This tells start-stop-daemon to run tap-vsockd as a daemon, and tells
tap-vsockd not to daemonize itself. This seems to work more reliably
than when tap-vsockd self-daemonizes.
Signed-off-by: David Scott <dave.scott@docker.com>
Linux xargs calls the command with no arguments if it gets no inputs, which
`docker rmi` complains about. It provides -r / --no-run-if-empty to prevent
this but unfortunately this isn't supported on OSX.
Ignore errors from `docker rmi` so that `make clean` will keep going and clean
up later stuff.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Reconfigure chronyd in a udhcpc post-bound hook and restart it, but use
conditionalrestart so it is not started if it isn't running, which is the case
during boot when this hook happens from init.d/networking via ifup, running
"service ... start" in that context results in the daemon running but the
service db saying it isn't.
Doing it in the udhcpc hook leaves a nice hole where support for getting the
NTP server via DHCP can fit in once it is available.
This also switches from using "initstepslew" to "makestep", the former was
responsible for the long delay starting chronyd (meaning we can now drop
"before chronyd" from Docker's init dependencies), while the later will force a
step if the time is out by more than the configured amount (half a second
here), meaning it will be corrected on resume. The rest of the time it chrony
will do the usual slewing to keep the clock accurate. Passing -1 as the limit
to "makestep" ensures the step will always occur, if it were positive it would
only be done that number of times.
We add "iburst" and "minpoll 2" to the default configuration file to speed up
initial sync and resync after sleep respectively, resync after sleep happens in
a couple of seconds. In "ntp=gateway" mode we also patch in "trust", this isn't
in the default config file since we won't be so sure about DHCP provided
servers, but when talking to a host provided NTP we want to use its time (for
sync accross host mounts) even if it has a crazy idea about what the time is.
With this we can also remove the 15min ntp sync, which in turn gets rid of the
need for cron.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Add a mount suitability predicate, a pong reply message type, and a log
notice message type. Also, fixes the multi-line mount point printing issue.
Signed-off-by: David Sheets <dsheets@docker.com>
Mount points are now made dynamically if either the leaf doesn't exist
or the leaf has no children. Any proper prefix of the target mount point may
or may not exist prior to mounting.
Signed-off-by: David Sheets <dsheets@docker.com>
The VPN interface is configure with a routing metric of 199. If VPN mode
is enabled and we have static IP address configured (which is what we do
on Windows) then all traffic would still go via eth0 and not, as expected,
via the VPN interface.
With this PR we set the metric for eth1 to 200, thus, if VPN mode enabled
traffic will be routed over the VPN interface.
This fix is a bit Uggh, but it's the simplest way to apply this late in the
release cycle without requiring re-run of all OS X tests.
We should fix this properly after this release.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Allow the host to configure a static IP address for eth0 by setting the
following DB keys:
- net/config: "static" (default or not set -> dhcp)
- net/address: IP address
- net/netmask: netmask in dot notation
- net/gateway: default gateway
Also allow overwriting/setting "/etc/resolve.conf" by writing to
the "etc/resolv.conf" key.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
On both Mac and Windows we have one well-known port and a SOCKS-like
port to tunnel connections through it. This was necessary on Windows
where ports have well-known GUIDs, but we might as well do it the same
way on both platforms for consistency.
This patch removes the dynamic binding of vsock ports, which fails on
a Windows Moby anyway.
Signed-off-by: David Scott <dave.scott@docker.com>
When running in VPN mode eth0 and eth1 have default routes, but
eth1 has the lowest metric. However the host CIFS server can
only be contacted via eth0, so always use the eth0 address.
Signed-off-by: David Scott <dave.scott@docker.com>
