@@ -17,6 +17,7 @@ import (

 	"github.com/Sirupsen/logrus"

 	containertypes "github.com/docker/docker/api/types/container"

+	mounttypes "github.com/docker/docker/api/types/mount"

 	networktypes "github.com/docker/docker/api/types/network"

 	"github.com/docker/docker/daemon/exec"

 	"github.com/docker/docker/daemon/logger"

@@ -551,6 +552,7 @@ func (container *Container) ShouldRestart() bool {

 // AddMountPointWithVolume adds a new mount point configured with a volume to the container.

 func (container *Container) AddMountPointWithVolume(destination string, vol volume.Volume, rw bool) {

 	container.MountPoints[destination] = &volume.MountPoint{

+		Type:        mounttypes.TypeVolume,

 		Name:        vol.Name(),

 		Driver:      vol.DriverName(),

 		Destination: destination,

@@ -9,6 +9,7 @@ import (

 	"github.com/Sirupsen/logrus"

 	containertypes "github.com/docker/docker/api/types/container"

+	mounttypes "github.com/docker/docker/api/types/mount"

 	"github.com/docker/docker/container"

 	"github.com/docker/docker/pkg/stringid"

 	"github.com/opencontainers/runc/libcontainer/label"

@@ -63,7 +64,11 @@ func (daemon *Daemon) createContainerPlatformSpecificSettings(container *contain

 // this is only called when the container is created.

 func (daemon *Daemon) populateVolumes(c *container.Container) error {

 	for _, mnt := range c.MountPoints {

-		if !mnt.CopyData || mnt.Volume == nil {

+		if mnt.Volume == nil {

+			continue

+		}

+

+		if mnt.Type != mounttypes.TypeVolume || !mnt.CopyData {

 			continue

 		}

@@ -18,7 +18,7 @@ func (daemon *Daemon) createContainerPlatformSpecificSettings(container *contain

 	for spec := range config.Volumes {

-		mp, err := volume.ParseMountSpec(spec, hostConfig.VolumeDriver)

+		mp, err := volume.ParseMountRaw(spec, hostConfig.VolumeDriver)

 		if err != nil {

 			return fmt.Errorf("Unrecognised volume spec: %v", err)

 		}

@@ -68,6 +68,7 @@ func addMountPoints(container *container.Container) []types.MountPoint {

 	mountPoints := make([]types.MountPoint, 0, len(container.MountPoints))

 	for _, m := range container.MountPoints {

 		mountPoints = append(mountPoints, types.MountPoint{

+			Type:        m.Type,

 			Name:        m.Name,

 			Source:      m.Path(),

 			Destination: m.Destination,

@@ -16,6 +16,7 @@ func addMountPoints(container *container.Container) []types.MountPoint {

 	mountPoints := make([]types.MountPoint, 0, len(container.MountPoints))

 	for _, m := range container.MountPoints {

 		mountPoints = append(mountPoints, types.MountPoint{

+			Type:        m.Type,

 			Name:        m.Name,

 			Source:      m.Path(),

 			Destination: m.Destination,

@@ -27,7 +27,7 @@ func (daemon *Daemon) removeMountPoints(container *container.Container, rm bool)

 		if rm {

 			// Do not remove named mountpoints

 			// these are mountpoints specified like `docker run -v <name>:/foo`

-			if m.Named {

+			if m.Spec.Source != "" {

 				continue

 			}

 			err := daemon.volumes.Remove(m.Volume)

@@ -9,8 +9,11 @@ import (

 	"github.com/docker/docker/api/types"

 	containertypes "github.com/docker/docker/api/types/container"

+	mounttypes "github.com/docker/docker/api/types/mount"

 	"github.com/docker/docker/container"

+	dockererrors "github.com/docker/docker/errors"

 	"github.com/docker/docker/volume"

+	"github.com/opencontainers/runc/libcontainer/label"

 )

 var (

@@ -106,7 +109,8 @@ func (daemon *Daemon) registerMountPoints(container *container.Container, hostCo

 				Driver:      m.Driver,

 				Destination: m.Destination,

 				Propagation: m.Propagation,

-				Named:       m.Named,

+				Spec:        m.Spec,

+				CopyData:    false,

 			}

 			if len(cp.Source) == 0 {

@@ -123,18 +127,18 @@ func (daemon *Daemon) registerMountPoints(container *container.Container, hostCo

 	// 3. Read bind mounts

 	for _, b := range hostConfig.Binds {

-		// #10618

-		bind, err := volume.ParseMountSpec(b, hostConfig.VolumeDriver)

+		bind, err := volume.ParseMountRaw(b, hostConfig.VolumeDriver)

 		if err != nil {

 			return err

 		}

+		// #10618

 		_, tmpfsExists := hostConfig.Tmpfs[bind.Destination]

 		if binds[bind.Destination] || tmpfsExists {

 			return fmt.Errorf("Duplicate mount point '%s'", bind.Destination)

