centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-28 06:49:00 +07:00
Code Issues Packages Projects Releases Wiki Activity
6,553 Commits 54 Branches 28 Tags
fdeea90fc806d8d2cccdc76a6ecb214dd03093ec
Commit Graph

96 Commits

Author SHA1 Message Date
Michael Crosby
fdeea90fc8 Allow child process to live if daemon dies 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-27 09:33:36 -08:00
Michael Crosby
a115ce797b Ensure that the container dir is remove on restore 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-27 08:28:55 -08:00
Michael Crosby
fb08b8b221 Code review updates 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-26 19:21:46 -08:00
Michael Crosby
70820b69ec Make network a slice to support multiple types 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-26 14:20:41 -08:00
Michael Crosby
ce08083f9c Merge branch 'master' into add-libcontainer 
Conflicts:
	execdriver/termconsole.go

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-26 12:55:24 -08:00
unclejack
22da8cdc7e Merge pull request #4282 from ibuildthecloud/jumbo-frames 
Add MTU to lxc conf to make host and container MTU match
 2014-02-26 20:11:38 +02:00
unclejack
d8b60cb592 Merge pull request #4308 from vbatts/vbatts-seperate_driver_term 
seperate out the terminal functions from lxc
 2014-02-26 16:58:21 +02:00
Michael Crosby
bfdf07ac98 Return error for lxc-conf when using native driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 17:13:00 -08:00
Michael Crosby
5c67d2e634 Ensure that the container's dir is remove from native driver on stop 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 16:27:07 -08:00
Michael Crosby
93ed15075c Fix cross compile for make cross 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 15:19:13 -08:00
Michael Crosby
96e33a7646 Move container.json and pid file into a root specific driver dir 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 12:41:31 -08:00
Guillaume J. Charmes
ca42758368 Merge branch 'add-libcontainer' of https://github.com/crosbymichael/docker into add-libcontainer 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-02-25 11:42:15 -08:00
Michael Crosby
de083400b8 Address initial feedback from pr 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 10:54:41 -08:00
Vincent Batts
c35853191c correcting the package name for the terminal setup 
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-02-25 10:07:06 -05:00
Guillaume J. Charmes
91bf120c51 Better capability/namespace management 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-02-24 21:52:29 -08:00
Michael Crosby
431d510cae Remove container env var from libcontainer 
Update tests to use native driver
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 21:51:00 -08:00
Michael Crosby
8db740a38e Move types around in native driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 21:21:35 -08:00
Michael Crosby
f8453cd049 Refactor and improve libcontainer and driver 
Remove logging for now because it is complicating things
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 21:11:52 -08:00
Michael Crosby
d59c05a37c Fix exec driver flag, rename new driver to 'native' 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 20:41:09 -08:00
Michael Crosby
27a43692c2 Merge branch 'master' into add-libcontainer 
Conflicts:
	runtime.go

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 20:35:12 -08:00
Michael Crosby
ca537a63a8 Remove chroot driver, it's not needed 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 18:52:48 -08:00
Michael Crosby
9cb4573d33 Improve logging for nsinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 18:38:36 -08:00
Michael Crosby
77f68f74c7 Rename namespace driver to docker 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 16:42:30 -08:00
Michael Crosby
9f03fd76b5 Fix restore container by nspid 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 16:35:11 -08:00
Michael Crosby
9bf6cb2692 Fix get pids for nsinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 16:26:06 -08:00
Michael Crosby
a76407ac61 Cgroups allow devices for privileged containers 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 15:47:23 -08:00
Michael Crosby
a6e5e18511 Fix kill signals and rootfs path for pid 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 14:35:27 -08:00
Michael Crosby
cfd188e925 Add info for driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 14:11:09 -08:00
Michael Crosby
757c7581c8 Use the cpu cgroup subsystem instead of memory because its non optional 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 13:42:13 -08:00
Michael Crosby
01f9815b55 Fix tests with dockerinit lookup path 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 13:40:17 -08:00
Vincent Batts
fabc478e7e Move the terminal setup to execdriver, instead of ./pkg/term 
It is independent of any particular driver, but likely used by
  multiple execdrivers. Also, pkg/... is not to have any links to
  docker, which this terminal setup does.

Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-02-24 15:28:45 -05:00
Michael Crosby
8f20058307 Compile nsinit into docker for use with dockerinit 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-24 12:21:13 -08:00
Vincent Batts
de848a14ca seperate out the terminal functions from lxc to the pkg/term 
Since these functions are indepenent of lxc, and could be used by
  other drivers.

Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-02-24 13:42:09 -05:00
Michael Crosby
172260a49b Fix tty copy for driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-22 01:28:59 -08:00
Michael Crosby
fac41af25b Refactor driver to use Exec function from nsini 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-22 01:21:26 -08:00
Michael Crosby
2419e63d24 Initial commit of libcontainer running docker 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 17:23:49 -08:00
Michael Crosby
aac702727e Move current tty and pipe impl to lxc driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 13:27:34 -08:00
Michael Crosby
8e2284aaa2 Add CloseWriters back and do an interface cast 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 12:52:18 -08:00
Michael Crosby
592c2f6f9a Move term creation into driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 12:42:37 -08:00
Michael Crosby
1e74287698 Change Console to Terminal 
Move creation and attach to driver
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 12:32:14 -08:00
Michael Crosby
8c783c1c13 Move console into execdriver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 11:47:53 -08:00
Darren Shepherd
0db53bd2ec Add MTU to lxc conf to make host and container MTU match 
If you are using jumbo frames the host side of the veth was being set to
1500.  Docker would set the MTU of the container side of the veth to 9001.
This would lead to a situation in which the two sides of the veth had
different MTU sizes causing issues in network traffic.

Docker-DCO-1.1-Signed-off-by: Darren Shepherd <darren.s.shepherd@gmail.com> (github: ibuildthecloud)
 2014-02-21 03:02:06 -07:00
Michael Crosby
9e3da87a3a Cleanup some statements from exec driver work 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-14 17:28:50 -08:00
Guillaume J. Charmes
408ea0771a Mount-bind the PTY as container console - allow for tmux/screen to run 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-02-13 17:23:09 -08:00
Michael Crosby
3c215ba410 Merge pull request #4059 from alexlarsson/no-netadmin-caps 
lxc: Drop NET_ADMIN capability in non-privileged containers
 2014-02-11 14:20:34 -05:00
Alexander Larsson
02fddffd51 lxc: Drop NET_ADMIN capability in non-privileged containers 
With this capability set the container can e.g. change the ip address
of his devices to that of another container on the docker0 bridge. In
a quick test I was able to listen to a port on a different ip than the
one docker assigned me, but was not able to hijack an open port
redirection that another container had open. Maybe its possible with
some more knowledge of networking though.

Anyway, network setup is meant to be handled by docker, not the apps,
so I believe denying this is generally in the spirit of docker, and
it closes down potential security issues.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-02-11 11:17:34 +01:00
Victor Vieux
2dcb48af0f Merge pull request #3524 from tianon/supplementary-groups 
Add supplementary groups lookup in sysinit
 2014-02-10 14:42:14 -08:00
Victor Vieux
036900a63a Merge pull request #3871 from jdef/patch-1 
Update lxc_template.go
 2014-02-10 14:38:39 -08:00
Guillaume J. Charmes
7c06d5e34e Remove panic in lxc driver. 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-02-07 19:09:52 -08:00
James DeFelice
17c124baf6 Update lxc_template.go 
If networking is disabled, but then pipework is used later to add nics, the network still doesn't function. Using flags=up for empty networking fixes this.
Docker-DCO-1.1-Signed-off-by: James DeFelice <james.defelice@ishisystems.com> (github: jdef)
 2014-02-03 16:14:15 -05:00