docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CLI reference files and TOC

This commit is contained in:
gbarr01 2017-12-20 11:27:05 -08:00 committed by Misty Stanley-Jones
parent b4a9fbf9a4
commit 3950e84534
231 changed files with 2323 additions and 1916 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
_data/engine-cli-edge/docker_build.yaml
View File

@ -224,6 +224,12 @@ options:
description: Do not use cache when building the image
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: pull
value_type: bool
default_value: "false"
@ -429,7 +435,7 @@ examples: "### Build with PATH\n\n```bash\n$ docker build .\n\nUploading context
copies of the image, one for the build cache with all the cache\n layers in tact,
and one for the squashed version.\n- While squashing layers may produce smaller
images, it may have a negative\n impact on performance, as a single layer takes
longer to extract, and\n downloading a single layer cannot be paralellized.\n-
longer to extract, and\n downloading a single layer cannot be parallelized.\n-
When attempting to squash an image that does not make changes to the\n filesystem
(for example, the Dockerfile only contains `ENV` instructions),\n the squash step
will fail (see [issue #33823](https://github.com/moby/moby/issues/33823)\n\n####

6
_data/engine-cli-edge/docker_container_create.yaml
View File

@ -417,6 +417,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"

7
_data/engine-cli-edge/docker_container_exec.yaml
View File

@ -50,6 +50,13 @@ options:
description: 'Username or UID (format: <name|uid>[:<group|gid>])'
deprecated: false
experimental: false
- option: workdir
shorthand: w
value_type: string
description: Working directory inside the container
deprecated: false
min_api_version: "1.35"
experimental: false
deprecated: false
experimental: false

7
_data/engine-cli-edge/docker_container_logs.yaml
View File

@ -37,6 +37,13 @@ options:
description: Show timestamps
deprecated: false
experimental: false
- option: until
value_type: string
description: |
Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes)
deprecated: false
min_api_version: "1.35"
experimental: false
deprecated: false
experimental: false

6
_data/engine-cli-edge/docker_container_run.yaml
View File

@ -429,6 +429,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"

8
_data/engine-cli-edge/docker_create.yaml
View File

@ -428,6 +428,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"
@ -628,7 +634,7 @@ examples: |-
user cannot pass a size less than the Default BaseFS Size.
For the `overlay2` storage driver, the size option is only available if the
backing fs is `xfs` and mounted with the `pquota` mount option.
Under these conditions, user can pass any size less then the backing fs size.
Under these conditions, user can pass any size less than the backing fs size.
### Specify isolation technology for container (--isolation)

28
_data/engine-cli-edge/docker_exec.yaml
View File

@ -7,7 +7,7 @@ long: |-
process (`PID 1`) is running, and it is not restarted if the container is
restarted.
COMMAND will run in the default directory of the container. It the
COMMAND will run in the default directory of the container. If the
underlying image has a custom directory specified with the WORKDIR directive
in its Dockerfile, this will be used instead.
@ -63,6 +63,13 @@ options:
description: 'Username or UID (format: <name|uid>[:<group|gid>])'
deprecated: false
experimental: false
- option: workdir
shorthand: w
value_type: string
description: Working directory inside the container
deprecated: false
min_api_version: "1.35"
experimental: false
examples: "### Run `docker exec` on a running container\n\nFirst, start a container.\n\n```bash\n$
docker run --name ubuntu_bash --rm -i -t ubuntu bash\n```\n\nThis will create a
container named `ubuntu_bash` and start a Bash session.\n\nNext, execute a command
@ -74,14 +81,17 @@ examples: "### Run `docker exec` on a running container\n\nFirst, start a contai
bash session.\n\n```bash\n$ docker exec -it -e VAR=1 ubuntu_bash bash\n```\n\nThis
will create a new Bash session in the container `ubuntu_bash` with environment \nvariable
`$VAR` set to \"1\". Note that this environment variable will only be valid \non
the current Bash session.\n\n\n### Try to run `docker exec` on a paused container\n\nIf
the container is paused, then the `docker exec` command will fail with an error:\n\n```bash\n$
docker pause test\n\ntest\n\n$ docker ps\n\nCONTAINER ID IMAGE COMMAND
\ CREATED STATUS PORTS NAMES\n1ae3b36715d2
\ ubuntu:latest \"bash\" 17 seconds ago Up 16 seconds
(Paused) test\n\n$ docker exec test ls\n\nFATA[0000] Error
response from daemon: Container test is paused, unpause the container before exec\n\n$
echo $?\n1\n```"
the current Bash session.\n\nBy default `docker exec` command runs in the same working
directory set when container was created.\n\n```bash\n$ docker exec -it ubuntu_bash
pwd\n/\n```\n\nYou can select working directory for the command to execute into\n\n```bash\n$
docker exec -it -w /root ubuntu_bash pwd\n/root\n```\n\n\n### Try to run `docker
exec` on a paused container\n\nIf the container is paused, then the `docker exec`
command will fail with an error:\n\n```bash\n$ docker pause test\n\ntest\n\n$ docker
ps\n\nCONTAINER ID IMAGE COMMAND CREATED STATUS
\ PORTS NAMES\n1ae3b36715d2 ubuntu:latest
\ \"bash\" 17 seconds ago Up 16 seconds (Paused) test\n\n$
docker exec test ls\n\nFATA[0000] Error response from daemon: Container test is
paused, unpause the container before exec\n\n$ echo $?\n1\n```"
deprecated: false
experimental: false

6
_data/engine-cli-edge/docker_image_build.yaml
View File

@ -122,6 +122,12 @@ options:
description: Do not use cache when building the image
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: pull
value_type: bool
default_value: "false"

6
_data/engine-cli-edge/docker_image_pull.yaml
View File

@ -18,6 +18,12 @@ options:
description: Skip image verification
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
deprecated: false
experimental: false

21
_data/engine-cli-edge/docker_logs.yaml
View File

@ -72,6 +72,27 @@ options:
description: Show timestamps
deprecated: false
experimental: false
- option: until
value_type: string
description: |
Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes)
deprecated: false
min_api_version: "1.35"
experimental: false
examples: |-
### Retrieve logs until a specific point in time
In order to retrieve logs before a specific point in time, run:
```bash
$ docker run --name test -d busybox sh -c "while true; do $(echo date); sleep 1; done"
$ date
Tue 14 Nov 2017 16:40:00 CET
$ docker logs -f --until=2s
Tue 14 Nov 2017 16:40:00 CET
Tue 14 Nov 2017 16:40:01 CET
Tue 14 Nov 2017 16:40:02 CET
```
deprecated: false
experimental: false

2
_data/engine-cli-edge/docker_network_create.yaml
View File

@ -263,7 +263,7 @@ examples: |-
You can create the network which will be used to provide the routing-mesh in the
swarm cluster. You do so by specifying `--ingress` when creating the network. Only
one ingress network can be created at the time. The network can be removed only
if no services depend on it. Any option available when creating a overlay network
if no services depend on it. Any option available when creating an overlay network
is also available when creating the ingress network, besides the `--attachable` option.
```bash

6
_data/engine-cli-edge/docker_pull.yaml
View File

@ -42,6 +42,12 @@ options:
description: Skip image verification
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
examples: |-
### Pull an image from Docker Hub

18
_data/engine-cli-edge/docker_run.yaml
View File

@ -440,6 +440,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"
@ -657,7 +663,7 @@ examples: |-
user cannot pass a size less than the Default BaseFS Size.
For the `overlay2` storage driver, the size option is only available if the
backing fs is `xfs` and mounted with the `pquota` mount option.
Under these conditions, user can pass any size less then the backing fs size.
Under these conditions, user can pass any size less than the backing fs size.
### Mount tmpfs (--tmpfs)
@ -1005,11 +1011,11 @@ examples: |-
policy controls whether the Docker daemon restarts a container after exit.
Docker supports the following restart policies:
| Policy | Result |
|:----------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `no` | Do not automatically restart the container when it exits. This is the default. |
| `failure` | Restart only if the container exits with a non-zero exit status. Optionally, limit the number of restart retries the Docker daemon attempts. |
| `always` | Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container. |
| Policy | Result |
|:---------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `no` | Do not automatically restart the container when it exits. This is the default. |
| `on-failure[:max-retries]` | Restart only if the container exits with a non-zero exit status. Optionally, limit the number of restart retries the Docker daemon attempts. |
| `always` | Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container. |
```bash
$ docker run --restart=always redis