 		}

-		if len(bind.Name) > 0 {

+		if bind.Type == mounttypes.TypeVolume {

 			// create the volume

 			v, err := daemon.volumes.CreateWithRef(bind.Name, bind.Driver, container.ID, nil, nil)

 			if err != nil {

@@ -144,9 +148,8 @@ func (daemon *Daemon) registerMountPoints(container *container.Container, hostCo

 			bind.Source = v.Path()

 			// bind.Name is an already existing volume, we need to use that here

 			bind.Driver = v.DriverName()

-			bind.Named = true

-			if bind.Driver == "local" {

-				bind = setBindModeIfNull(bind)

+			if bind.Driver == volume.DefaultDriverName {

+				setBindModeIfNull(bind)

 			}

 		}

@@ -154,6 +157,50 @@ func (daemon *Daemon) registerMountPoints(container *container.Container, hostCo

 		mountPoints[bind.Destination] = bind

 	}

+	for _, cfg := range hostConfig.Mounts {

+		mp, err := volume.ParseMountSpec(cfg)

+		if err != nil {

+			return dockererrors.NewBadRequestError(err)

+		}

+

+		if binds[mp.Destination] {

+			return fmt.Errorf("Duplicate mount point '%s'", cfg.Target)

+		}

+

+		if mp.Type == mounttypes.TypeVolume {

+			var v volume.Volume

+			if cfg.VolumeOptions != nil {

+				var driverOpts map[string]string

+				if cfg.VolumeOptions.DriverConfig != nil {

+					driverOpts = cfg.VolumeOptions.DriverConfig.Options

+				}

+				v, err = daemon.volumes.CreateWithRef(mp.Name, mp.Driver, container.ID, driverOpts, cfg.VolumeOptions.Labels)

+			} else {

+				v, err = daemon.volumes.CreateWithRef(mp.Name, mp.Driver, container.ID, nil, nil)

+			}

+			if err != nil {

+				return err

+			}

+

+			if err := label.Relabel(mp.Source, container.MountLabel, false); err != nil {

+				return err

+			}

+			mp.Volume = v

+			mp.Name = v.Name()

+			mp.Driver = v.DriverName()

+

+			// only use the cached path here since getting the path is not neccessary right now and calling `Path()` may be slow

+			if cv, ok := v.(interface {

+				CachedPath() string

+			}); ok {

+				mp.Source = cv.CachedPath()

+			}

+		}

+

+		binds[mp.Destination] = true

+		mountPoints[mp.Destination] = mp

+	}

+

 	container.Lock()

 	// 4. Cleanup old volumes that are about to be reassigned.

@@ -85,11 +85,10 @@ func sortMounts(m []container.Mount) []container.Mount {

 // setBindModeIfNull is platform specific processing to ensure the

 // shared mode is set to 'z' if it is null. This is called in the case

 // of processing a named volume and not a typical bind.

-func setBindModeIfNull(bind *volume.MountPoint) *volume.MountPoint {

+func setBindModeIfNull(bind *volume.MountPoint) {

 	if bind.Mode == "" {

 		bind.Mode = "z"

 	}

-	return bind

 }

 // migrateVolume links the contents of a volume created pre Docker 1.7

@@ -46,6 +46,6 @@ func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, er

 // setBindModeIfNull is platform specific processing which is a no-op on

 // Windows.

-func setBindModeIfNull(bind *volume.MountPoint) *volume.MountPoint {

-	return bind

+func setBindModeIfNull(bind *volume.MountPoint) {

+	return

 }

@@ -122,6 +122,7 @@ This section lists each version from latest to oldest.  Each listing includes a

 * `DELETE /volumes/(name)` now accepts a `force` query parameter to force removal of volumes that were already removed out of band by the volume driver plugin.

 * `POST /containers/create/` and `POST /containers/(name)/update` now validates restart policies.

 * `POST /containers/create` now validates IPAMConfig in NetworkingConfig, and returns error for invalid IPv4 and IPv6 addresses (`--ip` and `--ip6` in `docker create/run`).

+* `POST /containers/create` now takes a `Mounts` field in `HostConfig` which replaces `Binds` and `Volumes`. *note*: `Binds` and `Volumes` are still available but are exclusive with `Mounts`

 ### v1.24 API changes

@@ -334,7 +334,8 @@ Create a container

              "StorageOpt": {},

              "CgroupParent": "",

              "VolumeDriver": "",

-             "ShmSize": 67108864

+             "ShmSize": 67108864,

+             "Mounts": []

           },

           "NetworkingConfig": {

               "EndpointsConfig": {

@@ -610,7 +611,8 @@ Return low-level information on the container `id`

 			"VolumesFrom": null,

 			"Ulimits": [{}],

 			"VolumeDriver": "",

-			"ShmSize": 67108864

+			"ShmSize": 67108864,

+			"Mounts": []

 		},

 		"HostnamePath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname",

 		"HostsPath": "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts",

@@ -486,6 +486,24 @@ Create a container

     -   **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.

