From 7788c8bd27d7e18d23ef2234e7b408e9836b7e6e Mon Sep 17 00:00:00 2001
From: Bas van der Lei <baslei@xs4all.nl>
Date: Sat, 18 Jul 2015 21:46:34 +0200
Subject: [PATCH 1/4] Ignore systemd 'containers' in the docker driver

---
 container/docker/factory.go | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/container/docker/factory.go b/container/docker/factory.go
index e449586e..ad7541af 100644
--- a/container/docker/factory.go
+++ b/container/docker/factory.go
@@ -42,6 +42,10 @@ var DockerNamespace = "docker"
 var dockerRootDir = flag.String("docker_root", "/var/lib/docker", "Absolute path to the Docker state root directory (default: /var/lib/docker)")
 var dockerRunDir = flag.String("docker_run", "/var/run/docker", "Absolute path to the Docker run directory (default: /var/run/docker)")
 
+// Regexp that identifies docker cgroups, containers started with
+// --cgroup-parent have another prefix than 'docker'
+var dockerCgroupRegexp = regexp.MustCompile(`[A-z]+-([a-z0-9]+)\.scope`)
+
 // TODO(vmarmol): Export run dir too for newer Dockers.
 // Directory holding Docker container state information.
 func DockerStateDir() string {
@@ -119,8 +123,9 @@ func ContainerNameToDockerId(name string) string {
 
 	// Turn systemd cgroup name into Docker ID.
 	if UseSystemd() {
-		id = strings.TrimPrefix(id, "docker-")
-		id = strings.TrimSuffix(id, ".scope")
+		if matches := dockerCgroupRegexp.FindStringSubmatch(id); matches != nil {
+			id = matches[1]
+		}
 	}
 
 	return id
@@ -140,6 +145,12 @@ func FullContainerName(dockerId string) string {
 func (self *dockerFactory) CanHandleAndAccept(name string) (bool, bool, error) {
 	// docker factory accepts all containers it can handle.
 	canAccept := true
+
+	// When using Systemd all docker containers have a .scope suffix
+	if UseSystemd() && !strings.HasSuffix(path.Base(name), ".scope") {
+		return false, canAccept, nil
+	}
+
 	// Check if the container is known to docker and it is active.
 	id := ContainerNameToDockerId(name)
 

From 13674cf06c6b86b743607f4f38eaa22d0f0dfcf4 Mon Sep 17 00:00:00 2001
From: Bas van der Lei <baslei@xs4all.nl>
Date: Sun, 27 Sep 2015 00:20:52 +0200
Subject: [PATCH 2/4] optimize dockerCgroupRegexp

---
 container/docker/factory.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/container/docker/factory.go b/container/docker/factory.go
index ad7541af..d9f71391 100644
--- a/container/docker/factory.go
+++ b/container/docker/factory.go
@@ -44,7 +44,7 @@ var dockerRunDir = flag.String("docker_run", "/var/run/docker", "Absolute path t
 
 // Regexp that identifies docker cgroups, containers started with
 // --cgroup-parent have another prefix than 'docker'
-var dockerCgroupRegexp = regexp.MustCompile(`[A-z]+-([a-z0-9]+)\.scope`)
+var dockerCgroupRegexp = regexp.MustCompile(`.+-([a-z0-9]{64})\.scope$`)
 
 // TODO(vmarmol): Export run dir too for newer Dockers.
 // Directory holding Docker container state information.

From 9931854585c343d92e0097dec688fffd8ea993c4 Mon Sep 17 00:00:00 2001
From: Bas van der Lei <baslei@xs4all.nl>
Date: Sun, 27 Sep 2015 00:29:03 +0200
Subject: [PATCH 3/4] remove dead code

---
 container/docker/factory.go | 10 ----------
 container/docker/handler.go | 28 ++--------------------------
 2 files changed, 2 insertions(+), 36 deletions(-)

diff --git a/container/docker/factory.go b/container/docker/factory.go
index d9f71391..ef2b4d4c 100644
--- a/container/docker/factory.go
+++ b/container/docker/factory.go
@@ -131,16 +131,6 @@ func ContainerNameToDockerId(name string) string {
 	return id
 }
 
-// Returns a full container name for the specified Docker ID.
-func FullContainerName(dockerId string) string {
-	// Add the full container name.
-	if UseSystemd() {
-		return path.Join("/system.slice", fmt.Sprintf("docker-%s.scope", dockerId))
-	} else {
-		return path.Join("/docker", dockerId)
-	}
-}
-
 // Docker handles all containers under /docker
 func (self *dockerFactory) CanHandleAndAccept(name string) (bool, bool, error) {
 	// docker factory accepts all containers it can handle.
diff --git a/container/docker/handler.go b/container/docker/handler.go
index 7bf57e46..bbb06abe 100644
--- a/container/docker/handler.go
+++ b/container/docker/handler.go
@@ -294,32 +294,8 @@ func (self *dockerContainerHandler) GetStats() (*info.ContainerStats, error) {
 }
 
 func (self *dockerContainerHandler) ListContainers(listType container.ListType) ([]info.ContainerReference, error) {
-	if self.name != "/docker" {
-		return []info.ContainerReference{}, nil
-	}
-	opt := docker.ListContainersOptions{
-		All: true,
-	}
-	containers, err := self.client.ListContainers(opt)
-	if err != nil {
-		return nil, err
-	}
-
-	ret := make([]info.ContainerReference, 0, len(containers)+1)
-	for _, c := range containers {
-		if !strings.HasPrefix(c.Status, "Up ") {
-			continue
-		}
-
-		ref := info.ContainerReference{
-			Name:      FullContainerName(c.ID),
-			Aliases:   append(c.Names, c.ID),
-			Namespace: DockerNamespace,
-		}
-		ret = append(ret, ref)
-	}
-
-	return ret, nil
+	// No-op for Docker driver.
+	return []info.ContainerReference{}, nil
 }
 
 func (self *dockerContainerHandler) GetCgroupPath(resource string) (string, error) {

From f8eb8cc9825455bfdfae6ecb80ee97fd1f768c91 Mon Sep 17 00:00:00 2001
From: Bas van der Lei <baslei@xs4all.nl>
Date: Fri, 2 Oct 2015 13:49:27 +0200
Subject: [PATCH 4/4] validate name with isContainerName func

---
 container/docker/factory.go | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/container/docker/factory.go b/container/docker/factory.go
index ef2b4d4c..c07f4445 100644
--- a/container/docker/factory.go
+++ b/container/docker/factory.go
@@ -131,14 +131,20 @@ func ContainerNameToDockerId(name string) string {
 	return id
 }
 
+func isContainerName(name string) bool {
+	if UseSystemd() {
+		return dockerCgroupRegexp.MatchString(path.Base(name))
+	}
+	return true
+}
+
 // Docker handles all containers under /docker
 func (self *dockerFactory) CanHandleAndAccept(name string) (bool, bool, error) {
 	// docker factory accepts all containers it can handle.
 	canAccept := true
 
-	// When using Systemd all docker containers have a .scope suffix
-	if UseSystemd() && !strings.HasSuffix(path.Base(name), ".scope") {
-		return false, canAccept, nil
+	if !isContainerName(name) {
+		return false, canAccept, fmt.Errorf("invalid container name")
 	}
 
 	// Check if the container is known to docker and it is active.