github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-12-03 16:06:19 +00:00
Code Issues Projects Releases Wiki Activity
1,615 Commits 1 Branch 31 Tags
ae885bd714ff3e9d91b72328a9d9865b65a68f01
Commit Graph

14 Commits

Author SHA1 Message Date
Justin Cormack
545b12ee7d Explicitly use slirp-proxy in iptables 
So as to allow a read only root filesystem, we use the proxy
path config option to override the Docker proxy for 1.13.

This means that the iptables override needs to call this binary
not the original docker-proxy binary to allow port forwarding.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-23 13:48:27 +00:00
Justin Cormack
cfbdc7d067 do not remove build containers 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-10-11 16:12:40 +01:00
Justin Cormack
fa19d3259b Use build container id rather than tagging builds 
This means that multiple builds will not conflict, so we can
remove the lock from the CI. Also quieter when no errors.

Some still left to do, only done the ones used in build and CI
initially. Some of the others will be cleaned up anyway later.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-29 20:21:17 +01:00
Justin Cormack
1b487549bb use tar for iptables 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
276157a769 Move all output to the directories it will be in eventually 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
David Scott
710cd1aebb iptables wrapper: write to syslog rather than /var/log/service-port-opener.log 
This will enable proper log rotation and is simpler.

Signed-off-by: David Scott <dave.scott@docker.com>
 2016-09-01 11:28:14 +01:00
David Scott
17d110d770 iptables: log to /var/log/... rather than /var/run/log 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
55a2becfb4 iptables: only open host ports if native/port-forwarding=true in the db 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
d0876fb05e iptables: add a TODO 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
12fbe114f6 iptables: remove the pid file after sending SIGTERM 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
3183d9c72a iptables: get the kill arguments the right way round 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
a294b0f9b0 iptables: close all the fds we inherit from docker 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
David Scott
80b234dd3e Add primitive iptables wrapper which can set up port forwards 
Signed-off-by: David Scott <dave.scott@docker.com>
 2016-07-12 10:26:42 +01:00
Ian Campbell
0c471bdc09 Simple build system for ocaml-based iptables 
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2016-07-12 10:26:39 +01:00