Commit Graph

2176 Commits

Author SHA1 Message Date
French Ben
924c0da2d2 Removed extra line
Signed-off-by: French Ben <frenchben@docker.com>
2017-02-27 15:45:15 -08:00
French Ben
0263896388 Removed unneeded var
Signed-off-by: French Ben <frenchben@docker.com>
2017-02-27 14:26:44 -08:00
French Ben
57c609f700 Flexible docker version
Signed-off-by: French Ben <frenchben@docker.com>
2017-02-27 14:25:43 -08:00
French Ben
269e2c8157 Added support for bundles generated from CI
Signed-off-by: French Ben <frenchben@docker.com>
2017-02-27 14:25:43 -08:00
Riyaz Faizullabhoy
940708de8d Merge pull request #1219 from rneugeba/kernup
Update kernel to 4.9.12 and 4.4.51
2017-02-27 14:16:37 -08:00
Justin Cormack
3032f6e211 Merge pull request #1216 from RobbKistler/engine-from-s3
Allow docker engine to be pulled from s3 bucket
2017-02-27 14:12:43 -08:00
Rolf Neugebauer
c93c7cf433 kernel: Update kernel to 4.4.51
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-02-27 13:55:53 -08:00
Rolf Neugebauer
5e9890adbc kernel: Update kernel to 4.9.12
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-02-27 13:49:47 -08:00
Robb Kistler
e0269e0978 Allow docker engine to be pulled from s3 bucket
Use aws cli to pull docker engine binaries from s3 bucket.  Conditional and
happens if DOCKER_BIN_URL begins with 's3://'

Example usage:
```
  export AWS_ACCESS_KEY_ID=key
  export AWS_SECRET_ACCESS_KEY=secret
  make DOCKER_BIN_URL=s3://path-to-engine-binaries
```
Signed-off-by: Robb Kistler <robb.kistler@docker.com>

Signed-off-by: Robb Kistler <robb.kistler@docker.com>
2017-02-23 20:32:00 -08:00
Riyaz Faizullabhoy
739a7b0638 Merge pull request #1215 from FrenchBen/fix-url
Added quotes for curling
2017-02-23 15:34:42 -08:00
Justin Cormack
c9bfaa63db Merge pull request #1214 from rneugeba/multi
scripts: Add script to run a hyperkit with moby on the DfM network
2017-02-23 15:17:52 -08:00
French Ben
816ce62ad5 Added quotes for curling
Signed-off-by: French Ben <frenchben@docker.com>
2017-02-23 15:15:28 -08:00
Rolf Neugebauer
f48fa88505 scripts: Add script to run a hyperkit with moby on the DfM network
This requires a VPNKit which includes https://github.com/docker/vpnkit/pull/188

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-02-23 11:26:49 -08:00
Justin Cormack
13e4082864 Merge pull request #1211 from justincormack/make-tag
Add a CI tag Makefile target
2017-02-21 11:00:51 +00:00
Justin Cormack
e3d14a4f4b Add a CI tag Makefile target
The CI will set `CI_TAG` to the tag name, which will be used for the
uploaded images instead of the git commit ID.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-21 10:36:25 +00:00
Justin Cormack
312912110f Merge pull request #1208 from justincormack/mobytool
Rough first version of the moby tool
2017-02-21 10:22:04 +00:00
Justin Cormack
2d35f9b874 Rough first version of the moby tool
- terrible code
- lots needs changing
- can build a Moby from a config yaml that boots

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-20 21:44:23 +00:00
Justin Cormack
5320830732 Merge pull request #1207 from justincormack/kernel-image-for-mobytool
Change kernel upload for new tooling
2017-02-20 21:41:52 +00:00
Justin Cormack
7fa748810d Change kernel upload for new tooling
The mobylinux/kernel image now has the bzImage (no longer named vmlinuz64)
and a tarball of the files needed for the initrd, ie modules etc.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-20 15:54:02 +00:00
Justin Cormack
b080a71704 Merge pull request #1206 from justincormack/kernelup
Kernel 4.9.11, 4.4.50 and AUFS update
2017-02-20 13:54:25 +00:00
Justin Cormack
602630a9c6 Kernel 4.9.11, 4.4.50 and AUFS update
Security update, importance low.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-20 12:15:39 +00:00
Justin Cormack
c035882466 Merge pull request #1205 from justincormack/docker-17.03-rc
Update Docker to 17.03.0-ce-rc1
2017-02-20 11:48:54 +00:00
Justin Cormack
e0db9f1074 Update Docker to 17.03.0-ce-rc1
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-20 10:52:41 +00:00
Riyaz Faizullabhoy
83722552d3 Merge pull request #1203 from justincormack/kernel-make-clean
Clean up kernel Makefile so it has no repetition
2017-02-17 11:10:21 -08:00
Justin Cormack
032d7fb60b Clean up kernel Makefile so it has no repetition
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-17 17:43:35 +00:00
Riyaz Faizullabhoy
3053ac1725 Merge pull request #1202 from justincormack/go-up
Update to Go 1.8
2017-02-17 09:19:53 -08:00
Riyaz Faizullabhoy
5ed7744538 Merge pull request #1197 from justincormack/testup
Update kernel config tests
2017-02-17 09:19:44 -08:00
Justin Cormack
d7e6d42963 Update to Go 1.8
This includes most things except the containerd and runc builds
which I will do next time I update them.