     -   **VolumeDriver** - Driver that this container users to mount volumes.

     -   **ShmSize** - Size of `/dev/shm` in bytes. The size must be greater than 0.  If omitted the system uses 64MB.

+    -   **Mounts** – Specification for mounts to be added to the container.

+        - **Target** – Container path.

+        - **Source** – Mount source (e.g. a volume name, a host path).

+        - **Type** – The mount type (`bind`, or `volume`).

+          Available types (for the `Type` field):

+          - **bind** - Mounts a file or directory from the host into the container. Must exist prior to creating the container.

+          - **volume** - Creates a volume with the given name and options (or uses a pre-existing volume with the same name and options). These are **not** removed when the container is removed.

+        - **ReadOnly** – A boolean indicating whether the mount should be read-only.

+        - **BindOptions** - Optional configuration for the `bind` type.

+          - **Propagation** – A propagation mode with the value `[r]private`, `[r]shared`, or `[r]slave`.

+        - **VolumeOptions** – Optional configuration for the `volume` type.

+            - **NoCopy** – A boolean indicating if volume should be

+              populated with the data from the target. (Default false)

+            - **Labels** – User-defined name and labels for the volume as key/value pairs: `{"name": "value"}`

+            - **DriverConfig** – Map of driver-specific options.

+              - **Name** - Name of the driver to use to create the volume.

+              - **Options** - key/value map of driver specific options.

+

 **Query parameters**:

@@ -6,10 +6,12 @@ import (

 	"encoding/json"

 	"fmt"

 	"io"

+	"io/ioutil"

 	"net/http"

 	"net/http/httputil"

 	"net/url"

 	"os"

+	"path/filepath"

 	"regexp"

 	"strconv"

 	"strings"

@@ -17,10 +19,14 @@ import (

 	"github.com/docker/docker/api/types"

 	containertypes "github.com/docker/docker/api/types/container"

+	mounttypes "github.com/docker/docker/api/types/mount"

 	networktypes "github.com/docker/docker/api/types/network"

 	"github.com/docker/docker/pkg/integration"

 	"github.com/docker/docker/pkg/integration/checker"

+	"github.com/docker/docker/pkg/ioutils"

+	"github.com/docker/docker/pkg/mount"

 	"github.com/docker/docker/pkg/stringid"

+	"github.com/docker/docker/volume"

 	"github.com/go-check/check"

 )

@@ -1525,3 +1531,212 @@ func (s *DockerSuite) TestContainerApiStatsWithNetworkDisabled(c *check.C) {

 		c.Assert(dec.Decode(&s), checker.IsNil)

 	}

 }

+

+func (s *DockerSuite) TestContainersApiCreateMountsValidation(c *check.C) {

+	type m mounttypes.Mount

+	type hc struct{ Mounts []m }

+	type cfg struct {

+		Image      string

+		HostConfig hc

+	}

+	type testCase struct {

+		config cfg

+		status int

+		msg    string

+	}

+

+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()

+	destPath := prefix + slash + "foo"

+	notExistPath := prefix + slash + "notexist"

+

+	cases := []testCase{

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "notreal", Target: destPath}}}}, http.StatusBadRequest, "mount type unknown"},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "bind"}}}}, http.StatusBadRequest, "Target must not be empty"},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "bind", Target: destPath}}}}, http.StatusBadRequest, "Source must not be empty"},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "bind", Source: notExistPath, Target: destPath}}}}, http.StatusBadRequest, "bind source path does not exist"},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "volume"}}}}, http.StatusBadRequest, "Target must not be empty"},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "volume", Source: "hello", Target: destPath}}}}, http.StatusCreated, ""},

+		{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "volume", Source: "hello2", Target: destPath, VolumeOptions: &mounttypes.VolumeOptions{DriverConfig: &mounttypes.Driver{Name: "local"}}}}}}, http.StatusCreated, ""},

+	}

+

+	if SameHostDaemon.Condition() {

+		tmpDir, err := ioutils.TempDir("", "test-mounts-api")

+		c.Assert(err, checker.IsNil)

+		defer os.RemoveAll(tmpDir)

+		cases = append(cases, []testCase{

+			{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "bind", Source: tmpDir, Target: destPath}}}}, http.StatusCreated, ""},

+			{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "bind", Source: tmpDir, Target: destPath, VolumeOptions: &mounttypes.VolumeOptions{}}}}}, http.StatusBadRequest, "VolumeOptions must not be specified"},

+		}...)

+	}

+

+	if DaemonIsLinux.Condition() {

+		cases = append(cases, []testCase{

+			{cfg{Image: "busybox", HostConfig: hc{Mounts: []m{{Type: "volume", Source: "hello3", Target: destPath, VolumeOptions: &mounttypes.VolumeOptions{DriverConfig: &mounttypes.Driver{Name: "local", Options: map[string]string{"o": "size=1"}}}}}}}, http.StatusCreated, ""},

+		}...)

