4362 Commits

Author	SHA1	Message	Date
Tonis Tiigi	2874df7efa	Add support for swarm init lock and swarm unlock ... Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> Upstream-commit: b4a667c8c4f536445d35e8914a58e8c749f16ea6 Component: engine	2016-11-09 16:09:00 -08:00
Victor Vieux	174f2a0d72	Merge pull request #28025 from vdemeester/swarm-mode-templating ... Add support for swarm mode templating Upstream-commit: 8ffd1a370c447db92a67d17f900ccd453dbcedee Component: engine	2016-11-09 15:57:52 -08:00
Tibor Vass	e85707f736	Merge pull request #28002 from Microsoft/jjh/noreexec ... Windows: Allow a no-reexec option for importLayer Upstream-commit: 5e3d777401cd96bd9958971533222726edb1caa5 Component: engine	2016-11-09 14:46:21 -08:00
Vincent Demeester	9549c6b9d6	Add support for swarm mode templating ... Wire templating support of swarmkit for the engine, in order to be used through services. Signed-off-by: Vincent Demeester <vincent@sbr.pm> Upstream-commit: 6212ea669b4e92b3aa3985857f827ee9b95271fd Component: engine	2016-11-09 23:28:06 +01:00
Victor Vieux	9c868a7b94	Merge pull request #27433 from AkihiroSuda/fix-ovl-xfs-ftype0 ... overlay: warn if overlay backing fs doesn't support d_type Upstream-commit: 643ac2f804a5242062113ace64bf68506027c9a6 Component: engine	2016-11-09 13:39:07 -08:00
Sebastiaan van Stijn	8c7175ef3e	Merge pull request #27794 from ehazlett/secrets ... Secret Management Upstream-commit: 5e143b5f8d82537635a57f3d9eda8126caf68a6f Component: engine	2016-11-09 22:26:53 +01:00
Victor Vieux	dc6854b4b3	Merge pull request #28184 from Microsoft/jjh/user ... Windows: Plumb through user Upstream-commit: f67d4b897adc9048269d1b91435b6dcbf69e36d1 Component: engine	2016-11-09 11:32:42 -08:00
Phil Estes	6941a29c56	Correct secrets permissions when userns enabled ... Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> Upstream-commit: 8119809b68bee9a027bae9d5851b11c743438bd6 Component: engine	2016-11-09 14:27:46 -05:00
Evan Hazlett	bd20a72add	more review updates ... - return err instead of wrap for update secret - add omitempty for data in secret spec Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 427c70d97779566b2b3ea3a9141bb9bf3dd05dd8 Component: engine	2016-11-09 14:27:45 -05:00
Evan Hazlett	d5d838f9f3	embed spec when converting from grpc ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: a9d41184296c971c650f7d97a67ae5c9b44d4200 Component: engine	2016-11-09 14:27:45 -05:00
Evan Hazlett	5907fa959f	more review updates ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: eff36b7d669a8d0dbb9d79b70f9cb1f8a6ffdbd8 Component: engine	2016-11-09 14:27:45 -05:00
Evan Hazlett	19e0a8c065	support labels for secrets upon creation; review updates ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 583c013a8735031f4e5090bb1699effb64daf950 Component: engine	2016-11-09 14:27:45 -05:00
Evan Hazlett	e093728442	review updates ... - use Filters instead of Filter for secret list - UID, GID -> string - getSecrets -> getSecretsByName - updated test case for secrets with better source - use golang.org/x/context instead of context - for grpc conversion allocate with make - check for nil with task.Spec.GetContainer() Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: b2e4c7f3b5b30fc6940768ec41836d708a48b463 Component: engine	2016-11-09 14:27:45 -05:00
Evan Hazlett	e9ea5a5560	update to support new target in swarmkit ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 88dea0e06e0e94a8ab4cb5fe852e26bff309261a Component: engine	2016-11-09 14:27:44 -05:00
Evan Hazlett	bc88c956b6	secrets: only setup secret mount if secrets are requested ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 6d12de53699d6fa03c70493eec63ac5cfa41f2fe Component: engine	2016-11-09 14:27:44 -05:00
Evan Hazlett	a28c910916	add secret support for service update ... - add nosuid and noexec to tmpfs Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 00237a96249739dbf426d81672a904e9f4c5e702 Component: engine	2016-11-09 14:27:44 -05:00
