docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into amberjack

This commit is contained in:
ollypom 2019-07-19 14:23:33 +00:00
parent cb7b160805 bf079c8d44
commit 4524319333
No known key found for this signature in database
GPG Key ID: 2E6D9F4EBCB6B160
58 changed files with 1179 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
_config.yml
View File

@ -135,14 +135,14 @@ defaults:
hide_from_sitemap: true
dtr_org: "docker"
dtr_repo: "dtr"
dtr_version: "2.5.11"
dtr_version: "2.5.13"
- scope:
path: "datacenter/dtr/2.4"
values:
hide_from_sitemap: true
dtr_org: "docker"
dtr_repo: "dtr"
dtr_version: "2.4.12"
dtr_version: "2.4.13"
- scope:
path: "datacenter/dtr/2.3"
values:
@ -193,14 +193,14 @@ defaults:
hide_from_sitemap: true
ucp_org: "docker"
ucp_repo: "ucp"
ucp_version: "3.0.11"
ucp_version: "3.0.13"
- scope:
path: "datacenter/ucp/2.2"
values:
hide_from_sitemap: true
ucp_org: "docker"
ucp_repo: "ucp"
ucp_version: "2.2.18"
ucp_version: "2.2.20"
- scope:
path: "datacenter/ucp/2.1"
values:

64
_data/ddc_offline_files_2.yaml
View File

@ -5,7 +5,23 @@
# Used by _includes/components/ddc_url_list_2.html
- product: "ucp"
version: "3.1"
tar-files:
tar-files:
- description: "3.1.9 Linux"
url: https://packages.docker.com/caas/ucp_images_3.1.9.tar.gz
- description: "3.1.9 Windows Server 2016 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2016_3.1.9.tar.gz
- description: "3.1.9 Windows Server 1803"
url: https://packages.docker.com/caas/ucp_images_win_1803_3.1.9.tar.gz
- description: "3.1.9 Windows Server 2019 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2019_3.1.9.tar.gz
- description: "3.1.8 Linux"
url: https://packages.docker.com/caas/ucp_images_3.1.8.tar.gz
- description: "3.1.8 Windows Server 2016 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2016_3.1.8.tar.gz
- description: "3.1.8 Windows Server 1803"
url: https://packages.docker.com/caas/ucp_images_win_1803_3.1.8.tar.gz
- description: "3.1.8 Windows Server 2019 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2019_3.1.8.tar.gz
- description: "3.1.7 Linux"
url: https://packages.docker.com/caas/ucp_images_3.1.7.tar.gz
- description: "3.1.7 Windows Server 2016 LTSC"
@ -83,6 +99,22 @@
- product: "ucp"
version: "3.0"
tar-files:
- description: "3.0.13 Linux"
url: https://packages.docker.com/caas/ucp_images_3.0.13.tar.gz
- description: "3.0.13 IBM Z"
url: https://packages.docker.com/caas/ucp_images_s390x_3.0.13.tar.gz
- description: "3.0.13 Windows Server 2016 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2016_3.0.13.tar.gz
- description: "3.0.13 Windows Server 1803"
url: https://packages.docker.com/caas/ucp_images_win_1803_3.0.13.tar.gz
- description: "3.0.12 Linux"
url: https://packages.docker.com/caas/ucp_images_3.0.12.tar.gz
- description: "3.0.12 IBM Z"
url: https://packages.docker.com/caas/ucp_images_s390x_3.0.12.tar.gz
- description: "3.0.12 Windows Server 2016 LTSC"
url: https://packages.docker.com/caas/ucp_images_win_2016_3.0.12.tar.gz
- description: "3.0.12 Windows Server 1803"
url: https://packages.docker.com/caas/ucp_images_win_1803_3.0.12.tar.gz
- description: "3.0.11 Linux"
url: https://packages.docker.com/caas/ucp_images_3.0.11.tar.gz
- description: "3.0.11 IBM Z"
@ -186,6 +218,18 @@
- product: "ucp"
version: "2.2"
tar-files:
- description: "2.2.20 Linux"
url: https://packages.docker.com/caas/ucp_images_2.2.20.tar.gz
- description: "2.2.20 IBM Z"
url: https://packages.docker.com/caas/ucp_images_s390x_2.2.20.tar.gz
- description: "2.2.20 Windows"
url: https://packages.docker.com/caas/ucp_images_win_2.2.20.tar.gz
- description: "2.2.19 Linux"
url: https://packages.docker.com/caas/ucp_images_2.2.19.tar.gz
- description: "2.2.19 IBM Z"
url: https://packages.docker.com/caas/ucp_images_s390x_2.2.19.tar.gz
- description: "2.2.19 Windows"
url: https://packages.docker.com/caas/ucp_images_win_2.2.19.tar.gz
- description: "2.2.18 Linux"
url: https://packages.docker.com/caas/ucp_images_2.2.18.tar.gz
- description: "2.2.18 IBM Z"
@ -296,14 +340,18 @@
- product: "dtr"
version: "2.6"
tar-files:
- description: "DTR 2.6.8 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.8.tar.gz
- description: "DTR 2.6.7 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.7.tar.gz
- description: "DTR 2.6.6 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.6.tar.gz
url: https://packages.docker.com/caas/dtr_images_2.6.6.tar.gz
- description: "DTR 2.6.5 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.5.tar.gz
url: https://packages.docker.com/caas/dtr_images_2.6.5.tar.gz
- description: "DTR 2.6.4 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.4.tar.gz
url: https://packages.docker.com/caas/dtr_images_2.6.4.tar.gz
- description: "DTR 2.6.3 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.3.tar.gz
url: https://packages.docker.com/caas/dtr_images_2.6.3.tar.gz
- description: "DTR 2.6.2 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.6.2.tar.gz
- description: "DTR 2.6.1 Linux x86"
@ -313,6 +361,10 @@
- product: "dtr"
version: "2.5"
tar-files:
- description: "DTR 2.5.13 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.5.13.tar.gz
- description: "DTR 2.5.12 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.5.12.tar.gz
- description: "DTR 2.5.11 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.5.11.tar.gz
- description: "DTR 2.5.10 Linux x86"
@ -338,6 +390,8 @@
- product: "dtr"
version: "2.4"
tar-files:
- description: "DTR 2.4.13 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.4.13.tar.gz
- description: "DTR 2.4.12 Linux x86"
url: https://packages.docker.com/caas/dtr_images_2.4.12.tar.gz
- description: "DTR 2.4.11 Linux x86"

4
_data/toc.yaml
View File

@ -1269,7 +1269,7 @@ samples:
- path: /engine/examples/apt-cacher-ng/
title: apt-cacher-ng
- path: /engine/examples/dotnetcore/
title: .NET Core application
title: ASP.NET Core application
- path: /compose/aspnet-mssql-compose/
title: ASP.NET Core + SQL Server on Linux
- path: /engine/examples/couchdb_data_volumes/
@ -3380,7 +3380,7 @@ manuals:
title: CLI reference
- sectiontitle: Docker Compose
section:
- path: /compose/overview/
- path: /compose/
title: Overview of Docker Compose
- path: /compose/install/
title: Install Compose

4
_scripts/make-archive-branch.sh
View File

@ -88,14 +88,14 @@ bash _scripts/fetch-upstream-resources.sh -l
# /docker-hub/
# These rely on _layout/archive-redirect.html
only_live_contents=("samples" "docker-id" "docker-cloud" "docker-hub" "docker-store")
only_live_contents=("samples" "docker-id" "docker-hub")
for dir in "${only_live_contents[@]}"; do
echo "Replacing contents of $dir with a redirect stub"
# Figure out the title, which should be title case with spaces instead of dashes
dir_title=$(echo $dir | sed 's/-/\ /g' | awk '{for(i=1;i<=NF;i++){ $i=toupper(substr($i,1,1)) substr($i,2) }}1')
echo "dir_title is ${dir_title}"
rm -Rf \"$dir\"
rm -Rf $dir/*
cat << EOF > "$dir/index.html"
---
layout: archive-redirect

10
assemble/images.md
View File

@ -12,8 +12,8 @@ To support multi-platform images, images must be pushed to a registry instead of
To enable the multi-platform mode, use the `--push` option. For example:
```
docker assemble build --push /path/to/my/project
```bash
$ docker assemble build --push /path/to/my/project
```
To push to an insecure (unencrypted) registry, use `--push-insecure` instead of `--push`.
@ -96,9 +96,11 @@ The runtime part includes:
You can find the bill of lading by inspecting the resulting image. It is stored using the label `com.docker.assemble.bill-of-lading`:
{% raw %}
```bash
$ docker image inspect --format '{{ index .Config.Labels "com.docker.assemble.bill-of-lading" }}' <image>
```
docker image inspect --format '{{ index .Config.Labels "com.docker.assemble.bill-of-lading" }}' <image>
```
{% endraw %}
> **Note:** The bill of lading is only supported on the `linux/amd64` platform and only for images which are based on Alpine (`apk`), Red Hat (`rpm`) or Debian (`dpkg-query`).

183
compose/index.md
View File

@ -1,24 +1,187 @@
---
description: Introduction and Overview of Compose
keywords: documentation, docs, docker, compose, orchestration, containers
title: Docker Compose
notoc: true
keywords: documentation, docs, docker, compose, orchestration, containers
title: Overview of Docker Compose
redirect_from:
- /compose/overview/
---
Compose is a tool for defining and running multi-container Docker applications. To learn more about Compose refer to the following documentation:
>**Looking for Compose file reference?** [Find the latest version here](/compose/compose-file/index.md).
- [Compose Overview](overview.md)
- [Install Compose](install.md)
Compose is a tool for defining and running multi-container Docker applications.
With Compose, you use a YAML file to configure your application's services.
Then, with a single command, you create and start all the services
from your configuration. To learn more about all the features of Compose,
see [the list of features](overview.md#features).
Compose works in all environments: production, staging, development, testing, as
well as CI workflows. You can learn more about each case in [Common Use
Cases](overview.md#common-use-cases).
Using Compose is basically a three-step process:
1. Define your app's environment with a `Dockerfile` so it can be reproduced
anywhere.
2. Define the services that make up your app in `docker-compose.yml`
so they can be run together in an isolated environment.
3. Run `docker-compose up` and Compose starts and runs your entire app.
A `docker-compose.yml` looks like this:
version: '3'
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
- logvolume01:/var/log
links:
- redis
redis:
image: redis
volumes:
logvolume01: {}
For more information about the Compose file, see the
[Compose file reference](compose-file/index.md).
Compose has commands for managing the whole lifecycle of your application:
* Start, stop, and rebuild services
* View the status of running services
* Stream the log output of running services
* Run a one-off command on a service
## Compose documentation
- [Installing Compose](install.md)
- [Getting Started](gettingstarted.md)
- [Get started with Django](django.md)
- [Get started with Rails](rails.md)
- [Get started with WordPress](wordpress.md)
- [Get started with Drupal](/samples/drupal/)
- [Frequently asked questions](faq.md)
- [Command-line reference](./reference/index.md)
- [Compose file reference](/compose/compose-file/index.md)
- [Environment file](env-file.md)
- [Command line reference](./reference/index.md)
- [Compose file reference](compose-file/index.md)
## Features
The features of Compose that make it effective are:
* [Multiple isolated environments on a single host](overview.md#Multiple-isolated-environments-on-a-single-host)
* [Preserve volume data when containers are created](overview.md#preserve-volume-data-when-containers-are-created)
* [Only recreate containers that have changed](overview.md#only-recreate-containers-that-have-changed)
* [Variables and moving a composition between environments](overview.md#variables-and-moving-a-composition-between-environments)
### Multiple isolated environments on a single host
Compose uses a project name to isolate environments from each other. You can make use of this project name in several different contexts:
* on a dev host, to create multiple copies of a single environment, such as when you want to run a stable copy for each feature branch of a project
* on a CI server, to keep builds from interfering with each other, you can set
the project name to a unique build number
* on a shared host or dev host, to prevent different projects, which may use the
same service names, from interfering with each other
The default project name is the basename of the project directory. You can set
a custom project name by using the
[`-p` command line option](./reference/overview.md) or the
[`COMPOSE_PROJECT_NAME` environment variable](./reference/envvars.md#compose-project-name).
### Preserve volume data when containers are created
Compose preserves all volumes used by your services. When `docker-compose up`
runs, if it finds any containers from previous runs, it copies the volumes from
the old container to the new container. This process ensures that any data
you've created in volumes isn't lost.
If you use `docker-compose` on a Windows machine, see
[Environment variables](reference/envvars.md) and adjust the necessary environment
variables for your specific needs.
### Only recreate containers that have changed
Compose caches the configuration used to create a container. When you
restart a service that has not changed, Compose re-uses the existing
containers. Re-using containers means that you can make changes to your
environment very quickly.
### Variables and moving a composition between environments
Compose supports variables in the Compose file. You can use these variables
to customize your composition for different environments, or different users.
See [Variable substitution](compose-file.md#variable-substitution) for more
details.
You can extend a Compose file using the `extends` field or by creating multiple
Compose files. See [extends](extends.md) for more details.
## Common use cases
Compose can be used in many different ways. Some common use cases are outlined
below.
### Development environments
When you're developing software, the ability to run an application in an
isolated environment and interact with it is crucial. The Compose command
line tool can be used to create the environment and interact with it.
The [Compose file](compose-file.md) provides a way to document and configure
all of the application's service dependencies (databases, queues, caches,
web service APIs, etc). Using the Compose command line tool you can create
and start one or more containers for each dependency with a single command
(`docker-compose up`).
Together, these features provide a convenient way for developers to get
started on a project. Compose can reduce a multi-page "developer getting
started guide" to a single machine readable Compose file and a few commands.
### Automated testing environments
An important part of any Continuous Deployment or Continuous Integration process
is the automated test suite. Automated end-to-end testing requires an
environment in which to run tests. Compose provides a convenient way to create
and destroy isolated testing environments for your test suite. By defining the full environment in a [Compose file](compose-file.md), you can create and destroy these environments in just a few commands:
$ docker-compose up -d
$ ./run_tests
$ docker-compose down
### Single host deployments
Compose has traditionally been focused on development and testing workflows,
but with each release we're making progress on more production-oriented features. You can use Compose to deploy to a remote Docker Engine. The Docker Engine may be a single instance provisioned with
[Docker Machine](/machine/overview.md) or an entire
[Docker Swarm](/engine/swarm/index.md) cluster.
For details on using production-oriented features, see
[compose in production](production.md) in this documentation.
## Release notes
To see a detailed list of changes for past and current releases of Docker
Compose, refer to the
[CHANGELOG](https://github.com/docker/compose/blob/master/CHANGELOG.md).
## Getting help
Docker Compose is under active development. If you need help, would like to
contribute, or simply want to talk about the project with like-minded
individuals, we have a number of open channels for communication.
* To report bugs or file feature requests: use the [issue tracker on Github](https://github.com/docker/compose/issues).
* To talk about the project with people in real time: join the
`#docker-compose` channel on freenode IRC.
* To contribute code or documentation changes: submit a [pull request on Github](https://github.com/docker/compose/pulls).
For more information and resources, visit the [Getting Help project page](/opensource/get-help/).