+

+	}

+

+	for i, x := range cases {

+		c.Logf("case %d", i)

+		status, b, err := sockRequest("POST", "/containers/create", x.config)

+		c.Assert(err, checker.IsNil)

+		c.Assert(status, checker.Equals, x.status, check.Commentf("%s\n%v", string(b), cases[i].config))

+		if len(x.msg) > 0 {

+			c.Assert(string(b), checker.Contains, x.msg, check.Commentf("%v", cases[i].config))

+		}

+	}

+}

+

+func (s *DockerSuite) TestContainerApiCreateMountsBindRead(c *check.C) {

+	testRequires(c, NotUserNamespace, SameHostDaemon)

+	// also with data in the host side

+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()

+	destPath := prefix + slash + "foo"

+	tmpDir, err := ioutil.TempDir("", "test-mounts-api-bind")

+	c.Assert(err, checker.IsNil)

+	defer os.RemoveAll(tmpDir)

+	err = ioutil.WriteFile(filepath.Join(tmpDir, "bar"), []byte("hello"), 666)

+	c.Assert(err, checker.IsNil)

+

+	data := map[string]interface{}{

+		"Image":      "busybox",

+		"Cmd":        []string{"/bin/sh", "-c", "cat /foo/bar"},

+		"HostConfig": map[string]interface{}{"Mounts": []map[string]interface{}{{"Type": "bind", "Source": tmpDir, "Target": destPath}}},

+	}

+	status, resp, err := sockRequest("POST", "/containers/create?name=test", data)

+	c.Assert(err, checker.IsNil, check.Commentf(string(resp)))

+	c.Assert(status, checker.Equals, http.StatusCreated, check.Commentf(string(resp)))

+

+	out, _ := dockerCmd(c, "start", "-a", "test")

+	c.Assert(out, checker.Equals, "hello")

+}

+

+// Test Mounts comes out as expected for the MountPoint

+func (s *DockerSuite) TestContainersApiCreateMountsCreate(c *check.C) {

+	prefix, slash := getPrefixAndSlashFromDaemonPlatform()

+	destPath := prefix + slash + "foo"

+

+	var (

+		err     error

+		testImg string

+	)

+	if daemonPlatform != "windows" {

+		testImg, err = buildImage("test-mount-config", `

+	FROM busybox

+	RUN mkdir `+destPath+` && touch `+destPath+slash+`bar

+	CMD cat `+destPath+slash+`bar

+	`, true)

+	} else {

+		testImg = "busybox"

+	}

+	c.Assert(err, checker.IsNil)

+

+	type testCase struct {

+		cfg      mounttypes.Mount

+		expected types.MountPoint

+	}

+

+	cases := []testCase{

+		// use literal strings here for `Type` instead of the defined constants in the volume package to keep this honest

+		// Validation of the actual `Mount` struct is done in another test is not needed here

+		{mounttypes.Mount{Type: "volume", Target: destPath}, types.MountPoint{Driver: volume.DefaultDriverName, Type: "volume", RW: true, Destination: destPath}},

+		{mounttypes.Mount{Type: "volume", Target: destPath + slash}, types.MountPoint{Driver: volume.DefaultDriverName, Type: "volume", RW: true, Destination: destPath}},

+		{mounttypes.Mount{Type: "volume", Target: destPath, Source: "test1"}, types.MountPoint{Type: "volume", Name: "test1", RW: true, Destination: destPath}},

+		{mounttypes.Mount{Type: "volume", Target: destPath, ReadOnly: true, Source: "test2"}, types.MountPoint{Type: "volume", Name: "test2", RW: false, Destination: destPath}},

+		{mounttypes.Mount{Type: "volume", Target: destPath, Source: "test3", VolumeOptions: &mounttypes.VolumeOptions{DriverConfig: &mounttypes.Driver{Name: volume.DefaultDriverName}}}, types.MountPoint{Driver: volume.DefaultDriverName, Type: "volume", Name: "test3", RW: true, Destination: destPath}},

+	}

+

+	if SameHostDaemon.Condition() {

+		// setup temp dir for testing binds

+		tmpDir1, err := ioutil.TempDir("", "test-mounts-api-1")

+		c.Assert(err, checker.IsNil)

+		defer os.RemoveAll(tmpDir1)

+		cases = append(cases, []testCase{

+			{mounttypes.Mount{Type: "bind", Source: tmpDir1, Target: destPath}, types.MountPoint{Type: "bind", RW: true, Destination: destPath, Source: tmpDir1}},

+			{mounttypes.Mount{Type: "bind", Source: tmpDir1, Target: destPath, ReadOnly: true}, types.MountPoint{Type: "bind", RW: false, Destination: destPath, Source: tmpDir1}},

+		}...)

