Commit Graph

152 Commits

Author SHA1 Message Date
Phil Estes 36960be45f Add daemon documentation on user namespaces feature
Remove the experimental docs for user namespaces and add similar content
to the `docker daemon` command documentation.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2017-06-02 00:07:23 +00:00
Lei Jitang b5843f62f8 Add docker network connect/disconnect to non-running container
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2017-06-02 00:07:23 +00:00
Shishir Mahajan fcd2860045 man page fix: remove -e/--exec-drive=native related description
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
2017-06-02 00:07:22 +00:00
Alexander Morozov 6a6c99d7fe Choose default-cgroup parent by cgroup driver
It's "/docker" for cgroupfs and "system.slice" for systemd.

Fix #19140

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
Alexander Morozov 61295a1ec8 Add ability to set cgroup parent for all containers
Fix #18022

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
Vincent Demeester 18eb9f2e64 Implement configurable detach key
Implement configurable detach keys (for `attach`, exec`, `run` and
`start`) using the client-side configuration

- Adds a `--detach-keys` flag to `attach`, `exec`, `run` and `start`
  commands.
- Adds a new configuration field (in `~/.docker/config.json`) to
  configure the default escape keys for docker client.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:22 +00:00
Mary Anthony 351710a2bb Creating a man page for the configuration file
Signed-off-by: Mary Anthony <mary@docker.com>

Adding comments. Fixing bit in daemon

Signed-off-by: Mary Anthony <mary@docker.com>

Arrrgggh

Signed-off-by: Mary Anthony <mary@docker.com>
2017-06-02 00:07:22 +00:00
Wen Cheng Ma 636ffcc028 Improvement for docker subcommand's help messages
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:22 +00:00
Wen Cheng Ma 6bfda2dbbc Update integration tests when container and image have same name
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:21 +00:00
Qiang Huang b87dd1342f Fix docs for memory-swap
Fixes: #18894

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-06-02 00:07:21 +00:00
Qiang Huang 3f44418168 Implemet docker update command
It's used for updating properties of one or more containers, we only
support resource configs for now. It can be extended in the future.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-06-02 00:07:21 +00:00
Doug Davis 421578fbd4 remove =false from options that default to false in the docs
This re-aligns the docs with what the cmd line now does.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2017-06-02 00:07:21 +00:00
Zhang Wei ed4cf608e2 Add filter for `network ls` to hide predefined net
Add filter support for `network ls` to hide predefined network,
then user can use "docker network rm `docker network ls -f type=custom`"
to delete a bundle of userdefined networks.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:21 +00:00
Ma Shimiao 499d634f32 Add support for blkio read/write iops device
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2017-06-02 00:07:21 +00:00
Vincent Demeester 1e3c5bbe15 Add --format support to images command
- rename `api/client/ps` to `api/client/formatter`
- add a a image formatter

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:21 +00:00
Boaz Shuster fbb25d42f0 Change the quiet flag behavior in the build command
Right now, the quiet (-q, --quiet) flag ignores the output
generated from within the container.

However, it ought to be quiet in a way that all kind
of diagnostic output should be ignored, unless the build
process fails.

This patch makes the quiet flag behave in the following way:
 1. If the build process succeeds, stdout contains the image ID
    and stderr is empty.
 2. If the build process fails, stdout is empty and stderr
    has the error message and the diagnostic output of that process.

If the quiet flag is not set, then everything goes to stdout
and error messages, if there are any, go to stderr.

Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
2017-06-02 00:07:21 +00:00
Antonio Murdaca 8008a57ffb docs: userguide: labels-custom-metadsata.md: update syntax for emtpy value labels
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:21 +00:00
Vivek Goyal b2cbaa03af Add capability to specify mount propagation per volume
Allow passing mount propagation option shared, slave, or private as volume
property.

