Ubuntu 16.10 has been released http://releases.ubuntu.com/yakkety/
Note that this is a short-term release, so will
EOL (and removed again) in 9 months
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 27beb64d468614db0eb7344340d39b5619219a7d
Component: engine
Until we can support existing behaviour with `sudo` disable
ambient capabilities in runc build.
Add tests that non root user cannot use default capabilities,
and that capabilities are working as expected.
Test for #27590
Update runc.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: c5251f7116e3d9095a7169fc31bd170dff997c2e
Component: engine
this switches all go download links to use a redirect,
https://golang.org/dl/ instead of the direct source.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: 732d1035d2f1d8f0b6f3410035fa393431b93d89
Component: engine
This adds 'make deb' support for yakkety yak on ppc64le
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: da382044d3630bcdeb1eac64f2f7ad476e0cf007
Component: engine
Updates the ppc64le `make deb` trusty download link to be
consistent with the other Dockerfiles. Also minor clarification
to how we install go.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: 629e85ad8975046eba3a88fdc8448759525e27bd
Component: engine
Although primarily a human readable script, it is quite useful
to return success or failure from this script so it can be used
as a basic test.
Fail if any check fails, including some that are optional,
other than the storage driver tests, where only one needs to
succeed, so the system has at least one workable storage driver.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 6d116ffbbbc597994855f1b6fe86af324ac649de
Component: engine
Previously, when the graphdir was a root of a mountpoint, we would not
be able to cleanup the graphdir, as the script would umount in case
target dir is a mount itself
```/etc/mtab
/dev/xvdc1 /var/lib/docker btrfs
```
When running the script, the graphdir would be unmounted and it would
remove a (possibly) empty folder.
```
Nuking /var/lib/docker ...
(if this is wrong, press Ctrl+C NOW!)
+ sleep 10
+ umount -f /var/lib/docker
+ rm -rf /var/lib/docker
```
This PR includes the necessary changes to nuke the folder on this
scenario, including when the graphdir is a btrfs mount iself.
Signed-off-by: Bruno Tavares <btavare@thoughtworks.com>
Upstream-commit: 5f98b977496b5c8430162b129cb94c88efb0f3b6
Component: engine
--group-add was used for specifying groups for both service create
and service update. For create it was confusing since we don't have
an existing set of groups. Instead I added --group to create, and
moved --group-add to service update only, like --group-rm
This deals with issue 27646
Signed-off-by: Lily Guo <lily.guo@docker.com>
Update flag documentation
Specify that --group, --group-add and --groupd-rm refers to
supplementary user groups
Signed-off-by: Lily Guo <lily.guo@docker.com>
Fix docs for groups and update completion scripts
Signed-off-by: Lily Guo <lily.guo@docker.com>
Upstream-commit: 2f58494ae6e796325329f849cf547bcf94bb68e3
Component: engine
A HealthConfig entry was added to the ContainerSpec associated with the
service being created or updated.
Signed-off-by: Cezar Sa Espinola <cezarsa@gmail.com>
Upstream-commit: 7bd2611789e6898576f7229255c238f7c1129293
Component: engine
Many distributions now use ext4 to provide ext2 and ext3 support,
so do not warn about possibly missing ext3 support if the config
option is used.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: b28619046a92977f33be6b3ddba5e60c589b3c0f
Component: engine
The --name flag was inadvertently added to
docker service update, but is not supported,
as it has various side-effects (e.g., existing
tasks are not renamed).
This removes the flag from the service update
command.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 047e44eeb186a8bde41765a44c5966a150fa84f3
Component: engine