+

+		// for modes only supported on Linux

+		if DaemonIsLinux.Condition() {

+			tmpDir3, err := ioutils.TempDir("", "test-mounts-api-3")

+			c.Assert(err, checker.IsNil)

+			defer os.RemoveAll(tmpDir3)

+

+			c.Assert(mount.Mount(tmpDir3, tmpDir3, "none", "bind,rw"), checker.IsNil)

+			c.Assert(mount.ForceMount("", tmpDir3, "none", "shared"), checker.IsNil)

+

+			cases = append(cases, []testCase{

+				{mounttypes.Mount{Type: "bind", Source: tmpDir3, Target: destPath}, types.MountPoint{Type: "bind", RW: true, Destination: destPath, Source: tmpDir3}},

+				{mounttypes.Mount{Type: "bind", Source: tmpDir3, Target: destPath, ReadOnly: true}, types.MountPoint{Type: "bind", RW: false, Destination: destPath, Source: tmpDir3}},

+				{mounttypes.Mount{Type: "bind", Source: tmpDir3, Target: destPath, ReadOnly: true, BindOptions: &mounttypes.BindOptions{Propagation: "shared"}}, types.MountPoint{Type: "bind", RW: false, Destination: destPath, Source: tmpDir3, Propagation: "shared"}},

+			}...)

+		}

+	}

+

+	if daemonPlatform != "windows" { // Windows does not support volume populate

+		cases = append(cases, []testCase{

+			{mounttypes.Mount{Type: "volume", Target: destPath, VolumeOptions: &mounttypes.VolumeOptions{NoCopy: true}}, types.MountPoint{Driver: volume.DefaultDriverName, Type: "volume", RW: true, Destination: destPath}},

+			{mounttypes.Mount{Type: "volume", Target: destPath + slash, VolumeOptions: &mounttypes.VolumeOptions{NoCopy: true}}, types.MountPoint{Driver: volume.DefaultDriverName, Type: "volume", RW: true, Destination: destPath}},

+			{mounttypes.Mount{Type: "volume", Target: destPath, Source: "test4", VolumeOptions: &mounttypes.VolumeOptions{NoCopy: true}}, types.MountPoint{Type: "volume", Name: "test4", RW: true, Destination: destPath}},

+			{mounttypes.Mount{Type: "volume", Target: destPath, Source: "test5", ReadOnly: true, VolumeOptions: &mounttypes.VolumeOptions{NoCopy: true}}, types.MountPoint{Type: "volume", Name: "test5", RW: false, Destination: destPath}},

+		}...)

+	}

+

+	type wrapper struct {

+		containertypes.Config

+		HostConfig containertypes.HostConfig

+	}

+	type createResp struct {

+		ID string `json:"Id"`

+	}

+	for i, x := range cases {

+		c.Logf("case %d - config: %v", i, x.cfg)

+		status, data, err := sockRequest("POST", "/containers/create", wrapper{containertypes.Config{Image: testImg}, containertypes.HostConfig{Mounts: []mounttypes.Mount{x.cfg}}})

+		c.Assert(err, checker.IsNil, check.Commentf(string(data)))

+		c.Assert(status, checker.Equals, http.StatusCreated, check.Commentf(string(data)))

+

+		var resp createResp

+		err = json.Unmarshal(data, &resp)

+		c.Assert(err, checker.IsNil, check.Commentf(string(data)))

+		id := resp.ID

+

+		var mps []types.MountPoint

+		err = json.NewDecoder(strings.NewReader(inspectFieldJSON(c, id, "Mounts"))).Decode(&mps)

+		c.Assert(err, checker.IsNil)

+		c.Assert(mps, checker.HasLen, 1)

+		c.Assert(mps[0].Destination, checker.Equals, x.expected.Destination)

+

+		if len(x.expected.Source) > 0 {

+			c.Assert(mps[0].Source, checker.Equals, x.expected.Source)

+		}

+		if len(x.expected.Name) > 0 {

+			c.Assert(mps[0].Name, checker.Equals, x.expected.Name)

+		}

+		if len(x.expected.Driver) > 0 {

+			c.Assert(mps[0].Driver, checker.Equals, x.expected.Driver)

+		}

+		c.Assert(mps[0].RW, checker.Equals, x.expected.RW)

+		c.Assert(mps[0].Type, checker.Equals, x.expected.Type)

+		c.Assert(mps[0].Mode, checker.Equals, x.expected.Mode)

+		if len(x.expected.Propagation) > 0 {

+			c.Assert(mps[0].Propagation, checker.Equals, x.expected.Propagation)

+		}

+

+		out, _, err := dockerCmdWithError("start", "-a", id)

+		if (x.cfg.Type != "volume" || (x.cfg.VolumeOptions != nil && x.cfg.VolumeOptions.NoCopy)) && daemonPlatform != "windows" {

