github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-08-31 22:51:41 +00:00
Code Issues Projects Releases Wiki Activity
5,513 Commits 1 Branch 29 Tags
bcb9d5ec3fbf87f6165572971ff7f337f1b2fb6a
Commit Graph

5513 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Justin Cormack
40beba49aa Merge pull request #1472 from justincormack/no-ambient 
Do not set ambient caps for now
 2017-04-03 18:50:16 +01:00
Justin Cormack
47e483fea3 Do not set ambient caps for now 
Will make it explicit later.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-03 18:39:16 +01:00
Justin Cormack
2a1199eaee Merge pull request #1471 from ijc25/runc-to-match-containerd 
Update to runc ef9a4b315558d31eae520725ff67383c2f79c3cb
 2017-04-03 18:38:08 +01:00
Ian Campbell
709402d780 Update to runc ef9a4b315558d31eae520725ff67383c2f79c3cb 
This is compatible with containerd 8353da59c6ae7e1933aac2228df23541ef8b163f
which was picked up by d2caae4c1a.

This required jiggering with riddler output some more to update to new OCI
config.json format for capabilities.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-04-03 16:47:14 +01:00
thebsdbox
f229e08965 VMware Fusion 8.x / Workstation 12+ / VMware VIX vmrun support 
Signed-off-by: Dan Finneran <daniel.finneran@gmail.com>
 2017-04-03 14:19:13 +01:00
Dave Tucker
6726746484 Add a runner for UEFI ISOs 
Fixes #480

Signed-off-by: Dave Tucker <dt@docker.com>
 2017-04-03 14:13:37 +01:00
Justin Cormack
684ea64c73 Merge pull request #1468 from amirmc/patch-1 
Fix minor typos in weekly report
 2017-04-03 13:40:40 +01:00
Amir Chaudhry
6ea33853b3 Fix minor typos in weekly report 
Signed-off-by: Amir Chaudhry <amir@docker.com>
 2017-04-03 13:33:35 +01:00
Justin Cormack
07dc850a73 Merge pull request #1466 from justincormack/ena 
Add support for AWS ENA network driver
 2017-04-03 12:25:48 +01:00
Justin Cormack
7cb524029c Add support for AWS ENA network driver 
This is a new PV style high performance network driver, added to
4.9 kernel, supporting 20Gb, see
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-03 11:14:34 +01:00
Justin Cormack
695e86e181 Merge pull request #1465 from rneugeba/kern-up 
kernel: Update to 4.10.8/4.9.20/4.4.59
 2017-04-03 11:12:16 +01:00
Rolf Neugebauer
43bd19620f kernel: Update to 4.10.8/4.9.20/4.4.59 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-03 11:05:10 +01:00
Justin Cormack
4220a65128 Merge pull request #1440 from riyazdf/security-arch 
Security docs
 2017-04-03 10:37:54 +01:00
Riyaz Faizullabhoy
c1f84921fe Address review comments 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-04-02 21:21:18 -07:00
Rolf Neugebauer
a8ad03feea Merge pull request #1463 from rneugeba/cli 
Improve the CLI tool
 2017-04-02 22:00:30 +01:00
Rolf Neugebauer
63bdeab660 cli: Add support for passing meta data to a hyperkit VM 
Add a -data option to the HyperKit "run" backend. This either
adds a string or a file to a ISO which is attached to the VM.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:35:45 +01:00
Rolf Neugebauer
ebcf91f19c vendor: Update iso9660wrap 
This version adds a function to write a buffer straight to a ISO

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:35:45 +01:00
Rolf Neugebauer
2a4c0bbf43 cli: Simplify run_hyperkit.go 
Separating command line option parsing from executing hyperkit
makes the code awkward with many parameters passed between functions.

Having everything in one function makes the code simpler.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:33:25 +01:00
Rolf Neugebauer
cbb3ff611f cli: Don't default to "moby" for run 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:33:25 +01:00
Rolf Neugebauer
eda4c14aa6 cli: Make the ".yml" extension optional for builds 
This provides a consistent UX between build and run:
moby build foo   # build from foo.yml
moby run foo     # boot, e.g., foo-bzImage, foo-initrd.img

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:33:25 +01:00
Rolf Neugebauer
838e4814e4 cli: Don't default to moby.yml 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 19:33:25 +01:00
Justin Cormack
bfbac93ef3 Merge pull request #1462 from justincormack/sort-deps 
Sort vendor.conf
 2017-04-02 18:20:41 +01:00
Justin Cormack
2d81ecfe62 Sort vendor.conf 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-02 18:03:32 +01:00
Thomas Gazagnaire
76b33742ac Merge pull request #1448 from samoht/i-got-an-ip 
miragesdk: put the DHCP lease info into the host filesystem
 2017-04-02 18:32:51 +02:00
Justin Cormack
0e99c2454c Merge pull request #1461 from justincormack/report-2-april 
Add report for 2 April 2017
 2017-04-02 16:59:44 +01:00
Justin Cormack
d1031192b3 Add report for 2 April 2017 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-02 16:46:56 +01:00
Justin Cormack
e2ec6c2a93 Merge pull request #1459 from rneugeba/ebpf-fix 
docs: Move ebpf.md to projects
 2017-04-02 14:04:09 +01:00
Rolf Neugebauer
63c89507e7 docs: Move ebpf.md to projects 
This was missed when moving the ebpf stuff into a project.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-02 13:09:29 +01:00
Justin Cormack
8aa1078fe2 Merge pull request #1457 from justincormack/dockercon-summit 
Add a doc for topics to discuss at the Summit at Dockercon
 2017-04-02 12:53:12 +01:00
Justin Cormack
faad84431e Add a doc for topics to discuss at the Summit at Dockercon 
(as per containerd)

