kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #19490 from cyphar/remove-dockerinit

Browse source 
Remove dockerinit once and for all
This commit is contained in:
Arnaud Porterie 2016-01-26 08:27:35 -08:00
commit 7a97e938e2
47 changed files with 79 additions and 348 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Dockerfile
View file

@ -96,8 +96,7 @@ RUN set -x \
ENV PATH /osxcross/target/bin:$PATH ENV PATH /osxcross/target/bin:$PATH
# install seccomp # install seccomp
# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, # TODO: switch to libseccomp-dev since dockerinit is gone
# we need libseccomp.a (which the package does not provide) for dockerinit
ENV SECCOMP_VERSION 2.2.3 ENV SECCOMP_VERSION 2.2.3
RUN set -x \ RUN set -x \
&& export SECCOMP_PATH="$(mktemp -d)" \ && export SECCOMP_PATH="$(mktemp -d)" \

3
Dockerfile.armhf
View file

@ -111,8 +111,7 @@ RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint
&& go install -v github.com/golang/lint/golint && go install -v github.com/golang/lint/golint
# install seccomp # install seccomp
# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, # TODO: switch to libseccomp-dev since dockerinit is gone
# we need libseccomp.a (which the package does not provide) for dockerinit
ENV SECCOMP_VERSION 2.2.3 ENV SECCOMP_VERSION 2.2.3
RUN set -x \ RUN set -x \
&& export SECCOMP_PATH="$(mktemp -d)" \ && export SECCOMP_PATH="$(mktemp -d)" \

3
Dockerfile.gccgo
View file

@ -42,8 +42,7 @@ RUN cd /usr/local/lvm2 \
# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL # see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
# install seccomp # install seccomp
# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, # TODO: switch to libseccomp-dev since dockerinit is gone
# we need libseccomp.a (which the package does not provide) for dockerinit
ENV SECCOMP_VERSION v2.2.3 ENV SECCOMP_VERSION v2.2.3
RUN set -x \ RUN set -x \
&& export SECCOMP_PATH=$(mktemp -d) \ && export SECCOMP_PATH=$(mktemp -d) \

2
api/client/info.go
View file

@ -74,8 +74,6 @@ func (cli *DockerCli) CmdInfo(args ...string) error {
fmt.Fprintf(cli.out, " Goroutines: %d\n", info.NGoroutines) fmt.Fprintf(cli.out, " Goroutines: %d\n", info.NGoroutines)
fmt.Fprintf(cli.out, " System Time: %s\n", info.SystemTime) fmt.Fprintf(cli.out, " System Time: %s\n", info.SystemTime)
fmt.Fprintf(cli.out, " EventsListeners: %d\n", info.NEventsListener) fmt.Fprintf(cli.out, " EventsListeners: %d\n", info.NEventsListener)
fmt.Fprintf(cli.out, " Init SHA1: %s\n", info.InitSha1)
fmt.Fprintf(cli.out, " Init Path: %s\n", info.InitPath)
fmt.Fprintf(cli.out, " Docker Root Dir: %s\n", info.DockerRootDir) fmt.Fprintf(cli.out, " Docker Root Dir: %s\n", info.DockerRootDir)
} }

4
container/container_unix.go
View file

@ -63,10 +63,6 @@ func (container *Container) CreateDaemonEnvironment(linkedEnv []string) []string
env := []string{ env := []string{
"PATH=" + system.DefaultPathEnv, "PATH=" + system.DefaultPathEnv,
"HOSTNAME=" + fullHostname, "HOSTNAME=" + fullHostname,
// Note: we don't set HOME here because it'll get autoset intelligently
// based on the value of USER inside dockerinit, but only if it isn't
// set already (ie, that can be overridden by setting HOME via -e or ENV
// in a Dockerfile).
} }
if container.Config.Tty { if container.Config.Tty {
env = append(env, "TERM=xterm") env = append(env, "TERM=xterm")

4
contrib/builder/rpm/generate.sh
View file

@ -118,9 +118,7 @@ for version in "${versions[@]}"; do
echo >> "$version/Dockerfile" echo >> "$version/Dockerfile"
# fedora does not have a libseccomp.a for compiling static dockerinit # TODO remove this since dockerinit is finally gone
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
case "$from" in case "$from" in
fedora:*) fedora:*)
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"

1
daemon/container_operations_unix.go
View file

@ -254,7 +254,6 @@ func (daemon *Daemon) populateCommand(c *container.Container, env []string) erro
c.Command = &execdriver.Command{ c.Command = &execdriver.Command{
CommonCommand: execdriver.CommonCommand{ CommonCommand: execdriver.CommonCommand{
ID: c.ID, ID: c.ID,
InitPath: "/.dockerinit",
MountLabel: c.GetMountLabel(), MountLabel: c.GetMountLabel(),
Network: en, Network: en,
ProcessConfig: processConfig, ProcessConfig: processConfig,

1
daemon/container_operations_windows.go
View file

@ -124,7 +124,6 @@ func (daemon *Daemon) populateCommand(c *container.Container, env []string) erro
CommonCommand: execdriver.CommonCommand{ CommonCommand: execdriver.CommonCommand{
ID: c.ID, ID: c.ID,
Rootfs: c.BaseFS, Rootfs: c.BaseFS,
InitPath: "/.dockerinit",
WorkingDir: c.Config.WorkingDir, WorkingDir: c.Config.WorkingDir,
Network: en, Network: en,
MountLabel: c.GetMountLabel(), MountLabel: c.GetMountLabel(),