+			c.Assert(err, checker.NotNil, check.Commentf("%s\n%v", out, mps[0]))

+		} else {

+			c.Assert(err, checker.IsNil, check.Commentf("%s\n%v", out, mps[0]))

+		}

+

+		dockerCmd(c, "rm", "-fv", id)

+		if x.cfg.Type == "volume" && len(x.cfg.Source) > 0 {

+			// This should still exist even though we removed the container

+			dockerCmd(c, "volume", "inspect", mps[0].Name)

+		} else {

+			// This should be removed automatically when we removed the container

+			out, _, err := dockerCmdWithError("volume", "inspect", mps[0].Name)

+			c.Assert(err, checker.NotNil, check.Commentf(out))

+		}

+	}

+}

@@ -4272,15 +4272,9 @@ func (s *DockerSuite) TestRunVolumesMountedAsSlave(c *check.C) {

 func (s *DockerSuite) TestRunNamedVolumesMountedAsShared(c *check.C) {

 	testRequires(c, DaemonIsLinux, NotUserNamespace)

-	out, exitcode, _ := dockerCmdWithError("run", "-v", "foo:/test:shared", "busybox", "touch", "/test/somefile")

-

-	if exitcode == 0 {

-		c.Fatalf("expected non-zero exit code; received %d", exitcode)

-	}

-

-	if expected := "Invalid volume specification"; !strings.Contains(out, expected) {

-		c.Fatalf(`Expected %q in output; got: %s`, expected, out)

-	}

+	out, exitCode, _ := dockerCmdWithError("run", "-v", "foo:/test:shared", "busybox", "touch", "/test/somefile")

+	c.Assert(exitCode, checker.Not(checker.Equals), 0)

+	c.Assert(out, checker.Contains, "invalid mount config")

 }

 func (s *DockerSuite) TestRunNamedVolumeCopyImageData(c *check.C) {

@@ -73,16 +73,29 @@ func DecodeContainerConfig(src io.Reader) (*container.Config, *container.HostCon

 // validateVolumesAndBindSettings validates each of the volumes and bind settings

 // passed by the caller to ensure they are valid.

 func validateVolumesAndBindSettings(c *container.Config, hc *container.HostConfig) error {

+	if len(hc.Mounts) > 0 {

+		if len(hc.Binds) > 0 {

+			return conflictError(fmt.Errorf("must not specify both Binds and Mounts"))

+		}

+

+		if len(c.Volumes) > 0 {

+			return conflictError(fmt.Errorf("must not specify both Volumes and Mounts"))

+		}

+

+		if len(hc.VolumeDriver) > 0 {

+			return conflictError(fmt.Errorf("must not specify both VolumeDriver and Mounts"))

+		}

+	}

 	// Ensure all volumes and binds are valid.

 	for spec := range c.Volumes {

-		if _, err := volume.ParseMountSpec(spec, hc.VolumeDriver); err != nil {

-			return fmt.Errorf("Invalid volume spec %q: %v", spec, err)

+		if _, err := volume.ParseMountRaw(spec, hc.VolumeDriver); err != nil {

+			return fmt.Errorf("invalid volume spec %q: %v", spec, err)

 		}

 	}

 	for _, spec := range hc.Binds {

-		if _, err := volume.ParseMountSpec(spec, hc.VolumeDriver); err != nil {

-			return fmt.Errorf("Invalid bind mount spec %q: %v", spec, err)

+		if _, err := volume.ParseMountRaw(spec, hc.VolumeDriver); err != nil {

+			return fmt.Errorf("invalid bind mount spec %q: %v", spec, err)

 		}

 	}

@@ -2,6 +2,8 @@ package runconfig

 import (

 	"fmt"

+

+	"github.com/docker/docker/errors"

 )

 var (

@@ -38,3 +40,7 @@ var (

 	// ErrConflictUTSHostname conflict between the hostname and the UTS mode

 	ErrConflictUTSHostname = fmt.Errorf("Conflicting options: hostname and the UTS mode")

 )

+

+func conflictError(err error) error {

+	return errors.NewRequestConflictError(err)

+}

new file mode 100644

@@ -0,0 +1,118 @@

+package volume

+

+import (

+	"errors"

+	"fmt"

+	"os"

+	"path/filepath"

+

+	"github.com/docker/docker/api/types/mount"

+)

+

+var errBindNotExist = errors.New("bind source path does not exist")

+

+type validateOpts struct {

+	skipBindSourceCheck   bool

+	skipAbsolutePathCheck bool

+}

+

+func validateMountConfig(mnt *mount.Mount, options ...func(*validateOpts)) error {

+	opts := validateOpts{}

+	for _, o := range options {

+		o(&opts)