185
compose/overview.md
View File

@ -1,185 +0,0 @@
---
description: Introduction and Overview of Compose
keywords: documentation, docs, docker, compose, orchestration, containers
title: Overview of Docker Compose
---
>**Looking for Compose file reference?** [Find the latest version here](/compose/compose-file/index.md).
Compose is a tool for defining and running multi-container Docker applications.
With Compose, you use a YAML file to configure your application's services.
Then, with a single command, you create and start all the services
from your configuration. To learn more about all the features of Compose,
see [the list of features](overview.md#features).
Compose works in all environments: production, staging, development, testing, as
well as CI workflows. You can learn more about each case in [Common Use
Cases](overview.md#common-use-cases).
Using Compose is basically a three-step process:
1. Define your app's environment with a `Dockerfile` so it can be reproduced
anywhere.
2. Define the services that make up your app in `docker-compose.yml`
so they can be run together in an isolated environment.
3. Run `docker-compose up` and Compose starts and runs your entire app.
A `docker-compose.yml` looks like this:
version: '3'
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
- logvolume01:/var/log
links:
- redis
redis:
image: redis
volumes:
logvolume01: {}
For more information about the Compose file, see the
[Compose file reference](compose-file/index.md).
Compose has commands for managing the whole lifecycle of your application:
* Start, stop, and rebuild services
* View the status of running services
* Stream the log output of running services
* Run a one-off command on a service
## Compose documentation
- [Installing Compose](install.md)
- [Getting Started](gettingstarted.md)
- [Get started with Django](django.md)
- [Get started with Rails](rails.md)
- [Get started with WordPress](wordpress.md)
- [Frequently asked questions](faq.md)
- [Command line reference](./reference/index.md)
- [Compose file reference](compose-file/index.md)
## Features
The features of Compose that make it effective are:
* [Multiple isolated environments on a single host](overview.md#Multiple-isolated-environments-on-a-single-host)
* [Preserve volume data when containers are created](overview.md#preserve-volume-data-when-containers-are-created)
* [Only recreate containers that have changed](overview.md#only-recreate-containers-that-have-changed)
* [Variables and moving a composition between environments](overview.md#variables-and-moving-a-composition-between-environments)
### Multiple isolated environments on a single host
Compose uses a project name to isolate environments from each other. You can make use of this project name in several different contexts:
* on a dev host, to create multiple copies of a single environment, such as when you want to run a stable copy for each feature branch of a project
* on a CI server, to keep builds from interfering with each other, you can set
the project name to a unique build number
* on a shared host or dev host, to prevent different projects, which may use the
same service names, from interfering with each other
The default project name is the basename of the project directory. You can set
a custom project name by using the
[`-p` command line option](./reference/overview.md) or the
[`COMPOSE_PROJECT_NAME` environment variable](./reference/envvars.md#compose-project-name).
### Preserve volume data when containers are created
Compose preserves all volumes used by your services. When `docker-compose up`
runs, if it finds any containers from previous runs, it copies the volumes from
the old container to the new container. This process ensures that any data
you've created in volumes isn't lost.
If you use `docker-compose` on a Windows machine, see
[Environment variables](reference/envvars.md) and adjust the necessary environment
variables for your specific needs.
### Only recreate containers that have changed
Compose caches the configuration used to create a container. When you
restart a service that has not changed, Compose re-uses the existing
containers. Re-using containers means that you can make changes to your
environment very quickly.
### Variables and moving a composition between environments
Compose supports variables in the Compose file. You can use these variables
to customize your composition for different environments, or different users.
See [Variable substitution](compose-file.md#variable-substitution) for more
details.
You can extend a Compose file using the `extends` field or by creating multiple
Compose files. See [extends](extends.md) for more details.
## Common use cases
Compose can be used in many different ways. Some common use cases are outlined
below.
### Development environments
When you're developing software, the ability to run an application in an
isolated environment and interact with it is crucial. The Compose command
line tool can be used to create the environment and interact with it.
The [Compose file](compose-file.md) provides a way to document and configure
all of the application's service dependencies (databases, queues, caches,
web service APIs, etc). Using the Compose command line tool you can create
and start one or more containers for each dependency with a single command
(`docker-compose up`).
Together, these features provide a convenient way for developers to get
started on a project. Compose can reduce a multi-page "developer getting
started guide" to a single machine readable Compose file and a few commands.
### Automated testing environments
An important part of any Continuous Deployment or Continuous Integration process
is the automated test suite. Automated end-to-end testing requires an
environment in which to run tests. Compose provides a convenient way to create
and destroy isolated testing environments for your test suite. By defining the full environment in a [Compose file](compose-file.md), you can create and destroy these environments in just a few commands:
$ docker-compose up -d
$ ./run_tests
$ docker-compose down
### Single host deployments
Compose has traditionally been focused on development and testing workflows,
but with each release we're making progress on more production-oriented features. You can use Compose to deploy to a remote Docker Engine. The Docker Engine may be a single instance provisioned with
[Docker Machine](/machine/overview.md) or an entire
[Docker Swarm](/engine/swarm/index.md) cluster.
For details on using production-oriented features, see
[compose in production](production.md) in this documentation.
## Release notes
To see a detailed list of changes for past and current releases of Docker
Compose, refer to the
[CHANGELOG](https://github.com/docker/compose/blob/master/CHANGELOG.md).
## Getting help
Docker Compose is under active development. If you need help, would like to
contribute, or simply want to talk about the project with like-minded
individuals, we have a number of open channels for communication.
* To report bugs or file feature requests: use the [issue tracker on Github](https://github.com/docker/compose/issues).
* To talk about the project with people in real time: join the
`#docker-compose` channel on freenode IRC.
* To contribute code or documentation changes: submit a [pull request on Github](https://github.com/docker/compose/pulls).
For more information and resources, visit the [Getting Help project page](/opensource/get-help/).

2
config/containers/logging/fluentd.md
View File

@ -123,7 +123,7 @@ How long to wait between retries. Defaults to 1 second.
### fluentd-max-retries
The maximum number of retries. Defaults to `10`.
The maximum number of retries. Defaults to `4294967295` (2**32 - 1).
### fluentd-sub-second-precision

2
config/daemon/systemd.md
View File

@ -57,7 +57,7 @@ To accomplish this, set the following flags in the `daemon.json` file:
```none
{
"data-root": "/mnt/docker-data",
"storage-driver": "overlay"
"storage-driver": "overlay2"
}
```

1
datacenter/ucp/3.0/guides/user/kubernetes/layer-7-routing.md
View File

@ -4,7 +4,6 @@ description: Learn how to route traffic to your Kubernetes workloads in
Docker Enterprise Edition.
keywords: UCP, Kubernetes, ingress, routing
redirect_from:
- /ee/ucp/kubernetes/deploy-ingress-controller/
---
When you deploy a Kubernetes application, you may want to make it accessible

4
develop/develop-images/dockerfile_best-practices.md
View File

@ -867,7 +867,7 @@ like `RUN groupadd -r postgres && useradd --no-log-init -r -g postgres postgres`
Avoid installing or using `sudo` as it has unpredictable TTY and
signal-forwarding behavior that can cause problems. If you absolutely need
functionality similar to `sudo`, such as initializing the daemon as `root` but
running it as non-`root`), consider using ["gosu"](https://github.com/tianon/gosu).
running it as non-`root`, consider using [“gosu”](https://github.com/tianon/gosu).
Lastly, to reduce layers and complexity, avoid switching `USER` back and forth
frequently.
@ -896,7 +896,7 @@ A Docker build executes `ONBUILD` commands before any command in a child
`ONBUILD` is useful for images that are going to be built `FROM` a given
image. For example, you would use `ONBUILD` for a language stack image that
builds arbitrary user software written in that language within the
`Dockerfile`, as you can see in [Rubys `ONBUILD` variants](https://github.com/docker-library/ruby/blob/master/2.4/jessie/onbuild/Dockerfile).
`Dockerfile`, as you can see in [Rubys `ONBUILD` variants](https://github.com/docker-library/ruby/blob/c43fef8a60cea31eb9e7d960a076d633cb62ba8d/2.4/jessie/onbuild/Dockerfile).
Images built from `ONBUILD` should get a separate tag, for example:
`ruby:1.9-onbuild` or `ruby:2.0-onbuild`.

28
docker-for-mac/edge-release-notes.md
View File

@ -18,6 +18,34 @@ for Mac](install.md#download-docker-for-mac).
## Edge Releases of 2019
### Docker Community Edition 2.0.5.0 2019-06-12
[Download](https://download.docker.com/mac/edge/35318/Docker.dmg)
This is the Edge channel, which gives you early access to our newest features. Be aware that some of them may be experimental, and some of them may not ever reach the Stable release.
This release contains a Kubernetes upgrade. Note that your local Kubernetes cluster will be reset after install.
* Upgrades
- [Docker 19.03.0-rc2](https://github.com/docker/docker-ce/releases/tag/v19.03.0-rc2)
- [Kubernetes 1.14.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.14.3)
- [Compose on Kubernetes 0.4.23](https://github.com/docker/compose-on-kubernetes/releases/tag/v0.4.23)
- [linuxkit v0.7](https://github.com/linuxkit/linuxkit/releases/tag/v0.7)
- [Qemu 4.0.0](https://github.com/docker/binfmt) for cross compiling for ARM
* New
- Docker Desktop includes the `buildx` plugin (currently experimental).
- Selecting the `Experimental features` checkbox on the Docker Desktop Preferences Daemon page enables experimental features in the Docker daemon and the Docker CLI.
- Docker Desktop has improved the reliability of `com.docker.osxfs trace` performance profiling command.
- Users can now run the `com.docker.osxfs trace --summary` option to get a high-level summary of operations, instead of receiving a trace of all operations.
- Docker Desktop now supports large lists of DNS resource records on Mac. Fixes [docker/for-mac#2160](https://github.com/docker/for-mac/issues/2160#issuecomment-431571031)
* Bug fixes and minor changes
- Docker Desktop does not send DNS queries for `docker-desktop.<domain>` every 10s. It now relies on the host's DNS domain search order rather than trying to replicate it inside the VM.
- Docker Desktop has removed the ability to log in using email address as a username as the Docker command line does not support this.
- Docker Desktop now allows running a Docker registry inside a container. Fixes [docker/for-mac#3611](https://github.com/docker/for-mac/issues/3611)
- Fixed a stability issue with the DNS resolver.
### Docker Community Edition 2.0.4.1 2019-05-07
[Download](https://download.docker.com/mac/edge/34207/Docker.dmg)

2
docker-for-mac/install.md
View File

@ -49,7 +49,7 @@ for Docker Desktop for Mac, and how the two products can coexist.
* **What the install includes**: The installation provides
[Docker Engine](/engine/userguide/), Docker CLI client,
[Docker Compose](/compose/overview/), [Docker Machine](/machine/overview/), and [Kitematic](/kitematic/userguide.md).
[Docker Compose](/compose/), [Docker Machine](/machine/overview/), and [Kitematic](/kitematic/userguide.md).
## Install and run Docker Desktop for Mac

