linuxkit

mirror of https://github.com/linuxkit/linuxkit.git synced 2026-01-19 16:54:48 +00:00

Author	SHA1	Message	Date
Justin Cormack	e17ff361ee	Split the initrd into base and containers In future this will allow easier customisation of the containers for each edition. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 18:13:45 +00:00
Justin Cormack	0cdb8e7a84	Merge pull request #762 from simonferquel/vsudd_dontretry_on_dockerd [vsudd] Don't retry when dockerd is not running	2016-12-02 08:23:23 -08:00
Justin Cormack	7c8effebbc	Merge pull request #830 from justincormack/initrd-align-4 Align compressed initrd to 4 bytes	2016-12-02 08:14:36 -08:00
Justin Cormack	b6cb412309	Align compressed initrd to 4 bytes Allows appending another initrd. Also build initrd on tmpfs as should be a bit faster now we have to do another copy. Fix #618 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 16:05:49 +00:00
Justin Cormack	bc121d1479	Merge pull request #829 from justincormack/linuxup Update to Linux 4.8.12	2016-12-02 06:52:22 -08:00
Justin Cormack	b2d3e6fa4a	Merge pull request #828 from justincormack/azure-quoting Missing quote in azure init script	2016-12-02 06:12:54 -08:00
Justin Cormack	9352523bdb	Update to Linux 4.8.12 - security update Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 14:12:06 +00:00
Justin Cormack	f247551d52	Missing quote in azure init script Fix #826 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 14:03:21 +00:00
Justin Cormack	bf1c21e045	Run rngd inside a system container - this needs an init as it does not respond to stop signals, so include tini - needs CAP_SYS_ADMIN to write to kernel entropy estimate - set kernel.random.write_wakeup_threshold so that rngd does not need sysctl write access - build patches from Alpine, but statically linked - remove rngd from base image, means we no longer need community repository Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 14:00:12 +00:00
Justin Cormack	89efaa4fe7	Merge pull request #825 from justincormack/go-up Update to Go 1.7.4	2016-12-02 01:59:39 -08:00
Justin Cormack	79e6f8c95d	Update to Go 1.7.4 Security update. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 09:51:36 +00:00
Justin Cormack	c0a795d48b	Merge pull request #819 from riyazdf/lynis-sysctl-changes Add sysctl changes as suggested by lynis	2016-12-02 01:30:55 -08:00
Riyaz Faizullabhoy	cb1ebba19d	Bump windows azure linux agent to include openssl config swapping logic Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-01 19:15:50 -08:00
Riyaz Faizullabhoy	fdffacd809	Add sysctl changes as suggested by lynis Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-01 15:41:57 -08:00
Justin Cormack	116179c895	Merge pull request #820 from riyazdf/digests-and-trust Use digests for external images and scripts where possible	2016-12-01 12:57:32 -08:00
Justin Cormack	1241b45a49	Merge pull request #822 from riyazdf/dct-in-pull Use DCT in library/docker run command	2016-12-01 10:34:33 -08:00
Riyaz Faizullabhoy	8b7cdd41dc	Use digests instead of tags where possible Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-01 09:39:02 -08:00
Riyaz Faizullabhoy	49a2fc6017	Use DCT in library run command Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-01 09:27:01 -08:00
Justin Cormack	8b77e988b5	Makefile cleanup for binfmt Remove duplication and simplify. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-01 15:23:03 +00:00
Nathan LeClaire	73114489b2	Merge pull request #788 from justincormack/small-ami Use a 1G AMI	2016-11-30 16:22:41 -08:00
Justin Cormack	ea4809a647	Use DOCKER_CONTENT_TRUST=1 when pulling library images When building the base images always test signatures. This will be the default at some point. Add a test that content trust is working. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-30 13:35:38 +00:00
Justin Cormack	3e6301f501	Containerize binfmt_misc - statically make containerd symlinks so rootfs can be read only - run binfmt_misc in a containerd container - ship arm, aarch64, ppc64le qemu static versions that always "just work" as this is supported in Linux 4.8 fix #53 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-30 12:49:37 +00:00
Simon Ferquel	2287d5d7d2	Redirect vsudd stdout/stderr to console Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>	2016-11-30 10:31:11 +01:00
Simon Ferquel	d40570f976	[vsudd] Don't retry when dockerd is not running Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>	2016-11-30 10:31:11 +01:00
Justin Cormack	67527099ec	Merge pull request #811 from justincormack/noswap Disable rc swap script	2016-11-29 07:47:00 -08:00
Justin Cormack	b011c62704	Merge pull request #808 from FrenchBen/fix-azure Fixed Azure go utils	2016-11-29 07:46:41 -08:00
