kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity

Merge pull request #41072 from AkihiroSuda/fix-41071 

cgroup2: unshare cgroupns by default regardless to API version
This commit is contained in:
Brian Goff 2020-10-01 11:56:00 -07:00 committed by GitHub
parent 2bf7dc279a 79cfcba76c
commit 816fbcd306
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/server/router/container/container.go
View File

@ -10,13 +10,15 @@ type containerRouter struct {
backend Backend backend Backend
decoder httputils.ContainerDecoder decoder httputils.ContainerDecoder
routes []router.Route routes []router.Route
cgroup2 bool
} }
// NewRouter initializes a new container router // NewRouter initializes a new container router
func NewRouter(b Backend, decoder httputils.ContainerDecoder) router.Router { func NewRouter(b Backend, decoder httputils.ContainerDecoder, cgroup2 bool) router.Router {
r := &containerRouter{ r := &containerRouter{
backend: b, backend: b,
decoder: decoder, decoder: decoder,
cgroup2: cgroup2,
} }
r.initRoutes() r.initRoutes()
return r return r

4
api/server/router/container/container_routes.go
View File

@ -494,8 +494,8 @@ func (s *containerRouter) postContainersCreate(ctx context.Context, w http.Respo
hostConfig.IpcMode = container.IpcMode("shareable") hostConfig.IpcMode = container.IpcMode("shareable")
} }
} }
if hostConfig != nil && versions.LessThan(version, "1.41") { if hostConfig != nil && versions.LessThan(version, "1.41") && !s.cgroup2 {
// Older clients expect the default to be "host" // Older clients expect the default to be "host" on cgroup v1 hosts
if hostConfig.CgroupnsMode.IsEmpty() { if hostConfig.CgroupnsMode.IsEmpty() {
hostConfig.CgroupnsMode = container.CgroupnsMode("host") hostConfig.CgroupnsMode = container.CgroupnsMode("host")
} }

2
cmd/dockerd/daemon.go
View File

@ -477,7 +477,7 @@ func initRouter(opts routerOptions) {
routers := []router.Router{ routers := []router.Router{
// we need to add the checkpoint router before the container router or the DELETE gets masked // we need to add the checkpoint router before the container router or the DELETE gets masked
checkpointrouter.NewRouter(opts.daemon, decoder), checkpointrouter.NewRouter(opts.daemon, decoder),
container.NewRouter(opts.daemon, decoder), container.NewRouter(opts.daemon, decoder, opts.daemon.RawSysInfo(true).CgroupUnified),
image.NewRouter(opts.daemon.ImageService()), image.NewRouter(opts.daemon.ImageService()),
systemrouter.NewRouter(opts.daemon, opts.cluster, opts.buildkit, opts.features), systemrouter.NewRouter(opts.daemon, opts.cluster, opts.buildkit, opts.features),
volume.NewRouter(opts.daemon.VolumesService()), volume.NewRouter(opts.daemon.VolumesService()),