Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
DockerCLI/docs/reference/commandline
History
Aaron Lehmann e632408a37 Generate a swarm joining secret if none is specified 
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.

This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.

`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.

Closes #23785

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 		2017-06-02 00:07:49 +00:00
..
attach.md Fix a couple of typos in the docs of `docker attach` 2017-06-02 00:07:42 +00:00
build.md Add powershell example and make linux build example consistent with other examples 2017-06-02 00:07:40 +00:00
cli.md docs: add $ before HOME 2017-06-02 00:07:31 +00:00
commit.md Document valid chars in image name and tag 2017-06-02 00:07:39 +00:00
cp.md update docs/reference/commandline/cp.md 2017-06-02 00:07:40 +00:00
create.md PR 19367 doc change: Mention supported drivers for --storage-opt size option in docker create/run. 2017-06-02 00:07:45 +00:00
diff.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
docker_images.gif retooling for hugo 2017-06-02 00:06:58 +00:00
dockerd.md man: add missing --add-runtime 2017-06-02 00:07:48 +00:00
events.md attach: replace interface with simple type 2017-06-02 00:07:41 +00:00
exec.md Implement configurable detach key 2017-06-02 00:07:22 +00:00
export.md surfacing Learn by example topics to top level of Docker Engine docs 2017-06-02 00:07:43 +00:00
history.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
images.md Add before and since filter to images 2017-06-02 00:07:40 +00:00
import.md Fix some flaws in docs 2017-06-02 00:07:29 +00:00
index.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
info.md Update docker info output example 2017-06-02 00:07:44 +00:00
inspect.md Update help output to match Docker 1.11. 2017-06-02 00:07:45 +00:00
kill.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
load.md Update docker-load documentation 2017-06-02 00:07:42 +00:00
login.md Add support for identity tokens in client credentials store 2017-06-02 00:07:31 +00:00
logout.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
logs.md Add support for reading logs extra attrs 2017-06-02 00:07:37 +00:00
menu.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
network_connect.md make cmd short short consistency and change docs 2017-06-02 00:07:47 +00:00
network_create.md Update network_create.md 2017-06-02 00:07:47 +00:00
network_disconnect.md Forced endpoint cleanup 2017-06-02 00:07:23 +00:00
network_inspect.md Include all endpoints in network inspect object 2017-06-02 00:07:31 +00:00
network_ls.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
network_rm.md Fix some flaws in docs 2017-06-02 00:07:29 +00:00
node_accept.md no more 'docker node reject' in docs 2017-06-02 00:07:44 +00:00
node_demote.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
node_inspect.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
node_ls.md Change NAME to HOSTNAME in docs for `docker node ls` 2017-06-02 00:07:48 +00:00
node_promote.md no more 'docker node reject' in docs 2017-06-02 00:07:44 +00:00
node_rm.md Add the advisory=rc metadata 2017-06-02 00:07:45 +00:00
node_tasks.md rename desired_state filter to desired-state 2017-06-02 00:07:47 +00:00
node_update.md Add the advisory=rc metadata 2017-06-02 00:07:45 +00:00
pause.md Fix up stale links 2017-06-02 00:07:40 +00:00
plugin_disable.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
plugin_enable.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
plugin_inspect.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
plugin_install.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
plugin_ls.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
plugin_rm.md docs: move "advisory" to general metadata 2017-06-02 00:07:44 +00:00
port.md Fix the typo in ps 2017-06-02 00:07:25 +00:00
ps.md add support for filtering by network ID 2017-06-02 00:07:42 +00:00
pull.md Add link to Docker Hub. 2017-06-02 00:07:43 +00:00
push.md Document valid chars in image name and tag 2017-06-02 00:07:39 +00:00
rename.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
restart.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
rm.md Fix some flaws in docs 2017-06-02 00:07:29 +00:00
rmi.md Correct old virtual size 2017-06-02 00:07:27 +00:00
run.md Fix typo 2017-06-02 00:07:48 +00:00
save.md Update 'save' command help 2017-06-02 00:07:32 +00:00
search.md Fix spelling in comments, strings and documentation 2017-06-02 00:07:48 +00:00
service_create.md Use "on-failure" for both containers and services 2017-06-02 00:07:49 +00:00
service_inspect.md make cmd short short consistency and change docs 2017-06-02 00:07:47 +00:00
service_ls.md Add the advisory=rc metadata 2017-06-02 00:07:45 +00:00
service_rm.md Add the advisory=rc metadata 2017-06-02 00:07:45 +00:00
service_scale.md Add the advisory=rc metadata 2017-06-02 00:07:45 +00:00
service_tasks.md rename desired_state filter to desired-state 2017-06-02 00:07:47 +00:00
service_update.md Use "on-failure" for both containers and services 2017-06-02 00:07:49 +00:00
start.md Implement configurable detach key 2017-06-02 00:07:22 +00:00
stats.md Change HumanSize to BytesSize for memory output in `docker stats`. 2017-06-02 00:07:35 +00:00
stop.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
swarm_init.md Generate a swarm joining secret if none is specified 2017-06-02 00:07:49 +00:00
swarm_join.md Generate a swarm joining secret if none is specified 2017-06-02 00:07:49 +00:00
swarm_leave.md Change NAME to HOSTNAME in docs for `docker node ls` 2017-06-02 00:07:48 +00:00
swarm_update.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2017-06-02 00:07:47 +00:00
tag.md surfacing Learn by example topics to top level of Docker Engine docs 2017-06-02 00:07:43 +00:00
top.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
unpause.md Fix up stale links 2017-06-02 00:07:40 +00:00
update.md Update RestartPolicy of container 2017-06-02 00:07:29 +00:00
version.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00
volume_create.md [Docs] clarified local volume driver docs 2017-06-02 00:07:47 +00:00
volume_inspect.md make cmd short short consistency and change docs 2017-06-02 00:07:47 +00:00
volume_ls.md surfacing Learn by example topics to top level of Docker Engine docs 2017-06-02 00:07:43 +00:00
volume_rm.md surfacing Learn by example topics to top level of Docker Engine docs 2017-06-02 00:07:43 +00:00
wait.md remove =false from options that default to false in the docs 2017-06-02 00:07:21 +00:00