From 539c9691f175899d491da4c5dcf4674fe48f2cd954a74311d6891dedd4aeb8c4 Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Thu, 17 Jul 2014 15:31:28 +0000 Subject: [PATCH] Accepting request 241204 from Virtualization Fix ExclusiveArch statement OBS-URL: https://build.opensuse.org/request/show/241204 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=1 --- .gitattributes | 23 + .gitignore | 1 + 0002-Stripped-dockerinit-binary.patch | 32 + 80-docker.rules | 5 + docker-1.1.1.tar.bz2 | 3 + docker-rpmlintrc | 6 + docker.changes | 1180 +++++++++++++++++++++++++ docker.service | 14 + docker.socket | 11 + docker.spec | 167 ++++ sysconfig.docker | 8 + sysctl-docker.conf | 2 + 12 files changed, 1452 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 0002-Stripped-dockerinit-binary.patch create mode 100644 80-docker.rules create mode 100644 docker-1.1.1.tar.bz2 create mode 100644 docker-rpmlintrc create mode 100644 docker.changes create mode 100644 docker.service create mode 100644 docker.socket create mode 100644 docker.spec create mode 100644 sysconfig.docker create mode 100644 sysctl-docker.conf diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/0002-Stripped-dockerinit-binary.patch b/0002-Stripped-dockerinit-binary.patch new file mode 100644 index 0000000..091343c --- /dev/null +++ b/0002-Stripped-dockerinit-binary.patch @@ -0,0 +1,32 @@ +From 86a768c5a830220024a56495f18e88bfc21f3aac Mon Sep 17 00:00:00 2001 +From: Flavio Castelli +Date: Wed, 26 Mar 2014 17:50:19 +0100 +Subject: [PATCH 2/2] Stripped dockerinit binary + +The sha1sum of `dockerinit` is hardcoded into `docker` binary and is +checked at runtime. OBS strips the debugging symbols from all the +binaries (and hence also from `dockerinit`). That causes the sha1sum of +the installed file to be different from the value computed inside of the +buildroot. + +This commit strips the debugging symbols from `dockerinit` _before_ the +`docker` binary is built. Avoiding all the runtime errors. +--- + hack/make/dynbinary | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hack/make/dynbinary b/hack/make/dynbinary +index 75cffe3..0143a9c 100644 +--- a/hack/make/dynbinary ++++ b/hack/make/dynbinary +@@ -15,6 +15,7 @@ if [ -z "$DOCKER_CLIENTONLY" ]; then + ./dockerinit + echo "Created binary: $DEST/dockerinit-$VERSION" + ln -sf "dockerinit-$VERSION" "$DEST/dockerinit" ++ /usr/bin/strip -g $DEST/dockerinit + + hash_files "$DEST/dockerinit-$VERSION" + +-- +1.8.4.5 + diff --git a/80-docker.rules b/80-docker.rules new file mode 100644 index 0000000..a3dac1c --- /dev/null +++ b/80-docker.rules @@ -0,0 +1,5 @@ +# hide docker's loopback devices from udisks, and thus from user desktops +SUBSYSTEM=="block", ENV{DM_NAME}=="docker-*", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_IGNORE}="1" +SUBSYSTEM=="block", DEVPATH=="/devices/virtual/block/loop*", ATTR{loop/backing_file}=="/var/lib/docker/*", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_IGNORE}="1" + + diff --git a/docker-1.1.1.tar.bz2 b/docker-1.1.1.tar.bz2 new file mode 100644 index 0000000..70b979e --- /dev/null +++ b/docker-1.1.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:31517dc1f2d4a75827a1f5011bd4a00aff6b8132618f7cf8a34c2ec395550983 +size 6436187 diff --git a/docker-rpmlintrc b/docker-rpmlintrc new file mode 100644 index 0000000..00c5581 --- /dev/null +++ b/docker-rpmlintrc @@ -0,0 +1,6 @@ +addFilter ("^docker.x86_64: W: statically-linked-binary /usr/lib64/docker/dockerinit") +addFilter ("^docker-bash-completion.noarch: W: sourced-script-with-shebang /etc/bash_completion.d/docker bash") +addFilter ("^docker.x86_64: W: statically-linked-binary /usr/lib/docker/dockerinit") +addFilter ("^docker.x86_64: W: unstripped-binary-or-object /usr/lib/docker/dockerinit") +addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker") +addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit") diff --git a/docker.changes b/docker.changes new file mode 100644 index 0000000..68aea68 --- /dev/null +++ b/docker.changes @@ -0,0 +1,1180 @@ +------------------------------------------------------------------- +Wed Jul 16 13:37:23 UTC 2014 - fcastelli@suse.com + +- Ensure docker can be built only on x86_64 + +------------------------------------------------------------------- +Wed Jul 16 09:07:45 UTC 2014 - fcastelli@suse.com + +- Added docker-rpmlintrc to list of source files + +------------------------------------------------------------------- +Mon Jul 14 09:39:40 UTC 2014 - fcastelli@suse.com + +- Updated to 1.1.1, notables features since 1.0.0: + * Add `.dockerignore` support + * Pause containers during `docker commit` + * Add `--tail` to `docker logs` + * Enhance security for the LXC driver +- Builder + * Fix issue with ADD + * Allow a tar file as context for `docker build` + * Fix issue with white-spaces and multi-lines in `Dockerfiles` + * Fix `ONBUILD` instruction passed to grandchildren +- Runtime + * Overall performance improvements + * Allow `/` as source of `docker run -v` + * Fix port allocation + * Fix bug in `docker save` + * Add links information to `docker inspect` + * Fix events subscription + * Fix /etc/hostname file with host networking + * Allow `-h` and `--net=none` + * Fix issue with hotplug devices in `--privileged` +- Client + * Improve command line parsing for `docker commit` + * Fix artifacts with events + * Fix a panic with empty flags +- Remote API + * Improve status code for the `start` and `stop` endpoints +- Miscellaneous + * Fix several races + +------------------------------------------------------------------- +Mon Jul 14 09:03:23 UTC 2014 - fcastelli@suse.com + +- Fix CVE-2014-3499: systemd socket activation results in privilege escalation [bnc#885209] + +------------------------------------------------------------------- +Tue Jun 10 15:58:24 UTC 2014 - fcastelli@suse.com + +- add exclusivearch to reduce to architectures with a working "go" package + (patch submitted by Rudy). + +------------------------------------------------------------------- +Mon Jun 9 21:09:28 UTC 2014 - fcastelli@suse.com + +- Updated to 1.0.0, Notable features since 0.12.0 + * Production support + +------------------------------------------------------------------- +Mon Jun 9 14:58:12 UTC 2014 - fcastelli@suse.com + +- Upgraded to 0.12.0: + * New `COPY` Dockerfile instruction to allow copying a local file from the context into the container without ever extracting if the file is a tar file + * Inherit file permissions from the host on `ADD` + * New `pause` and `unpause` commands to allow pausing and unpausing of containers using cgroup freezer + * The `images` command has a `-f`/`--filter` option to filter the list of images + * Add `--force-rm` to clean up after a failed build + * Standardize JSON keys in Remote API to CamelCase + * Pull from a docker run now assumes `latest` tag if not specified + * Enhance security on Linux capabilities and device nodes + +------------------------------------------------------------------- +Wed May 21 15:24:11 UTC 2014 - fcastelli@suse.com + +- Do not require ca-certificates-cert package at runtime, it's not needed. + +------------------------------------------------------------------- +Wed May 21 14:22:47 UTC 2014 - fcastelli@suse.com + +- Disabled AUFS backend at build time, we are never going to support that. +- Updated rpmlint to ignore missing man page of docker. + +------------------------------------------------------------------- +Wed May 21 08:10:48 UTC 2014 - smoioli@suse.com + +- Fixes a merge issue with TTYs: https://github.com/dotcloud/docker/pull/4882 + +------------------------------------------------------------------- +Thu May 15 15:04:51 UTC 2014 - fcastelli@suse.com + +- Ensure /etc/sysconfig/docker file is created upon package installation. + +------------------------------------------------------------------- +Thu May 15 14:35:39 UTC 2014 - fcastelli@suse.com + +- Updated rpmlintrc + +------------------------------------------------------------------- +Thu May 15 13:45:03 UTC 2014 - fcastelli@suse.com + +- Do not specify a custon DOCKERINIT_PATH at build time. + +------------------------------------------------------------------- +Thu May 15 13:21:44 UTC 2014 - fcastelli@suse.com + +- Removed 0001-Allowed-installation-of-dockerinit-into-usr-lib64.patch, leave + dockerinit installed inside of /usr/lib/docker. + +------------------------------------------------------------------- +Thu May 15 13:05:20 UTC 2014 - fcastelli@suse.com + +- Added sysconfig file to handle docker environment file. + +------------------------------------------------------------------- +Thu May 8 08:09:17 UTC 2014 - fcastelli@suse.com + + - Update to 0.11.1: + * Registry: + - Fix push and pull to private registry + - 0.11.0 changes: + * SELinux support for mount and process labels + * Linked containers can be accessed by hostname + * Use the net `--net` flag to allow advanced network configuration such as host networking so that containers can use the host's network interfaces + * Add a ping endpoint to the Remote API to do healthchecks of your docker daemon + * Logs can now be returned with an optional timestamp + * Docker now works with registries that support SHA-512 + * Multiple registry endpoints are supported to allow registry mirrors + +------------------------------------------------------------------- +Wed Apr 9 07:28:35 UTC 2014 - fcastelli@suse.com + +- Updated to version 0.10.0: + * Builder: + - Fix printing multiple messages on a single line. Fixes broken output during builds. + - Follow symlinks inside container's root for ADD build instructions. + - Fix EXPOSE caching. + * Contrib: + - Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile. + - Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly. + - Remove inotifywait hack from the upstart host-integration example because it's not necessary any more. + - Add check-config script to contrib. + - Fix fish shell completion. + * Remote API: + - Add TLS auth support for API. + - Move git clone from daemon to client. + - Fix content-type detection in docker cp. + - Split API into 2 go packages. + * Runtime: + - Support hairpin NAT without going through Docker server. + - devicemapper: succeed immediately when removing non-existing devices. + - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time and unlock while sleeping). + - devicemapper: increase timeout in waitClose to 10 seconds. + - devicemapper: ensure we shut down thin pool cleanly. + - devicemapper: pass info, rather than hash to activateDeviceIfNeeded, deactivateDevice, setInitialized, deleteDevice. + - devicemapper: avoid AB-BA deadlock. + - devicemapper: make shutdown better/faster. + - improve alpha sorting in mflag. + - Remove manual http cookie management because the cookiejar is being used. + - Use BSD raw mode on Darwin. Fixes nano, tmux and others. + - Add FreeBSD support for the client. + - Merge auth package into registry. + - Add deprecation warning for -t on `docker pull`. + - Remove goroutine leak on error. + - Update parseLxcInfo to comply with new lxc1.0 format. + - Fix attach exit on darwin. + - Improve deprecation message. + - Retry to retrieve the layer metadata up to 5 times for `docker pull`. + - Only unshare the mount namespace for execin. + - Merge existing config when committing. + - Disable daemon startup timeout. + - Fix issue #4681: add loopback interface when networking is disabled. + - Add failing test case for issue #4681. + - Send SIGTERM to child, instead of SIGKILL. + - Show the driver and the kernel version in `docker info` even when not in debug mode. + - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. + - Fix issue caused by the absence of /etc/apparmor.d. + - Don't leave empty cidFile behind when failing to create the container. + - Mount cgroups automatically if they're not mounted already. + - Use mock for search tests. + - Update to double-dash everywhere. + - Move .dockerenv parsing to lxc driver. + - Move all bind-mounts in the container inside the namespace. + - Don't use separate bind mount for container. + - Always symlink /dev/ptmx for libcontainer. + - Don't kill by pid for other drivers. + - Add initial logging to libcontainer. + - Sort by port in `docker ps`. + - Move networking drivers into runtime top level package. + - Add --no-prune to `docker rmi`. + - Add time since exit in `docker ps`. + - graphdriver: add build tags. + - Prevent allocation of previously allocated ports & prevent improve port allocation. + - Add support for --since/--before in `docker ps`. + - Clean up container stop. + - Add support for configurable dns search domains. + - Add support for relative WORKDIR instructions. + - Add --output flag for docker save. + - Remove duplication of DNS entries in config merging. + - Add cpuset.cpus to cgroups and native driver options. + - Remove docker-ci. + - Promote btrfs. btrfs is no longer considered experimental. + - Add --input flag to `docker load`. + - Return error when existing bridge doesn't match IP address. + - Strip comments before parsing line continuations to avoid interpreting instructions as comments. + - Fix TestOnlyLoopbackExistsWhenUsingDisableNetworkOption to ignore "DOWN" interfaces. + - Add systemd implementation of cgroups and make containers show up as systemd units. + - Fix commit and import when no repository is specified. + - Remount /var/lib/docker as --private to fix scaling issue. + - Use the environment's proxy when pinging the remote registry. + - Reduce error level from harmless errors. + - Allow --volumes-from to be individual files. + - Fix expanding buffer in StdCopy. + - Set error regardless of attach or stdin. This fixes #3364. + - Add support for --env-file to load environment variables from files. + - Symlink /etc/mtab and /proc/mounts. + - Allow pushing a single tag. + - Shut down containers cleanly at shutdown and wait forever for the containers to shut down. This makes container shutdown on daemon shutdown work properly via SIGTERM. + - Don't throw error when starting an already running container. + - Fix dynamic port allocation limit. + - remove setupDev from libcontainer. + - Add API version to `docker version`. + - Return correct exit code when receiving signal and make SIGQUIT quit without cleanup. + - Fix --volumes-from mount failure. + - Allow non-privileged containers to create device nodes. + - Skip login tests because of external dependency on a hosted service. + - Deprecate `docker images --tree` and `docker images --viz`. + - Deprecate `docker insert`. + - Include base abstraction for apparmor. This fixes some apparmor related problems on Ubuntu 14.04. + - Add specific error message when hitting 401 over HTTP on push. + - Fix absolute volume check. + - Remove volumes-from from the config. + - Move DNS options to hostconfig. + - Update the apparmor profile for libcontainer. + - Add deprecation notice for `docker commit -run`. + +------------------------------------------------------------------- +Wed Mar 26 16:47:03 UTC 2014 - fcastelli@suse.com + +- Updated to 0.9.1: + * Builder: + - Fix printing multiple messages on a single line. Fixes broken output during builds. + * Remote API: + - Fix content-type detection in `docker cp`. + * Runtime: + - Use BSD raw mode on Darwin. Fixes nano, tmux and others. + - Only unshare the mount namespace for execin. + - Retry to retrieve the layer metadata up to 5 times for `docker pull`. + - Merge existing config when committing. + - Fix panic in monitor. + - Disable daemon startup timeout. + - Fix issue #4681: add loopback interface when networking is disabled. + - Add failing test case for issue #4681. + - Send SIGTERM to child, instead of SIGKILL. + - Show the driver and the kernel version in `docker info` even when not in debug mode. + - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. + - Fix issue caused by the absence of /etc/apparmor.d. + - Don't leave empty cidFile behind when failing to create the container. + - Improve deprecation message. + - Fix attach exit on darwin. + - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time, unlock while sleeping). + - devicemapper: succeed immediately when removing non-existing devices. + - devicemapper: increase timeout in waitClose to 10 seconds. + - Remove goroutine leak on error. + - Update parseLxcInfo to comply with new lxc1.0 format. + +------------------------------------------------------------------- +Tue Mar 25 21:06:35 UTC 2014 - fcastelli@suse.com + +- Updated to docker 0.9.0: + * Builder: + - Avoid extra mount/unmount during build. This fixes mount/unmount related errors during build. + - Add error to docker build --rm. This adds missing