2016-09-08 13:11:39 -04:00
package container
import (
2018-05-03 21:02:44 -04:00
"context"
2016-09-08 13:11:39 -04:00
"fmt"
"io"
"os"
2018-12-13 06:59:35 -05:00
"regexp"
2016-09-08 13:11:39 -04:00
2020-05-27 14:32:22 -04:00
"github.com/containerd/containerd/platforms"
2017-04-17 18:07:56 -04:00
"github.com/docker/cli/cli"
"github.com/docker/cli/cli/command"
2022-03-30 09:27:25 -04:00
"github.com/docker/cli/cli/command/completion"
2017-04-17 18:07:56 -04:00
"github.com/docker/cli/cli/command/image"
2018-12-13 16:19:46 -05:00
"github.com/docker/cli/opts"
2017-01-11 16:54:52 -05:00
"github.com/docker/distribution/reference"
2016-12-24 19:05:37 -05:00
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/container"
2020-05-27 14:32:22 -04:00
"github.com/docker/docker/api/types/versions"
2017-05-08 13:51:30 -04:00
apiclient "github.com/docker/docker/client"
2016-09-08 13:11:39 -04:00
"github.com/docker/docker/pkg/jsonmessage"
"github.com/docker/docker/registry"
2020-05-27 14:32:22 -04:00
specs "github.com/opencontainers/image-spec/specs-go/v1"
2017-03-09 13:23:45 -05:00
"github.com/pkg/errors"
2016-09-08 13:11:39 -04:00
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
2018-11-05 08:12:22 -05:00
// Pull constants
const (
PullImageAlways = "always"
2018-11-20 06:54:27 -05:00
PullImageMissing = "missing" // Default (matches previous behavior)
2018-11-05 08:12:22 -05:00
PullImageNever = "never"
)
2016-09-08 13:11:39 -04:00
type createOptions struct {
2018-03-08 08:35:17 -05:00
name string
platform string
untrusted bool
2021-12-03 11:51:01 -05:00
pull string // always, missing, never
quiet bool
2016-09-08 13:11:39 -04:00
}
// NewCreateCommand creates a new cobra.Command for `docker create`
2017-05-03 17:58:52 -04:00
func NewCreateCommand ( dockerCli command . Cli ) * cobra . Command {
2022-06-23 13:35:40 -04:00
var options createOptions
2016-12-23 14:09:12 -05:00
var copts * containerOptions
2016-09-08 13:11:39 -04:00
cmd := & cobra . Command {
Use : "create [OPTIONS] IMAGE [COMMAND] [ARG...]" ,
Short : "Create a new container" ,
Args : cli . RequiresMinArgs ( 1 ) ,
RunE : func ( cmd * cobra . Command , args [ ] string ) error {
copts . Image = args [ 0 ]
if len ( args ) > 1 {
copts . Args = args [ 1 : ]
}
2022-06-23 13:35:40 -04:00
return runCreate ( dockerCli , cmd . Flags ( ) , & options , copts )
2016-09-08 13:11:39 -04:00
} ,
cli: use custom annotation for aliases
Cobra allows for aliases to be defined for a command, but only allows these
to be defined at the same level (for example, `docker image ls` as alias for
`docker image list`). Our CLI has some commands that are available both as a
top-level shorthand as well as `docker <object> <verb>` subcommands. For example,
`docker ps` is a shorthand for `docker container ps` / `docker container ls`.
This patch introduces a custom "aliases" annotation that can be used to print
all available aliases for a command. While this requires these aliases to be
defined manually, in practice the list of aliases rarely changes, so maintenance
should be minimal.
As a convention, we could consider the first command in this list to be the
canonical command, so that we can use this information to add redirects in
our documentation in future.
Before this patch:
docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Options:
-a, --all Show all images (default hides intermediate images)
...
