This exposes the already existing "create container" operation. It is
very similar to "docker run -d" except it doesn't actually start the
container, but just prepares it. It can then be manually started using
"docker start" at any point.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Conflicts:
api/client/commands.go
runconfig/parse.go
server/container.go
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
Upstream-commit: 3a90004f3c2d86ec849f4674c8046693ea061ed1
Component: engine
Fixed a bug in daemon that resulted in accessing of a closed pipe.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Upstream-commit: c786a8ee5e9db8f5f609cf8721bd1e1513fb0043
Component: engine
Use utils.RFC3339NanoFixed ("2006-01-02T15:04:05.000000000Z07:00")
instead of time.RFC3339Nano to format our log timestamps - this way
things are aligned, in particular the nano seconds are padded with zeros
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: cd7a5f5c0998f288f71d307076e661ed54f1a5f1
Component: engine
1. /container/<name>/exec - Creates a new exec command instance in the daemon and container '<name>'. Returns an unique ID for each exec command.
2. /exec/<name>/start - Starts an existing exec command instance. Removes the exec command from the daemon once it completes.
Adding /exec/<name>/resize to resize tty session of an exec command.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Upstream-commit: bfebdfde78753f85d53d62634654de0b80f6872d
Component: engine
Fixes#7845 and #7801, and a real pain point I had :)
Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
Upstream-commit: b2efdc538de47d37718b8972cd6703be32fc23c2
Component: engine
This method indicates that container using private network stack
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
Upstream-commit: 080ca8619172b020c7da29b46f2fe4c939bb47ca
Component: engine
Adds support for a --registry-mirror=scheme://<host>[:port]
daemon flag. The flag may be present multiple times. If
provided, mirrors are prepended to the list of endpoints used
for image pull. Note that only mirrors of the public
index.docker.io registry are supported, and image/tag resolution
is still performed via the official index.
Docker-DCO-1.1-Signed-off-by: Tim Smith <timbot@google.com> (github: timbot)
Upstream-commit: 69a75c673ccf0aebf19c7b350243f1b0cefad8be
Component: engine
commit 4aa5da278f49c889d43191f82ff42d3a95266d62 moves `Console` from Command to
ProcessConfig, but missed the change in lxc_template. Therefore creating a
container with tty using lxc driver with fail with error
template: lxc:60:20: executing "lxc" at <.Console>: Console is not a field of
struct type struct { *execdriver.Command; AppArmor bool; ProcessLabel string; MountLabel string }
This changes lxc_console template to refers to `.ProcessConfig.Console`
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Upstream-commit: 4b3b54ca388cd49cd790def66fbce9af2be2f20f
Component: engine
Since these will be shared between containers we want to label
them as svirt_sandbox_file_t:s0. That will allow multiple containers
to write to them.
Currently we are allowing container domains to read/write all content in
/var/lib/docker because of container volumes. This is a big security hole
in our SELinux story.
This patch will allow us to tighten up the security of docker containers.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 73617e5e18159e5f791d2860c7857cd5dea31be4
Component: engine
similar features in the future.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Upstream-commit: 4aa5da278f49c889d43191f82ff42d3a95266d62
Component: engine
Resolved all deadlocks and fixed race between kill and
monitor.resetContainer
Fixes#7600
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
Upstream-commit: 517ba44e3742c39c4c3fc249b8c40e9b7ddd845f
Component: engine