For example.
docker run -ti -v /root/mnt-source:/root/mnt-dest:slave fedora bash

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2017-06-02 00:07:20 +00:00
Justas Brazauskas b91f98d9f1 Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2017-06-02 00:07:20 +00:00
Liron Levin 53c1cb81c0 Change authz plugin argument name
Signed-off-by: Liron Levin <liron@twistlock.com>
2017-06-02 00:07:20 +00:00
Dima Stopel a8a3c47ee5 Fixing documentation comments by @thaJeztah
Signed-off-by: Dima Stopel <dima@twistlock.com>
2017-06-02 00:07:20 +00:00
Chris Weyl 66eef79e58 newtork -> network (minor spelling correction)
...yeah, that was bugging me. :)

Signed-off-by: Chris Weyl <cweyl@alumni.drew.edu>
2017-06-02 00:07:19 +00:00
Ma Shimiao 9480c4763d Add support for blkio read/write bps device
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2017-06-02 00:07:19 +00:00
Vincent Demeester c6162061d9 Add format flag to network inspect
…for consistency as docker inspect and docker volume inspect supports it too

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:19 +00:00
Sebastiaan van Stijn c5f725e1c7 Address review comments.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-02 00:07:19 +00:00
Ben Firshman 22ce4b4448 Add docs and man page entry for --volume-driver
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
2017-06-02 00:07:19 +00:00
Wen Cheng Ma deae0706ea Add NETWORK_NAME_or_ID value for --net= option
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:19 +00:00
Antonio Murdaca e9287cd43a Add OomScoreAdj to configure container oom killer preferences
libcontainer v0.0.4 introduces setting `/proc/self/oom_score_adj` to
better tune oom killing preferences for container process. This patch
simply integrates OomScoreAdj libcontainer's config option and adjust
the cli with this new option.

Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:19 +00:00
Dan Walsh 65120e8851 This patch adds --tmpfs as a option for mounting tmpfs on directories
It will Tar up contents of child directory onto tmpfs if mounted over

This patch will use the new PreMount and PostMount hooks to "tar"
up the contents of the base image on top of tmpfs mount points.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2017-06-02 00:07:18 +00:00
Pavel Pospisil 70efcb00b4 Improvement of docker top Man Page
Some users expect that the `docker top $CONT` command displays information from the inside container perspective.
They expect that the `docker top $CONT` command displays same information as the `docker exec $CONT ps -ef` command. But it does not.

That's why the `docker top` man page shall explicitly state that the `docker top $CONT` displays information from the host's point of view.

Signed-off-by: Pavel Pospisil <pospispa@gmail.com>
2017-06-02 00:07:18 +00:00
Doug Davis ecfc3613b2 Deprecate -f flag from docker tag
Closes #9798

@maintainers please note that this is a change to the UX. We no longer
require the -f flag on `docker tag` to move a tag from an existing image.
However, this does make us more consistent across our commands,
see https://github.com/docker/docker/issues/9798 for the history.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2017-06-02 00:07:18 +00:00
Zhang Wei 67eea4d814 Add docs for option `--isolation`
Add docs for `run`/`create`/`build` command option `isolation`

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:18 +00:00
Zhang Wei 87ba148cab Add API change to docs
Add API change description to docs due to `docker network inspect`
returns different data structure.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:18 +00:00
Zhang Wei 007df1d494 Enhance `docker network rm` to delete multi net
This commit enhance `docker network rm` command to allow user to delete
multi networks at the same time.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:18 +00:00
Zhang Wei 92d0c4bc45 Add '-L' option for `cp`
Fixes #16555

Original docker `cp` always copy symbol link itself instead of target,
now we provide '-L' option to allow docker to follow symbol link to real
target.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:18 +00:00
Mike Brown 0eb79491dd modifying docker --since and --until to support nanoseconds and time zones
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
2017-06-02 00:07:18 +00:00
Wen Cheng Ma 562c2df97d Re-implement --before and --since as options for --filter
* This commit will mark --before and --since as deprecated, but leave their behavior
  unchanged until they are removed, then re-implement them as options for --filter.

* And update the related docs.

* Update the integration tests.

