Docker 1.11.1

Dockerfile.dapper

@@ -47,16 +47,16 @@ ARG OS_REPO=rancher
 ARG HOSTNAME_DEFAULT=rancher
 ARG DISTRIB_ID=RancherOS
 
-ARG DOCKER_VERSION=1.10.3
-ARG DOCKER_PATCH_VERSION=v${DOCKER_VERSION}-ros1
+ARG DOCKER_VERSION=1.11.1
+ARG DOCKER_PATCH_VERSION=v${DOCKER_VERSION}-ros2
 ARG SELINUX_POLICY_URL=https://github.com/rancher/refpolicy/releases/download/v0.0.2/policy.29
 
-ARG KERNEL_URL_amd64=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.2.0-34.39-rancher/linux-4.2.8-ckt4-rancher-x86.tar.gz
+ARG KERNEL_URL_amd64=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.4.0-23.41-rancher/linux-4.4.10-rancher-x86.tar.gz
 ARG KERNEL_URL_arm64=https://github.com/imikushin/os-kernel/releases/download/Estuary-4.1.18-arm64-3/linux-4.1.18-arm64.tar.gz
 
-ARG DOCKER_URL_amd64=https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}
-ARG DOCKER_URL_arm=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm
-ARG DOCKER_URL_arm64=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm64
+ARG DOCKER_URL_amd64=https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}.tgz
+ARG DOCKER_URL_arm=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm.tgz
+ARG DOCKER_URL_arm64=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm64.tgz
 
 ARG TOOLCHAIN_arm64=aarch64-linux-gnu
 ARG TOOLCHAIN_arm=arm-linux-gnueabihf
@@ -115,14 +115,14 @@ RUN ln -sf go-6 /usr/bin/go && \
 ENV GOPATH /go
 ENV PATH ${GOPATH}/bin:/usr/local/go/bin:$PATH
 
-# Install Docker
+# Install Host Docker
 RUN URL=DOCKER_URL_${HOST_ARCH} && \
-    curl -fL ${!URL} > /usr/bin/docker && \
+    curl -fL ${!URL} | tar xzf - --strip-components=1 -C /usr/bin docker/docker && \
     chmod +x /usr/bin/docker
 
-# Install Docker
-RUN curl -fL ${!DOCKER_URL} > ${DOWNLOADS}/docker && \
-    chmod +x ${DOWNLOADS}/docker
+# Install Target Docker
+RUN curl -fL ${!DOCKER_URL} > ${DOWNLOADS}/docker.tgz
+
 # Install Trash
 RUN go get github.com/rancher/trash
 

cmd/systemdocker/system-docker.go

@@ -1,30 +1,21 @@
 package systemdocker
 
 import (
+	"log"
 	"os"
-	"strings"
-	"syscall"
 
-	log "github.com/Sirupsen/logrus"
+	"github.com/docker/docker/docker"
 	"github.com/rancher/os/config"
 )
 
 func Main() {
-	var newEnv []string
-	for _, env := range os.Environ() {
-		if !strings.HasPrefix(env, "DOCKER_HOST=") {
-			newEnv = append(newEnv, env)
-		}
-	}
-
-	newEnv = append(newEnv, "DOCKER_HOST="+config.DOCKER_SYSTEM_HOST)
-
 	if os.Geteuid() != 0 {
 		log.Fatalf("%s: Need to be root", os.Args[0])
 	}
 
-	os.Args[0] = config.DOCKER_DIST_BIN
-	if err := syscall.Exec(os.Args[0], os.Args, newEnv); err != nil {
-		log.Fatal(err)
+	if os.Getenv("DOCKER_HOST") == "" {
+		os.Setenv("DOCKER_HOST", config.DOCKER_SYSTEM_HOST)
 	}
+
+	docker.Main()
 }

config/types.go

@@ -23,6 +23,7 @@ const (
 	MODULES_ARCHIVE    = "/modules.tar"
 	DEBUG              = false
 	SYSTEM_DOCKER_LOG  = "/var/log/system-docker.log"
+	SYSTEM_DOCKER_BIN  = "/usr/bin/system-docker"
 
 	LABEL         = "label"
 	HASH          = "io.rancher.os.hash"

images/02-console/Dockerfile

@@ -8,6 +8,9 @@ RUN sed -i 's/rancher:!/rancher:*/g' /etc/shadow && \
     echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
     echo '## allow password less for docker user' >> /etc/sudoers && \
     echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
-    ln -sf /usr/bin/docker.dist /usr/bin/docker
+    ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 COPY prompt.sh /etc/profile.d/
 CMD ["/usr/sbin/console.sh"]

images/02-preload/Dockerfile

@@ -1,4 +1,7 @@
 FROM rancher/os-base
-RUN ln -sf /usr/bin/docker.dist /usr/bin/docker
+RUN ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 COPY preload.sh  /
 CMD ["/preload.sh"]