4
daemon/daemon_unix.go
View file

@ -688,8 +688,7 @@ func initBridgeDriver(controller libnetwork.NetworkController, config *Config) e
} }
// setupInitLayer populates a directory with mountpoints suitable // setupInitLayer populates a directory with mountpoints suitable
// for bind-mounting dockerinit into the container. The mountpoint is simply an // for bind-mounting things into the container.
// empty file at /.dockerinit
// //
// This extra layer is used by all containers as the top-most ro layer. It protects // This extra layer is used by all containers as the top-most ro layer. It protects
// the container from unwanted side-effects on the rw layer. // the container from unwanted side-effects on the rw layer.
@ -699,7 +698,6 @@ func setupInitLayer(initLayer string, rootUID, rootGID int) error {
"/dev/shm": "dir", "/dev/shm": "dir",
"/proc": "dir", "/proc": "dir",
"/sys": "dir", "/sys": "dir",
"/.dockerinit": "file",
"/.dockerenv": "file", "/.dockerenv": "file",
"/etc/resolv.conf": "file", "/etc/resolv.conf": "file",
"/etc/hosts": "file", "/etc/hosts": "file",

1
daemon/execdriver/driver.go
View file

@ -131,7 +131,6 @@ type CommonProcessConfig struct {
type CommonCommand struct { type CommonCommand struct {
ContainerPid int `json:"container_pid"` // the pid for the process inside a container ContainerPid int `json:"container_pid"` // the pid for the process inside a container
ID string `json:"id"` ID string `json:"id"`
InitPath string `json:"initpath"` // dockerinit
MountLabel string `json:"mount_label"` // TODO Windows. More involved, but can be factored out MountLabel string `json:"mount_label"` // TODO Windows. More involved, but can be factored out
Mounts []Mount `json:"mounts"` Mounts []Mount `json:"mounts"`
Network *Network `json:"network"` Network *Network `json:"network"`

7
daemon/info.go
View file

@ -49,11 +49,6 @@ func (daemon *Daemon) SystemInfo() (*types.Info, error) {
logrus.Errorf("Could not read system memory info: %v", err) logrus.Errorf("Could not read system memory info: %v", err)
} }
// if we still have the original dockerinit binary from before
// we copied it locally, let's return the path to that, since
// that's more intuitive (the copied path is trivial to derive
// by hand given VERSION)
initPath := utils.DockerInitPath("")
sysInfo := sysinfo.New(true) sysInfo := sysinfo.New(true)
var cRunning, cPaused, cStopped int32 var cRunning, cPaused, cStopped int32
@ -94,8 +89,6 @@ func (daemon *Daemon) SystemInfo() (*types.Info, error) {
OSType: platform.OSType, OSType: platform.OSType,
Architecture: platform.Architecture, Architecture: platform.Architecture,
RegistryConfig: daemon.RegistryService.Config, RegistryConfig: daemon.RegistryService.Config,
InitSha1: dockerversion.InitSHA1,
InitPath: initPath,
NCPU: runtime.NumCPU(), NCPU: runtime.NumCPU(),
MemTotal: meminfo.MemTotal, MemTotal: meminfo.MemTotal,
DockerRootDir: daemon.configStore.Root, DockerRootDir: daemon.configStore.Root,

11
dockerinit/dockerinit.go
View file

@ -1,11 +0,0 @@
package main
import (
_ "github.com/docker/docker/daemon/execdriver/native"
"github.com/docker/docker/pkg/reexec"
)
func main() {
// Running in init mode
reexec.Init()
}

3
dockerversion/version_lib.go
View file

@ -9,8 +9,5 @@ const (
GitCommit string = "library-import" GitCommit string = "library-import"
Version string = "library-import" Version string = "library-import"
BuildTime string = "library-import" BuildTime string = "library-import"
IAmStatic string = "library-import" IAmStatic string = "library-import"
InitSHA1 string = "library-import"
InitPath string = "library-import"
) )

1
hack/.vendor-helpers.sh
View file

@ -76,7 +76,6 @@ _dockerfile_env() {
clean() { clean() {
local packages=( local packages=(
"${PROJECT}/docker" # package main "${PROJECT}/docker" # package main
"${PROJECT}/dockerinit" # package main
"${PROJECT}/integration-cli" # external tests "${PROJECT}/integration-cli" # external tests
) )
local dockerPlatforms=( ${DOCKER_ENGINE_OSARCH:="linux/amd64"} $(_dockerfile_env DOCKER_CROSSPLATFORMS) ) local dockerPlatforms=( ${DOCKER_ENGINE_OSARCH:="linux/amd64"} $(_dockerfile_env DOCKER_CROSSPLATFORMS) )

1
hack/make.sh
View file

@ -237,7 +237,6 @@ test_env() {
HOME="$ABS_DEST/fake-HOME" \ HOME="$ABS_DEST/fake-HOME" \
PATH="$PATH" \ PATH="$PATH" \
TEMP="$TEMP" \ TEMP="$TEMP" \
TEST_DOCKERINIT_PATH="$TEST_DOCKERINIT_PATH" \
"$@" "$@"
} }

