github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-25 20:53:33 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #57845 from yujuhong/minor-clean-up

Browse Source 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

dockershim: bump the minimum supported docker version to 1.11

Drop the 1.10 compatibilty code.

**Release note**:

```release-note
NONE
```
This commit is contained in:
Kubernetes Submit Queue 2018-01-09 18:14:27 -08:00 committed by GitHub
commit 2e9a277a3c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 8 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/kubelet/dockershim/docker_container.go
View File

@ -102,7 +102,6 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
if err != nil { if err != nil {
return "", fmt.Errorf("unable to get the docker API version: %v", err) return "", fmt.Errorf("unable to get the docker API version: %v", err)
} }
securityOptSep := getSecurityOptSeparator(apiVersion)
image := "" image := ""
if iSpec := config.GetImage(); iSpec != nil { if iSpec := config.GetImage(); iSpec != nil {
@ -134,7 +133,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
} }
hc := createConfig.HostConfig hc := createConfig.HostConfig
ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSep, apiVersion) ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSeparator, apiVersion)
// Set devices for container. // Set devices for container.
devices := make([]dockercontainer.DeviceMapping, len(config.Devices)) devices := make([]dockercontainer.DeviceMapping, len(config.Devices))
for i, device := range config.Devices { for i, device := range config.Devices {
@ -146,7 +145,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
} }
hc.Resources.Devices = devices hc.Resources.Devices = devices
securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep) securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
if err != nil { if err != nil {
return "", fmt.Errorf("failed to generate security options for container %q: %v", config.Metadata.Name, err) return "", fmt.Errorf("failed to generate security options for container %q: %v", config.Metadata.Name, err)
} }

10
pkg/kubelet/dockershim/docker_sandbox.go
View File

@ -528,12 +528,6 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
// TODO(random-liu): Deprecate this label once container metrics is directly got from CRI. // TODO(random-liu): Deprecate this label once container metrics is directly got from CRI.
labels[types.KubernetesContainerNameLabel] = sandboxContainerName labels[types.KubernetesContainerNameLabel] = sandboxContainerName
apiVersion, err := ds.getDockerAPIVersion()
if err != nil {
return nil, fmt.Errorf("unable to get the docker API version: %v", err)
}
securityOptSep := getSecurityOptSeparator(apiVersion)
hc := &dockercontainer.HostConfig{} hc := &dockercontainer.HostConfig{}
createConfig := &dockertypes.ContainerCreateConfig{ createConfig := &dockertypes.ContainerCreateConfig{
Name: makeSandboxName(c), Name: makeSandboxName(c),
@ -547,7 +541,7 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
} }
// Apply linux-specific options. // Apply linux-specific options.
if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSep); err != nil { if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSeparator); err != nil {
return nil, err return nil, err
} }
@ -565,7 +559,7 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
} }
// Set security options. // Set security options.
securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep) securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to generate sandbox security options for sandbox %q: %v", c.Metadata.Name, err) return nil, fmt.Errorf("failed to generate sandbox security options for sandbox %q: %v", c.Metadata.Name, err)
} }

