diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index c220ac05d8..f3fd9eac6c 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -1839,11 +1839,17 @@ _docker_swarm_init() { fi return ;; + --advertise-addr) + if [[ $cur == *: ]] ; then + COMPREPLY=( $( compgen -W "2377" -- "${cur##*:}" ) ) + fi + return + ;; esac case "$cur" in -*) - COMPREPLY=( $( compgen -W "--force-new-cluster --help --listen-addr" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "--advertise-addr --force-new-cluster --help --listen-addr" -- "$cur" ) ) ;; esac } @@ -1873,11 +1879,17 @@ _docker_swarm_join() { fi return ;; + --advertise-addr) + if [[ $cur == *: ]] ; then + COMPREPLY=( $( compgen -W "2377" -- "${cur##*:}" ) ) + fi + return + ;; esac case "$cur" in -*) - COMPREPLY=( $( compgen -W "--help --listen-addr --token" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "--adveritse-addr --help --listen-addr --token" -- "$cur" ) ) ;; *:) COMPREPLY=( $( compgen -W "2377" -- "${cur##*:}" ) ) diff --git a/contrib/completion/zsh/_docker b/contrib/completion/zsh/_docker index 8ccf34b476..bf85d10e6d 100644 --- a/contrib/completion/zsh/_docker +++ b/contrib/completion/zsh/_docker @@ -1203,6 +1203,7 @@ __docker_swarm_subcommand() { (init) _arguments $(__docker_arguments) \ $opts_help \ + "($help)--advertise-addr[Advertised address]:ip\:port: " \ "($help)*--external-ca=[Specifications of one or more certificate signing endpoints]:endpoint: " \ "($help)--force-new-cluster[Force create a new cluster from current state]" \ "($help)--listen-addr=[Listen address]:ip\:port: " && ret=0 @@ -1215,6 +1216,7 @@ __docker_swarm_subcommand() { (join) _arguments $(__docker_arguments) \ $opts_help \ + "($help)--advertise-addr[Advertised address]:ip\:port: " \ "($help)--listen-addr=[Listen address]:ip\:port: " \ "($help)--token=[Token for entry into the swarm]:secret: " \ "($help -):host\:port: " && ret=0 diff --git a/docs/reference/commandline/dockerd.md b/docs/reference/commandline/dockerd.md index 8581ec095f..029d6cbf92 100644 --- a/docs/reference/commandline/dockerd.md +++ b/docs/reference/commandline/dockerd.md @@ -69,6 +69,7 @@ Options: -s, --storage-driver Storage driver to use --selinux-enabled Enable selinux support --storage-opt=[] Storage driver options + --swarm-default-advertise-addr Set default address or interface for swarm advertised address --tls Use TLS; implied by --tlsverify --tlscacert=~/.docker/ca.pem Trust certs signed only by this CA --tlscert=~/.docker/cert.pem Path to TLS certificate file @@ -1042,6 +1043,7 @@ This is a full example of the allowed configuration options on Linux: "tlscacert": "", "tlscert": "", "tlskey": "", + "swarm-default-advertise-addr": "", "api-cors-header": "", "selinux-enabled": false, "userns-remap": "", @@ -1112,6 +1114,7 @@ This is a full example of the allowed configuration options on Windows: "tlscacert": "", "tlscert": "", "tlskey": "", + "swarm-default-advertise-addr": "", "group": "", "default-ulimits": {}, "bridge": "", diff --git a/docs/reference/commandline/swarm_init.md b/docs/reference/commandline/swarm_init.md index 452071b7b5..8d9687abce 100644 --- a/docs/reference/commandline/swarm_init.md +++ b/docs/reference/commandline/swarm_init.md @@ -17,12 +17,13 @@ Usage: docker swarm init [OPTIONS] Initialize a swarm Options: + --advertise-addr value Advertised address (format: [:port]) --cert-expiry duration Validity period for node certificates (default 2160h0m0s) --dispatcher-heartbeat duration Dispatcher heartbeat period (default 5s) --external-ca value Specifications of one or more certificate signing endpoints --force-new-cluster Force create a new cluster from current state. --help Print usage - --listen-addr value Listen address (default 0.0.0.0:2377) + --listen-addr value Listen address (format: [:port]) --task-history-limit int Task history retention limit (default 5) ``` @@ -31,7 +32,7 @@ in the newly created one node swarm cluster. ```bash -$ docker swarm init --listen-addr 192.168.99.121:2377 +$ docker swarm init --advertise-addr 192.168.99.121 Swarm initialized: current node (bvz81updecsj6wjz393c09vti) is now a manager. To add a worker to this swarm, run the following command: @@ -70,11 +71,31 @@ The URL specifies the endpoint where signing requests should be submitted. ### `--force-new-cluster` -This flag forces an existing node that was part of a quorum that was lost to restart as a single node Manager without losing its data +This flag forces an existing node that was part of a quorum that was lost to restart as a single node Manager without losing its data. ### `--listen-addr value` -The node listens for inbound swarm manager traffic on this IP:PORT +The node listens for inbound Swarm manager traffic on this address. The default is to listen on +0.0.0.0:2377. It is also possible to specify a network interface to listen on that interface's +address; for example `--listen-addr eth0:2377`. + +Specifying a port is optional. If the value is a bare IP address, hostname, or