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-02 12:43:52 +01:00
Thomas Gazagnaire
e3939e03c0 miragesdk: fix the build after the switch from mirage tool to jbuilder 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
e976a6c4aa miragesdk: ship Git the init image (to debug) 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
1495dabccb miragesdk: allow the command run by the privileged container to be overwritten 
Use a file (that we can drop easily into the rootfs) instead of passing the full
command on the CLI (as config.json needs to be edited otherwise).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Thomas Gazagnaire
8d3cea1980 miragesdk: do not use inotify in the privileged container 
The inotify bindings that we are using is a bit sensitive to init
conditions, and it seems to not like being run inside in a container.

See https://github.com/samoht/irmin-watcher/issues/10

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Thomas Gazagnaire
dfb078825b miragesdk: simplify the build of the calf binary 
For now, use jbuilder to build the calf as well, this gives us a bit
more control than the mirage tool. We will switch back to the mirage
tool later on if we want to use more fancy backends (such as KVM).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Justin Cormack
8513d3a995 Merge pull request #1445 from tych0/security-non-events 
docs: add a security-events.md
 2017-04-02 12:17:20 +01:00
Tycho Andersen
12624b60bf add some headings, fix some spelling mistakes 
Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-04-01 11:32:41 -06:00
Justin Cormack
4fab33d34b Merge pull request #1452 from rneugeba/efiiso 
Fix EFI ISO generation
 2017-04-01 18:03:56 +02:00
Rolf Neugebauer
616b073c13 cli: Use fixed mkimage-iso-efi image 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-01 16:25:02 +01:00
Rolf Neugebauer
be16cf67b4 tools: Fix make-efi script 
mkfs.vfat prints output (even without the -v option) which ends up
in front of the ISO, which is cat'ed to stdout. This made the generated
ISO unbootable. Redirect stdout of mkfs.vfat to /dev/null.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-01 16:22:35 +01:00
Rolf Neugebauer
b5e07659bb Merge pull request #1449 from rneugeba/hk-cli-fix 
cli: Add option to specify hyperkit to use
 2017-03-31 23:05:02 +01:00
Riyaz Faizullabhoy
98a2bc7f1d Merge pull request #1446 from amirmc/patch-1 
Fix links in weekly report
 2017-03-31 11:50:20 -07:00
Rolf Neugebauer
db7b8a3b71 cli: Add option to specify hyperkit to use 
Some users seem to have Docker for Mac/hyperkit in a non-standard
path. Allow them to specify the path to the hyperkit executable.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-03-31 19:21:02 +01:00
Rolf Neugebauer
91c66d5633 Merge pull request #1444 from ijc25/kernel-rtl8139 
kernel Enable support for RTL8139 NIC
 2017-03-31 17:24:06 +01:00
Amir Chaudhry
64eadee5d6 Fix links in weekly report 
Signed-off-by: Amir Chaudhry <amir@docker.com>
 2017-03-31 16:50:36 +01:00
Tycho Andersen
ad7ddba0dc docs: add a security-events.md 
In the same vein as [1], let's start talking about security events. I
suppose we want to talk about security events as well as non-events,
though, to give a little discussion about post moretem. But we can rename
this to security-non-events if we want.

[1]: https://github.com/docker/docker.github.io/blob/master/engine/security/non-events.md

Signed-off-by: Tycho Andersen <tycho@docker.com>
 2017-03-31 09:40:38 -06:00
Ian Campbell
80b3f45973 kernel Enable support for RTL8139 NIC 
This is the default NIC provided by virt-install, I think it is also pretty
common on other virtualisation platforms since both the drivers and the
emulation are pretty widespread (IIRC Xen HVM guests used to get this by
default, and may still do).

Personally I'd probably try and remember to switch to virtio (or even e1000) in
preference, but that's one more thing to do.

Bump the image number.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-03-31 15:54:27 +01:00
Ian Campbell
5e293f8479 kernel: Rerun make oldconfig on default kernel config 
... and accept the defaults. Doing so enables some hw monitoring on Intel
(which enables some I2C thing) and explicitly disables a few Mellanox options.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-03-31 15:54:22 +01:00
Rolf Neugebauer
c77d932321 Merge pull request #1438 from rneugeba/moby 
Support multiple "run" backends for the CLI
 2017-03-31 13:30:51 +01:00
Rolf Neugebauer
d731eabb71 Merge pull request #1432 from rneugeba/patchup 
Update kernels to 4.4.58/4.9.19/4.10.7 plus add VMBus patches
 2017-03-31 13:30:18 +01:00