With this patch:
docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
docker image ls, docker image list, docker images
Options:
-a, --all Show all images (default hides intermediate images)
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-28 04:52:25 -04:00
Annotations : map [ string ] string {
"aliases" : "docker container create, docker create" ,
} ,
2022-03-30 09:27:25 -04:00
ValidArgsFunction : completion . ImageNames ( dockerCli ) ,
2016-09-08 13:11:39 -04:00
}
flags := cmd . Flags ( )
flags . SetInterspersed ( false )
2022-06-23 13:35:40 -04:00
flags . StringVar ( & options . name , "name" , "" , "Assign a name to the container" )
flags . StringVar ( & options . pull , "pull" , PullImageMissing , ` Pull image before creating (" ` + PullImageAlways + ` "|" ` + PullImageMissing + ` "|" ` + PullImageNever + ` ") ` )
flags . BoolVarP ( & options . quiet , "quiet" , "q" , false , "Suppress the pull output" )
2016-09-08 13:11:39 -04:00
// Add an explicit help that doesn't have a `-h` to prevent the conflict
// with hostname
flags . Bool ( "help" , false , "Print usage" )
2022-06-23 13:35:40 -04:00
command . AddPlatformFlag ( flags , & options . platform )
command . AddTrustVerificationFlags ( flags , & options . untrusted , dockerCli . ContentTrustEnabled ( ) )
2016-12-23 14:09:12 -05:00
copts = addFlags ( flags )
2016-09-08 13:11:39 -04:00
return cmd
}
2018-12-13 16:19:46 -05:00
func runCreate ( dockerCli command . Cli , flags * pflag . FlagSet , options * createOptions , copts * containerOptions ) error {
2022-06-27 11:16:44 -04:00
if err := validatePullOpt ( options . pull ) ; err != nil {
reportError ( dockerCli . Err ( ) , "create" , err . Error ( ) , true )
return cli . StatusError { StatusCode : 125 }
}
2017-10-15 15:39:56 -04:00
proxyConfig := dockerCli . ConfigFile ( ) . ParseProxyConfig ( dockerCli . Client ( ) . DaemonHost ( ) , opts . ConvertKVStringsToMapWithNil ( copts . env . GetAll ( ) ) )
2018-12-13 16:19:46 -05:00
newEnv := [ ] string { }
for k , v := range proxyConfig {
if v == nil {
newEnv = append ( newEnv , k )
} else {
newEnv = append ( newEnv , fmt . Sprintf ( "%s=%s" , k , * v ) )
}
}
copts . env = * opts . NewListOptsRef ( & newEnv , nil )
2019-01-07 18:34:33 -05:00
containerConfig , err := parse ( flags , copts , dockerCli . ServerInfo ( ) . OSType )
2016-09-08 13:11:39 -04:00
if err != nil {
reportError ( dockerCli . Err ( ) , "create" , err . Error ( ) , true )
return cli . StatusError { StatusCode : 125 }
}
2018-10-10 06:18:29 -04:00
if err = validateAPIVersion ( containerConfig , dockerCli . Client ( ) . ClientVersion ( ) ) ; err != nil {
reportError ( dockerCli . Err ( ) , "create" , err . Error ( ) , true )
return cli . StatusError { StatusCode : 125 }
}
2018-12-13 16:19:46 -05:00
response , err := createContainer ( context . Background ( ) , dockerCli , containerConfig , options )
2016-09-08 13:11:39 -04:00
if err != nil {
return err
}
2016-12-24 19:05:37 -05:00
fmt . Fprintln ( dockerCli . Out ( ) , response . ID )
2016-09-08 13:11:39 -04:00
return nil
}
2017-08-02 20:31:32 -04:00
func pullImage ( ctx context . Context , dockerCli command . Cli , image string , platform string , out io . Writer ) error {
2017-01-11 16:54:52 -05:00
ref , err := reference . ParseNormalizedNamed ( image )
2016-09-08 13:11:39 -04:00
if err != nil {
return err
}
// Resolve the Repository name from fqn to RepositoryInfo
repoInfo , err := registry . ParseRepositoryInfo ( ref )
if err != nil {
return err
}
2016-09-09 15:38:00 -04:00
authConfig := command . ResolveAuthConfig ( ctx , dockerCli , repoInfo . Index )
2016-09-08 13:11:39 -04:00
encodedAuth , err := command . EncodeAuthToBase64 ( authConfig )
if err != nil {
return err
}
options := types . ImageCreateOptions {
RegistryAuth : encodedAuth ,
2017-08-02 20:31:32 -04:00
Platform : platform ,
2016-09-08 13:11:39 -04:00
}
