Add persistent drive support to Docker container

This works and runs containers now, if you eg `runc exec` into it.
Needs a few tweaks for rlimits, but will pull and run containers.

Will integrate better with ssh/dev containers to make more usable.

For a simple test use
```
./bin/moby build examples/docker.yml
./bin/moby run hyperkit -disk-size 100 docker

```

Signed-off-by: Justin Cormack <justin.cormack@docker.com>

pkg/docker-ce/Dockerfile

@@ -2,26 +2,31 @@ FROM alpine:3.5
 
 # Docker daemon only minimal Alpine install
 
+# set up Docker group
 # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box
 RUN set -x \
+	&& addgroup -S docker \
 	&& addgroup -S dockremap \
 	&& adduser -S -G dockremap dockremap \
 	&& echo 'dockremap:165536:65536' >> /etc/subuid \
 	&& echo 'dockremap:165536:65536' >> /etc/subgid
 
 # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+# sfdisk and jq used by disk mounting code at present
 RUN apk add --no-cache \
 	ca-certificates \
 	curl \
 	iptables \
-	xz
+	xz \
+	sfdisk \
+	jq
 
 # removed xfsprogs e2fs btrfs as we do not support dm or btrfs yet
 # removed openssl as I do not think server needs it
 
 ENV DOCKER_BUCKET get.docker.com
-ENV DOCKER_VERSION 17.03.0-ce
-ENV DOCKER_SHA256 4a9766d99c6818b2d54dc302db3c9f7b352ad0a80a2dc179ec164a3ba29c2d3e
+ENV DOCKER_VERSION 17.04.0-ce
+ENV DOCKER_SHA256 c52cff62c4368a978b52e3d03819054d87bcd00d15514934ce2e0e09b99dd100
 
 # we could avoid installing client here I suppose
 RUN set -x \
@@ -35,4 +40,5 @@ RUN set -x \
 
 COPY . ./
 
-ENTRYPOINT ["/usr/bin/docker-init", "/usr/bin/dockerd"]
+# use the Docker copy of tini as our init for zombie reaping
+ENTRYPOINT ["/usr/bin/docker-init", "/bin/sh", "/docker.sh"]

pkg/docker-ce/Makefile

@@ -5,7 +5,7 @@ IMAGE=docker-ce
 
 default: push
 
-hash: Dockerfile
+hash: Dockerfile docker.sh
 	DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
 	tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
 	docker run --entrypoint /bin/sh --rm $(IMAGE):build -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@

pkg/docker-ce/docker.sh

@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -x
+
+mount_drive()
+{
+	MOUNTPOINT=/var/lib/docker
+
+	mkdir -p "$MOUNTPOINT"
+
+	# TODO fix for multiple disks, cdroms etc
+	DEVS="$(find /dev -maxdepth 1 -type b ! -name 'loop*' ! -name 'nbd*' | grep -v '[0-9]$' | sed 's@.*/dev/@@' | sort)"
+
+	for DEV in $DEVS
+	do
+		DRIVE="/dev/${DEV}"
+
+		# see if it has a partition table
+		if sfdisk -d "${DRIVE}" >/dev/null 2>/dev/null
+		then
+			# 83 is Linux partition identifier
+			DATA=$(sfdisk -J "$DRIVE" | jq -e -r '.partitiontable.partitions | map(select(.type=="83")) | .[0].node')
+			if [ $? -eq 0 ]
+			then
+				mount "$DATA" "$MOUNTPOINT" && return
+			fi
+		fi
+	done
+
+	echo "WARNING: Failed to mount a persistent volume (is there one?)"
+
+	# not sure if we want to fatally bail here, in some debug situations it is ok
+	# exit 1
+}
+
+mount_drive
+
+exec /usr/bin/dockerd

pkg/format/format.sh

@@ -46,6 +46,7 @@ do_fsck_extend_mount()
 		SPACE=$(sfdisk -F "$DRIVE" | grep 'Unpartitioned space')
 		printf "Resizing disk partition: $SPACE\n"
 
+		# 83 is Linux partition id
 		START=$(sfdisk -J "$DRIVE" | jq -e '.partitiontable.partitions | map(select(.type=="83")) | .[0].start')
 
 		sfdisk -q --delete "$DRIVE" 2> /dev/null
@@ -84,7 +85,9 @@ do_mkfs()
 
 	# update status
 	blockdev --rereadpt $diskdev 2> /dev/null
-	mdev -s
+
+	# wait for device
+	for i in $(seq 1 50); do test -b "$DATA" && break || sleep .1; mdev -s; done
 
 	FSOPTS="-O resize_inode,has_journal,extent,huge_file,flex_bg,uninit_bg,64bit,dir_nlink,extra_isize"