1166
_data/engine-cli-edge/docker_service_create.yaml
View File

File diff suppressed because it is too large Load Diff

36
_data/engine-cli-edge/docker_service_update.yaml
View File

@ -129,6 +129,16 @@ options:
deprecated: false
min_api_version: "1.25"
experimental: false
- option: generic-resource-add
value_type: list
description: Add a Generic resource
deprecated: false
experimental: false
- option: generic-resource-rm
value_type: list
description: Remove a Generic resource
deprecated: false
experimental: false
- option: group-add
value_type: list
description: Add an additional supplementary user group to the container
@ -178,7 +188,7 @@ options:
value_type: list
description: Add a custom host-to-IP mapping (host:ip)
deprecated: false
min_api_version: "1.25"
min_api_version: "1.32"
experimental: false
- option: host-rm
value_type: list
@ -197,6 +207,12 @@ options:
description: Service image tag
deprecated: false
experimental: false
- option: isolation
value_type: string
description: Service container isolation mode
deprecated: false
min_api_version: "1.35"
experimental: false
- option: label-add
value_type: list
description: Add or update a service label
@ -535,18 +551,18 @@ examples: |-
myservice
```
### Add or remove port mappings
### Add or remove published service ports
Use the `--port-add` or `--port-rm` flags to add or remove port mappings to or
from a service. You can use the short or long syntax discussed in the
[docker service update](service_create/#attach-a-service-to-an-existing-network-network)
Use the `--publish-add` or `--publish-rm` flags to add or remove a published
port for a service. You can use the short or long syntax discussed in the
[docker service create](service_create/#attach-a-service-to-an-existing-network-network)
reference.
The following example adds a port mapping to an existing service.
The following example adds a published service port to an existing service.
```bash
$ docker service update \
--port-add port=80,target=8080 \
--publish-add published=8080,target=80 \
myservice
```
@ -633,6 +649,12 @@ examples: |-
Some flags of `service update` support the use of templating.
See [`service create`](./service_create.md#templating) for the reference.
### Specify isolation mode (Windows)
`service update` supports the same `--isolation` flag as `service create`
See [`service create`](./service_create.md) for the reference.
deprecated: false
min_api_version: "1.24"
experimental: false

2
_data/engine-cli-edge/docker_trust.yaml
View File

@ -5,12 +5,14 @@ usage: docker trust
pname: docker
plink: docker.yaml
cname:
- docker trust inspect
- docker trust key
- docker trust revoke
- docker trust sign
- docker trust signer
- docker trust view
clink:
- docker_trust_inspect.yaml
- docker_trust_key.yaml
- docker_trust_revoke.yaml
- docker_trust_sign.yaml

116
_data/engine-cli-edge/docker_trust_inspect.yaml Normal file
View File

@ -0,0 +1,116 @@
command: docker trust inspect
short: Return low-level information about keys and signatures
long: |-
`docker trust inspect` provides low-level JSON information on signed repositories.
This includes all image tags that are signed, who signed them, and who can sign
new tags.
`docker trust inspect` prints the trust information in a machine-readable format. Refer to
[`docker trust view`](trust_view.md) for a human-friendly output.
`docker trust inspect` is currently experimental.
usage: docker trust inspect IMAGE[:TAG] [IMAGE[:TAG]...]
pname: docker trust
plink: docker_trust.yaml
examples: "### Get low-level details about signatures for a single image tag\n\nUse
the `docker trust inspect` to get trust information about an image. The\nfollowing
example prints trust information for the `alpine:latest` image:\n\n```bash\n$ docker
trust inspect alpine:latest\n[\n {\n \"Name\": \"alpine:latest\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n }\n ],\n \"Signers\":
[],\n \"AdminstrativeKeys\": [\n {\n \"Name\": \"Repository\",\n
\ \"Keys\": [\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\":
[\n {\n \"ID\": \"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\nThe `SignedTags` key will
list the `SignedTag` name, its `Digest`, and the `Signers` responsible for the signature.\n\n`AdministrativeKeys`
will list the `Repository` and `Root` keys.\n\nThis format mirrors the output of
`docker trust view` \n\nIf signers are set up for the repository via other `docker
trust` commands, `docker trust inspect` includes a `Signers` key:\n\n```bash\n$
docker trust inspect my-image:purple\n[\n {\n \"Name\": \"my-image:purple\",\n
\ \"SignedTags\": [\n {\n \"SignedTag\": \"purple\",\n \"Digest\":
\"941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557\",\n \"Signers\":
[\n \"alice\",\n \"bob\",\n \"carol\"\n ]\n }\n
\ ],\n \"Signers\": [\n {\n \"Name\": \"alice\",\n \"Keys\":
[\n {\n \"ID\": \"04dd031411ed671ae1e12f47ddc8646d98f135090b01e54c3561e843084484a3\"\n
\ },\n {\n \"ID\": \"6a11e4898a4014d400332ab0e096308c844584ff70943cdd1d6628d577f45fd8\"\n
\ }\n ]\n },\n {\n \"Name\": \"bob\",\n \"Keys\":
[\n {\n \"ID\": \"433e245c656ae9733cdcc504bfa560f90950104442c4528c9616daa45824ccba\"\n
\ }\n ]\n },\n {\n \"Name\": \"carol\",\n \"Keys\":
[\n {\n \"ID\": \"d32fa8b5ca08273a2880f455fcb318da3dc80aeae1a30610815140deef8f30d9\"\n
\ },\n {\n \"ID\": \"9a8bbec6ba2af88a5fad6047d428d17e6d05dbdd03d15b4fc8a9a0e8049cd606\"\n
\ }\n ]\n }\n ],\n \"AdminstrativeKeys\": [\n {\n
\ \"Name\": \"Repository\",\n \"Keys\": [\n {\n \"ID\":
\"27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44\"\n }\n
\ ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\": [\n
\ {\n \"ID\": \"40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\nIf the image tag is unsigned
or unavailable, `docker trust inspect` does not display any signed tags.\n\n```bash\n$
docker trust inspect unsigned-img\nNo signatures or cannot access unsigned-img\n```\n\nHowever,
if other tags are signed in the same image repository, `docker trust inspect` reports
relevant key information:\n\n```bash\n$ docker trust inspect alpine:unsigned\n[\n
\ {\n \"Name\": \"alpine:unsigned\",\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\": [\n {\n
\ \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\":
[\n {\n \"ID\": \"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\n### Get details about signatures
for all image tags in a repository\n\nIf no tag is specified, `docker trust inspect`
will report details for all signed tags in the repository:\n\n```bash\n$ docker
trust inspect alpine\n[\n {\n \"Name\": \"alpine\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"3.5\",\n \"Digest\":
\"b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"3.6\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"edge\",\n \"Digest\":
\"23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ }\n ],\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\":
[\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n }\n
\ ]\n }\n ]\n }\n]\n```\n\n\n### Get details
about signatures for multiple images\n\n`docker trust inspect` can take multiple
repositories and images as arguments, and reports the results in an ordered list:\n\n```bash\n$
docker trust inspect alpine notary\n[\n {\n \"Name\": \"alpine\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"3.5\",\n \"Digest\":
\"b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"3.6\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"edge\",\n \"Digest\":
\"23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"integ-test-base\",\n \"Digest\":
\"3952dc48dcc4136ccdde37fbef7e250346538a55a0366e3fccc683336377e372\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ }\n ],\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\":
[\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n }\n
\ ]\n }\n ]\n },\n {\n \"Name\": \"notary\",\n
\ \"SignedTags\": [\n {\n \"SignedTag\": \"server\",\n
\ \"Digest\": \"71f64ab718a3331dee103bc5afc6bc492914738ce37c2d2f127a8133714ecf5c\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"signer\",\n \"Digest\":
\"a6122d79b1e74f70b5dd933b18a6d1f99329a4728011079f06b245205f158fe8\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n }\n ],\n
\ \"Signers\": [],\n \"AdminstrativeKeys\": [\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"8cdcdef5bd039f4ab5a029126951b5985eebf57cabdcdc4d21f5b3be8bb4ce92\"\n }\n
\ ]\n },\n {\n \"Name\": \"Repository\",\n
\ \"Keys\": [\n {\n \"ID\":
\"85bfd031017722f950d480a721f845a2944db26a3dc084040a70f1b0d9bbb3df\"\n }\n
\ ]\n }\n ]\n }\n]\n```"
deprecated: false
experimental: false

7
_data/engine-cli-edge/docker_trust_sign.yaml
View File

@ -7,6 +7,13 @@ long: |-
usage: docker trust sign IMAGE:TAG
pname: docker trust
plink: docker_trust.yaml
options:
- option: local
value_type: bool
default_value: "false"
description: Sign a locally tagged image
deprecated: false
experimental: false
examples: "### Sign a tag as a repo admin\n\nGiven an image:\n\n```bash\n$ docker
trust view example/trust-demo\nSIGNED TAG DIGEST SIGNERS\nv1
\ c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41

2
_data/engine-cli/docker.yaml
View File

@ -49,6 +49,7 @@ cname:
- docker system
- docker tag
- docker top
- docker trust
- docker unpause
- docker update
- docker version
@ -104,6 +105,7 @@ clink:
- docker_system.yaml
- docker_tag.yaml
- docker_top.yaml
- docker_trust.yaml
- docker_unpause.yaml
- docker_update.yaml
- docker_version.yaml

61
_data/engine-cli/docker_build.yaml
View File

@ -224,6 +224,12 @@ options:
description: Do not use cache when building the image
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: pull
value_type: bool
default_value: "false"
@ -406,35 +412,52 @@ examples: "### Build with PATH\n\n```bash\n$ docker build .\n\nUploading context
stage by name as a final stage for the resulting\nimage. Commands after the target
stage will be skipped.\n\n```Dockerfile\nFROM debian AS build-env\n...\n\nFROM alpine
AS production-env\n...\n```\n\n```bash\n$ docker build -t mybuildimage --target
build-env .\n```\n\n### Squash an image's layers (--squash) **Experimental Only**\n\n####
build-env .\n```\n\n### Squash an image's layers (--squash) (experimental)\n\n####
Overview\n\nOnce the image is built, squash the new layers into a new image with
a single\nnew layer. Squashing does not destroy any existing image, rather it creates
a new\nimage with the content of the squashed layers. This effectively makes it
look\nlike all `Dockerfile` commands were created with a single layer. The build\ncache
is preserved with this method.\n\n**Note**: using this option means the new image
will not be able to take\nadvantage of layer sharing with other images and may use
significantly more\nspace.\n\n**Note**: using this option you may see significantly
more space used due to\nstoring two copies of the image, one for the build cache
with all the cache\nlayers in tact, and one for the squashed version.\n\n#### Prerequisites\n\nThe
example on this page is using experimental mode in Docker 1.13.\n\nExperimental
is preserved with this method.\n\nThe `--squash` option is an experimental feature,
and should not be considered\nstable.\n\n\nSquashing layers can be beneficial if
your Dockerfile produces multiple layers\nmodifying the same files, for example,
file that are created in one step, and\nremoved in another step. For other use-cases,
squashing images may actually have\na negative impact on performance; when pulling
an image consisting of multiple\nlayers, layers can be pulled in parallel, and allows
sharing layers between\nimages (saving space).\n\nFor most use cases, multi-stage
are a better alternative, as they give more\nfine-grained control over your build,
and can take advantage of future\noptimizations in the builder. Refer to the [use
multi-stage builds](https://docs.docker.com/engine/userguide/eng-image/multistage-build/)\nsection
in the userguide for more information.\n\n\n#### Known limitations\n\nThe `--squash`
option has a number of known limitations:\n\n- When squashing layers, the resulting
image cannot take advantage of layer \n sharing with other images, and may use
significantly more space. Sharing the\n base image is still supported.\n- When
using this option you may see significantly more space used due to\n storing two
copies of the image, one for the build cache with all the cache\n layers in tact,
and one for the squashed version.\n- While squashing layers may produce smaller
images, it may have a negative\n impact on performance, as a single layer takes
longer to extract, and\n downloading a single layer cannot be parallelized.\n-
When attempting to squash an image that does not make changes to the\n filesystem
(for example, the Dockerfile only contains `ENV` instructions),\n the squash step
will fail (see [issue #33823](https://github.com/moby/moby/issues/33823)\n\n####
Prerequisites\n\nThe example on this page is using experimental mode in Docker 1.13.\n\nExperimental
mode can be enabled by using the `--experimental` flag when starting the Docker
daemon or setting `experimental: true` in the `daemon.json` configuration file.\n\nBy
default, experimental mode is disabled. To see the current configuration, use the
`docker version` command.\n\n```none\n\nServer:\n Version: 1.13.1\n API version:
`docker version` command.\n\n```none\nServer:\n Version: 1.13.1\n API version:
\ 1.26 (minimum version 1.12)\n Go version: go1.7.5\n Git commit: 092cba3\n
Built: Wed Feb 8 06:35:24 2017\n OS/Arch: linux/amd64\n Experimental:
false\n\n [...]\n\n```\n\nTo enable experimental mode, users need to restart the
docker daemon with the experimental flag enabled.\n\n#### Enable Docker experimental\n\nExperimental
false\n\n [...]\n```\n\nTo enable experimental mode, users need to restart the docker
daemon with the experimental flag enabled.\n\n#### Enable Docker experimental\n\nExperimental
features are now included in the standard Docker binaries as of version 1.13.0.
For enabling experimental features, you need to start the Docker daemon with `--experimental`
flag. You can also enable the daemon flag via /etc/docker/daemon.json. e.g.\n\n```\n\n{\n
\ \"experimental\": true\n}\n\n```\nThen make sure the experimental flag is enabled:\n\n```bash\n\n$
docker version -f '{{.Server.Experimental}}'\ntrue\n\n```\n\n#### Build an image
with `--squash` argument\n\nThe following is an example of docker build with `--squash`
argument\n\n```Dockerfile\n\nFROM busybox\nRUN echo hello > /hello\nRUN echo world
>> /hello\nRUN touch remove_me /remove_me\nENV HELLO world\nRUN rm /remove_me\n\n```\nAn
image named `test` is built with `--squash` argument.\n\n```bash\n\n$ docker build
--squash -t test .\n\n[...]\n\n```\n\nIf everything is right, the history will look
flag. You can also enable the daemon flag via /etc/docker/daemon.json. e.g.\n\n```json\n{\n
\ \"experimental\": true\n}\n```\n\nThen make sure the experimental flag is enabled:\n\n```bash\n$
docker version -f '{{.Server.Experimental}}'\ntrue\n```\n\n#### Build an image with
`--squash` argument\n\nThe following is an example of docker build with `--squash`
argument\n\n```Dockerfile\nFROM busybox\nRUN echo hello > /hello\nRUN echo world
>> /hello\nRUN touch remove_me /remove_me\nENV HELLO world\nRUN rm /remove_me\n```\n\nAn
image named `test` is built with `--squash` argument.\n\n```bash\n$ docker build
--squash -t test .\n\n[...]\n```\n\nIf everything is right, the history will look
like this:\n\n```bash\n$ docker history test \n\nIMAGE CREATED CREATED
BY SIZE COMMENT\n4e10cb5b4cac
\ 3 seconds ago 12 B
@ -447,7 +470,7 @@ examples: "### Build with PATH\n\n```bash\n$ docker build .\n\nUploading context
/hello 0 B\n<missing> 6 minutes ago /bin/sh -c echo
hello > /hello 0 B\n<missing> 7 weeks ago /bin/sh
-c #(nop) CMD [\"sh\"] 0 B\n<missing> 7 weeks ago /bin/sh
-c #(nop) ADD file:47ca6e777c36a4cfff 1.113 MB\n\n```\nWe could find that all
-c #(nop) ADD file:47ca6e777c36a4cfff 1.113 MB\n```\n\nWe could find that all