images/10-centosconsole/Dockerfile

@@ -16,7 +16,10 @@ RUN groupadd --gid 1100 rancher && \
     echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
     echo '## allow password less for docker user' >> /etc/sudoers && \
     echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
-    ln -sf /usr/bin/docker.dist /usr/bin/docker
+    ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 COPY prompt.sh /etc/profile.d/
 ENTRYPOINT ["/usr/sbin/entry.sh"]
 CMD ["/usr/sbin/console.sh"]

images/10-debianconsole/Dockerfile

@@ -16,6 +16,9 @@ RUN addgroup --gid 1100 rancher && \
     echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
     echo '## allow password less for docker user' >> /etc/sudoers && \
     echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
-    ln -sf /usr/bin/docker.dist /usr/bin/docker
+    ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 ENTRYPOINT ["/usr/sbin/entry.sh"]
 CMD ["/usr/sbin/console.sh"]

images/10-fedoraconsole/Dockerfile

@@ -16,7 +16,10 @@ RUN groupadd --gid 1100 rancher && \
     echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
     echo '## allow password less for docker user' >> /etc/sudoers && \
     echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
-    ln -sf /usr/bin/docker.dist /usr/bin/docker
+    ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 COPY prompt.sh /etc/profile.d/
 ENTRYPOINT ["/usr/sbin/entry.sh"]
 CMD ["/usr/sbin/console.sh"]

images/10-ubuntuconsole/Dockerfile

@@ -16,6 +16,9 @@ RUN addgroup --gid 1100 rancher && \
     echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
     echo '## allow password less for docker user' >> /etc/sudoers && \
     echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
-    ln -sf /usr/bin/docker.dist /usr/bin/docker
+    ln -sf /usr/bin/docker.dist /usr/bin/docker && \
+    ln -sf /usr/bin/docker-containerd.dist /usr/bin/docker-containerd && \
+    ln -sf /usr/bin/docker-containerd-shim.dist /usr/bin/docker-containerd-shim && \
+    ln -sf /usr/bin/docker-runc.dist /usr/bin/docker-runc
 ENTRYPOINT ["/usr/sbin/entry.sh"]
 CMD ["/usr/sbin/console.sh"]

init/bootstrap.go

@@ -33,13 +33,12 @@ func runBootstrapContainers(cfg *config.CloudConfig) (*config.CloudConfig, error
 }
 
 func startDocker(cfg *config.CloudConfig) (chan interface{}, error) {
-
 	launchConfig, args := getLaunchConfig(cfg, &cfg.Rancher.BootstrapDocker)
 	launchConfig.Fork = true
 	launchConfig.LogFile = ""
 	launchConfig.NoLog = true
 
-	cmd, err := dockerlaunch.LaunchDocker(launchConfig, config.DOCKER_BIN, args...)
+	cmd, err := dockerlaunch.LaunchDocker(launchConfig, config.SYSTEM_DOCKER_BIN, args...)
 	if err != nil {
 		return nil, err
 	}

init/init.go

@@ -230,7 +230,7 @@ func RunInit() error {
 	launchConfig.Fork = !cfg.Rancher.SystemDocker.Exec
 
 	log.Info("Launching System Docker")
-	_, err = dockerlaunch.LaunchDocker(launchConfig, config.DOCKER_BIN, args...)
+	_, err = dockerlaunch.LaunchDocker(launchConfig, config.SYSTEM_DOCKER_BIN, args...)
 	if err != nil {
 		return err
 	}

main.go

@@ -1,10 +1,7 @@
 package main
 
 import (
-	"os"
-	"strings"
-
-	log "github.com/Sirupsen/logrus"
+	"github.com/docker/docker/docker"
 	"github.com/docker/docker/pkg/reexec"
 	"github.com/rancher/docker-from-scratch"
 	"github.com/rancher/os/cmd/cloudinit"
@@ -16,48 +13,32 @@ import (
 	"github.com/rancher/os/cmd/systemdocker"
 	"github.com/rancher/os/cmd/userdocker"
 	"github.com/rancher/os/cmd/wait"
-	"github.com/rancher/os/config"
 	osInit "github.com/rancher/os/init"
 )
 
-func registerCmd(cmd string, mainFunc func()) {
-	log.Debugf("Registering main %s", cmd)
-	reexec.Register(cmd, mainFunc)
-
-	parts := strings.Split(cmd, "/")
-	if len(parts) == 0 {
-		return
-	}
-
-	last := parts[len(parts)-1]
-
-	log.Debugf("Registering main %s", last)
-	reexec.Register(last, mainFunc)
-
-	log.Debugf("Registering main %s", "./"+last)
-	reexec.Register("./"+last, mainFunc)
+var entrypoints = map[string]func(){
+	"cloud-init":      cloudinit.Main,
+	"docker":          docker.Main,
+	"dockerlaunch":    dockerlaunch.Main,
+	"halt":            power.Halt,
+	"init":            osInit.MainInit,
+	"netconf":         network.Main,
+	"poweroff":        power.PowerOff,
+	"reboot":          power.Reboot,
+	"respawn":         respawn.Main,
+	"ros-sysinit":     sysinit.Main,
+	"shutdown":        power.Main,
+	"system-docker":   systemdocker.Main,
+	"user-docker":     userdocker.Main,
+	"wait-for-docker": wait.Main,
 }
 
