If a container is using a docker_gwbridge endpoint as its gateway,
when it's connected to another network that provides a gateway, the
docker_gwbridge endpoint is removed when that endpoint is added (in
a recursive nightmare).
So, the "before" gateway for the container has been removed
before the new gateway is updateExternalConnectivity'd.
Don't pass the old gateway to updateExternalConnectivity in that
case, because the network driver's already forgotten about it.
Signed-off-by: Rob Murray <rob.murray@docker.com>
(cherry picked from commit 1731e9e729)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
We've seen various failures recently where GitHub actions runners are
running out of space. Skip this test for now.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3e4a3cb03e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The priority order for determining image store choice was incorrect when
a prior graphdriver existed.
The issue occurred because the prior graphdriver check happened after
processing explicit driver configuration, effectively ignoring user
intent when prior state existed.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit 391247ce96)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
If the DNS name still resolves to an IP address, and that address is
assigned to a running container, the ping command will run indefinitely
and the test suite will time out for 10 mins.
This is confusing, as it looks like a daemon hang, or a test suite hang,
whereas it's just a test failure. Add '-c1' to ping to make it return
immediately.
Signed-off-by: Albin Kerouanton <albin.kerouanton@docker.com>
(cherry picked from commit 53ea70ea46)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Previous commit reverted a faulty change that broke DNS resolution for
non swarm-scoped networks once a node has joined a Swarm cluster.
This commit adds an integration test to verify that we don't break DNS
resolution again.
Signed-off-by: Albin Kerouanton <albin.kerouanton@docker.com>
(cherry picked from commit 47bd247d4d)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Commit a8b9eff90 removed a call to Network.updateSvcRecord from
Network.createEndpoint on the grounds that:
> all callers of Network.createEndpoint follow up with an Endpoint.Join,
> which also sets up the DNS entry.
However, the original call in Network.createEndpoint was gated by:
```
if !n.getController().isSwarmNode() || n.Scope() != scope.Swarm || !n.driverIsMultihost() {
n.updateSvcRecord(context.WithoutCancel(ctx), ep, true)
}
```
whereas the call in Endpoint.sbJoin() (invoked by Endpoint.Join()) is
gated by:
```
if !n.getController().isAgent() {
if !n.getController().isSwarmNode() || n.Scope() != scope.Swarm || !n.driverIsMultihost() {
n.updateSvcRecord(context.WithoutCancel(ctx), ep, true)
}
}
```
As a result, once a node has joined a Swarm cluster, no DNS entries are
created for non swarm-scoped networks.
Change the condition used by `sbJoin` to match the original condition
used in `createEndpoint`.
Signed-off-by: Albin Kerouanton <albin.kerouanton@docker.com>
(cherry picked from commit 2e41476a5f)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
The image exporter wrapper was unconditionally setting `unpack=true` for
all build exports, preventing users from controlling this behavior
through buildkit's output image exporter option.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit b4f9bd1cb3)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Running sub-package tests from the root module without readding the
replace rules wasn't running the tests from the local in-tree versions
of these submodules.
Fix by cd-ing into their directories before running tests.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit 0f597561e8)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
While go1.23 still works, it's already EOL, so it may be a better
starting point to use that as minimum version for these modules, as
they're brand new.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The docker documentation website may not be publishing rendered versions
of the swagger for deprecated API versions, so let's remove these links
from the changelog.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Introduced DefaultIsolation method in the Daemon to return the daemon configured isolation mode for Windows.
Signed-off-by: Vigilans <vigilans@foxmail.com>
These tests were failing because the "docker run" did not print the
ID of the container, and instead detached immediately without printing;
```
=== Failed
=== FAIL: amd64.integration-cli TestDockerCLICommitSuite/TestCommitAfterContainerIsDone (0.27s)
docker_cli_commit_test.go:32: assertion failed:
Command: /usr/local/cli-integration/docker wait
ExitCode: 1
Error: exit status 1
Stdout:
Stderr: invalid container name or ID: value is empty
Failures:
ExitCode was 1 expected 0
Expected no error
--- FAIL: TestDockerCLICommitSuite/TestCommitAfterContainerIsDone (0.27s)
=== FAIL: amd64.integration-cli TestDockerCLICommitSuite/TestCommitWithoutPause (0.20s)
docker_cli_commit_test.go:47: assertion failed:
Command: /usr/local/cli-integration/docker wait
ExitCode: 1
Error: exit status 1
Stdout:
Stderr: invalid container name or ID: value is empty
Failures:
ExitCode was 1 expected 0
Expected no error
--- FAIL: TestDockerCLICommitSuite/TestCommitWithoutPause (0.20s)
```
What happens is that it starts a container with only `stdin` attached, but
no `stdout`, and the behavior changed between versions of the CLI, which
may be either a bugfix or a regression;
docker 28 cli doesn't stay attached:
```bash
Status: Downloaded newer image for docker:28-cli
/ # docker run -i -a stdin busybox echo foo
/ #
```
docker 27 cli stays attached, but has the "three strikes, you're out" handling:
```bash
docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock docker:27-cli sh
Status: Downloaded newer image for docker:27-cli
/ # docker run -i -a stdin busybox echo foo
9dbb29080a72225593885bc4880d8f4f22f36803100179f9725468bda1d52b4f
^C^C^C
got 3 SIGTERM/SIGINTs, forcefully exiting
/ # ^C
```
docker 26 cli (and older) don't forward the signal to the container, and detach-keys don't work (or in this case, are handled by the CLI container)?:
```bash
docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock docker:26-cli sh
Status: Downloaded newer image for docker:26-cli
/ # docker run -i -a stdin busybox echo foo
21963ce1b9a7bb7eccef3618693b09a106fb29084b484e31c69cd4a26ee44777
^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C
<CTRL>p,q
```
As these tests were not testing that part, I simplified the tests, but
we should probably look into the change of behavior to see if it was
intentional (and if it was correct).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