layer's name is `<missing>`, and there is a new layer with COMMENT `merge`.\n\nTest
the image, check for `/remove_me` being gone, make sure `hello\\nworld` is in `/hello`,
make sure the `HELLO` envvar's value is `world`."

6
_data/engine-cli/docker_container_create.yaml
View File

@ -417,6 +417,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"

7
_data/engine-cli/docker_container_exec.yaml
View File

@ -50,6 +50,13 @@ options:
description: 'Username or UID (format: <name|uid>[:<group|gid>])'
deprecated: false
experimental: false
- option: workdir
shorthand: w
value_type: string
description: Working directory inside the container
deprecated: false
min_api_version: "1.35"
experimental: false
deprecated: false
experimental: false

7
_data/engine-cli/docker_container_logs.yaml
View File

@ -37,6 +37,13 @@ options:
description: Show timestamps
deprecated: false
experimental: false
- option: until
value_type: string
description: |
Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes)
deprecated: false
min_api_version: "1.35"
experimental: false
deprecated: false
experimental: false

6
_data/engine-cli/docker_container_run.yaml
View File

@ -429,6 +429,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"

6
_data/engine-cli/docker_container_stats.yaml
View File

@ -23,6 +23,12 @@ options:
description: Disable streaming stats and only pull the first result
deprecated: false
experimental: false
- option: no-trunc
value_type: bool
default_value: "false"
description: Do not truncate output
deprecated: false
experimental: false
deprecated: false
experimental: false

8
_data/engine-cli/docker_create.yaml
View File

@ -428,6 +428,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"
@ -628,7 +634,7 @@ examples: |-
user cannot pass a size less than the Default BaseFS Size.
For the `overlay2` storage driver, the size option is only available if the
backing fs is `xfs` and mounted with the `pquota` mount option.
Under these conditions, user can pass any size less then the backing fs size.
Under these conditions, user can pass any size less than the backing fs size.
### Specify isolation technology for container (--isolation)

6
_data/engine-cli/docker_events.yaml
View File

@ -146,16 +146,20 @@ long: |-
The currently supported filters are:
* config (`config=<name or id>`)
* container (`container=<name or id>`)
* daemon (`daemon=<name or id>`)
* event (`event=<event action>`)
* image (`image=<tag or id>`)
* label (`label=<key>` or `label=<key>=<value>`)
* network (`network=<name or id>`)
* node (`node=<id>`)
* plugin (`plugin=<name or id>`)
* scope (`scope=<local or swarm>`)
* secret (`secret=<name or id>`)
* service (`service=<name or id>`)
* type (`type=<container or image or volume or network or daemon or plugin or service or node or secret or config>`)
* volume (`volume=<name or id>`)
* volume (`volume=<name>`)
#### Format

28
_data/engine-cli/docker_exec.yaml
View File

@ -7,7 +7,7 @@ long: |-
process (`PID 1`) is running, and it is not restarted if the container is
restarted.
COMMAND will run in the default directory of the container. It the
COMMAND will run in the default directory of the container. If the
underlying image has a custom directory specified with the WORKDIR directive
in its Dockerfile, this will be used instead.
@ -63,6 +63,13 @@ options:
description: 'Username or UID (format: <name|uid>[:<group|gid>])'
deprecated: false
experimental: false
- option: workdir
shorthand: w
value_type: string
description: Working directory inside the container
deprecated: false
min_api_version: "1.35"
experimental: false
examples: "### Run `docker exec` on a running container\n\nFirst, start a container.\n\n```bash\n$
docker run --name ubuntu_bash --rm -i -t ubuntu bash\n```\n\nThis will create a
container named `ubuntu_bash` and start a Bash session.\n\nNext, execute a command
@ -74,14 +81,17 @@ examples: "### Run `docker exec` on a running container\n\nFirst, start a contai
bash session.\n\n```bash\n$ docker exec -it -e VAR=1 ubuntu_bash bash\n```\n\nThis
will create a new Bash session in the container `ubuntu_bash` with environment \nvariable
`$VAR` set to \"1\". Note that this environment variable will only be valid \non
the current Bash session.\n\n\n### Try to run `docker exec` on a paused container\n\nIf
the container is paused, then the `docker exec` command will fail with an error:\n\n```bash\n$
docker pause test\n\ntest\n\n$ docker ps\n\nCONTAINER ID IMAGE COMMAND
\ CREATED STATUS PORTS NAMES\n1ae3b36715d2
\ ubuntu:latest \"bash\" 17 seconds ago Up 16 seconds
(Paused) test\n\n$ docker exec test ls\n\nFATA[0000] Error
response from daemon: Container test is paused, unpause the container before exec\n\n$
echo $?\n1\n```"
the current Bash session.\n\nBy default `docker exec` command runs in the same working
directory set when container was created.\n\n```bash\n$ docker exec -it ubuntu_bash
pwd\n/\n```\n\nYou can select working directory for the command to execute into\n\n```bash\n$
docker exec -it -w /root ubuntu_bash pwd\n/root\n```\n\n\n### Try to run `docker
exec` on a paused container\n\nIf the container is paused, then the `docker exec`
command will fail with an error:\n\n```bash\n$ docker pause test\n\ntest\n\n$ docker
ps\n\nCONTAINER ID IMAGE COMMAND CREATED STATUS
\ PORTS NAMES\n1ae3b36715d2 ubuntu:latest
\ \"bash\" 17 seconds ago Up 16 seconds (Paused) test\n\n$
docker exec test ls\n\nFATA[0000] Error response from daemon: Container test is
paused, unpause the container before exec\n\n$ echo $?\n1\n```"
deprecated: false
experimental: false

6
_data/engine-cli/docker_image_build.yaml
View File

@ -122,6 +122,12 @@ options:
description: Do not use cache when building the image
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: pull
value_type: bool
default_value: "false"

6
_data/engine-cli/docker_image_pull.yaml
View File

@ -18,6 +18,12 @@ options:
description: Skip image verification
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
deprecated: false
experimental: false

89
_data/engine-cli/docker_login.yaml
View File

@ -14,53 +14,60 @@ long: "Login to a registry.\n\n### Login to a self-hosted registry\n\nIf you wan
impact the security of your system; the `docker` group is `root` equivalent. See
[Docker Daemon Attack Surface](https://docs.docker.com/security/security/#docker-daemon-attack-surface)
for details.\n\nYou can log into any public or private repository for which you
have\ncredentials. When you log in, the command stores encoded credentials in\n`$HOME/.docker/config.json`
on Linux or `%USERPROFILE%/.docker/config.json` on Windows.\n\n### Credentials store\n\nThe
Docker Engine can keep user credentials in an external credentials store,\nsuch
as the native keychain of the operating system. Using an external store\nis more
secure than storing credentials in the Docker configuration file.\n\nTo use a credentials
store, you need an external helper program to interact\nwith a specific keychain
or external store. Docker requires the helper\nprogram to be in the client's host
`$PATH`.\n\nThis is the list of currently available credentials helpers and where\nyou
can download them from:\n\n- D-Bus Secret Service: https://github.com/docker/docker-credential-helpers/releases\n-
have\ncredentials. When you log in, the command stores credentials in\n`$HOME/.docker/config.json`
on Linux or `%USERPROFILE%/.docker/config.json` on\nWindows, via the procedure described
below.\n\n### Credentials store\n\nThe Docker Engine can keep user credentials in
an external credentials store,\nsuch as the native keychain of the operating system.
Using an external store\nis more secure than storing credentials in the Docker configuration
file.\n\nTo use a credentials store, you need an external helper program to interact\nwith
a specific keychain or external store. Docker requires the helper\nprogram to be
in the client's host `$PATH`.\n\nThis is the list of currently available credentials
helpers and where\nyou can download them from:\n\n- D-Bus Secret Service: https://github.com/docker/docker-credential-helpers/releases\n-
Apple macOS keychain: https://github.com/docker/docker-credential-helpers/releases\n-
Microsoft Windows Credential Manager: https://github.com/docker/docker-credential-helpers/releases\n\nYou
Microsoft Windows Credential Manager: https://github.com/docker/docker-credential-helpers/releases\n-
[pass](https://www.passwordstore.org/): https://github.com/docker/docker-credential-helpers/releases\n\nYou
need to specify the credentials store in `$HOME/.docker/config.json`\nto tell the
docker engine to use it. The value of the config property should be\nthe suffix
of the program to use (i.e. everything after `docker-credential-`).\nFor example,
to use `docker-credential-osxkeychain`:\n\n```json\n{\n\t\"credsStore\": \"osxkeychain\"\n}\n```\n\nIf
you are currently logged in, run `docker logout` to remove\nthe credentials from
the file and run `docker login` again.\n\n### Credential helper protocol\n\nCredential
helpers can be any program or script that follows a very simple protocol.\nThis
protocol is heavily inspired by Git, but it differs in the information shared.\n\nThe
helpers always use the first argument in the command to identify the action.\nThere
are only three possible values for that argument: `store`, `get`, and `erase`.\n\nThe
`store` command takes a JSON payload from the standard input. That payload carries\nthe
server address, to identify the credential, the user name, and either a password\nor
an identity token.\n\n```json\n{\n\t\"ServerURL\": \"https://index.docker.io/v1\",\n\t\"Username\":
\"david\",\n\t\"Secret\": \"passw0rd1\"\n}\n```\n\nIf the secret being stored is
an identity token, the Username should be set to\n`<token>`.\n\nThe `store` command
can write error messages to `STDOUT` that the docker engine\nwill show if there
was an issue.\n\nThe `get` command takes a string payload from the standard input.
That payload carries\nthe server address that the docker engine needs credentials
for. This is\nan example of that payload: `https://index.docker.io/v1`.\n\nThe `get`
command writes a JSON payload to `STDOUT`. Docker reads the user name\nand password
from this payload:\n\n```json\n{\n\t\"Username\": \"david\",\n\t\"Secret\": \"passw0rd1\"\n}\n```\n\nThe
`erase` command takes a string payload from `STDIN`. That payload carries\nthe server
address that the docker engine wants to remove credentials for. This is\nan example
of that payload: `https://index.docker.io/v1`.\n\nThe `erase` command can write
error messages to `STDOUT` that the docker engine\nwill show if there was an issue.\n\n###
Credential helpers\n\nCredential helpers are similar to the credential store above,
but act as the\ndesignated programs to handle credentials for *specific registries*.
The default\ncredential store (`credsStore` or the config file itself) will not
be used for\noperations concerning credentials of the specified registries.\n\n###
Logging out\n\nIf you are currently logged in, run `docker logout` to remove\nthe
credentials from the default store.\n\nCredential helpers are specified in a similar
way to `credsStore`, but\nallow for multiple helpers to be configured at a time.
Keys specify the\nregistry domain, and values specify the suffix of the program
to use\n(i.e. everything after `docker-credential-`).\nFor example:\n\n```json\n{\n
\ \"credHelpers\": {\n \"registry.example.com\": \"registryhelper\",\n \"awesomereg.example.org\":
\"hip-star\",\n \"unicorn.example.io\": \"vcbait\"\n }\n}\n```"
the file and run `docker login` again.\n\n### Default behavior\n\nBy default, Docker
looks for the native binary on each of the platforms, i.e.\n\"osxkeychain\" on macOS,
\"wincred\" on windows, and \"pass\" on Linux. A special\ncase is that on Linux,
Docker will fall back to the \"secretservice\" binary if\nit cannot find the \"pass\"
binary. If none of these binaries are present, it\nstores the credentials (i.e.
password) in base64 encoding in the config files\ndescribed above.\n\n### Credential
helper protocol\n\nCredential helpers can be any program or script that follows
a very simple protocol.\nThis protocol is heavily inspired by Git, but it differs
in the information shared.\n\nThe helpers always use the first argument in the command
to identify the action.\nThere are only three possible values for that argument:
`store`, `get`, and `erase`.\n\nThe `store` command takes a JSON payload from the
standard input. That payload carries\nthe server address, to identify the credential,
the user name, and either a password\nor an identity token.\n\n```json\n{\n\t\"ServerURL\":
\"https://index.docker.io/v1\",\n\t\"Username\": \"david\",\n\t\"Secret\": \"passw0rd1\"\n}\n```\n\nIf
the secret being stored is an identity token, the Username should be set to\n`<token>`.\n\nThe
`store` command can write error messages to `STDOUT` that the docker engine\nwill
show if there was an issue.\n\nThe `get` command takes a string payload from the
standard input. That payload carries\nthe server address that the docker engine
needs credentials for. This is\nan example of that payload: `https://index.docker.io/v1`.\n\nThe
`get` command writes a JSON payload to `STDOUT`. Docker reads the user name\nand
password from this payload:\n\n```json\n{\n\t\"Username\": \"david\",\n\t\"Secret\":
\"passw0rd1\"\n}\n```\n\nThe `erase` command takes a string payload from `STDIN`.
That payload carries\nthe server address that the docker engine wants to remove
credentials for. This is\nan example of that payload: `https://index.docker.io/v1`.\n\nThe
`erase` command can write error messages to `STDOUT` that the docker engine\nwill
show if there was an issue.\n\n### Credential helpers\n\nCredential helpers are
similar to the credential store above, but act as the\ndesignated programs to handle
credentials for *specific registries*. The default\ncredential store (`credsStore`
or the config file itself) will not be used for\noperations concerning credentials
of the specified registries.\n\n### Logging out\n\nIf you are currently logged in,
run `docker logout` to remove\nthe credentials from the default store.\n\nCredential
helpers are specified in a similar way to `credsStore`, but\nallow for multiple
helpers to be configured at a time. Keys specify the\nregistry domain, and values
specify the suffix of the program to use\n(i.e. everything after `docker-credential-`).\nFor
example:\n\n```json\n{\n \"credHelpers\": {\n \"registry.example.com\": \"registryhelper\",\n
\ \"awesomereg.example.org\": \"hip-star\",\n \"unicorn.example.io\": \"vcbait\"\n
\ }\n}\n```"
usage: docker login [OPTIONS] [SERVER]
pname: docker
plink: docker.yaml

21
_data/engine-cli/docker_logs.yaml
View File

@ -72,6 +72,27 @@ options:
description: Show timestamps
deprecated: false
experimental: false
- option: until
value_type: string
description: |
Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes)
deprecated: false
min_api_version: "1.35"
experimental: false
examples: |-
### Retrieve logs until a specific point in time
In order to retrieve logs before a specific point in time, run:
```bash
$ docker run --name test -d busybox sh -c "while true; do $(echo date); sleep 1; done"
$ date
Tue 14 Nov 2017 16:40:00 CET
$ docker logs -f --until=2s
Tue 14 Nov 2017 16:40:00 CET
Tue 14 Nov 2017 16:40:01 CET
Tue 14 Nov 2017 16:40:02 CET
```
deprecated: false
experimental: false

2
_data/engine-cli/docker_network_create.yaml
View File

@ -263,7 +263,7 @@ examples: |-
You can create the network which will be used to provide the routing-mesh in the
swarm cluster. You do so by specifying `--ingress` when creating the network. Only
one ingress network can be created at the time. The network can be removed only
if no services depend on it. Any option available when creating a overlay network
if no services depend on it. Any option available when creating an overlay network
is also available when creating the ingress network, besides the `--attachable` option.
```bash