Note that all golang:alpine images now for 1.8 are ALpine 3.5 based.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-17 16:31:19 +00:00
Justin Cormack
46628d7d41 Merge pull request #1201 from justincormack/newtools
Add new minimal init prototype and new tools
2017-02-17 15:56:42 +00:00
Justin Cormack
1dfa95d660 Add new minimal init prototype and new tools
This is part of the new moby tool work to get a minimal system
up that can be expanded.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-17 15:31:00 +00:00
Justin Cormack
802c56bcd3 Update kernel config tests
- `CONFIG_BUG_ON_DATA_CORRUPTION` is a 4.10 kernel only flag, so gate this.
- some config was duplicated on gated and normal config
- some 4.4 issues with the new config

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-17 14:52:32 +00:00
Justin Cormack
91324763e9 Merge pull request #1199 from ijc25/cpuacct-online-offline
Revert "sched/cpuacct: Show all possible CPUs in cpuacct output" in 4.9 kernel
2017-02-17 13:43:15 +00:00
Ian Campbell
d4697b22ab Revert "sched/cpuacct: Show all possible CPUs in cpuacct output" in 4.9 kernel
This change (5ca3726 added in v4.7-rc1) exposed issues described in
https://github.com/docker/docker/issues/28941, since we don't support CPU
hotplug anyway revert the change while we decide on a proper fix.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-02-17 13:19:18 +00:00
Justin Cormack
0bb61ead06 Merge pull request #1193 from justincormack/kernelup
Update Linux 4.4 to 4.4.49
2017-02-16 09:40:30 +00:00
Justin Cormack
b18c907384 Merge pull request #1190 from justincormack/iburst
Stop using dhcp ntp and fix the options used on OSX
2017-02-16 08:50:31 +00:00
Justin Cormack
cfff8cdfc6 Merge pull request #1192 from RobbKistler/1139-fix-disk-race
Re-run `mdev -s` if /dev/sda1 isn't populated
2017-02-16 08:49:49 +00:00
Justin Cormack
10e63b176a Update Linux 4.4 to 4.4.49
Security update, low importance.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-16 08:47:52 +00:00
Robb Kistler
b4d18d867e Re-run mdev -s if /dev/sda1 isn't populated
Fixes #1139

Signed-off-by: Robb Kistler <robb.kistler@docker.com>
2017-02-15 17:47:38 -08:00
Justin Cormack
9d64a6dea2 Stop using dhcp ntp and fix the options used on OSX
The options added in de6e7f9cbe
were not applied for ntp configured servers.

As the address is always the same, stop using dhcp and just hard code this.
This should make sync work how it used to, ie quite well.

Also trust the GCP ntp server, as it is local and provided by infrastructure.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-15 17:54:41 +00:00
Rolf Neugebauer
659949aba5 Merge pull request #1189 from rneugeba/kern-up
kernel: Update to 4.9.10
2017-02-15 17:50:10 +00:00
Rolf Neugebauer
49ceee18d7 kernel: Update to 4.9.10
4.9.10 included several of the VMBus patches we no longer
need to carry.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-02-15 16:50:31 +00:00
Justin Cormack
a50e3bac9e Merge pull request #1187 from justincormack/pool
Use ntp pool not single server for AWS
2017-02-14 17:50:06 +00:00
Justin Cormack
fd6169b607 Use ntp pool not single server for AWS
Some of the servers are off by a lot, eg 7s in one case I saw.

SHould help with #1186

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-14 13:20:18 +00:00
Justin Cormack
dd5f82d81d Merge pull request #1175 from riyazdf/kern-config-hardening
Kernel config hardening
2017-02-13 20:09:55 +00:00
Riyaz Faizullabhoy
5a5c58c29f Bump kernel config test and revert IA32_EMULATION
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-02-13 11:38:14 -08:00
Riyaz Faizullabhoy
7036d3d676 Add page_poison=1 to boot args
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-02-13 10:16:46 -08:00
Justin Cormack
24c029ab8a Update kernel config check for suggested values
This should be done with #1175

Config not updated as may still need changes

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-02-13 10:14:53 -08:00
Riyaz Faizullabhoy
8fdc58e867 Harden kernel config with page poisoning, randomized mem, disabling ia32 and ldt syscall modification
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-02-13 10:13:48 -08:00
Riyaz Faizullabhoy
c77b192a39 Bump kernel config to 4.9.8
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-02-13 10:13:48 -08:00
Riyaz Faizullabhoy
24f799284a Merge pull request #1185 from justincormack/build-kernel
alpine-build-c is only used for kernel builds so rename
2017-02-13 09:56:36 -08:00