InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
54,515 Commits 21 Branches 532 Tags
42ba5466c7e82eae0a2013559e852012c8414864
Commit Graph

119 Commits

Author SHA1 Message Date
Austin Vazquez
42ba5466c7 api: rename volumes.CreateOptions to volumes.CreateRequest 
Signed-off-by: Austin Vazquez <austin.vazquez@docker.com>
 2025-10-20 13:23:41 -05:00
Cory Snider
778e5bfad3 api/types/filters: move to daemon/internal 
Most of the code in the filters package relates to the unmarshaling,
validation and application of filters from client requests. None of this
is necessary or particularly useful for Go SDK users. Move the full-fat
filters package into daemon/internal and switch all the daemon code to
import that package so we are free to iterate upon the code without
worrying about source-code interface compatibility.

Signed-off-by: Cory Snider <csnider@mirantis.com>
 2025-10-08 12:06:26 -04:00
Austin Vazquez
c646091d57 api: move container port type to network package 
Signed-off-by: Austin Vazquez <austin.vazquez@docker.com>
 2025-10-03 17:30:42 -05:00
Cory Snider
fd4329a620 api/types/container: use netip types as appropriate 
Signed-off-by: Cory Snider <csnider@mirantis.com>
 2025-10-03 21:39:14 +02:00
Cory Snider
a90adb6dc1 api/types/network: use netip types as appropriate 
And generate the ServiceInfo struct from the Swagger spec.

Signed-off-by: Cory Snider <csnider@mirantis.com>
 2025-10-03 21:39:14 +02:00
Austin Vazquez
cb3abacc52 api/types/container: add network port and port range types 
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Co-authored-by: Cory Snider <csnider@mirantis.com>
Signed-off-by: Austin Vazquez <austin.vazquez@docker.com>
 2025-10-02 13:59:34 -05:00
Austin Vazquez
1b4fcb8da7 api/types/network: move CreateOptions type to client module 
Signed-off-by: Austin Vazquez <austin.vazquez@docker.com>
 2025-08-27 08:10:20 -05:00
Derek McGowan
f74e5d48b3 Create github.com/moby/moby/v2 module 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2025-07-31 10:13:29 -07:00
Sebastiaan van Stijn
d58dc493fe replace direct uses of nat types for api/types/container aliases 
Follow-up to 494677f93f, which added
the aliases, but did not yet replace our own use of the nat types.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-07-31 02:57:39 +02:00
Derek McGowan
afd6487b2e Create github.com/moby/moby/api module 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2025-07-21 09:30:05 -07:00
Derek McGowan
7a720df61f Move libnetwork to daemon/libnetwork 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2025-07-14 09:25:23 -07:00
Matthieu MOREL
b8a4f6534f fix stringsCompare and stringConcatSimplify from go-critic 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2025-06-07 09:57:59 +02:00
Sebastiaan van Stijn
986ec3f877 daemon/cluster: remove // import comments 
These comments were added to enforce using the correct import path for
our packages ("github.com/docker/docker", not "github.com/moby/moby").
However, when working in go module mode (not GOPATH / vendor), they have
no effect, so their impact is limited.

Remove these imports in preparation of migrating our code to become an
actual go module.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-05-30 15:59:11 +02:00
Sebastiaan van Stijn
d9cf097402 daemon/cluster/executor/container: make switches exhaustive (exhaustive) 
Adding a `default` statement so that disabling the "default-signifies-exhaustive"
linter option will  make it show up.

