Akihiro Suda AkihiroSuda
AkihiroSuda
/ docker-no-abstract-socket
Created
November 29, 2020 17:13
AppArmor profile: docker-no-abstract-socket
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <tunables/global> | |
| profile docker-no-abstract-socket flags=(attach_disconnected,mediate_deleted) { | |
| #include <abstractions/base> | |
| network, | |
| capability, | |
| file, | |
| umount, | |
| signal (receive) peer=unconfined, | |
| signal (send,receive) peer=docker-no-abstract-socket, | |
| deny @{PROC}/* w, |
AkihiroSuda
/ dinlxd-nightly.sh
Created
October 15, 2018 08:16
Create nightly Docker-in-LXD environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Create Docker-in-LXD environment | |
| set -exu -o pipefail | |
| if [[ $# -ne 1 ]]; then | |
| echo "Usage: $0 NAME" | |
| exit 1 | |
| fi | |
| CONTAINER=$1 | |
| POOL=pool-dir |
AkihiroSuda
/ Dockerfile
Created
July 24, 2018 07:11
Docker v18.06 `RUN --mount=type=cache` example (keep /var/cache/apt)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # syntax = tonistiigi/dockerfile:runmount20180618 | |
| # | |
| # `RUN --mount` example. Requires Docker v18.06 with `DOCKER_BUILDKIT=1`. | |
| # | |
| # `RUN --mount=... apt install <PKGS>` should finish immediately even when some packages are added to <PKGS> or built with `docker build --no-cache`. | |
| FROM ubuntu | |
| RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache | |
| RUN --mount=type=cache,target=/var/cache/apt,sharing=locked --mount=type=cache,target=/var/lib/apt,sharing=locked \ | |
| apt update && apt install -y gcc |
AkihiroSuda
/ config.json
Created
January 15, 2018 09:48
For apt in rootless runc with --force-mapping-tool (PR: XXXX)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "ociVersion": "1.0.0", | |
| "process": { | |
| "terminal": true, | |
| "user": { | |
| "uid": 0, | |
| "gid": 0 | |
| }, | |
| "args": [ | |
| "bash" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "ociVersion": "1.0.0", | |
| "process": { | |
| "terminal": true, | |
| "user": { | |
| "uid": 0, | |
| "gid": 0 | |
| }, | |
| "args": [ | |
| "sh" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "ociVersion": "1.0.0", | |
| "process": { | |
| "terminal": true, | |
| "user": { | |
| "uid": 0, | |
| "gid": 0 | |
| }, | |
| "args": [ | |
| "sh" |
AkihiroSuda
/ docker-20836-stack.txt
Last active
March 10, 2016 02:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| INFO[0344] === BEGIN goroutine stack dump === | |
| goroutine 26 [running]: | |
| github.com/docker/docker/pkg/signal.DumpStacks() | |
| /usr/src/docker/.gopath/src/github.com/docker/docker/pkg/signal/trap.go:67 +0x98 | |
| github.com/docker/docker/daemon.setupDumpStackTrap.func1(0xc820146b40) | |
| /usr/src/docker/.gopath/src/github.com/docker/docker/daemon/debugtrap_unix.go:18 +0x5e | |
| created by github.com/docker/docker/daemon.setupDumpStackTrap | |
| /usr/src/docker/.gopath/src/github.com/docker/docker/daemon/debugtrap_unix.go:20 +0x12a |
AkihiroSuda
/ etcd-4006-trace-2.txt
Created
December 16, 2015 08:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2015/12/16 08:19:59 store.index: compact 1 | |
| 2015/12/16 08:19:59 store.index: compact 2 | |
| 2015/12/16 08:19:59 store.index: compact 3 | |
| 2015/12/16 08:19:59 store.index: compact 4 | |
| 2015/12/16 08:19:59 store.index: compact 5 | |
| 2015/12/16 08:19:59 store.index: compact 6 | |
| 2015/12/16 08:19:59 store.index: compact 7 | |
| 2015/12/16 08:19:59 store.index: compact 8 | |
| 2015/12/16 08:19:59 store.index: compact 9 | |
| 2015/12/16 08:19:59 store.index: compact 10 |
AkihiroSuda
/ etcd-4006-trace.txt
Created
December 16, 2015 08:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cd etcd | |
| $ git checkout a907ca5e62503e9ee2f3db95024f00e92e374586 (Dec 16, 2015) | |
| $ ./test | |
| 2015/12/16 05:43:24 store.index: compact 1 | |
| 2015/12/16 05:43:24 store.index: compact 2 | |
| 2015/12/16 05:43:24 store.index: compact 3 | |
| 2015/12/16 05:43:24 store.index: compact 4 | |
| 2015/12/16 05:43:24 store.index: compact 5 | |
| 2015/12/16 05:43:24 store.index: compact 6 | |
| 2015/12/16 05:43:24 store.index: compact 7 |