33
docker-for-windows/edge-release-notes.md
View File

@ -18,6 +18,39 @@ for Windows](install.md#download-docker-for-windows).
## Edge Releases of 2019
### Docker Community Edition 2.0.5.0 2019-06-12
[Download](https://download.docker.com/win/edge/35318/Docker%20Desktop%20Installer.exe)
This is the Edge channel, which gives you early access to our newest features. Be aware that some of them may be experimental, and some of them may not ever reach the Stable release.
This release contains a Kubernetes upgrade. Note that your local Kubernetes cluster will be reset after installation.
* Upgrades
- [Docker 19.03.0-rc2](https://github.com/docker/docker-ce/releases/tag/v19.03.0-rc2)
- [Kubernetes 1.14.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.14.3)
- [Compose on Kubernetes 0.4.23](https://github.com/docker/compose-on-kubernetes/releases/tag/v0.4.23)
- [linuxkit v0.7](https://github.com/linuxkit/linuxkit/releases/tag/v0.7)
- [Qemu 4.0.0](https://github.com/docker/binfmt) for cross compiling for ARM
* New
- Docker Desktop includes the `buildx` plugin (currently experimental).
- Selecting the `Experimental features` checkbox on the Docker Desktop settings Daemon page enables experimental features in the Docker daemon and the Docker CLI.
- Docker Desktop now checks for stored credentials at startup before attempting to mount any shared drives. This prompts users to reenter the credentials if they are invalid.
* Bug fixes and minor changes
- Fixed race condition where Kubernetes sometimes fails to start after the app is restarted.
- The system tray icon now opens the Docker Desktop menu with left or right mouse button.
- When displaying the crash report window, Docker Desktop does not send a bugsnag crash report unless the user needs the report to upload diagnostics.
- Docker Desktop has removed the ability to log in using email address as a username as the Docker command line does not support this.
- For Linux containers on Windows (LCOW), at least one physical computer running Windows 10 Professional or Windows 10 Enterprise version 1809 or later is required.
- The `Send usage statistics` checkbox is selected by default in Docker Desktop for Windows (Community). This option cannot be modified.
- Docker Desktop has added a new dialog box during startup which allows users to retry mounting a shared drive or remove it from the shared drives list after a failed attempt.
* Known issues
- Windows containers networking does not work properly on Windows 1903.
### Docker Community Edition 2.0.4.1 2019-05-07
[Download](https://download.docker.com/win/edge/34207/Docker%20Desktop%20Installer.exe)

2
docker-for-windows/troubleshoot.md
View File

@ -301,7 +301,7 @@ Docker Desktop for Windows requires a Hyper-V as well as the Hyper-V Module for
Powershell to be installed and enabled. The Docker Desktop for Windows installer enables
it for you.
Docker Desktop for Windows also needs two CPU hardware features to use Hyper-V: Virtualization and SLAT (Second Level Adress Translation), which is also called RVI (Rapid Virtualization Indexing).
Docker Desktop for Windows also needs two CPU hardware features to use Hyper-V: Virtualization and SLAT (Second Level Address Translation), which is also called RVI (Rapid Virtualization Indexing).
On some systems, Virtualization needs to be enabled in the BIOS. The steps required are vendor-specific, but typically the BIOS option is called `Virtualization Technology (VTx)` or something similar. Run the command `systeminfo` to check all required Hyper-V features. See [Pre-requisites for Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/hyper-v-requirements) for more details.
To install Hyper-V manually, see [Install Hyper-V on Windows 10](https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/quick_start/walkthrough_install). A reboot is *required* after installation. If you install Hyper-V without rebooting, Docker Desktop for Windows does not work correctly.

202
ee/dtr/release-notes.md
View File

@ -80,6 +80,64 @@ to upgrade your installation to the latest release.
# Version 2.6
## 2.6.8
(2019-7-17)
### Bug fixes
* Fixed a bug where non-admin user repository pagination was broken. (docker/dhe-deploy #10464)
* Fixed a bug where the `dockersearch` API returned incorrect results when the search query ended in a digit. (docker/dhe-deploy #10434)
### Security
* Bumped the Golang version for DTR to `1.12.7`. (docker/dhe-deploy #10460)
* Bumped the Alpine version of the base images to `3.9.4`. (docker/dhe-deploy #10460)
### Known issues
* Docker Engine Enterprise Edition (Docker EE) Upgrade
* There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
* Web Interface
* Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
* When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
* In order to set a tag limit for pruning purposes, immutability must be turned off for a repository. This limitation is not clear in the **Repository Settings** view. (docker/dhe-deploy #9554)
* Webhooks
* When configured for "Image promoted from repository" events, a webhook notification is triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685)
* HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492)
* System
* When upgrading from `2.5` to `2.6`, the system will run a `metadatastoremigration` job after a successful upgrade. This is necessary for online garbage collection. If the three system attempts fail, you will have to retrigger the `metadatastoremigration` job manually. [Learn about manual metadata store migration](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
## 2.6.7
(2019-6-27)
### Enhancements
* Added UI support to retain metadata when switching between storage drivers.(docker/dhe-deploy#10340). For more information, see (docker/dhe-deploy #10199) and (docker/dhe-deploy #10181).
* Added UI support to disable persistent cookies. (docker/dhe-deploy #10353)
### Bug fixes
* Fixed a UI bug where non-admin namespace owners could not create a repository. (docker/dhe-deploy #10371)
* Fixed a bug where duplicate scan jobs were causing scans to never exit. (docker/dhe-deploy #10316)
* Fixed a bug where logged in users were unable to pull from public repositories. (docker/dhe-deploy #10343)
* Fixed a bug where attempts to switch pages to navigate through the list of repositories did not result in an updated list of repositories. (docker/dhe-deploy #10377)
* Fixed a pagination issue where the number of repositories listed when switching pages was not accurate. (docker/dhe-deploy #10376)
### Known issues
* Docker Engine Enterprise Edition (Docker EE) Upgrade
* There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
* Web Interface
* Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
* When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
* In order to set a tag limit for pruning purposes, immutability must be turned off for a repository. This limitation is not clear in the **Repository Settings** view. (docker/dhe-deploy #9554)
* Webhooks
* When configured for "Image promoted from repository" events, a webhook notification is triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685)
* HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492)
* System
* When upgrading from `2.5` to `2.6`, the system will run a `metadatastoremigration` job after a successful upgrade. This is necessary for online garbage collection. If the three system attempts fail, you will have to retrigger the `metadatastoremigration` job manually. [Learn about manual metadata store migration](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
## 2.6.6
(2019-5-6)
@ -94,7 +152,7 @@ to upgrade your installation to the latest release.
- Next, add `keep_metadata: true` as a top-level key in the JSON you just created and modify it to contain your new storage settings.
- Finally, update your Registry settings with your modified JSON file via `curl -X PUT .../api/v0/admin/settings/registry -d @storage.json`.
### Bug Fixes
### Bug fixes
* Fixed an issue where replica version was inferred from DTR volume labels. (docker/dhe-deploy#10266)
@ -119,7 +177,7 @@ to upgrade your installation to the latest release.
## 2.6.5
(2019-4-11)
### Bug Fixes
### Bug fixes
* Fixed a bug where the web interface was not rendering for non-admin users.
* Removed `Users` tab from the side navigation [#10222](https://github.com/docker/dhe-deploy/pull/10222)
@ -145,7 +203,7 @@ to upgrade your installation to the latest release.
* Added `--storage-migrated` option to reconfigure with migrated content when moving content to a new NFS URL. (ENGDTR-794)
* Added a job log status filter which allows users to exclude jobs that are not currently ***running***. (docker/dhe-deploy #10077)
### Bug Fixes
### Bug fixes
* If you have a repository in DTR 2.4 with manifest lists enabled, `docker pull` would fail on images that have been pushed to the repository after you upgrade to 2.5 and opt into garbage collection. This also applied when upgrading from 2.5 to 2.6. The issue has been fixed in DTR 2.6.4. (ENGDTR-330 and docker/dhe-deploy #10105)
@ -172,7 +230,7 @@ to upgrade your installation to the latest release.
* Bump the Golang version that is used to build DTR to version 1.11.5. (docker/dhe-deploy#10060)
### Bug Fixes
### Bug fixes
* Users with read-only permissions can no longer see the README edit button for a repository. (docker/dhe-deploy#10056)
@ -201,7 +259,7 @@ to upgrade your installation to the latest release.
(2019-1-29)
### Bug Fixes
### Bug fixes
* Fixed a bug where scanning Windows images were stuck in Pending state. (docker/dhe-deploy #9969)
@ -231,7 +289,7 @@ to upgrade your installation to the latest release.
(2019-01-09)
### Bug Fixes
### Bug fixes
* Fixed a bug where notary signing data was not being backed up properly (docker/dhe-deploy #9862)
* Allow a cluster to go from 2 replicas to 1 without forcing removal (docker/dhe-deploy #9840)
@ -266,7 +324,7 @@ to upgrade your installation to the latest release.
(2018-11-08)
### New Features
### New features
* Web Interface
* Online garbage collection is no longer an experimental feature. Users can now write to DTR and push images during garbage collection. [Learn about garbage collection](/ee/dtr/admin/configure/garbage-collection/).
@ -325,7 +383,6 @@ to upgrade your installation to the latest release.
* `DELETE /api/v0/repositories/{namespace}/{reponame}/manifests/{reference}`
* The `enableManifestLists` field on the `POST /api/v0/repositories/{namespace}` endpoint will be removed in DTR 2.7. See [Deprecation Notice](deprecation-notice) for more details.
# Version 2.5
@ -334,6 +391,80 @@ to upgrade your installation to the latest release.
>
> Upgrade path from 2.5.x to 2.6: Upgrade directly to 2.6.4.
## 2.5.13
(2019-07-17)
### Bug fix
* Fixed a bug where the dockersearch API returned incorrect results when the search query ended in a digit. (docker/dhe-deploy #10435)
### Security
* Bumped the Golang version for DTR to `1.12.7`. (docker/dhe-deploy#10463)
* Bumped the Alpine version of the base images to `3.9.4`. (docker/dhe-deploy#10463)
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
repository and tag.
* When deleting a repository with signed images, the DTR web interface no longer
shows instructions on how to delete trust data.
* There's no web interface support to update mirroring policies when rotating the TLS
certificates used by DTR. Use the API instead.
* The web interface for promotion policies is currently broken if you have a large number
of repositories.
* Clicking "Save & Apply" on a promotion policy doesn't work.
* Webhooks
* There is no webhook event for when an image is pulled.
* HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492)
* When configured for "Image promoted from repository" events, a webhook notification will be triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685)
* Online garbage collection
* The events API won't report events when tags and manifests are deleted.
* The events API won't report blobs deleted by the garbage collection job.
* Docker EE Advanced features
* Scanning any new push after metadatastore migration will not yet work.
* Pushes to repos with promotion policies (repo as source) are broken when an
image has a layer over 100MB.
* On upgrade the scanningstore container may restart with this error message:
FATAL: database files are incompatible with server
## 2.5.12
(2019-06-27)
### Bug fixes
* Fixed a bug where duplicate scan jobs were causing scans to never exit.(docker/dhe-deploy #10322)
* Fixed a pagination issue where the number of repositories listed when switching pages was not accurate. (docker/dhe-deploy #10383)
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
repository and tag.
* When deleting a repository with signed images, the DTR web interface no longer
shows instructions on how to delete trust data.
* There's no web interface support to update mirroring policies when rotating the TLS
certificates used by DTR. Use the API instead.
* The web interface for promotion policies is currently broken if you have a large number
of repositories.
* Clicking "Save & Apply" on a promotion policy doesn't work.
* Webhooks
* There is no webhook event for when an image is pulled.
* HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492)
* When configured for "Image promoted from repository" events, a webhook notification will be triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685)
* Online garbage collection
* The events API won't report events when tags and manifests are deleted.
* The events API won't report blobs deleted by the garbage collection job.
* Docker EE Advanced features
* Scanning any new push after metadatastore migration will not yet work.
* Pushes to repos with promotion policies (repo as source) are broken when an
image has a layer over 100MB.
* On upgrade the scanningstore container may restart with this error message:
FATAL: database files are incompatible with server
## 2.5.11
(2019-05-06)
@ -344,12 +475,12 @@ to upgrade your installation to the latest release.
* Bumped the Alpine version of the base image to 3.9. (docker/dhe-deploy #10301)
* Bumped Python dependencies to address vulnerabilities. (docker/dhe-deploy #10308 and #10311)
### Bug Fixes
### Bug fixes
* Fixed an issue where read / write permissions were used when copying files into containers. (docker/dhe-deploy #10207)
* Fixed an issue where non-admin users could not access their repositories from the Repositories page on the web interface. (docker/dhe-deploy #10294)
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
@ -380,11 +511,11 @@ to upgrade your installation to the latest release.
(2019-3-28)
### Bug Fixes
### Bug fixes
* If you have a repository in DTR 2.4 with manifest lists enabled, `docker pull` used to fail on images that were pushed to the repository after you upgraded to 2.5 and opted into garbage collection. This has been fixed in 2.5.10. (docker/dhe-deploy#10106)
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -418,7 +549,7 @@ to upgrade your installation to the latest release.
* Bump the Golang version that is used to build DTR to version 1.10.8. (docker/dhe-deploy#10071)
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -451,11 +582,11 @@ to upgrade your installation to the latest release.
(2019-1-29)
### Bug Fixes
### Bug fixes
* Fixed an issue that prevented vulnerability updates from running if they were previously interrupted. (docker/dhe-deploy #9958)
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -488,7 +619,7 @@ to upgrade your installation to the latest release.
(2019-01-09)
### Bug Fixes
### Bug fixes
* Fixed a bug where manifest lists were being appended to existing manifests lists when pushed. (docker/dhe-deploy #9811)
* Updated GoRethink library to avoid potential lock contention. (docker/dhe-deploy #9812)
@ -497,7 +628,7 @@ to upgrade your installation to the latest release.
### Changelog
* GoLang version bump to 1.10.7.
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -530,7 +661,7 @@ to upgrade your installation to the latest release.
(2018-10-25)
### Bug Fixes
### Bug fixes
* Fixed a bug where Windows images could not be promoted. (docker/dhe-deploy#9215)
* Removed Python3 from base image. (docker/dhe-deploy#9219)
* Added CSP (docker/dhe-deploy#9366)
@ -539,7 +670,7 @@ to upgrade your installation to the latest release.
* Backported ManifestList fixes. (docker/dhe-deploy#9547)
* Removed support sidebar link and associated content. (docker/dhe-deploy#9411)
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -572,13 +703,13 @@ to upgrade your installation to the latest release.
(2018-8-30)
### Bug Fixes
### Bug fixes
* Fixed bug where repository tag list UI was not loading after a tag migration.
* Fixed bug to enable poll mirroring with Windows images.
* The RethinkDB image has been patched to remove unused components with known vulnerabilities including the RethinkCLI. To get an equivalent interface, run RethinkCLI from a separate image using `docker run -it --rm --net dtr-ol -v dtr-ca-$REPLICA_ID:/ca dockerhubenterprise/rethinkcli:v2.3.0 $REPLICA_ID`.
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -611,17 +742,17 @@ to upgrade your installation to the latest release.
(2018-6-21)
### New Features
### New features
* Allow users to adjust DTR log levels for alternative logging solutions.
### Bug Fixes
### Bug fixes
* Fixed URL redirect to release notes.
* Prevent OOM during garbage collection by reading less data into memory at a time.
* Fixed issue where worker capacities wouldn't update on minor version upgrades.
### Known Issues
### Known issues
* Web Interface
* The web interface shows "This repository has no tags" in repositories where tags
have long names. As a workaround, reduce the length of the name for the
@ -843,9 +974,22 @@ specify `--log-protocol`.
> **Important DTR Upgrade Information**
> If you have manifest lists enabled on any of your repositories:
>
> Upgrade path from 2.4.x to 2.5: Do not opt into garbage collection, or directly upgrade to 2.5.10 if you need to opt into > garbage collection.
> Upgrade path from 2.4.x to 2.5: Do not opt into garbage collection, or directly upgrade to 2.5.10 if you need to opt into garbage collection.
> Upgrade path from 2.5.x to 2.6: Upgrade directly to 2.6.4.
## 2.4.13
(2019-07-17)
### Bug fix
* Fixed a bug where duplicate scan jobs were causing scans to never exit. (docker/dhe-deploy#10314)
### Security
* Bumped the Golang version for DTR to `1.12.7`. (docker/dhe-deploy#10461)
* Bumped the Alpine version of the base images to `3.9.4`. (docker/dhe-deploy#10461)
## 2.4.12
(2019-05-06)
@ -896,7 +1040,7 @@ of testing the server to find which version works.
(2018-10-25)
### Bug Fixes
### Bug fixes
* Added CSP (Content Security Policy). (docker/dhe-deploy#9367 and docker/dhe-deploy#9584)
* Fixed critical vulnerability in RethinkDB. (docker/dhe-deploy#9574)
@ -914,7 +1058,7 @@ of testing the server to find which version works.
(2018-07-26)
### Bug Fixes
### Bug fixes
* Fixed bug where repository tag list UI was not loading after a tag migration.
* The RethinkDB image has been patched to remove unused components with known vulnerabilities including the rethinkcli. To get an equivalent interface please run the rethinkcli from a separate image using `docker run -it --rm --net dtr-ol -v dtr-ca-$REPLICA_ID:/ca dockerhubenterprise/rethinkcli $REPLICA_ID`.
@ -928,11 +1072,11 @@ of testing the server to find which version works.
(2018-06-21)
**New Features**
**New features**
* Allow users to adjust DTR log levels for alternative logging solutions.
**Bug Fixes**
**Bug fixes**
* Prevent OOM during garbage collection by reading less data into memory at a time.

