Use octal values for file mode in filenotify poller and sysinfo_linux tests
Upstream-commit: 91e0141784ab5570fd7f94ad4af399d23c827391
Component: engine
Docker use default GRPC backoff strategy to reconnect to containerd when
connection is lost. and the delay time grows exponentially, until reaches 120s.
So Change the max delay time to 2s to avoid docker and containerd
connection failure.
Signed-off-by: Wentao Zhang <zhangwentao234@huawei.com>
Upstream-commit: d3d8c77d195ce74f36ae6eee24578b9cac48f897
Component: engine
This commit is an extension of fix for 29325 based on the review comment.
In this commit, the quota size for btrfs is kept in `/var/lib/docker/btrfs/quotas`
so that a daemon restart keeps quota.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 16328cc207a493ecff0cabc11ebf51e958131418
Component: engine
This fix tries to address the issue raised in 29325 where
btrfs quota groups are not clean up even after containers
have been destroyed.
The reason for the issue is that btrfs quota groups have
to be explicitly destroyed. This fix fixes this issue.
This fix is tested manually in Ubuntu 16.04,
with steps specified in 29325.
This fix fixes 29325.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: e907c6418a2ae7754f69fede5897a7176250e8bd
Component: engine
- Moving the `common*.go` files in `cmd/dockerd` directly (it's the
only place it's getting used)
- Rename `cli/flags` to `cli/config` because it's the only thing left
in that package 👼
Now, `integration-cli` does *truly* not depend on `cobra` stuff.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 9ff9a91ab7f964f4e5042f94fe22dd50b5c3d832
Component: engine
Treat return code -1 as error instead.
People from glibc say that errno is undefined in case of successful
sysconf call according to POSIX standard:
Glibc bug: https://sourceware.org/bugzilla/show_bug.cgi?id=21536
More over in sysconf man it is wrongly said that "errno is not changed"
on success. So I've created a bug to man-pages:
https://bugzilla.kernel.org/show_bug.cgi?id=195955
Background: Glibc's sysconf(_SC_NPROCESSORS_ONLN) changes errno to
ENOENT, if there is no /sys/devices/system/cpu/online file, while
the call itself is successful. In Virtuozzo containers we prohibit
most of sysfs files for security reasons. So we have Run():daemon
/stats/collector.go infinitely loop never actualy collecting stats
from publisher pairs.
v2: add comment
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Upstream-commit: dec084962eab41eb20b1808955de34cfec4fc8b3
Component: engine
Issue Description:
* 1. Saving more than one images, `docker save -o a.tar aaa bbb`
* 2. Delete the last image which in saving progress. `docker rmi bbb`
Espected:
Saving images operation shouldn't be disturbed. But the real result is that failed to
save image and get an error as below:
`Error response from daemon: open
/var/lib/docker/image/devicemapper/imagedb/content/sha256/7c24e4d533a76e801662ad1b7e6e06bc1204f80110b5623e96ba2877c51479a1:
no such file or directory`
Analysis:
1. While saving more than one images, it will get all the image info from reference/imagestore,
and then using the `cached data` to save the images to a tar file.
2. But this process doesn't have a resource lock, if a deletion operation comes, the image will be deleted,
so saving operation will fail.
Solution:
When begin to save an image, `Get` all the layers first. then the
deletion operation won't delete the layers.
Signed-off-by: Wentao Zhang <zhangwentao234@huawei.com>
Upstream-commit: 4a014e6b0d7e2d310ee1ba442128a6802559a63a
Component: engine
Fixes#33415Fixes#33346
Implemented few additional IPVS APIs to be used by other projects
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 0484bdb6ca0ddd0bebc490e335a7f788cdc30f13
Component: engine
`ConnectToNetwork` is modfying the container but is not locking the
object.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 4d0888e32bccfd8c0f27a7b66b2a5607d42e2698
Component: engine
Generate a token for each download process to avoid token expired.
Closes: #33441
Signed-off-by: vanderliang <lansheng@meili-inc.com>
Upstream-commit: cb502cd4e894a78e723902a4d2f23174b69430ce
Component: engine
If a container mount the socket the daemon is listening on into
container while the daemon is being shutdown, the socket will
not exist on the host, then daemon will assume it's a directory
and create it on the host, this will cause the daemon can't start
next time.
fix issue https://github.com/moby/moby/issues/30348
To reproduce this issue, you can add following code
```
--- a/daemon/oci_linux.go
+++ b/daemon/oci_linux.go
@@ -8,6 +8,7 @@ import (
"sort"
"strconv"
"strings"
+ "time"
"github.com/Sirupsen/logrus"
"github.com/docker/docker/container"
@@ -666,7 +667,8 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
if err := daemon.setupIpcDirs(c); err != nil {
return nil, err
}
-
+ fmt.Printf("===please stop the daemon===\n")
+ time.Sleep(time.Second * 2)
ms, err := daemon.setupMounts(c)
if err != nil {
return nil, err
```
step1 run a container which has `--restart always` and `-v /var/run/docker.sock:/sock`
```
$ docker run -ti --restart always -v /var/run/docker.sock:/sock busybox
/ #
```
step2 exit the the container
```
/ # exit
```
and kill the daemon when you see
```
===please stop the daemon===
```
in the daemon log
The daemon can't restart again and fail with `can't create unix socket /var/run/docker.sock: is a directory`.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: 7318eba5b2f8bb4b867ca943c3229260ca98a3bc
Component: engine