4
hack/make/.build-deb/rules
View file

@ -17,14 +17,12 @@ override_dh_auto_test:
./bundles/$(VERSION)/dynbinary/docker -v ./bundles/$(VERSION)/dynbinary/docker -v
override_dh_strip: override_dh_strip:
# the SHA1 of dockerinit is important: don't strip it # Go has lots of problems with stripping, so just don't
# also, Go has lots of problems with stripping, so just don't
override_dh_auto_install: override_dh_auto_install:
mkdir -p debian/docker-engine/usr/bin mkdir -p debian/docker-engine/usr/bin
cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/docker)" debian/docker-engine/usr/bin/docker cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/docker)" debian/docker-engine/usr/bin/docker
mkdir -p debian/docker-engine/usr/lib/docker mkdir -p debian/docker-engine/usr/lib/docker
cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/dockerinit)" debian/docker-engine/usr/lib/docker/dockerinit
override_dh_installinit: override_dh_installinit:
# use "docker" as our service name, not "docker-engine" # use "docker" as our service name, not "docker-engine"

10
hack/make/.build-rpm/docker-engine.spec
View file

@ -11,11 +11,6 @@ URL: https://dockerproject.org
Vendor: Docker Vendor: Docker
Packager: Docker <support@docker.com> Packager: Docker <support@docker.com>
# docker builds in a checksum of dockerinit into docker,
# # so stripping the binaries breaks docker
%global __os_install_post %{_rpmconfigdir}/brp-compress
%global debug_package %{nil}
# is_systemd conditional # is_systemd conditional
%if 0%{?fedora} >= 21 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1300 %if 0%{?fedora} >= 21 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1300
%global is_systemd 1 %global is_systemd 1
@ -124,10 +119,6 @@ export DOCKER_GITCOMMIT=%{_gitcommit}
install -d $RPM_BUILD_ROOT/%{_bindir} install -d $RPM_BUILD_ROOT/%{_bindir}
install -p -m 755 bundles/%{_origversion}/dynbinary/docker-%{_origversion} $RPM_BUILD_ROOT/%{_bindir}/docker install -p -m 755 bundles/%{_origversion}/dynbinary/docker-%{_origversion} $RPM_BUILD_ROOT/%{_bindir}/docker
# install dockerinit
install -d $RPM_BUILD_ROOT/%{_libexecdir}/docker
install -p -m 755 bundles/%{_origversion}/dynbinary/dockerinit-%{_origversion} $RPM_BUILD_ROOT/%{_libexecdir}/docker/dockerinit
# install udev rules # install udev rules
install -d $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d install -d $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d
install -p -m 644 contrib/udev/80-docker.rules $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d/80-docker.rules install -p -m 644 contrib/udev/80-docker.rules $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d/80-docker.rules
@ -175,7 +166,6 @@ install -p -m 644 contrib/syntax/nano/Dockerfile.nanorc $RPM_BUILD_ROOT/usr/shar
%files %files
%doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md %doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md
/%{_bindir}/docker /%{_bindir}/docker
/%{_libexecdir}/docker/dockerinit
/%{_sysconfdir}/udev/rules.d/80-docker.rules /%{_sysconfdir}/udev/rules.d/80-docker.rules
%if 0%{?is_systemd} %if 0%{?is_systemd}
/%{_unitdir}/docker.service /%{_unitdir}/docker.service

33
hack/make/.dockerinit
View file

@ -1,33 +0,0 @@
#!/bin/bash
set -e
IAMSTATIC="true"
source "${MAKEDIR}/.go-autogen"
# dockerinit still needs to be a static binary, even if docker is dynamic
go build \
-o "$DEST/dockerinit-$VERSION" \
"${BUILDFLAGS[@]}" \
-ldflags "
$LDFLAGS
$LDFLAGS_STATIC
-extldflags \"$EXTLDFLAGS_STATIC\"
" \
./dockerinit
echo "Created binary: $DEST/dockerinit-$VERSION"
ln -sf "dockerinit-$VERSION" "$DEST/dockerinit"
sha1sum=
if command -v sha1sum &> /dev/null; then
sha1sum=sha1sum
elif command -v shasum &> /dev/null; then
# Mac OS X - why couldn't they just use the same command name and be happy?
sha1sum=shasum
else
echo >&2 'error: cannot find sha1sum command or equivalent'
exit 1
fi
# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)

31
hack/make/.dockerinit-gccgo
View file

@ -1,31 +0,0 @@
#!/bin/bash
set -e
IAMSTATIC="true"
source "${MAKEDIR}/.go-autogen"
# dockerinit still needs to be a static binary, even if docker is dynamic
go build --compiler=gccgo \
-o "$DEST/dockerinit-$VERSION" \
"${BUILDFLAGS[@]}" \
--gccgoflags "
-g
-Wl,--no-export-dynamic
$EXTLDFLAGS_STATIC
-lnetgo
" \
./dockerinit
echo "Created binary: $DEST/dockerinit-$VERSION"
ln -sf "dockerinit-$VERSION" "$DEST/dockerinit"
sha1sum=
if command -v sha1sum &> /dev/null; then
sha1sum=sha1sum
else
echo >&2 'error: cannot find sha1sum command or equivalent'
exit 1
fi
# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)

3
hack/make/.go-autogen
View file

@ -14,10 +14,7 @@ const (
GitCommit string = "$GITCOMMIT" GitCommit string = "$GITCOMMIT"
Version string = "$VERSION" Version string = "$VERSION"
BuildTime string = "$BUILDTIME" BuildTime string = "$BUILDTIME"
IAmStatic string = "${IAMSTATIC:-true}" IAmStatic string = "${IAMSTATIC:-true}"
InitSHA1 string = "$DOCKER_INITSHA1"
InitPath string = "$DOCKER_INITPATH"
) )
// AUTOGENERATED FILE; see $BASH_SOURCE // AUTOGENERATED FILE; see $BASH_SOURCE
DVEOF DVEOF

