Files in `/etc/local.d/` will be executed:
If a file in this directory is executable and it has a .start extension,
it will be run when the local service is started. If a file is
executable and it has a .stop extension, it will be run when the local
service is stopped.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Tweak the config to use RDSEED or (fallback) RDRAND. Makes sure
we have initial random seed in cases where there is no other
random source if these are supported.
The default config in Alpine currently disables these, which makes
it pretty useless, as there is no motherboard rng support any more.
Replaces #517Fix#514Fix#183
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Previously we used the defaults (main and community) but we
currently only need main, but are likely to need some packages
from edge soon.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Model for the others, make sure dependencies are correct and that
only the exactly correct things are passed to Docker. No longer copy
vendor directory.
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
This was added in #87 to support Kubernetes, but they no longer
support install via Docker so can remove.
Hopefully we have not started requiring this for anything else.
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
This tags a base Alpine image with the packages we use by finding
the has of the package install manifest and using that to tag
the image on hub.
Hub org needs changing, and not sure how this will work out yet.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This uses the new Alpine sysfs.conf service to allow config of sysfs.
Default file that sets transparent huge pages to only be used on request
to fix#368
Database setting available for user configuration.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Several people have asked for this for processing JSON config
data, and about to do some myself and parsing with a regex is
not so nice.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
We want be able to build kernels for different archs without that they
clash with each other so we but the generated files into an $arch subdir.
Signed-off-by: Natanael Copa <natanael.copa@docker.com>
Not really required as ports exposed on localhost. If users
want to connext to VM ports they can use the IP address, as
this is discouraged. llmnr names are very slow to access,
so not nice to use.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This was there to workaround an issue with vmnet, not applicable now.
A user reported that they were getting unexpected 8.8.8.8 addresses
and it could possible be applied erroneously under some circumstances.
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
fix#153
For now, just create the default remap user, rather than trying
to fix the command emulation. The existing code in docker is not
ideal, as it is GNU specific, try to find a better option for
1.13.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Beginning of a proper test suite, using qemu. Test just runs docker
for now, will add further integration tests.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This is less to do with installing modules (which we generally don't expect to
use in Moby) but to populate /lib/modules/`uname -r`/modules.builtin which
turns:
moby:~# modprobe ip_vs
modprobe: FATAL: Module ip_vs not found in directory /lib/modules/4.4.14-moby
moby:~# modprobe nf_nat
modprobe: FATAL: Module nf_nat not found in directory /lib/modules/4.4.14-moby
moby:~#
into:
moby:~# modprobe ip_vs
moby:~# modprobe nf_nat
moby:~#
which reduces the amount noise in the logs, e.g. in docker.log:
time="2016-07-04T11:21:58Z" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: WARNING: Module nf_nat not found in directory /lib/modules/4.4.14-moby`, error: exit status 1"
A fair number of these appear in the logs.
This also stops various tools logging about /lib/modules/`uname -r` not
existing (there was one in the boot log until recently I think)
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
This is mac only (for now) and will not actually do anything until syslogd is
told to forward to /var/run/syslog.vsock.
syslog uses a SOCK_DGRAM connection to /var/run/syslog.vsock, however vsock
today is SOCK_STREAM only, so we need to "packetise" the stream. Do so by
writing the datagram length as a (little-endian) uint32 before the data itself.
This is slightly modelled after rfc6587 (syslog over TCP) but simplified by
using a 4-byte binary value rather than ASCII digits.
Arrange for vsudd to start before the logger so it is ready and waiting.
Note that the code in vsyslog.go needs to be rather careful about its own
logging, in particular logging forwarding failures over syslog seems likely to
make things worse. Instead this file logs to the console when errors occur,
this will be captured by the logging of the hyperkit VM console.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
