This adds a more meaningful error on the client side so the "bad
certificate" error coming from the TLS dial code has some context for
the user.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
make error message when running commands while daemon is down more user-friendly.
```
docker@54.175.201.239 ~: sudo service docker stop
docker stop/waiting
docker@54.175.201.239 ~: docker images
Get http:///var/run/docker.sock/v1.19/images/json: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
```
Signed-off-by: Damien Nozay <damien.nozay@gmail.com>
This PR does the following:
- migrated ~/.dockerfg to ~/.docker/config.json. The data is migrated
but the old file remains in case its needed
- moves the auth json in that fie into an "auth" property so we can add new
top-level properties w/o messing with the auth stuff
- adds support for an HttpHeaders property in ~/.docker/config.json
which adds these http headers to all msgs from the cli
In a follow-on PR I'll move the config file process out from under
"registry" since it not specific to that any more. I didn't do it here
because I wanted the diff to be smaller so people can make sure I didn't
break/miss any auth code during my edits.
Signed-off-by: Doug Davis <dug@us.ibm.com>
This change makes `monitorTtySize` work correctly on windows by polling
into win32 API to get terminal size (because there's no SIGWINCH on
windows) and send it to the engine over Remove API properly.
Average getttysize syscall takes around 30-40 ms on an average windows
machine as far as I can tell, therefore in a `for` loop, checking every
250ms if size has changed or not.
I'm not sure if there's a better way to do it on windows, if so,
somebody please send a link 'cause I could not find.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Passing RepositoryInfo to ResolveAuthConfig, pullRepository, and pushRepository
Moving --registry-mirror configuration to registry config
Created resolve_repository job
Repo names with 'index.docker.io' or 'docker.io' are now synonymous with omitting an index name.
Adding test for RepositoryInfo
Adding tests for opts.StringSetOpts and registry.ValidateMirror
Fixing search term use of repoInfo
Adding integration tests for registry mirror configuration
Normalizing LookupImage image name to match LocalName parsing rules
Normalizing repository LocalName to avoid multiple references to an official image
Removing errorOut use in tests
Removing TODO comment
gofmt changes
golint comments cleanup. renaming RegistryOptions => registry.Options, and RegistryServiceConfig => registry.ServiceConfig
Splitting out builtins.Registry and registry.NewService calls
Stray whitespace cleanup
Moving integration tests for Mirrors and InsecureRegistries into TestNewIndexInfo unit test
Factoring out ValidateRepositoryName from NewRepositoryInfo
Removing unused IndexServerURL
Allowing json marshaling of ServiceConfig. Exposing ServiceConfig in /info
Switching to CamelCase for json marshaling
PR cleanup; removing 'Is' prefix from boolean members. Removing unneeded json tags.
Removing non-cleanup related fix for 'localhost:[port]' in splitReposName
Merge fixes for gh9735
Fixing integration test
Reapplying #9754
Adding comment on config.IndexConfigs use from isSecureIndex
Remove unused error return value from isSecureIndex
Signed-off-by: Don Kjer <don.kjer@gmail.com>
Adding back comment in isSecureIndex
Signed-off-by: Don Kjer <don.kjer@gmail.com>
SIGCHLD and SIGWINCH used in api/client (cli code) are not
available on Windows. Extracting into separate files with build
tags.
Signed-off-by: Ahmet Alp Balkan <ahmetb@microsoft.com>
First off, sorry for the noise. This is a cleaner step of #8508
Found more of a root cause of the open file handles.
After more testing I found that the open file descriptors will still
occur for TCP:// connections to the daemon, causing client and/or daemon
to fail.
The issue was instantiating a new http.Transport on _ever_ client
request. So each instance held the prior connection alive, but was only
ever used once.
By moving it out to the initilization of DockerCli, we can now have
reuse of idled connections. Simplifies the garbage overhead of the
client too, though that's not usually a deal.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
In the go stdlib net/http Transport, the used connections are cached
when idled. This behaviour is intended for TCP connections and does not
behave correctly for unix sockets. Despite the
DefaultMaxIdleConnsPerHost being 2, the idled connections are held open
during a session. For large sessions like `docker rm $(docker ps -a -q)`
of thousands of containers, it will cause the client _and_ the server to
open too many fails and have failures.
Having keep alives not used for only unix sockets is a work around for
this stdlib issue.
Also this includes disabling compression when communicating over the
local unix socket too.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Fixes#8407
Setting Host on URL only works if the Request does not
already have its Host property set.
Note that the API version was also swallowed.
Signed-off-by: Tõnis Tiigi <tonistiigi@gmail.com> (github: tonistiigi)
`docker events > /tmp/out` should not print control
characters to non-terminal STDOUT.
This addresses commit 26b4a4920a
without creating regression described in issue #6509.
Signed-off-by: Vojtech Vitek (V-Teq) <vvitek@redhat.com>
