Commit Graph

763 Commits

Author SHA1 Message Date
Aleksa Sarai 50b68c9b4f user: *: refactor and expand libcontainer/user API
This patch refactors most of GetUserGroupSupplementaryHome and its
signature, to make using it much simpler. The private parsing ftunctions
have also been exposed (parsePasswdFile, parseGroupFile) to allow custom
data source to be used (increasing the versatility of the user/ tools).

In addition, file path wrappers around the formerly private API
functions have been added to make usage of the API for callers easier if
the files that are being parsed are on the filesystem (while the
io.Reader APIs are exposed for non-traditional usecases).

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
2014-11-07 11:07:21 +11:00
Mrunal Patel e4563c9bd3 Merge pull request #250 from zhgwenming/master
Make AddRoute() works with a provided source ip address.
2014-11-06 10:06:19 -08:00
Albert Zhang 58b336a059 Test update for routing Source Address Selection
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
2014-11-06 15:58:07 +08:00
Michael Crosby fd6df76562 Merge pull request #62 from phemmer/docker/4442-hairpin-nat
enable hairpin mode on virtual interface bridge port
2014-11-05 17:08:35 -08:00
Mrunal Patel 20e4502777 Merge pull request #252 from crosbymichael/syncpipe
Remove syncpipe pkg
2014-11-05 16:22:23 -08:00
Michael Crosby 2be676643e Remove syncpipe pkg
This removes the entire syncpipe package and replaces it with standard
operations on the pipes.  The syncpipe type just never felt right and
probably should not have been there.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-11-06 00:08:10 +00:00
Michael Crosby 7c165b83b9 Merge pull request #254 from LK4D4/vet_fixes
Fix vet errors
2014-11-05 15:46:21 -08:00
Alexandr Morozov 7da5ab8130 Fix vet errors
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-11-05 15:38:58 -08:00
Michael Crosby ee6f15aabc Merge pull request #255 from crosbymichael/add-drone
Add drone.yml file
2014-11-05 14:47:20 -08:00
Michael Crosby 75442b3ad2 Remove travis.yml
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-11-05 22:36:10 +00:00
Michael Crosby 43fb7ac975 Merge pull request #3 from tianon/drone
Fix GOPATH after Drone mucks with it
2014-11-05 14:31:11 -08:00
Tianon Gravi eb0bc72222 Fix GOPATH after Drone mucks with it
Signed-off-by: Andrew Page <admwiggin@gmail.com>
2014-11-05 15:29:55 -07:00
Michael Crosby 1485c08fa8 Add drone.yml file
Update Drone commands to match the bits of the Travis config we need

Signed-off-by: Andrew Page <admwiggin@gmail.com>
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-11-05 22:29:41 +00:00
Albert Zhang 4291a5443d Sample configuration for ip routing Source Address Selection
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
2014-11-05 14:35:41 +08:00
Patrick Hemmer 2d4a713602 enable hairpin mode on virtual interface bridge port
This is to support being able to DNAT/MASQ traffic from a container back into itself (dotcloud/docker#4442)

Docker-DCO-1.1-Signed-off-by: Patrick Hemmer <patrick.hemmer@gmail.com> (github: phemmer)
2014-11-03 23:11:37 -05:00
Mrunal Patel ddb4f8a12f Merge pull request #251 from unclejack/fix_go1.4_syscalls
use system.Set{u,g}id to fix Set{u,g}id on Go 1.4
2014-11-03 12:39:49 -08:00
unclejack 59584e5ba1 use system.Set{u,g}id to fix Set{u,g}id on Go 1.4
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
2014-11-03 21:50:36 +02:00
Albert Zhang 7caee2a772 Use RTA_PREFSRC instead of RTA_SRC to make AddRoute() works with a provided source ip address.
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
2014-11-01 19:47:09 +08:00
Mrunal Patel d3eb885553 Merge pull request #247 from rhatdan/selinux
Add new interfaces for label/selinux
2014-10-29 13:48:49 -07:00
Dan Walsh 50922caec2 Add new interfaces for label/selinux
We need the ability when using --ipc container:ID to match the SELinux label of the
container that the new container is sharing a label with.

Also add the ability to get the option to disable SELinux labeling for a container.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
2014-10-29 16:39:14 -04:00
Victor Marmol e481f88267 Merge pull request #246 from rhatdan/mqueue
Mount /dev/mqueue by default
2014-10-28 16:53:29 -07:00
Dan Walsh 4c53074e23 Mount /dev/mqueue by default
Need this for supporting Posix Message Queues

man mq_overview

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
2014-10-28 19:35:35 -04:00
Michael Crosby f60d7b9195 Merge pull request #245 from crosbymichael/share-ipc
Allow IPC namespace to be shared between containers or with the host
2014-10-28 15:17:07 -07:00
Michael Crosby ad9b433e6c Add test for ipc private and shared path
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-10-28 22:13:05 +00:00
Michael Crosby 85f3df2539 Add test for IPC host sharing
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-10-28 22:00:28 +00:00
Michael Crosby efd5f0a7e1 Merge branch 'unreserve' of https://github.com/rhatdan/libcontainer into rhatdan-unreserve 2014-10-28 21:44:55 +00:00
Michael Crosby fe3801ccd2 Merge pull request #244 from vmarmol/net-stats
Only fetch network stats we use.
2014-10-27 21:12:11 -07:00
Michael Crosby c9d5aaa5d5 Merge pull request #243 from ashahab-altiscale/242-additional-blkio-stats
ADDITIONAL CGROUPS BLKIO STATS
2014-10-27 17:18:00 -07:00
Victor Marmol 26bda36e5d Only fetch network stats we use.
The dynamic version using WalkPath() was expensive and we only used some
of the stats anyways.