22
ee/supported-platforms.md
View File

@ -23,7 +23,8 @@ see [Docker Enterprise](https://www.docker.com/enterprise-edition/).
> Compatibility Matrix
>
> Refer to the [Compatibility Matrix](https://success.docker.com/article/compatibility-matrix) for the latest list of supported platforms.
> Refer to the [Compatibility Matrix](https://success.docker.com/article/compatibility-matrix)
> for the latest list of supported platforms.
{: .important}
## Docker Enterprise products
@ -48,9 +49,13 @@ maintenance cycles for patches for up to 24 months.
### New licensing for Docker Enterprise
Starting in version 18.09, Docker Enterprise is aware of the license applied on the system. The license summary is available in the `docker info` output on standalone or manager nodes.
Starting in version 18.09, Docker Enterprise is aware of the license applied on
the system. The license summary is available in the `docker info` output on
standalone or manager nodes.
For Docker Enterprise customers, when you license Universal Control Plane (UCP), this same license is applied to the underlying engines in the cluster. Docker recommends that Enterprise customers use UCP to manage their license.
For Docker Enterprise customers, when you license Universal Control Plane
(UCP), this same license is applied to the underlying engines in the cluster.
Docker recommends that Enterprise customers use UCP to manage their license.
Standalone Docker Engine - Enterprise users can license engines using `docker engine activate`.
@ -82,13 +87,20 @@ a CLI plugin for automated deployment and configuration, and third-party ecosyst
Each Docker Enterprise release is supported and maintained for 24 months, and
receives security and critical bug fixes during this period.
The Docker API version is independent of the Docker version. We maintain careful API backward compatibility and deprecate APIs and features slowly and conservatively. We remove features after deprecating them for a period of
The Docker API version is independent of the Docker version. We maintain
careful API backward compatibility and deprecate APIs and features slowly and
conservatively. We remove features after deprecating them for a period of
three stable releases. Docker 1.13 introduced improved interoperability
between clients and servers using different API versions, including dynamic
feature negotiation.
## Upgrades and support
Docker supports Docker Enterprise minor releases for 24 months. Upgrades to the latest minor release of Docker Enterprise are not required, however we recommend staying on the latest maintenance release of the supported minor release you are on. Please see [Maintenance Lifecycle](https://success.docker.com/article/maintenance-lifecycle) for more details on EOL of minor and major versions of Docker Enterprise.
Docker supports Docker Enterprise minor releases for 24 months. Upgrades to the
latest minor release of Docker Enterprise are not required, however we
recommend staying on the latest maintenance release of the supported minor
release you are on. Please see [Maintenance
Lifecycle](https://success.docker.com/article/maintenance-lifecycle) for more
details on EOL of minor and major versions of Docker Enterprise.
## Where to go next

36
ee/telemetry.md
View File

@ -53,7 +53,36 @@ You can find out more about an individual option by clicking the **?** icon.
## Use the CLI to control telemetry
To disable the telemetry plugin, use the `docker plugin disable` with either the plugin NAME or ID:
At the engine level, there is a telemetry module built into the Docker
Enterprise Engine 18.09 or newer. It can be disabled by modifing the [daemon
configuration
file](https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file).
By default this is stored at `/etc/docker/daemon.json`.
```bash
{
"features": {
"telemetry": false
}
}
```
For the Docker daemon to pick up the changes in the configuration file, the
Docker daemon will need to be restarted.
```bash
$ sudo systemctl reboot docker
```
To reenable the telemetry module, swap the value to `"telemetry": true` or
completely remove the `"telemetry": false` line, as the default value is `true`.
### Docker Enterprise Engine 18.03 or older
For Docker Enterprise Engine 18.03 or older, the telemetry module ran as a
Docker Plugin. To disable the telemetry plugin, use the `docker plugin disable`
with either the plugin NAME or ID:
```bash
$ docker plugin ls
@ -65,7 +94,8 @@ $ docker plugin disable docker/telemetry:1.0.0.linux-x86_64-stable
This command must be run on each Docker host.
To re-enable the telemetry plugin, you can use `docker plugin enable` with either the plugin NAME or ID:
To re-enable the telemetry plugin, you can use `docker plugin enable` with
either the plugin NAME or ID:
```bash
$ docker plugin ls
@ -73,4 +103,4 @@ ID NAME [..]
114dbeaa400c docker/telemetry:1.0.0.linux-x86_64-stable [..]
$ docker plugin enable docker/telemetry:1.0.0.linux-x86_64-stable
```
```

2
ee/ucp/admin/configure/enable-audit-logging.md
View File

@ -112,7 +112,7 @@ level.
Enabling UCP audit logging via the UCP Configuration file can be done before
or after a UCP installation. Following the UCP Configuration file documentation
[here](../ucp-configuration-file/).
[here](./ucp-configuration-file/).
The section of the UCP configuration file that controls UCP auditing logging is:

63
ee/ucp/admin/configure/ucp-configuration-file.md
View File

@ -77,11 +77,11 @@ docker container run --rm {{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_ver
### auth.sessions
| Parameter | Required | Description |
|:----------------------------|:---------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `lifetime_minutes` | no | The initial session lifetime, in minutes. The default is 4320, which is 72 hours. |
| `renewal_threshold_minutes` | no | The length of time, in minutes, before the expiration of a session where, if used, a session will be extended by the current configured lifetime from then. A zero value disables session extension. The default is 1440, which is 24 hours. |
| `per_user_limit` | no | The maximum number of sessions that a user can have active simultaneously. If creating a new session would put a user over this limit, the least recently used session will be deleted. A value of zero disables limiting the number of sessions that users may have. The default is 5. |
| Parameter | Required | Description |
|:----------------------------|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `lifetime_minutes` | no | The initial session lifetime, in minutes. The default is 60 minutes. |
| `renewal_threshold_minutes` | no | The length of time, in minutes, before the expiration of a session where, if used, a session will be extended by the current configured lifetime from then. A zero value disables session extension. The default is 20 minutes. |
| `per_user_limit` | no | The maximum number of sessions that a user can have active simultaneously. If creating a new session would put a user over this limit, the least recently used session will be deleted. A value of zero disables limiting the number of sessions that users may have. The default is 10. |
### registries array (optional)
@ -93,17 +93,6 @@ An array of tables that specifies the DTR instances that the current UCP instanc
| `service_id` | yes | The DTR instance's OpenID Connect Client ID, as registered with the Docker authentication provider. |
| `ca_bundle` | no | If you're using a custom certificate authority (CA), `ca_bundle` specifies the root CA bundle for the DTR instance. The value is a string with the contents of a `ca.pem` file. |
### custom headers (optional)
Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`.
[[custom_api_server_headers]]
| Item | Description |
| ----------- | ----------- |
| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". |
| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". |
### audit_log_configuration table (optional)
Configures audit logging options for UCP components.
@ -165,6 +154,31 @@ Specifies whether the your UCP license is automatically renewed.
|:---------------|:---------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `auto_refresh` | no | Set to `true` to enable attempted automatic license renewal when the license nears expiration. If disabled, you must manually upload renewed license after expiration. The default is `true`. |
### custom headers (optional)
Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`.
`[[custom_api_server_headers]]`
| Item | Description |
|:--------|:--------------------------------------------------------------------------------------|
| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". |
| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". |
### user_workload_defaults (optional)
A map describing default values to set on Swarm services at creation time if
those fields are not explicitly set in the service spec.
`[user_workload_defaults]`
`[user_workload_defaults.swarm_defaults]`
| Parameter | Required | Description |
|:-------------------------------------------|:---------|:---------------------------------------------------------------------------------------------------------|
| `[tasktemplate.restartpolicy.delay]` | no | Delay between restart attempts (ns&#124;us&#124;ms&#124;s&#124;m&#124;h). The default is `value = "5s"`. |
| `[tasktemplate.restartpolicy.maxattempts]` | no | Maximum number of restarts before giving up. The default is `value = "3"`. |
### cluster_config table (required)
Configures the cluster that the current UCP instance manages.
@ -191,22 +205,23 @@ components. Assigning these values overrides the settings in a container's
| `metrics_retention_time` | no | Adjusts the metrics retention time. |
| `metrics_scrape_interval` | no | Sets the interval for how frequently managers gather metrics from nodes in the cluster. |
| `metrics_disk_usage_interval` | no | Sets the interval for how frequently storage metrics are gathered. This operation can be expensive when large volumes are present. |
| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. |
| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. |
| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. |
| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. |
| `cloud_provider` | no | Set the cloud provider for the kubernetes cluster. |
| `pod_cidr` | yes | Sets the subnet pool from which the IP for the Pod should be allocated from the CNI ipam plugin. Default is `192.168.0.0/16`. |
| `calico_mtu` | no | Set the MTU (maximum transmission unit) size for the Calico plugin. |
| `ipip_mtu` | no | Set the IPIP MTU size for the calico IPIP tunnel interface. |
| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. |
| `service-cluster-ip-range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`.
| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. |
| `service_cluster_ip_range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`. |
| `nodeport_range` | yes | Set the port range that for Kubernetes services of type NodePort can be exposed in. Default is `32768-35535`. |
| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) |
| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) |
| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) |
| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) |
| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) |
| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) |
| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) |
| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) |
| `local_volume_collection_mapping` | no | Store data about collections for volumes in UCP's local KV store instead of on the volume labels. This is used for enforcing access control on volumes. |
| `manager_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on manager nodes. |
| `worker_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on worker nodes. |
| `kubelet_max_pods` | yes | Set Number of Pods that can run on a node. Default is `110`.
*dev indicates that the functionality is only for development and testing. Arbitrary Kubernetes configuration parameters are not tested and supported under the Docker Enterprise Software Support Agreement.

3
ee/ucp/admin/install/cloudproviders/install-on-azure.md
View File

@ -45,6 +45,9 @@ to successfully deploy Docker UCP on Azure:
Configuration](#considerations-for-ipam-configuration).
- All UCP worker and manager nodes need to be attached to the same Azure
Subnet.
- Internal IP addresses for all nodes should be [set to
Static](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal),
rather than the default of Dynamic.
- The Azure Virtual Machine Object Name needs to match the Azure Virtual Machine
Computer Name and the Node Operating System's Hostname which is the FQDN of
the host, including domain names. Note that this requires all characters to be in lowercase.

