Pipes are still not closed (and goroutines leaked) if neither pipe is
used.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e3ba3dd5b828307c3970d0036b019eca405e4a2c
Component: engine
Previously the cache was only updated once on startup, because the graph
code only check for filesystems on startup. However this breaks the API as it
was supposed and so unit tests.
Fixes#13142
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
Upstream-commit: 2cb23527e4f3f74a9fb98ddc7c0c11c50c3f07d2
Component: engine
Add handler for SIGUSR1 based on feedback regarding when to dump
goroutine stacks. This will also dump goroutine stack traces on SIGQUIT
followed by a hard-exit from the daemon.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 95fcf76cc64a4acf95c168e8d8607e3acf405c13
Component: engine
Added --since argument to `docker logs` command. Accept unix
timestamps and shows logs only created after the specified date.
Default value is 0 and passing default value or not specifying
the value in the request causes parameter to be ignored (behavior
prior to this change).
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: cb9a6b9aed1577bb5590300125d05d9b1c201c16
Component: engine
If firewalld is not installed (or I suppose not running), firewalld was
producing an error in the daemon init logs, even though firewalld is not
required for iptables stuff to function.
The firewalld library code was also logging directly to logrus instead
of returning errors.
Moved logging code higher up in the stack and changed firewalld code to
return errors where appropriate.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 38b5c7266a14c34624bba532cb74d8b2ae46c726
Component: engine
Generation based on CAP_LAST_CAP, I hardcoded
capability.CAP_BLOCK_SUSPEND as last for systems which has no
/proc/sys/kernel/cap_last_cap
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: a559c1145af3162cd683866fd6f998ff5f57058f
Component: engine
The docker graph call driver.Exists() on initialisation for each filesystem in
the graph. This results will results in a lot `zfs get all` commands. To reduce
this, retrieve all descend filesystem at startup and cache it for later checks
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
Upstream-commit: bad25ccf978b56da6fa181439504ab33906524cd
Component: engine
instead of let zfs automaticly mount datasets, mount them on demand using mount(2).
This speed up this graph driver in 2 ways:
- less zfs processes needed to start a container
- /proc/mounts get smaller, so zfs userspace tools has less to read (which can
a significant amount of data as the number of layer grows)
This ways it can be also ensured that the correct mountpoint is always used.
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
Upstream-commit: 11e9167a6b45fdc134ee43e89abefd34a85cf624
Component: engine
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Add tests for mounting into /proc and /sys
These two locations should be prohibited from mounting volumes into
those destinations.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: f25bbedc85e8a99c1389dbe8f48436907ce24526
Component: engine
These files in /proc should not be able to be read as well
as written to.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: a7a51306b1459a67da3a9cbbe8c9f80d3950c084
Component: engine