Signed-off-by: Victor Marmol <vmarmol@google.com>
2014-10-27 17:09:36 -07:00
Mrunal Patel cda71a5a61 Merge pull request #238 from lucafavatella/contributing
Fix link re contributing in README
2014-10-26 13:34:44 -07:00
Luca Favatella 9c659a36a5 Fix link re contributing in README following renaming in 9b10e7f 2014-10-25 13:19:21 +01:00
Dan Walsh b6a9bdb38f Allow IPC namespace to be shared between containers or with the host
Some workloads rely on IPC for communications with other processes.  We
would like to split workloads between two container but still allow them
to communicate though shared IPC.

This patch allows us to mimic the --net code to allow --ipc=host to not split off
the IPC Namespace.  ipc=container:CONTAINERID to share ipc between containers

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
2014-10-25 06:16:20 -04:00
Michael Crosby 60471bdc7d Merge pull request #236 from harshavardhana/undefined
ErrNotSupportedPlatform is undefined define it
2014-10-24 11:40:36 -07:00
Harshavardhana 768ae3990c ErrNotSupportedPlatform is undefined define it
Signed-off-by: Harshavardhana <fharshav@redhat.com>
2014-10-24 11:36:30 -07:00
Mrunal Patel ac73007335 Merge pull request #235 from alexoj/master
devices: filter /dev/console out of the node list
2014-10-24 11:20:41 -07:00
Alejandro Ojeda b7b7524f5f modified devices: filter /dev/console out of...
Applied crosbymichael's suggested changes

Signed-off-by: Alejandro Ojeda <alex@x3y.org>
2014-10-24 20:04:20 +02:00
Alejandro Ojeda 863a486d81 devices: filter /dev/console out of the node list
Fixed getDeviceNodes() so it won't add /dev/console to the device node
list.

This fixes an issue where containers wouldn't start if
/dev/console is a pts (which is the case when running docker inside
docker), because devpts inodes are special and cannot be created with
mknod: attempting to open the result of doing so will return EIO.

Since later libcontainer would attempt to open the file to mount --bind
over it and fail because of the EIO error, the container wouldn't start
if the /dev/console was a pts, which is the case inside a docker
that was started from a pts.

getDeviceNodes() already filters pts so this change is consistent
with the current behavior.

Signed-off-by: Alejandro Ojeda <alex@x3y.org>
2014-10-24 03:21:29 +02:00
Victor Marmol aab3f6d17f Merge pull request #234 from mrunalp/move_contributors_file
Rename the file as per github convention.
2014-10-22 14:53:13 -07:00
Mrunal Patel 9b10e7fadf Rename the file as per github convention.
Docker-DCO-1.1-Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
2014-10-22 17:39:52 -04:00
Victor Marmol 4bce466f68 Merge pull request #231 from yoheiueda/fix-ioctl-endian-issue
Fix an endian bug for the ioctl argument
2014-10-22 11:14:35 -07:00
Yohei Ueda 92fc5f1b27 Fix an endian bug for the ioctl argument
Signed-off-by: Yohei Ueda <yohei@jp.ibm.com>
2014-10-23 07:06:09 +09:00
Mrunal Patel 3326e43966 Merge pull request #229 from dave-tucker/dev_enviroment
Add development environment instructions
2014-10-22 09:53:28 -07:00
Dave Tucker 6aac245e74 Add development environment instructions
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2014-10-22 13:03:25 +01:00
Abin Shahab b9c834b7aa ADDITIONAL CGROUPS BLKIO STATS
Currently github.com/docker/libcontainer/cgroups/fs.GetStats does not provide the following metrics:
blkio.io_wait_time, blkio.io_service_time, blkio.io_merged, and blkio.time.

This commits add these four metrics. The descriptions of the metrics are here: https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt.

It also modifies blkio_test and stats_util_test to ensure that the metrics are parsed.

Docker-DCO-1.1-Signed-off-by: Abin Shahab <ashahab@altiscale.com> (github: ashahab-altiscale)
2014-10-21 06:28:08 +00:00
Michael Crosby bed80e314f Merge pull request #228 from mrunalp/support_removed_syscalls
Adds support for Setuid/Setgid calls that has been removed from go 1.4
2014-10-20 14:14:49 -07:00
Mrunal Patel 7d268af0be Adds support for Setuid/Setgid calls that has been removed from
go HEAD and won't be available in go 1.4.

Docker-DCO-1.1-Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
2014-10-20 15:20:08 -04:00
Mrunal Patel c907e406fe Merge pull request #226 from crosbymichael/add-tests
Add integration test framework
2014-10-17 16:31:25 -07:00
Michael Crosby 3f2333b667 Add integration test pkg
This integration pkg adds a framework for writing integration tests
aginst the libcontainer APIs

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-10-17 23:25:30 +00:00
Michael Crosby 43145ecf1b Move the download of docker to top of dockerfile
We need to do this because it's a big dep.  While we remove this
recursive dep this is the best that we can do right now.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-10-17 00:00:16 +00:00
Victor Marmol 0f49d1f254 Merge pull request #209 from imain/publicjoin
Make joinDevices public.
2014-10-16 14:51:18 +02:00