Evan Hazlett	e2eea356c2	proper cleanup upon mount fail ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 0c170a76c51be67bd6f7c4d38ed28ddcb473eac9 Component: engine	2016-11-09 14:27:43 -05:00
Evan Hazlett	45bc21e90e	update to support latest swarm changes ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: f50a65ff0c28618f798d06838e36b015dd022b45 Component: engine	2016-11-09 14:27:43 -05:00
Evan Hazlett	848c015ac1	more review updates ... - use /secrets for swarm secret create route - do not specify omitempty for secret and secret reference - simplify lookup for secret ids - do not use pointer for secret grpc conversion Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 189f89301e0abfee32447f2ca23dacd3a96de06d Component: engine	2016-11-09 14:27:43 -05:00
Evan Hazlett	dde21cf7dc	review changes ... - fix lint issues - use errors pkg for wrapping errors - cleanup on error when setting up secrets mount - fix erroneous import - remove unneeded switch for secret reference mode - return single mount for secrets instead of slice Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 857e60c2f943a09e3ec0ac0f236821b797935900 Component: engine	2016-11-09 14:27:43 -05:00
Evan Hazlett	9dbbc071d5	secrets: secret management for swarm ... Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> wip: use tmpfs for swarm secrets Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> wip: inject secrets from swarm secret store Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> secrets: use secret names in cli for service create Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> switch to use mounts instead of volumes Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> vendor: use ehazlett swarmkit Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> secrets: finish secret update Signed-off-by: Evan Hazlett <ejhazlett@gmail.com> Upstream-commit: 3716ec25b423d8ff7dfa231a7b3cf0154726ed37 Component: engine	2016-11-09 14:27:43 -05:00
Brian Goff	07ffcc9abc	Merge pull request #28189 from Microsoft/jjh/fluentd ... Windows: Enable fluentd logdriver Upstream-commit: bf960a6bdc3fae8c69b8ecf6bbc2562548f55929 Component: engine	2016-11-09 11:28:37 -05:00
Sebastiaan van Stijn	e788fbec24	Merge pull request #28141 from darrenstahlmsft/TerminateTemplates ... Terminate template containers before delting a layer Upstream-commit: 70b53c932dbc757c44ae7b18ad122b043fb82530 Component: engine	2016-11-09 15:44:33 +01:00
Brian Goff	72ae55dd14	Merge pull request #28037 from crosbymichael/tini ... Replace grimes with tini for default init shipped in Docker Upstream-commit: 93e837d1d2d3a24b0219ccadc1fdf170d242c137 Component: engine	2016-11-09 09:29:42 -05:00
Sebastiaan van Stijn	a40c9e3002	Merge pull request #26088 from akirakoyasu/patch-fluent-unixsocket ... Proposal: unix-sockets support in Fluentd logging driver Upstream-commit: 806f09bf32c49cd0493a97522cd809b09b52dfb6 Component: engine	2016-11-09 12:49:06 +01:00
Vincent Demeester	fef442cb37	Merge pull request #28098 from yongtang/25099-oom_score_adj-empty-env ... Fix `/proc/<pid>/oom_score_adj: invalid argument` error caused by empty env name Upstream-commit: c025049c27c2cc8a6f1f978769c89a1fdf07a6f3 Component: engine	2016-11-09 10:39:18 +01:00
Vincent Demeester	7198214971	Merge pull request #27997 from aaronlehmann/raft-options ... cli: Add options for Raft snapshotting Upstream-commit: 29a38a4fe8caebbad9ea72ca0d4b4fc80118df3c Component: engine	2016-11-09 10:19:45 +01:00
Akihiro Suda	af0174a7c5	overlay: warn if overlay backing fs doesn't support d_type ... Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp> Upstream-commit: 2e20e63da2a8a0ffbbb3f2146f87559e17f43046 Component: engine	2016-11-09 07:18:27 +00:00
John Howard	e57bdfb80c	Windows: Enable fluentd logdriver ... Signed-off-by: John Howard <jhoward@microsoft.com> Upstream-commit: cff9679c6cdd0b7f3dc691ed00f294ac93274c1d Component: engine	2016-11-08 19:54:57 -08:00