Fixes issue #17716

Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:18 +00:00
NIWA Hideyuki fa2f024bc6 Addition of "--shm-size" to which size of /dev/shm is changed.
- Optional "--shm-size=" was added to the sub-command(run, create,and build).
- The size of /dev/shm in the container can be changed
  when container is made.
- Being able to specify is a numerical value that applies number,
  b, k, m, and g.
- The default value is 64MB, when this option is not set.
- It deals with both native and lxc drivers.

Signed-off-by: NIWA Hideyuki <niwa.hiedyuki@jp.fujitsu.com>
2017-06-02 00:07:18 +00:00
Vincent Demeester 8ab8a0f3c5 Add pkg/parsers/architecture and pkg/platform
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:17 +00:00
Olle Jonsson 1de6fda301 /info: Add keys Architecture, OSType
- introduces Swarm-relevant keys, see #13634
  - docs updated

Signed-off-by: Olle Jonsson <olle.jonsson@gmail.com>
2017-06-02 00:07:17 +00:00
Dan Walsh 212fe5f2d0 Relabel BTRFS Content on container Creation
This change will allow us to run SELinux in a container with
BTRFS back end.  We continue to work on fixing the kernel/BTRFS
but this change will allow SELinux Security separation on BTRFS.

It basically relabels the content on container creation.

Just relabling -init directory in BTRFS use case. Everything looks like it
works. I don't believe tar/achive stores the SELinux labels, so we are good
as far as docker commit.

Tested Speed on startup with BTRFS on top of loopback directory. BTRFS
not on loopback should get even better perfomance on startup time.  The
more inodes inside of the container image will increase the relabel time.

This patch will give people who care more about security the option of
runnin BTRFS with SELinux.  Those who don't want to take the slow down
can disable SELinux either in individual containers or for all containers
by continuing to disable SELinux in the daemon.

Without relabel:

> time docker run --security-opt label:disable fedora echo test
test

real    0m0.918s
user    0m0.009s
sys    0m0.026s

With Relabel

test

real    0m1.942s
user    0m0.007s
sys    0m0.030s

Signed-off-by: Dan Walsh <dwalsh@redhat.com>

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2017-06-02 00:07:17 +00:00
Kunal Kushwaha b1287de07b Supported added for reterving Plugin list for Network and Volume.
Also, plugin information in docker info output.

Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
2017-06-02 00:07:17 +00:00
Ma Shimiao e303d6cc9f Add support for blkio.weight_device
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2017-06-02 00:07:17 +00:00
Sally O'Malley d6bac18914 docker-login man/doc add security info
Signed-off-by: Sally O'Malley <somalley@redhat.com>
2017-06-02 00:07:17 +00:00
Zhang Wei 1a495e2d47 Fix man pages
Add contents and fix format problem for man pages.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:16 +00:00
Antonio Murdaca 4668b6ed6c Allow docker stats without arguments
This patch adds the ability to run `docker stats` w/o arguments and get
statistics for all running containers by default. Also add a new
`--all` flag to list statistics for all containers (like `docker ps`).
New running containers are added to the list as they show up also.
Add integration tests for this new behavior.
Docs updated accordingly. Fix missing stuff in man/commandline
reference for `docker stats`.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:16 +00:00
David Calavera f9b805f16f Remove exec-driver global daemon option.
Each platform has only a driver now.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:15 +00:00
David Calavera c5ed875bd9 Remove LXC support.
The LXC driver was deprecated in Docker 1.8.
Following the deprecation rules, we can remove a deprecated feature
after two major releases. LXC won't be supported anymore starting on Docker 1.10.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:15 +00:00
Zhang Wei e8a0a5c4f4 Fix docs typo and wrong word
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:15 +00:00
Sally O'Malley c48ec056d5 Change 'docker run' exit codes to distinguish docker/contained errors
The purpose of this PR is for users to distinguish Docker errors from
contained command errors.
This PR modifies 'docker run' exit codes to follow the chroot standard
for exit codes.
Exit status:
125 if 'docker run' itself fails
126 if contained command cannot be invoked
127 if contained command cannot be found
the exit status otherwise

Signed-off-by: Sally O'Malley <somalley@redhat.com>
2017-06-02 00:07:15 +00:00