Commit Graph

886 Commits

Author SHA1 Message Date
David Calavera ad43730d0f Allow to set daemon and server configurations in a file.
Read configuration after flags making this the priority:

1- Apply configuration from file.
2- Apply configuration from flags.

Reload configuration when a signal is received, USR2 in Linux:

- Reload router if the debug configuration changes.
- Reload daemon labels.
- Reload cluster discovery.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:24 +00:00
Jessica Frazelle bb94c5077c WIP: Update security docs for seccomp/apparmor
Signed-off-by: Mary Anthony <mary@docker.com>

Updaing and slight re-arrangement of security information

Signed-off-by: Mary Anthony <mary@docker.com>

Updating security files

Signed-off-by: Mary Anthony <mary@docker.com>

Updating links to the security documentation

Signed-off-by: Mary Anthony <mary@docker.com>

removing some extra spaces

Signed-off-by: Mary Anthony <mary@docker.com>

Correcting spelling

Signed-off-by: Mary Anthony <mary@docker.com>
2017-06-02 00:07:24 +00:00
Harald Albers 775e7a02a3 Document that detach keys are a list of key bindings
Signed-off-by: Harald Albers <github@albersweb.de>
2017-06-02 00:07:24 +00:00
Ryan Belgrave 82e9cba6d4 Add IPAM Config Options to match libnetwork
Signed-off-by: Ryan Belgrave <rmb1993@gmail.com>
2017-06-02 00:07:24 +00:00
Madhu Venugopal 46db31de0a Network scoped alias support
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2017-06-02 00:07:24 +00:00
Madhu Venugopal e686b4d8be Forced endpoint cleanup
docker's network disconnect api now supports `Force` option which can be
used to force cleanup an endpoint from any host in the cluster.

Signed-off-by: Madhu Venugopal <madhu@docker.com>
2017-06-02 00:07:23 +00:00
Alessandro Boch d3aa590eec Add missing documentation for static IP options
Signed-off-by: Alessandro Boch <aboch@docker.com>
2017-06-02 00:07:23 +00:00
Shishir Mahajan 1e83a27ca1 daemon option (--storage-opt dm.basesize) for increasing the base device size on daemon restart
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
2017-06-02 00:07:23 +00:00
Tibor Vass 7f6a7ed8d1 Rename authz to authorization for greater clarity
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-06-02 00:07:23 +00:00
Chun Chen 3f5817fdae Add network interal mode
Signed-off-by: Chun Chen <ramichen@tencent.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:23 +00:00
Kim Eik 22aaf42a84 Added additional container information to "docker info".
Instead of just showing the number of containers this patch will
show the number of running, paused and stopped containers as well.

Signed-off-by: Kim Eik <kim@heldig.org>
(cherry picked from commit a9804ab1cb117a132cbf460067d55f5146d50956)
2017-06-02 00:07:23 +00:00
Madhu Venugopal bf03439e68 Docs update for link functionality in user-defined networks
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2017-06-02 00:07:23 +00:00
Aaron Lehmann 442cbbfac1 Prune digest references when deleting by tag
When pulling an image with content trust enabled, two references are
created: a digest reference and a tag reference. Deleting by tag
wouldn't actually remove the image, because the digest reference keeps
it alive.

This change modifies the rmi logic so that digest references don't keep
an image alive. If the last tag referencing a given image is deleted,
any digest references to it will be removed as well, so the image can
actually get deleted. This fixes the usability problem with deletions
when content trust is in use, so something like "docker pull busybox;
docker rmi busybox" will work as expected.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-06-02 00:07:23 +00:00
Phil Estes 36960be45f Add daemon documentation on user namespaces feature
Remove the experimental docs for user namespaces and add similar content
to the `docker daemon` command documentation.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2017-06-02 00:07:23 +00:00
Lei Jitang b5843f62f8 Add docker network connect/disconnect to non-running container
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2017-06-02 00:07:23 +00:00
Aidan Hobson Sayers 5142d3a669 Fix ambassador script based on SvenDowideit/dockerfiles#37
Signed-off-by: Aidan Hobson Sayers <aidanhs@cantab.net>
2017-06-02 00:07:23 +00:00
Victor Vieux 06f084a8ec Before that change, etcd and zookeeper would fail to instantiate
the discovery without the key being already there in the store or
created beforehand and implicitely by a 'swarm join'.

