Commit graph

30 commits

Author SHA1 Message Date
Antonio Murdaca
f35a0f3210 pkg: authorization: do not register the same plugin
This patches avoids registering (and calling) the same plugin more than
once. Using an helper map which indexes by name guarantees this and keeps
the order.
The behavior of overriding the same name in a flag is consistent with,
for instance, the `docker run -v /test -v /test` flag which register
the volume just once.
Adds integration tests.

Without this patch:
```
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.080901676+01:00" level=debug msg="Calling
GET
/v1.22/info"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.081213202+01:00" level=debug msg="AuthZ
request using plugin docker-novolume-plugin"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.081268132+01:00" level=debug
msg="docker-novolume-plugin implements: authz"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.081699788+01:00" level=debug msg="AuthZ
request using plugin docker-novolume-plugin"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.081762507+01:00" level=debug
msg="docker-novolume-plugin implements: authz"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.082092480+01:00" level=debug msg="GET
/v1.22/info"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.628691038+01:00" level=debug msg="AuthZ
response using plugin docker-novolume-plugin"
Dec 20 19:34:52 localhost.localdomain docker[9988]:
time="2015-12-20T19:34:52.629880930+01:00" level=debug msg="AuthZ
response using plugin docker-novolume-plugin"
```

With this patch:
```
Dec 20 19:37:32 localhost.localdomain docker[16620]:
time="2015-12-20T19:37:32.376523958+01:00" level=debug msg="Calling
GET
/v1.22/info"
Dec 20 19:37:32 localhost.localdomain docker[16620]:
time="2015-12-20T19:37:32.376715483+01:00" level=debug msg="AuthZ
request using plugin docker-novolume-plugin"
Dec 20 19:37:32 localhost.localdomain docker[16620]:
time="2015-12-20T19:37:32.376771230+01:00" level=debug
msg="docker-novolume-plugin implements: authz"
Dec 20 19:37:32 localhost.localdomain docker[16620]:
time="2015-12-20T19:37:32.377698897+01:00" level=debug msg="GET
/v1.22/info"
Dec 20 19:37:32 localhost.localdomain docker[16620]:
time="2015-12-20T19:37:32.951016441+01:00" level=debug msg="AuthZ
response using plugin docker-novolume-plugin"
```

Also removes a somehow duplicate debug statement (leaving only the
second one as it's a loop of plugin's manifest):
```
Dec 20 19:52:30 localhost.localdomain docker[25767]:
time="2015-12-20T19:52:30.544090518+01:00" level=debug
msg="docker-novolume-plugin's manifest: &{[authz]}"
Dec 20 19:52:30 localhost.localdomain docker[25767]:
time="2015-12-20T19:52:30.544170677+01:00" level=debug
msg="docker-novolume-plugin implements: authz"
```

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-23 21:08:40 +01:00
Antonio Murdaca
bc21007445 authZ: more fixes
- fix naming and formatting
- provide more context when erroring auth
- do not capitalize errors
- fix wrong documentation
- remove ugly remoteError{}

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-18 16:29:01 +01:00
Antonio Murdaca
a82080a992 pkg: plugins: remove dead code
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-17 11:05:50 +01:00
Antonio Murdaca
b171259dde pkg: plugins: fix and better handle errors
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-15 17:51:48 +01:00
Lei Jitang
a1a4101b73 pkg/plugins/client.go: don't try to encode os decode if it's nil
When user call the `Call()` method, they don't always want to sent
some args or get the return value, so they use `nil` when call `Call()`
method and this will casue an error. It's better to not trying to
encode or decode if it's nil.

Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-12-05 02:55:50 -05:00
Phil Estes
e118299052 Add user namespace (mapping) support to the Docker engine
Adds support for the daemon to handle user namespace maps as a
per-daemon setting.

Support for handling uid/gid mapping is added to the builder,
archive/unarchive packages and functions, all graphdrivers (except
Windows), and the test suite is updated to handle user namespace daemon
rootgraph changes.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2015-10-09 17:47:37 -04:00
Jess Frazelle
790b9791fd Merge pull request #13777 from cpuguy83/graphdriver_extpoints
Create extpoint for graphdrivers
2015-10-08 13:46:42 -07:00
Alexandre Beslic
9e0bd3aca0 Merge pull request #16494 from calavera/fix_plugin_url_scheme
Do not hardcode http as plugin URL scheme for secure connections.
2015-09-23 16:18:00 -07:00
Brian Goff
3b036bd029 Add README for pluginrpc-gen
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-09-22 19:34:44 -04:00
David Calavera
f624804e8f Do not hardcode http as plugin URL scheme for secure connections.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-22 15:54:29 -04:00
Brian Goff
18649f7bf0 Create extpoint for graphdrivers
Allows people to create out-of-process graphdrivers that can be used
with Docker.

