Commit Graph

2289 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 697c3a5b48
docs: fix typo in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-01-08 16:03:51 +01:00
Tibor Vass c6493c7ecb
Merge pull request #2908 from thaJeztah/deprecate_blkio_weight
deprecate blkio-weight options with cgroups v1
2021-01-07 11:27:42 -08:00
Sebastiaan van Stijn fb2ea098a9
deprecate blkio-weight options with cgroups v1
These options were deprecated and removed in the Linux kernel v5.0 and up in;

- f382fb0bce
- fb5772cbfe
- 23aa16489c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-01-07 11:27:23 +01:00
rochfeu 69b5487e39 Remove duplicate word in push.md
Signed-off-by: Roch Feuillade <roch.feuillade@pandobac.com>
2021-01-06 14:40:19 +01:00
Sebastiaan van Stijn 06c60dea90
Deprecation: add pulling from non-compliant registries to table
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-09 02:36:30 +01:00
Tibor Vass 7287ab3890
Merge pull request #2872 from thaJeztah/deprecate_non_compliant_registries
Add deprecation note for non-compliant registries
2020-12-07 15:36:43 -08:00
Silvin Lubecki 37f45817b6
Merge pull request #2869 from thaJeztah/fix_yaml_formatting
docs: un-wrap line to prevent YAML docs from using "compact" formatting
2020-12-07 14:15:07 +01:00
Sebastiaan van Stijn aa91af81c6
Add deprecation note for non-compliant registries
Docker Engine v20.10 and up includes optimizations to verify if images in the
local image cache need updating before pulling, preventing the Docker Engine
from making unnecessary API requests. These optimizations require the container
image registry to conform to the Open Container Initiative Distribution Specification
(https://github.com/opencontainers/distribution-spec).

While most registries conform to the specification, we encountered some registries
to be non-compliant, resulting in `docker pull` to fail.

As a temporary solution, Docker Engine v20.10 includes a fallback mechanism to
allow `docker pull` to be functional when using a non-compliant registry. A
warning message is printed in this situation:

    WARNING Failed to pull manifest by the resolved digest. This registry does not
            appear to conform to the distribution registry specification; falling back to
            pull by tag. This fallback is DEPRECATED, and will be removed in a future
            release.

The fallback is added to allow users to either migrate their images to a compliant
registry, or for these registries to become compliant.

Note that this fallback only addresses failures on `docker pull`. Other commands,
such as `docker stack deploy`, or pulling images with `containerd` will continue
to fail.

Given that other functionality is still broken with these registries, we consider
this fallback a _temporary_ solution, and will remove the fallback in an upcoming
major release.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 13:34:50 +01:00
Sebastiaan van Stijn 3455643194
docs: un-wrap line to prevent YAML docs from using "compact" formatting
Looks like the YAML conversion doesn't like lines starting with `[`, and
causing it to use the "compact" formatting in the generated YAML.

This patch un-wraps these lines to prevent this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 12:24:44 +01:00
Sebastiaan van Stijn 98625314fa
Merge pull request #2846 from bboehmke/dockerd_ip6tables
added ip6tables to daemon CLI and config file documentation
2020-12-03 20:56:21 +01:00
Andres Leon Rangel dc287b9072
Long format for flag -w --workdir
Added Long format for the wok directory option in docker run.

Signed-off-by: Andres LeonRangel <aleon1220@gmail.com>
2020-11-20 15:03:49 +13:00
Benjamin Böhmke 64776dd72f added ip6tables to daemon CLI and config file doc
Signed-off-by: Benjamin Böhmke <benjamin@boehmke.net>
2020-11-18 22:02:06 +01:00
Sebastiaan van Stijn 325036df3e
Merge pull request #2831 from tianon/containerd
Add "--containerd-namespace" daemon flags in completion and docs
2020-11-10 23:57:02 +01:00
Kyle c94f2d20b1 docs/builder: fix broken link
Signed-off-by: kylemit <Kylemit@gmail.com>
2020-11-07 08:35:07 -05:00
Tianon Gravi 8258fc9059 Add "--containerd-namespace" daemon flags in completion and docs
This also adds the missing `containerd` key in the example daemon configuration files.

Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
2020-11-06 12:34:10 -08:00
Tianon Gravi 184e5feb72 Use consistent formatting and sorted keys in all JSON examples for dockerd reference
To create this, I ran every JSON document through `jq -S` (which sorts the keys and consistently pretty-prints the result in a format which matches the majority of documents in this file).

Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
2020-11-06 11:52:06 -08:00
Eric Engestrom e08a441575 docs/builder: fix typo
Signed-off-by: Eric Engestrom <eric@engestrom.ch>
2020-11-03 20:11:23 +01:00
Sebastiaan van Stijn a27e9f4ddd
Merge pull request #2814 from thaJeztah/old_engines
docs: remove some references to obsolete docker versions
2020-10-26 23:33:15 +01:00
Sebastiaan van Stijn 6a02a51c99
docs: remove some references to obsolete docker versions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-26 18:30:01 +01:00
Sebastiaan van Stijn 7150736688
Deprecation: add experimental docker build --stream option
Docker v17.07 introduced an experimental `--stream` flag on `docker build` which
allowed the build-context to be incrementally sent to the daemon, instead of
unconditionally sending the whole build-context.

This functionality has been reimplemented as part of BuildKit, which uses streaming
by default and the `--stream` option will be ignored when using the classic builder,
printing a deprecation warning instead.

Users that want to use this feature are encouraged to enable BuildKit by setting
the `DOCKER_BUILDKIT=1` environment variable or through the daemon or CLI configuration
files.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:58:54 +02:00
Charlotte Mach aa4cb24739 Replace deprecated instruction
MAINTAINER is deprecated, replacing with LABEL as recommended by
https://docs.docker.com/engine/reference/builder/#maintainer-deprecated

Signed-off-by: Charlotte Mach <charlotte.mach@fs.lmu.de>
2020-10-23 19:49:51 +02:00
Tibor Vass 7fedb0e54f
Merge pull request #2775 from thaJeztah/notabs
Replace tab with spaces in usage output
2020-10-22 12:40:42 -07:00
Sebastiaan van Stijn faac84e35d
Deprecate Linux containers on Windows (LCOW) (experimental)
The experimental feature to run Linux containers on Windows (LCOW) was introduced
as a technical preview in Docker 17.09. While many enhancements were made after
its introduction, the feature never reached completeness, and development has
now stopped in favor of running docker natively on Linux in WSL2.

Developers that need to run Linux workloads on a Windows host are encouraged
to use Docker Desktop with WSL2 instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 14:10:22 +02:00
Sebastiaan van Stijn ee41923645
docs: update 20.03 -> 20.10 in docker update docs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:39:42 +02:00
Sebastiaan van Stijn 6c0a3dfbff
docs: update 20.03 -> 20.10 in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:38:48 +02:00
Sebastiaan van Stijn 3fe574b7ef
docs: fix broken links in build reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-07 11:06:46 +02:00
Silvin Lubecki 6916b427a0
Merge pull request #2774 from thaJeztah/drop_experimental
Always enable experimental features
2020-10-02 17:34:01 +02:00
Sebastiaan van Stijn 977d3ae046
Always enable experimental features
The CLI disabled experimental features by default, requiring users
to set a configuration option to enable them.

Disabling experimental features was a request from Enterprise users
that did not want experimental features to be accessible.

We are changing this policy, and now enable experimental features
by default. Experimental features may still change and/or removed,
and will be highlighted in the documentation and "usage" output.

For example, the `docker manifest inspect --help` output now shows:

    EXPERIMENTAL:
      docker manifest inspect is an experimental feature.

      Experimental features provide early access to product functionality. These features
      may change between releases without warning or can be removed entirely from a future
      release. Learn more about experimental features: https://docs.docker.com/go/experimental/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:59:42 +02:00
Sebastiaan van Stijn e6ef3349f6
update docs usage output to match new format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:51:01 +02:00
Sebastiaan van Stijn de8b696ed6
docs/deprecated: remove minor versions
Some deprecations are ammended during a major (YY.MM) release, to
inform users as early as possible about deprecations. Removing the
minor version from this overview clarifies that features are
marked deprecated during which major release's lifecycle.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:15:42 +02:00
Sebastiaan van Stijn 48822564b6
docs: deprecate CLI options for experimental CLI features
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:10:27 +02:00
Sebastiaan van Stijn c2225ad126
docs: add /go/experimental/ vanity URL
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 13:59:55 +02:00
Tibor Vass 8b916c9300
Merge pull request #2757 from thaJeztah/update_security_link
docs: update URL for security landing page
2020-09-29 16:36:47 -07:00
Sebastiaan van Stijn 2484a30534
docs: fix generated YAML due to trailing whitespace
If a file contains trailing whitespace, the YAML generator uses a
compact format, which is hard to read.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:59:36 +02:00
Sebastiaan van Stijn 54bbd782bf
docs: update URL for security landing page
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:16:58 +02:00
Sebastiaan van Stijn bcb2a4c925
docs: fix "docker logs" example missing container name
Thanks to rvsasseen for spotting this, and Maximillian Xavier
for the initial pull request.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-28 13:59:17 +02:00
Tibor Vass db411c35e6
Merge pull request #2743 from thaJeztah/deprecate_legacy_env_format
deprecate Dockerfile legacy 'ENV name value' syntax
2020-09-23 13:39:33 -07:00
Sebastiaan van Stijn eec6710111
deprecate Dockerfile legacy 'ENV name value' syntax
The Dockerfile `ENV` instruction allows values to be set using either `ENV name=value`
or `ENV name value`. The latter (`ENV name value`) form can be ambiguous, for example,
the following defines a single env-variable (`ONE`) with value `"TWO= THREE=world"`,
but may have intended to be setting three env-vars:

    ENV ONE TWO= THREE=world

This format also does not allow setting multiple environment-variables in a single
`ENV` line in the Dockerfile.

Use of the `ENV name value` syntax is discouraged, and may be removed in a future
release. Users are encouraged to update their Dockerfiles to use the `ENV name=value`
syntax, for example:

    ENV ONE="" TWO="" THREE="world"

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 20:50:00 +02:00
Sebastiaan van Stijn a4a3d2f94d
builder: add note about alternative syntax
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 20:33:42 +02:00
Sebastiaan van Stijn 0a0037c6fd
builder: rephrase ENV section, remove examples for ENV key value without '='
The `ENV key value` form can be ambiguous, for example, the following defines
a single env-variable (`ONE`) with value `"TWO= THREE=world"`:

    ENV ONE TWO= THREE=world

While we cannot deprecate/remove that syntax (as it would break existing
Dockerfiles), we should reduce exposure of the format in our examples.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-23 13:21:20 +02:00
Sebastiaan van Stijn 6065dccc98
Add docs and bash-completion for new Linux capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:43 +02:00
Sebastiaan van Stijn f19e31afe2
docs: add link to linux kernel source code for capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:41 +02:00
Sebastiaan van Stijn 72a357858c
docs: resize capabilities table
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 16:22:38 +02:00
Sebastiaan van Stijn 884a5ffbdf
docs: document CAP_AUDIT_READ
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:46:09 +02:00
Sebastiaan van Stijn 4e58c29513
docs: document optional "CAP_" prefix for capabilities
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:32:04 +02:00
Sebastiaan van Stijn 5bbdcd1c9d
docs: sort list of capabilities alphabetically
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-16 15:26:20 +02:00
Sebastiaan van Stijn b4db7e38bc
docs/build: add note about git subdirectories with BuildKit
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-14 11:36:55 +02:00
Albin Kerouanton a9158bdc50
Add ulimits option to docker service create/update/inspect
This is related to moby/moby 40639.

Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-10 14:41:33 +02:00
Sebastiaan van Stijn 190c64b415
Service cap-add/cap-drop: improve handling of combinations and special "ALL" value
When creating and updating services, we need to avoid unneeded service churn.

The interaction of separate lists to "add" and "drop" capabilities, a special
("ALL") capability, as well as a "relaxed" format for accepted capabilities
(case-insensitive, `CAP_` prefix optional) make this rather involved.

This patch updates how we handle `--cap-add` / `--cap-drop` when  _creating_ as
well as _updating_, with the following rules/assumptions applied:

- both existing (service spec) and new (values passed through flags or in
  the compose-file) are normalized and de-duplicated before use.
- the special "ALL" capability is equivalent to "all capabilities" and taken
  into account when normalizing capabilities. Combining "ALL" capabilities
  and other capabilities is therefore equivalent to just specifying "ALL".
- adding capabilities takes precedence over dropping, which means that if
  a capability is both set to be "dropped" and to be "added", it is removed
  from the list to "drop".
- the final lists should be sorted and normalized to reduce service churn
- no validation of capabilities is handled by the client. Validation is
  delegated to the daemon/server.

When deploying a service using a docker-compose file, the docker-compose file
is *mostly* handled as being "declarative". However, many of the issues outlined
above also apply to compose-files, so similar handling is applied to compose
files as well to prevent service churn.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-08 14:38:35 +02:00
Sebastiaan van Stijn ca35f2973a
Merge pull request #2646 from horpto/patch-1
Add shorthand for --tail option
2020-08-17 17:19:03 +02:00