Signed-off-by: Alexandre Beslic <abronan@docker.com>
Signed-off-by: Victor Vieux <vieux@docker.com>

This PR allows to configure the discovery path using the
--discovery-opt flag (with "kv.path=path/to/nodes"). We
can point to "docker/nodes" and use the docker discovery.

If docker instances are advertising to the cluster using
the `--cluster-advertise` flag, the swarm join command
becomes unnecessary.

Signed-off-by: Alexandre Beslic <abronan@docker.com>
Signed-off-by: Victor Vieux <vieux@docker.com>
2017-06-02 00:07:22 +00:00
Alessandro Boch 0a3c040a07 Allow user to choose the IP address for the container
Signed-off-by: Alessandro Boch <aboch@docker.com>
2017-06-02 00:07:22 +00:00
Alexander Morozov 6a6c99d7fe Choose default-cgroup parent by cgroup driver
It's "/docker" for cgroupfs and "system.slice" for systemd.

Fix #19140

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
Brian Goff f06e5cb692 Add docs for volume plugin ls/get
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-06-02 00:07:22 +00:00
Clinton Kitson 2ea504510c Updated docs for consolidated list of REX-Ray providers
This commit includes the correct project link and also
includes a consolidated list of drivers that are supported.

Signed-off-by: Clinton Kitson <clintonskitson@gmail.com>
2017-06-02 00:07:22 +00:00
Sebastiaan van Stijn d8f50e5dd1 docs: add note to volume-plugins
The /var/lib/docker directory is reserved for
docker, and should not be touched by plugins.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-02 00:07:22 +00:00
Alexander Morozov 61295a1ec8 Add ability to set cgroup parent for all containers
Fix #18022

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2017-06-02 00:07:22 +00:00
David Calavera 5e85f62dbc Add filter by event type and documentation.
Signed-off-by: David Calavera <david.calavera@gmail.com>
2017-06-02 00:07:22 +00:00
Sebastiaan van Stijn 31ad32c879 Fix pid=host example in documentation
The existing example didn't illustrate how to
install strace in the container. In addition,
the rhel7 image used is no longer public (and maintained)
so not a good image to use in the example.

This updates the example to use htop (strace is
not working without disabling apparmor for the container)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-02 00:07:22 +00:00
Vincent Demeester 18eb9f2e64 Implement configurable detach key
Implement configurable detach keys (for `attach`, exec`, `run` and
`start`) using the client-side configuration

- Adds a `--detach-keys` flag to `attach`, `exec`, `run` and `start`
  commands.
- Adds a new configuration field (in `~/.docker/config.json`) to
  configure the default escape keys for docker client.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:22 +00:00
Wen Cheng Ma 636ffcc028 Improvement for docker subcommand's help messages
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:22 +00:00
Wen Cheng Ma 6bfda2dbbc Update integration tests when container and image have same name
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:21 +00:00
Qiang Huang b87dd1342f Fix docs for memory-swap
Fixes: #18894

