Commit Graph

32 Commits

Author SHA1 Message Date
Harald Albers 52ccec4cbc fix wrong option name in `dm.min_free_space` examples
Signed-off-by: Harald Albers <github@albersweb.de>
2017-06-02 00:07:34 +00:00
Kenfe-Mickael Laventure 4ffd1a9433 Remove unneeded references to execDriver
This includes:
 - updating the docs
 - removing dangling variables

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2017-06-02 00:07:33 +00:00
Zhu Guihua ffcfd1b39c Move ZFS options to correct place in man page
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
2017-06-02 00:07:32 +00:00
Vivek Goyal 8db4ee005a devmapper: Add a new option dm.min_free_space
Once thin pool gets full, bad things can happen. Especially in case of xfs
it is possible that xfs keeps on retrying IO infinitely (for certain kind
of IO) and container hangs. 

One way to mitigate the problem is that once thin pool is about to get full,
start failing some of the docker operations like pulling new images or
creation of new containers. That way user will get warning ahead of time
and can try to rectify it by creating more free space in thin pool. This
can be done either by deleting existing images/containers or by adding more
free space to thin pool.

This patch adds a new option dm.min_free_space to devicemapper graph
driver. Say one specifies dm.min_free_space=10%. This means atleast
10% of data and metadata blocks should be free in pool before new device
creation is allowed, otherwise operation will fail.

By default min_free_space is 10%. User can change it by specifying
dm.min_free_space=X% on command line. A value of 0% will disable the
check.

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2017-06-02 00:07:32 +00:00
Shijiang Wei 4982947250 docs: fix broken links
Signed-off-by: Shijiang Wei <mountkin@gmail.com>
2017-06-02 00:07:31 +00:00
Antonio Murdaca b20a425cd9 docs: extend: plugins: mention the sdk + systemd socket activation
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:31 +00:00
Mike Danese f18d114874 daemon/logger: Add logging driver for Google Cloud Logging
Signed-off-by: Mike Danese <mikedanese@google.com>
2017-06-02 00:07:30 +00:00
Zhu Guihua 06e3a6ccd0 Fix markdown style error in man page
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
2017-06-02 00:07:29 +00:00
Zhu Guihua fad60a834e fix storage driver options in man page
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
2017-06-02 00:07:29 +00:00
Cedric Davies 56965a4d1d Windows: Add ETW logging driver plug-in
Signed-off-by: Cedric Davies <cedricda@microsoft.com>
2017-06-02 00:07:29 +00:00
Vincent Woo 1a10df30ce Allow disabling of colored Docker logs via daemon flag.
Signed-off-by: Vincent Woo <me@vincentwoo.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:27 +00:00
David Calavera ad43730d0f Allow to set daemon and server configurations in a file.
Read configuration after flags making this the priority:

1- Apply configuration from file.
2- Apply configuration from flags.

Reload configuration when a signal is received, USR2 in Linux:

- Reload router if the debug configuration changes.
- Reload daemon labels.
- Reload cluster discovery.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:24 +00:00
Shishir Mahajan 1e83a27ca1 daemon option (--storage-opt dm.basesize) for increasing the base device size on daemon restart
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
2017-06-02 00:07:23 +00:00
Tibor Vass 7f6a7ed8d1 Rename authz to authorization for greater clarity
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-06-02 00:07:23 +00:00
Phil Estes 36960be45f Add daemon documentation on user namespaces feature
Remove the experimental docs for user namespaces and add similar content
to the `docker daemon` command documentation.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2017-06-02 00:07:23 +00:00
Alexander Morozov 6a6c99d7fe Choose default-cgroup parent by cgroup driver
It's "/docker" for cgroupfs and "system.slice" for systemd.

