containers may specify these cgroup values at runtime. This will allow
processes to change their priority to real-time within the container
when CONFIG_RT_GROUP_SCHED is enabled in the kernel. See #22380.
Also added sanity checks for the new --cpu-rt-runtime and --cpu-rt-period
flags to ensure that that the kernel supports these features and that
runtime is not greater than period.
Daemon will support a --cpu-rt-runtime flag to initialize the parent
cgroup on startup, this prevents the administrator from alotting runtime
to docker after each restart.
There are additional checks that could be added but maybe too far? Check
parent cgroups to ensure values are <= parent, inspecting rtprio ulimit
and issuing a warning.
Signed-off-by: Erik St. Martin <alakriti@gmail.com>
Upstream-commit: 42ef78911e
Component: cli
Keeping the current behavior for exec, i.e., inheriting
variables from main process. New variables will be added
to current ones. If there's already a variable with that
name it will be overwritten.
Example of usage: docker exec -it -e TERM=vt100 <container> top
Closes#24355.
Signed-off-by: Jonh Wendell <jonh.wendell@redhat.com>
Upstream-commit: 73dd34b2b3
Component: cli
This fix tries to add a daemon config parameter `--shutdown-timeout`
that specifies the timeout value to stop containers gracefully
(before SIGKILL). The default value is 15s.
The `--shutdown-timeout` parameter is added to daemon options and
config file. It will also be updated during daemon reload.
Additional test cases have been added to cover the change.
This fix fixes#22471.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: ef158e3e0a
Component: cli
This fix tries to add a flag `--stop-timeout` to specify the timeout value
(in seconds) for the container to stop before SIGKILL is issued. If stop timeout
is not specified then the default timeout (10s) is used.
Additional test cases have been added to cover the change.
This fix is related to #22471. Another pull request will add `--shutdown-timeout`
to daemon for #22471.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 4ff84a13da
Component: cli
Allow passing --storage-opt size=X to docker create/run commands
for the `overlay2` graphriver.
The size option is only available if the backing fs is xfs that is
mounted with the `pquota` mount option.
The user can pass any size less then the backing fs size.
Signed-off-by: Amir Goldstein <amir73il@aquasec.com>
Upstream-commit: 6190d02e62
Component: cli
When sending a build context to a remote server it may be
(significantly) advantageous to compress the build context. This commit
adds support for gz compression when constructing a build context
using a command like "docker build --compress ."
Signed-off-by: Paul Kehrer <paul.l.kehrer@gmail.com>
Upstream-commit: 9c85295b1c
Component: cli
This makes it easier to list containers that are part of a task
(swarm mode) and those who are not.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: cd547751df
Component: cli
This option was added through commit
0d03c060c7e6800e60833c4462b917ee9b081440,
but didn't update the man page.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 1f015b1700
Component: cli
This adds a small C binary for fighting zombies. It is mounted under
`/dev/init` and is prepended to the args specified by the user. You
enable it via a daemon flag, `dockerd --init`, as it is disable by
default for backwards compat.
You can also override the daemon option or specify this on a per
container basis with `docker run --init=true|false`.
You can test this by running a process like this as the pid 1 in a
container and see the extra zombie that appears in the container as it
is running.
```c
int main(int argc, char ** argv) {
pid_t pid = fork();
if (pid == 0) {
pid = fork();
if (pid == 0) {
exit(0);
}
sleep(3);
exit(0);
}
printf("got pid %d and exited\n", pid);
sleep(20);
}
```
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: d72deed554
Component: cli
As is raised in 26312, in `docker network ls`, the help output was
mistaken to `volume names`:
```
-q, --quiet Only display volume names
```
This fix changes the help output to:
```
-q, --quiet Only display network IDs
```
This fix also updates the documentation in:
`docs/reference/commandline/network_ls.md`
This fix fixes 26312.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 6aa365d7e9
Component: cli
The `--rm` flag has been part of the `docker create` and
related docs in `docs/reference/commandline/create.md`
already includes the `--rm` flag. However, man page
`man/docker-create.1.md` has not adds the `--rm` flag yet.
This fix adds the description of `--rm` flag to
`man/docker-create.1.md`
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 3f171a31b1
Component: cli
Remove checks that prevent overlay and SELinux from working together.
Fixes are arriving in the 4.9 kernel.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Upstream-commit: 5f30004f08
Component: cli
Also consolidate the leftover packages under cli.
Remove pkg/mflag.
Make manpage generation work with new cobra layout.
Remove remaining mflag and fix tests after rebase with master.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 6e33dc2d91
Component: cli
Untested.
Hoping CI and @michael-holzheu can test...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: a8a90829bb
Component: cli
In `man/Dockerfile` we are specifying a tagged version of glide to
checkout, but never actually checking it out.
This checks out the requested version before building.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 3ef90ec019
Component: cli
"--restart" and "--rm" are conflict options, if a container is started
with AutoRemove flag, we should forbid the update action for its Restart
Policy.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Upstream-commit: f63d53c736
Component: cli
The memory should always be smaller than memoryswap,
we should error out with message that user know how
to do rather than just an invalid argument error if
user update the memory limit bigger than already set
memory swap.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: 3b2ecd7052
Component: cli
If AutoRemove is set, wait until client get `destroy` events, or get
`detach` events that implies container is detached but not stopped.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Upstream-commit: 0f6a96d2a4
Component: cli
The `--user`/`-u` of the `docker create` is the same as
`docker run`, which could take either `uid` or `uid:gid`
format. However, the description in the man page of `docker create`
is missing and may cause some confusions (comared with `docker run`).
This fix updates the man page of `docker create` so that it is
consistent with the man page of `docker run`.
This fix is related to 25304.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 3a778c9e1f
Component: cli
Specify that kernel memory updating limitation only applies
on kernel version older than 4.6.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: 69eb98ada5
Component: cli
move the "kernel memory" examples to the "examples" section,
and fix some formatting and grammar.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: e2a6cf9fd5
Component: cli
Hostnames are not supported for now because libnetwork can't use them
for overlay networking yet.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 1918ec3987
Component: cli