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-06-02 00:07:21 +00:00
Thomas Swift 2d406c4058 Fix typo in daemon storage-driver docs
Signed-off-by: Thomas Swift <tgs242@gmail.com>
2017-06-02 00:07:21 +00:00
Qiang Huang 3f44418168 Implemet docker update command
It's used for updating properties of one or more containers, we only
support resource configs for now. It can be extended in the future.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2017-06-02 00:07:21 +00:00
Doug Davis 421578fbd4 remove =false from options that default to false in the docs
This re-aligns the docs with what the cmd line now does.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2017-06-02 00:07:21 +00:00
Zhang Wei ed4cf608e2 Add filter for `network ls` to hide predefined net
Add filter support for `network ls` to hide predefined network,
then user can use "docker network rm `docker network ls -f type=custom`"
to delete a bundle of userdefined networks.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2017-06-02 00:07:21 +00:00
Ilya Dmitrichenko c8ba44360f Update link for Weave Net plugin docs
Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
2017-06-02 00:07:21 +00:00
Ma Shimiao 499d634f32 Add support for blkio read/write iops device
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2017-06-02 00:07:21 +00:00
Vincent Demeester 1e3c5bbe15 Add --format support to images command
- rename `api/client/ps` to `api/client/formatter`
- add a a image formatter

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-02 00:07:21 +00:00
Boaz Shuster fbb25d42f0 Change the quiet flag behavior in the build command
Right now, the quiet (-q, --quiet) flag ignores the output
generated from within the container.

However, it ought to be quiet in a way that all kind
of diagnostic output should be ignored, unless the build
process fails.

This patch makes the quiet flag behave in the following way:
 1. If the build process succeeds, stdout contains the image ID
    and stderr is empty.
 2. If the build process fails, stdout is empty and stderr
    has the error message and the diagnostic output of that process.

If the quiet flag is not set, then everything goes to stdout
and error messages, if there are any, go to stderr.

Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
2017-06-02 00:07:21 +00:00
Aidan Feldman 4620840d57 Update restart description
add a note around restart policies only working in detached mode

Signed-off-by: Aidan Feldman <aidan.feldman@gmail.com>

Update restart description with Mary's comments.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-06-02 00:07:21 +00:00
Bryan Boreham 1b77149fd4 Explain 'json' function a bit better
Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
2017-06-02 00:07:20 +00:00
Antonio Murdaca e5b94ba3ef docs: extend: authorization.md: add a note about confidential stuff in Err
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:20 +00:00
Antonio Murdaca d00b518979 authZ: more fixes
- fix naming and formatting
- provide more context when erroring auth
- do not capitalize errors
- fix wrong documentation
- remove ugly remoteError{}

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:20 +00:00
Wen Cheng Ma 752b902123 Fix typo error and update index
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
2017-06-02 00:07:20 +00:00
Antonio Murdaca e79f2fcc21 pkg: authorization: add Err to tweak response status code
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:20 +00:00
Doug Davis 8b3b2571d7 Add a DOCKER_API_VERSION env var
Closes: #11486

Just for @ahmetalpbalkan  :-)

Fixed some comment formatting too while in there.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2017-06-02 00:07:20 +00:00
Ray Tsang 5e6c121c37 Updated REX-Ray plugin platform support.
REX-Ray added Google Compute Engine support: https://github.com/emccode/rexray/issues/113

Signed-off-by: Ray Tsang <rayt@google.com>
2017-06-02 00:07:20 +00:00
Antonio Murdaca 5ea58b57cb docs: extend: plugins_volume.md: Err default to empty string
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-02 00:07:20 +00:00
Vivek Goyal b2cbaa03af Add capability to specify mount propagation per volume
Allow passing mount propagation option shared, slave, or private as volume
property.

For example.
docker run -ti -v /root/mnt-source:/root/mnt-dest:slave fedora bash

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
2017-06-02 00:07:20 +00:00
Justas Brazauskas b91f98d9f1 Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2017-06-02 00:07:20 +00:00
Liron Levin 53c1cb81c0 Change authz plugin argument name
Signed-off-by: Liron Levin <liron@twistlock.com>
2017-06-02 00:07:20 +00:00
Dima Stopel a8a3c47ee5 Fixing documentation comments by @thaJeztah
Signed-off-by: Dima Stopel <dima@twistlock.com>
2017-06-02 00:07:20 +00:00