10
hack/make/dynbinary
View file

@ -1,16 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -e
if [ -z "$DOCKER_CLIENTONLY" ]; then
source "${MAKEDIR}/.dockerinit"
hash_files "$DEST/dockerinit-$VERSION"
else
# DOCKER_CLIENTONLY must be truthy, so we don't need to bother with dockerinit :)
export DOCKER_INITSHA1=""
fi
# DOCKER_INITSHA1 is exported so that other bundlescripts can easily access it later without recalculating it
( (
export IAMSTATIC="false" export IAMSTATIC="false"
export LDFLAGS_STATIC_DOCKER='' export LDFLAGS_STATIC_DOCKER=''

10
hack/make/dyngccgo
View file

@ -1,16 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -e
if [ -z "$DOCKER_CLIENTONLY" ]; then
source "${MAKEDIR}/.dockerinit-gccgo"
hash_files "$DEST/dockerinit-$VERSION"
else
# DOCKER_CLIENTONLY must be truthy, so we don't need to bother with dockerinit :)
export DOCKER_INITSHA1=""
fi
# DOCKER_INITSHA1 is exported so that other bundlescripts can easily access it later without recalculating it
( (
export IAMSTATIC="false" export IAMSTATIC="false"
export EXTLDFLAGS_STATIC='' export EXTLDFLAGS_STATIC=''

2
hack/vendor.sh
View file

@ -22,7 +22,7 @@ clone git github.com/vdemeester/shakers 3c10293ce22b900c27acad7b28656196fcc2f73b
clone git golang.org/x/net 47990a1ba55743e6ef1affd3a14e5bac8553615d https://github.com/golang/net.git clone git golang.org/x/net 47990a1ba55743e6ef1affd3a14e5bac8553615d https://github.com/golang/net.git
clone git github.com/docker/go-units 651fc226e7441360384da338d0fd37f2440ffbe3 clone git github.com/docker/go-units 651fc226e7441360384da338d0fd37f2440ffbe3
clone git github.com/docker/go-connections v0.1.2 clone git github.com/docker/go-connections v0.1.2
clone git github.com/docker/engine-api v0.2.2 clone git github.com/docker/engine-api bdbab71ec21209ef56dffdbe42c9d21843c30862
clone git github.com/RackSec/srslog 6eb773f331e46fbba8eecb8e794e635e75fc04de clone git github.com/RackSec/srslog 6eb773f331e46fbba8eecb8e794e635e75fc04de
clone git github.com/imdario/mergo 0.2.1 clone git github.com/imdario/mergo 0.2.1

6
integration-cli/docker_cli_diff_test.go
View file

@ -27,10 +27,10 @@ func (s *DockerSuite) TestDiffFilenameShownInOutput(c *check.C) {
} }
// test to ensure GH #3840 doesn't occur any more // test to ensure GH #3840 doesn't occur any more
func (s *DockerSuite) TestDiffEnsureDockerinitFilesAreIgnored(c *check.C) { func (s *DockerSuite) TestDiffEnsureInitLayerFilesAreIgnored(c *check.C) {
testRequires(c, DaemonIsLinux) testRequires(c, DaemonIsLinux)
// this is a list of files which shouldn't show up in `docker diff` // this is a list of files which shouldn't show up in `docker diff`
dockerinitFiles := []string{"/etc/resolv.conf", "/etc/hostname", "/etc/hosts", "/.dockerinit", "/.dockerenv"} initLayerFiles := []string{"/etc/resolv.conf", "/etc/hostname", "/etc/hosts", "/.dockerenv"}
containerCount := 5 containerCount := 5
// we might not run into this problem from the first run, so start a few containers // we might not run into this problem from the first run, so start a few containers
@ -41,7 +41,7 @@ func (s *DockerSuite) TestDiffEnsureDockerinitFilesAreIgnored(c *check.C) {
cleanCID := strings.TrimSpace(out) cleanCID := strings.TrimSpace(out)
out, _ = dockerCmd(c, "diff", cleanCID) out, _ = dockerCmd(c, "diff", cleanCID)
for _, filename := range dockerinitFiles { for _, filename := range initLayerFiles {
c.Assert(out, checker.Not(checker.Contains), filename) c.Assert(out, checker.Not(checker.Contains), filename)
} }
} }

1
pkg/mount/mountinfo_linux_test.go
View file

@ -224,7 +224,6 @@ const (
43 16 0:34 / /proc/fs/nfsd rw,nosuid,nodev,noexec,relatime - nfsd nfsd rw 43 16 0:34 / /proc/fs/nfsd rw,nosuid,nodev,noexec,relatime - nfsd nfsd rw
44 15 0:35 / /home/tianon/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=1000,group_id=1000 44 15 0:35 / /home/tianon/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=1000,group_id=1000
68 15 0:3336 / /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd rw,relatime - aufs none rw,si=9b4a7640128db39c 68 15 0:3336 / /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd rw,relatime - aufs none rw,si=9b4a7640128db39c
85 68 8:6 /var/lib/docker/init/dockerinit-0.7.2-dev//deleted /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerinit rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
86 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/config.env /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerenv rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 86 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/config.env /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerenv rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
87 68 8:6 /etc/resolv.conf /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/resolv.conf rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 87 68 8:6 /etc/resolv.conf /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/resolv.conf rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered
88 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/hostname /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/hostname rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 88 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/hostname /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/hostname rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered

33
project/PACKAGERS.md
View file

@ -210,7 +210,7 @@ the file "./VERSION". This binary is usually installed somewhere like
### Dynamic Daemon / Client-only Binary ### Dynamic Daemon / Client-only Binary
If you are only interested in a Docker client binary, set `DOCKER_CLIENTONLY` to a non-empty value using something similar to the following: (which will prevent the extra step of compiling dockerinit) If you are only interested in a Docker client binary, set `DOCKER_CLIENTONLY` to a non-empty value using something similar to the following:
```bash ```bash
export DOCKER_CLIENTONLY=1 export DOCKER_CLIENTONLY=1
@ -228,37 +228,6 @@ following:
This will create "./bundles/$VERSION/dynbinary/docker-$VERSION", which for This will create "./bundles/$VERSION/dynbinary/docker-$VERSION", which for
client-only builds is the important file to grab and install as appropriate. client-only builds is the important file to grab and install as appropriate.
For daemon builds, you will also need to grab and install
"./bundles/$VERSION/dynbinary/dockerinit-$VERSION", which is created from the
minimal set of Docker's codebase that _must_ be compiled statically (and is thus
a pure static binary). The acceptable locations Docker will search for this file
are as follows (in order):
* as "dockerinit" in the same directory as the daemon binary (ie, if docker is
installed at "/usr/bin/docker", then "/usr/bin/dockerinit" will be the first
place this file is searched for)
* "/usr/libexec/docker/dockerinit" or "/usr/local/libexec/docker/dockerinit"
([FHS 3.0 Draft](https://www.linuxbase.org/betaspecs/fhs/fhs.html#usrlibexec))
* "/usr/lib/docker/dockerinit" or "/usr/local/lib/docker/dockerinit" ([FHS
2.3](https://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#USRLIBLIBRARIESFORPROGRAMMINGANDPA))
If (and please, only if) one of the paths above is insufficient due to distro
policy or similar issues, you may use the `DOCKER_INITPATH` environment variable
at compile-time as follows to set a different path for Docker to search:
```bash
export DOCKER_INITPATH=/usr/lib/docker.io/dockerinit
```
If you find yourself needing this, please don't hesitate to reach out to Tianon
to see if it would be reasonable or helpful to add more paths to Docker's list,
especially if there's a relevant standard worth referencing (such as the FHS).
Also, it goes without saying, but for the purposes of the daemon please consider
these two binaries ("docker" and "dockerinit") as if they were a single unit.
Mixing and matching can cause undesired consequences, and will fail to run
properly.
## System Dependencies ## System Dependencies
### Runtime Dependencies ### Runtime Dependencies

107
utils/utils.go
View file

@ -1,124 +1,17 @@
package utils package utils
import ( import (
"crypto/sha1"
"encoding/hex"
"fmt" "fmt"
"io"
"io/ioutil" "io/ioutil"
"os" "os"
"os/exec"
"path/filepath"
"runtime" "runtime"
"strings" "strings"
"github.com/docker/distribution/registry/api/errcode" "github.com/docker/distribution/registry/api/errcode"
"github.com/docker/docker/dockerversion"
"github.com/docker/docker/pkg/archive" "github.com/docker/docker/pkg/archive"
"github.com/docker/docker/pkg/stringid" "github.com/docker/docker/pkg/stringid"
) )
// SelfPath figures out the absolute path of our own binary (if it's still around).
func SelfPath() string {
path, err := exec.LookPath(os.Args[0])
if err != nil {
if os.IsNotExist(err) {
return ""
}
if execErr, ok := err.(*exec.Error); ok && os.IsNotExist(execErr.Err) {
return ""
}
panic(err)
}
path, err = filepath.Abs(path)
if err != nil {
if os.IsNotExist(err) {
return ""
}
panic(err)
}
return path
}
func dockerInitSha1(target string) string {
f, err := os.Open(target)
if err != nil {
return ""
}
defer f.Close()
h := sha1.New()
_, err = io.Copy(h, f)
if err != nil {
return ""
}
return hex.EncodeToString(h.Sum(nil))
}
func isValidDockerInitPath(target string, selfPath string) bool { // target and selfPath should be absolute (InitPath and SelfPath already do this)
if target == "" {
return false
}
if dockerversion.IAmStatic == "true" {
if selfPath == "" {
return false
}
if target == selfPath {
return true
}
targetFileInfo, err := os.Lstat(target)
if err != nil {
return false
}
selfPathFileInfo, err := os.Lstat(selfPath)
if err != nil {
return false
}
return os.SameFile(targetFileInfo, selfPathFileInfo)
}
return dockerversion.InitSHA1 != "" && dockerInitSha1(target) == dockerversion.InitSHA1
}
// DockerInitPath figures out the path of our dockerinit (which may be SelfPath())
func DockerInitPath(localCopy string) string {
selfPath := SelfPath()
if isValidDockerInitPath(selfPath, selfPath) {
// if we're valid, don't bother checking anything else
return selfPath
}
var possibleInits = []string{
localCopy,
dockerversion.InitPath,
filepath.Join(filepath.Dir(selfPath), "dockerinit"),
// FHS 3.0 Draft: "/usr/libexec includes internal binaries that are not intended to be executed directly by users or shell scripts. Applications may use a single subdirectory under /usr/libexec."
// https://www.linuxbase.org/betaspecs/fhs/fhs.html#usrlibexec
"/usr/libexec/docker/dockerinit",
"/usr/local/libexec/docker/dockerinit",