    daemon/cluster/executor/container/adapter.go:351:3: missing cases in switch of type api.Mount_MountType: api.MountTypeVolume, api.MountTypeTmpfs, api.MountTypeNamedPipe, api.MountTypeCluster (exhaustive)
            switch mount.Type {
            ^
    daemon/cluster/executor/container/adapter.go:540:4: missing cases in switch of type api.LogStream: api.LogStreamUnknown (exhaustive)
                switch stream {
                ^
    daemon/cluster/executor/container/container.go:715:3: missing cases in switch of type api.Privileges_SeccompOpts_SeccompMode: api.Privileges_SeccompOpts_DEFAULT (exhaustive)
            switch seccomp.Mode {
            ^
    daemon/cluster/executor/container/controller.go:257:4: missing cases in switch of type events.Action: events.ActionCreate, events.ActionStart, events.ActionRestart, events.ActionStop, events.ActionCheckpoint, events.ActionPause, events.ActionUnPause, events.ActionAttach, events.ActionDetach, events.ActionResize, events.ActionUpdate, events.ActionRename, events.ActionKill, events.ActionOOM, events.ActionRemove, events.ActionCommit, events.ActionTop, events.ActionCopy, events.ActionArchivePath, events.ActionExtractToDir, events.ActionExport, events.ActionImport, events.ActionSave, events.ActionLoad, events.ActionTag, events.ActionUnTag, events.ActionPush, events.ActionPull, events.ActionPrune, events.ActionDelete, events.ActionEnable, events.ActionDisable, events.ActionConnect, events.ActionDisconnect, events.ActionReload, events.ActionMount, events.ActionUnmount, events.ActionExecCreate, events.ActionExecStart, events.ActionExecDie, events.ActionExecDetach, events.ActionHealthStatus, events.ActionHealthStatusRunning (exhaustive)
                switch event.Action {
                ^
    daemon/cluster/executor/container/controller.go:480:4: missing cases in switch of type events.Action: events.ActionCreate, events.ActionStart, events.ActionRestart, events.ActionStop, events.ActionCheckpoint, events.ActionPause, events.ActionUnPause, events.ActionAttach, events.ActionDetach, events.ActionResize, events.ActionUpdate, events.ActionRename, events.ActionKill, events.ActionDie, events.ActionOOM, events.ActionDestroy, events.ActionRemove, events.ActionCommit, events.ActionTop, events.ActionCopy, events.ActionArchivePath, events.ActionExtractToDir, events.ActionExport, events.ActionImport, events.ActionSave, events.ActionLoad, events.ActionTag, events.ActionUnTag, events.ActionPush, events.ActionPull, events.ActionPrune, events.ActionDelete, events.ActionEnable, events.ActionDisable, events.ActionConnect, events.ActionDisconnect, events.ActionReload, events.ActionMount, events.ActionUnmount, events.ActionExecCreate, events.ActionExecStart, events.ActionExecDie, events.ActionExecDetach, events.ActionHealthStatus, events.ActionHealthStatusRunning, events.ActionHealthStatusHealthy, events.ActionHealthStatusUnhealthy (exhaustive)
                switch event.Action {
                ^
    daemon/cluster/executor/container/controller.go:723:4: missing cases in switch of type events.Action: events.ActionCreate, events.ActionStart, events.ActionRestart, events.ActionStop, events.ActionCheckpoint, events.ActionPause, events.ActionUnPause, events.ActionAttach, events.ActionDetach, events.ActionResize, events.ActionUpdate, events.ActionRename, events.ActionKill, events.ActionDie, events.ActionOOM, events.ActionDestroy, events.ActionRemove, events.ActionCommit, events.ActionTop, events.ActionCopy, events.ActionArchivePath, events.ActionExtractToDir, events.ActionExport, events.ActionImport, events.ActionSave, events.ActionLoad, events.ActionTag, events.ActionUnTag, events.ActionPush, events.ActionPull, events.ActionPrune, events.ActionDelete, events.ActionEnable, events.ActionDisable, events.ActionConnect, events.ActionDisconnect, events.ActionReload, events.ActionMount, events.ActionUnmount, events.ActionExecCreate, events.ActionExecStart, events.ActionExecDie, events.ActionExecDetach, events.ActionHealthStatus, events.ActionHealthStatusRunning, events.ActionHealthStatusHealthy (exhaustive)
                switch event.Action {
                ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-02-09 13:22:52 +01:00
Sebastiaan van Stijn
8705018705 daemon/cluster/executor: containerConfig: store Network instead of envelope 
The Network field is the only field used from the NetworkAttachment within
this code. Remove the NetworkAttachment envelope, and store the Network
field directly instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-01-27 12:30:32 +01:00
Sebastiaan van Stijn
90323ae123 daemon/cluster/executor: networkCreateRequest: not a method 
This method was called in a loop, iterating over the container config's
network-attachments. It was defined as a method, but only to lookup
the same attachment we just iterated over existed, and to obtain a copy.
As there were no goroutines involved, dereferencing should not be an issue
and with Go 1.22+, dereferencing loop vars is no longer needed at all,
so we can change this method to a regular constructor; also removing the
redundant error-return in the process.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-01-27 12:30:32 +01:00
Sebastiaan van Stijn
f5f4a062a5 daemon/cluster/executor: networkCreateRequest: slight DRY cleanup 
All of this function only referenced the Network field in the attachment;
use an intermediate variable to make the code less repetitive.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-01-27 12:30:32 +01:00
Sebastiaan van Stijn
16770340ea daemon/cluster/executor: networkCreateRequest don't shadow config 
c is used as name for the containerConfig receiver; remove the intermediate
variable so that we don't shadow it. There's no bug here, because a new
variable is created; just to prevent confusion and to make linters happier.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-01-27 12:30:31 +01:00
Rob Murray
1f542d5d6c Set EnableIPv4 for predefined networks 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2024-07-31 18:38:43 +01:00
Sebastiaan van Stijn
517fb0991e api/types/container: provide alias for github.com/docker/go-units.Ulimit 
This type is included in various types used in the API, but comes from
a separate module. The go-units module may be moving to the moby org,
and it is yet to be decided if the Ulimit type is a good fit for that
module (which deals with more generic units, such as "size" and "duration"
otherwise).

