251
Component: engine
2015-11-09 13:15:50 -08:00
48001c30bb
dockerversion placeholder for library import
...
- Add a *version* file placeholder.
- Update autogen and builds to use it and an autogen build flag
Signed-off-by: Vincent Demeester <vincent@sbr.pm >
Upstream-commit: 8054a303870b81eebe05e38261c1b68197b68558
Component: engine
2015-11-09 19:32:46 +01:00
97bbd407aa
Refactor ProcessConfig
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 5fa2e4d4f2be7787ad29b1e6ffd9c026ea0c1925
Component: engine
2015-11-09 09:51:09 -08:00
626bc69479
Refactor exitStatus structure
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 77af7d1067b83cf683745e3f15ce19425beb34e0
Component: engine
2015-11-09 08:26:35 -08:00
355f3d0514
Merge pull request #17581 from Microsoft/10662-factoroutexecuser
...
Windows: Factor out user in execdriver\driver
Upstream-commit: 342e6bb99fd965dad51a79de3886e89f4ca336e4
Component: engine
2015-11-07 22:11:26 -05:00
75f7989a9c
Don't build utils on Windows
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: b10dd17e066614dce1bcaafebf6e902ce9ea169d
Component: engine
2015-11-07 08:46:36 -08:00
7822116dd5
Merge pull request #17575 from Microsoft/10662-nativetemplate
...
Windows: Fix native exec template
Upstream-commit: ad55d29c91fc9ce4851cb0d8456bd5517a5eb0cd
Component: engine
2015-11-06 16:14:44 -08:00
e11568b0ea
Remove LxcConf in daemon_test.go and fix a typo
...
Signed-off-by: Lei Jitang <leijitang@huawei.com >
Upstream-commit: 00d00b429ff6f5cecf6789d6b6773b8e979ad0ae
Component: engine
2015-11-06 09:58:06 +08:00
f427a47755
Remove exec-driver global daemon option.
...
Each platform has only a driver now.
Signed-off-by: David Calavera <david.calavera@gmail.com >
Upstream-commit: 157b66ad390902ef6f5b51b3f76d5177eacac81b
Component: engine
2015-11-05 17:09:58 -05:00
ef88e7ace2
Remove LXC support.
...
The LXC driver was deprecated in Docker 1.8.
Following the deprecation rules, we can remove a deprecated feature
after two major releases. LXC won't be supported anymore starting on Docker 1.10.
Signed-off-by: David Calavera <david.calavera@gmail.com >
Upstream-commit: 3b5fac462d21ca164b3778647420016315289034
Component: engine
2015-11-05 17:09:57 -05:00
f6a86ba721
Windows: Factor out user in execdriver\driver
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 910e4ba7ed3b686b549b09bfb2e5f860a4a52923
Component: engine
2015-10-31 19:19:24 -07:00
63f9fb3569
Windows: Fix native exec template
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: be2f53ece8a57907ec9a1855f4d0c06a086c206b
Component: engine
2015-10-31 11:39:19 -07:00
6675fcdd7e
Merge pull request #17567 from Microsoft/10662-lxcunittest
...
Windows: Fix go test in execdriver\lxc
Upstream-commit: 4468e1e74e225f38b251fbcfdce633b619ea2e7a
Component: engine
2015-10-31 09:40:19 -07:00
6cb48beaf2
Windows: Fix go test in execdriver\lxc
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 30ab497e174cdf788b8e7864c2e2e4019a119978
Component: engine
2015-10-31 08:25:36 -07:00
80a227297f
Windows: Refactor execdriver.Command
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 9d14866d7173e974b9eff34e251b16083647f056
Component: engine
2015-10-30 13:53:00 -07:00
2bf3bcdc0a
Windows: Adds support for Hyper-V Containers
...
Signed-off-by: John Howard <jhoward@microsoft.com >
Upstream-commit: 15e35c447058851850155f90292e51decb482956
Component: engine
2015-10-29 16:18:52 -07:00
cc55863497
Revert "dockerversion placeholder for library-import"
...
This reverts commit d5cd032a86617249eadd7142227c5355ba9164b4.
Commit caused issues on systems with case-insensitive filesystems.
Revert for now
Signed-off-by: Brian Goff <cpuguy83@gmail.com >
Upstream-commit: b78ca243d9fc25d81c1b50008ee69f3e71e940f6
Component: engine
2015-10-27 21:23:53 -04:00
