- When the node leaves the cluster, if any user run
container(s) is connected to the swarm network,
then daemon needs to detach the container(s) and
remove the network.
Signed-off-by: Alessandro Boch <aboch@docker.com>
Upstream-commit: 3cedca5d532958ffc007d9b62cc871d3d113f054
Component: engine
This is necessary for swarmkit to support cluster wide plugins, such as
globally scoped network plugins.
Signed-off-by: Anusha Ragunathan <anusha.ragunathan@docker.com>
Upstream-commit: fa784951ba0a29d436c60b7465167b5ef188d084
Component: engine
Call daemon.Mount will increase the refcount of mounted path,
for those previous running containers, `Mount` call will make
the refcount to 2. see
https://github.com/docker/docker/blob/v1.13.0-rc4/daemon/graphdriver/counter.go#L38
```
if !m.check {
m.check = true
if c.checker.IsMounted(path) {
m.count++
}
}
m.count++
```
graphdrive could restore on reboot after #22541, call
daemon.Mount to resore the graphdriver is not necessary.
And call `daemon.Mount` on restorting will mount all the containers
mounted layer even if it was stop.
This fix call Mount and then Unmount to get `BaseFs`
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: 77c725eac2820b3d5b4252f5c25bbf305657d72a
Component: engine
Signed-off-by: Ke Li <kel@splunk.com>
Add missing changes
Signed-off-by: Ke Li <kel@splunk.com>
User errors.New to create error
Signed-off-by: Ke Li <kel@splunk.com>
Upstream-commit: 514adcf4580effa4820be8d5e6d2c0ea9825ceb2
Component: engine
Move plugins to shared distribution stack with images.
Create immutable plugin config that matches schema2 requirements.
Ensure data being pushed is same as pulled/created.
Store distribution artifacts in a blobstore.
Run init layer setup for every plugin start.
Fix breakouts from unsafe file accesses.
Add support for `docker plugin install --alias`
Uses normalized references for default names to avoid collisions when using default hosts/tags.
Some refactoring of the plugin manager to support the change, like removing the singleton manager and adding manager config struct.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: 3d86b0c79b16334ce5836c0315e4c310b84c2e17
Component: engine
Also updates some of the structures being sent so plugins are getting
all the new options.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 677fa03654886ee776ff478c30681d5376cfc196
Component: engine
Ensures all known volumes (known b/c they are persisted to disk) have
their volume drivers refcounted properly.
In testing this, I found an issue with `--live-restore` (required since
currently the provided volume plugin doesn't keep state on restart)
where restorted plugins did not have a plugin client loaded causing a
panic when trying to use the plugin.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 6ef1060cd0acb847e06db890abb335faa837a9e2
Component: engine
This fix is a follow up to #29365. In #29365 a bug was fixed for
`docker exec -u user` after live restore by remounting.
However, #29365 will prevent containers from restored if mount failed.
In this fix, containers will be restored even if mount in that step failed.
Some functionalities might be missing (like `docker exec -u user`) but
at least it is possible to do certain operations like stop/restart/delete.
This fix is related to #29365.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 3003ae1d8bd112e78bcc8c1c70efd9d3ef6f0ddc
Component: engine
This fix tries to address the issue raised in 29342 where
`docker exec -u` after docker daemon restart returns an error:
```
unable to find user test: no matching entries in passwd file
```
The reason was that `container.BaseFS` is not present after restart.
This fix adds the `daemon.Mount` during the restore to bring up the
`container.BaseFS`.
An integration test has been added to cover the changes.
This fix fixes 29342.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 7feb2a17e4b9d1a5305a8a44004e916b79cbdd97
Component: engine
In certain cases (unattended upgrades), system services can disable
loaded AppArmor profiles. However, since /etc being read-only is a
supported setup we cannot just write a copy of the profile to
/etc/apparmor.d.
Instead, dynamically load the docker-default AppArmor profile if a
container is started with that profile set. This code will short-cut if
the profile is already loaded.
Fixes: 2f7596aaef3a ("apparmor: do not save profile to /etc/apparmor.d")
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: 567ef8e7858ca4f282f598ba1f5a951cbad39e83
Component: engine
This ensures that graphdriver plugins can properly cleanup on daemon
exit.
Also prevents errors during shutdown when it tries to send the plugin a
`Cleanup()` request but ultimately times out since it's already been
shutdown.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 4b400ecc4df4bcf245f1f751a7fd0c9c193d9dbf
Component: engine
Currently the plugin initialization is too late for a loaded v2 plugin
to be usable as a graph driver.
This moves the initialization up before we create the graph driver.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 020b051dfb92edcb1e43cee77c881dd3e15481c0
Component: engine
Dump stack dumps to exec root instead of daemon root.
When no path is provided to the stack dumper, such is the case with
SIGQUIT, dump to stderr.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 0bd720b28dc7b416fe2193bdafaca011ec24d032
Component: engine
This fix tries to fix logrus formatting by removing `f` from
`logrus.[Error|Warn|Debug|Fatal|Panic|Info]f` when formatting string
is not present.
Fixed issue #23459
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: fa710e504b0e3e51d4031790c18621b02dcd2600
Component: engine
This adds a metrics packages that creates additional metrics. Add the
metrics endpoint to the docker api server under `/metrics`.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Add metrics to daemon package
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
api: use standard way for metrics route
Also add "type" query parameter
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Convert timers to ms
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 3343d234f3b131d4be1d4ca84385e184633a79bd
Component: engine
This fix tries to add a daemon config parameter `--shutdown-timeout`
that specifies the timeout value to stop containers gracefully
(before SIGKILL). The default value is 15s.
The `--shutdown-timeout` parameter is added to daemon options and
config file. It will also be updated during daemon reload.
Additional test cases have been added to cover the change.
This fix fixes#22471.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: d7be6b2debb653739a32cfcb7c333ca062f62be0
Component: engine
