dockershim: bump the minimum supported docker version to 1.11

Drop the 1.10 compatibilty code.
2018-01-04 10:22:16 -08:00 · 2018-01-04 10:22:16 -08:00 · 059fa35a84
parent cbdfed1ebe
commit 059fa35a84
5 changed files with 8 additions and 64 deletions
--- a/pkg/kubelet/dockershim/docker_container.go
+++ b/pkg/kubelet/dockershim/docker_container.go
@ -102,7 +102,6 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	if err != nil {
 		return "", fmt.Errorf("unable to get the docker API version: %v", err)
 	}
-	securityOptSep := getSecurityOptSeparator(apiVersion)

 	image := ""
 	if iSpec := config.GetImage(); iSpec != nil {
@ -134,7 +133,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	}

 	hc := createConfig.HostConfig
-	ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSep, apiVersion)
+	ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSeparator, apiVersion)
 	// Set devices for container.
 	devices := make([]dockercontainer.DeviceMapping, len(config.Devices))
 	for i, device := range config.Devices {
@ -146,7 +145,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	}
 	hc.Resources.Devices = devices

-	securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep)
+	securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
 	if err != nil {
 		return "", fmt.Errorf("failed to generate security options for container %q: %v", config.Metadata.Name, err)
 	}
--- a/pkg/kubelet/dockershim/docker_sandbox.go
+++ b/pkg/kubelet/dockershim/docker_sandbox.go
@ -528,12 +528,6 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	// TODO(random-liu): Deprecate this label once container metrics is directly got from CRI.
 	labels[types.KubernetesContainerNameLabel] = sandboxContainerName

-	apiVersion, err := ds.getDockerAPIVersion()
-	if err != nil {
-		return nil, fmt.Errorf("unable to get the docker API version: %v", err)
-	}
-	securityOptSep := getSecurityOptSeparator(apiVersion)
-
 	hc := &dockercontainer.HostConfig{}
 	createConfig := &dockertypes.ContainerCreateConfig{
 		Name: makeSandboxName(c),
@ -547,7 +541,7 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	}

 	// Apply linux-specific options.
-	if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSep); err != nil {
+	if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSeparator); err != nil {
 		return nil, err
 	}

@ -565,7 +559,7 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	}

 	// Set security options.
-	securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep)
+	securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
 	if err != nil {
 		return nil, fmt.Errorf("failed to generate sandbox security options for sandbox %q: %v", c.Metadata.Name, err)
 	}
--- a/pkg/kubelet/dockershim/helpers.go
+++ b/pkg/kubelet/dockershim/helpers.go
@ -22,7 +22,6 @@ import (
 	"strconv"
 	"strings"

-	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	dockercontainer "github.com/docker/docker/api/types/container"
 	dockerfilters "github.com/docker/docker/api/types/filters"
@ -39,12 +38,8 @@ import (
 )

 const (
-	annotationPrefix = "annotation."
-
-	// Docker changed the API for specifying options in v1.11
-	securityOptSeparatorChangeVersion = "1.23.0" // Corresponds to docker 1.11.x
-	securityOptSeparatorOld           = ':'
-	securityOptSeparatorNew           = '='
+	annotationPrefix     = "annotation."
+	securityOptSeparator = '='
 )

 var (
@ -54,10 +49,6 @@ var (
 	// if a container starts but the executable file is not found, runc gives a message that matches
 	startRE = regexp.MustCompile(`\\\\\\\"(.*)\\\\\\\": executable file not found`)

-	// Docker changes the security option separator from ':' to '=' in the 1.23
-	// API version.
-	optsSeparatorChangeVersion = semver.MustParse(securityOptSeparatorChangeVersion)
-
 	defaultSeccompOpt = []dockerOpt{{"seccomp", "unconfined", ""}}
 )

@ -321,21 +312,6 @@ func transformStartContainerError(err error) error {
 	return err
 }

-// getSecurityOptSeparator returns the security option separator based on the
-// docker API version.
-// TODO: Remove this function along with the relevant code when we no longer
-// need to support docker 1.10.
-func getSecurityOptSeparator(v *semver.Version) rune {
-	switch v.Compare(optsSeparatorChangeVersion) {
-	case -1:
-		// Current version is less than the API change version; use the old
-		// separator.
-		return securityOptSeparatorOld
-	default:
-		return securityOptSeparatorNew
-	}
-}
-
 // ensureSandboxImageExists pulls the sandbox image when it's not present.
 func ensureSandboxImageExists(client libdocker.Interface, image string) error {
 	_, err := client.InspectImageByRef(image)
--- a/pkg/kubelet/dockershim/helpers_test.go
+++ b/pkg/kubelet/dockershim/helpers_test.go
@ -23,7 +23,6 @@ import (
 	"path/filepath"
 	"testing"

-	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	dockernat "github.com/docker/go-connections/nat"
 	"github.com/stretchr/testify/assert"
@ -129,30 +128,6 @@ func TestParsingCreationConflictError(t *testing.T) {
 	require.Equal(t, matches[1], "24666ab8c814d16f986449e504ea0159468ddf8da01897144a770f66dce0e14e")
 }

-func TestGetSecurityOptSeparator(t *testing.T) {
-	for c, test := range map[string]struct {
-		desc     string
-		version  *semver.Version
-		expected rune
-	}{
-		"older docker version": {
-			version:  &semver.Version{Major: 1, Minor: 22, Patch: 0},
-			expected: ':',
-		},
-		"changed docker version": {
-			version:  &semver.Version{Major: 1, Minor: 23, Patch: 0},
-			expected: '=',
-		},
-		"newer docker version": {
-			version:  &semver.Version{Major: 1, Minor: 24, Patch: 0},
-			expected: '=',
-		},
-	} {
-		actual := getSecurityOptSeparator(test.version)
-		assert.Equal(t, test.expected, actual, c)
-	}
-}
-
 // writeDockerConfig will write a config file into a temporary dir, and return that dir.
 // Caller is responsible for deleting the dir and its contents.
 func writeDockerConfig(cfg string) (string, error) {
--- a/pkg/kubelet/dockershim/libdocker/client.go
+++ b/pkg/kubelet/dockershim/libdocker/client.go
@ -29,8 +29,8 @@ import (

 const (
 	// https://docs.docker.com/engine/reference/api/docker_remote_api/
-	// docker version should be at least 1.10.x
-	MinimumDockerAPIVersion = "1.22.0"
+	// docker version should be at least 1.11.x
+	MinimumDockerAPIVersion = "1.23.0"

 	// Status of a container returned by ListContainers.
 	StatusRunningPrefix = "Up"