diff --git a/docs/reference/commandline/cli.md b/docs/reference/commandline/cli.md index b15dc1585d..e9503c108c 100644 --- a/docs/reference/commandline/cli.md +++ b/docs/reference/commandline/cli.md @@ -49,8 +49,8 @@ by the `docker` command line: unsuitable for Docker. * `DOCKER_RAMDISK` If set this will disable 'pivot_root'. * `DOCKER_TLS_VERIFY` When set Docker uses TLS and verifies the remote. -* `DOCKER_TRUST` When set Docker uses notary to sign and verify images. - Equates to `--untrusted=false` for build, create, pull, push, run. +* `DOCKER_CONTENT_TRUST` When set Docker uses notary to sign and verify images. + Equates to `--disable-content-trust=false` for build, create, pull, push, run. * `DOCKER_TMPDIR` Location for temporary Docker files. Because Docker is developed using 'Go', you can also use any environment diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index 3ba09e769f..8c093f18eb 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -17,57 +17,57 @@ Creates a new container. Create a new container - -a, --attach=[] Attach to STDIN, STDOUT or STDERR - --add-host=[] Add a custom host-to-IP mapping (host:ip) - --blkio-weight=0 Block IO weight (relative weight) - -c, --cpu-shares=0 CPU shares (relative weight) - --cap-add=[] Add Linux capabilities - --cap-drop=[] Drop Linux capabilities - --cgroup-parent="" Optional parent cgroup for the container - --cidfile="" Write the container ID to the file - --cpu-period=0 Limit CPU CFS (Completely Fair Scheduler) period - --cpu-quota=0 Limit CPU CFS (Completely Fair Scheduler) quota - --cpuset-cpus="" CPUs in which to allow execution (0-3, 0,1) - --cpuset-mems="" Memory nodes (MEMs) in which to allow execution (0-3, 0,1) - --device=[] Add a host device to the container - --dns=[] Set custom DNS servers - --dns-search=[] Set custom DNS search domains - -e, --env=[] Set environment variables - --entrypoint="" Overwrite the default ENTRYPOINT of the image - --env-file=[] Read in a file of environment variables - --expose=[] Expose a port or a range of ports - -h, --hostname="" Container host name - --help=false Print usage - -i, --interactive=false Keep STDIN open even if not attached - --ipc="" IPC namespace to use - -l, --label=[] Set metadata on the container (e.g., --label=com.example.key=value) - --label-file=[] Read in a line delimited file of labels - --link=[] Add link to another container - --log-driver="" Logging driver for container - --log-opt=[] Log driver specific options - --lxc-conf=[] Add custom lxc options - -m, --memory="" Memory limit - --mac-address="" Container MAC address (e.g. 92:d0:c6:0a:29:33) - --memory-swap="" Total memory (memory + swap), '-1' to disable swap - --memory-swappiness="" Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. - --name="" Assign a name to the container - --net="bridge" Set the Network mode for the container - --oom-kill-disable=false Whether to disable OOM Killer for the container or not - -P, --publish-all=false Publish all exposed ports to random ports - -p, --publish=[] Publish a container's port(s) to the host - --pid="" PID namespace to use - --privileged=false Give extended privileges to this container - --read-only=false Mount the container's root filesystem as read only - --restart="no" Restart policy (no, on-failure[:max-retry], always) - --security-opt=[] Security options - -t, --tty=false Allocate a pseudo-TTY - --untrusted=true Skip image verification - -u, --user="" Username or UID - --ulimit=[] Ulimit options - --uts="" UTS namespace to use - -v, --volume=[] Bind mount a volume - --volumes-from=[] Mount volumes from the specified container(s) - -w, --workdir="" Working directory inside the container + -a, --attach=[] Attach to STDIN, STDOUT or STDERR + --add-host=[] Add a custom host-to-IP mapping (host:ip) + --blkio-weight=0 Block IO weight (relative weight) + -c, --cpu-shares=0 CPU shares (relative weight) + --cap-add=[] Add Linux capabilities + --cap-drop=[] Drop Linux capabilities + --cgroup-parent="" Optional parent cgroup for the container + --cidfile="" Write the container ID to the file + --cpu-period=0 Limit CPU CFS (Completely Fair Scheduler) period + --cpu-quota=0 Limit CPU CFS (Completely Fair Scheduler) quota + --cpuset-cpus="" CPUs in which to allow execution (0-3, 0,1) + --cpuset-mems="" Memory nodes (MEMs) in which to allow execution (0-3, 0,1) + --device=[] Add a host device to the container + --dns=[] Set custom DNS servers + --dns-search=[] Set custom DNS search domains + -e, --env=[] Set environment variables + --entrypoint="" Overwrite the default ENTRYPOINT of the