This patch introduces an alias to help during the transition of this type
to it's new location. The alias makes sure that existing code continues
to work (at least for now), but we need to start updating such code after
this PR is merged.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2024-06-18 13:18:20 +02:00
Sebastiaan van Stijn
25f44885ed daemon/cluster/executor/container: use consistent alias for import 
The canonical alias is "containertypes" for this import.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2024-06-18 13:11:34 +02:00
Sebastiaan van Stijn
4ea464d1a7 Merge pull request #47950 from psaintlaurent/ENGINE-903 
Add OOMScoreAdj to the moby API
 2024-06-17 22:58:24 +02:00
plaurent
b640582436 Add OomScoreAdj options 
Signed-off-by: plaurent <patrick@saint-laurent.us>
 2024-06-17 12:01:06 -04:00
Arash Deshmeh
dd1ca95ef9 Add exec option to API TmpfsOptions 
Includes two commits from Arash Deshmeh:

add exec option to API TmpfsOptions and the related volume functions

Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

feature: daemon handles tmpfs mounts exec option

Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

Updated by Drew Erny

Signed-off-by: Drew Erny <derny@mirantis.com>
 2024-06-14 12:11:20 -05:00
Sebastiaan van Stijn
ad6edc139f api/types: move NetworkCreate, NetworkCreateRequest to api/types/network 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2024-06-07 11:11:15 +02:00
Albin Kerouanton
163c6ca9ad api: Make EnableIPv6 optional 
Currently, starting dockerd with
`--default-network-opt=bridge=com.docker.network.enable_ipv6=true` has
no effect as `NetworkCreateRequest.EnableIPv6` is a basic bool.

This change makes it a `*bool` to make it optional. If clients don't
specify it, the default-network-opt will be applied.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
 2024-06-04 21:36:18 +02:00
Paweł Gronowski
d3c051318f daemon/cluster/executor: Add volume Subpath 
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2024-04-15 14:14:32 +02:00
Paweł Gronowski
6100190e5c daemon/cluster/executer: Add missing StartInterval 
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2024-01-22 14:42:17 +01:00
Sebastiaan van Stijn
cff4f20c44 migrate to github.com/containerd/log v0.1.0 
The github.com/containerd/containerd/log package was moved to a separate
module, which will also be used by upcoming (patch) releases of containerd.

This patch moves our own uses of the package to use the new module.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-11 17:52:23 +02:00
Drew Erny
42a51cb285 Add support for swarm seccomp and apparmor 
And also no-new-privileges

Signed-off-by: Drew Erny <derny@mirantis.com>
 2023-09-25 12:38:26 -05:00
Albin Kerouanton
7ec9f304e9 daemon/cluster: create managed ctr with multiple EndpointsConfig 
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
 2023-09-15 14:30:03 +02:00
Albin Kerouanton
78479b1915 libnet: Make sure network names are unique 
Fixes #18864, #20648, #33561, #40901.

[This GH comment][1] makes clear network name uniqueness has never been
enforced due to the eventually consistent nature of Classic Swarm
datastores:

> there is no guaranteed way to check for duplicates across a cluster of
> docker hosts.

And this is further confirmed by other comments made by @mrjana in that
same issue, eg. [this one][2]:

> we want to adopt a schema which can pave the way in the future for a
> completely decentralized cluster of docker hosts (if scalability is
> needed).

This decentralized model is what Classic Swarm was trying to be. It's
been superseded since then by Docker Swarm, which has a centralized
control plane.

To circumvent this drawback, the `NetworkCreate` endpoint accepts a
`CheckDuplicate` flag. However it's not perfectly reliable as it won't
catch concurrent requests.

Due to this design decision, API clients like Compose have to implement
workarounds to make sure names are really unique (eg.
docker/compose#9585). And the daemon itself has seen a string of issues
due to that decision, including some that aren't fixed to this day (for
instance moby/moby#40901):

> The problem is, that if you specify a network for a container using
> the ID, it will add that network to the container but it will then
> change it to reference the network by using the name.

To summarize, this "feature" is broken, has no practical use and is a
source of pain for Docker users and API consumers. So let's just remove
it for _all_ API versions.