+	}

+

+	if len(mnt.Target) == 0 {

+		return &errMountConfig{mnt, errMissingField("Target")}

+	}

+

+	if err := validateNotRoot(mnt.Target); err != nil {

+		return &errMountConfig{mnt, err}

+	}

+

+	if !opts.skipAbsolutePathCheck {

+		if err := validateAbsolute(mnt.Target); err != nil {

+			return &errMountConfig{mnt, err}

+		}

+	}

+

+	switch mnt.Type {

+	case mount.TypeBind:

+		if len(mnt.Source) == 0 {

+			return &errMountConfig{mnt, errMissingField("Source")}

+		}

+		// Don't error out just because the propagation mode is not supported on the platform

+		if opts := mnt.BindOptions; opts != nil {

+			if len(opts.Propagation) > 0 && len(propagationModes) > 0 {

+				if _, ok := propagationModes[opts.Propagation]; !ok {

+					return &errMountConfig{mnt, fmt.Errorf("invalid propagation mode: %s", opts.Propagation)}

+				}

+			}

+		}

+		if mnt.VolumeOptions != nil {

+			return &errMountConfig{mnt, errExtraField("VolumeOptions")}

+		}

+

+		if err := validateAbsolute(mnt.Source); err != nil {

+			return &errMountConfig{mnt, err}

+		}

+

+		// Do not allow binding to non-existent path

+		if !opts.skipBindSourceCheck {

+			fi, err := os.Stat(mnt.Source)

+			if err != nil {

+				if !os.IsNotExist(err) {

+					return &errMountConfig{mnt, err}

+				}

+				return &errMountConfig{mnt, errBindNotExist}

+			}

+			if err := validateStat(fi); err != nil {

+				return &errMountConfig{mnt, err}

+			}

+		}

+	case mount.TypeVolume:

+		if mnt.BindOptions != nil {

+			return &errMountConfig{mnt, errExtraField("BindOptions")}

+		}

+

+		if len(mnt.Source) == 0 && mnt.ReadOnly {

+			return &errMountConfig{mnt, fmt.Errorf("must not set ReadOnly mode when using anonymous volumes")}

+		}

+

+		if len(mnt.Source) != 0 {

+			if valid, err := IsVolumeNameValid(mnt.Source); !valid {

+				if err == nil {

+					err = errors.New("invalid volume name")

+				}

+				return &errMountConfig{mnt, err}

+			}

+		}

+	default:

+		return &errMountConfig{mnt, errors.New("mount type unknown")}

+	}

+	return nil

+}

+

+type errMountConfig struct {

+	mount *mount.Mount

+	err   error

+}

+

+func (e *errMountConfig) Error() string {

+	return fmt.Sprintf("invalid mount config for type %q: %v", e.mount.Type, e.err.Error())

+}

+

+func errExtraField(name string) error {

+	return fmt.Errorf("field %s must not be specified", name)

+}

+func errMissingField(name string) error {

+	return fmt.Errorf("field %s must not be empty", name)

+}

+

+func validateAbsolute(p string) error {

+	p = convertSlash(p)

+	if filepath.IsAbs(p) {

+		return nil

+	}

+	return fmt.Errorf("invalid mount path: '%s' mount path must be absolute", p)

+}

new file mode 100644

@@ -0,0 +1,43 @@

+package volume

+

+import (

+	"errors"

+	"io/ioutil"

+	"os"

+	"strings"

+	"testing"

+

+	"github.com/docker/docker/api/types/mount"

+)

+

+func TestValidateMount(t *testing.T) {

+	testDir, err := ioutil.TempDir("", "test-validate-mount")

+	if err != nil {

+		t.Fatal(err)

+	}

+	defer os.RemoveAll(testDir)

+

+	cases := []struct {

+		input    mount.Mount

+		expected error

+	}{

+		{mount.Mount{Type: mount.TypeVolume}, errMissingField("Target")},

+		{mount.Mount{Type: mount.TypeVolume, Target: testDestinationPath, Source: "hello"}, nil},

+		{mount.Mount{Type: mount.TypeVolume, Target: testDestinationPath}, nil},

+		{mount.Mount{Type: mount.TypeBind}, errMissingField("Target")},

+		{mount.Mount{Type: mount.TypeBind, Target: testDestinationPath}, errMissingField("Source")},

+		{mount.Mount{Type: mount.TypeBind, Target: testDestinationPath, Source: testSourcePath, VolumeOptions: &mount.VolumeOptions{}}, errExtraField("VolumeOptions")},

+		{mount.Mount{Type: mount.TypeBind, Source: testSourcePath, Target: testDestinationPath}, errBindNotExist},

+		{mount.Mount{Type: mount.TypeBind, Source: testDir, Target: testDestinationPath}, nil},

+		{mount.Mount{Type: "invalid", Target: testDestinationPath}, errors.New("mount type unknown")},

+	}

+	for i, x := range cases {

+		err := validateMountConfig(&x.input)

+		if err == nil && x.expected == nil {

+			continue

+		}

+		if (err == nil && x.expected != nil) || (x.expected == nil && err != nil) || !strings.Contains(err.Error(), x.expected.Error()) {