// FHS 2.3: "/usr/lib includes object files, libraries, and internal binaries that are not intended to be executed directly by users or shell scripts."
// https://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#USRLIBLIBRARIESFORPROGRAMMINGANDPA
"/usr/lib/docker/dockerinit",
"/usr/local/lib/docker/dockerinit",
}
for _, dockerInit := range possibleInits {
if dockerInit == "" {
continue
}
path, err := exec.LookPath(dockerInit)
if err == nil {
path, err = filepath.Abs(path)
if err != nil {
// LookPath already validated that this file exists and is executable (following symlinks), so how could Abs fail?
panic(err)
}
if isValidDockerInitPath(path, selfPath) {
return path
}
}
}
return ""
}
var globalTestID string var globalTestID string
// TestDirectory creates a new temporary directory and returns its path. // TestDirectory creates a new temporary directory and returns its path.

22
vendor/src/github.com/docker/engine-api/client/client.go vendored
View file

@ -10,6 +10,8 @@ import (
"path/filepath" "path/filepath"
"strings" "strings"
"time" "time"
"github.com/docker/go-connections/tlsconfig"
) )
// Client is the API client that performs all operations // Client is the API client that performs all operations
@ -41,21 +43,27 @@ type Client struct {
func NewEnvClient() (*Client, error) { func NewEnvClient() (*Client, error) {
var transport *http.Transport var transport *http.Transport
if dockerCertPath := os.Getenv("DOCKER_CERT_PATH"); dockerCertPath != "" { if dockerCertPath := os.Getenv("DOCKER_CERT_PATH"); dockerCertPath != "" {
tlsc := &tls.Config{} options := tlsconfig.Options{
CAFile: filepath.Join(dockerCertPath, "ca.pem"),
cert, err := tls.LoadX509KeyPair(filepath.Join(dockerCertPath, "cert.pem"), filepath.Join(dockerCertPath, "key.pem")) CertFile: filepath.Join(dockerCertPath, "cert.pem"),
KeyFile: filepath.Join(dockerCertPath, "key.pem"),
InsecureSkipVerify: os.Getenv("DOCKER_TLS_VERIFY") == "",
}
tlsc, err := tlsconfig.Client(options)
if err != nil { if err != nil {
return nil, fmt.Errorf("Error loading x509 key pair: %s", err) return nil, err
} }
tlsc.Certificates = append(tlsc.Certificates, cert)
tlsc.InsecureSkipVerify = os.Getenv("DOCKER_TLS_VERIFY") == ""
transport = &http.Transport{ transport = &http.Transport{
TLSClientConfig: tlsc, TLSClientConfig: tlsc,
} }
} }
return NewClient(os.Getenv("DOCKER_HOST"), os.Getenv("DOCKER_API_VERSION"), transport, nil) host := os.Getenv("DOCKER_HOST")
if host == "" {
host = DefaultDockerHost
}
return NewClient(host, os.Getenv("DOCKER_API_VERSION"), transport, nil)
} }
// NewClient initializes a new API client for the given host and API version. // NewClient initializes a new API client for the given host and API version.

6
vendor/src/github.com/docker/engine-api/client/client_nounix.go vendored Normal file
View file

@ -0,0 +1,6 @@
// +build windows darwin
package client
// DefaultDockerHost defines os specific default if DOCKER_HOST is unset
const DefaultDockerHost = "tcp://127.0.0.1:2375"

6
vendor/src/github.com/docker/engine-api/client/client_unix.go vendored Normal file
View file

@ -0,0 +1,6 @@
// +build linux freebsd
package client
// DefaultDockerHost defines os specific default if DOCKER_HOST is unset
const DefaultDockerHost = "unix:///var/run/docker.sock"

9
vendor/src/github.com/docker/engine-api/client/container_commit.go vendored
View file

@ -27,11 +27,8 @@ func (cli *Client) ContainerCommit(options types.ContainerCommitOptions) (types.
if err != nil { if err != nil {
return response, err return response, err
} }
defer ensureReaderClosed(resp)
if err := json.NewDecoder(resp.body).Decode(&response); err != nil { err = json.NewDecoder(resp.body).Decode(&response)
return response, err ensureReaderClosed(resp)
} return response, err
return response, nil
} }

17
vendor/src/github.com/docker/engine-api/client/container_create.go vendored
View file

@ -39,18 +39,7 @@ func (cli *Client) ContainerCreate(config *container.Config, hostConfig *contain
return response, err return response, err
} }
if serverResp.statusCode == 404 && strings.Contains(err.Error(), "No such image") { err = json.NewDecoder(serverResp.body).Decode(&response)
return response, imageNotFoundError{config.Image} ensureReaderClosed(serverResp)
} return response, err
if err != nil {
return response, err
}
defer ensureReaderClosed(serverResp)
if err := json.NewDecoder(serverResp.body).Decode(&response); err != nil {
return response, err
}
return response, nil
} }

2
vendor/src/github.com/docker/engine-api/client/container_inspect.go vendored
View file

@ -19,10 +19,10 @@ func (cli *Client) ContainerInspect(containerID string) (types.ContainerJSON, er
} }
return types.ContainerJSON{}, err return types.ContainerJSON{}, err
} }
defer ensureReaderClosed(serverResp)
var response types.ContainerJSON var response types.ContainerJSON
err = json.NewDecoder(serverResp.body).Decode(&response) err = json.NewDecoder(serverResp.body).Decode(&response)
ensureReaderClosed(serverResp)
return response, err return response, err
} }

2
vendor/src/github.com/docker/engine-api/client/container_list.go vendored
View file