responseBody , err := dockerCli . Client ( ) . ImageCreate ( ctx , image , options )
if err != nil {
return err
}
defer responseBody . Close ( )
return jsonmessage . DisplayJSONMessagesStream (
responseBody ,
out ,
dockerCli . Out ( ) . FD ( ) ,
dockerCli . Out ( ) . IsTerminal ( ) ,
nil )
}
type cidFile struct {
path string
file * os . File
written bool
}
func ( cid * cidFile ) Close ( ) error {
2017-05-09 18:35:25 -04:00
if cid . file == nil {
return nil
}
2016-09-08 13:11:39 -04:00
cid . file . Close ( )
2016-12-24 19:05:37 -05:00
if cid . written {
return nil
}
if err := os . Remove ( cid . path ) ; err != nil {
linting: fix incorrectly formatted errors (revive)
cli/compose/interpolation/interpolation.go:102:4: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
"invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
^
cli/command/stack/loader/loader.go:30:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
^
cli/command/formatter/formatter.go:76:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return tmpl, errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/formatter/formatter.go:97:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/image/build.go:257:25: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("error checking context: '%s'.", err)
^
cli/command/volume/create.go:35:27: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
^
cli/command/container/create.go:160:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-27 15:13:03 -04:00
return errors . Wrapf ( err , "failed to remove the CID file '%s'" , cid . path )
2016-09-08 13:11:39 -04:00
}
return nil
}
func ( cid * cidFile ) Write ( id string ) error {
2017-05-09 18:35:25 -04:00
if cid . file == nil {
return nil
}
2016-09-08 13:11:39 -04:00
if _ , err := cid . file . Write ( [ ] byte ( id ) ) ; err != nil {
linting: fix incorrectly formatted errors (revive)
cli/compose/interpolation/interpolation.go:102:4: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
"invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
^
cli/command/stack/loader/loader.go:30:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
^
cli/command/formatter/formatter.go:76:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return tmpl, errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/formatter/formatter.go:97:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/image/build.go:257:25: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("error checking context: '%s'.", err)
^
cli/command/volume/create.go:35:27: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
^
cli/command/container/create.go:160:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-27 15:13:03 -04:00
return errors . Wrap ( err , "failed to write the container ID to the file" )
2016-09-08 13:11:39 -04:00
}
cid . written = true
return nil
}
func newCIDFile ( path string ) ( * cidFile , error ) {
2017-05-09 18:35:25 -04:00
if path == "" {
return & cidFile { } , nil
}
2016-09-08 13:11:39 -04:00
if _ , err := os . Stat ( path ) ; err == nil {
linting: fix incorrectly formatted errors (revive)
cli/compose/interpolation/interpolation.go:102:4: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
"invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
^
cli/command/stack/loader/loader.go:30:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
^
cli/command/formatter/formatter.go:76:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return tmpl, errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/formatter/formatter.go:97:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/image/build.go:257:25: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("error checking context: '%s'.", err)
^
cli/command/volume/create.go:35:27: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
^
cli/command/container/create.go:160:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-27 15:13:03 -04:00
