* In addition to basic configuration through its methods, this class also @@ -66,7 +66,7 @@ import com.google.common.collect.ImmutableMap; * Note: The {@code image} property in the provided {@link Config.Builder} is rewritten by a placeholder value. * The real value is configured by ComputeServiceAdapter. *
- * + * *
* {@code import static org.jclouds.docker.compute.options.DockerTemplateOptions.Builder.*;
*
@@ -94,9 +94,10 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
protected Map portBindings = ImmutableMap.of();
protected String networkMode;
protected Map extraHosts = ImmutableMap.of();
+ protected boolean privileged;
protected Config.Builder configBuilder;
-
+
@Override
public DockerTemplateOptions clone() {
DockerTemplateOptions options = new DockerTemplateOptions();
@@ -128,6 +129,8 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
if (!extraHosts.isEmpty()) {
eTo.extraHosts(extraHosts);
}
+ eTo.privileged(privileged);
+
eTo.configBuilder(configBuilder);
}
}
@@ -149,6 +152,7 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
equal(this.env, that.env) &&
equal(this.portBindings, that.portBindings) &&
equal(this.extraHosts, that.extraHosts) &&
+ equal(this.privileged, that.privileged) &&
buildersEqual(this.configBuilder, that.configBuilder);
}
@@ -159,7 +163,7 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
private boolean buildersEqual(Config.Builder b1, Config.Builder b2) {
return b1 == b2 || (b1 != null && b2 != null && b1.build().equals(b2.build()));
}
-
+
@Override
public int hashCode() {
return Objects.hashCode(super.hashCode(), volumes, hostname, dns, memory, entrypoint, commands, cpuShares, env,
@@ -281,6 +285,18 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
return this;
}
+ /**
+ * By default, Docker containers are unprivileged and cannot execute privileged operations or access certain
+ * host devices.
+ *
+ * @param privileged Whether the container should run in privileged mode or not
+ * @return this instance
+ */
+ public DockerTemplateOptions privileged(boolean privileged) {
+ this.privileged = privileged;
+ return this;
+ }
+
/**
* This method sets Config.Builder configuration object, which can be used as
* a replacement for all the other settings from this class. Some values in
@@ -292,7 +308,7 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
* method!
*/
public DockerTemplateOptions configBuilder(Config.Builder configBuilder) {
- this.configBuilder = configBuilder != null
+ this.configBuilder = configBuilder != null
? Config.builder().fromConfig(configBuilder.image(NO_IMAGE).build())
: null;
return this;
@@ -320,6 +336,8 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
public Map getExtraHosts() { return extraHosts; }
+ public boolean getPrivileged() { return privileged; }
+
public Config.Builder getConfigBuilder() { return configBuilder; }
public static class Builder {
@@ -444,11 +462,19 @@ public class DockerTemplateOptions extends TemplateOptions implements Cloneable
return options.extraHosts(extraHosts);
}
+ /**
+ * @see DockerTemplateOptions#privileged(boolean)
+ */
+ public static DockerTemplateOptions privileged(boolean privileged) {
+ DockerTemplateOptions options = new DockerTemplateOptions();
+ return options.privileged(privileged);
+ }
+
public static DockerTemplateOptions configBuilder(Config.Builder configBuilder) {
DockerTemplateOptions options = new DockerTemplateOptions();
return options.configBuilder(configBuilder);
}
-
+
/**
* @see TemplateOptions#inboundPorts(int...)
*/
diff --git a/apis/docker/src/main/java/org/jclouds/docker/compute/strategy/DockerComputeServiceAdapter.java b/apis/docker/src/main/java/org/jclouds/docker/compute/strategy/DockerComputeServiceAdapter.java
index 64e9e679ea..20567cdd46 100644
--- a/apis/docker/src/main/java/org/jclouds/docker/compute/strategy/DockerComputeServiceAdapter.java
+++ b/apis/docker/src/main/java/org/jclouds/docker/compute/strategy/DockerComputeServiceAdapter.java
@@ -109,7 +109,7 @@ public class DockerComputeServiceAdapter implements
HostConfig.Builder hostConfigBuilder = HostConfig.builder()
.publishAllPorts(true)
- .privileged(true);
+ .privileged( templateOptions.getPrivileged() );
if (!templateOptions.getPortBindings().isEmpty()) {
Map>> portBindings = Maps.newHashMap();
@@ -160,7 +160,7 @@ public class DockerComputeServiceAdapter implements
// build once more after setting inboundPorts
containerConfig = containerConfigBuilder.build();
-
+
logger.debug(">> creating new container with containerConfig(%s)", containerConfig);
Container container = api.getContainerApi().createContainer(name, containerConfig);
logger.trace("<< container(%s)", container.id());
diff --git a/apis/docker/src/test/java/org/jclouds/docker/compute/options/DockerTemplateOptionsTest.java b/apis/docker/src/test/java/org/jclouds/docker/compute/options/DockerTemplateOptionsTest.java
index a1bb321816..73ba44ee1b 100644
--- a/apis/docker/src/test/java/org/jclouds/docker/compute/options/DockerTemplateOptionsTest.java
+++ b/apis/docker/src/test/java/org/jclouds/docker/compute/options/DockerTemplateOptionsTest.java
@@ -94,6 +94,18 @@ public class DockerTemplateOptionsTest {
assertEquals(options.as(DockerTemplateOptions.class).getNetworkMode(), "host");
}
+ @Test
+ public void testPrivilegedDefaultFalse() {
+ TemplateOptions options = DockerTemplateOptions.Builder.memory(2);
+ assertEquals(options.as(DockerTemplateOptions.class).getPrivileged(), false);
+ }
+
+ @Test
+ public void testPrivileged() {
+ TemplateOptions options = DockerTemplateOptions.Builder.privileged(true);
+ assertEquals(options.as(DockerTemplateOptions.class).getPrivileged(), true);
+ }
+
@Test
public void testConfigBuilder() {
Builder builder = Config.builder().memory(1024)