Currently, names are maintained by a separate system called "registrar".
This means there is no way to atomically snapshot the state of
containers and the names associated with them.
We can add this atomicity and simplify the code by storing name
associations in the memdb. This removes the need for pkg/registrar, and
makes snapshots a lot less expensive because they no longer need to copy
all the names. This change also avoids some problematic behavior from
pkg/registrar where it returns slices which may be modified later on.
Note that while this change makes the *snapshotting* atomic, it doesn't
yet do anything to make sure containers are named at the same time that
they are added to the database. We can do that by adding a transactional
interface, either as a followup, or as part of this PR.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 1128fc1add66a849c12d2045aed39605e673abc6
Component: engine
State will be saved on the following operation once the container is
properly registered on the daemon.
Signed-off-by: Fabio Kung <fabio.kung@gmail.com>
Upstream-commit: 03aa24721c88e508f208c1ff72d8cd1af7e6a0f8
Component: engine
Use quoted form of container name and container id to improve copy-paste avoiding the extra `.` that slips into the clipboard
Signed-off-by: Jorge Marin <chipironcin@users.noreply.github.com>
Upstream-commit: 2bee1cfd5a1af63d370a72d4558bb96f27762437
Component: engine
This fix tries to address the issue raised in 28769 where
checkpoint name was not checked before passing to containerd.
As a result, it was possible to use a special checkpoint name
to get outside of the container's directory.
This fix add restriction `[a-zA-Z0-9][a-zA-Z0-9_.-]+` (`RestrictedNamePattern`).
This is the same as container name restriction.
This fix fixes 28769.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: c90ec0517544e7d054d79f71f4d24d9ebbad7408
Component: engine