17
ee/ucp/admin/install/plan-installation.md
View File

@ -42,13 +42,24 @@ this.
## Avoid IP range conflicts
The `service-cluster-ip-range` Kubernetes API Server flag is currently set to `10.96.0.0/16` and cannot be changed.
Swarm uses a default address pool of `10.0.0.0/8` for its overlay networks. If this conflicts with your current network implementation, please use a custom IP address pool. To specify a custom IP address pool, use the `--default-address-pool` command line option during [Swarm initialization](../../../../engine/swarm/swarm-mode.md).
> **Note**: Currently, the UCP installation process does not support this flag. To deploy with a custom IP pool, Swarm must first be installed using this flag and UCP must be installed on top of it.
Kubernetes uses a default cluster IP pool for pods that is `192.168.0.0/16`. If it conflicts with your current networks, please use a custom IP pool by specifying `--pod-cidr` during UCP installation.
### Kubernetes IP Range Conflicts
There are 2 internal IP ranges used within Kubernetes that may overlap and
conflict with the underlying infrastructure:
- The Pod Network - Each Pod in Kubernetes is given an IP address from either
the Calico or Azure IPAM services. In a default installation Pods are given
IP addresses on the `192.168.0.0/16` range. This can be customised at install
time using the `--pod-cidr` flag.
- The Services Network - When a user exposes a Service in Kubernetes it is
accesible via a VIP, this VIP comes from a Cluster IP Range. By default on UCP
this range is `10.96.0.0/16`. From UCP 3.1.8 and onwards this value can be
changed at install time with the `--service-cluster-ip-range` flag.
## Avoid firewall conflicts

2
ee/ucp/interlock/architecture.md
View File

@ -35,7 +35,7 @@ The interlock proxy.1 is then rescheduled with the new nginx configuration that
![Interlock default architecture](../images/single-interlock-deploy-2.png)
After proxy.1 is complete, proxy.2 redeploys with the updated ngix configuration for the app.1 task.
After proxy.1 is complete, proxy.2 redeploys with the updated ngnix configuration for the app.1 task.
![Interlock default architecture](../images/single-interlock-deploy-3.png)

10
ee/ucp/interlock/config/custom-template.md
View File

@ -8,10 +8,10 @@ keywords: routing, proxy
A custom extension template can be
used if a needed option is not available in the extension configuration.
> Warning:
This should be used with extreme caution as this completely bypasses the built-in
extension template. Therefore, if you update the extension image in the future,
you will not receive the updated template because you are using a custom one.
> Warning: This should be used with extreme caution as this completely bypasses
> the built-in extension template. Therefore, if you update the extension
> image in the future, you will not receive the updated template because you are
> using a custom one.
To use a custom template:
@ -24,6 +24,7 @@ First, create a Swarm config using the new template, as shown in the following e
The contents of the example `custom-template.conf` include:
{% raw %}
```
# CUSTOM INTERLOCK CONFIG
user {{ .ExtensionConfig.User }};
@ -279,6 +280,7 @@ stream {
}
}
```
{% endraw %}
## Creating a Swarm configuration object
To create a Swarm config object:

2
ee/ucp/interlock/config/tuning.md
View File

@ -30,5 +30,5 @@ updates, such as to let a service settle, use the `update-delay` setting. For e
thirty (30) seconds between updates, use the following command:
```bash
$> docker service update --update-delay=30s interlock=proxy
$> docker service update --update-delay=30s interlock-proxy
```

2
ee/ucp/interlock/usage/index.md
View File

@ -101,7 +101,7 @@ the host header, that request is forwarded to the demo service.
should attach to in order to be able to communicate with the demo service.
To use layer 7 routing, your services need to be attached to at least one network.
If your service is only attached to a single network, you don't need to add
a label to specify which network to use for routing. When using a common stack file for multiple deployments leveraging UCP Interlock / Layer 7 Routing, prefix `com.docker.lb.network` with the stack name to ensure traffic will be directed to the correct overlay network.
a label to specify which network to use for routing. When using a common stack file for multiple deployments leveraging UCP Interlock / Layer 7 Routing, prefix `com.docker.lb.network` with the stack name to ensure traffic will be directed to the correct overlay network. When using in combination with `com.docker.lb.ssl_passthrough` the label in mandatory, even if your service is only attached to a single network.
* The `com.docker.lb.port` label specifies which port the `ucp-interlock-proxy`
service should use to communicate with this demo service.
* Your service doesn't need to expose a port in the swarm routing mesh. All

2
ee/ucp/kubernetes/install-cni-plugin.md
View File

@ -55,7 +55,7 @@ will also be unavailable, as this runs in a Kubernetes pod.
Next, a platform operator should log into UCP, download a UCP client bundle, and
configure the Kubernetes CLI tool, `kubectl`. See [CLI Based
Access](ee/ucp/user-access/cli/#download-client-certificates) for more details.
Access](/ee/ucp/user-access/cli/#download-client-certificates) for more details.
With `kubectl`, you can see that the UCP components running on
Kubernetes are still pending, waiting for a CNI driver before becoming

231
ee/ucp/release-notes.md
View File

@ -276,19 +276,113 @@ In order to optimize user experience and security, support for Internet Explorer
# Version 3.1
## 3.1.7
## 3.1.9
(2019-07-17)
### Bug fixes
* Fixed an issue where sensitive command line arguments provided to the UCP installer command were also printed in the debug logs.
* Added a restrictive `robots.txt` to the root of the UCP API server.
### Known issues
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade).
* To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the **ClusterRole**. Restricted Parameters on Containers include:
* Host Bind Mounts
* Privileged Mode
* Extra Capabilities
* Host Networking
* Host IPC
* Host PID
* If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483)
* Pod Security Policies are not supported in this release. (#15105)
* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
### Components
| Component | Version |
| ----------- | ----------- |
| UCP | 3.1.9 |
| Kubernetes | 1.11.10 |
| Calico | 3.5.3 |
| Interlock (nginx) | 1.14.0 |
## 3.1.8
(2019-06-27)
> Upgrading UCP 3.1.8
>
> UCP 3.1.8 introduces new features such as setting the `kubeletMaxPods` option for all nodes in the cluster, and an updated UCP configuration file that allows admins to set default values for Swarm services. These features not available in UCP 3.2.0. Customers using either of those features in UCP 3.1.8 or future versions of 3.1.x must upgrade to UCP 3.2.1 or later to avoid any upgrade issues. For information, see [Upgrading your UCP environment](/ee/ucp/admin/install/upgrade/).
{: .important}
### Kubernetes
* Kubernetes has been updated to version 1.11.10.
### Enhancements
* A `user_workload_defaults` section has been added to the UCP configuration
file that allows admins to set default field values that will be applied to
Swarm services if those fields are not explicitly set when the service is
created. Only a subset of Swarm service fields may be set; see [UCP
Configuration file](/ee/ucp/admin/configure/ucp-configuration-file/) for more
details. (ENGORC-2437)
* Users can now set the `kubeletMaxPods` option for all nodes in the cluster,
see the [UCP Configuration
file](/ee/ucp/admin/configure/ucp-configuration-file/) for more details.
(ENGORC-2334)
* Users can now adjust the internal Kubernetes Service IP Range from the default
`10.96.0.0/16` at install time. See [Plan
Installation](/ee/ucp/admin/install/plan-installation.md#avoid-ip-range-conflicts)
for more details. (ENGCORE-683)
### Bug fixes
* Added a migration logic to remove all actions on `pods/exec` and `pods/attach` Kubernetes subresource from the migrated UCP View-Only role. (ENGORC-2434)
* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175)
### Deprecated platforms
* Removed support for Windows Server 1709 as it is now [end of
life](https://docs.microsoft.com/en-us/windows-server/get-started/windows-server-release-info).
### Known issues
* Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information.
- Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`.
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade).
* To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the **ClusterRole**. Restricted Parameters on Containers include:
* Host Bind Mounts
* Privileged Mode
* Extra Capabilities
* Host Networking
* Host IPC
* Host PID
* If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483)
* Pod Security Policies are not supported in this release. (#15105)
* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
### Components
| Component | Version |
| ----------- | ----------- |
| UCP | 3.1.8 |
| Kubernetes | 1.11.10 |
| Calico | 3.5.3 |
| Interlock (nginx) | 1.14.0 |
## 3.1.7
(2019-05-06)
### Security
* Refer to [UCP image vulnerabilities](https://success.docker.com/article/ucp-image-vulnerabilities) for details regarding actions to be taken, timeline, and any status updates/issues/recommendations.
### Bug Fixes
### Bug fixes
* Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities.
### Known Issues
### Known issues
* Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information.
- Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`.
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade).
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade).
* To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the **ClusterRole**. Restricted Parameters on Containers include:
* Host Bind Mounts
* Privileged Mode
@ -321,7 +415,7 @@ In order to optimize user experience and security, support for Internet Explorer
### Authentication and Authorization
* Accessing the `ListAccount` API endpoint now requires an admin user. Accessing the `GetAccount` API endpoint now requires an admin user, the actual user, or a member of the organization being inspected. [ENGORC-100](https://docker.atlassian.net/browse/ENGORC-100)
### Known Issues
### Known issues
* Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information.
- Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`.
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade).
@ -360,12 +454,12 @@ In order to optimize user experience and security, support for Internet Explorer
* Hid most of the UCP banners for non-admin users. (docker/orca#14631)
* When LDAP or SAML is enabled, provided admin users an option to disable managed password authentication, which includes login and creation of new users. (ENGORC-1999)
### Bug Fixes
### Bug fixes
* Changed Interlock proxy service default `update-action-failure` to rollback. (ENGCORE-117)
* Added validation for service configuration label values. (ENGCORE-114)
* Fixed an issue with continuous interlock reconciliation if `ucp-interlock` service image does not match expected version. (ENGORC-2081)
### Known Issues
### Known issues
* Upgrading from UCP 3.1.4 to 3.1.5 causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information.
- Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`.
@ -401,10 +495,10 @@ In order to optimize user experience and security, support for Internet Explorer
### Kubernetes
* Kubernetes has been updated to version 1.11.7. (docker/orca#16157)
### Bug Fixes
### Bug fixes
* Bump the Golang version that is used to build UCP to version 1.10.8. (docker/orca#16068)
* Fixed an issue that caused UCP upgrade failure to upgrade with Interlock deployment. (docker/orca#16009)
* Fixed an issue that caused Windows node ucp-agent(s) to constantly reboot when audit logging is enabled. (docker/orca#16122)
* Fixed an issue that caused ucp-agent(s) on worker nodes to constantly reboot when audit logging is enabled. (docker/orca#16122)
* Fixed an issue to ensure that non-admin user actions (with the RestrictedControl role) against RBAC resources are read-only. (docker/orca#16121)
* Fixed an issue to prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855)
* Fixed an issue to validate Calico certs expiration dates and update accordingly. (escalation#981)
@ -413,7 +507,7 @@ In order to optimize user experience and security, support for Internet Explorer
### Enhancements
* Changed packaging and builds for UCP to build bootstrapper last. This avoids the "upgrade available" banner on all UCPs until the entirety of UCP is available.
### Known Issues
### Known issues
* Newly added Windows node reports "Awaiting healthy status in classic node inventory". [Learn more](https://success.docker.com/article/newly-added-windows-node-reports-awaiting-healthy-status-in-classic-node-inventory).
* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade)
@ -450,7 +544,7 @@ In order to optimize user experience and security, support for Internet Explorer
### Networking
* Upgraded Calico to version 3.5. (#15884)
### Bug Fixes
### Bug fixes
* Fixed system hang following UCP backup and docker daemon shutdown. (docker/escalation#841)
* Non-admin users can no longer create `PersistentVolumes` using the `Local`
Storage Class, as this allowed non-admins to by pass security controls and
@ -485,7 +579,7 @@ In order to optimize user experience and security, support for Internet Explorer
* UCP Audit logging is now controlled through the UCP Configuration file; it is also
now configurable within the UCP web interface. (#15466)
### Bug Fixes
### Bug fixes
* Core
* Significantly reduced database load in environments with a lot of concurrent and repeated API requests by the same user. (docker/escalation#911)
* UCP backend will now complain when a service is created/updated if the
@ -496,7 +590,7 @@ now configurable within the UCP web interface. (#15466)
* Now upgrading Interlock will also upgrade interlock proxy and interlock extension as well (escalation/871)
* Added support for 'VIP' backend mode, in which the Interlock proxy connects to the backend service's Virtual IP instead of load-balancing directly to each task IP. (docker/interlock#206) (escalation/920)
### Known Issues
### Known issues
* In the UCP web interface, LDAP settings disappear after submitting them. However, the settings are properly saved. (docker/orca#15503)
* By default, Kubelet begins deleting images, starting with the oldest unused images, after exceeding 85% disk space utilization. This causes an issue in an air-gapped environment. (docker/orca#16082)
@ -528,7 +622,7 @@ now configurable within the UCP web interface. (#15466)
2018-11-08
### Bug Fixes
### Bug fixes
* Swarm placement constraint warning banner no longer shows up for `ucp-auth` services (#14539)
* "update out of sequence" error messages no longer appear when changing admin settings (#7093)
@ -537,7 +631,7 @@ now configurable within the UCP web interface. (#15466)
* `docker network ls --filter id=<id>` now works with a UCP client bundle (#14840)
* Collection deletes are correctly blocked if there is a node in the collection (#13704)
### New Features
### New features
### Kubernetes
@ -622,11 +716,50 @@ The following features are deprecated in UCP 3.1.
# Version 3.0
## 3.0.11
## 3.0.13
2019-07-17
### Bug fixes
* Fixed an issue that caused sensitive command line arguments provided to the UCP installer command to also print in debug logs.
* Added a restrictive robots.txt to the root of the UCP API server.
### Components
| Component | Version |
| ----------- | ----------- |
| UCP | 3.0.13 |
| Kubernetes | 1.8.15 |
| Calico | 3.0.8 |
| Interlock (nginx) | 1.13.12 |
## 3.0.12
2019-06-27
### Bug fixes
* Added migration logic to remove all actions on `pods/exec` and `pods/attach` Kubernetes subresource from the migrated UCP View-Only role. (ENGORC-2434)
* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175)
### Deprecated platforms
* Removed support for Windows Server 1709 as it is now [end of
life](https://docs.microsoft.com/en-us/windows-server/get-started/windows-server-release-info).
### Components
| Component | Version |
| ----------- | ----------- |
| UCP | 3.0.12 |
| Kubernetes | 1.8.15 |
| Calico | 3.0.8 |
| Interlock (nginx) | 1.13.12 |
## 3.0.11
2019-05-06
### Bug Fixes
### Bug fixes
* Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities.
### Components
@ -642,7 +775,7 @@ The following features are deprecated in UCP 3.1.
2019-02-28
### Bug Fixes
### Bug fixes
* Bump the Golang version that is used to build UCP to version 1.10.8.
* Prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855)
* Fixed an issue that causes UCP fail to upgrade with Interlock deployment. (docker/orca/#16009)
@ -822,7 +955,7 @@ The following features are deprecated in UCP 3.1.
* Offline bundles `ucp_images_win_1803_3.0.3.tar.gz` have been added.
* UCP 3.0.3 now supports IBM Z (s390x) as worker nodes on 3.0.x for SLES 12 SP 3. Interlock is currently not supported for 3.0.x on Z.
### Bug Fixes
### Bug fixes
* Core
* Optimize swarm service read api calls through UCP
@ -847,7 +980,7 @@ The following features are deprecated in UCP 3.1.
2018-06-21
### New Features
### New features
* UCP now supports running Windows Server 1709 workers
* Server 1709 provides smaller Windows base image sizes, as detailed [here](https://docs.microsoft.com/en-us/windows-server/get-started/whats-new-in-windows-server-1709)
@ -858,7 +991,7 @@ The following features are deprecated in UCP 3.1.
* Added support for dynamic volume provisioning in Kubernetes for AWS EBS and
Azure Disk when installing UCP with the `--cloud-provider` option.
### Bug Fixes
### Bug fixes
* Core
* Fixed an issue for anonymous volumes in Compose for Kubernetes.
* Fixed an issue where a fresh install would have an initial per-user session
@ -891,7 +1024,7 @@ Azure Disk when installing UCP with the `--cloud-provider` option.
2018-05-17
### Bug Fixes
### Bug fixes
* Core
* Bumped Kubernetes version to 1.8.11.
* Compose for Kubernetes now respects the specified port services are exposed on.
@ -1098,11 +1231,59 @@ deprecated. Deploy your applications as Swarm services or Kubernetes workloads.
# Version 2.2
## Version 2.2.18
## Version 2.2.20
2019-07-17
### Bug fixes
* Fixed an issue that caused sensitive command line arguments provided to the UCP installer command to also print in debug logs.
* Added a restrictive robots.txt to the root of the UCP API server.
### Known issues
* Docker currently has limitations related to overlay networking and services using VIP-based endpoints. These limitations apply to use of the HTTP Routing Mesh (HRM). HRM users should familiarize themselves with these limitations. In particular, HRM may encounter virtual IP exhaustion (as evidenced by `failed to allocate network IP for task` Docker log messages). If this happens, and if the HRM service is restarted or rescheduled for any reason, HRM may fail to resume operation automatically. See the Docker EE 17.06-ee5 release notes for details.
* The Swarm admin web interface for UCP versions 2.2.0 and later contain a bug. If used with Docker Engine version 17.06.2-ee5 or earlier, attempting to update "Task History Limit", "Heartbeat Period" and "Node Certificate Expiry" settings using the UI will cause the cluster to crash on next restart. Using UCP 2.2.X and Docker Engine 17.06-ee6 and later, updating these settings will fail (but not cause the cluster to crash). Users are encouraged to update to Docker Engine version 17.06.2-ee6 and later, and to use the Docker CLI (instead of the UCP UI) to update these settings. Rotating join tokens works with any combination of Docker Engine and UCP versions. Docker Engine versions 17.03 and earlier (which use UCP version 2.1 and earlier) are not affected by this problem.
* Upgrading heterogeneous swarms from CLI may fail because x86 images are used
instead of the correct image for the worker architecture.
* Agent container log is empty even though it's running correctly.
* Rapid UI settings updates may cause unintended settings changes for logging
settings and other admin settings.
* Attempting to load an (unsupported) `tar.gz` image results in a poor error
message.
* Searching for images in the UCP images UI doesn't work.
* Removing a stack may leave orphaned volumes.
* Storage metrics are not available for Windows.
* You can't create a bridge network from the web interface. As a workaround use
`<node-name>/<network-name>`.
## Version 2.2.19
2019-06-27
### Bug fixes
* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175)
### Known issues
* Docker currently has limitations related to overlay networking and services using VIP-based endpoints. These limitations apply to use of the HTTP Routing Mesh (HRM). HRM users should familiarize themselves with these limitations. In particular, HRM may encounter virtual IP exhaustion (as evidenced by `failed to allocate network IP for task` Docker log messages). If this happens, and if the HRM service is restarted or rescheduled for any reason, HRM may fail to resume operation automatically. See the Docker EE 17.06-ee5 release notes for details.
* The Swarm admin web interface for UCP versions 2.2.0 and later contain a bug. If used with Docker Engine version 17.06.2-ee5 or earlier, attempting to update "Task History Limit", "Heartbeat Period" and "Node Certificate Expiry" settings using the UI will cause the cluster to crash on next restart. Using UCP 2.2.X and Docker Engine 17.06-ee6 and later, updating these settings will fail (but not cause the cluster to crash). Users are encouraged to update to Docker Engine version 17.06.2-ee6 and later, and to use the Docker CLI (instead of the UCP UI) to update these settings. Rotating join tokens works with any combination of Docker Engine and UCP versions. Docker Engine versions 17.03 and earlier (which use UCP version 2.1 and earlier) are not affected by this problem.
* Upgrading heterogeneous swarms from CLI may fail because x86 images are used
instead of the correct image for the worker architecture.
* Agent container log is empty even though it's running correctly.
* Rapid UI settings updates may cause unintended settings changes for logging
settings and other admin settings.
* Attempting to load an (unsupported) `tar.gz` image results in a poor error
message.
* Searching for images in the UCP images UI doesn't work.
* Removing a stack may leave orphaned volumes.
* Storage metrics are not available for Windows.
* You can't create a bridge network from the web interface. As a workaround use
`<node-name>/<network-name>`.
## Version 2.2.18
2019-05-06
### Bug Fixes
### Bug fixes
* Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities.
### Known issues
@ -1126,7 +1307,7 @@ instead of the correct image for the worker architecture.
2019-02-28
### Bug Fixes
### Bug fixes
* Bump the Golang version that is used to build UCP to version 1.10.8.
* Prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855)

