Container state counts are used for reporting in the `/info` endpoint.
Currently when `/info` is called, each container is iterated over and
the containers 'StateString()' is called. This is not very efficient
with lots of containers, and is also racey since `StateString()` is not
using a mutex and the mutex is not otherwise locked.
We could just lock the container mutex, but this is proven to be
problematic since there are frequent deadlock scenarios and we should
always have the `/info` endpoint available since this endpoint is used
to get general information about the docker host.
Really, these metrics on `/info` should be deprecated. But until then,
we can just keep a running tally in memory for each of the reported
states.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e4c03623c2fcd3013343d246e3432409850c8c37
Component: engine
Remove unused arguments to commit.
This will allow us to remove all the runConfig mutate+revert code that
is scattered around builder dispatchers/internals
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 0d9e66b98ac9237b561d9beee5ecfe6a133ffc8f
Component: engine
When there is an error unmounting a local volume, it is still possible
to call `Remove()` on the volume causing removal of the mounted
resources which is generally not desirable.
This ensures that resources are unmounted before attempting removal.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: db3576f8a08ca70287bd3fdf9b21e162537f9d3a
Component: engine
Don't error if no group is specified, as this was the prior API. Also
don't return a docker specific error message as this is in `/pkg` and
used by other projects. Just set the default group for the current
user/group consuming the package.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 169c013911c9465f0e62a37f467d1afa54a0dbe7
Component: engine
This fixes issues where the underlying filesystem may be disconnected and
attempting to unmount may cause a hang.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: acbfe6bc56b9357d40a452f6b3901cb2c2d40404
Component: engine
This new flag will allow the configuration of an interface that
can be used for data path traffic to be isolated from control
plane traffic. This flag is simply percolated down to libnetwork
and will be used by all the global scope drivers (today overlay)
Negative test added for invalid flag arguments
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
Upstream-commit: 8dc8cd4719f165c01c98e7d3ce1d6cea6a8f60b8
Component: engine
Until and unless user has specified a propagation property for volume, they
should default to "rprivate" and it should be passed to runc.
We can't make it conditional on HasPropagation(). GetPropagation() returns
default of rprivate if noting was passed in by user.
If we don't pass "rprivate" to runc, then bind mount could be shared even
if user did not ask for it. For example, mount two volumes in a container.
One is "shared" while other's propagation is not specified by caller. If
both volume has same source mount point of "shared", then second volume
will also be shared inside container (instead of being private).
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Upstream-commit: af8a1430f1c1a9d4c45c7d722b90c19094171651
Component: engine
Also, chained/quoted shell does not work
Signed-off-by: Julien Maitrehenry <julien.maitrehenry@me.com>
Upstream-commit: 3f6e861c14bf13bb5b43aacb9edfbb027d6b6903
Component: engine
swarmkit's API type. Make sure this parameter gets propagated to
swarmkit, and also add an extra option to the CLI when providing
external CAs to parse the CA cert from a file.
Signed-off-by: Ying Li <ying.li@docker.com>
Upstream-commit: b0401a71f7479a52b2670346e0d1e97cb68089a4
Component: engine