error handling. + - Forbid chained onbuild, `onbuild from` and `onbuild maintainer` triggers. + - Make `--rm` the default for `docker build`. + * Remote API: + - Move code specific to the API to the api package. + - Fix header content type for the API. Makes all endpoints use proper content type. + - Fix registry auth & remove ping calls from CmdPush and CmdPull. + - Add newlines to the JSON stream functions. + * Runtime: + - Do not ping the registry from the CLI. All requests to registres flow through the daemon. + - Check for nil information return in the lxc driver. This fixes panics with older lxc versions. + - Devicemapper: cleanups and fix for unmount. Fixes two problems which were causing unmount to fail intermittently. + - Devicemapper: remove directory when removing device. Directories don't get left behind when removing the device. + - Devicemapper: enable skip_block_zeroing. Improves performance by not zeroing blocks. + - Devicemapper: fix shutdown warnings. Fixes shutdown warnings concerning pool device removal. + - Ensure docker cp stream is closed properly. Fixes problems with files not being copied by `docker cp`. + - Stop making `tcp://` default to `127.0.0.1:4243` and remove the default port for tcp. + - Fix `--run` in `docker commit`. This makes `docker commit --run` work again. + - Fix custom bridge related options. This makes custom bridges work again. + - Mount-bind the PTY as container console. This allows tmux/screen to run. + - Add the pure Go libcontainer library to make it possible to run containers using only features of the Linux kernel. + - Add native exec driver which uses libcontainer and make it the default exec driver. + - Add support for handling extended attributes in archives. + - Set the container MTU to be the same as the host MTU. + - Add simple sha256 checksums for layers to speed up `docker push`. + - Improve kernel version parsing. + - Allow flag grouping (`docker run -it`). + - Remove chroot exec driver. + - Fix divide by zero to fix panic. + - Rewrite `docker rmi`. + - Fix docker info with lxc 1.0.0. + - Fix fedora tty with apparmor. + - Don't always append env vars, replace defaults with vars from config. + - Fix a goroutine leak. + - Switch to Go 1.2.1. + - Fix unique constraint error checks. + - Handle symlinks for Docker's data directory and for TMPDIR. + - Add deprecation warnings for flags (-flag is deprecated in favor of --flag) + - Add apparmor profile for the native execution driver. + - Move system specific code from archive to pkg/system. + - Fix duplicate signal for `docker run -i -t` (issue #3336). + - Return correct process pid for lxc. + - Add a -G option to specify the group which unix sockets belong to. + - Add `-f` flag to `docker rm` to force removal of running containers. + - Kill ghost containers and restart all ghost containers when the docker daemon restarts. + - Add `DOCKER_RAMDISK` environment variable to make Docker work when the root is on a ramdisk. +- Updated requirements according to 0.9.0 release notes. + +------------------------------------------------------------------- +Wed Feb 19 08:35:27 UTC 2014 - fcastelli@suse.com + + - updated to Docker 0.8.1 + * Builder: + - Avoid extra mount/unmount during build. This removes an unneeded + mount/unmount operation which was causing problems with devicemapper + - Fix regression with ADD of tar files. This stops Docker from + decompressing tarballs added via ADD from the local file system + - Add error to `docker build --rm`. This adds a missing error check to + ensure failures to remove containers are detected and reported + * Remote API: + - Fix broken images API for version less than 1.7 + - Use the right encoding for all API endpoints which return JSON + - Move remote api client to api/ + - Queue calls to the API using generic socket wait + * Runtime: + - Fix the use of custom settings for bridges and custom bridges + - Refactor the devicemapper code to avoid many mount/unmount race + conditions and failures + - Remove two panics which could make Docker crash in some situations + - Don't ping registry from the CLI client + - Enable skip_block_zeroing for devicemapper. This stops devicemapper from + always zeroing entire blocks + - Fix --run in `docker commit`. This makes docker commit store `--run` + in the image configuration + - Remove directory when removing devicemapper device. This cleans up + leftover mount directories + - Drop NET_ADMIN capability for non-privileged containers. Unprivileged + containers can't change their network configuration + - Ensure `docker cp` stream is closed properly + - Avoid extra mount/unmount during container registration. This removes + an unneeded mount/unmount operation which was causing problems with + devicemapper + - Stop allowing tcp:// as a default tcp bin address which binds to + 127.0.0.1:4243 and remove the default port + - Mount-bind the PTY as container console. This allows tmux and screen to + run in a container + - Clean up archive closing. This fixes and improves archive handling + - Fix engine tests on systems where temp directories are symlinked + - Add test methods for save and load + - Avoid temporarily unmounting the container when restarting it. This + fixes a race for devicemapper during restart + - Support submodules when building from a GitHub repository + - Quote volume path to allow spaces + - Fix remote tar ADD behavior. This fixes a regression which was + causing Docker to extract tarballs + +------------------------------------------------------------------- +Thu Feb 13 09:07:39 UTC 2014 - fcastelli@suse.com + +- Ensure lxc >= 1.0 is not installed on the system, this version is + not compatible with docker yet. + +------------------------------------------------------------------- +Thu Feb 6 08:48:22 UTC 2014 - fcastelli@suse.com + +- updated to docker 0.8.0: + * Images and containers can be removed much faster + * Building an image from source with docker build is now much faster + * The Docker daemon starts and stops much faster + * The memory footprint of many common operations has been reduced, by + streaming files instead of buffering them in memory, fixing memory leaks, + and fixing various suboptimal memory allocations + * Several race conditions were fixed, making Docker more stable under very + high concurrency load. This makes Docker more stable and less likely to + crash and reduces the memory footprint of many common operations + * All packaging operations are now built on the Go language’s standard tar + implementation, which is bundled with Docker itself. This makes packaging + more portable across host distributions, and solves several issues caused + by quirks and incompatibilities between different distributions of tar + * Docker can now create, remove and modify larger numbers of containers and + images graciously thanks to more aggressive releasing of system resources. + For example the storage driver API now allows Docker to do reference + counting on mounts created by the drivers. With the ongoing changes to the + networking and execution subsystems of docker testing these areas have been + a focus of the refactoring. By moving these subsystems into separate + packages we can test, analyze, and monitor coverage and quality of these + packages + * The Docker daemon supports systemd socket activation + * Docker now ships with an experimental storage driver which uses the BTRFS + filesystem for copy-on-write + * The ADD instruction now supports caching, which avoids unnecessarily + re-uploading the same source content again and again when it hasn’t changed + * The new ONBUILD instruction adds to your image a “trigger” instruction to be + executed at a later time, when the image is used as the base for another + build + * Many components have been separated into smaller sub-packages, each with a + dedicated test suite. As a result the code is better-tested, more readable + and easier to change + * Docker is officially supported on Mac OSX + +------------------------------------------------------------------- +Fri Jan 31 18:14:09 UTC 2014 - f_koch@gmx.de + +- Fix udev file name + +------------------------------------------------------------------- +Sat Jan 25 14:04:50 UTC 2014 - fcastelli@suse.com + +- Added again the patch which forces the docker binary to look