10
engine/examples/dotnetcore.md
View File

@ -1,7 +1,7 @@
---
description: Create a Docker image by layering your ASP.NET Core app on debian for Linux Containers or with Windows Nano Server containers using a Dockerfile.
keywords: dockerize, dockerizing, dotnet, .NET, Core, article, example, platform, installation, containers, images, image, dockerfile, build, asp.net, asp.net core
title: Dockerize a .NET Core application
title: Dockerize an ASP.NET Core application
---
## Introduction
@ -27,13 +27,13 @@ constructing your solutions
This example assumes you already have an ASP.NET Core app
on your machine. If you are new to ASP.NET you can follow a [simple
tutorial](https://www.asp.net/get-started) to initialize a project or clone our [ASP.NET Docker Sample](https://github.com/dotnet/dotnet-docker-samples/tree/master/aspnetapp).
tutorial](https://www.asp.net/get-started) to initialize a project or clone our [ASP.NET Docker Sample](https://github.com/dotnet/dotnet-docker/tree/master/samples/aspnetapp).
## Create a Dockerfile for an ASP.NET Core application
1. Create a `Dockerfile` in your project folder.
2. Add the text below to your `Dockerfile` for either Linux or [Windows
Containers](https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/).
Containers](https://docs.microsoft.com/virtualization/windowscontainers/about/).
The tags below are multi-arch meaning they pull either Windows or
Linux containers depending on what mode is set in [Docker Desktop for
Windows](/docker-for-windows/). Read more on [switching containers](/docker-for-windows/#switch-between-windows-and-linux-containers).
@ -95,7 +95,7 @@ $ docker run -d -p 8080:80 --name myapp aspnetapp
## Further reading
- [ASP.NET Core](https://docs.microsoft.com/en-us/aspnet/core/)
- [ASP.NET Core](https://docs.microsoft.com/aspnet/core/)
- [Microsoft ASP.NET Core on Docker Hub](https://hub.docker.com/r/microsoft/dotnet/)
- [Building Docker Images for .NET Core Applications](https://docs.microsoft.com/dotnet/core/docker/building-net-docker-images)
- [Building Docker Docker Images for ASP.NET Core](https://docs.microsoft.com/aspnet/core/host-and-deploy/docker/building-net-docker-images)
- [Docker Tools for Visual Studio](https://docs.microsoft.com/dotnet/articles/core/docker/visual-studio-tools-for-docker)

2
engine/examples/index.md
View File

@ -11,5 +11,5 @@ This section contains the following:
* [Dockerizing PostgreSQL](postgresql_service.md)
* [Dockerizing a CouchDB service](couchdb_data_volumes.md)
* [Dockerizing an apt-cacher-ng service](apt-cacher-ng.md)
* [Dockerizing a .NET Core application](dotnetcore.md)
* [Dockerizing an ASP.NET Core application](dotnetcore.md)
* [Get Started](/get-started/)