image + --env-file=[] Read in a file of environment variables + --expose=[] Expose a port or a range of ports + -h, --hostname="" Container host name + --help=false Print usage + -i, --interactive=false Keep STDIN open even if not attached + --ipc="" IPC namespace to use + -l, --label=[] Set metadata on the container (e.g., --label=com.example.key=value) + --label-file=[] Read in a line delimited file of labels + --link=[] Add link to another container + --log-driver="" Logging driver for container + --log-opt=[] Log driver specific options + --lxc-conf=[] Add custom lxc options + -m, --memory="" Memory limit + --mac-address="" Container MAC address (e.g. 92:d0:c6:0a:29:33) + --memory-swap="" Total memory (memory + swap), '-1' to disable swap + --memory-swappiness="" Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. + --name="" Assign a name to the container + --net="bridge" Set the Network mode for the container + --oom-kill-disable=false Whether to disable OOM Killer for the container or not + -P, --publish-all=false Publish all exposed ports to random ports + -p, --publish=[] Publish a container's port(s) to the host + --pid="" PID namespace to use + --privileged=false Give extended privileges to this container + --read-only=false Mount the container's root filesystem as read only + --restart="no" Restart policy (no, on-failure[:max-retry], always) + --security-opt=[] Security options + -t, --tty=false Allocate a pseudo-TTY + --disable-content-trust=true Skip image verification + -u, --user="" Username or UID + --ulimit=[] Ulimit options + --uts="" UTS namespace to use + -v, --volume=[] Bind mount a volume + --volumes-from=[] Mount volumes from the specified container(s) + -w, --workdir="" Working directory inside the container The `docker create` command creates a writeable container layer over the specified image and prepares it for running the specified command. The diff --git a/docs/reference/commandline/pull.md b/docs/reference/commandline/pull.md index ac119db792..53b0d4cb50 100644 --- a/docs/reference/commandline/pull.md +++ b/docs/reference/commandline/pull.md @@ -15,8 +15,8 @@ weight=1 Pull an image or a repository from the registry - -a, --all-tags=false Download all tagged images in the repository - --untrusted=true Skip image verification + -a, --all-tags=false Download all tagged images in the repository + --disable-content-trust=true Skip image verification Most of your images will be created on top of a base image from the [Docker Hub](https://hub.docker.com) registry. diff --git a/docs/reference/commandline/push.md b/docs/reference/commandline/push.md index 221ee05301..7f88887dc9 100644 --- a/docs/reference/commandline/push.md +++ b/docs/reference/commandline/push.md @@ -15,7 +15,7 @@ weight=1 Push an image or a repository to the registry - --untrusted=true Skip image signing + --disable-content-trust=true Skip image signing Use `docker push` to share your images to the [Docker Hub](https://hub.docker.com) registry or to a self-hosted one. diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 955ba447e2..ab900d41b9 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -15,61 +15,61 @@ weight=1 Run a command in a new container - -a, --attach=[] Attach to STDIN, STDOUT or STDERR - --add-host=[] Add a custom host-to-IP mapping (host:ip) - --blkio-weight=0 Block IO weight (relative weight) - -c, --cpu-shares=0 CPU shares (relative weight) - --cap-add=[] Add Linux capabilities - --cap-drop=[] Drop Linux capabilities - --cgroup-parent="" Optional parent cgroup for the container - --cidfile="" Write the container ID to the file - --cpu-period=0 Limit CPU CFS (Completely Fair Scheduler) period - --cpu-quota=0 Limit CPU CFS (Completely Fair Scheduler) quota - --cpuset-cpus="" CPUs in which to allow execution (0-3, 0,1) - --cpuset-mems="" Memory nodes (MEMs) in which to allow execution (0-3, 0,1) - -d, --detach=false Run container in background and print container ID - --device=[] Add a host device to the container - --dns=[] Set custom DNS servers - --dns-search=[] Set custom DNS search domains - -e, --env=[] Set environment variables - --entrypoint="" Overwrite the default ENTRYPOINT of the image - --env-file=[] Read in a file of environment variables - --expose=[] Expose a port or a range of ports - --group-add=[] Add additional groups to run as - -h, --hostname="" Container host name - --help=false Print usage - -i, --interactive=false Keep STDIN open even if not attached - --ipc="" IPC namespace to use - -l, --label=[] Set metadata on the container (e.g., --label=com.example.key=value) - --label-file=[] Read