6
_data/engine-cli/docker_pull.yaml
View File

@ -42,6 +42,12 @@ options:
description: Skip image verification
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
examples: |-
### Pull an image from Docker Hub

2
_data/engine-cli/docker_rmi.yaml
View File

@ -20,7 +20,7 @@ options:
experimental: false
examples: |-
You can remove an image using its short or long ID, its tag, or its digest. If
an image has one or more tag referencing it, you must remove all of them before
an image has one or more tags referencing it, you must remove all of them before
the image is removed. Digest references are removed automatically when an image
is removed by tag.

18
_data/engine-cli/docker_run.yaml
View File

@ -440,6 +440,12 @@ options:
description: Tune container pids limit (set -1 for unlimited)
deprecated: false
experimental: false
- option: platform
value_type: string
description: Set platform if server is multi-platform capable
deprecated: false
min_api_version: "1.32"
experimental: true
- option: privileged
value_type: bool
default_value: "false"
@ -657,7 +663,7 @@ examples: |-
user cannot pass a size less than the Default BaseFS Size.
For the `overlay2` storage driver, the size option is only available if the
backing fs is `xfs` and mounted with the `pquota` mount option.
Under these conditions, user can pass any size less then the backing fs size.
Under these conditions, user can pass any size less than the backing fs size.
### Mount tmpfs (--tmpfs)
@ -1005,11 +1011,11 @@ examples: |-
policy controls whether the Docker daemon restarts a container after exit.
Docker supports the following restart policies:
| Policy | Result |
|:----------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `no` | Do not automatically restart the container when it exits. This is the default. |
| `failure` | Restart only if the container exits with a non-zero exit status. Optionally, limit the number of restart retries the Docker daemon attempts. |
| `always` | Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container. |
| Policy | Result |
|:---------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `no` | Do not automatically restart the container when it exits. This is the default. |
| `on-failure[:max-retries]` | Restart only if the container exits with a non-zero exit status. Optionally, limit the number of restart retries the Docker daemon attempts. |
| `always` | Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container. |
```bash
$ docker run --restart=always redis

9
_data/engine-cli/docker_secret_create.yaml
View File

@ -3,10 +3,17 @@ short: Create a secret from a file or STDIN as content
long: "Creates a secret using standard input or from a file for the secret content.
You must run this command on a manager node. \n\nFor detailed information about
using secrets, refer to [manage sensitive data with Docker secrets](https://docs.docker.com/engine/swarm/secrets/)."
usage: docker secret create [OPTIONS] SECRET file|-
usage: docker secret create [OPTIONS] SECRET [file|-]
pname: docker secret
plink: docker_secret.yaml
options:
- option: driver
shorthand: d
value_type: string
description: Secret driver
deprecated: false
min_api_version: "1.31"
experimental: false
- option: label
shorthand: l
value_type: list

1139
_data/engine-cli/docker_service_create.yaml
View File

File diff suppressed because it is too large Load Diff

2
_data/engine-cli/docker_service_rollback.yaml
View File

@ -10,7 +10,7 @@ options:
- option: detach
shorthand: d
value_type: bool
default_value: "true"
default_value: "false"
description: |
Exit immediately instead of waiting for the service to converge
deprecated: false

2
_data/engine-cli/docker_service_scale.yaml
View File

@ -13,7 +13,7 @@ options:
- option: detach
shorthand: d
value_type: bool
default_value: "true"
default_value: "false"
description: |
Exit immediately instead of waiting for the service to converge
deprecated: false

43
_data/engine-cli/docker_service_update.yaml
View File

@ -60,7 +60,7 @@ options:
- option: detach
shorthand: d
value_type: bool
default_value: "true"
default_value: "false"
description: |
Exit immediately instead of waiting for the service to converge
deprecated: false
@ -129,6 +129,16 @@ options:
deprecated: false
min_api_version: "1.25"
experimental: false
- option: generic-resource-add
value_type: list
description: Add a Generic resource
deprecated: false
experimental: false
- option: generic-resource-rm
value_type: list
description: Remove a Generic resource
deprecated: false
experimental: false
- option: group-add
value_type: list
description: Add an additional supplementary user group to the container
@ -176,9 +186,9 @@ options:
experimental: false
- option: host-add
value_type: list
description: Add or update a custom host-to-IP mapping (host:ip)
description: Add a custom host-to-IP mapping (host:ip)
deprecated: false
min_api_version: "1.25"
min_api_version: "1.32"
experimental: false
- option: host-rm
value_type: list
@ -197,6 +207,12 @@ options:
description: Service image tag
deprecated: false
experimental: false
- option: isolation
value_type: string
description: Service container isolation mode
deprecated: false
min_api_version: "1.35"
experimental: false
- option: label-add
value_type: list
description: Add or update a service label
@ -535,6 +551,21 @@ examples: |-
myservice
```
### Add or remove published service ports
Use the `--publish-add` or `--publish-rm` flags to add or remove a published
port for a service. You can use the short or long syntax discussed in the
[docker service create](service_create/#attach-a-service-to-an-existing-network-network)
reference.
The following example adds a published service port to an existing service.
```bash
$ docker service update \
--publish-add published=8080,target=80 \
myservice
```
### Roll back to the previous version of a service
Use the `--rollback` option to roll back to the previous version of the service.
@ -618,6 +649,12 @@ examples: |-
Some flags of `service update` support the use of templating.
See [`service create`](./service_create.md#templating) for the reference.
### Specify isolation mode (Windows)
`service update` supports the same `--isolation` flag as `service create`
See [`service create`](./service_create.md) for the reference.
deprecated: false
min_api_version: "1.24"
experimental: false

