github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-12-06 23:26:20 +00:00
Code Issues Projects Releases Wiki Activity
1,936 Commits 1 Branch 31 Tags
7cf47d42f4d35baf27c46aa0fc191ab475d44c27
Commit Graph

18 Commits

Author SHA1 Message Date
Justin Cormack
0915940369 Build OCaml iptables package once and push to hub 
As the build requires networking, is non repeatable as dependencies
may change, makes sense to make it a static package for now.

Plan is to rewrite in Go anyway at some point see #467

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-01-13 16:36:03 +00:00
Justin Cormack
235cb9312a Update opam to current alpine 3.5 base 
Use internal solver as external one is broken at present.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-01-07 00:36:16 +00:00
Justin Cormack
140913cd93 Remove extraneous docker rm 
fix #879

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-19 17:08:33 +00:00
Riyaz Faizullabhoy
8b7cdd41dc Use digests instead of tags where possible 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 09:39:02 -08:00
Justin Cormack
bd25c68032 Explicitly use slirp-proxy in iptables 
So as to allow a read only root filesystem, we use the proxy
path config option to override the Docker proxy for 1.13.

This means that the iptables override needs to call this binary
not the original docker-proxy binary to allow port forwarding.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-23 13:48:27 +00:00
Justin Cormack
47124e8282 do not remove build containers 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-10-11 16:12:40 +01:00
Justin Cormack
652d5eddf3 Use build container id rather than tagging builds 
This means that multiple builds will not conflict, so we can
remove the lock from the CI. Also quieter when no errors.

Some still left to do, only done the ones used in build and CI
initially. Some of the others will be cleaned up anyway later.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-29 20:21:17 +01:00
Justin Cormack
60d6147a0b use tar for iptables 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
b1597ff9a9 Move all output to the directories it will be in eventually 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
David Scott
cd052f1fe0 iptables wrapper: write to syslog rather than /var/log/service-port-opener.log 
This will enable proper log rotation and is simpler.

Signed-off-by: David Scott <dave.scott@docker.com>
 2016-09-01 11:28:14 +01:00
David Scott
4f205ed9b2 iptables: log to /var/log/... rather than /var/run/log 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
f6a85c0592 iptables: only open host ports if native/port-forwarding=true in the db 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
9762094fbb iptables: add a TODO 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
b6fb908ae5 iptables: remove the pid file after sending SIGTERM 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
5726f2b2c3 iptables: get the kill arguments the right way round 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
a97d9b92bc iptables: close all the fds we inherit from docker 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
b672ec9bdd Add primitive iptables wrapper which can set up port forwards 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
Ian Campbell
70514d09b3 Simple build system for ocaml-based iptables 
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2016-07-12 10:26:39 +01:00