Commit Graph

2275 Commits

Author SHA1 Message Date
Tianon Gravi 8258fc9059 Add "--containerd-namespace" daemon flags in completion and docs
This also adds the missing `containerd` key in the example daemon configuration files.

Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
2020-11-06 12:34:10 -08:00
Tianon Gravi 184e5feb72 Use consistent formatting and sorted keys in all JSON examples for dockerd reference
To create this, I ran every JSON document through `jq -S` (which sorts the keys and consistently pretty-prints the result in a format which matches the majority of documents in this file).

Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
2020-11-06 11:52:06 -08:00
Eric Engestrom e08a441575 docs/builder: fix typo
Signed-off-by: Eric Engestrom <eric@engestrom.ch>
2020-11-03 20:11:23 +01:00
Sebastiaan van Stijn a27e9f4ddd
Merge pull request #2814 from thaJeztah/old_engines
docs: remove some references to obsolete docker versions
2020-10-26 23:33:15 +01:00
Sebastiaan van Stijn 6a02a51c99
docs: remove some references to obsolete docker versions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-26 18:30:01 +01:00
Sebastiaan van Stijn 7150736688
Deprecation: add experimental docker build --stream option
Docker v17.07 introduced an experimental `--stream` flag on `docker build` which
allowed the build-context to be incrementally sent to the daemon, instead of
unconditionally sending the whole build-context.

This functionality has been reimplemented as part of BuildKit, which uses streaming
by default and the `--stream` option will be ignored when using the classic builder,
printing a deprecation warning instead.

Users that want to use this feature are encouraged to enable BuildKit by setting
the `DOCKER_BUILDKIT=1` environment variable or through the daemon or CLI configuration
files.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:58:54 +02:00
Charlotte Mach aa4cb24739 Replace deprecated instruction
MAINTAINER is deprecated, replacing with LABEL as recommended by
https://docs.docker.com/engine/reference/builder/#maintainer-deprecated

Signed-off-by: Charlotte Mach <charlotte.mach@fs.lmu.de>
2020-10-23 19:49:51 +02:00
Tibor Vass 7fedb0e54f
Merge pull request #2775 from thaJeztah/notabs
Replace tab with spaces in usage output
2020-10-22 12:40:42 -07:00
Sebastiaan van Stijn faac84e35d
Deprecate Linux containers on Windows (LCOW) (experimental)
The experimental feature to run Linux containers on Windows (LCOW) was introduced
as a technical preview in Docker 17.09. While many enhancements were made after
its introduction, the feature never reached completeness, and development has
now stopped in favor of running docker natively on Linux in WSL2.

Developers that need to run Linux workloads on a Windows host are encouraged
to use Docker Desktop with WSL2 instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 14:10:22 +02:00
Sebastiaan van Stijn ee41923645
docs: update 20.03 -> 20.10 in docker update docs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:39:42 +02:00
Sebastiaan van Stijn 6c0a3dfbff
docs: update 20.03 -> 20.10 in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:38:48 +02:00
Sebastiaan van Stijn 3fe574b7ef
docs: fix broken links in build reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-07 11:06:46 +02:00
Silvin Lubecki 6916b427a0
Merge pull request #2774 from thaJeztah/drop_experimental
Always enable experimental features
2020-10-02 17:34:01 +02:00
Sebastiaan van Stijn 977d3ae046
Always enable experimental features
The CLI disabled experimental features by default, requiring users
to set a configuration option to enable them.

Disabling experimental features was a request from Enterprise users
that did not want experimental features to be accessible.

We are changing this policy, and now enable experimental features
by default. Experimental features may still change and/or removed,
and will be highlighted in the documentation and "usage" output.

For example, the `docker manifest inspect --help` output now shows:

    EXPERIMENTAL:
      docker manifest inspect is an experimental feature.

