Implements https://github.com/moby/tool/pull/181
Design for things like Kubernetes setup that requires some cgroups to
exist when the service starts but it is not running in these, other
services are, so there would be a race if they are not created in each.
Essentially it is just a sugared `mkdir` in all the cgroup dirs.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Before the alpine base image is multi-arch and signed, the
DOCKER_CONTENT_TRUST=1 doesn't work on AArch64 for 'docker build'.
Now since the alpine base image is already multi-arch and signed,
also we've used 'push_manifest.sh' to push and sign linuxkit/image,
so we can remove this workaround.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Currently one has to click down through a sequence of nested directories in the web UI:
↓ Container 0
↓ go/
↓ src/
↓ github.com/
↓ linuxkit/
↓ linuxkit/
↓ bin/
«actual binaries»
Which is super tedious.
Signed-off-by: Ian Campbell <ijc@docker.com>
When waiting for devices to refresh a stat can fail with the
error message 'stat: /dev/vda1: stat: no such file or directory'.
This was observered with empty raw disks (*.img) that was being
created by the moby/hyperkit go library.
This commit restores the previous logic of refreshing with mdev
instead of returning an error.
Signed-off-by: dave protasowski <dprotaso@gmail.com>
Routine version bump that also removes the necessity of carrying that
extra patch. Changes:
* Kconfig: remove trailing whitespace
* allowedips: rename from routingtable
* tools: remove ioctl cruft
* global: revert checkpatch.pl changes
Cleanliness.
* device: please lockdep
* device: wait for all peers to be freed before destroying
These make the various checkers happy.
* netlink: plug memory leak
* qemu: check for memory leaks
There was a small memory leak on the netlink configuration layer that's now
been fixed.
* receive: hoist fpu outside of receive loop
Should be a small speedup on x86_64.
* qemu: more debugging
* qemu: bump kernel version
Significantly more debugging checkers have been turned on.
* wg-quick: stat the correct enclosing folder of config file
* wg-quick: allow for tabs in keys
Minor fixups for wg-quick(8).
* compat: 4.4.0 has strange ECN function
Nobody actually runs base 4.4.0, but this is more correct anyway.
* netlink: make sure we reserve space for NLMSG_DONE
A rather important change - due to an upstream kernel bug, that's existed
since the advent of netlink itself, sometimes wg(8) failed to receive valid
data back from kernelspace, resulting in "ENOBUFS" when trying to dump all
peers. This patch works around it while we wait for upstream to commit the
fix.
* curve25519: reject deriving from NULL private keys
* tools: allow for NULL keys everywhere
A null 25519 private point isn't a valid point (prior to normalization), which
is why we use it as the "unsetting" value. Conversely, however, except for
psk, we should be using the existence of it in the netlink message being an
indication of whether or not it's set, for the tools.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
I changed my mind about the name halfway through implementing #2700 and
seemingly forgot to update the most important location, but a stale local file
stopped me from noticing.
Signed-off-by: Ian Campbell <ijc@docker.com>
This is not in most examples, but is in the Packet example, and
causes a duplicated console.
fix#2735
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
8c3140885c ("tests: Add 4.14 tests") and d88a1e591d
("Bump runc yml") overlapped so the runc version used in
the new files added by the first commit need updating.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
`linuxkitprojects/kubernetes` → `linuxkitprojects/kubelet`
`linuxkitprojects/kubernetes-image-cache-*` → `linuxkitprojects/kubernetes-docker-image-cache-*`
`kubernetes` subdirectory is also renamed to `kubelet`.
`image-cache` subdirectory is not renamed since we may want to build other
sorts of image cache at some point.
Signed-off-by: Ian Campbell <ijc@docker.com>