for the + dockerinit file into the right location. Docker's official build system + is still bugged. + +------------------------------------------------------------------- +Sat Jan 25 11:05:42 UTC 2014 - fcastelli@suse.com + + - updated to 0.7.6: + * Builder: + - Do not follow symlink outside of build context + * Runtime: + - Remount bind mounts when ro is specified + - Use https for fetching docker version + * Other: + - Inline the test.docker.io fingerprint + - Add ca-certificates to packaging documentation + - rpm changes: + * remove patch which forced docker to loook for the dockerinit binary into + /usr/lib64/docker. Docker's build system now accepts an environment + variable to address this issue. + * install udev rules inside of /usr/lib/udev as requested by rpmlint. +------------------------------------------------------------------- +Fri Jan 10 10:44:23 UTC 2014 - fcastelli@suse.com + + - updated to 0.7.5: + * Builder: + - Disable compression for build. More space usage but a much faster upload + - Fix ADD caching for certain paths + - Do not compress archive from git build + * Documentation: + * Fix error in GROUP add example + * Make sure the GPG fingerprint is inline in the documentation + * Give more specific advice on setting up signing of commits for DCO + * Runtime: + * Fix misspelled container names + * Do not add hostname when networking is disabled + * Return most recent image from the cache by date + * Return all errors from docker wait + * Add Content-Type Header "application/json" to GET /version and /info responses + * Other: + - Update DCO to version 1.1 + - Update Makefile to use "docker:GIT_BRANCH" as the generated image name + - Update Travis to check for new 1.1 DCO version + - 0.7.4 changes: + * Builder: + - Fix ADD caching issue with . prefixed path + - Fix docker build on devicemapper by reverting sparse file tar option + - Fix issue with file caching and prevent wrong cache hit + - Use same error handling while unmarshalling CMD and ENTRYPOINT + * Documentation: + - Simplify and streamline Amazon Quickstart + - Install instructions use unprefixed fedora image + - Update instructions for mtu flag for Docker on GCE + - Add Ubuntu Saucy to installation + - Fix for wrong version warning on master instead of latest + * Runtime: + - Only get the image's rootfs when we need to calculate the image size + - Correctly handle unmapping UDP ports + - Make CopyFileWithTar use a pipe instead of a buffer to save memory on docker build + - Fix login message to say pull instead of push + - Fix "docker load" help by removing "SOURCE" prompt and mentioning STDIN + - Make blank -H option default to the same as no -H was sent + - Extract cgroups utilities to own submodule + * Other: + - Add Travis CI configuration to validate DCO and gofmt requirements + - Add Developer Certificate of Origin Text + - Upgrade VBox Guest Additions + - Check standalone header when pinging a registry server + +------------------------------------------------------------------- +Tue Jan 7 12:48:30 UTC 2014 - fcastelli@suse.com + +- Spec file cleanup: removed useless SUSE versions checks around bash and zsh + completion sub packages. +- Updated runtime dependencies according to what reported by the official + documentation. + +------------------------------------------------------------------- +Tue Jan 7 08:26:37 UTC 2014 - fcastelli@suse.com + + - Updated to 0.7.3: + * Builder: + - Update ADD to use the image cache, based on a hash of the added content + - Add error message for empty Dockerfile + * Documentation: + - Fix outdated link to the "Introduction" on www.docker.io + - Update the docs to get wider when the screen does + - Add information about needing to install LXC when using raw binaries + - Update Fedora documentation to disentangle the docker and docker.io conflict + - Add a note about using the new `-mtu` flag in several GCE zones + - Add FrugalWare installation instructions + - Add a more complete example of `docker run` + - Fix API documentation for creating and starting Privileged containers + - Add missing "name" parameter documentation on "/containers/create" + - Add a mention of `lxc-checkconfig` as a way to check for some of the necessary kernel configuration + - Update the 1.8 API documentation with some additions that were added to the docs for 1.7 + * Hack: + - Add missing libdevmapper dependency to the packagers documentation + - Update minimum Go requirement to a hard line at Go 1.2+ + - Many minor improvements to the Vagrantfile + - Add ability to customize dockerinit search locations when compiling (to be used very sparingly only by packagers of platforms who require a nonstandard location) + - Add coverprofile generation reporting + - Add `-a` to our Go build flags, removing the need for recompiling the stdlib manually + - Update Dockerfile to be more canonical and have less spurious warnings during build + - Fix some miscellaneous `docker pull` progress bar display issues + - Migrate more miscellaneous packages under the "pkg" folder + - Update TextMate highlighting to automatically be enabled for files named "Dockerfile" + - Reorganize syntax highlighting files under a common "contrib/syntax" directory + - Update install.sh script (https://get.docker.io/) to not fail if busybox fails to download or run at the end of the Ubuntu/Debian installation + - Add support for container names in bash completion + * Packaging: + - Add an official Docker client binary for Darwin (Mac OS X) + - Remove empty "Vendor" string and added "License" on deb package + - Add a stubbed version of "/etc/default/docker" in the deb package + * Runtime: + - Update layer application to extract tars in place, avoiding file churn while handling whiteouts + - Fix permissiveness of mtime comparisons in tar handling (since GNU tar and Go tar do not yet support sub-second mtime precision) + - Reimplement `docker top` in pure Go to work more consistently, and even inside Docker-in-Docker (thus removing the shell injection vulnerability present in some versions of `lxc-ps`) + - Update `-H unix://` to work similarly to `-H tcp://` by inserting the default values for missing portions + - Fix more edge cases regarding dockerinit and deleted or replaced docker or dockerinit files + - Update container name validation to include '.' + - Fix use of a symlink or non-absolute path as the argument to `-g` to work as expected + - Update to handle external mounts outside of LXC, fixing many small mounting quirks and making future execution backends and other features simpler + - Update to use proper box-drawing characters everywhere in `docker images -tree` + - Move MTU setting from LXC configuration to directly use netlink + - Add `-S` option to external tar invocation for more efficient spare file handling + - Add arch/os info to User-Agent string, especially for registry requests + - Add `-mtu` option to Docker daemon for configuring MTU + - Fix `docker build` to exit with a non-zero exit code on error + - Add `DOCKER_HOST` environment variable to configure the client `-H` flag without specifying it manually for every invocation + +------------------------------------------------------------------- +Wed Dec 18 08:35:14 UTC 2013 - fcastelli@suse.com + +- Removed docker.init file from OBS, it's no longer needed since we + moved to systemd. + +------------------------------------------------------------------- +Tue Dec 17 17:25:47 UTC 2013 - fcastelli@suse.com + +- Required git-core rather than the full package chain. + +------------------------------------------------------------------- +Tue Dec 17 10:59:08 UTC 2013 - fcastelli@suse.com + +- Fixed openSUSE 12.3 package by adding explicit requirement of + systemd-devel package at build time. + +------------------------------------------------------------------- +Tue Dec 17 10:09:04 UTC 2013 - fcastelli@suse.com + +- Updated to docker 0.7.2: + * Runtime: + - Validate container names on creation with standard regex + - Increase maximum image depth to 127 from 42 + - Continue to move api endpoints to the job api + - Add -bip flag to allow specification of dynamic bridge IP via CIDR + - Allow bridge creation when ipv6 is not enabled on certain systems + - Set hostname and IP address from within dockerinit + - Drop capabilities from within dockerinit + - Fix volumes on host when symlink is present the image + - Prevent deletion of image if ANY container is depending on it even if the container is not running + - Update docker push to use new progress display + - Use os.Lstat to allow mounting unix sockets when inspecting volumes + - Adjusted handling of inactive user login + - Add missing defines in devicemapper for older kernels + - Allow untag operations with no container validation + - Add auth config to docker build + * Documentation: + - Add more information about Docker logging + - Add RHEL documentation + - Add a direct example for changing the CMD that is run in a container + - Update Arch installation documentation + - Add section on Trusted Builds + - Add Network documentation page + * Other: + - Add new cover bundle for providing code coverage reporting + - Separate integration tests in bundles + - Make Tianon the hack maintainer + - Update mkimage-debootstrap with more tweaks for keeping images small + - Use https to get the install script + - Remove vendored dotcloud/tar now that Go 1.2 has been released +- Marked /etc/sysctl.d/200-docker.conf as configuration file within the spec file. +- Added 'ca-certificates-cacert' as runtime dependency, this is required to pull + containers from docker's official repository. + +------------------------------------------------------------------- +Thu Dec 12 08:41:30 UTC 2013 - fcastelli@suse.com + +- Removed dnsmasq dependency +- Added GNU tar as an explicit dependency +- Moved to systemd +- Updated to docker 0.7.1: + * Add @SvenDowideit as documentation maintainer + * Add links example + * Add documentation regarding ambassador pattern + * Add Google Cloud Platform docs + * Add dockerfile best practices + * Update doc for RHEL + * Update doc for registry + * Update Postgres examples + * Update doc for Ubuntu install + * Improve remote api doc +- modified patches: + * 0001-Allowed-installation-of-dockerinit-into-usr-lib64.patch: changed + to apply against the updated codebase. +------------------------------------------------------------------- +Thu Nov 28 10:18:12 UTC 2013 - fcastelli@suse.com + +- Updated runtime dependencies according to docker's official guidelines. + +------------------------------------------------------------------- +Thu Nov 28 09:25:05 UTC 2013 - fcastelli@suse.com + +- Fixed packaging errors: + * dockerinit binary was not built, causing docker to be unusable. + * added custom rpmlint rules. + +------------------------------------------------------------------- +Tue Nov 26 15:59:38 UTC 2013 - fcastelli@suse.com + * rpm changes: + * do no longer require a AUFS cable kernel at runtime. + * build docker using intree dependencies provided by upstream. + * created zsh completion sub-package. + + * 0.7.0 (2013-11-25) + - Storage drivers: choose from aufs, device mapper, vfs or btrfs. + - Standard Linux support: docker now runs on unmodified linux kernels and all major distributions. + - Links: compose complex software stacks by connecting containers to each other. + - Container naming: organize your containers by giving them memorable names. + - Advanced port redirects: specify port redirects per interface, or keep sensitive ports private. + - Offline transfer: push and pull images to the filesystem without losing information. + - Quality: numerous bugfixes and small usability improvements. Significant increase in test coverage. + + * 0.6.7 (2013-11-21) + - Improved stability, fixes some race conditons + - Skip the volumes mounted when deleting the volumes of container. + - Fix layer size computation: handle hard links correctly + - Use the work Path for docker cp CONTAINER:PATH + - Fix tmp dir never cleanup + - Speedup docker ps + - More informative error message on name collisions + - Fix nameserver regex + - Always return long id's + - Fix container restart race condition + - Keep published ports on docker stop;docker start + - Fix container networking on Fedora + - Correctly express "any address" to iptables + - Fix network setup when reconnecting to ghost container + - Prevent deletion if image is used by a running container + - Lock around read operations in graph + - remote API: return full ID on docker rmi + - client: + - Add -tree option to images + - Offline image transfer + - Exit with status 2 on usage error and display usage on stderr + - Do not forward SIGCHLD to container + - Use string timestamp for docker events -since + + * 0.6.6 (2013-11-06) + - Ensure container name on register + - Fix regression in /etc/hosts + - Add lock around write operations in graph + - Check if port is valid + - Fix restart runtime error with ghost container networking + - Added some more colors and animals to increase the pool of generated names + - Fix issues in docker inspect + - Escape apparmor confinement + - Set environment variables using a file. + - Prevent docker insert to erase something + - Prevent DNS server conflicts in CreateBridgeIface + - Validate bind mounts on the server side + - Use parent image config in docker build + - Fix regression in /etc/hosts + - Client: + * Add -P flag to publish all exposed ports + * Add -notrunc and -q flags to docker history + * Fix docker commit, tag and import usage + * Add stars, trusted builds and library flags in docker search + * Fix docker logs with tty + - RemoteAPI: + * Make /events API send headers immediately + * Do not split last column docker top + + Add size to history + + * 0.6.5 (2013-10-29) + - Containers can now be named + - Containers can now be linked together for service discovery + - 'run -a', 'start -a' and 'attach' can forward signals to the container for better integration with process supervisors + - Automatically start crashed containers after a reboot + - Expose IP, port, and proto as separate environment vars for container links + - Allow ports to be published to specific ips + - Prohibit inter-container communication by default + - Ignore ErrClosedPipe for stdin in Container.Attach + - Remove unused field kernelVersion + - Fix issue when mounting subdirectories of /mnt in container + - Fix untag during removal of images + - Check return value of syscall.Chdir when changing working directory inside dockerinit + - Client: + - Only pass stdin to hijack when needed to avoid closed pipe errors + - Use less reflection in command-line method invocation + - Monitor the tty size after starting the container, not prior + - Remove useless os.Exit() calls after log.Fatal + - Documentation: Fix the flags for nc in example + - Testing: Remove warnings and prevent mount issues + - Testing: Change logic for tty resize to avoid warning in tests + - Builder: Fix race condition in docker build with verbose output + - Registry: Fix content-type for PushImageJSONIndex method + - Contrib: Improve helper tools to generate debian and Arch linux server images + + * 0.6.4 (2013-10-16) + - Add cleanup of container when Start() fails + - Add better comments to utils/stdcopy.go + - Add utils.Errorf for error logging + - Add -rm to docker run for removing a container on exit + - Remove error messages which are not actually errors + - Fix `docker rm` with volumes + - Fix some error cases where a HTTP body might not be closed + - Fix panic with wrong dockercfg file + - Fix the attach behavior with -i + - Record termination time in state. + - Use empty string so TempDir uses the OS's temp dir automatically + - Make sure to close the network allocators + - Autorestart containers by default + - Bump vendor kr/pty to commit 3b1f6487b `(syscall.O_NOCTTY)` + - lxc: Allow set_file_cap capability in container + - Move run -rm to the cli only + - Split stdout stderr + - Always create a new session for the container + - Builder: Abort build if mergeConfig returns an error and fix duplicate error message + - Packaging: Remove deprecated packaging directory + - Registry: Use correct auth config when logging in. + - Registry: Fix the error message so it is the same as the regex + +------------------------------------------------------------------- +Wed Oct 2 12:04:09 UTC 2013 - fcastelli@suse.com + + * 0.6.3 (2013-09-23) + + - Client: Fix detach issue + - Runtime: Only copy and change permissions on non-bindmount volumes + - Registry: Update regular expression to match index + * Runtime: Allow multiple volumes-from + * Packaging: Download apt key over HTTPS + * Documentation: Update section on extracting the docker binary after build + * Documentation: Update development environment docs for new build process + * Documentation: Remove 'base' image from documentation + * Packaging: Add 'docker' group on install for ubuntu package + - Runtime: Fix HTTP imports from STDIN + +------------------------------------------------------------------- +Thu Sep 26 10:33:21 UTC 2013 - fcastelli@suse.com + +- Fixed build on SLE_11_SP3 + +------------------------------------------------------------------- +Mon Sep 23 10:17:17 UTC 2013 - fcastelli@suse.com + +- Fixed git commit version: the wrong version was showed by 'docker version'. + +------------------------------------------------------------------- +Mon Sep 23 09:56:42 UTC 2013 - fcastelli@suse.com + + * 0.6.2 (2013-09-17) + + Hack: Vendor all dependencies + Builder: Add -rm option in order to remove intermediate containers + Runtime: Add domainname support + Runtime: Implement image filtering with path.Match + Builder: Allow multiline for the RUN instruction + Runtime: Remove unnecesasry warnings + Runtime: Only mount the hostname file when the config exists + Runtime: Handle signals within the docker login command + Runtime: Remove os/user dependency + Registry: Implement login with private registry + Remote API: Bump to v1.5 + Packaging: Break down hack/make.sh into small scripts, one per 'bundle': test, binary, ubuntu etc. + Documentation: General improvments + Runtime: UID and GID are now also applied to volumes + Runtime: docker start set error code upon error + Runtime: docker run set the same error code as the process started + Registry: Fix push issues + + +------------------------------------------------------------------- +Mon Aug 26 14:22:34 UTC 2013 - fcastelli@suse.com + + * 0.6.1 (2013-08-23) + + Registry: Pass "meta" headers in API calls to the registry + Packaging: Use correct upstart script with new build tool + Packaging: Use libffi-dev, don't build it from sources + Packaging: Removed duplicate mercurial install command + + * 0.6.0 (2013-08-22) + + Runtime: Load authConfig only when needed and fix useless WARNING + Runtime: Add lxc-conf flag to allow custom lxc options + Runtime: Fix race conditions in parallel pull + Runtime: Improve CMD, ENTRYPOINT, and attach docs. + Documentation: Small fix to docs regarding adding docker groups + Documentation: Add MongoDB image example + Builder: Add USER instruction do Dockerfile + Documentation: updated default -H docs + Remote API: Sort Images by most recent creation date. + Builder: Add workdir support for the Buildfile + Runtime: Add an option to set the working directory + Runtime: Show tag used when image is missing + Documentation: Update readme with dependencies for building + Documentation: Add instructions for creating and using the docker group + Remote API: Reworking opaque requests in registry module + Runtime: Fix Graph ByParent() to generate list of child images per parent image. + Runtime: Add Image name to LogEvent tests + Documentation: Add sudo to examples and installation to documentation + Hack: Bash Completion: Limit commands to containers of a relevant state + Remote API: Add image name in /events + Runtime: Apply volumes-from before creating volumes + Runtime: Make docker run handle SIGINT/SIGTERM + Runtime: Prevent crash when .dockercfg not readable + Hack: Add docker dependencies coverage testing into docker-ci + Runtime: Add -privileged flag and relevant tests, docs, and examples + Packaging: Docker-brew 0.5.2 support and memory footprint reduction + Runtime: Install script should be fetched over https, not http. + Packaging: Add new docker dependencies into docker-ci + Runtime: Use Go 1.1.2 for dockerbuilder + Registry: Improve auth push + Runtime: API, issue 1471: Use groups for socket permissions + Documentation: PostgreSQL service example in documentation + Contrib: bash completion script + Tests: Improve TestKillDifferentUser to prevent timeout on buildbot + Documentation: Fix typo in docs for docker run -dns + Documentation: Adding a reference to ps -a + Runtime: Correctly detect IPv4 forwarding + Packaging: Revert "docker.upstart: avoid spawning a sh process" + Runtime: Use ranged for loop on channels + Runtime: Fix typo: fmt.Sprint -> fmt.Sprintf + Tests: Fix typo in TestBindMounts (runContainer called without image) + Runtime: add websocket support to /container//attach/ws + Runtime: Mount /dev/shm as a tmpfs + Builder: Only count known instructions as build steps + Builder: Fix docker build and docker events output + Runtime: switch from http to https for get.docker.io + Tests: Improve TestGetContainersTop so it does not rely on sleep + Packaging: Docker-brew and Docker standard library + Testing: Add some tests in server and utils + Packaging: Release docker with docker + Builder: Make sure ENV instruction within build perform a commit each time + Packaging: Fix the upstart script generated by get.docker.io + Runtime: fix small \n error un docker build + Runtime: Let userland proxy handle container-bound traffic + Runtime: Updated the Docker CLI to specify a value for the "Host" header. + Runtime: Add warning when net.ipv4.ip_forwarding = 0 + Registry: Registry unit tests + mock registry + Runtime: fixed #910. print user name to docker info output + Builder: Forbid certain paths within docker build ADD + Runtime: change network range to avoid conflict with EC2 DNS + Tests: Relax the lo interface test to allow iface index != 1 + Documentation: Suggest installing linux-headers by default. + Documentation: Change the twitter handle + Client: Add docker cp command and copy api endpoint to copy container files/folders to the host + Remote API: Use mime pkg to parse Content-Type + Runtime: Reduce connect and read timeout when pinging the registry + Documentation: Update amazon.rst to explain that Vagrant is not necessary for running Docker on ec2 + Packaging: Enabled the docs to generate manpages. + Runtime: Parallel pull + Runtime: Handle ip route showing mask-less IP addresses + Documentation: Clarify Amazon EC2 installation + Documentation: 'Base' image is deprecated and should no longer be referenced in the docs. + Runtime: Fix to "Inject dockerinit at /.dockerinit" + Runtime: Allow ENTRYPOINT without CMD + Runtime: Always consider localhost as a domain name when parsing the FQN repos name + Remote API: 650 http utils and user agent field + Documentation: fix a typo in the ubuntu installation guide + Builder: Repository name (and optionally a tag) in build usage + Documentation: Move note about officially supported kernel + Packaging: Revert "Bind daemon to 0.0.0.0 in Vagrant. + Builder: Add no cache for docker build + Runtime: Add hostname to environment + Runtime: Add last stable version in docker version + Builder: Make sure ADD will create everything in 0755 + Documentation: Add ufw doc + Tests: Add registry functional test to docker-ci + Documentation: Solved the logo being squished in Safari + Runtime: Use utils.ParseRepositoryTag instead of strings.Split(name, ":") in server.ImageDelete + Runtime: Refactor checksum + Runtime: Improve connect message with socket error + Documentation: Added information about Docker's high level tools over LXC. + Don't read from stdout when only attached to stdin + +------------------------------------------------------------------- +Wed Aug 7 15:11:23 UTC 2013 - fcastelli@suse.com + + * added commits required to get docker working with a private registry. + + * 0.5.1 (2013-07-30) + + API: Docker client now sets useragent (RFC 2616) + Runtime: Add ps args to docker top + Runtime: Add support for container ID files (pidfile like) + Runtime: Add container=lxc in default env + Runtime: Support networkless containers with docker run -n and docker -d -b=none + API: Add /events endpoint + Builder: ADD command now understands URLs + Builder: CmdAdd and CmdEnv now respect Dockerfile-set ENV variables + Hack: Simplify unit tests with helpers + Hack: Improve docker.upstart event + Hack: Add coverage testing into docker-ci + Runtime: Stdout/stderr logs are now stored in the same file as JSON + Runtime: Allocate a /16 IP range by default, with fallback to /24. Try 12 ranges instead of 3. + Runtime: Change .dockercfg format to json and support multiple auth remote + Runtime: Do not override volumes from config + Runtime: Fix issue with EXPOSE override + Builder: Create directories with 755 instead of 700 within ADD instruction + + +------------------------------------------------------------------- +Thu Jul 25 09:43:48 UTC 2013 - fcastelli@suse.com + + 0.5.0 (2013-07-17) + + Runtime: List all processes running inside a container with 'docker top' + Runtime: Host directories can be mounted as volumes with 'docker run -v' + Runtime: Containers can expose public UDP ports (eg, '-p 123/udp') + Runtime: Optionally specify an exact public port (eg. '-p 80:4500') + Registry: New image naming scheme inspired by Go packaging convention allows arbitrary combinations of registries + Builder: ENTRYPOINT instruction sets a default binary entry point to a container + Builder: VOLUME instruction marks a part of the container as persistent data + Builder: 'docker build' displays the full output of a build by default + Runtime: 'docker login' supports additional options + Runtime: Dont save a container's hostname when committing an image. + Registry: Fix issues when uploading images to a private registry + + 0.4.8 (2013-07-01) + + Builder: New build operation ENTRYPOINT adds an executable entry point to the container. + Runtime: Fix a bug which caused 'docker run -d' to no longer print the container ID. + Tests: Fix issues in the test suite + + 0.4.7 (2013-06-28) + + Registry: easier push/pull to a custom registry + Remote API: the progress bar updates faster when downloading and uploading large files + Remote API: fix a bug in the optional unix socket transport + Runtime: improve detection of kernel version + Runtime: host directories can be mounted as volumes with 'docker run -b' + Runtime: fix an issue when only attaching to stdin + Runtime: use 'tar --numeric-owner' to avoid uid mismatch across multiple hosts + Hack: improve test suite and dev environment + Hack: remove dependency on unit tests on 'os/user' + Documentation: add terminology section + + 0.4.6 (2013-06-22) + + Runtime: fix a bug which caused creation of empty images (and volumes) to crash. + + 0.4.5 (2013-06-21) + + Builder: 'docker build git://URL' fetches and builds a remote git repository + Runtime: 'docker ps -s' optionally prints container size + Tests: Improved and simplified + Runtime: fix a regression introduced in 0.4.3 which caused the logs command to fail. + Builder: fix a regression when using ADD with single regular file. + + 0.4.4 (2013-06-19) + + Builder: fix a regression introduced in 0.4.3 which caused builds to fail on new clients. + + 0.4.3 (2013-06-19) + + Builder: ADD of a local file will detect tar archives and unpack them + Runtime: Remove bsdtar dependency + Runtime: Add unix socket and multiple -H support + Runtime: Prevent rm of running containers + Runtime: Use go1.1 cookiejar + Builder: ADD improvements: use tar for copy + automatically unpack local archives + Builder: ADD uses tar/untar for copies instead of calling 'cp -ar' + Builder: nicer output for 'docker build' + Builder: fixed the behavior of ADD to be (mostly) reverse-compatible, predictable and well-documented. + Client: HumanReadable ProgressBar sizes in pull + Client: Fix docker version's git commit output + API: Send all tags on History API call + API: Add tag lookup to history command. Fixes #882 + Runtime: Fix issue detaching from running TTY container + Runtime: Forbid parralel push/pull for a single image/repo. Fixes #311 + Runtime: Fix race condition within Run command when attaching. + Builder: fix a bug which caused builds to fail if ADD was the first command + Documentation: fix missing command in irc bouncer example + + 0.4.2 (2013-06-17) + + Packaging: Bumped version to work around an Ubuntu bug + + 0.4.1 (2013-06-17) + + Remote Api: Add flag to enable cross domain requests + Remote Api/Client: Add images and containers sizes in docker ps and docker images + Runtime: Configure dns configuration host-wide with 'docker -d -dns' + Runtime: Detect faulty DNS configuration and replace it with a public default + Runtime: allow docker run : + Runtime: you can now specify public port (ex: -p 80:4500) + Client: allow multiple params in inspect + Client: Print the container id before the hijack in docker run + Registry: add regexp check on repo's name + Registry: Move auth to the client + Runtime: improved image removal to garbage-collect unreferenced parents + Vagrantfile: Add the rest api port to vagrantfile's port_forward + Upgrade to Go 1.1 + Builder: don't ignore last line in Dockerfile when it doesn't end with \n + Registry: Remove login check on pull + + 0.4.0 (2013-06-03) + + Introducing Builder: 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile + Introducing Remote API: control Docker programmatically using a simple HTTP/json API + Runtime: various reliability and usability improvements + + 0.3.4 (2013-05-30) + + Builder: 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile + Builder: 'docker build -t FOO' applies the tag FOO to the newly built container. + Runtime: interactive TTYs correctly handle window resize + Runtime: fix how configuration is merged between layers + Remote API: split stdout and stderr on 'docker run' + Remote API: optionally listen on a different IP and port (use at your own risk) + Documentation: improved install instructions. + + 0.3.3 (2013-05-23) + + Registry: Fix push regression + Various bugfixes + + 0.3.2 (2013-05-09) + + Runtime: Store the actual archive on commit + Registry: Improve the checksum process + Registry: Use the size to have a good progress bar while pushing + Registry: Use the actual archive if it exists in order to speed up the push + Registry: Fix error 400 on push + + 0.3.1 (2013-05-08) + + Builder: Implement the autorun capability within docker builder + Builder: Add caching to docker builder + Builder: Add support for docker builder with native API as top level command + Runtime: Add go version to debug infos + Builder: Implement ENV within docker builder + Registry: Add docker search top level command in order to search a repository + Images: output graph of images to dot (graphviz) + Documentation: new introduction and high-level overview + Documentation: Add the documentation for docker builder + Website: new high-level overview + Makefile: Swap "go get" for "go get -d", especially to compile on go1.1rc + Images: fix ByParent function + Builder: Check the command existance prior create and add Unit tests for the case + Registry: Fix pull for official images with specific tag + Registry: Fix issue when login in with a different user and trying to push + Documentation: CSS fix for docker documentation to make REST API docs look better. + Documentation: Fixed CouchDB example page header mistake + Documentation: fixed README formatting + Registry: Improve checksum - async calculation + Runtime: kernel version - don't show the dash if flavor is empty + Documentation: updated www.docker.io website. + Builder: use any whitespaces instead of tabs + Packaging: packaging ubuntu; issue #510: Use goland-stable PPA package to build docker + + +------------------------------------------------------------------- +Tue May 7 09:09:34 UTC 2013 - fcastelli@suse.com + +* Update to 0.3.0 (2013-05-06) + - Registry: Implement the new registry + - Documentation: new example: sharing data between 2 couchdb databases + - Runtime: Fix the command existance check + - Runtime: strings.Split may return an empty string on no match + - Runtime: Fix an index out of range crash if cgroup memory is not + - Documentation: Various improvments + - Vagrant: Use only one deb line in /etc/apt + +------------------------------------------------------------------- +Mon May 6 16:00:00 UTC 2013 - fcastelli@suse.com + +- Update to version 0.2.2 + + * 0.2.2 (2013-05-03) + - Support for data volumes ('docker run -v=PATH') + - Share data volumes between containers ('docker run -volumes-from') + - Improved documentation + - Upgrade to Go 1.0.3 + - Various upgrades to the dev environment for contributors + + * 0.2.1 (2013-05-01) + - 'docker commit -run' bundles a layer with default runtime options: command, ports etc. + - Improve install process on Vagrant + - New Dockerfile operation: "maintainer" + - New