      Experimental features provide early access to product functionality. These features
      may change between releases without warning or can be removed entirely from a future
      release. Learn more about experimental features: https://docs.docker.com/go/experimental/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:59:42 +02:00
Sebastiaan van Stijn e6ef3349f6
update docs usage output to match new format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:51:01 +02:00
Sebastiaan van Stijn de8b696ed6
docs/deprecated: remove minor versions
Some deprecations are ammended during a major (YY.MM) release, to
inform users as early as possible about deprecations. Removing the
minor version from this overview clarifies that features are
marked deprecated during which major release's lifecycle.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:15:42 +02:00
Sebastiaan van Stijn 48822564b6
docs: deprecate CLI options for experimental CLI features
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:10:27 +02:00
Sebastiaan van Stijn c2225ad126
docs: add /go/experimental/ vanity URL
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 13:59:55 +02:00
Tibor Vass 8b916c9300
Merge pull request #2757 from thaJeztah/update_security_link
docs: update URL for security landing page
2020-09-29 16:36:47 -07:00
Sebastiaan van Stijn 2484a30534
docs: fix generated YAML due to trailing whitespace
If a file contains trailing whitespace, the YAML generator uses a
compact format, which is hard to read.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:59:36 +02:00
Sebastiaan van Stijn 54bbd782bf
docs: update URL for security landing page
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:16:58 +02:00
Sebastiaan van Stijn bcb2a4c925
docs: fix "docker logs" example missing container name
Thanks to rvsasseen for spotting this, and Maximillian Xavier
for the initial pull request.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-28 13:59:17 +02:00
Tibor Vass db411c35e6
Merge pull request #2743 from thaJeztah/deprecate_legacy_env_format
deprecate Dockerfile legacy 'ENV name value' syntax
2020-09-23 13:39:33 -07:00
Sebastiaan van Stijn eec6710111
deprecate Dockerfile legacy 'ENV name value' syntax
The Dockerfile `ENV` instruction allows values to be set using either `ENV name=value`
or `ENV name value`. The latter (`ENV name value`) form can be ambiguous, for example,
the following defines a single env-variable (`ONE`) with value `"TWO= THREE=world"`,
but may have intended to be setting three env-vars:

    ENV ONE TWO= THREE=world

This format also does not allow setting multiple environment-variables in a single
`ENV` line in the Dockerfile.

Use of the `ENV name value` syntax is discouraged, and may be removed in a future
release. Users are encouraged to update their Dockerfiles to use the `ENV name=value`
syntax, for example:

    ENV ONE="" TWO="" THREE="world"

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 20:50:00 +02:00
Sebastiaan van Stijn a4a3d2f94d
builder: add note about alternative syntax
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 20:33:42 +02:00
Sebastiaan van Stijn 0a0037c6fd
builder: rephrase ENV section, remove examples for ENV key value without '='
The `ENV key value` form can be ambiguous, for example, the following defines
a single env-variable (`ONE`) with value `"TWO= THREE=world"`:

    ENV ONE TWO= THREE=world

While we cannot deprecate/remove that syntax (as it would break existing
Dockerfiles), we should reduce exposure of the format in our examples.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 13:21:20 +02:00
Sebastiaan van Stijn 6065dccc98
Add docs and bash-completion for new Linux capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:43 +02:00
Sebastiaan van Stijn f19e31afe2
docs: add link to linux kernel source code for capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:41 +02:00
Sebastiaan van Stijn 72a357858c
docs: resize capabilities table
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:38 +02:00
Sebastiaan van Stijn 884a5ffbdf
docs: document CAP_AUDIT_READ
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:46:09 +02:00
Sebastiaan van Stijn 4e58c29513
docs: document optional "CAP_" prefix for capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:32:04 +02:00
Sebastiaan van Stijn 5bbdcd1c9d
docs: sort list of capabilities alphabetically
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:26:20 +02:00
Sebastiaan van Stijn b4db7e38bc
docs/build: add note about git subdirectories with BuildKit
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-14 11:36:55 +02:00
Albin Kerouanton a9158bdc50
Add ulimits option to docker service create/update/inspect
This is related to moby/moby 40639.

Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-10 14:41:33 +02:00
Sebastiaan van Stijn 190c64b415
Service cap-add/cap-drop: improve handling of combinations and special "ALL" value
When creating and updating services, we need to avoid unneeded service churn.

The interaction of separate lists to "add" and "drop" capabilities, a special
("ALL") capability, as well as a "relaxed" format for accepted capabilities
(case-insensitive, `CAP_` prefix optional) make this rather involved.

