jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,254 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Michael Crosby 3e661186ba Merge pull request #535 from mrunalp/sys_props 
Adds support for setting system properties.
 2015-04-30 11:46:33 -07:00
Michael Crosby d70569a238 Merge pull request #554 from estesp/namespace_linux_split 
Split namespace syscall content for building on non-Linux
 2015-04-27 17:47:19 -07:00
Alexander Morozov 984ec36fa1 Merge pull request #539 from Mashimiao/cgroups-add-support-for-blkio-throttle 
cgroups: add support blkio.throttle.read/write_*
 2015-04-27 10:34:45 -07:00
Phil Estes 7f1bcd5ebf Spit namespace syscall content for building on non-Linux 
libcontainer/configs is used by the docker user namespace proposed
patchset to use IDMap for uid/gid maps across the codebase.  Given the
client uses some of this code, it needs to build on non-Linux.  This
separates out the Linux-only syscalls using build tags.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
 2015-04-24 18:09:56 -04:00
Mrunal Patel 60d3a49f6e Adds functionality to set system properties. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-04-22 22:17:30 -04:00
Michael Crosby b806655f91 Merge pull request #492 from Mashimiao/cgroup-add-support-for-device-deny 
cgroups: add support of devices deny for another use of cgroup devices
 2015-04-22 18:43:22 -07:00
Mrunal Patel bada39cf31 Merge pull request #495 from rhatdan/tmpfs 
Add support for Premount and Postmount commands.
 2015-04-20 09:20:52 -07:00
bin liu 4a2ae107c8 fix some typos in source code comments 
Signed-off-by: bin liu <liubin0329@gmail.com>
 2015-04-20 02:35:51 +00:00
Ma Shimiao 59eb58b640 cgroups: add support blkio.throttle.read/write_* 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-04-17 16:03:42 +08:00
Dan Walsh 59c5c3ac0f Add support for Premount and Postmount commands. 
We want to allow docker to mount tmpfs directories over existing directories
in the image. We will use this patch to pass commands from docker to
libcontainer. The first command we will use is the tar command to gather
all of the contents of the destination directory before mounting, then after
we mount the post mount command will untar the content.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
 2015-04-16 20:34:12 -04:00
Ma Shimiao 689afbcf66 cgroups: add support for devices deny 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
 2015-04-16 08:30:22 +08:00
Dan Walsh 907c7c17f0 Change mount point propogation to default to slave 
As an admin I would expect that if I volume mount a partition into a container, and then later add a mount point to the volume, it will show up in the container.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
 2015-04-10 10:49:28 -04:00
Qiang Huang 054d8e02bf cgroups: add support for blkio.weight_device 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2015-04-08 14:11:29 +08:00
Alexander Morozov cbc8dee085 Ensure that state always contains pathes to all namespaces 
Thanks coolljit0725 for initial fix.

Closes #512

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-04-07 14:50:08 -07:00
Arnaud Porterie e1c14b3ca2 Hairpin NAT network configuration 
Offer the ability to enable hairpin NAT on a per network basis, while
keeping it disable by default as it is unsupported by older kernel.

Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
 2015-03-11 13:42:37 -07:00
HuKeping 295c70865d cgroups: add support for oom control 
This patch add support for diable OOM Killer.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-03-07 02:49:31 +08:00
Andrey Vagin a72f710d89 configs: check that config doesn't contain extra fields 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-03-05 00:26:33 +03:00
Alexander Morozov 8d0b06257b Move tty configuration to Process 
Now you need to call Process.NewConsole to setup console for process

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-25 15:04:43 -08:00
Alexander Morozov ec005e73b9 Make possible to call config methods on values 
Because container.Config() returns values and you can't get pointer from
function call immediately. So it is impossible to call
container.Config().HostUID().

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-24 16:06:53 -08:00
Mrunal Patel f34b3b765f Validation for User Namespaces in the config. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-18 23:14:01 -08:00
Michael Crosby f4cf808a3d Merge branch 'master' into api 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Conflicts:
	MAINTAINERS
	cgroups/cgroups.go
	cgroups/fs/apply_raw.go
	cgroups/fs/notify_linux.go
	cgroups/fs/notify_linux_test.go
	cgroups/systemd/apply_systemd.go
	config.go
	configs/config_test.go
	console/console.go
	integration/exec_test.go
	integration/init_test.go
	integration/template_test.go
	integration/utils_test.go
	linux_notify.go
	linux_notify_test.go
	mount/init.go
	mount/mount_config.go
	mount/pivotroot.go
	mount/ptmx.go
	namespaces/create.go
	namespaces/exec.go
	namespaces/execin.go
	namespaces/init.go
	namespaces/nsenter/nsenter.c
	namespaces/nsenter/nsenter.go
	namespaces/utils.go
	network/network.go
	network/types.go
	network/veth.go
	notify_linux.go
	notify_linux_test.go
	nsinit/exec.go
	nsinit/main.go
	nsinit/nsenter.go
	nsinit/oom.go
	sample_configs/host-pid.json
	sample_configs/userns.json
	security/capabilities/capabilities.go
	update-vendor.sh
 2015-02-16 15:09:42 -08:00
Michael Crosby 1a37242fa2 Refactor system mounts to be placed on the config 
Also remove the RestrictSys bool replaced by configurable paths that the
user can specify.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-12 16:58:38 -08:00
Michael Crosby c2403c32db Add GetPath on namespace config 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-12 10:38:43 -08:00
Michael Crosby 5c246d038f Persist container state to disk 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 16:52:28 -08:00
Michael Crosby 7fff13632e Add state method to return container's runtime state 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 14:45:07 -08:00
Michael Crosby fde0b7aa0d Refactor network and veth creation 
Remove veth interfaces on the host if an error occurs.
Provide the host interface name, temporary peer interface name and the
name of the peer once it is inside the container's namespace in the
Network config.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 13:33:58 -08:00
Michael Crosby 1c895b409a Move mount logic into root package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 1edada52fd Move Cwd and User to Process 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 0c1919c427 Refactor parent processes into types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 21bb5ccc4f Move environment configuration to Process 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 58023ad32f Add parent death signal to the container config 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 8850636eb3 Refactor init actions into separate types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:08 -08:00
Michael Crosby 5fc19e8db5 Rename Fs fields to fs 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:08 -08:00
Andrey Vagin bcd0222be5 api: fix config tests 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-02-03 10:00:21 -08:00
Michael Crosby bbeae7445a Remove namespaces package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-02 15:41:32 -08:00
Michael Crosby 935d81f23d Flatten configuration structs 
Change the various config structs into one package and have a flatter
structure for easier use.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-01-31 19:56:27 -08:00
Andrey Vagin ca633b2f29 Merge remote-tracking branch 'origin/master' into api 
Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2015-01-28 14:37:40 +03:00
Andrey Vagin ce9d63376f libcontainer: move State in the configs package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00
Andrey Vagin 7038ddbc8c libcontainer: move Config in a separate package 
We are going to import the namespaces package into libcontainer,
so libcontainer should not be imported into namespaces.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
 2014-12-19 12:32:34 +03:00