70
_data/engine-cli/docker_stats.yaml
View File

@ -4,6 +4,8 @@ long: |-
The `docker stats` command returns a live data stream for running containers. To limit data to one or more specific containers, specify a list of container names or ids separated by a space. You can specify a stopped container but stopped containers do not return any data.
If you want more detailed information about a container's resource usage, use the `/containers/(id)/stats` API endpoint.
> **Note**: On Linux, the Docker CLI reports memory usage by subtracting page cache usage from the total memory usage. The API does not perform such a calculation but rather provides the total memory usage and the amount from the page cache so that clients can use the data as needed.
usage: docker stats [OPTIONS] [CONTAINER...]
pname: docker
plink: docker.yaml
@ -26,35 +28,45 @@ options:
description: Disable streaming stats and only pull the first result
deprecated: false
experimental: false
- option: no-trunc
value_type: bool
default_value: "false"
description: Do not truncate output
deprecated: false
experimental: false
examples: |-
Running `docker stats` on all running containers against a Linux daemon.
```bash
$ docker stats
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O
1285939c1fd3 0.07% 796 KiB / 64 MiB 1.21% 788 B / 648 B 3.568 MB / 512 KB
9c76f7834ae2 0.07% 2.746 MiB / 64 MiB 4.29% 1.266 KB / 648 B 12.4 MB / 0 B
d1ea048f04e4 0.03% 4.583 MiB / 64 MiB 6.30% 2.854 KB / 648 B 27.7 MB / 0 B
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
b95a83497c91 awesome_brattain 0.28% 5.629MiB / 1.952GiB 0.28% 916B / 0B 147kB / 0B 9
67b2525d8ad1 foobar 0.00% 1.727MiB / 1.952GiB 0.09% 2.48kB / 0B 4.11MB / 0B 2
e5c383697914 test-1951.1.kay7x1lh1twk9c0oig50sd5tr 0.00% 196KiB / 1.952GiB 0.01% 71.2kB / 0B 770kB / 0B 1
4bda148efbc0 random.1.vnc8on831idyr42slu578u3cr 0.00% 1.672MiB / 1.952GiB 0.08% 110kB / 0B 578kB / 0B 2
```
Running `docker stats` on multiple containers by name and id against a Linux daemon.
```bash
$ docker stats fervent_panini 5acfcb1b4fd1
CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O
5acfcb1b4fd1 0.00% 115.2 MiB/1.045 GiB 11.03% 1.422 kB/648 B
fervent_panini 0.02% 11.08 MiB/1.045 GiB 1.06% 648 B/648 B
$ docker stats awesome_brattain 67b2525d8ad1
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
b95a83497c91 awesome_brattain 0.28% 5.629MiB / 1.952GiB 0.28% 916B / 0B 147kB / 0B 9
67b2525d8ad1 foobar 0.00% 1.727MiB / 1.952GiB 0.09% 2.48kB / 0B 4.11MB / 0B 2
```
Running `docker stats` with customized format on all (Running and Stopped) containers.
```bash
$ docker stats --all --format "table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}"
CONTAINER ID NAME CPU % MEM USAGE / LIMIT
c9dfa83f0317f87637d5b7e67aa4223337d947215c5a9947e697e4f7d3e0f834 ecstatic_noether 0.00% 56KiB / 15.57GiB
8f92d01cf3b29b4f5fca4cd33d907e05def7af5a3684711b20a2369d211ec67f stoic_goodall 0.07% 32.86MiB / 15.57GiB
38dd23dba00f307d53d040c1d18a91361bbdcccbf592315927d56cf13d8b7343 drunk_visvesvaraya 0.00% 0B / 0B
5a8b07ec4cc52823f3cbfdb964018623c1ba307bce2c057ccdbde5f4f6990833 big_heisenberg 0.00% 0B / 0B
$ docker stats --all --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}" fervent_panini 5acfcb1b4fd1 drunk_visvesvaraya big_heisenberg
CONTAINER CPU % MEM USAGE / LIMIT
fervent_panini 0.00% 56KiB / 15.57GiB
5acfcb1b4fd1 0.07% 32.86MiB / 15.57GiB
drunk_visvesvaraya 0.00% 0B / 0B
big_heisenberg 0.00% 0B / 0B
```
`drunk_visvesvaraya` and `big_heisenberg` are stopped containers in the above example.
@ -63,7 +75,7 @@ examples: |-
```powershell
PS E:\> docker stats
CONTAINER CPU % PRIV WORKING SET NET I/O BLOCK I/O
CONTAINER ID CPU % PRIV WORKING SET NET I/O BLOCK I/O
09d3bb5b1604 6.61% 38.21 MiB 17.1 kB / 7.73 kB 10.7 MB / 3.57 MB
9db7aa4d986d 9.19% 38.26 MiB 15.2 kB / 7.65 kB 10.6 MB / 3.3 MB
3f214c61ad1d 0.00% 28.64 MiB 64 kB / 6.84 kB 4.42 MB / 6.93 MB
@ -73,15 +85,15 @@ examples: |-
```powershell
PS E:\> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3f214c61ad1d nanoserver "cmd" 2 minutes ago Up 2 minutes big_minsky
9db7aa4d986d windowsservercore "cmd" 2 minutes ago Up 2 minutes mad_wilson
09d3bb5b1604 windowsservercore "cmd" 2 minutes ago Up 2 minutes affectionate_easley
CONTAINER ID NAME IMAGE COMMAND CREATED STATUS PORTS NAMES
3f214c61ad1d awesome_brattain nanoserver "cmd" 2 minutes ago Up 2 minutes big_minsky
9db7aa4d986d mad_wilson windowsservercore "cmd" 2 minutes ago Up 2 minutes mad_wilson
09d3bb5b1604 fervent_panini windowsservercore "cmd" 2 minutes ago Up 2 minutes affectionate_easley
PS E:\> docker stats 3f214c61ad1d mad_wilson
CONTAINER CPU % PRIV WORKING SET NET I/O BLOCK I/O
3f214c61ad1d 0.00% 46.25 MiB 76.3 kB / 7.92 kB 10.3 MB / 14.7 MB
mad_wilson 9.59% 40.09 MiB 27.6 kB / 8.81 kB 17 MB / 20.1 MB
CONTAINER ID NAME CPU % PRIV WORKING SET NET I/O BLOCK I/O
3f214c61ad1d awesome_brattain 0.00% 46.25 MiB 76.3 kB / 7.92 kB 10.3 MB / 14.7 MB
9db7aa4d986d mad_wilson 9.59% 40.09 MiB 27.6 kB / 8.81 kB 17 MB / 20.1 MB
```
### Formatting
@ -130,6 +142,20 @@ examples: |-
9c76f7834ae2 0.07% 2.746 MiB / 64 MiB
d1ea048f04e4 0.03% 4.583 MiB / 64 MiB
```
The default format is as follows:
On Linux:
"table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}\t{{.NetIO}}\t{{.BlockIO}}\t{{.PIDs}}"
On Windows:
"table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}\t{{.BlockIO}}"
> **Note**: On Docker 17.09 and older, the `{{.Container}}` column was used, in
> stead of `{{.ID}}\t{{.Name}}`.
deprecated: false
experimental: false

5
_data/engine-cli/docker_swarm_join.yaml
View File

@ -94,7 +94,10 @@ examples: |-
Specifying a port is optional. If the value is a bare IP address, or interface
name, the default port 2377 will be used.
This flag is generally not necessary when joining an existing swarm.
This flag is generally not necessary when joining an existing swarm. If
you're joining new nodes through a load balancer, you should use this flag to
ensure the node advertises its IP address and not the IP address of the load
balancer.
### `--data-path-addr`