@ -46,9 +46,9 @@ func (cli *Client) ContainerList(options types.ContainerListOptions) ([]types.Co
if err != nil { if err != nil {
return nil, err return nil, err
} }
defer ensureReaderClosed(resp)
var containers []types.Container var containers []types.Container
err = json.NewDecoder(resp.body).Decode(&containers) err = json.NewDecoder(resp.body).Decode(&containers)
ensureReaderClosed(resp)
return containers, err return containers, err
} }

2
vendor/src/github.com/docker/engine-api/client/container_top.go vendored
View file

@ -20,8 +20,8 @@ func (cli *Client) ContainerTop(containerID string, arguments []string) (types.C
if err != nil { if err != nil {
return response, err return response, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&response) err = json.NewDecoder(resp.body).Decode(&response)
ensureReaderClosed(resp)
return response, err return response, err
} }

9
vendor/src/github.com/docker/engine-api/client/diff.go vendored
View file

@ -15,11 +15,8 @@ func (cli *Client) ContainerDiff(containerID string) ([]types.ContainerChange, e
if err != nil { if err != nil {
return changes, err return changes, err
} }
defer ensureReaderClosed(serverResp)
if err := json.NewDecoder(serverResp.body).Decode(&changes); err != nil { err = json.NewDecoder(serverResp.body).Decode(&changes)
return changes, err ensureReaderClosed(serverResp)
} return changes, err
return changes, nil
} }

4
vendor/src/github.com/docker/engine-api/client/exec.go vendored
View file

@ -13,8 +13,8 @@ func (cli *Client) ContainerExecCreate(config types.ExecConfig) (types.Container
if err != nil { if err != nil {
return response, err return response, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&response) err = json.NewDecoder(resp.body).Decode(&response)
ensureReaderClosed(resp)
return response, err return response, err
} }
@ -41,8 +41,8 @@ func (cli *Client) ContainerExecInspect(execID string) (types.ContainerExecInspe
if err != nil { if err != nil {
return response, err return response, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&response) err = json.NewDecoder(resp.body).Decode(&response)
ensureReaderClosed(resp)
return response, err return response, err
} }

8
vendor/src/github.com/docker/engine-api/client/history.go vendored
View file

@ -14,10 +14,8 @@ func (cli *Client) ImageHistory(imageID string) ([]types.ImageHistory, error) {
if err != nil { if err != nil {
return history, err return history, err
} }
defer ensureReaderClosed(serverResp)
if err := json.NewDecoder(serverResp.body).Decode(&history); err != nil { err = json.NewDecoder(serverResp.body).Decode(&history)
return history, err ensureReaderClosed(serverResp)
} return history, err
return history, nil
} }

2
vendor/src/github.com/docker/engine-api/client/image_list.go vendored
View file

@ -32,8 +32,8 @@ func (cli *Client) ImageList(options types.ImageListOptions) ([]types.Image, err
if err != nil { if err != nil {
return images, err return images, err
} }
defer ensureReaderClosed(serverResp)
err = json.NewDecoder(serverResp.body).Decode(&images) err = json.NewDecoder(serverResp.body).Decode(&images)
ensureReaderClosed(serverResp)
return images, err return images, err
} }

2
vendor/src/github.com/docker/engine-api/client/image_remove.go vendored
View file

@ -22,9 +22,9 @@ func (cli *Client) ImageRemove(options types.ImageRemoveOptions) ([]types.ImageD
if err != nil { if err != nil {
return nil, err return nil, err
} }
defer ensureReaderClosed(resp)
var dels []types.ImageDelete var dels []types.ImageDelete
err = json.NewDecoder(resp.body).Decode(&dels) err = json.NewDecoder(resp.body).Decode(&dels)
ensureReaderClosed(resp)
return dels, err return dels, err
} }

2
vendor/src/github.com/docker/engine-api/client/image_search.go vendored
View file

@ -27,9 +27,9 @@ func (cli *Client) ImageSearch(options types.ImageSearchOptions, privilegeFunc R
if err != nil { if err != nil {
return results, err return results, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&results) err = json.NewDecoder(resp.body).Decode(&results)
ensureReaderClosed(resp)
return results, err return results, err
} }

2
vendor/src/github.com/docker/engine-api/client/login.go vendored
View file

@ -19,9 +19,9 @@ func (cli *Client) RegistryLogin(auth types.AuthConfig) (types.AuthResponse, err
if err != nil { if err != nil {
return types.AuthResponse{}, err return types.AuthResponse{}, err
} }
defer ensureReaderClosed(resp)
var response types.AuthResponse var response types.AuthResponse
err = json.NewDecoder(resp.body).Decode(&response) err = json.NewDecoder(resp.body).Decode(&response)
ensureReaderClosed(resp)
return response, err return response, err
} }

4
vendor/src/github.com/docker/engine-api/client/network.go vendored
View file

@ -65,8 +65,8 @@ func (cli *Client) NetworkList(options types.NetworkListOptions) ([]types.Networ
if err != nil { if err != nil {
return networkResources, err return networkResources, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&networkResources) err = json.NewDecoder(resp.body).Decode(&networkResources)
ensureReaderClosed(resp)
return networkResources, err return networkResources, err
} }