John Howard	dbcd2372ba	Windows: Allow a no-reexec option for importLayer ... Signed-off-by: John Howard <jhoward@microsoft.com> Upstream-commit: d9294719b50452b3d88372468b6264c9d2467f02 Component: engine	2016-11-08 17:57:43 -08:00
Victor Vieux	cc2d08fb86	Merge pull request #27567 from yongtang/24391-dns-setting ... Add custom DNS settings to service definition Upstream-commit: 462e57f05eba94cacad2c5e1383d94baf8fe090b Component: engine	2016-11-08 17:43:00 -08:00
John Howard	234aecaaa6	Windows: Plumb through user ... Signed-off-by: John Howard <jhoward@microsoft.com> Upstream-commit: 5207ff7202327bd06fa7e8df4c58d6a944899b60 Component: engine	2016-11-08 17:41:56 -08:00
Sebastiaan van Stijn	067ec4c6cd	Merge pull request #27420 from Shugyousha/journaldfixes ... Small logger journald cleanup Upstream-commit: 3975d648b70f2f18c1ba15c4b590de5c418d34db Component: engine	2016-11-09 01:35:08 +01:00
Victor Vieux	df125f380f	Merge pull request #27992 from Microsoft/jjh/minapitoinfo ... Adds `MinAPIVersion` to docker version Upstream-commit: 2d4203222574623b10d94817b9959a08698f516b Component: engine	2016-11-08 15:49:33 -08:00
Yong Tang	6fb775ea79	Add custom DNS settings to service definition ... This fix tries to fix the issue raised in 24391 about allowing custom DNS settings to service definition. This fix adds `DNSConfig` (`Nameservers`, `Options`, `Search`) to service definition, as well as `--dns`, `--dns-opt`, and `dns-search` to `service create`. An integration test has been added to cover the changes in this fix. This fix fixes 24391. A PR in swarmkit will be created separately. Signed-off-by: Yong Tang <yong.tang.github@outlook.com> Upstream-commit: 9e8adbecf505620a1cb3a840189b59450493a00b Component: engine	2016-11-08 15:41:32 -08:00
Darren Stahl	40ba948937	Terminate template VMs on layer delete ... Signed-off-by: Darren Stahl <darst@microsoft.com> Upstream-commit: c58e8dea6ce1e9ff02c383c1698733fd0554ba2e Component: engine	2016-11-08 15:39:25 -08:00
Aaron Lehmann	db11fea742	Merge pull request #27123 from tonistiigi/fix-join-reconnect ... Don’t attempt to reconnect swarm on failed join after timeout Upstream-commit: 0ccbae04370f8c48a6ae0ff2fc4181347f89e11d Component: engine	2016-11-08 14:53:44 -08:00
Michael Crosby	f7a65041fc	Convert err description to lower ... Convert this to lower before checking the message of the error. Signed-off-by: Michael Crosby <crosbymichael@gmail.com> Upstream-commit: 47637b49a0fbd62a25702859f0993666c63ff562 Component: engine	2016-11-08 14:42:54 -08:00
Aaron Lehmann	f7b4103706	cli: Add options for Raft snapshotting ... Add the following options to "swarm init" and "swarm update": - --max-snapshots: Retain this many old Raft snapshots in addition to the latest one - --snapshot-interval: Number of log entries between Raft snapshots These options already existed in SwarmKit and the Docker API but were never exposed in the CLI. I'm adding them here to fix this oversight. --max-snapshots may be useful for debugging purposes and more conservative users who want to store rolling backups of old versions of the Raft state. --snapshot-interval is most useful for performance tuning. The default value of 10000 may not be ideal for some setups. There is also a LogEntriesForSlowFollowers option that is not exposed. I decided not to expose it along with these others because I don't think it's generally useful (and I'm not sure what I would call the CLI flag). But if people want, I can expose it for the sake of completeness. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com> Upstream-commit: 842d11f44cede2d7e9488e54f8ac8de89d8f4cd4 Component: engine	2016-11-08 13:14:01 -08:00
John Howard	8101ecbf52	Fix typo limitied ... Signed-off-by: John Howard <jhoward@microsoft.com> Upstream-commit: 27de9f6ece0f62dbdf2a6bfa12cf3019f25e78fa Component: engine	2016-11-08 13:06:24 -08:00