146
_data/engine-cli/docker_system_prune.yaml
View File

@ -1,7 +1,8 @@
command: docker system prune
short: Remove unused data
long: Remove all unused containers, volumes, networks and images (both dangling and
unreferenced).
long: |-
Remove all unused containers, networks, images (both dangling and unreferenced),
and optionally, volumes.
usage: docker system prune [OPTIONS]
pname: docker system
plink: docker_system.yaml
@ -32,42 +33,111 @@ options:
description: Prune volumes
deprecated: false
experimental: false
examples: "```bash\n$ docker system prune -a\n\nWARNING! This will remove:\n\t- all
stopped containers\n\t- all volumes not used by at least one container\n\t- all
networks not used by at least one container\n\t- all images without at least one
container associated to them\nAre you sure you want to continue? [y/N] y\nDeleted
Containers:\n0998aa37185a1a7036b0e12cf1ac1b6442dcfa30a5c9650a42ed5010046f195b\n73958bfb884fa81fa4cc6baf61055667e940ea2357b4036acbbe25a60f442a4d\n\nDeleted
Volumes:\nnamed-vol\n\nDeleted Images:\nuntagged: my-curl:latest\ndeleted: sha256:7d88582121f2a29031d92017754d62a0d1a215c97e8f0106c586546e7404447d\ndeleted:
sha256:dd14a93d83593d4024152f85d7c63f76aaa4e73e228377ba1d130ef5149f4d8b\nuntagged:
alpine:3.3\ndeleted: sha256:695f3d04125db3266d4ab7bbb3c6b23aa4293923e762aa2562c54f49a28f009f\nuntagged:
alpine:latest\ndeleted: sha256:ee4603260daafe1a8c2f3b78fd760922918ab2441cbb2853ed5c439e59c52f96\ndeleted:
sha256:9007f5987db353ec398a223bc5a135c5a9601798ba20a1abba537ea2f8ac765f\ndeleted:
sha256:71fa90c8f04769c9721459d5aa0936db640b92c8c91c9b589b54abd412d120ab\ndeleted:
sha256:bb1c3357b3c30ece26e6604aea7d2ec0ace4166ff34c3616701279c22444c0f3\nuntagged:
my-jq:latest\ndeleted: sha256:6e66d724542af9bc4c4abf4a909791d7260b6d0110d8e220708b09e4ee1322e1\ndeleted:
sha256:07b3fa89d4b17009eb3988dfc592c7d30ab3ba52d2007832dffcf6d40e3eda7f\ndeleted:
sha256:3a88a5c81eb5c283e72db2dbc6d65cbfd8e80b6c89bb6e714cfaaa0eed99c548\n\nTotal
reclaimed space: 13.5 MB\n```\n\n### Filtering\n\nThe filtering flag (`-f` or `--filter`)
format is of \"key=value\". If there is more\nthan one filter, then pass multiple
flags (e.g., `--filter \"foo=bar\" --filter \"bif=baz\"`)\n\nThe currently supported
filters are:\n\n* until (`<timestamp>`) - only remove containers, images, and networks
created before given timestamp\n* label (`label=<key>`, `label=<key>=<value>`, `label!=<key>`,
or `label!=<key>=<value>`) - only remove containers, images, networks, and volumes
with (or without, in case `label!=...` is used) the specified labels.\n\nThe `until`
filter can be Unix timestamps, date formatted\ntimestamps, or Go duration strings
(e.g. `10m`, `1h30m`) computed\nrelative to the daemon machines time. Supported
formats for date\nformatted time stamps include RFC3339Nano, RFC3339, `2006-01-02T15:04:05`,\n`2006-01-02T15:04:05.999999999`,
`2006-01-02Z07:00`, and `2006-01-02`. The local\ntimezone on the daemon will be
used if you do not provide either a `Z` or a\n`+-00:00` timezone offset at the end
of the timestamp. When providing Unix\ntimestamps enter seconds[.nanoseconds],
where seconds is the number of seconds\nthat have elapsed since January 1, 1970
(midnight UTC/GMT), not counting leap\nseconds (aka Unix epoch or Unix time), and
the optional .nanoseconds field is a\nfraction of a second no more than nine digits
long.\n\nThe `label` filter accepts two formats. One is the `label=...` (`label=<key>`
or `label=<key>=<value>`),\nwhich removes containers, images, networks, and volumes
with the specified labels. The other\nformat is the `label!=...` (`label!=<key>`
or `label!=<key>=<value>`), which removes\ncontainers, images, networks, and volumes
without the specified labels."
examples: |-
```bash
$ docker system prune
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all dangling images
- all build cache
Are you sure you want to continue? [y/N] y
Deleted Containers:
f44f9b81948b3919590d5f79a680d8378f1139b41952e219830a33027c80c867
792776e68ac9d75bce4092bc1b5cc17b779bc926ab04f4185aec9bf1c0d4641f
Deleted Networks:
network1
network2
Deleted Images:
untagged: hello-world@sha256:f3b3b28a45160805bb16542c9531888519430e9e6d6ffc09d72261b0d26ff74f
deleted: sha256:1815c82652c03bfd8644afda26fb184f2ed891d921b20a0703b46768f9755c57
deleted: sha256:45761469c965421a92a69cc50e92c01e0cfa94fe026cdd1233445ea00e96289a
Total reclaimed space: 1.84kB
```
By default, volumes are not removed to prevent important data from being
deleted if there is currently no container using the volume. Use the `--volumes`
flag when running the command to prune volumes as well:
```bash
$ docker system prune -a --volumes
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all volumes not used by at least one container
- all images without at least one container associated to them
- all build cache
Are you sure you want to continue? [y/N] y
Deleted Containers:
0998aa37185a1a7036b0e12cf1ac1b6442dcfa30a5c9650a42ed5010046f195b
73958bfb884fa81fa4cc6baf61055667e940ea2357b4036acbbe25a60f442a4d
Deleted Networks:
my-network-a
my-network-b
Deleted Volumes:
named-vol
Deleted Images:
untagged: my-curl:latest
deleted: sha256:7d88582121f2a29031d92017754d62a0d1a215c97e8f0106c586546e7404447d
deleted: sha256:dd14a93d83593d4024152f85d7c63f76aaa4e73e228377ba1d130ef5149f4d8b
untagged: alpine:3.3
deleted: sha256:695f3d04125db3266d4ab7bbb3c6b23aa4293923e762aa2562c54f49a28f009f
untagged: alpine:latest
deleted: sha256:ee4603260daafe1a8c2f3b78fd760922918ab2441cbb2853ed5c439e59c52f96
deleted: sha256:9007f5987db353ec398a223bc5a135c5a9601798ba20a1abba537ea2f8ac765f
deleted: sha256:71fa90c8f04769c9721459d5aa0936db640b92c8c91c9b589b54abd412d120ab
deleted: sha256:bb1c3357b3c30ece26e6604aea7d2ec0ace4166ff34c3616701279c22444c0f3
untagged: my-jq:latest
deleted: sha256:6e66d724542af9bc4c4abf4a909791d7260b6d0110d8e220708b09e4ee1322e1
deleted: sha256:07b3fa89d4b17009eb3988dfc592c7d30ab3ba52d2007832dffcf6d40e3eda7f
deleted: sha256:3a88a5c81eb5c283e72db2dbc6d65cbfd8e80b6c89bb6e714cfaaa0eed99c548
Total reclaimed space: 13.5 MB
```
> **Note**: The `--volumes` option was added in Docker 17.06.1. Older versions
> of Docker prune volumes by default, along with other Docker objects. On older
> versions, run `docker container prune`, `docker network prune`, and
> `docker image prune` separately to remove unused containers, networks, and
> images, without removing volumes.
### Filtering
The filtering flag (`--filter`) format is of "key=value". If there is more
than one filter, then pass multiple flags (e.g., `--filter "foo=bar" --filter "bif=baz"`)
The currently supported filters are:
* until (`<timestamp>`) - only remove containers, images, and networks created before given timestamp
* label (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) - only remove containers, images, networks, and volumes with (or without, in case `label!=...` is used) the specified labels.
The `until` filter can be Unix timestamps, date formatted
timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed
relative to the daemon machines time. Supported formats for date
formatted time stamps include RFC3339Nano, RFC3339, `2006-01-02T15:04:05`,
`2006-01-02T15:04:05.999999999`, `2006-01-02Z07:00`, and `2006-01-02`. The local
timezone on the daemon will be used if you do not provide either a `Z` or a
`+-00:00` timezone offset at the end of the timestamp. When providing Unix
timestamps enter seconds[.nanoseconds], where seconds is the number of seconds
that have elapsed since January 1, 1970 (midnight UTC/GMT), not counting leap
seconds (aka Unix epoch or Unix time), and the optional .nanoseconds field is a
fraction of a second no more than nine digits long.
The `label` filter accepts two formats. One is the `label=...` (`label=<key>` or `label=<key>=<value>`),
which removes containers, images, networks, and volumes with the specified labels. The other
format is the `label!=...` (`label!=<key>` or `label!=<key>=<value>`), which removes
containers, images, networks, and volumes without the specified labels.
deprecated: false
min_api_version: "1.25"
experimental: false

23
_data/engine-cli/docker_trust.yaml Normal file
View File

@ -0,0 +1,23 @@
command: docker trust
short: Manage trust on Docker images (experimental)
long: Manage trust on Docker images (experimental)
usage: docker trust
pname: docker
plink: docker.yaml
cname:
- docker trust inspect
- docker trust key
- docker trust revoke
- docker trust sign
- docker trust signer
- docker trust view
clink:
- docker_trust_inspect.yaml
- docker_trust_key.yaml
- docker_trust_revoke.yaml
- docker_trust_sign.yaml
- docker_trust_signer.yaml
- docker_trust_view.yaml
deprecated: false
experimental: false

116
_data/engine-cli/docker_trust_inspect.yaml Normal file
View File

@ -0,0 +1,116 @@
command: docker trust inspect
short: Return low-level information about keys and signatures
long: |-
`docker trust inspect` provides low-level JSON information on signed repositories.
This includes all image tags that are signed, who signed them, and who can sign
new tags.
`docker trust inspect` prints the trust information in a machine-readable format. Refer to
[`docker trust view`](trust_view.md) for a human-friendly output.
`docker trust inspect` is currently experimental.
usage: docker trust inspect IMAGE[:TAG] [IMAGE[:TAG]...]
pname: docker trust
plink: docker_trust.yaml
examples: "### Get low-level details about signatures for a single image tag\n\nUse
the `docker trust inspect` to get trust information about an image. The\nfollowing
example prints trust information for the `alpine:latest` image:\n\n```bash\n$ docker
trust inspect alpine:latest\n[\n {\n \"Name\": \"alpine:latest\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n }\n ],\n \"Signers\":
[],\n \"AdminstrativeKeys\": [\n {\n \"Name\": \"Repository\",\n
\ \"Keys\": [\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\":
[\n {\n \"ID\": \"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\nThe `SignedTags` key will
list the `SignedTag` name, its `Digest`, and the `Signers` responsible for the signature.\n\n`AdministrativeKeys`
will list the `Repository` and `Root` keys.\n\nThis format mirrors the output of
`docker trust view` \n\nIf signers are set up for the repository via other `docker
trust` commands, `docker trust inspect` includes a `Signers` key:\n\n```bash\n$
docker trust inspect my-image:purple\n[\n {\n \"Name\": \"my-image:purple\",\n
\ \"SignedTags\": [\n {\n \"SignedTag\": \"purple\",\n \"Digest\":
\"941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557\",\n \"Signers\":
[\n \"alice\",\n \"bob\",\n \"carol\"\n ]\n }\n
\ ],\n \"Signers\": [\n {\n \"Name\": \"alice\",\n \"Keys\":
[\n {\n \"ID\": \"04dd031411ed671ae1e12f47ddc8646d98f135090b01e54c3561e843084484a3\"\n
\ },\n {\n \"ID\": \"6a11e4898a4014d400332ab0e096308c844584ff70943cdd1d6628d577f45fd8\"\n
\ }\n ]\n },\n {\n \"Name\": \"bob\",\n \"Keys\":
[\n {\n \"ID\": \"433e245c656ae9733cdcc504bfa560f90950104442c4528c9616daa45824ccba\"\n
\ }\n ]\n },\n {\n \"Name\": \"carol\",\n \"Keys\":
[\n {\n \"ID\": \"d32fa8b5ca08273a2880f455fcb318da3dc80aeae1a30610815140deef8f30d9\"\n
\ },\n {\n \"ID\": \"9a8bbec6ba2af88a5fad6047d428d17e6d05dbdd03d15b4fc8a9a0e8049cd606\"\n
\ }\n ]\n }\n ],\n \"AdminstrativeKeys\": [\n {\n
\ \"Name\": \"Repository\",\n \"Keys\": [\n {\n \"ID\":
\"27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44\"\n }\n
\ ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\": [\n
\ {\n \"ID\": \"40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\nIf the image tag is unsigned
or unavailable, `docker trust inspect` does not display any signed tags.\n\n```bash\n$
docker trust inspect unsigned-img\nNo signatures or cannot access unsigned-img\n```\n\nHowever,
if other tags are signed in the same image repository, `docker trust inspect` reports
relevant key information:\n\n```bash\n$ docker trust inspect alpine:unsigned\n[\n
\ {\n \"Name\": \"alpine:unsigned\",\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\": [\n {\n
\ \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\": \"Root\",\n \"Keys\":
[\n {\n \"ID\": \"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n
\ }\n ]\n }\n ]\n }\n]\n```\n\n### Get details about signatures
for all image tags in a repository\n\nIf no tag is specified, `docker trust inspect`
will report details for all signed tags in the repository:\n\n```bash\n$ docker
trust inspect alpine\n[\n {\n \"Name\": \"alpine\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"3.5\",\n \"Digest\":
\"b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"3.6\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"edge\",\n \"Digest\":
\"23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ }\n ],\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\":
[\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n }\n
\ ]\n }\n ]\n }\n]\n```\n\n\n### Get details
about signatures for multiple images\n\n`docker trust inspect` can take multiple
repositories and images as arguments, and reports the results in an ordered list:\n\n```bash\n$
docker trust inspect alpine notary\n[\n {\n \"Name\": \"alpine\",\n \"SignedTags\":
[\n {\n \"SignedTag\": \"3.5\",\n \"Digest\":
\"b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"3.6\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"edge\",\n \"Digest\":
\"23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"integ-test-base\",\n \"Digest\":
\"3952dc48dcc4136ccdde37fbef7e250346538a55a0366e3fccc683336377e372\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n },\n {\n
\ \"SignedTag\": \"latest\",\n \"Digest\": \"d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ }\n ],\n \"Signers\": [],\n \"AdminstrativeKeys\":
[\n {\n \"Name\": \"Repository\",\n \"Keys\":
[\n {\n \"ID\": \"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\"\n
\ }\n ]\n },\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\"\n }\n
\ ]\n }\n ]\n },\n {\n \"Name\": \"notary\",\n
\ \"SignedTags\": [\n {\n \"SignedTag\": \"server\",\n
\ \"Digest\": \"71f64ab718a3331dee103bc5afc6bc492914738ce37c2d2f127a8133714ecf5c\",\n
\ \"Signers\": [\n \"Repo Admin\"\n ]\n
\ },\n {\n \"SignedTag\": \"signer\",\n \"Digest\":
\"a6122d79b1e74f70b5dd933b18a6d1f99329a4728011079f06b245205f158fe8\",\n \"Signers\":
[\n \"Repo Admin\"\n ]\n }\n ],\n
\ \"Signers\": [],\n \"AdminstrativeKeys\": [\n {\n \"Name\":
\"Root\",\n \"Keys\": [\n {\n \"ID\":
\"8cdcdef5bd039f4ab5a029126951b5985eebf57cabdcdc4d21f5b3be8bb4ce92\"\n }\n
\ ]\n },\n {\n \"Name\": \"Repository\",\n
\ \"Keys\": [\n {\n \"ID\":
\"85bfd031017722f950d480a721f845a2944db26a3dc084040a70f1b0d9bbb3df\"\n }\n
\ ]\n }\n ]\n }\n]\n```"
deprecated: false
experimental: false

