Add a rich Error type to the libcontainer package and use it in the API so
that callers can:
* Check for a specific error without depending on an error string,
* Obtain the stack trace of the function or method which detected the error.
The Error type provides a typed error code and a stack trace. The error code
identifies the error and enables the caller to test for it without being
sensitive to changes in the error text. The stack trace identifies the point
at which the error was detected. The combination of error code and stack trace
will enable errors to be diagnosed much more easily and with less guesswork
than when raw string-based errors are used.
The Error type conforms to the error interface and its Error method prints a
short error message. The Detail method provides a verbose error message
including the stack trace.
Notes:
1. There is an unfortunate precedent in the Go standard library which uses
variables to define errors. Checking for a specific error involves a string
comparison and assumes the corresponding variable has not been updated. It is
more robust and efficient to identify errors with integer-based types and
associated constants, although errors should still include a string
description for ease of use by humans.
2. It is not feasible to assign distinct types to Factory and Container
error codes because common errors such as SystemError cannot be declared in
two places and the names of the error codes then need to be decorated. This is
less readable.
Signed-off-by: Steve Powell <spowell@pivotal.io>
add format description for `id` string;
add "invalid format" error for `id` string;
remove initial capitals on references to parameter names;
remove reference to `initialConfig`;
add description of id checking.
Signed-off-by: Steve Powell <spowell@pivotal.io>
Sampling should be done by higher layer in configurable intervals. This
change removes the percentage stat as sampling is required for this.
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
This makes blkio's GetStats try to read blkio.io_serviced_recursive
first and fall back to read the stats from blkio.throttle in case it
can't. blkio.io_serviced_recursive seems to be available across all
kernels with CFQ enabled.
This closes#165
Signed-off-by: Johannes 'fish' Ziemke <github@freigeist.org>
We need --privileged for apparmor based systems until we have an
apparmor specific flag to set the profile to unconfined.
Signed-off-by: Michael Crosby <michael@docker.com>
Currently we do not remove reservations on MCS labels when a container
is removed. Not a big problem, since on reboot it would be freed.
But we should be cleaning this up. Currently we support ~500,000
labels.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
The current paths for the different systemd cgroup subsystems that
systemd manages and that we have to manage are very inconsistent. This
patch cleans up those differences and allows consistent paths to be
used.
Signed-off-by: Michael Crosby <michael@docker.com>
This also changes the functionality of the default exec in to just be an
existing func that is called than handles the implementation to exec a
user user's process inside the container. This implements this
functionallity in nsinit but is a base for how we will be handling these
types of features inside docker.
Signed-off-by: Michael Crosby <michael@docker.com>
Glyn Normington
Michael Crosby
Erik Hollensbe
Steve Powell
Victor Marmol
Michael Crosby
Bernerd Schaefer
Michael Crosby
Rohit Jnagal
Johannes 'fish' Ziemke
Dan Walsh
Alexandr Morozov
Vish Kannan
Vishnu Kannan
Nicholas Weaver
Milos Gajdos