in a file of labels (EOL delimited) - --link=[] Add link to another container - --log-driver="" Logging driver for container - --log-opt=[] Log driver specific options - --lxc-conf=[] Add custom lxc options - -m, --memory="" Memory limit - --mac-address="" Container MAC address (e.g. 92:d0:c6:0a:29:33) - --memory-swap="" Total memory (memory + swap), '-1' to disable swap - --memory-swappiness="" Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. - --name="" Assign a name to the container - --net="bridge" Set the Network mode for the container - --oom-kill-disable=false Whether to disable OOM Killer for the container or not - -P, --publish-all=false Publish all exposed ports to random ports - -p, --publish=[] Publish a container's port(s) to the host - --pid="" PID namespace to use - --privileged=false Give extended privileges to this container - --read-only=false Mount the container's root filesystem as read only - --restart="no" Restart policy (no, on-failure[:max-retry], always) - --rm=false Automatically remove the container when it exits - --security-opt=[] Security Options - --sig-proxy=true Proxy received signals to the process - -t, --tty=false Allocate a pseudo-TTY - -u, --user="" Username or UID (format: [:]) - --ulimit=[] Ulimit options - --untrusted=true Skip image verification - --uts="" UTS namespace to use - -v, --volume=[] Bind mount a volume - --volumes-from=[] Mount volumes from the specified container(s) - -w, --workdir="" Working directory inside the container + -a, --attach=[] Attach to STDIN, STDOUT or STDERR + --add-host=[] Add a custom host-to-IP mapping (host:ip) + --blkio-weight=0 Block IO weight (relative weight) + -c, --cpu-shares=0 CPU shares (relative weight) + --cap-add=[] Add Linux capabilities + --cap-drop=[] Drop Linux capabilities + --cgroup-parent="" Optional parent cgroup for the container + --cidfile="" Write the container ID to the file + --cpu-period=0 Limit CPU CFS (Completely Fair Scheduler) period + --cpu-quota=0 Limit CPU CFS (Completely Fair Scheduler) quota + --cpuset-cpus="" CPUs in which to allow execution (0-3, 0,1) + --cpuset-mems="" Memory nodes (MEMs) in which to allow execution (0-3, 0,1) + -d, --detach=false Run container in background and print container ID + --device=[] Add a host device to the container + --dns=[] Set custom DNS servers + --dns-search=[] Set custom DNS search domains + -e, --env=[] Set environment variables + --entrypoint="" Overwrite the default ENTRYPOINT of the image + --env-file=[] Read in a file of environment variables + --expose=[] Expose a port or a range of ports + --group-add=[] Add additional groups to run as + -h, --hostname="" Container host name + --help=false Print usage + -i, --interactive=false Keep STDIN open even if not attached + --ipc="" IPC namespace to use + -l, --label=[] Set metadata on the container (e.g., --label=com.example.key=value) + --label-file=[] Read in a file of labels (EOL delimited) + --link=[] Add link to another container + --log-driver="" Logging driver for container + --log-opt=[] Log driver specific options + --lxc-conf=[] Add custom lxc options + -m, --memory="" Memory limit + --mac-address="" Container MAC address (e.g. 92:d0:c6:0a:29:33) + --memory-swap="" Total memory (memory + swap), '-1' to disable swap + --memory-swappiness="" Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. + --name="" Assign a name to the container + --net="bridge" Set the Network mode for the container + --oom-kill-disable=false Whether to disable OOM Killer for the container or not + -P, --publish-all=false Publish all exposed ports to random ports + -p, --publish=[] Publish a container's port(s) to the host + --pid="" PID namespace to use + --privileged=false Give extended privileges to this container + --read-only=false Mount the container's root filesystem as read only + --restart="no" Restart policy (no, on-failure[:max-retry], always) + --rm=false Automatically remove the container when it exits + --security-opt=[] Security Options + --sig-proxy=true Proxy received signals to the process + -t, --tty=false Allocate a pseudo-TTY + -u, --user="" Username or UID (format: [:]) + --ulimit=[] Ulimit options + --disable-content-trust=true Skip image verification + --uts="" UTS namespace to use + -v, --volume=[] Bind mount a volume + --volumes-from=[] Mount volumes from the specified container(s) + -w, --workdir="" Working directory inside the container The `docker run` command first `creates` a writeable container layer over the specified image, and then `starts` it using the specified command. That is,