Dockerfile operation: "expose" + - New Dockerfile operation: "cmd" + - Contrib script to build a Debian base layer + - 'docker -d -r': restart crashed containers at daemon startup + - Runtime: improve test coverage + + * 0.2.0 (2013-04-23) + - Runtime: ghost containers can be killed and waited for + - Documentation: update install intructions + - Packaging: fix Vagrantfile + - Development: automate releasing binaries and ubuntu packages + - Add a changelog + - Various bugfixes + + * 0.1.8 (2013-04-22) + - Dynamically detect cgroup capabilities + - Issue stability warning on kernels <3.8 + - 'docker push' buffers on disk instead of memory + - Fix 'docker diff' for removed files + - Fix 'docker stop' for ghost containers + - Fix handling of pidfile + - Various bugfixes and stability improvements + + * 0.1.7 (2013-04-18) + - Container ports are available on localhost + - 'docker ps' shows allocated TCP ports + - Contributors can run 'make hack' to start a continuous integration VM + - Streamline ubuntu packaging & uploading + - Various bugfixes and stability improvements + + * 0.1.6 (2013-04-17) + - Record the author an image with 'docker commit -author' + + * 0.1.5 (2013-04-17) + - Disable standalone mode + - Use a custom DNS resolver with 'docker -d -dns' + - Detect ghost containers + - Improve diagnosis of missing system capabilities + - Allow disabling memory limits at compile time + - Add debian packaging + - Documentation: installing on Arch Linux + - Documentation: running Redis on docker + - Fixed lxc 0.9 compatibility + - Automatically load aufs module + - Various bugfixes and stability improvements + + * 0.1.4 (2013-04-09): + - Full support for TTY emulation + - Detach from a TTY session with the escape sequence C-p C-q + - Various bugfixes and stability improvements + - Minor UI improvements + - Automatically create our own bridge interface 'docker0' + + +------------------------------------------------------------------- +Wed Apr 10 10:31:11 UTC 2013 - fcastelli@suse.com + +- Apply patch that creates pidfile. +- Update the init script to look for the pidfile under the right location. +- Update the init script to acknowledge the code taken from Ubuntu's lxc-net script. + +------------------------------------------------------------------- +Tue Apr 9 08:24:33 UTC 2013 - fcastelli@suse.com + +- create initial package using version 0.1.3 from git commit 0767916adedb01 + diff --git a/docker.service b/docker.service new file mode 100644 index 0000000..9177f8e --- /dev/null +++ b/docker.service @@ -0,0 +1,14 @@ +[Unit] +Description=Docker +Requires=network.target +After=multi-user.target + +[Service] +Type=simple +EnvironmentFile=/etc/sysconfig/docker +ExecStart=/usr/bin/docker -d $DOCKER_OPTS +ExecStartPre=/usr/sbin/sysctl -p /etc/sysctl.d/200-docker.conf + +[Install] +WantedBy=multi-user.target + diff --git a/docker.socket b/docker.socket new file mode 100644 index 0000000..b4b521d --- /dev/null +++ b/docker.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Docker Socket for the API + +[Socket] +ListenStream=/var/run/docker.sock +SocketMode=0660 +SocketUser=root +SocketGroup=docker + +[Install] +WantedBy=sockets.target diff --git a/docker.spec b/docker.spec new file mode 100644 index 0000000..76a4ea4 --- /dev/null +++ b/docker.spec @@ -0,0 +1,167 @@ +# spec file for package docker +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +%define git_version dc62f3c + +Name: docker +Version: 1.1.1 +Release: 0 +Summary: The Linux container runtime +License: Apache-2.0 +Group: System/Management +Url: http://www.docker.io +Source: %{name}-%{version}.tar.bz2 +Source1: docker.service +Source2: sysctl-docker.conf +Source3: 80-docker.rules +Source4: sysconfig.docker +Source5: docker.socket +Source6: docker-rpmlintrc +Patch0: 0002-Stripped-dockerinit-binary.patch +BuildRequires: bash-completion +BuildRequires: device-mapper-devel >= 1.2.68 +BuildRequires: glibc-devel-static +BuildRequires: go >= 1.2 +BuildRequires: libbtrfs-devel >= 3.8 +BuildRequires: procps +BuildRequires: sqlite3-devel +BuildRequires: systemd-devel +BuildRequires: zsh +Requires: bridge-utils +Requires: ca-certificates-mozilla +Requires: git-core >= 1.7 +Requires: iproute2 >= 3.5 +Requires: iptables >= 1.4 +Requires: kernel >= 3.8.0 +Requires: lvm2 >= 2.2.89 +Requires: procps +Requires: tar >= 1.26 +Requires: xz >= 4.9 +Conflicts: lxc >= 1.0 +PreReq: %fillup_prereq +BuildRoot: %{_tmppath}/%{name}-%{version}-build +ExclusiveArch: x86_64 + +%description +Docker complements LXC with a high-level API which operates at the process +level. It runs unix processes with strong guarantees of isolation and +repeatability across servers. + +Docker is a great building block for automating distributed systems: large-scale +web deployments, database clusters, continuous deployment systems, private PaaS, +service-oriented architectures, etc. + +%package bash-completion +Summary: Bash Completion for %{name} +Group: System/Management +Requires: %{name} = %{version} +Requires: bash-completion +BuildArch: noarch + +%description bash-completion +Bash command line completion support for %{name}. + +%package zsh-completion +Summary: Zsh Completion for %{name} +Group: System/Management +Requires: %{name} = %{version} +Requires: zsh +BuildArch: noarch + +%description zsh-completion +Zsh command line completion support for %{name}. + +%prep +%setup -q -n docker +%patch0 -p1 + +%build +%{go_disable_brp_strip_static_archive} + +export GOPATH=`pwd`/vendor +mkdir vendor/src/github.com/dotcloud +ln -s `pwd` vendor/src/github.com/dotcloud/ +export DOCKER_BUILDTAGS="exclude_graphdriver_aufs" +export DOCKER_GITCOMMIT=%{git_version} +./hack/make.sh dynbinary + +%install +install -d %{buildroot}%{go_contribdir} +install -d %{buildroot}%{_bindir} +install -D -m755 bundles/%{version}/dynbinary/%{name}-%{version} %{buildroot}/%{_bindir}/%{name} +install -d %{buildroot}/%{_prefix}/lib/docker +install -D -m755 bundles/%{version}/dynbinary/dockerinit-%{version} %{buildroot}/%{_prefix}/lib/docker/dockerinit +install -Dd -m 0755 \ + %{buildroot}%{_sysconfdir}/init.d \ + %{buildroot}%{_sbindir} + +install -D -m0644 contrib/completion/bash/docker "%{buildroot}/etc/bash_completion.d/%{name}" +install -D -m0644 contrib/completion/zsh/_docker "%{buildroot}/etc/zsh_completion.d/%{name}" + +# +# systemd service +# +install -D -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/%{name}.service +install -D -m 0644 %SOURCE5 %{buildroot}%{_unitdir}/%{name}.socket + +install -D -m 0644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysctl.d/200-%{name}.conf + +# +# udev rules that prevents dolphin to show all docker devices and slows down +# upstream report https://bugs.kde.org/show_bug.cgi?id=329930 +# + +install -D -m 0644 %SOURCE3 %{buildroot}%{_prefix}/lib/udev/rules.d/80-%{name}.rules + +# sysconfig file +install -D -m 644 %SOURCE4 %{buildroot}/var/adm/fillup-templates/sysconfig.docker + +%pre +echo "creating group docker..." +groupadd -r docker 2>/dev/null || : +%service_add_pre %{name}.service + +%post +%service_add_post %{name}.service +%{fillup_only -n docker} + +%preun +%service_del_preun %{name}.service + +%postun +%service_del_postun %{name}.service + +%files +%defattr(-,root,root) +%doc README.md LICENSE +%{_bindir}/docker +%config %{_sysconfdir}/sysctl.d/200-docker.conf +%{_prefix}/lib/docker/ +%{_prefix}/lib/docker/dockerinit +%{_unitdir}/%{name}.service +%{_unitdir}/%{name}.socket +%{_prefix}/lib/udev/rules.d/80-%{name}.rules +/var/adm/fillup-templates/sysconfig.docker + +%files bash-completion +%defattr(-,root,root) +%config %{_sysconfdir}/bash_completion.d/%{name} + +%files zsh-completion +%defattr(-,root,root) +%config %{_sysconfdir}/zsh_completion.d/%{name} + +%changelog + diff --git a/sysconfig.docker b/sysconfig.docker new file mode 100644 index 0000000..f089e52 --- /dev/null +++ b/sysconfig.docker @@ -0,0 +1,8 @@ + +## Path : System/Management +## Description : Extra cli switches for docker daemon +## Type : string +## Default : "" +## ServiceRestart : docker +# +DOCKER_OPTS="" diff --git a/sysctl-docker.conf b/sysctl-docker.conf new file mode 100644 index 0000000..4e3553b --- /dev/null +++ b/sysctl-docker.conf @@ -0,0 +1,2 @@ +# Enable IPv4 forward, required to have working network within the containers +net.ipv4.ip_forward = 1