jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,014 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

1014 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 8da9c6878f Update copyright year in NOTICE 
Spotted this one when creating https://github.com/docker/docker/pull/10938

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2015-02-22 21:00:23 +01:00
Victor Marmol 5b73860e65 Merge pull request #388 from docker/api 
Merge API Branch into Master
 2015-02-19 16:30:01 -08:00
Victor Marmol 7eceabd47f Merge pull request #389 from crosbymichael/mergeapi 
Merge master into api
 2015-02-19 16:08:09 -08:00
Michael Crosby 22df5551ed Merge branch 'master' into api 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Conflicts:
	cgroups/systemd/apply_systemd.go
 2015-02-19 16:02:50 -08:00
Victor Marmol 1b755bf962 Merge pull request #386 from mrunalp/userns_check 
Validation for user namespace in the config.
 2015-02-19 09:16:13 -08:00
Rohit Jnagal 8c3b6b1868 Merge pull request #387 from mrunalp/rootfs_config 
Fixes bug where rootfs was empty instead of pwd when not specified.
 2015-02-19 08:27:22 -08:00
Mrunal Patel f34b3b765f Validation for User Namespaces in the config. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-18 23:14:01 -08:00
Mrunal Patel 4d863b7bd0 Fixes bug where rootfs was empty instead of pwd when not specified. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-18 21:36:04 -08:00
Mrunal Patel d06a2dab9f Merge pull request #385 from crosbymichael/userns-updates 
Make usernamespaces work without sidecar process
 2015-02-18 16:20:49 -08:00
Michael Crosby afa8443118 Remove userns sidecar process 
Move the network setup back into the standard init even for user
namespaces now that mounts are fully supported and working.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-18 15:47:26 -08:00
Michael Crosby 339edce03e Update console and mount handling for user namespaces 
This updates the console handling to chown the console on creation to
the root user within the container.

This also moves the setup mounts from the userns sidecar process into
the main init processes by trying to mknod devices, if it fails on an
EPERM then bind mount the device from the host into the container for
use.  This prevents access issues when the sidecar process mknods the
device for the usernamespace returning an EPERM when writting to
dev/null.