[1]: https://github.com/moby/moby/issues/18864#issuecomment-167201414
[2]: https://github.com/moby/moby/issues/18864#issuecomment-167202589

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
 2023-09-12 10:40:13 +02:00
Sebastiaan van Stijn
1148a24e64 migrate to new github.com/distribution/reference module 
The "reference" package was moved to a separate module, which was extracted
from b9b19409cf

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-05 12:09:26 +02:00
Sebastiaan van Stijn
70ad5b818f api/types/events: make events.Type an actual type 
This type was added in 247f4796d2, and
at the time was added as an alias for string;

> api/types/events: add "Type" type for event-type enum
>
> Currently just an alias for string, but we can change it to be an
> actual type.

Now that all code uses the defined types, we should be able to make
this an actual type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-08-28 13:12:38 +02:00
Sebastiaan van Stijn
6ec03d6745 libnetwork: move datastore Scope consts to libnetwork/scope 
The "Capability" type defines DataScope and ConnectivityScope fields,
but their value was set from consts in the datastore package, which
required importing that package and its dependencies for the consts
only.

This patch:

- Moves the consts to a separate "scope" package
- Adds aliases for the consts in the datastore package.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-07-28 21:56:48 +02:00
Sebastiaan van Stijn
8846c7e0ae daemon/cluster/executor/container: fix mixed pointer/value receiver 
Got a linter warning on this one, and I don't think eventFilter() was
intentionally using a value (not pointer).

> Struct containerConfig has methods on both value and pointer receivers.
> Such usage is not recommended by the Go Documentation

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-07-04 00:04:24 +02:00
Sebastiaan van Stijn
9f4acceb6a remove redundant alias for libnetwork/datastore imports 
These aliases were not needed, and only used in a couple of places,
which made it inconsistent, so let's use the import without aliasing.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-07-03 23:47:40 +02:00
Brian Goff
74da6a6363 Switch all logging to use containerd log pkg 
This unifies our logging and allows us to propagate logging and trace
contexts together.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2023-06-24 00:23:44 +00:00
Akihiro Suda
038a361a91 daemon/cluster: convert new BindOptions 
Convert CreateMountpoint, ReadOnlyNonRecursive, and ReadOnlyForceRecursive.

See moby/swarmkit PR 3134

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-06-08 10:17:04 +09:00
Sebastiaan van Stijn
d8b784a15e daemon/cluster: inline filters 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-25 15:17:44 +02:00
Sebastiaan van Stijn
9861dd069b vendor: github.com/moby/swarmkit/v2 v2.0.0-20220721174824-48dd89375d0a 
full diff: 6068d1894d...48dd89375d

Finishes off the work to change references to cluster volumes in the API
from using "csi" as the magic word to "cluster". This reflects that the
volumes are "cluster volumes", not "csi volumes".

Notably, there is no change to the plugin definitions being "csinode"
and "csicontroller". This terminology is appropriate with regards to
plugins because it accurates reflects what the plugin is.

Signed-off-by: Drew Erny <derny@mirantis.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-08-09 14:03:50 +02:00
Drew Erny
240a9fcb83 Add Swarm cluster volume supports 
Adds code to support Cluster Volumes in Swarm using CSI drivers.

Signed-off-by: Drew Erny <derny@mirantis.com>
 2022-05-13 00:55:44 +02:00
Sebastiaan van Stijn
64e96932bd api: rename volume.VolumeCreateBody to volume.CreateOptions 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-04-28 22:39:14 +02:00
Sebastiaan van Stijn
3cae9fef16 imports: remove "volumetypes" aliases for api/types/volume 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-04-28 22:39:04 +02:00
Cory Snider
1c129103b4 Bump swarmkit to v2 
Signed-off-by: Cory Snider <csnider@mirantis.com>
 2022-04-21 17:33:07 -04:00
Brian Goff
4b981436fe Fixup libnetwork lint errors 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2021-06-01 23:48:32 +00:00
Brian Goff
a0a473125b Fix libnetwork imports 
After moving libnetwork to this repo, we need to update all the import
paths for libnetwork to point to docker/docker/libnetwork instead of
docker/libnetwork.
This change implements that.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2021-06-01 21:51:23 +00:00
Albin Kerouanton
c76f380bea Add ulimits support to services 
Add Ulimits field to the ContainerSpec API type and wire it to Swarmkit.

This is related to #40639.

Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
 2020-07-29 02:09:06 +02:00
Brian Goff
24f173a003 Replace service "Capabilities" w/ add/drop API 
After dicussing with maintainers, it was decided putting the burden of
providing the full cap list on the client is not a good design.
Instead we decided to follow along with the container API and use cap
add/drop.

This brings in the changes already merged into swarmkit.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-07-27 10:09:42 -07:00
Sebastiaan van Stijn
157c53c8e0 Add API support for PidsLimit on services 
Support for PidsLimit was added to SwarmKit in docker/swarmkit/pull/2415,
but never exposed through the Docker remove API.

This patch exposes the feature in the repote API.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-04-15 22:37:42 +02:00