174
engine/release-notes.md
View File

@ -17,6 +17,19 @@ references. Docker EE includes enterprise features as well as back-ported fixes
and priority defects) from the open source. It also incorporates defect fixes for environments
in which new features cannot be adopted as quickly for consistency and compatibility reasons.
> **Note**:
> New in 18.09 is an aligned release model for Docker Engine - Community and Docker
> Engine - Enterprise. The new versioning scheme is YY.MM.x where x is an incrementing
> patch version. The enterprise engine is a superset of the community engine. They
> will ship concurrently with the same x patch version based on the same code base.
> **Note**:
> The client and container runtime are now in separate packages from the daemon in
> Docker Engine 18.09. Users should install and update all three packages at the same time
> to get the latest patch releases. For example, on Ubuntu:
> `sudo apt install docker-ce docker-ce-cli containerd.io`. See the install instructions
> for the corresponding linux distro for details.
## 19.03.0 (2019-07-10)
### Builder
@ -212,55 +225,56 @@ The missing rules are :
- Import your own RHEL images into Azure and do not rely on the Extended Update Support (EUS) RHEL images.
- Use a RHEL image that does not contain a minor version in the SKU. These are not attached to EUS repositories. Some examples of those are the first three images (SKUs: 7-RAW, 7-LVM, 7-RAW-CI) listed here : https://docs.microsoft.com/en-us/azure/virtual-machines/linux/rhel-images#list-of-rhel-images-available.
## 18.09.7
2019-06-25
### Builder
* Fixed panic when building dockerfiles containing only comments.
[moby/moby#38487](https://github.com/moby/moby/pull/38487)
* Builder: added workaround for gcr auth issue. [moby/moby#38246](https://github.com/moby/moby/pull/38246)
* Builder-next: fixed gcr workaround token cache. [moby/moby#39183](https://github.com/moby/moby/pull/39183)
## 18.09.08
2019-07-17
### Runtime
* Performance optimized in aufs and layer store for massively parallel container creation/removal.
[moby/moby#39107](https://github.com/moby/moby/pull/39107)
* Updated to containerd 1.2.6. [moby/moby#39016](https://github.com/moby/moby/pull/39016)
* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with
directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
* Windows: fixed support for `docker service create --limit-cpu`.
[moby/moby#39190](https://github.com/moby/moby/pull/39190)
* Daemon: fixed mirrors validation. [moby/moby#38991](https://github.com/moby/moby/pull/38991)
* Stopped sorting uid and gid ranges in id maps. [moby/moby#39288](https://github.com/moby/moby/pull/39288)
* Masked the secrets updated to the log files when running Docker Engine in debug mode. [CVE-2019-13509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13509): If a Docker engine is running in debug mode, and `docker stack deploy` is used to redeploy a stack which includes non-external secrets, the logs will contain the secret.
### Client
* Fixed rollback config type interpolation for `parallelism` and `max_failure_ratio` fields.
### Known Issue
* There are [important changes](/ee/upgrade) to the upgrade process that, if not correctly followed, can have an impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before 18.09 to version 18.09 or later.
## 18.09.7
2019-06-27
### Builder
* Fixed a panic error when building dockerfiles that contain only comments. [moby/moby#38487](https://github.com/moby/moby/pull/38487)
* Added a workaround for GCR authentication issue. [moby/moby#38246](https://github.com/moby/moby/pull/38246)
* Builder-next: Fixed a bug in the GCR token cache implementation workaround. [moby/moby#39183](https://github.com/moby/moby/pull/39183)
### Runtime
* Added performance optimizations in aufs and layer store that helps in massively parallel container creation and removal. [moby/moby#39107](https://github.com/moby/moby/pull/39107), [moby/moby#39135](https://github.com/moby/moby/pull/39135)
* Updated containerd to version 1.2.6. [moby/moby#39016](https://github.com/moby/moby/pull/39016)
* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
* Windows: fixed support for `docker service create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190)
* daemon: fixed a mirrors validation issue. [moby/moby#38991](https://github.com/moby/moby/pull/38991)
* Docker no longer supports sorting UID and GID ranges in ID maps. [moby/moby#39288](https://github.com/moby/moby/pull/39288)
### Logging
* Large log lines now allowed for logger plugins. [moby/moby#39038](https://github.com/moby/moby/pull/39038)
* Added a fix that now allows large log lines for logger plugins. [moby/moby#39038](https://github.com/moby/moby/pull/39038)
### Known Issue
* There are [important changes](/ee/upgrade) to the upgrade process that, if not correctly followed, can have an impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before 18.09 to version 18.09 or later.
## 18.09.6
2019-05-06
> **Note**:
> New in 18.09 is an aligned release model for Docker Engine - Community and Docker
> Engine - Enterprise. The new versioning scheme is YY.MM.x where x is an incrementing
> patch version. The enterprise engine is a superset of the community engine. They
> will ship concurrently with the same x patch version based on the same code base.
> **Note**:
> The client and container runtime are now in separate packages from the daemon in
> Docker Engine 18.09. Users should install and update all three packages at the same time
> to get the latest patch releases. For example, on Ubuntu:
> `sudo apt install docker-ce docker-ce-cli containerd.io`. See the install instructions
> for the corresponding linux distro for details.
### Builder
* Fixed `COPY` and `ADD` with multiple `<src>` to not invalidate cache if `DOCKER_BUILDKIT=1`.[moby/moby#38964](https://github.com/moby/moby/issues/38964)
### Networking
* Cleaned up the cluster provider when the agent is closed. [docker/libnetwork#2354](https://github.com/docker/libnetwork/pull/2354)
* Windows: Now selects a random host port if the user does not specify a host port. [docker/libnetwork#2369](https://github.com/docker/libnetwork/pull/2369)
* `--service-cluster-ip-range` is now configurable for UCP install. [docker/orca#10263](https://github.com/docker/orca/issues/10263)
### Known Issues
* There are [important changes](/ee/upgrade) to the upgrade process that, if not correctly followed, can have an impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before 18.09 to version 18.09 or later.
@ -302,7 +316,7 @@ directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
### Builder
* Added validation for `git ref` to avoid misinterpretation as a flag. [moby/moby#38944](https://github.com/moby/moby/pull/38944)
* Fixed [CVE-2019-13139](https://nvd.nist.gov/vuln/detail/CVE-2019-13139) by adding validation for `git ref` to avoid misinterpretation as a flag. [moby/moby#38944](https://github.com/moby/moby/pull/38944)
### Runtime
@ -554,6 +568,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
## Older Docker Engine EE Release notes
<<<<<<< HEAD
## 18.03.1-ee-9
2019-06-25
@ -572,6 +587,30 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
* Now using original process spec for execs. [moby/moby#38871](https://github.com/moby/moby/pull/38871)
* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack
with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
=======
## 18.03.1-ee-10
2019-07-17
### Runtime
* Masked the secrets updated to the log files when running Docker Engine in debug mode. [CVE-2019-13509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13509): If a Docker engine is running in debug mode, and `docker stack deploy` is used to redeploy a stack which includes non-external secrets, the logs will contain the secret.
## 18.03.1-ee-9
2019-06-27
### Client
* Fixed annotation issues in `docker config create` and `docker secret create` commands that displayed the `--template-driver` option when connecting to an older daemon that didn't support the option. [docker/cli#1769](https://github.com/docker/cli/pull/1769) [docker/cli#1785](https://github.com/docker/cli/pull/1785)
### Runtime
* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107)
* Windows: Fixed support for `docker service create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190)
* Fixed a bug where the original process spec was not used for exec processes.[moby/moby#38871](https://github.com/moby/moby/pull/38871)
* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
>>>>>>> master
## 18.03.1-ee-8
@ -709,6 +748,7 @@ with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39
+ Support for `--chown` with `COPY` and `ADD` in `Dockerfile`.
+ Added functionality for the `docker logs` command to include the output of multiple logging drivers.
<<<<<<< HEAD
## 17.06.2-ee-22
2019-06-25
@ -724,6 +764,71 @@ with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39
directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
* Windows: provided support for `docker service create --limit-cpu`.
[moby/moby#39190](https://github.com/moby/moby/pull/39190)
=======
## 17.06.2-ee-23
2019-07-17
### Runtime
* Masked the secrets updated to the log files when running Docker Engine in debug mode. [CVE-2019-13509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13509): If a Docker engine is running in debug mode, and `docker stack deploy` is used to redeploy a stack which includes non-external secrets, the logs will contain the secret.
### Known issues
* When all Swarm managers are stopped at the same time, the swarm might end up in a
split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
* Under certain conditions, swarm leader re-election may timeout
prematurely. During this period, docker commands may fail. Also during
this time, creation of globally-scoped networks may be unstable. As a
workaround, wait for leader election to complete before issuing commands
to the cluster.
* It's recommended that users create overlay networks with `/24` blocks (the default) of 256 IP addresses when networks are used by services created using VIP-based endpoint-mode (the default). This is because of limitations with Docker Swarm [moby/moby#30820](moby/moby/issues/30820). Users should _not_ work around this by increasing the IP block size. To work around this limitation, either use `dnsrr` endpoint-mode or use multiple smaller overlay networks.
* Docker may experience IP exhaustion if many tasks are assigned to a single overlay network, for example if many services are attached to that network or because services on the network are scaled to many replicas. The problem may also manifest when tasks are rescheduled because of node failures. In case of node failure, Docker currently waits 24h to release overlay IP addresses. The problem can be diagnosed by looking for `failed to allocate network IP for task` messages in the Docker logs.
* SELinux enablement is not supported for containers on IBM Z on RHEL because of missing Red Hat package.
* If a container is spawned on node A, using the same IP of a container destroyed
on nodeB within 5 min from the time that it exit, the container on node A is
not reachable until one of these 2 conditions happens:
1. Container on A sends a packet out,
2. The timer that cleans the arp entry in the overlay namespace is triggered (around 5 minutes).
As a workaround, send at least a packet out from each container like
(ping, GARP, etc).
## 17.06.2-ee-22
2019-06-27
### Networking
* Fixed a bug where if a service has the same number of host-mode published ports with PublishedPort 0, changes to the spec is not reflected in the service object. [docker/swarmkit#2376](https://github.com/docker/swarmkit/pull/2376)
### Runtime
* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107)
* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357)
* Windows: fixed support for docker service `create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190)
### Known issues
* When all Swarm managers are stopped at the same time, the swarm might end up in a
split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
* Under certain conditions, swarm leader re-election may timeout
prematurely. During this period, docker commands may fail. Also during
this time, creation of globally-scoped networks may be unstable. As a
workaround, wait for leader election to complete before issuing commands
to the cluster.
* It's recommended that users create overlay networks with `/24` blocks (the default) of 256 IP addresses when networks are used by services created using VIP-based endpoint-mode (the default). This is because of limitations with Docker Swarm [moby/moby#30820](moby/moby/issues/30820). Users should _not_ work around this by increasing the IP block size. To work around this limitation, either use `dnsrr` endpoint-mode or use multiple smaller overlay networks.
* Docker may experience IP exhaustion if many tasks are assigned to a single overlay network, for example if many services are attached to that network or because services on the network are scaled to many replicas. The problem may also manifest when tasks are rescheduled because of node failures. In case of node failure, Docker currently waits 24h to release overlay IP addresses. The problem can be diagnosed by looking for `failed to allocate network IP for task` messages in the Docker logs.
* SELinux enablement is not supported for containers on IBM Z on RHEL because of missing Red Hat package.
* If a container is spawned on node A, using the same IP of a container destroyed
on nodeB within 5 min from the time that it exit, the container on node A is
not reachable until one of these 2 conditions happens:
1. Container on A sends a packet out,
2. The timer that cleans the arp entry in the overlay namespace is triggered (around 5 minutes).
As a workaround, send at least a packet out from each container like
(ping, GARP, etc).
>>>>>>> master
## 17.06.2-ee-21
2019-04-11
@ -3345,4 +3450,3 @@ use `--detach` to keep the old behaviour.
#### Windows
* Block pulling Windows images on non-Windows daemons [#29001](https://github.com/docker/docker/pull/29001)

4
engine/security/trust/trust_delegation.md
View File

@ -92,8 +92,8 @@ and ensure that it is available on your path.
{
"trust_dir" : "~/.docker/trust",
"remote_server": {
"url": "https://dtr.example.com"
"root_ca": "../.docker/ca.pem"
"url": "https://dtr.example.com",
"root_ca": "../.docker/ca.pem"
}
}
```

2
engine/security/userns-remap.md
View File

@ -99,7 +99,7 @@ avoid these situations.
This means that user-namespaced processes started by `testuser` are
owned by host UID `231072` (which looks like UID `0` inside the
namespace) through 296608 (231072 + 65536). These ranges should not overlap,
namespace) through 296607 (231072 + 65536 - 1). These ranges should not overlap,
to ensure that namespaced processes cannot access each other's namespaces.
After adding your user, check `/etc/subuid` and `/etc/subgid` to see if your

2
engine/swarm/stack-deploy.md
View File

@ -136,7 +136,7 @@ counter whenever you visit it.
## Test the app with Compose
1. Start the app with `docker-compose up`. This builds the web app image,
pull the Redis image if you don't already have it, and create two
pulls the Redis image if you don't already have it, and creates two
containers.
You see a warning about the Engine being in swarm mode. This is because

4
get-started/part2.md
View File

@ -321,7 +321,7 @@ The notation for associating a local image with a repository on a registry is
the mechanism that registries use to give Docker images a version. Give the
repository and tag meaningful names for the context, such as
`get-started:part2`. This puts the image in the `get-started` repository and
tag it as `part2`.
tags it as `part2`.
Now, put it all together to tag the image. Run `docker tag image` with your
username, repository, and tag names so that the image uploads to your
@ -402,7 +402,7 @@ application by running this container in a **service**.
[Continue to Part 3 >>](part3.md){: class="button outline-btn"}
Or, learn how to [launch your container on your own machine using Digital Ocean](https://docs.docker.com/machine/examples/ocean/){: target="_blank" class="_" }.
Or, learn how to [launch your container on your own machine using DigitalOcean](https://docs.docker.com/machine/examples/ocean/){: target="_blank" class="_" }.
## Recap and cheat sheet (optional)

6
get-started/part4.md
View File

@ -145,7 +145,7 @@ You now have two VMs created, named `myvm1` and `myvm2`.
Use this command to list the machines and get their IP addresses.
> **Note**: you need to run the following as administrator or else you don't get any resonable output (only "UNKNOWN").
> **Note**: you need to run the following as administrator or else you don't get any reasonable output (only "UNKNOWN").
```shell
docker-machine ls
@ -338,7 +338,7 @@ myvm2 - hyperv Running tcp://192.168.200.181:2376 v17.06.
Now that you have `myvm1`, you can use its powers as a swarm manager to
deploy your app by using the same `docker stack deploy` command you used in part
3 to `myvm1`, and your local copy of `docker-compose.yml.`. This command may take a few seconds
3 to `myvm1`, and your local copy of `docker-compose.yml`. This command may take a few seconds
to complete and the deployment takes some time to be available. Use the
`docker service ps <service_name>` command on a swarm manager to verify that
all services have been redeployed.
@ -415,7 +415,7 @@ You can access your app from the IP address of **either** `myvm1` or `myvm2`.
The network you created is shared between them and load-balancing. Run
`docker-machine ls` to get your VMs' IP addresses and visit either of them on a
browser, hitting refresh (or just `curl` them).
browser on port 4000, hitting refresh (or just `curl` them).
![Hello World in browser](images/app-in-browser-swarm.png)

2
get-started/part5.md
View File

@ -281,7 +281,7 @@ Redis service. Be sure to replace `username/repo:tag` with your image details.
![Hello World in browser with Redis](images/app-in-browser-redis.png)
Also, check the visualizer at port 8080 on either node's IP address, and notice see the `redis` service running along with the `web` and `visualizer` services.
Also, check the visualizer at port 8080 on either node's IP address, and notice the `redis` service running along with the `web` and `visualizer` services.
![Visualizer with redis screenshot](images/visualizer-with-redis.png)

1
install/linux/docker-ee/suse.md
View File

@ -3,6 +3,7 @@ description: Instructions for installing Docker EE on SLES
keywords: requirements, apt, installation, suse, opensuse, sles, rpm, install, uninstall, upgrade, update
redirect_from:
- /engine/installation/SUSE/
- /engine/installation/linux/SUSE/
- /engine/installation/linux/suse/
- /engine/installation/linux/docker-ee/suse/
title: Get Docker EE for SLES

8
install/linux/linux-postinstall.md
View File

@ -44,8 +44,14 @@ To create the `docker` group and add your user:
3. Log out and log back in so that your group membership is re-evaluated.
If testing on a virtual machine, it may be necessary to restart the virtual machine for changes to take effect.
On a desktop Linux environment such as X Windows, log out of your session completely and then log back in.
On Linux, you can also run the following command to activate the changes to groups:
```bash
$ newgrp docker
```
4. Verify that you can run `docker` commands without `sudo`.