26
pkg/kubelet/dockershim/helpers.go
View File

@ -22,7 +22,6 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/blang/semver"
dockertypes "github.com/docker/docker/api/types" dockertypes "github.com/docker/docker/api/types"
dockercontainer "github.com/docker/docker/api/types/container" dockercontainer "github.com/docker/docker/api/types/container"
dockerfilters "github.com/docker/docker/api/types/filters" dockerfilters "github.com/docker/docker/api/types/filters"
@ -40,11 +39,7 @@ import (
const ( const (
annotationPrefix = "annotation." annotationPrefix = "annotation."
securityOptSeparator = '='
// Docker changed the API for specifying options in v1.11
securityOptSeparatorChangeVersion = "1.23.0" // Corresponds to docker 1.11.x
securityOptSeparatorOld = ':'
securityOptSeparatorNew = '='
) )
var ( var (
@ -54,10 +49,6 @@ var (
// if a container starts but the executable file is not found, runc gives a message that matches // if a container starts but the executable file is not found, runc gives a message that matches
startRE = regexp.MustCompile(`\\\\\\\"(.*)\\\\\\\": executable file not found`) startRE = regexp.MustCompile(`\\\\\\\"(.*)\\\\\\\": executable file not found`)
// Docker changes the security option separator from ':' to '=' in the 1.23
// API version.
optsSeparatorChangeVersion = semver.MustParse(securityOptSeparatorChangeVersion)
defaultSeccompOpt = []dockerOpt{{"seccomp", "unconfined", ""}} defaultSeccompOpt = []dockerOpt{{"seccomp", "unconfined", ""}}
) )
@ -321,21 +312,6 @@ func transformStartContainerError(err error) error {
return err return err
} }
// getSecurityOptSeparator returns the security option separator based on the
// docker API version.
// TODO: Remove this function along with the relevant code when we no longer
// need to support docker 1.10.
func getSecurityOptSeparator(v *semver.Version) rune {
switch v.Compare(optsSeparatorChangeVersion) {
case -1:
// Current version is less than the API change version; use the old
// separator.
return securityOptSeparatorOld
default:
return securityOptSeparatorNew
}
}
// ensureSandboxImageExists pulls the sandbox image when it's not present. // ensureSandboxImageExists pulls the sandbox image when it's not present.
func ensureSandboxImageExists(client libdocker.Interface, image string) error { func ensureSandboxImageExists(client libdocker.Interface, image string) error {
_, err := client.InspectImageByRef(image) _, err := client.InspectImageByRef(image)

25
pkg/kubelet/dockershim/helpers_test.go
View File

@ -23,7 +23,6 @@ import (
"path/filepath" "path/filepath"
"testing" "testing"
"github.com/blang/semver"
dockertypes "github.com/docker/docker/api/types" dockertypes "github.com/docker/docker/api/types"
dockernat "github.com/docker/go-connections/nat" dockernat "github.com/docker/go-connections/nat"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -129,30 +128,6 @@ func TestParsingCreationConflictError(t *testing.T) {
require.Equal(t, matches[1], "24666ab8c814d16f986449e504ea0159468ddf8da01897144a770f66dce0e14e") require.Equal(t, matches[1], "24666ab8c814d16f986449e504ea0159468ddf8da01897144a770f66dce0e14e")
} }
func TestGetSecurityOptSeparator(t *testing.T) {
for c, test := range map[string]struct {
desc string
version *semver.Version
expected rune
}{
"older docker version": {
version: &semver.Version{Major: 1, Minor: 22, Patch: 0},
expected: ':',
},
"changed docker version": {
version: &semver.Version{Major: 1, Minor: 23, Patch: 0},
expected: '=',
},
"newer docker version": {
version: &semver.Version{Major: 1, Minor: 24, Patch: 0},
expected: '=',
},
} {
actual := getSecurityOptSeparator(test.version)
assert.Equal(t, test.expected, actual, c)
}
}
// writeDockerConfig will write a config file into a temporary dir, and return that dir. // writeDockerConfig will write a config file into a temporary dir, and return that dir.
// Caller is responsible for deleting the dir and its contents. // Caller is responsible for deleting the dir and its contents.
func writeDockerConfig(cfg string) (string, error) { func writeDockerConfig(cfg string) (string, error) {

4
pkg/kubelet/dockershim/libdocker/client.go
View File

@ -29,8 +29,8 @@ import (
const ( const (
// https://docs.docker.com/engine/reference/api/docker_remote_api/ // https://docs.docker.com/engine/reference/api/docker_remote_api/
// docker version should be at least 1.10.x // docker version should be at least 1.11.x
MinimumDockerAPIVersion = "1.22.0" MinimumDockerAPIVersion = "1.23.0"
// Status of a container returned by ListContainers. // Status of a container returned by ListContainers.
StatusRunningPrefix = "Up" StatusRunningPrefix = "Up"