| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
docs: update API for features added in 1.11
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Docker 1.11 added a feature to set labels on volumes,
networks and images (during build), but these changes
were not documented in the API documentation.
This adds the new features to the documentation.
Also fixes some minor formatting, and options that
were not used in the examples.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
|\ \
| | |
| | | |
Clarify container external connectivity in multi-network scenario
|
| | |
| | |
| | |
| | | |
Signed-off-by: Alessandro Boch <aboch@docker.com>
|
|\ \ \
| | | |
| | | | |
doc: fix typo
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: yorkie <yorkiefixer@gmail.com>
|
|\ \ \
| | | |
| | | | |
cherry-pick "runc install path changed from /usr/local/bin to /usr/local/sbin"
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 3d85e51ef4284f572cb658cfe69edc92ac3a53bb)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
|\ \ \ \
| |/ / /
|/| | | |
Vendoring libnetwork v0.8.0-dev.1
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
- Fixes docker/docker#16964
- Added maximum egress bandwidth qos for Windows
Signed-off-by: Madhu Venugopal <madhu@docker.com>
|
|\ \ \
| | | |
| | | | |
docs: remove unused "registry" parameter
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The "registry" query-param was in added 10c0e990371e065d4fc1c9b680f03a46e5bacc5e,
and removed in docker 0.5.0 via 66a9d06d9fa7a382c6852cf047e1448e0d3e1782.
Aparently, it was never removed from the documentation,
and included in all versions of the API docs.
This removes it from the documentation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
|\ \ \
| | | |
| | | | |
Unit tests for builder/dockerfile/support
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tomasz Kopczynski <tomek@kopczynski.net.pl>
|
|\ \ \ \
| |_|/ /
|/| | | |
Do not remove containers from stats list on err
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Before this patch, containers are silently removed from the stats list
on error. This patch instead will display `--` for all fields for the
container that had the error, allowing it to recover from errors.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix incorrect docs in remote API for the option of `SecurityOpt`
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fix tries to fix the issue in remote API docs for v1.15 (Docker 1.3.x)
and v1.16 (Docker 1.4.x) where `SecurityOpts` was used but the actual field
should be `SecurityOpt`.
This `SecurityOpt` field is verified through the source code in
v1.3.0 and v1.4.0:
https://github.com/docker/docker/blob/v1.3.0/runconfig/config.go#L35
https://github.com/docker/docker/blob/v1.4.0/runconfig/hostconfig.go#L98
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Get events until a time in the past.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This change allow to filter events that happened in the past
without waiting for future events. Example:
docker events --since -1h --until -30m
Signed-off-by: David Calavera <david.calavera@gmail.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
fix typos in changelog
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | | |
Signed-off-by: allencloud <allen.sun@daocloud.io>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Produce fatal error when running on kernel < 3.10.0
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Running on kernel versions older than 3.10 has not been
supported for a while (as it's known to be unstable).
With the containerd integration, this has become more
apparent, because kernels < 3.4 don't support PR_SET_CHILD_SUBREAPER,
which is required for containerd-shim to run.
Change the previous "warning" to a "fatal" error, so
that we refuse to start.
There's still an escape-hatch for users by setting
"DOCKER_NOWARN_KERNEL_VERSION=1" so that they can
run "at their own risk".
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fix flaky test TestRunExitOnStdinClose
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This test was flaky on ppc64le, where the average time to close was
around 1 second. This bumps that timeout to 60 seconds which should be
plently.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Mount volumes rprivate for archival and other use cases
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
People have reported following problem.
- docker run -ti --name=foo -v /dev/:/dev/ fedora bash
- docker cp foo:/bin/bash /tmp
Once the cp operation is complete, it unmounted /dev/pts on the host. /dev/pts
is a submount of /dev/. This is completely unexpected. Following is the
reson for this behavior.
containerArchivePath() call mountVolumes() which goes through all the mounts
points of a container and mounts them in daemon mount namespace in
/var/lib/docker/devicemapper/mnt/<containerid>/rootfs dir. And once we have
extracted the data required, these are unmounted using UnmountVolumes().
Mounts are done using recursive bind (rbind). And these are unmounted using
lazy mount option on top level mount. (detachMounted()). That means if there
are submounts under top level mounts, these mount events will propagate and
they were "shared" mounts with host, it will unmount the submount on host
as well.
For example, try following.
- Prepare a parent and child mount point.
$ mkdir /root/foo
$ mount --bind /root/foo /root/foo
$ mount --make-rshared /root/foo
- Prepare a child mount
$ mkdir /root/foo/foo1
$ mount --bind /root/foo/foo1 /root/foo/foo1
- Bind mount foo at bar
$ mkdir /root/bar
$ mount --rbind /root/foo /root/bar
- Now lazy unmount /root/bar and it will unmount /root/foo/foo1 as well.
$ umount -l /root/bar
This is not unintended. We just wanted to unmount /root/bar and anything
underneath but did not have intentions of unmounting anything on source.
So far this was not a problem as docker daemon was running in a seprate
mount namespace where all propagation was "slave". That means any unmounts
in docker daemon namespace did not propagate to host namespace.
But now we are running docker daemon in host namespace so that it is possible
to mount some volumes "shared" with container. So that if container mounts
something it propagates to host namespace as well.
Given mountVolumes() seems to be doing only temporary mounts to read some
data, there does not seem to be a need to mount these shared/slave. Just
mount these private so that on unmount, nothing propagates and does not
have unintended consequences.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Allow volume drivers to provide a `Status` field
|
| | |/ / / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The `Status` field is a `map[string]interface{}` which allows the driver to pass
back low-level details about the underlying volume.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Builder/tarsum unit tests
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Tomasz Kopczynski <tomek@kopczynski.net.pl>
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
Fix build cache false positives when build context tar contains unnormalized paths
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
paths
If a build context tar has path names of the form 'x/./y', they will be
stored in this unnormalized form internally by tarsum. When the builder
walks the untarred directory tree and queries hashes for each relative
path, it will query paths of the form 'x/y', and they will not be found.
To correct this, have tarsum normalize path names by calling Clean.
Add a test to detect this caching false positive.
Fixes #21715
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
|
|\ \ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / / /
|/| | | | | | | | | |
Remove template code for runc and containerd
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
|
|\ \ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / / /
|/| | | | | | | | | |
Fix security documentation, XSS -> CSRF
|
|/ / / / / / / / /
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
|
|\ \ \ \ \ \ \ \ \
| |/ / / / / / / /
|/| | | | | | | | |
Add CPU count and maximum resource controls for Windows
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Darren Stahl <darst@microsoft.com>
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
Show "seccomp" in docker info (#20909).
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This pull request added a `SecurityOptions` field in the `GET /info`
output to show if there is `apparmor`, `seccomp`, or `selinux` suport.
The API changes are updated in the documentation and the update in
`GET /info` is covered by the test case in `TestInfoApi`.
This pull request fixes #20909.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
cpuguy83/add_beter_logging_for_TestDaemonNoSpaceleftOnDeviceError
More logs for `TestDaemonNoSpaceleftOnDeviceError`
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
Add example to apparmor docs
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Signed-off-by: Jess Frazelle <jess@mesosphere.com>
|
|\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Bump version to v1.12.0-dev
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|/ / / / /
|/| | | | | | | | | | | | |
Clean up unused code
|
| | |_|_|_|_|_|_|_|/ / /
| |/| | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Signed-off-by: Akihiro Suda <suda.kyoto@gmail.com>
|