return nil , errors . Errorf ( "container ID file found, make sure the other container isn't running or delete %s" , path )
2016-09-08 13:11:39 -04:00
}
f , err := os . Create ( path )
if err != nil {
linting: fix incorrectly formatted errors (revive)
cli/compose/interpolation/interpolation.go:102:4: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
"invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
^
cli/command/stack/loader/loader.go:30:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
^
cli/command/formatter/formatter.go:76:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return tmpl, errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/formatter/formatter.go:97:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Template parsing error: %v\n", err)
^
cli/command/image/build.go:257:25: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("error checking context: '%s'.", err)
^
cli/command/volume/create.go:35:27: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
^
cli/command/container/create.go:160:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-27 15:13:03 -04:00
return nil , errors . Wrap ( err , "failed to create the container ID file" )
2016-09-08 13:11:39 -04:00
}
return & cidFile { path : path , file : f } , nil
}
2022-07-13 06:29:49 -04:00
//nolint:gocyclo
2022-04-29 13:26:50 -04:00
func createContainer ( ctx context . Context , dockerCli command . Cli , containerConfig * containerConfig , opts * createOptions ) ( * container . CreateResponse , error ) {
2017-03-07 17:19:54 -05:00
config := containerConfig . Config
hostConfig := containerConfig . HostConfig
networkingConfig := containerConfig . NetworkingConfig
2016-09-08 13:11:39 -04:00
stderr := dockerCli . Err ( )
2018-12-13 06:59:35 -05:00
warnOnOomKillDisable ( * hostConfig , stderr )
warnOnLocalhostDNS ( * hostConfig , stderr )
2017-01-11 16:54:52 -05:00
var (
2017-05-09 18:35:25 -04:00
trustedRef reference . Canonical
namedRef reference . Named
2017-01-11 16:54:52 -05:00
)
2017-05-09 18:35:25 -04:00
containerIDFile , err := newCIDFile ( hostConfig . ContainerIDFile )
if err != nil {
return nil , err
2016-09-08 13:11:39 -04:00
}
2017-05-09 18:35:25 -04:00
defer containerIDFile . Close ( )
2016-09-08 13:11:39 -04:00
2017-01-11 16:54:52 -05:00
ref , err := reference . ParseAnyReference ( config . Image )
2016-09-08 13:11:39 -04:00
if err != nil {
return nil , err
}
2017-01-11 16:54:52 -05:00
if named , ok := ref . ( reference . Named ) ; ok {
2017-01-25 19:54:18 -05:00
namedRef = reference . TagNameOnly ( named )
2016-09-08 13:11:39 -04:00
2018-03-08 14:56:56 -05:00
if taggedRef , ok := namedRef . ( reference . NamedTagged ) ; ok && ! opts . untrusted {
2016-09-08 13:11:39 -04:00
var err error
2017-01-11 16:54:52 -05:00
trustedRef , err = image . TrustedReference ( ctx , dockerCli , taggedRef , nil )
2016-09-08 13:11:39 -04:00
if err != nil {
return nil , err
}
2017-01-11 16:54:52 -05:00
config . Image = reference . FamiliarString ( trustedRef )
2016-09-08 13:11:39 -04:00
}
}
2019-02-20 07:12:24 -05:00
pullAndTagImage := func ( ) error {
2021-12-03 11:51:01 -05:00
pullOut := stderr
if opts . quiet {
pullOut = io . Discard
}
if err := pullImage ( ctx , dockerCli , config . Image , opts . platform , pullOut ) ; err != nil {
2019-02-20 07:12:24 -05:00
return err
2018-11-05 08:12:22 -05:00
}
if taggedRef , ok := namedRef . ( reference . NamedTagged ) ; ok && trustedRef != nil {
2019-02-20 07:12:24 -05:00
return image . TagTrusted ( ctx , dockerCli , trustedRef , taggedRef )
2018-11-05 08:12:22 -05:00
}
2019-02-20 07:12:24 -05:00
return nil
2019-02-16 18:41:56 -05:00
}
2020-05-27 14:32:22 -04:00
var platform * specs . Platform
// Engine API version 1.41 first introduced the option to specify platform on
// create. It will produce an error if you try to set a platform on older API
// versions, so check the API version here to maintain backwards
// compatibility for CLI users.
