Commit Graph

2244 Commits

Author SHA1 Message Date
Vishnu Kannan b50266335e Updated libcontainer subpackage dependencies. Most subpackages now do not depend on their parent ('libcontainer') package. 'namespaces' and 'nsinit' still do.
'namespaces' need to refactored a bit more to move the API part of it to 'libcontainer' package and keep the namespace specific code inside that package.
This change is not expected to break docker.

Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-06-20 22:52:43 +00:00
Victor Marmol 902319a3b0 Merge pull request #40 from crosbymichael/api-readme
Update readme with API change explination
2014-06-20 14:50:23 -07:00
Michael Crosby 78a5a4285f Fix nit on wording
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 14:46:45 -07:00
Michael Crosby 3cea8e2be0 Fix typo in sample configs
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 14:42:19 -07:00
Michael Crosby e77dc4853a Update readme with API change explination
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 14:39:17 -07:00
Victor Marmol 2391c3dd8d Merge pull request #38 from crosbymichael/add-specs
Add sample config files
2014-06-20 11:31:57 -07:00
Michael Crosby 746bd3b8ab Fix unit test path
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 10:39:50 -07:00
Michael Crosby d28d8b67a9 Update main readme with new configs folder
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 10:01:25 -07:00
Michael Crosby 6bce7867b2 Add minimal sample configuration files for testing
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-20 10:00:17 -07:00
Victor Marmol 36663b1ee2 Merge pull request #37 from vmarmol/allow-not-found
Don't fail getting stats of unknown hierarchies.
2014-06-20 08:45:56 -07:00
Victor Marmol f9b158da02 Don't fail getting stats of unknown hierarchies.
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
2014-06-19 21:32:38 -07:00
Rohit Jnagal 17ce8d8519 Merge pull request #35 from vmarmol/fixes
Replacing docker-dev with libcontainer mailing list.
2014-06-19 10:04:47 -07:00
Victor Marmol 3acf21b60e Merge pull request #34 from bernerdschaefer/cgroup-stats-total-cpu-usage
CpuStats.CpuUsage includes TotalUsage
2014-06-19 09:25:19 -07:00
Victor Marmol 3505bd7d0e Replacing docker-dev with libcontainer mailing list.
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
2014-06-19 09:10:07 -07:00
Bernerd Schaefer cc266ed54c CpuStats.CpuUsage includes TotalUsage
Docker-DCO-1.1-Signed-off-by: Bernerd Schaefer <bj.schaefer@gmail.com> (github: bernerdschaefer)
2014-06-19 15:43:12 +02:00
Bernerd Schaefer 9fa6481d98 Add fs.NotifyOnOOM for out-of-memory notifications
Docker-DCO-1.1-Signed-off-by: Bernerd Schaefer <bj.schaefer@gmail.com> (github: bernerdschaefer)
2014-06-19 12:27:34 +02:00
Michael Crosby 2c29550226 Merge pull request #27 from mrunalp/dev/nsenter_flags
Add option parsing to nsenter and enable specifying commands with arguments
2014-06-18 14:05:44 -07:00
Mrunal Patel 88acda82d9 Add option parsing to nsenter and enable specifying commands with arguments.
Docker-DCO-1.1-Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
2014-06-18 14:29:40 -04:00
Victor Marmol 87465294b6 Merge pull request #29 from vmarmol/fixes
Require two LGTMs for non-maintainer changes.
2014-06-18 10:55:28 -07:00
Victor Marmol fcce4884da Require two LGTMs for non-maintainer changes.
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
2014-06-18 10:22:33 -07:00
Victor Marmol da2edd6068 Merge pull request #32 from crosbymichael/update-travis
Update travis to run unit tests
2014-06-17 16:20:05 -07:00
Michael Crosby 619088c49f Update travis to run unit tests
Also fix container_tests.go
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-17 16:12:36 -07:00
Victor Marmol 077836d955 Merge pull request #31 from crosbymichael/update-sample-json
Update sample json file for quick testing
2014-06-17 16:02:49 -07:00
Michael Crosby 9da679b6bd Update sample json file for quick testing
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-17 15:49:40 -07:00
Michael Crosby 77ffd49dfe Merge pull request #30 from crosbymichael/revert-mount-cgroup
Revert "Mount cgroups in the container"
2014-06-17 12:00:07 -07:00
Michael Crosby c7d1cb2272 Revert "Mount cgroups in the container"
This reverts commit b441dfa729.

