To accomodate for increase in leader election from 3 seconds to 10
seconds. This will give more cycles to find another leader.
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
(cherry picked from commit f040bf8e51cd76082729340342c7123cdc53d5b8)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Signed-off-by: David Chung <david.chung@docker.com>
(cherry picked from commit 275a1ca7c8ec1d556c37bb50ac574beffbb16e5a)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Changes included:
- Ingress network should not be attachable
- [manager/state] Add fernet as an option for raft encryption
- Log GRPC server errors
- Log leadership changes at manager level
- [state/raft] Increase raft ElectionTick to 10xHeartbeatTick
- Remove the containerd executor
- agent: backoff session when no remotes are available
- [ca/manager] Remove root CA key encryption support entirely
- Fix agent logging race (fixes https://github.com/docker/swarmkit/issues/2576)
- Adding logic to restore networks in order
Also adds github.com/fernet/fernet-go as a new dependency
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 27749659d5a30999691e401a351221780a483099)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
This was added as part of a53930a04fa81b082aa78e66b342ff19cc63cc5f with
the intent to sort the mounts in the plugin config, but this was sorting
*all* the mounts from the default OCI spec which is problematic.
In reality we don't need to sort this because we are only adding a
self-binded mount to flag it as rshared.
We may want to look at sorting the plugin mounts before they are added
to the OCI spec in the future, but for now I think the existing behavior
is fine since the plugin author has control of the order (except for the
propagated mount).
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit ec90839ca302ca53a7d55e4c7f79e7b4779f5e15)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit 554d657c1f7a0f4dce51f0d26407fb05a0580fa1)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit f81172b9031160218e51fb2a7dbeee19962a60a9)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Using `dpkg --print-architecture` instead of the `uname -m` to abstract
the architecture value from the container images, which the build process
is running inside, to match exactly the behavior specified by the following
Docker file while not 'passthru' to the host.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Upstream-commit: 803a756941f5e4b68429a3642d52585c8ea6dbaa
Component: engine
Since the recent release of CRIU has already supported other
arches such as AArch64, ppc64le, and s390x, so we can enable
it now.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Upstream-commit: 7fd54a7a48f9f1bb2b28144e38c886d1fe813a04
Component: engine
Use unique names for test resources of container/inspect, container/ps, container/stop tests
Upstream-commit: 57c504799d979caa706142e6f5dc4be4a5b1e3e2
Component: engine
If container will run as non root user, drop permitted, effective caps early
Upstream-commit: b67c1e078c7eeb20199dce301e95fa8999c98109
Component: engine
TestServiceWithPredefinedNetwork test case was failing
at times. To fix the issue, added new API to check
for services after we clean up all services. Tested
multiple times and this sould fix flaky issue.
Signed-off-by: selansen <elango.siva@docker.com>
Upstream-commit: dabffd806c98ab13dbc25e57bee21c5291b9a50c
Component: engine
This moves some of the code that was conditionally
executed on Windows to a separate, windows-only file.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: cd3e84c6b38e74d03ab31db804bc9b49dcab8243
Component: engine
As soon as the initial executable in the container is executed as a non root user,
permitted and effective capabilities are dropped. Drop them earlier than this, so
that they are dropped before executing the file. The main effect of this is that
if `CAP_DAC_OVERRIDE` is set (the default) the user will not be able to execute
files they do not have permission to execute, which previously they could.
The old behaviour was somewhat surprising and the new one is definitely correct,
but it is not in any meaningful way exploitable, and I do not think it is
necessary to backport this fix. It is unlikely to have any negative effects as
almost all executables have world execute permission anyway.
Use the bounding set not the effective set as the canonical set of capabilities, as
effective will now vary.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 15ff09395c001bcb0f284461abbc404a1d8bab4d
Component: engine
