Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add userns_mode docker config option #1940

Merged
merged 2 commits into from
Nov 4, 2016
Merged

Add userns_mode docker config option #1940

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9750b8c
Add userns_mode docker config option
schmichael Nov 4, 2016
bf5e671
Add changelog entry for userns_mode
schmichael Nov 4, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ IMPROVEMENTS:
* driver/docker: Docker For Mac support [GH-1806]
* driver/docker: Support Docker volumes [GH-1767]
* driver/docker: Allow Docker logging to be configured [GH-1767]
* driver/docker: Add `userns_mode` (`--userns`) support [GH-1940]
* driver/lxc: Support for LXC containers [GH-1699]
* driver/rkt: Support network configurations [GH-1862]
* driver/rkt: Support rkt volumes (rkt >= 1.0.0 required) [GH-1812]
Expand Down
5 changes: 5 additions & 0 deletions client/driver/docker.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,7 @@ type DockerDriverConfig struct {
NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, nat and none
PidMode string `mapstructure:"pid_mode"` // The PID mode of the container - host and none
UTSMode string `mapstructure:"uts_mode"` // The UTS mode of the container - host and none
UsernsMode string `mapstructure:"userns_mode"` // The User namespace mode of the container - host and none
PortMapRaw []map[string]int `mapstructure:"port_map"` //
PortMap map[string]int `mapstructure:"-"` // A map of host port labels and the ports exposed on the container
Privileged bool `mapstructure:"privileged"` // Flag to run the container in privileged mode
Expand Down Expand Up @@ -215,6 +216,9 @@ func (d *DockerDriver) Validate(config map[string]interface{}) error {
"uts_mode": &fields.FieldSchema{
Type: fields.TypeString,
},
"userns_mode": &fields.FieldSchema{
Type: fields.TypeString,
},
"port_map": &fields.FieldSchema{
Type: fields.TypeArray,
},
Expand Down Expand Up @@ -543,6 +547,7 @@ func (d *DockerDriver) createContainer(ctx *ExecContext, task *structs.Task,
hostConfig.IpcMode = driverConfig.IpcMode
hostConfig.PidMode = driverConfig.PidMode
hostConfig.UTSMode = driverConfig.UTSMode
hostConfig.UsernsMode = driverConfig.UsernsMode

hostConfig.NetworkMode = driverConfig.NetworkMode
if hostConfig.NetworkMode == "" {
Expand Down
4 changes: 4 additions & 0 deletions website/source/docs/drivers/docker.html.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,10 @@ The `docker` driver supports the following configuration in the job spec:
the UTS namespace with the host. Note that this also requires the Nomad agent
to be configured to allow privileged containers.

* `userns_mode` - (Optional) `host` or not set (default). Set to `host` to use
the host's user namespace when user namespace remapping is enabled on the
docker daemon.

* `network_mode` - (Optional) The network mode to be used for the container. In
order to support userspace networking plugins in Docker 1.9 this accepts any
value. The default is `bridge` for all operating systems but Windows, which
Expand Down