This adds support for the updated Hyperkit API, which is needed to
request a specific IP address in new versions of VPNKit / Docker for
Mac. IPs encoded in the UUID (the old method) will now be ignored by
VPNKit.
A preferred IPv4 address can be requested directly via the new API. The
IP is then associated with the VPNKit UUID identifying the connection.
The UUID is either user specified or randomly assigned if left empty.
VMs launched with the same VPNKit UUID it will get the same IP address.
To avoid having to copy the assigned UUID manually, a file `uuid.vpnkit`
is now saved in the state directory when the UUID is generated. The UUID
from this file is reused automatically if it exists, unless a different
VPNKit UUID is specified on the command line. This also means that VMs
that use dynamically assigned IPs will by default get the same IP each
time they are started, as long as the state directory exists.
This change is incompatible with earlier versions of VPNKit / Hyperkit
and a recent version of Docker for Mac has to be installed. If the
feature is unsupported using the `--ip` parameter will exit with an
error message.
Signed-off-by: Magnus Skjegstad <magnus@skjegstad.com>
This is less confusing as there is also an output option to set the file.
See https://github.com/moby/tool/pull/146
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Before:
docker-for-mac djs$ docker -H unix://docker-for-mac-state/guest.00000947 ps
Cannot connect to the Docker daemon at unix://docker-for-mac-state/guest.00000947. Is the docker daemon running?
After:
docker-for-mac djs$ docker -H unix://docker-for-mac-state/guest.00000948 ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Signed-off-by: David Scott <dave.scott@docker.com>
Previously the docker-for-mac example had a `files` declaration
which wrote `/var/config/docker/daemon.json`. This was probably an
error because the `/var/config` directory is owned by the `metadata`
package. It used to work -- probably by accident -- but doesn't
any more.
This patch switches to using the metadata package to populate the
`daemon.json`.
Signed-off-by: David Scott <dave.scott@docker.com>
The first is needed by the okernel project and last two to run
configure on the zfs kernel modules.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Note, on x86_64 for 4.12.9 a new kernel option,
HARDLOCKUP_CHECK_TIMESTAMP was added which defaults to enabled. It enables
a low pass filter to compensate for perf based hard lockup detection.
Added this option to the x86_64 4.12.x kernel confog file.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Due to https://github.com/moby/moby/issues/34199 we can't supply
the FROM image via --build-arg and use DOCKER_CONTENT_TRUST=1 for build.
So we pull the image with DCT and then explicitly build it without.
This regression was introduced with 8b84baf2 ("kernel: Allow disabling content trust")
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