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-17 11:41:40 -07:00
Victor Marmol 2a9ff02bee Merge pull request #24 from crosbymichael/is-not-exist-errors
Ignore isnotexist errors for restrict paths
2014-06-16 18:53:23 -07:00
Victor Marmol c4ec56a9ac Merge pull request #26 from crosbymichael/device-copy-links
Use lstat to check device symlinks
2014-06-16 17:42:34 -07:00
Michael Crosby bbb502c8db Use lstat to check device symlinks
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-16 14:51:02 -07:00
Michael Crosby e00eadd77d Merge pull request #17 from alexlarsson/fix-close-race
Fix invalid fd race
2014-06-16 13:29:17 -07:00
Michael Crosby 874953d781 Ignore isnotexist errors for restrict paths
Handle the error when remounting certain files and paths as readonly if
they do not exist.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-16 12:32:15 -07:00
Victor Marmol 4145356abe Merge pull request #21 from mrunalp/use_path_max
Use PATH_MAX as buffer size for buffers containing paths.
2014-06-16 11:06:28 -07:00
Mrunal Patel 014bb3f18f Use PATH_MAX as buffer size for buffers containing paths.
Docker-DCO-1.1-Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
2014-06-16 10:48:25 -07:00
Victor Marmol 3b5ae6c352 Merge pull request #15 from alexlarsson/mount-cgroup-in-container
Mount cgroup in container
2014-06-16 08:57:59 -07:00
Alexander Larsson b441dfa729 Mount cgroups in the container
We make a tmpfs on /sys/fs/cgroups, and here we mount read-only
versions of all the host cgroups. Additionally we make symlinks
for all merged subsystems.

For any "named" cgroup, such as "name=systemd" we also mount the
subset of the cgroup where the container lives as read-write. This
means that the container can create sub-cgroups inside the container
and move tasks into those, but it can never escape from its current
position in the cgroup hierarchy.

In particular, this allows systemd to mostly work in a non-privileged
container. The only problem currently is that PrivateTmp=true fails
because systemd is not allowed to mount a new /tmp.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-06-16 17:16:23 +02:00
Alexander Larsson e0e0da9e28 pkg/cgroups Add GetCgroupMounts() and GetAllSubsystems()
This lists all currently mounted cgroups and all supported cgroup
subsystems on the machine.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-06-16 17:16:10 +02:00
Alexander Larsson f6028219a5 Fix invalid fd race
Sometimes I was getting:

2014/06/13 13:47:24 finalize namespace drop bounding set read /proc/1/status: bad file descriptor

This happens when applying the capabilities, and the code that
reads the current caps opens /proc/1/status and then reads some data from it.
But during this it gets a EBADFD error.

The problem is that FinalizeNamespace() closes all FDs before applying
the caps, and if a GC then happens after /proc/1/status is opened but
before reading from the fd, then an old os.File finalizer may close the
already closed-and-reused fd, wreaking havoc.

We fix this by instead of closing the FDs we mark them close-on-exec
which guarantees that they will be closed when we do the final
exec into the container.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-06-16 10:26:18 +02:00
Victor Marmol 124aba2f15 Merge pull request #20 from vbatts/vbatts-cleanup_setns
nsenter: fixing the cpp order
2014-06-13 11:19:07 -07:00
Vincent Batts d7cbde80a1 nsenter: fixing the cpp order
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
2014-06-13 13:09:13 -04:00
Victor Marmol 82a1592e88 Merge pull request #10 from glyn/hack
Initial hacker documentation
2014-06-13 09:49:15 -07:00
Victor Marmol c59b670720 Merge pull request #14 from tianon/travis
Add Travis
2014-06-13 08:59:16 -07:00
Glyn Normington e3a8e4e73e Change how to become a maintainer
These changes were suggested by @vmarmol.

Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:06:05 +01:00
Glyn Normington 988950a4dc Add placeholder for dev env setup
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:06:05 +01:00
Glyn Normington e39a0f1eac Correct links to libcontainer issues
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:06:05 +01:00
Glyn Normington f363dd3830 Clarify roadmap
Remove lxc and aufs dependencies and priority of running on older kernels.

Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:06:05 +01:00
Glyn Normington 976a57b02e Add section on testing
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:06:05 +01:00
Glyn Normington 74409a5de5 Merge approval criteria
This is based on feedback from @rjnagal.

Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 12:05:59 +01:00
Glyn Normington f589d42e81 Remove reference to non-existent script
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 11:25:57 +01:00
Glyn Normington 97a3a7109a Avoid implying Michael wrote the Maintainers' Guide
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 11:25:57 +01:00
Glyn Normington 1c81b532f2 Aspiring maintainers must be aware of the election process
Docker-DCO-1.1-Signed-off-by: Glyn Normington <gnormington@gopivotal.com> (github: glyn)
2014-06-13 11:25:57 +01:00