On 04/20/2015 01:06 PM, Lokesh Mandvekar wrote:
I've pretty much decided that 'docker' in virt SIG would only track upstream sources (no RH patches in it). Don't want this to sound like "I don't care what anyone says", but docker upstream and many CentOS users want a build which will only track upstream docker sources. Having 'docker' in virt SIG to be this build sounds like the way to go.
Agree. It would be nice to hear what the Atomic SIG folks think about this though as they're direct consumers.
For anyone interested in RH patches, there's 'docker-master' in virt SIG (docker master branch + RH patches) and 'docker' in CentOS-Extras of course. Also, I could add anything else to make anyone else happy.
What do the RH patches actually do?
Some docker behavior does get modified, like adding and blocking registries, checking for confirmation before pushing to public registries. AFAIK, patches were added only with permission from upstream docker and we're working towards upstreaming those patches too.
I think either one could make sense depending on how much value the patches provide / how much they cost to port to the latest release.
These patches are desirable to enterprise users, but I've been hearing a lot directly/indirectly from CentOS users that they only want vanilla docker behavior. Porting/rebasing is taken care of by RH folks on a daily basis.
Is this mainly just do to the private auth bug reported by quay.io users or is it more widespread than that?