This patch updates how we handle `--cap-add` / `--cap-drop` when  _creating_ as
well as _updating_, with the following rules/assumptions applied:

- both existing (service spec) and new (values passed through flags or in
  the compose-file) are normalized and de-duplicated before use.
- the special "ALL" capability is equivalent to "all capabilities" and taken
  into account when normalizing capabilities. Combining "ALL" capabilities
  and other capabilities is therefore equivalent to just specifying "ALL".
- adding capabilities takes precedence over dropping, which means that if
  a capability is both set to be "dropped" and to be "added", it is removed
  from the list to "drop".
- the final lists should be sorted and normalized to reduce service churn
- no validation of capabilities is handled by the client. Validation is
  delegated to the daemon/server.

When deploying a service using a docker-compose file, the docker-compose file
is *mostly* handled as being "declarative". However, many of the issues outlined
above also apply to compose-files, so similar handling is applied to compose
files as well to prevent service churn.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-08 14:38:35 +02:00
Sebastiaan van Stijn ca35f2973a
Merge pull request #2646 from horpto/patch-1
Add shorthand for --tail option
2020-08-17 17:19:03 +02:00
horpto 0b7147a2a5 fix docs, completion and docker service
Signed-off-by: horpto <__Singleton__@hackerdom.ru>
2020-08-06 17:37:08 +03:00
Sebastiaan van Stijn ac2ebacb9a
Merge pull request #2526 from thaJeztah/deprecate_old_config
document deprecation of legacy `~/.dockercfg` config-file
2020-08-05 09:40:45 +02:00
eyherabh 86cbe28510 Replaces ADD with COPY in the COPY section
Possibly a typo from reusing text from the ADD section.

Signed-off-by: Hugo Gabriel Eyherabide <hugogabriel.eyherabide@gmail.com>
2020-08-04 19:10:23 +03:00
Sebastiaan van Stijn 3c0a167ed5
document deprecation of legacy `~/.dockercfg` config-file
The docker CLI up until v1.7.0 used the `~/.dockercfg` file to store credentials
after authenticating to a registry (`docker login`). Docker v1.7.0 replaced this
file with a new CLI configuration file, located in `~/.docker/config.json`. When
implementing the new configuration file, the old file (and file-format) was kept
as a fall-back, to assist existing users with migrating to the new file.

Given that the old file format encourages insecure storage of credentials
(credentials are stored unencrypted), and that no version of the CLI since
Docker v1.7.0 has created this file, the file is marked deprecated, and support
for this file will be removed in a future release.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-08-03 11:45:35 +02:00
Tonis Tiigi 5dd9bd4c2c docs: remove docs for —-from=index
Naming stages is the preferred method for using
multi-stage builds.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-27 15:56:23 -07:00
Akihiro Suda 074a8dcff6
deprecate `docker run --kernel-memory`
`docker run --kernel-memory` is being deprecated in https://github.com/moby/moby/pull/41254

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-07-24 20:56:15 +09:00
Sebastiaan van Stijn 6776f7cdcd
docs/builder: add note about handling of leading whitespace
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-01 15:35:59 +02:00
Brian Wieder a6cfbd2351 Added env-file flag to docker exec
Signed-off-by: Brian Wieder <brian@4wieders.com>
2020-06-29 18:32:44 -04:00
Sebastiaan van Stijn 36c33202f7
Merge pull request #2600 from AkihiroSuda/fix-doc-cgroupdriver
docs: update for cgroup v2 and rootless
2020-06-25 19:26:07 +02:00
Silvin Lubecki 7365ad15d1
Merge pull request #2571 from thaJeztah/forward_port_ready_filtering
[master forward-port] list state `ready` for filtering in stack_ps.md
2020-06-25 15:23:48 +02:00
Silvin Lubecki 9c8818aeea
Merge pull request #2556 from thaJeztah/fix_plugin_api_link
docs/extend: fix broken link and some markdown touch-ups
2020-06-25 15:22:08 +02:00
Silvin Lubecki 1d3249f823
Merge pull request #2593 from thaJeztah/fix_plugin_examples
docs: fix example output for docker plugin ls
2020-06-25 15:21:20 +02:00
Akihiro Suda beb23c9963
docs: update for cgroup v2 and rootless
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-06-24 19:24:54 +09:00
Sebastiaan van Stijn 395a6d560d
Add support for --limit-pids on service create / update (swarm)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-06-18 21:25:02 +02:00