15
_data/engine-cli/docker_trust_key.yaml Normal file
View File

@ -0,0 +1,15 @@
command: docker trust key
short: Manage keys for signing Docker images (experimental)
long: Manage keys for signing Docker images (experimental)
usage: docker trust key
pname: docker trust
plink: docker_trust.yaml
cname:
- docker trust key generate
- docker trust key load
clink:
- docker_trust_key_generate.yaml
- docker_trust_key_load.yaml
deprecated: false
experimental: false

15
_data/engine-cli/docker_trust_key_generate.yaml Normal file
View File

@ -0,0 +1,15 @@
command: docker trust key generate
short: Generate and load a signing key-pair
long: Generate and load a signing key-pair
usage: docker trust key generate NAME
pname: docker trust key
plink: docker_trust_key.yaml
options:
- option: dir
value_type: string
description: Directory to generate key in, defaults to current directory
deprecated: false
experimental: false
deprecated: false
experimental: false

16
_data/engine-cli/docker_trust_key_load.yaml Normal file
View File

@ -0,0 +1,16 @@
command: docker trust key load
short: Load a private key file for signing
long: Load a private key file for signing
usage: docker trust key load [OPTIONS] KEYFILE
pname: docker trust key
plink: docker_trust_key.yaml
options:
- option: name
value_type: string
default_value: signer
description: Name for the loaded key
deprecated: false
experimental: false
deprecated: false
experimental: false

58
_data/engine-cli/docker_trust_revoke.yaml Normal file
View File

@ -0,0 +1,58 @@
command: docker trust revoke
short: Remove trust for an image
long: |-
`docker trust revoke` removes signatures from tags in signed repositories.
`docker trust revoke` is currently experimental.
usage: docker trust revoke [OPTIONS] IMAGE[:TAG]
pname: docker trust
plink: docker_trust.yaml
options:
- option: "yes"
shorthand: "y"
value_type: bool
default_value: "false"
description: Do not prompt for confirmation
deprecated: false
experimental: false
examples: "### Revoke signatures from a signed tag\n\nHere's an example of a repo
with two signed tags:\n\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nred
\ 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943
\ alice\nblue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197
\ alice, bob\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER
\ KEYS\nalice 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```\n\nWhen
`alice`, one of the signers, runs `docker trust revoke`:\n\n```bash\n$ docker trust
revoke example/trust-demo:red\nEnter passphrase for delegation key with ID 27d42a8:\nSuccessfully
deleted signature for example/trust-demo:red\n```\n\nAfter revocation, the tag is
removed from the list of released tags:\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nblue
\ f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197
\ alice, bob\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER
\ KEYS\nalice 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```\n\n###
Revoke signatures on all tags in a repository\n\nWhen no tag is specified, `docker
trust` revokes all signatures that you have a signing key for.\n\n```bash\n$ docker
trust view example/trust-demo\nSIGNED TAG DIGEST SIGNERS\nred
\ 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943
\ alice\nblue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197
\ alice, bob\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER
\ KEYS\nalice 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```\n\nWhen
`alice`, one of the signers, runs `docker trust revoke`:\n\n```bash\n$ docker trust
revoke example/trust-demo\nPlease confirm you would like to delete all signature
data for example/trust-demo? [y/N] y\nEnter passphrase for delegation key with ID
27d42a8:\nSuccessfully deleted signature for example/trust-demo\n```\n\nAll tags
that have `alice`'s signature on them are removed from the list of released tags:\n\n```bash\n$
docker trust view example/trust-demo\n\nNo signatures for example/trust-demo\n\n\nList
of signers and their keys for example/trust-demo:\n\nSIGNER KEYS\nalice
\ 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```"
deprecated: false
experimental: false

57
_data/engine-cli/docker_trust_sign.yaml Normal file
View File

@ -0,0 +1,57 @@
command: docker trust sign
short: Sign an image
long: |-
`docker trust sign` adds signatures to tags to create signed repositories.
`docker trust sign` is currently experimental.
usage: docker trust sign IMAGE:TAG
pname: docker trust
plink: docker_trust.yaml
options:
- option: local
value_type: bool
default_value: "false"
description: Sign a locally tagged image
deprecated: false
experimental: false
examples: "### Sign a tag as a repo admin\n\nGiven an image:\n\n```bash\n$ docker
trust view example/trust-demo\nSIGNED TAG DIGEST SIGNERS\nv1
\ c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41
\ (Repo Admin)\n\nAdministrative keys for example/trust-demo:\nRepository Key:\t36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942\nRoot
Key:\t246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b\n```\n\nSign
a new tag with `docker trust sign`:\n\n```bash\n$ docker trust sign example/trust-demo:v2\nSigning
and pushing trust metadata for example/trust-demo:v2\nThe push refers to a repository
[docker.io/example/trust-demo]\need4e566104a: Layer already exists\n77edfb6d1e3c:
Layer already exists\nc69f806905c2: Layer already exists\n582f327616f1: Layer already
exists\na3fbb648f0bd: Layer already exists\n5eac2de68a97: Layer already exists\n8d4d1ab5ff74:
Layer already exists\nv2: digest: sha256:8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56
size: 1787\nSigning and pushing trust metadata\nEnter passphrase for repository
key with ID 36d4c36:\nSuccessfully signed docker.io/example/trust-demo:v2\n```\n\n`docker
trust view` lists the new signature:\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nv1
\ c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41
\ (Repo Admin)\nv2 8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56
\ (Repo Admin)\n\nAdministrative keys for example/trust-demo:\nRepository Key:\t36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942\nRoot
Key:\t246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b\n```\n\n###
Sign a tag as a signer\n\nGiven an image:\n\n```bash\n$ docker trust view example/trust-demo\n\nNo
signatures for example/trust-demo\n\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER
\ KEYS\nalice 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```\n\nSign
a new tag with `docker trust sign`:\n\n```bash\n$ docker trust sign example/trust-demo:v1\nSigning
and pushing trust metadata for example/trust-demo:v1\nThe push refers to a repository
[docker.io/example/trust-demo]\n26b126eb8632: Layer already exists\n220d34b5f6c9:
Layer already exists\n8a5132998025: Layer already exists\naca233ed29c3: Layer already
exists\ne5d2f035d7a4: Layer already exists\nv1: digest: sha256:74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4
size: 1357\nSigning and pushing trust metadata\nEnter passphrase for delegation
key with ID 27d42a8:\nSuccessfully signed docker.io/example/trust-demo:v1\n```\n\n`docker
trust view` lists the new signature:\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nv1
\ 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4
\ alice\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER KEYS\nalice
\ 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```"
deprecated: false
experimental: false

15
_data/engine-cli/docker_trust_signer.yaml Normal file
View File

@ -0,0 +1,15 @@
command: docker trust signer
short: Manage entities who can sign Docker images (experimental)
long: Manage entities who can sign Docker images (experimental)
usage: docker trust signer
pname: docker trust
plink: docker_trust.yaml
cname:
- docker trust signer add
- docker trust signer remove
clink:
- docker_trust_signer_add.yaml
- docker_trust_signer_remove.yaml
deprecated: false
experimental: false

15
_data/engine-cli/docker_trust_signer_add.yaml Normal file
View File

@ -0,0 +1,15 @@
command: docker trust signer add
short: Add a signer
long: Add a signer
usage: 'docker trust signer add OPTIONS NAME REPOSITORY [REPOSITORY...] '
pname: docker trust signer
plink: docker_trust_signer.yaml
options:
- option: key
value_type: list
description: Path to the signer's public key file
deprecated: false
experimental: false
deprecated: false
experimental: false

18
_data/engine-cli/docker_trust_signer_remove.yaml Normal file
View File

@ -0,0 +1,18 @@
command: docker trust signer remove
short: Remove a signer
long: Remove a signer
usage: docker trust signer remove [OPTIONS] NAME REPOSITORY [REPOSITORY...]
pname: docker trust signer
plink: docker_trust_signer.yaml
options:
- option: force
shorthand: f
value_type: bool
default_value: "false"
description: |
Do not prompt for confirmation before removing the most recent signer
deprecated: false
experimental: false
deprecated: false
experimental: false