interface +name, the default port 2377 will be used. + +### `--advertise-addr value` + +This flag specifies the address that will be advertised to other members of the +swarm for API access and overlay networking. If unspecified, Docker will check +if the system has a single IP address, and use that IP address with with the +listening port (see `--listen-addr`). If the system has multiple IP addresses, +`--advertise-addr` must be specified so that the correct address is chosen for +inter-manager communication and overlay networking. + +It is also possible to specify a network interface to advertise that interface's address; +for example `--advertise-addr eth0:2377`. + +Specifying a port is optional. If the value is a bare IP address, hostname, or interface +name, the default port 2377 will be used. ### `--task-history-limit` diff --git a/docs/reference/commandline/swarm_join.md b/docs/reference/commandline/swarm_join.md index a8edc348d7..42638c09ae 100644 --- a/docs/reference/commandline/swarm_join.md +++ b/docs/reference/commandline/swarm_join.md @@ -17,9 +17,10 @@ Usage: docker swarm join [OPTIONS] HOST:PORT Join a swarm as a node and/or manager Options: - --help Print usage - --listen-addr value Listen address (default 0.0.0.0:2377) - --token string Token for entry into the swarm + --advertise-addr value Advertised address (format: [:port]) + --help Print usage + --listen-addr value Listen address + --token string Token for entry into the swarm ``` Join a node to a swarm. The node joins as a manager node or worker node based upon the token you @@ -31,7 +32,7 @@ pass a worker token, the node joins as a worker. The example below demonstrates joining a manager node using a manager token. ```bash -$ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2 --listen-addr 192.168.99.122:2377 192.168.99.121:2377 +$ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2 192.168.99.121:2377 This node joined a swarm as a manager. $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -48,7 +49,7 @@ should join as workers instead. Managers should be stable hosts that have static The example below demonstrates joining a worker node using a worker token. ```bash -$ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx --listen-addr 192.168.99.123:2377 192.168.99.121:2377 +$ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx 192.168.99.121:2377 This node joined a swarm as a worker. $ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS @@ -59,7 +60,36 @@ dvfxp4zseq4s0rih1selh0d20 * manager1 Ready Active Leader ### `--listen-addr value` -The node listens for inbound swarm manager traffic on this IP:PORT +If the node is a manager, it will listen for inbound Swarm manager traffic on this +address. The default is to listen on 0.0.0.0:2377. It is also possible to specify a +network interface to listen on that interface's address; for example `--listen-addr eth0:2377`. + +Specifying a port is optional. If the value is a bare IP address, hostname, or interface +name, the default port 2377 will be used. + +This flag is generally not necessary when joining an existing swarm. + +### `--advertise-addr value` + +This flag specifies the address that will be advertised to other members of the +swarm for API access. If unspecified, Docker will check if the system has a +single IP address, and use that IP address with with the listening port (see +`--listen-addr`). If the system has multiple IP addresses, `--advertise-addr` +must be specified so that the correct address is chosen for inter-manager +communication and overlay networking. + +It is also possible to specify a network interface to advertise that interface's address; +for example `--advertise-addr eth0:2377`. + +Specifying a port is optional. If the value is a bare IP address, hostname, or interface +name, the default port 2377 will be used. + +This flag is generally not necessary when joining an existing swarm. + +### `--manager` + +Joins the node as a manager +>>>>>>> 22565e1... Split advertised address from listen address ### `--token string` diff --git a/man/dockerd.8.md b/man/dockerd.8.md index 333cf5a5aa..15e2d9635a 100644 --- a/man/dockerd.8.md +++ b/man/dockerd.8.md @@ -55,6 +55,7 @@ dockerd - Enable daemon mode [**-s**|**--storage-driver**[=*STORAGE-DRIVER*]] [**--selinux-enabled**] [**--storage-opt**[=*[]*]] +[**--swarm-default-advertise-addr**[=*IP|HOSTNAME|INTERFACE*]] [**--tls**] [**--tlscacert**[=*~/.docker/ca.pem*]] [**--tlscert**[=*~/.docker/cert.pem*]] @@ -239,6 +240,11 @@ output otherwise. **--storage-opt**=[] Set storage driver options. See STORAGE DRIVER OPTIONS. +**--swarm-default-advertise-addr**=*IP|HOSTNAME|INTERFACE* + Set default address or interface for swarm to advertise as its externally-reachable address to other cluster + members. This can be a hostname, an IP address, or an interface such as `eth0`. A port cannot be specified with + this option. + **--tls**=*true*|*false* Use TLS; implied by --tlsverify. Default is false.