Silvan Jegen	00b0b30b49	Clean up journald logger ... We clean up the journald logger with these four changes. 1. Make field array static 2. Make function name more appropriate 3. Initialize the file descriptors only once 4. Avoid copying the journald cursor Point 4 is the most significant change: instead of treating the journald cursor like a Go string we use it as a raw C.char pointer. That way we avoid the copying by the C.CString and C.GoString functions. Signed-off-by: Silvan Jegen <s.jegen@gmail.com> Upstream-commit: d359daaa487e68d187cc30c9da8fc08a158c7f79 Component: engine	2016-11-08 19:09:59 +01:00
Sebastiaan van Stijn	e5fe6e7966	Merge pull request #27466 from mrjana/net ... Retry AttachNetwork when it fails to find network Upstream-commit: 9a61bd05f8c86be2a7f03d57f29991abaae20e5a Component: engine	2016-11-08 18:25:45 +01:00
John Howard	e349632310	Adds minimum API version to version ... Signed-off-by: John Howard <jhoward@microsoft.com> Upstream-commit: d29995bb8481a18fd00b10fe49f2960ee8136619 Component: engine	2016-11-07 21:20:00 -08:00
Daniel Nephin	95849eb6df	Merge pull request #28076 from yongtang/25644-docker-service-tty ... Add `--tty` to `docker service create/update` Upstream-commit: 69efb4652c1f619f64148fd21971ff18ac575899 Component: engine	2016-11-07 22:15:27 -05:00
Tibor Vass	f364a8ccb7	Merge pull request #28056 from LK4D4/solaris_me ... Add functional support for Docker sub commands on Solaris Upstream-commit: 109c26bd7482280946e356b33f17f4d82112dff3 Component: engine	2016-11-07 16:46:18 -08:00
Yong Tang	2a49113fdc	Add --tty to docker service create/update ... This fix tries to add `--tty` to `docker service create/update`. As was specified in 25644, `TTY` flag has been added to SwarmKit and is already vendored. This fix add `--tty` to `docker service create/update`. Related document has been updated. Additional integration tests has been added. This fix fixes 25644. Signed-off-by: Yong Tang <yong.tang.github@outlook.com> Upstream-commit: 599be5a551bbadf23d76677c7d54c338901781f6 Component: engine	2016-11-07 16:42:32 -08:00
Tõnis Tiigi	395aa9be88	Merge pull request #27615 from darrenstahlmsft/ExecCloseAsync ... Asynchronously close streams to prevent holding container lock Upstream-commit: 67b0311c8c77eb8001572148b53410efbaefbdbd Component: engine	2016-11-07 16:16:21 -08:00
Amit Krishnan	6fb90ed484	Add functional support for Docker sub commands on Solaris ... Signed-off-by: Amit Krishnan <krish.amit@gmail.com> Signed-off-by: Alexander Morozov <lk4d4@docker.com> Upstream-commit: 934328d8ea650bf8a9c3c719999ce2a1f5dd5df6 Component: engine	2016-11-07 09:06:34 -08:00
Yong Tang	77f8e3ea0c	Fix /proc/<pid>/oom_score_adj: invalid argument error caused by empty env name ... This fix is part of the fix for issue 25099. In 25099, if an env has a empty name, then `docker run` will throw out an error: ``` ubuntu@ubuntu:~/docker$ docker run -e =A busybox true docker: Error response from daemon: invalid header field value "oci runtime error: container_linux.go:247: starting container process caused \"process_linux.go:295: setting oom score for ready process caused \\\"write /proc/83582/oom_score_adj: invalid argument\\\"\"\n". ``` This fix validates the Env in the container spec before it is sent to containerd/runc. Integration tests have been created to cover the changes. This fix is part of fix for 25099 (not complete yet, non-utf case may require a fix in `runc`). This fix is related to 25300. Signed-off-by: Yong Tang <yong.tang.github@outlook.com> Upstream-commit: 818d55c34bed99b108e6102ef6aa6ef181567ce3 Component: engine	2016-11-07 08:15:26 -08:00
Dong Chen	393d61cc88	dynamic service binding. ... Signed-off-by: Dong Chen <dongluo.chen@docker.com> Upstream-commit: ca81f6ee7c74a3bf27dc9b044742961f4ef78094 Component: engine	2016-11-04 21:50:56 -07:00