This also adds some error handling for init processes and nsinit updates
with added flags for testing and other functions.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-17 21:37:02 -08:00
Mrunal Patel f4a4391e4e Merge pull request #371 from coolljt0725/add_support_cpu_cfs_quota 
Add systemd support cpu.cfs_quota_us and cpu.cfs_period_us
 2015-02-17 10:42:14 -08:00
Mrunal Patel cc42996625 Merge pull request #382 from crosbymichael/merges 
Update api branch with master changes
 2015-02-16 15:20:01 -08:00
Michael Crosby f4cf808a3d Merge branch 'master' into api 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Conflicts:
	MAINTAINERS
	cgroups/cgroups.go
	cgroups/fs/apply_raw.go
	cgroups/fs/notify_linux.go
	cgroups/fs/notify_linux_test.go
	cgroups/systemd/apply_systemd.go
	config.go
	configs/config_test.go
	console/console.go
	integration/exec_test.go
	integration/init_test.go
	integration/template_test.go
	integration/utils_test.go
	linux_notify.go
	linux_notify_test.go
	mount/init.go
	mount/mount_config.go
	mount/pivotroot.go
	mount/ptmx.go
	namespaces/create.go
	namespaces/exec.go
	namespaces/execin.go
	namespaces/init.go
	namespaces/nsenter/nsenter.c
	namespaces/nsenter/nsenter.go
	namespaces/utils.go
	network/network.go
	network/types.go
	network/veth.go
	notify_linux.go
	notify_linux_test.go
	nsinit/exec.go
	nsinit/main.go
	nsinit/nsenter.go
	nsinit/oom.go
	sample_configs/host-pid.json
	sample_configs/userns.json
	security/capabilities/capabilities.go
	update-vendor.sh
 2015-02-16 15:09:42 -08:00
Michael Crosby 55d61e22c5 Merge pull request #381 from crosbymichael/configfactory 
Add functional API for Factory configuration
 2015-02-16 11:44:47 -08:00
Michael Crosby b21b19e060 Add factory configuration via functional api 
This allows you to set certian configuration options such as what cgroup
implementation to use on the factory at create time.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-16 11:26:13 -08:00
Michael Crosby 4c43b0f498 Add mutex around stateful container operations 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-16 09:59:02 -08:00
Victor Marmol 2b45128091 Merge pull request #379 from mrunalp/userns_config_gen 
Add config generation for simple user namespace testing.
 2015-02-13 17:20:30 -08:00
Mrunal Patel cacc15360e Add config generation for simple user namespace testing. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-13 20:17:16 -05:00
Victor Marmol 8002fd2263 Merge pull request #378 from mrunalp/cleanup_comments 
Fixed some typos and tried to make comments read better.
 2015-02-13 16:18:57 -08:00
Mrunal Patel a1d509759b Fixed some typos and tried to make comments read better. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-13 19:06:17 -05:00
Michael Crosby 2990f254f0 Merge pull request #377 from mrunalp/console_path 
Add a constant for the container console path.
 2015-02-13 15:24:44 -08:00
Mrunal Patel 77085907a4 Add a constant for the container console path. 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2015-02-13 18:23:17 -05:00
Michael Crosby 3f35b26b8b Merge pull request #373 from LK4D4/netlink_hairpin_support 
Use netlink to set hairpin mode
 2015-02-13 14:08:28 -08:00
Lei Jitang 29f5cb6b39 Add systemd support cpu.cfs_quota_us and cpu.cfs_period_us 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
 2015-02-13 14:33:03 +08:00
Victor Marmol 031524c73d Merge pull request #375 from crosbymichael/move-system-mounts 
Refactor system mounts to be placed on the config
 2015-02-12 21:36:03 -08:00
Alexander Morozov ebefcddc3c Use netlink to set hairpin mode 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-12 18:40:54 -08:00
Michael Crosby 1a37242fa2 Refactor system mounts to be placed on the config 
Also remove the RestrictSys bool replaced by configurable paths that the
user can specify.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-12 16:58:38 -08:00
Michael Crosby a9a503082e Merge pull request #374 from LK4D4/go1.3_support 
Fix compilation with golang 1.3(uid/gid mappings is unsupported)
 2015-02-12 14:21:41 -08:00
Alexander Morozov fe9f766895 Fix compilation with golang 1.3(uid/gid mappings is unsupported) 
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
 2015-02-12 13:28:07 -08:00
Mrunal Patel cee97cb0cc Merge pull request #372 from rhatdan/gcc5.0 
Changes required to keep gcc 5.0 quiet and happy.
 2015-02-12 11:42:14 -08:00
Dan Walsh 6262667787 Changes required to keep gcc 5.0 quiet 
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
 2015-02-12 14:21:34 -05:00
Mrunal Patel e2ed997ae5 Merge pull request #370 from crosbymichael/state 
Ensure state is persisted
 2015-02-12 11:19:58 -08:00
Michael Crosby c2403c32db Add GetPath on namespace config 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-12 10:38:43 -08:00
Michael Crosby 91a3f162af Implement nsinit state command 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 18:49:28 -08:00
Michael Crosby 5df859ad24 Add config command to nsinit 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 17:26:29 -08:00
Michael Crosby d909440c48 Unexport certain internal funcs and types 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 17:12:03 -08:00
Michael Crosby 5c246d038f Persist container state to disk 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 16:52:28 -08:00
Michael Crosby 31327166e5 Rename OOM to NotifyOOM 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 15:09:54 -08:00
Michael Crosby 7fff13632e Add state method to return container's runtime state 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 14:45:07 -08:00
Victor Marmol 9f0cca11d0 Merge pull request #367 from crosbymichael/validation 
API Refactoring
 2015-02-11 13:47:45 -08:00
Michael Crosby fde0b7aa0d Refactor network and veth creation 
Remove veth interfaces on the host if an error occurs.
Provide the host interface name, temporary peer interface name and the
name of the peer once it is inside the container's namespace in the
Network config.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 13:33:58 -08:00
Michael Crosby 2ec6b585ea Add new API examples to readme 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:27 -08:00
Michael Crosby 758d151e61 Fully remove security package 
This moves the capabilities package into the root package.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby ad49d71504 Remove network package 
Also add ability to get network stats from multiple interfaces.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 6a04779b41 Remove restrict package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 1c895b409a Move mount logic into root package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby b0e274c0d2 Remove console package and add Console type 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 20daff5e2c Move mount package into libcontainer root 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00
Michael Crosby 1edada52fd Move Cwd and User to Process 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2015-02-11 11:20:09 -08:00