Fix #19140

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
Alexander Morozov 61295a1ec8 Add ability to set cgroup parent for all containers
Fix #18022

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
Mary Anthony 351710a2bb Creating a man page for the configuration file
Signed-off-by: Mary Anthony <mary@docker.com>

Adding comments. Fixing bit in daemon

Signed-off-by: Mary Anthony <mary@docker.com>

Arrrgggh

Signed-off-by: Mary Anthony <mary@docker.com>
2017-06-02 00:07:22 +00:00
Doug Davis 421578fbd4 remove =false from options that default to false in the docs
This re-aligns the docs with what the cmd line now does.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2017-06-02 00:07:21 +00:00
Liron Levin 53c1cb81c0 Change authz plugin argument name
Signed-off-by: Liron Levin <liron@twistlock.com>
2017-06-02 00:07:20 +00:00
Dima Stopel a8a3c47ee5 Fixing documentation comments by @thaJeztah
Signed-off-by: Dima Stopel <dima@twistlock.com>
2017-06-02 00:07:20 +00:00
Dan Walsh 212fe5f2d0 Relabel BTRFS Content on container Creation
This change will allow us to run SELinux in a container with
BTRFS back end.  We continue to work on fixing the kernel/BTRFS
but this change will allow SELinux Security separation on BTRFS.

It basically relabels the content on container creation.

Just relabling -init directory in BTRFS use case. Everything looks like it
works. I don't believe tar/achive stores the SELinux labels, so we are good
as far as docker commit.

Tested Speed on startup with BTRFS on top of loopback directory. BTRFS
not on loopback should get even better perfomance on startup time.  The
more inodes inside of the container image will increase the relabel time.

This patch will give people who care more about security the option of
runnin BTRFS with SELinux.  Those who don't want to take the slow down
can disable SELinux either in individual containers or for all containers
by continuing to disable SELinux in the daemon.

Without relabel:

> time docker run --security-opt label:disable fedora echo test
test

real    0m0.918s
user    0m0.009s
sys    0m0.026s

With Relabel

test

real    0m1.942s
user    0m0.007s
sys    0m0.030s

Signed-off-by: Dan Walsh <dwalsh@redhat.com>

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2017-06-02 00:07:17 +00:00
Zhang Wei 1a495e2d47 Fix man pages
Add contents and fix format problem for man pages.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:16 +00:00
David Calavera f9b805f16f Remove exec-driver global daemon option.
Each platform has only a driver now.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:15 +00:00
Mary Anthony 02a859b9f3 First pass at consolidating
Removing old networking.md
Updating dockernetworks.md with images
Adding information on network plugins
Adding blurb about links to docker networking
Updating the working documentation
Adding Overlay Getting Started
Downplaying links by removing refs/examples, adding refs/examples for network.
Updating getting started to reflect networks not links
Pulling out old network material
Updating per discussion with Madhu to add Default docs section
Updating with bridge default
Fix bad merge
Updating with new cluster-advertise behavior
Update working and NetworkSettings examples
Correcting example for default bridge discovery behavior
Entering comments
Fixing broken Markdown Syntax
Updating with comments
Updating all the links

Signed-off-by: Mary Anthony <mary@docker.com>
2017-06-02 00:07:15 +00:00
Daniel Hiltgen f10d93f394 Document updates for cluster-store-opt
This updates the docs for the daemon based on the new cluster-store-opt
for TLS support.

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2017-06-02 00:07:12 +00:00
Jessica Frazelle 0afb6cc862 change flag name to better follow the other flags that start with disable;
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2017-06-02 00:07:11 +00:00
Vivek Goyal fba8aeb14b devmapper: Provide option to enabled deferred device deletion
Provide a command line option dm.use_deferred_deletion to enable deferred
device deletion feature. By default feature will be turned off.

Not sure if there is much value in deferred deletion being turned on
without deferred removal being turned on. So for now, this feature can
be enabled only if deferred removal is on.

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2017-06-02 00:07:11 +00:00
Antonio Murdaca cbd33a2b27 Fix man and commandline docs
- missing help option in `docs/reference/commandline/*.md` (some files
  have it, the other I fixed didn't)
- missing `[OPTIONS]` in Usage description
- missing options
- formatting
- start/stop idempotence

Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
2017-06-02 00:07:11 +00:00
Richard Scothern 2f288fe894 Command line, manpage and deprecation documentation.
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2017-06-02 00:07:10 +00:00
Shishir Mahajan 841fc5d155 Add dns-opt option to docker daemon man page
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
2017-06-02 00:07:10 +00:00
Shishir Mahajan 2e8a8547d9 man page for docker daemon command
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
2017-06-02 00:07:10 +00:00