if opts . platform != "" && versions . GreaterThanOrEqualTo ( dockerCli . Client ( ) . ClientVersion ( ) , "1.41" ) {
p , err := platforms . Parse ( opts . platform )
if err != nil {
return nil , errors . Wrap ( err , "error parsing specified platform" )
}
platform = & p
}
2019-02-20 07:12:24 -05:00
if opts . pull == PullImageAlways {
if err := pullAndTagImage ( ) ; err != nil {
return nil , err
}
}
2018-11-05 08:12:22 -05:00
2022-05-18 06:48:02 -04:00
hostConfig . ConsoleSize [ 0 ] , hostConfig . ConsoleSize [ 1 ] = dockerCli . Out ( ) . GetTtySize ( )
2020-05-27 14:32:22 -04:00
response , err := dockerCli . Client ( ) . ContainerCreate ( ctx , config , hostConfig , networkingConfig , platform , opts . name )
2019-02-16 18:41:56 -05:00
if err != nil {
// Pull image if it does not exist locally and we have the PullImageMissing option. Default behavior.
if apiclient . IsErrNotFound ( err ) && namedRef != nil && opts . pull == PullImageMissing {
2021-12-03 11:51:01 -05:00
if ! opts . quiet {
// we don't want to write to stdout anything apart from container.ID
fmt . Fprintf ( stderr , "Unable to find image '%s' locally\n" , reference . FamiliarString ( namedRef ) )
}
2019-02-20 07:12:24 -05:00
if err := pullAndTagImage ( ) ; err != nil {
2019-02-16 18:41:56 -05:00
return nil , err
}
2018-11-05 08:12:22 -05:00
2019-02-16 18:41:56 -05:00
var retryErr error
2020-05-27 14:32:22 -04:00
response , retryErr = dockerCli . Client ( ) . ContainerCreate ( ctx , config , hostConfig , networkingConfig , platform , opts . name )
2019-02-16 18:41:56 -05:00
if retryErr != nil {
return nil , retryErr
2018-11-05 08:12:22 -05:00
}
2019-02-16 18:41:56 -05:00
} else {
return nil , err
2018-11-05 08:12:22 -05:00
}
2016-09-08 13:11:39 -04:00
}
for _ , warning := range response . Warnings {
fmt . Fprintf ( stderr , "WARNING: %s\n" , warning )
}
2017-05-09 18:35:25 -04:00
err = containerIDFile . Write ( response . ID )
return & response , err
2016-09-08 13:11:39 -04:00
}
2018-12-13 06:59:35 -05:00
func warnOnOomKillDisable ( hostConfig container . HostConfig , stderr io . Writer ) {
if hostConfig . OomKillDisable != nil && * hostConfig . OomKillDisable && hostConfig . Memory == 0 {
fmt . Fprintln ( stderr , "WARNING: Disabling the OOM killer on containers without setting a '-m/--memory' limit may be dangerous." )
}
}
// check the DNS settings passed via --dns against localhost regexp to warn if
// they are trying to set a DNS to a localhost address
func warnOnLocalhostDNS ( hostConfig container . HostConfig , stderr io . Writer ) {
for _ , dnsIP := range hostConfig . DNS {
if isLocalhost ( dnsIP ) {
fmt . Fprintf ( stderr , "WARNING: Localhost DNS setting (--dns=%s) may fail in containers.\n" , dnsIP )
return
}
}
}
// IPLocalhost is a regex pattern for IPv4 or IPv6 loopback range.
const ipLocalhost = ` ((127\.([0-9] { 1,3}\.) { 2}[0-9] { 1,3})|(::1)$) `
var localhostIPRegexp = regexp . MustCompile ( ipLocalhost )
// IsLocalhost returns true if ip matches the localhost IP regular expression.
// Used for determining if nameserver settings are being passed which are
// localhost addresses
func isLocalhost ( ip string ) bool {
return localhostIPRegexp . MatchString ( ip )
}
2022-06-27 11:16:44 -04:00
func validatePullOpt ( val string ) error {
switch val {
case PullImageAlways , PullImageMissing , PullImageNever , "" :
// valid option, but nothing to do yet
return nil
default :
return fmt . Errorf (
"invalid pull option: '%s': must be one of %q, %q or %q" ,
val ,
PullImageAlways ,
PullImageMissing ,
PullImageNever ,
)
}
}