Extensions must be started before Docker otherwise Docker will fail to
start.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-09-09 20:24:35 -04:00
Vincent Demeester
721af25e56 Lint package pkg/plugins/pluginrpc-gen
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-09-05 23:15:13 +02:00
Stephen Rust
7eb8f570af Retry registering a volume driver
Signed-off-by: Stephen Rust <srust@blockbridge.com>
2015-09-01 14:56:29 -04:00
Brian Goff
1858b15498 Add volume API/CLI
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-08-26 13:37:52 -04:00
Darren Shepherd
bf81718eba Don't globally lock on driver initialization
This patch makes it such that plugin initialization is synchronized
based on the plugin name and not globally

Signed-off-by: Darren Shepherd <darren@rancher.com>
2015-08-18 22:25:30 -07:00
Vincent Demeester
9bcb3cba83 Lint on pkg/* packages
- pkg/useragent
- pkg/units
- pkg/ulimit
- pkg/truncindex
- pkg/timeoutconn
- pkg/term
- pkg/tarsum
- pkg/tailfile
- pkg/systemd
- pkg/stringutils
- pkg/stringid
- pkg/streamformatter
- pkg/sockets
- pkg/signal
- pkg/proxy
- pkg/progressreader
- pkg/pools
- pkg/plugins
- pkg/pidfile
- pkg/parsers
- pkg/parsers/filters
- pkg/parsers/kernel
- pkg/parsers/operatingsystem

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-07-27 21:26:21 +02:00
Sebastiaan van Stijn
8e5b6040fa Merge pull request #13951 from calavera/plugins_path
Separate plugin sockets and specs.
2015-07-17 21:11:31 +02:00
David Calavera
bee3972856 Separate plugin sockets and specs.
Check if there is a plugin socket first under `/run/docker/plugins/NAME.sock`.
If there is no socket for a plugin, check `/etc/docker/plugins/NAME.spec` and
`/usr/lib/docker/plugins/NAME.spec` for spec files.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-07-16 14:20:07 -07:00
root
b220cdfe3b time duration should be nano seconds, gccgo treats it as zero
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-07-13 18:01:43 +00:00
Michael Crosby
dbb8849289 Merge pull request #13835 from cpuguy83/gen-prc
generate plugin clients via template
2015-07-07 17:17:39 -07:00
David Calavera
7312c4b8bb Plugins JSON spec.
Allow full configuration of external plugins via a JSON document.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-06-29 10:32:18 -07:00
Brian Goff
f666eef0d4 generate plugin clients via template
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-06-10 11:41:40 -04:00
Zefan Li
2f287cc873 Don't forget to clenaup tmpdir in TestFileSpecPlugin()
Also remove redundant code.

Signed-off-by: Zefan Li <lizefan@huawei.com>
2015-06-04 21:26:15 +08:00
Phil Estes
93b26d601b Merge pull request #13577 from WeiZhang555/httpClose
bug fix: close http response body no longer in use
2015-05-29 16:59:17 -04:00
Zhang Wei
a0e7dc03a2 return error when failed to read http response body
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-05-29 12:52:51 +08:00
Zhang Wei
eb82070d00 bug fix: close http response body no longer in use
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-05-29 12:03:40 +08:00
David Calavera
83e643da0d Volumes refactor and external plugin implementation.
Signed by all authors:

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Signed-off-by: Luke Marsden <luke@clusterhq.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-05-21 20:34:17 -07:00
Madhu Venugopal
bca14f8730 Fixing a Typo in plugins mime-type
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2015-05-16 08:49:23 -07:00
Madhu Venugopal
1501e01cae Allow to call back when a plugin is loaded.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2015-05-15 13:50:44 -07:00
David Calavera
774251695e Remote plugins plumbing.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-05-15 11:04:58 -07:00