@ -80,7 +80,7 @@ func (cli *Client) NetworkInspect(networkID string) (types.NetworkResource, erro
} }
return networkResource, err return networkResource, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&networkResource) err = json.NewDecoder(resp.body).Decode(&networkResource)
ensureReaderClosed(resp)
return networkResource, err return networkResource, err
} }

2
vendor/src/github.com/docker/engine-api/client/version.go vendored
View file

@ -12,9 +12,9 @@ func (cli *Client) ServerVersion() (types.Version, error) {
if err != nil { if err != nil {
return types.Version{}, err return types.Version{}, err
} }
defer ensureReaderClosed(resp)
var server types.Version var server types.Version
err = json.NewDecoder(resp.body).Decode(&server) err = json.NewDecoder(resp.body).Decode(&server)
ensureReaderClosed(resp)
return server, err return server, err
} }

6
vendor/src/github.com/docker/engine-api/client/volume.go vendored
View file

@ -25,9 +25,9 @@ func (cli *Client) VolumeList(filter filters.Args) (types.VolumesListResponse, e
if err != nil { if err != nil {
return volumes, err return volumes, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&volumes) err = json.NewDecoder(resp.body).Decode(&volumes)
ensureReaderClosed(resp)
return volumes, err return volumes, err
} }
@ -41,8 +41,8 @@ func (cli *Client) VolumeInspect(volumeID string) (types.Volume, error) {
} }
return volume, err return volume, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&volume) err = json.NewDecoder(resp.body).Decode(&volume)
ensureReaderClosed(resp)
return volume, err return volume, err
} }
@ -53,8 +53,8 @@ func (cli *Client) VolumeCreate(options types.VolumeCreateRequest) (types.Volume
if err != nil { if err != nil {
return volume, err return volume, err
} }
defer ensureReaderClosed(resp)
err = json.NewDecoder(resp.body).Decode(&volume) err = json.NewDecoder(resp.body).Decode(&volume)
ensureReaderClosed(resp)
return volume, err return volume, err
} }

8
vendor/src/github.com/docker/engine-api/types/container/host_config.go vendored
View file

@ -151,6 +151,11 @@ func (rp *RestartPolicy) IsUnlessStopped() bool {
return rp.Name == "unless-stopped" return rp.Name == "unless-stopped"
} }
// IsSame compares two RestartPolicy to see if they are the same
func (rp *RestartPolicy) IsSame(tp *RestartPolicy) bool {
return rp.Name == tp.Name && rp.MaximumRetryCount == tp.MaximumRetryCount
}
// LogConfig represents the logging configuration of the container. // LogConfig represents the logging configuration of the container.
type LogConfig struct { type LogConfig struct {
Type string Type string
@ -178,7 +183,7 @@ type Resources struct {
KernelMemory int64 // Kernel memory limit (in bytes) KernelMemory int64 // Kernel memory limit (in bytes)
Memory int64 // Memory limit (in bytes) Memory int64 // Memory limit (in bytes)
MemoryReservation int64 // Memory soft limit (in bytes) MemoryReservation int64 // Memory soft limit (in bytes)
MemorySwap int64 // Total memory usage (memory + swap); set `-1` to disable swap MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap
MemorySwappiness *int64 // Tuning container memory swappiness behaviour MemorySwappiness *int64 // Tuning container memory swappiness behaviour
OomKillDisable *bool // Whether to disable OOM Killer or not OomKillDisable *bool // Whether to disable OOM Killer or not
PidsLimit int64 // Setting pids limit for a container PidsLimit int64 // Setting pids limit for a container
@ -190,6 +195,7 @@ type Resources struct {
type UpdateConfig struct { type UpdateConfig struct {
// Contains container's resources (cgroups, ulimits) // Contains container's resources (cgroups, ulimits)
Resources Resources
RestartPolicy RestartPolicy
} }
// HostConfig the non-portable Config structure of a container. // HostConfig the non-portable Config structure of a container.

5
vendor/src/github.com/docker/engine-api/types/types.go vendored
View file

@ -142,6 +142,7 @@ type Container struct {
SizeRw int64 `json:",omitempty"` SizeRw int64 `json:",omitempty"`
SizeRootFs int64 `json:",omitempty"` SizeRootFs int64 `json:",omitempty"`
Labels map[string]string Labels map[string]string
State string
Status string Status string
HostConfig struct { HostConfig struct {
NetworkMode string `json:",omitempty"` NetworkMode string `json:",omitempty"`
@ -198,6 +199,7 @@ type Info struct {
Images int Images int
Driver string Driver string
DriverStatus [][2]string DriverStatus [][2]string
SystemStatus [][2]string
Plugins PluginsInfo Plugins PluginsInfo
MemoryLimit bool MemoryLimit bool
SwapLimit bool SwapLimit bool
@ -222,8 +224,6 @@ type Info struct {
Architecture string Architecture string
IndexServerAddress string IndexServerAddress string
RegistryConfig *registry.ServiceConfig RegistryConfig *registry.ServiceConfig
InitSha1 string
InitPath string
NCPU int NCPU int
MemTotal int64 MemTotal int64
DockerRootDir string DockerRootDir string
@ -388,6 +388,7 @@ type NetworkResource struct {
Scope string Scope string
Driver string Driver string
IPAM network.IPAM IPAM network.IPAM
Internal bool
Containers map[string]EndpointResource Containers map[string]EndpointResource
Options map[string]string Options map[string]string
} }