Commits on Jan 19, 2024

1. daemon: set libnetwork sandbox key w/o OCI hook …

   Signed-off-by: Cory Snider <csnider@mirantis.com>

   

   corhere authored and robmry committed Jan 19, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 0046b16
   • Browse repository at this point

   Copy the full SHA

   0046b16 View commit details

   Browse the repository at this point in the history

2. Detect IPv6 support in containers. …

   Some configuration in a container depends on whether it has support for
   IPv6 (including default entries for '::1' etc in '/etc/hosts').
   
   Before this change, the container's support for IPv6 was determined by
   whether it was connected to any IPv6-enabled networks. But, that can
   change over time, it isn't a property of the container itself.
   
   So, instead, detect IPv6 support by looking for '::1' on the container's
   loopback interface. It will not be present if the kernel does not have
   IPv6 support, or the user has disabled it in new namespaces by other
   means.
   
   Once IPv6 support has been determined for the container, its '/etc/hosts'
   is re-generated accordingly.
   
   The daemon no longer disables IPv6 on all interfaces during initialisation.
   It now disables IPv6 only for interfaces that have not been assigned an
   IPv6 address. (But, even if IPv6 is disabled for the container using the
   sysctl 'net.ipv6.conf.all.disable_ipv6=1', interfaces connected to IPv6
   networks still get IPv6 addresses that appear in the internal DNS. There's
   more to-do!)
   
   Signed-off-by: Rob Murray <rob.murray@docker.com>

   

   robmry committed Jan 19, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for a8f7c5e
   • Browse repository at this point

   Copy the full SHA

   a8f7c5e View commit details

   Browse the repository at this point in the history