Justin Cormack	fc1340c2cf	Merge pull request #809 from justincormack/shell-exec Use shell to execute userdata	2016-11-29 07:43:14 -08:00
Justin Cormack	c741ae116b	Disable rc swap script We now do our own swap management in automount. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-29 15:31:12 +00:00
Justin Cormack	71c4b1a07c	Use shell to execute userdata /tmp is mounted `noexec`, just use the shell to execute the userdata. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-29 15:19:09 +00:00
French Ben	86cfaa9393	Fixed Azure go utils Signed-off-by: French Ben <frenchben@docker.com>	2016-11-29 07:13:24 -08:00
Justin Cormack	1265e910ff	Merge pull request #806 from riyazdf/disable-kernel-modules Disable kernel modules for cloud editions from moby	2016-11-28 16:07:03 -08:00
Riyaz Faizullabhoy	0a265fa521	Disable kernel modules for cloud editions from moby by checking in a modified sysctl init with a cloud config Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-11-28 15:40:02 -08:00
Justin Cormack	1f422952e1	Merge pull request #799 from justincormack/kernelup Update to Linux 4.8.11	2016-11-28 09:15:54 -08:00
Justin Cormack	a10937be11	Fix directories under /var after formatting - /var/lock test - add /var/cache subdirectories - move old boot2docker directories fix #801 fix #792 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 16:12:51 +00:00
Justin Cormack	12322d362c	Update to Linux 4.8.11 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 15:00:20 +00:00
Justin Cormack	abef0edf38	Use the upstream binfmt script not out custom one This makes the binfmt package much simpler, just a config file. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 13:53:14 +00:00
Justin Cormack	44832cec1b	Use the procfs script to mount binfmt This means our script does not need to do mount. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 12:17:23 +00:00
Justin Cormack	c92d7b2af0	Merge pull request #796 from justincormack/toybox-fix Fix build failure in toybox build with one argument	2016-11-28 04:07:08 -08:00
Justin Cormack	e29f00b35f	Fix build failure in toybox build with one argument Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 11:59:09 +00:00
David Scott	3726abb3d1	Fix filesystem resize by calling `e2fsck -f` first Previously when the block device was resized the partition table was also resized but the filesystem was not. For an increase from 64GiB to 128GiB the console showed: * Configuring host block device .../dev/vda1: clean, 62/4194304 files, 604445/16776960 blocks Resizing disk partition: Unpartitioned space /dev/vda: 64 GiB, 68719476736 bytes, 134217728 sectors resize2fs 1.43.3 (04-Sep-2016) Please run 'e2fsck -f /dev/vda1' first. /dev/vda1: clean, 62/4194304 files, 604445/16776960 blocks This patch makes `resize2fs` happy by running `e2fsck -f` beforehand as requested. Signed-off-by: David Scott <dave.scott@docker.com>	2016-11-28 11:32:12 +00:00
Justin Cormack	c860e6e961	Re-add strace Trying to debug apk issues. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-25 17:26:34 +00:00
Justin Cormack	38183b2f76	Merge pull request #793 from justincormack/tmp-tmpfs Add a tmpfs at /tmp	2016-11-25 09:11:21 -08:00
Justin Cormack	1f87461538	Add a tmpfs at /tmp This makes sure that once we have ro rootfs any programs that still for any reason use `/tmp` can still write to it, or if people expect sharing it into a container to work. fix #778 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-25 17:05:45 +00:00
Justin Cormack	8f375ddd48	Make sure we do apk upgrade -a Also base off 3.4 for consistency. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 21:07:00 +00:00
Justin Cormack	bf1af7efb9	Use a 1G AMI Now we do dynamic resize, choose the smallest AMI size, 1G rather than the old 20G AMI. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 13:51:53 +00:00
Justin Cormack	8ccb1bfdb3	Remove last references to EXPERIMENTAL Only support 1.13 now, experimental is a runtime flag. see #647 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 13:37:07 +00:00
Justin Cormack	d685d8b029	Merge pull request #786 from justincormack/git-commit Add Moby git commit to image	2016-11-24 05:14:46 -08:00
Justin Cormack	be12f5888f	Add Moby git commit to image Fix #345 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 13:09:58 +00:00
Justin Cormack	65d627b938	Use daemon version in diagnostics Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 12:23:27 +00:00
Justin Cormack	c2ea4a2381	Update Alpine 3.5 base image - openrc updates - SSL certs package no longer depends on openssl tool in libressl package. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-24 12:08:13 +00:00

1 2 3 4 5 ...

1184 Commits