+			t.Fatalf("expected %q, got %q, case: %d", x.expected, err, i)

+		}

+	}

+}

new file mode 100644

@@ -0,0 +1,8 @@

+// +build !windows

+

+package volume

+

+var (

+	testDestinationPath = "/foo"

+	testSourcePath      = "/foo"

+)

new file mode 100644

@@ -0,0 +1,6 @@

+package volume

+

+var (

+	testDestinationPath = `c:\foo`

+	testSourcePath      = `c:\foo`

+)

@@ -3,6 +3,7 @@ package volume

 import (

 	"fmt"

 	"os"

+	"path/filepath"

 	"strings"

 	"syscall"

@@ -82,19 +83,19 @@ type ScopedVolume interface {

 // specifies which volume is to be used and where inside a container it should

 // be mounted.

 type MountPoint struct {

-	Source      string // Container host directory

-	Destination string // Inside the container

-	RW          bool   // True if writable

-	Name        string // Name set by user

-	Driver      string // Volume driver to use

-	Volume      Volume `json:"-"`

+	Source      string          // Container host directory

+	Destination string          // Inside the container

+	RW          bool            // True if writable

+	Name        string          // Name set by user

+	Driver      string          // Volume driver to use

+	Type        mounttypes.Type `json:",omitempty"` // Type of mount to use, see `Type<foo>` definitions

+	Volume      Volume          `json:"-"`

 	// Note Mode is not used on Windows

-	Mode string `json:"Relabel"` // Originally field was `Relabel`"

+	Mode string `json:"Relabel,omitempty"` // Originally field was `Relabel`"

 	// Note Propagation is not used on Windows

-	Propagation mounttypes.Propagation // Mount propagation string

-	Named       bool                   // specifies if the mountpoint was specified by name

+	Propagation mounttypes.Propagation `json:",omitempty"` // Mount propagation string

 	// Specifies if data should be copied from the container before the first mount

 	// Use a pointer here so we can tell if the user set this value explicitly

@@ -102,7 +103,8 @@ type MountPoint struct {

 	CopyData bool `json:"-"`

 	// ID is the opaque ID used to pass to the volume driver.

 	// This should be set by calls to `Mount` and unset by calls to `Unmount`

-	ID string

+	ID   string `json:",omitempty"`

+	Spec mounttypes.Mount

 }

 // Setup sets up a mount point by either mounting the volume if it is

@@ -117,12 +119,15 @@ func (m *MountPoint) Setup(mountLabel string, rootUID, rootGID int) (string, err

 	if len(m.Source) == 0 {

 		return "", fmt.Errorf("Unable to setup mount point, neither source nor volume defined")

 	}

-	// idtools.MkdirAllNewAs() produces an error if m.Source exists and is a file (not a directory)

-	// also, makes sure that if the directory is created, the correct remapped rootUID/rootGID will own it

-	if err := idtools.MkdirAllNewAs(m.Source, 0755, rootUID, rootGID); err != nil {

-		if perr, ok := err.(*os.PathError); ok {

-			if perr.Err != syscall.ENOTDIR {

-				return "", err

+	// system.MkdirAll() produces an error if m.Source exists and is a file (not a directory),

+	if m.Type == mounttypes.TypeBind {

+		// idtools.MkdirAllNewAs() produces an error if m.Source exists and is a file (not a directory)

+		// also, makes sure that if the directory is created, the correct remapped rootUID/rootGID will own it

+		if err := idtools.MkdirAllNewAs(m.Source, 0755, rootUID, rootGID); err != nil {

+			if perr, ok := err.(*os.PathError); ok {

+				if perr.Err != syscall.ENOTDIR {

+					return "", err

+				}

 			}

 		}

 	}

@@ -142,17 +147,6 @@ func (m *MountPoint) Path() string {

 	return m.Source

 }

-// Type returns the type of mount point

-func (m *MountPoint) Type() string {

-	if m.Name != "" {

-		return "volume"

-	}

-	if m.Source != "" {

-		return "bind"

-	}

-	return "ephemeral"

-}

-

 // ParseVolumesFrom ensures that the supplied volumes-from is valid.

 func ParseVolumesFrom(spec string) (string, string, error) {

 	if len(spec) == 0 {

@@ -183,10 +177,125 @@ func ParseVolumesFrom(spec string) (string, string, error) {

 	return id, mode, nil

 }

+// ParseMountRaw parses a raw volume spec (e.g. `-v /foo:/bar:shared`) into a

+// structured spec. Once the raw spec is parsed it relies on `ParseMountSpec` to

+// validate the spec and create a MountPoint

+func ParseMountRaw(raw, volumeDriver string) (*MountPoint, error) {

+	arr, err := splitRawSpec(convertSlash(raw))

+	if err != nil {

+		return nil, err

+	}

+

+	var spec mounttypes.Mount

+	var mode string