 func main() {
-	registerCmd("/init", osInit.MainInit)
-	registerCmd(config.SYSINIT_BIN, sysinit.Main)
-	registerCmd("/usr/bin/dockerlaunch", dockerlaunch.Main)
-	registerCmd("/usr/bin/user-docker", userdocker.Main)
-	registerCmd("/usr/bin/system-docker", systemdocker.Main)
-	registerCmd("/sbin/poweroff", power.PowerOff)
-	registerCmd("/sbin/reboot", power.Reboot)
-	registerCmd("/sbin/halt", power.Halt)
-	registerCmd("/sbin/shutdown", power.Main)
-	registerCmd("/usr/bin/respawn", respawn.Main)
-	registerCmd("/usr/bin/ros", control.Main)
-	registerCmd("/usr/bin/cloud-init", cloudinit.Main)
-	registerCmd("/usr/sbin/netconf", network.Main)
-	registerCmd("/usr/sbin/wait-for-docker", wait.Main)
+	for name, f := range entrypoints {
+		reexec.Register(name, f)
+	}
 
 	if !reexec.Init() {
-		reexec.Register(os.Args[0], control.Main)
-		if !reexec.Init() {
-			log.Fatalf("Failed to find an entry point for %s", os.Args[0])
-		}
+		control.Main()
 	}
 }

os-config.tpl.yml

@@ -138,6 +138,9 @@ rancher:
       privileged: true
       read_only: true
       volumes:
+      - /usr/bin/docker-containerd:/usr/bin/docker-containerd.dist:ro
+      - /usr/bin/docker-containerd-shim:/usr/bin/docker-containerd-shim.dist:ro
+      - /usr/bin/docker-runc:/usr/bin/docker-runc.dist:ro
       - /usr/bin/docker:/usr/bin/docker.dist:ro
       - /usr/bin/ros:/usr/bin/dockerlaunch:ro
       - /usr/bin/ros:/usr/bin/user-docker:ro
@@ -328,6 +331,7 @@ rancher:
       volumes:
       - /sys/fs/cgroup:/host/sys/fs/cgroup
   system_docker:
+    exec: true
     args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -b, docker-sys,
       --fixed-cidr, 172.18.42.1/16, --restart=false, -g, /var/lib/system-docker, -G, root,
       -H, 'unix:///var/run/system-docker.sock', --userland-proxy=false]

scripts/build-target

@@ -14,5 +14,7 @@ fi
 
 OUTPUT=${OUTPUT:-bin/ros}
 echo Building $OUTPUT
-go build -tags "selinux cgo daemon netgo" -installsuffix netgo -ldflags "-X github.com/rancher/os/config.VERSION=${VERSION} -linkmode external -extldflags -static" -o ${OUTPUT}
+
+CONST="-X github.com/docker/docker/dockerversion.GitCommit=${COMMIT} -X github.com/docker/docker/dockerversion.Version=${DOCKER_PATCH_VERSION} -X github.com/docker/docker/dockerversion.BuildTime=$(date -u +'%Y-%m-%dT%H:%M:%SZ') -X github.com/docker/docker/dockerversion.IAmStatic=true -X github.com/rancher/os/config.VERSION=${VERSION}"
+go build -tags "selinux cgo daemon netgo" -installsuffix netgo -ldflags "$CONST -linkmode external -extldflags -static" -o ${OUTPUT}
 strip --strip-all ${OUTPUT}

scripts/layout

@@ -17,11 +17,12 @@ mkdir -p ${INITRD_DIR}/usr/{etc,bin,share/ros}
 cp -rf assets/selinux      ${INITRD_DIR}/usr/etc
 cp build/images.tar        ${INITRD_DIR}/usr/share/ros/
 cp bin/ros                 ${INITRD_DIR}/usr/bin/
-cp ${DOWNLOADS}/docker     ${INITRD_DIR}/usr/bin/docker
 ln -s usr/bin/ros          ${INITRD_DIR}/init
 ln -s bin                  ${INITRD_DIR}/usr/sbin
 ln -s usr/sbin             ${INITRD_DIR}/sbin
+ln -s ros                  ${INITRD_DIR}/usr/bin/system-docker
 
+tar xvzf ${DOWNLOADS}/docker.tgz -C ${INITRD_DIR}/usr/bin --strip-components=1
 
 if [ -e ${DOWNLOADS}/kernel.tar.gz ]; then
     mkdir -p ${BUILD}/kernel

scripts/package-rootfs

@@ -16,8 +16,8 @@ DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(unam
 trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT
 docker exec -i ${DFS} docker load < ${INITRD_DIR}/usr/share/ros/images.tar
 docker stop ${DFS}
-docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR}
-docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR}
+docker run --rm --volumes-from=${DFS} rancher/os-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR}
+docker run --rm --volumes-from=${DFS} rancher/os-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR}
 
 tar -cf ${ARTIFACTS}/rootfs.tar  --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .
 tar -rf ${ARTIFACTS}/rootfs.tar  --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .