github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-23 19:05:37 +00:00
Code Issues Projects Releases Wiki Activity
1,983 Commits 1 Branch 27 Tags 240 MiB
c565c75a85
Commit Graph

1983 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Justin Cormack
842527996c Merge pull request #825 from justincormack/go-up 
Update to Go 1.7.4
 2016-12-02 01:59:39 -08:00
Justin Cormack
1ecdeeed44 Update to Go 1.7.4 
Security update.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-02 09:51:36 +00:00
Justin Cormack
5608dfbf5d Merge pull request #819 from riyazdf/lynis-sysctl-changes 
Add sysctl changes as suggested by lynis
 2016-12-02 01:30:55 -08:00
Justin Cormack
07b1806061 Merge pull request #824 from riyazdf/bump-waalinux-opensslconfig 
Bump windows azure linux agent to include openssl config swapping logic
 2016-12-02 01:29:06 -08:00
Riyaz Faizullabhoy
aa4e996d16 Bump windows azure linux agent to include openssl config swapping logic 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 19:15:50 -08:00
Riyaz Faizullabhoy
0eefa15623 Add sysctl changes as suggested by lynis 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 15:41:57 -08:00
Justin Cormack
cb486e5cc5 Merge pull request #820 from riyazdf/digests-and-trust 
Use digests for external images and scripts where possible
 2016-12-01 12:57:32 -08:00
Justin Cormack
c004fb5efa Merge pull request #822 from riyazdf/dct-in-pull 
Use DCT in library/docker run command
 2016-12-01 10:34:33 -08:00
Riyaz Faizullabhoy
4011d4842a Use digests instead of tags where possible 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 09:39:02 -08:00
Riyaz Faizullabhoy
4068e792fd Use DCT in library run command 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 09:27:01 -08:00
Justin Cormack
6b47f7ef6d Merge pull request #821 from justincormack/binfmt-cleanup 
Makefile cleanup for binfmt
 2016-12-01 07:30:09 -08:00
Justin Cormack
19e3dd4c60 Makefile cleanup for binfmt 
Remove duplication and simplify.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-01 15:23:03 +00:00
Nathan LeClaire
b5ea59e122 Merge pull request #788 from justincormack/small-ami 
Use a 1G AMI
 2016-11-30 16:22:41 -08:00
Justin Cormack
b0fdca348b Merge pull request #817 from justincormack/content-trust 
Use DOCKER_CONTENT_TRUST=1 when pulling library images
 2016-11-30 05:40:56 -08:00
Justin Cormack
ae885bd714 Use DOCKER_CONTENT_TRUST=1 when pulling library images 
When building the base images always test signatures.

This will be the default at some point.

Add a test that content trust is working.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-30 13:35:38 +00:00
Justin Cormack
078f8be56c Merge pull request #815 from justincormack/binfmt-container 
Containerize binfmt_misc
 2016-11-30 05:33:38 -08:00
Justin Cormack
8d3691fabb Containerize binfmt_misc 
- statically make containerd symlinks so rootfs can be read only
- run binfmt_misc in a containerd container
- ship arm, aarch64, ppc64le qemu static versions that always "just work" as this is supported in Linux 4.8

fix #53

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-30 12:49:37 +00:00
Simon Ferquel
641669cafb Redirect vsudd stdout/stderr to console 
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
 2016-11-30 10:31:11 +01:00
Simon Ferquel
a12a833b20 [vsudd] Don't retry when dockerd is not running 
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
 2016-11-30 10:31:11 +01:00
Justin Cormack
1f2f77f1e9 Merge pull request #811 from justincormack/noswap 
Disable rc swap script
 2016-11-29 07:47:00 -08:00
Justin Cormack
e131ad013e Merge pull request #808 from FrenchBen/fix-azure 
Fixed Azure go utils
 2016-11-29 07:46:41 -08:00
Justin Cormack
018be45ec8 Merge pull request #809 from justincormack/shell-exec 
Use shell to execute userdata
 2016-11-29 07:43:14 -08:00
Justin Cormack
2f0211b1e8 Disable rc swap script 
We now do our own swap management in automount.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-29 15:31:12 +00:00
Justin Cormack
e7ea0fbd37 Use shell to execute userdata 
/tmp is mounted `noexec`, just use the shell to execute the userdata.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-29 15:19:09 +00:00
French Ben
db1fe34243 Fixed Azure go utils 
Signed-off-by: French Ben <frenchben@docker.com>
 2016-11-29 07:13:24 -08:00
Justin Cormack
d523b95b1f Merge pull request #806 from riyazdf/disable-kernel-modules 
Disable kernel modules for cloud editions from moby
 2016-11-28 16:07:03 -08:00
Riyaz Faizullabhoy
c492c01c82 Disable kernel modules for cloud editions from moby by checking in 
a modified sysctl init with a cloud config