66
_data/engine-cli/docker_trust_view.yaml Normal file
View File

@ -0,0 +1,66 @@
command: docker trust view
short: Display detailed information about keys and signatures
long: |-
`docker trust view` provides detailed information on signed repositories.
This includes all image tags that are signed, who signed them, and who can sign
new tags.
By default, `docker trust view` renders results in a table.
`docker trust view` is currently experimental.
usage: docker trust view IMAGE[:TAG]
pname: docker trust
plink: docker_trust.yaml
examples: "### Get details about signatures for a single image tag\n\n\n```bash\n$
docker trust view alpine:latest\n\nSIGNED TAG DIGEST SIGNERS\nlatest
\ 1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe (Repo
Admin)\n\nAdministrative keys for alpine:latest:\nRepository Key:\t5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\nRoot
Key:\ta2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\n```\n\nThe
`SIGNED TAG` is the signed image tag with a unique content-addressable `DIGEST`.
`SIGNERS` lists all entities who have signed.\n\nThe administrative keys listed
specify the root key of trust, as well as the administrative repository key. These
keys are responsible for modifying signers, and rotating keys for the signed repository.\n\nIf
signers are set up for the repository via other `docker trust` commands, `docker
trust view` displays them appropriately as a `SIGNER` and specify their `KEYS`:\n\n```bash\n$
docker trust view my-image:purple\nSIGNED TAG DIGEST SIGNERS\npurple
\ 941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557 alice,
bob, carol\n\nList of signers and their keys:\n\nSIGNER KEYS\nalice
\ 47caae5b3e61, a85aab9d20a4\nbob 034370bcbd77, 82a66673242c\ncarol
\ b6f9f8e1aab0\n\nAdministrative keys for my-image:\nRepository Key:\t27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44\nRoot
Key:\t40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f\n```\n\nIf
the image tag is unsigned or unavailable, `docker trust view` does not display any
signed tags.\n\n```bash\n$ docker trust view unsigned-img\nNo signatures or cannot
access unsigned-img\n```\n\nHowever, if other tags are signed in the same image
repository, `docker trust view` reports relevant key information.\n\n```bash\n$
docker trust view alpine:unsigned\n\nNo signatures for alpine:unsigned\n\n\nAdministrative
keys for alpine:unsigned:\nRepository Key:\t5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\nRoot
Key:\ta2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\n```\n\n###
Get details about signatures for all image tags in a repository\n\n```bash\n$ docker
trust view alpine\nSIGNED TAG DIGEST SIGNERS\n2.6
\ 9ace551613070689a12857d62c30ef0daa9a376107ec0fff0e34786cedb3399b
\ (Repo Admin)\n2.7 9f08005dff552038f0ad2f46b8e65ff3d25641747d3912e3ea8da6785046561a
\ (Repo Admin)\n3.1 d9477888b78e8c6392e0be8b2e73f8c67e2894ff9d4b8e467d1488fcceec21c8
\ (Repo Admin)\n3.2 19826d59171c2eb7e90ce52bfd822993bef6a6fe3ae6bb4a49f8c1d0a01e99c7
\ (Repo Admin)\n3.3 8fd4b76819e1e5baac82bd0a3d03abfe3906e034cc5ee32100d12aaaf3956dc7
\ (Repo Admin)\n3.4 833ad81ace8277324f3ca8c91c02bdcf1d13988d8ecf8a3f97ecdd69d0390ce9
\ (Repo Admin)\n3.5 af2a5bd2f8de8fc1ecabf1c76611cdc6a5f1ada1a2bdd7d3816e121b70300308
\ (Repo Admin)\n3.6 1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe
\ (Repo Admin)\nedge 79d50d15bd7ea48ea00cf3dd343b0e740c1afaa8e899bee475236ef338e1b53b
\ (Repo Admin)\nlatest 1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe
\ (Repo Admin)\n\nAdministrative keys for alpine:\nRepository Key:\t5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd\nRoot
Key:\ta2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce\n```\n\nHere's
an example with signers that are set up by `docker trust` commands:\n\n```bash\n$
docker trust view my-image\nSIGNED TAG DIGEST SIGNERS\nred
\ 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943
\ alice\nblue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197
\ alice, bob\ngreen cae8fedc840f90c8057e1c24637d11865743ab1e61a972c1c9da06ec2de9a139
\ alice, bob\nyellow 9cc65fc3126790e683d1b92f307a71f48f75fa7dd47a7b03145a123eaf0b45ba
\ carol\npurple 941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557
\ alice, bob, carol\norange d6c271baa6d271bcc24ef1cbd65abf39123c17d2e83455bdab545a1a9093fc1c
\ alice\n\nList of signers and their keys for my-image:\n\nSIGNER KEYS\nalice
\ 47caae5b3e61, a85aab9d20a4\nbob 034370bcbd77, 82a66673242c\ncarol
\ b6f9f8e1aab0\n\nAdministrative keys for my-image:\nRepository Key:\t27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44\nRoot
Key:\t40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f\n```"
deprecated: false
experimental: false

1
_data/engine-cli/docker_unpause.yaml
View File

@ -13,6 +13,7 @@ plink: docker.yaml
examples: |-
```bash
$ docker unpause my_container
my_container
```
deprecated: false
experimental: false

39
_data/toc.yaml
View File

@ -847,6 +847,30 @@ reference:
title: docker tag
- path: /engine/reference/commandline/top/
title: docker top
- sectiontitle: docker trust *
section:
- path: /engine/reference/commandline/trust/
title: docker trust
- path: /engine/reference/commandline/trust_inspect/
title: docker trust inspect
- path: /engine/reference/commandline/trust_key/
title: docker trust key
- path: /engine/reference/commandline/trust_key_generate/
title: docker trust key generate
- path: /engine/reference/commandline/trust_key_load/
title: docker trust key load
- path: /engine/reference/commandline/trust_revoke/
title: docker trust revoke
- path: /engine/reference/commandline/trust_sign/
title: docker trust sign
- path: /engine/reference/commandline/trust_signer/
title: docker trust signer
- path: /engine/reference/commandline/trust_signer_add/
title: docker trust signer add
- path: /engine/reference/commandline/trust_signer_remove/
title: docker trust signer remove
- path: /engine/reference/commandline/trust_view/
title: docker trust view
- path: /engine/reference/commandline/unpause/
title: docker unpause
- path: /engine/reference/commandline/update/
@ -867,6 +891,7 @@ reference:
title: docker volume rm
- path: /engine/reference/commandline/wait/
title: docker wait
- sectiontitle: Edge
section:
- path: /edge/engine/reference/run/
@ -1195,10 +1220,24 @@ reference:
section:
- path: /edge/engine/reference/commandline/trust/
title: docker trust
- path: /edge/engine/reference/commandline/trust_inspect/
title: docker trust inspect
- path: /edge/engine/reference/commandline/trust_key/
title: docker trust key
- path: /edge/engine/reference/commandline/trust_key_generate/
title: docker trust key generate
- path: /edge/engine/reference/commandline/trust_key_load/
title: docker trust key load
- path: /edge/engine/reference/commandline/trust_revoke/
title: docker trust revoke
- path: /edge/engine/reference/commandline/trust_sign/
title: docker trust sign
- path: /edge/engine/reference/commandline/trust_signer/
title: docker trust signer
- path: /edge/engine/reference/commandline/trust_signer_add/
title: docker trust signer add
- path: /edge/engine/reference/commandline/trust_signer_remove/
title: docker trust signer remove
- path: /edge/engine/reference/commandline/trust_view/
title: docker trust view
- path: /edge/engine/reference/commandline/unpause/

18
edge/engine/reference/commandline/config_create.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_config_create
title: docker config create
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

18
edge/engine/reference/commandline/config_inspect.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_config_inspect
title: docker config inspect
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

18
edge/engine/reference/commandline/config_ls.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_config_ls
title: docker config ls
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

18
edge/engine/reference/commandline/config_rm.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_config_rm
title: docker config rm
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

18
edge/engine/reference/commandline/swarm_ca.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_swarm_ca
title: docker swarm ca
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

18
edge/engine/reference/commandline/trust_inspect.md Normal file
View File

@ -0,0 +1,18 @@
---
datafolder: engine-cli-edge
datafile: docker_trust_inspect
title: docker trust inspect
---
<!--
Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

6
engine/reference/commandline/README.md
View File

@ -2,7 +2,7 @@
The files in this directory are stub files which include the file
`/_includes/cli.md`, which parses YAML files generated from the
[`docker/cli`](https://github.com/docker/cli) repository. The YAML files
[`docker/docker`](https://github.com/moby/moby) repository. The YAML files
are parsed into output files like
[https://docs.docker.com/engine/reference/commandline/build/](https://docs.docker.com/engine/reference/commandline/build/).
@ -14,7 +14,7 @@ The output files are composed from two sources:
the CLI source code in that repository.
- The **Extended Description** and **Examples** sections are pulled into the
YAML from the files in [https://github.com/docker/cli/tree/master/docs/reference/commandline](https://github.com/docker/cli/tree/master/docs/reference/commandline)
YAML from the files in [https://github.com/moby/moby/tree/master/docs/reference/commandline](https://github.com/moby/moby/tree/master/docs/reference/commandline)
Specifically, the Markdown inside the `## Description` and `## Examples`
headings are parsed. Please submit corrections to the text in that repository.
@ -22,7 +22,7 @@ The output files are composed from two sources:
The process for generating the YAML files is still in flux. Check with
@thajestah or @frenchben. Be sure to generate the YAML files with the correct
branch of `moby/moby` checked out (probably not `master`).
branch of `docker/docker` checked out (probably not `master`).
After generating the YAML files, replace the YAML files in
[https://github.com/docker/docker.github.io/tree/master/_data/engine-cli](https://github.com/docker/docker.github.io/tree/master/_data/engine-cli)

4
engine/reference/commandline/attach.md
View File

@ -8,9 +8,11 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}
{% endif %}
{% include cli.md datafolder=page.datafolder datafile=page.datafile %}

2
engine/reference/commandline/build.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/checkpoint.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/checkpoint_create.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/checkpoint_ls.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/checkpoint_rm.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/commit.md
View File

@ -8,7 +8,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}
{% include edge_only.md section="cliref" %}

2
engine/reference/commandline/config.md
View File

@ -19,4 +19,4 @@ https://www.github.com/docker/cli
## More info
[Store configuration data using Docker Configs](/engine/swarm/configs.md)
[Store configuration data using Docker Configs](/engine/swarm/configs.md)

2
engine/reference/commandline/config_create.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/config_inspect.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/config_ls.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/config_rm.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_attach.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_commit.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_cp.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_create.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_diff.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_exec.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_export.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_inspect.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_kill.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_logs.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_ls.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_pause.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_port.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_prune.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_rename.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_restart.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_rm.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_run.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_start.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_stats.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_stop.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_top.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

2
engine/reference/commandline/container_unpause.md
View File

@ -9,7 +9,7 @@ Sorry, but the contents of this page are automatically generated from
Docker's source code. If you want to suggest a change to the text that appears
here, you'll need to find the string by searching this repo:
https://www.github.com/docker/cli
https://github.com/docker/cli
-->
{% if page.datafolder contains '-edge' %}

Some files were not shown because too many files have changed in this diff Show More