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-11-28 15:40:02 -08:00
Justin Cormack
ac484232f7 Merge pull request #799 from justincormack/kernelup 
Update to Linux 4.8.11
 2016-11-28 09:15:54 -08:00
Justin Cormack
228acc91f5 Merge pull request #802 from justincormack/var-dirs-extra 
Fix directories under /var after formatting
 2016-11-28 08:19:00 -08:00
Justin Cormack
8a5d7ecadf Fix directories under /var after formatting 
- /var/lock test
- add /var/cache subdirectories
- move old boot2docker directories

fix #801
fix #792

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-28 16:12:51 +00:00
Justin Cormack
b9acf524f9 Update to Linux 4.8.11 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-28 15:00:20 +00:00
Justin Cormack
8146c2ae72 Merge pull request #798 from justincormack/binfmt-upstream 
Use the upstream binfmt script not out custom one
 2016-11-28 06:01:00 -08:00
Justin Cormack
9dd0b21f61 Use the upstream binfmt script not out custom one 
This makes the binfmt package much simpler, just a config file.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-28 13:53:14 +00:00
Justin Cormack
34d5b8a939 Merge pull request #797 from justincormack/binfmt-nomount 
Use the procfs script to mount binfmt
 2016-11-28 05:27:00 -08:00
Justin Cormack
0a4b71edbe Use the procfs script to mount binfmt 
This means our script does not need to do mount.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-28 12:17:23 +00:00
Justin Cormack
77a8378e62 Merge pull request #796 from justincormack/toybox-fix 
Fix build failure in toybox build with one argument
 2016-11-28 04:07:08 -08:00
Justin Cormack
33888458e5 Fix build failure in toybox build with one argument 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-28 11:59:09 +00:00
Justin Cormack
60beadb13f Merge pull request #795 from djs55/fix-resize 
Fix filesystem resize by calling `e2fsck -f` first
 2016-11-28 03:42:15 -08:00
David Scott
79f8a87569 Fix filesystem resize by calling e2fsck -f first 
Previously when the block device was resized the partition table was also
resized but the filesystem was not. For an increase from 64GiB to 128GiB
the console showed:

     * Configuring host block device .../dev/vda1: clean, 62/4194304 files, 604445/16776960 blocks
    Resizing disk partition: Unpartitioned space /dev/vda: 64 GiB, 68719476736 bytes, 134217728 sectors
    resize2fs 1.43.3 (04-Sep-2016)
    Please run 'e2fsck -f /dev/vda1' first.

    /dev/vda1: clean, 62/4194304 files, 604445/16776960 blocks

This patch makes `resize2fs` happy by running `e2fsck -f` beforehand as
requested.

Signed-off-by: David Scott <dave.scott@docker.com>
 2016-11-28 11:32:12 +00:00
Justin Cormack
b2cae0e086 Merge pull request #794 from justincormack/strace 
Re-add strace
 2016-11-25 09:30:46 -08:00
Justin Cormack
be56c8e68a Re-add strace 
Trying to debug apk issues.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-25 17:26:34 +00:00
Justin Cormack
94f73c7664 Merge pull request #793 from justincormack/tmp-tmpfs 
Add a tmpfs at /tmp
 2016-11-25 09:11:21 -08:00
Justin Cormack
46adfec8a7 Add a tmpfs at /tmp 
This makes sure that once we have ro rootfs any programs that still
for any reason use `/tmp` can still write to it, or if people expect
sharing it into a container to work.

fix #778

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-25 17:05:45 +00:00
Justin Cormack
74db55253f Merge pull request #791 from justincormack/alpinefix 
Make sure we do apk upgrade -a
 2016-11-24 13:13:55 -08:00
Justin Cormack
35c0bfe529 Make sure we do apk upgrade -a 
Also base off 3.4 for consistency.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-24 21:07:00 +00:00
Justin Cormack
87ff76fd97 Merge pull request #789 from justincormack/no-experimental-2 
Remove more references to EXPERIMENTAL
 2016-11-24 07:11:31 -08:00
Justin Cormack
08de1b1477 Remove more references to EXPERIMENTAL 
can use MEDIA_PREFIX to set similar rpefix

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-24 15:02:41 +00:00
Justin Cormack
0daeb4cfc9 Use a 1G AMI 
Now we do dynamic resize, choose the smallest AMI size, 1G rather
than the old 20G AMI.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-24 13:51:53 +00:00
Justin Cormack
9f8c557ce7 Merge pull request #787 from justincormack/no-experimental 
Remove last references to EXPERIMENTAL
 2016-11-24 05:44:27 -08:00
Justin Cormack
997550c1a2 Remove last references to EXPERIMENTAL 
Only support 1.13 now, experimental is a runtime flag.

see #647

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-24 13:37:07 +00:00