2
machine/concepts.md
View File

@ -8,7 +8,7 @@ Docker Machine allows you to provision Docker machines in a variety of environme
## Drivers for creating machines
To create a virtual machine, you supply Docker Machine with the name of the driver you want to use. The driver determines where the virtual machine is created. For example, on a local Mac or Windows system, the driver is typically Oracle VirtualBox. For provisioning physical machines, a generic driver is provided. For cloud providers, Docker Machine supports drivers such as AWS, Microsoft Azure, Digital Ocean, and many more. The Docker Machine reference includes a complete [list of supported drivers](drivers/index.md).
To create a virtual machine, you supply Docker Machine with the name of the driver you want to use. The driver determines where the virtual machine is created. For example, on a local Mac or Windows system, the driver is typically Oracle VirtualBox. For provisioning physical machines, a generic driver is provided. For cloud providers, Docker Machine supports drivers such as AWS, Microsoft Azure, DigitalOcean, and many more. The Docker Machine reference includes a complete [list of supported drivers](drivers/index.md).
## Default base operating systems for local and cloud hosts

18
machine/drivers/digital-ocean.md
View File

@ -1,12 +1,12 @@
---
description: Digital Ocean driver for machine
keywords: machine, Digital Ocean, driver
title: Digital Ocean
description: DigitalOcean driver for machine
keywords: machine, digitalocean, driver
title: DigitalOcean
---
Create Docker machines on [Digital Ocean](https://www.digitalocean.com/).
Create Docker machines on [DigitalOcean](https://www.digitalocean.com/).
You need to create a personal access token under "Apps & API" in the Digital Ocean
You need to create a personal access token under "Apps & API" in the DigitalOcean
Control Panel and pass that to `docker-machine create` with the `--digitalocean-access-token` option.
## Usage
@ -26,14 +26,14 @@ Control Panel and pass that to `docker-machine create` with the `--digitalocean-
## Options
- `--digitalocean-access-token`: **required**. Your personal access token for the Digital Ocean API.
- `--digitalocean-backups`: Enable Digital Ocean backups for the droplet.
- `--digitalocean-image`: The name of the Digital Ocean image to use.
- `--digitalocean-access-token`: **required**. Your personal access token for the DigitalOcean API.
- `--digitalocean-backups`: Enable DigitalOcean backups for the droplet.
- `--digitalocean-image`: The name of the DigitalOcean image to use.
- `--digitalocean-ipv6`: Enable IPv6 support for the droplet.
- `--digitalocean-monitoring`: Enable monitoring for the droplet.
- `--digitalocean-private-networking`: Enable private networking support for the droplet.
- `--digitalocean-region`: The region to create the droplet in, see [Regions API](https://developers.digitalocean.com/documentation/v2/#regions) for how to get a list.
- `--digitalocean-size`: The size of the Digital Ocean droplet (larger than default options are of the form `2gb`).
- `--digitalocean-size`: The size of the DigitalOcean droplet (larger than default options are of the form `2gb`).
- `--digitalocean-ssh-key-fingerprint`: Use an existing SSH key instead of creating a new one, see [SSH keys](https://developers.digitalocean.com/documentation/v2/#ssh-keys).
- `--digitalocean-ssh-key-path`: SSH private key path.
- `--digitalocean-ssh-port`: SSH port.

2
machine/drivers/index.md
View File

@ -6,7 +6,7 @@ title: Machine drivers
- [Amazon Web Services](aws.md)
- [Microsoft Azure](azure.md)
- [Digital Ocean](digital-ocean.md)
- [DigitalOcean](digital-ocean.md)
- [Exoscale](exoscale.md)
- [Google Compute Engine](gce.md)
- [Linode](linode.md) (unofficial plugin, not supported by Docker)

4
machine/drivers/vm-fusion.md
View File

@ -19,7 +19,7 @@ Creates machines locally on [VMware Fusion](http://www.vmware.com/products/fusio
- `--vmwarefusion-no-share`: Disable the mount of your home directory.
The VMware Fusion driver uses the latest boot2docker image.
See [frapposelli/boot2docker](https://github.com/frapposelli/boot2docker/tree/vmware-64bit)
See [frapposelli/boot2docker](https://github.com/boot2docker/boot2docker)
#### Environment variables and default values
@ -29,4 +29,4 @@ See [frapposelli/boot2docker](https://github.com/frapposelli/boot2docker/tree/vm
| `--vmwarefusion-cpu-count` | `FUSION_CPU_COUNT` | `1` |
| `--vmwarefusion-disk-size` | `FUSION_DISK_SIZE` | `20000` |
| `--vmwarefusion-memory-size` | `FUSION_MEMORY_SIZE` | `1024` |
| `--vmwarefusion-no-share` | `FUSION_NO_SHARE` | `false` |
| `--vmwarefusion-no-share` | `FUSION_NO_SHARE` | `false` |

2
machine/examples/index.md
View File

@ -3,5 +3,5 @@ description: Examples of cloud installs
keywords: docker, machine, amazonec2, azure, digitalocean, google, openstack, rackspace, softlayer, virtualbox, vmwarefusion, vmwarevcloudair, vmwarevsphere, exoscale
title: Learn by example
---
- [Digital Ocean Example](ocean.md)
- [DigitalOcean Example](ocean.md)
- [AWS Example](aws.md)

22
machine/examples/ocean.md
View File

@ -1,22 +1,22 @@
---
description: Using Docker Machine to provision hosts on Digital Ocean
keywords: docker, machine, cloud, digital ocean
title: Digital Ocean example
description: Using Docker Machine to provision hosts on DigitalOcean
keywords: docker, machine, cloud, digitalocean
title: DigitalOcean example
---
Follow along with this example to create a Dockerized [Digital Ocean](https://digitalocean.com) Droplet (cloud host).
Follow along with this example to create a Dockerized [DigitalOcean](https://digitalocean.com) Droplet (cloud host).
### Step 1. Create a Digital Ocean account
### Step 1. Create a DigitalOcean account
If you have not done so already, go to [Digital Ocean](https://digitalocean.com), create an account, and log in.
If you have not done so already, go to [DigitalOcean](https://digitalocean.com), create an account, and log in.
### Step 2. Generate a personal access token
To generate your access token:
1. Go to the Digital Ocean administrator console and click **API** in the header.
1. Go to the DigitalOcean administrator console and click **API** in the header.
![Click API in Digital Ocean console](../img/ocean_click_api.png)
![Click API in DigitalOcean console](../img/ocean_click_api.png)
2. Click **Generate new token** to get to the token generator.
@ -59,9 +59,9 @@ To generate your access token:
When the Droplet is created, Docker generates a unique SSH key and stores it on your local system in `~/.docker/machines`. Initially, this is used to provision the host. Later, it's used under the hood to access the Droplet directly with the `docker-machine ssh` command. Docker Engine is installed on the cloud server and the daemon is configured to accept remote connections over TCP using TLS for authentication.
2. Go to the Digital Ocean console to view the new Droplet.
2. Go to the DigitalOcean console to view the new Droplet.
![Droplet in Digital Ocean created with Machine](../img/ocean_droplet.png)
![Droplet in DigitalOcean created with Machine](../img/ocean_droplet.png)
3. At the command terminal, run `docker-machine ls`.
@ -131,7 +131,7 @@ To remove a host and all of its containers and images, first stop the machine, t
NAME ACTIVE DRIVER STATE URL SWARM
default * virtualbox Running tcp:////xxx.xxx.xx.xxx:xxxx
If you monitor the Digital Ocean console while you run these commands, notice
If you monitor the DigitalOcean console while you run these commands, notice
that it updates first to reflect that the Droplet was stopped, and then removed.
If you create a host with Docker Machine, but remove it through the cloud

14
machine/get-started-cloud.md
View File

@ -13,15 +13,15 @@ cloud provider.
Then you provide account verification, security credentials, and configuration
options for the providers as flags to `docker-machine create`. The flags are
unique for each cloud-specific driver. For instance, to pass a Digital Ocean
unique for each cloud-specific driver. For instance, to pass a DigitalOcean
access token you use the `--digitalocean-access-token` flag. Take a look at the
examples below for Digital Ocean and AWS.
examples below for DigitalOcean and AWS.
## Examples
### Digital Ocean
### DigitalOcean
For Digital Ocean, this command creates a Droplet (cloud host) called
For DigitalOcean, this command creates a Droplet (cloud host) called
"docker-sandbox".
```shell
@ -29,7 +29,7 @@ $ docker-machine create --driver digitalocean --digitalocean-access-token xxxxx
```
For a step-by-step guide on using Machine to create Docker hosts on Digital
Ocean, see the [Digital Ocean Example](examples/ocean.md).
Ocean, see the [DigitalOcean Example](examples/ocean.md).
### Amazon Web Services (AWS)
@ -72,7 +72,7 @@ Machine driver reference.
## Drivers for cloud providers
When you install Docker Machine, you get a set of drivers for various cloud
providers (like Amazon Web Services, Digital Ocean, or Microsoft Azure) and
providers (like Amazon Web Services, DigitalOcean, or Microsoft Azure) and
local providers (like Oracle VirtualBox, VMWare Fusion, or Microsoft Hyper-V).
See [Docker Machine driver reference](/machine/drivers/index.md){:
@ -120,7 +120,7 @@ tutorials:
## Where to go next
- Example: Provision Dockerized [Digital Ocean Droplets](examples/ocean.md)
- Example: Provision Dockerized [DigitalOcean Droplets](examples/ocean.md)
- Example: Provision Dockerized [AWS EC2 Instances](examples/aws.md)
- [Understand Machine concepts](concepts.md)
- [Docker Machine driver reference](drivers/index.md)

2
machine/index.md
View File

@ -8,7 +8,7 @@ title: Docker Machine
- [Install Docker Machine](install-machine.md)
- [Install a machine on your local system using VirtualBox](get-started.md)
- [Install multiple machines on your cloud provider](get-started-cloud.md)
- [Digital Ocean Example](examples/ocean.md)
- [DigitalOcean Example](examples/ocean.md)
- [AWS Example](examples/aws.md)
- [Machine concepts and help](concepts.md)
- [Migrate from Boot2Docker to Docker Machine](migrate-to-machine.md)

2
machine/overview.md
View File

@ -15,7 +15,7 @@ You can use Docker Machine to:
Docker Machine is a tool that lets you install Docker Engine on virtual hosts,
and manage the hosts with `docker-machine` commands. You can use Machine to
create Docker hosts on your local Mac or Windows box, on your company network,
in your data center, or on cloud providers like Azure, AWS, or Digital Ocean.
in your data center, or on cloud providers like Azure, AWS, or DigitalOcean.
Using `docker-machine` commands, you can start, inspect, stop, and restart a
managed host, upgrade the Docker client and daemon, and configure a Docker

41
network/host.md
View File

@ -4,27 +4,40 @@ description: All about exposing containers on the Docker host's network
keywords: network, host, standalone
---
If you use the `host` network driver for a container, that container's network
stack is not isolated from the Docker host. For instance, if you run a container
which binds to port 80 and you use `host` networking, the container's
application will be available on port 80 on the host's IP address.
If you use the `host` network mode for a container, that container's network
stack is not isolated from the Docker host (the container shares the host's
networking namespace), and the container does not get its own IP-address allocated.
For instance, if you run a container which binds to port 80 and you use `host`
networking, the container's application is available on port 80 on the host's IP
address.
> **Note**: Given that the container does not have its own IP-address when using
> `host` mode networking, [port-mapping](/network/overlay/#publish-ports) does not
> take effect, and the `-p`, `--publish`, `-P`, and `--publish-all` option are
> ignored, producing a warning instead:
>
> ```
> WARNING: Published ports are discarded when using host network mode
> ```
Host mode networking can be useful to optimize performance, and in situations where
a container needs to handle a large range of ports, as it does not require network
address translation (NAT), and no "userland-proxy" is created for each port.
The host networking driver only works on Linux hosts, and is not supported on
Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
In Docker 17.06 and higher, you can also use a `host` network for a swarm
service, by passing `--network host` to the `docker container create` command.
In this case, control traffic (traffic related to managing the swarm and the
service) is still sent across an overlay network, but the individual swarm
service containers send data using the Docker daemon's host network and ports.
This creates some extra limitations. For instance, if a service container binds
to port 80, only one service container can run on a given swarm node.
If your container or service publishes no ports, host networking has no effect.
You can also use a `host` network for a swarm service, by passing `--network host`
to the `docker service create` command. In this case, control traffic (traffic
related to managing the swarm and the service) is still sent across an overlay
network, but the individual swarm service containers send data using the Docker
daemon's host network and ports. This creates some extra limitations. For instance,
if a service container binds to port 80, only one service container can run on a
given swarm node.
## Next steps
- Go through the [host networking tutorial](/network/network-tutorial-host.md)
- Go through the [host networking tutorial](/network/network-tutorial-host.md)
- Learn about [networking from the container's point of view](/config/containers/container-networking.md)
- Learn about [bridge networks](/network/bridge.md)
- Learn about [overlay networks](/network/overlay.md)

4
notary/running_a_service.md
View File

@ -8,7 +8,7 @@ This document is for anyone who wants to run their own Notary
service (such as those who want to use Notary with a
private Docker registry). Running a Notary service requires that you are already
familiar with using [Docker Engine](/engine/userguide/)
and [Docker Compose](/compose/overview/).
and [Docker Compose](/compose/).
## Run a service for testing or development
@ -178,7 +178,7 @@ One way to do this would be:
{"level":"info","msg":"Starting on :4443","time":"2016-02-25T00:53:59Z"}
You can do the same using
[Docker Compose](/compose/overview/) by setting volumes,
[Docker Compose](/compose/) by setting volumes,
environment variables, and overriding the default command for the Notary server
containers in the Compose file.

85
reference/ucp/3.1/cli/install.md
View File

@ -42,46 +42,47 @@ If you are installing on Azure, see [Install UCP on Azure](/ee/ucp/admin/install
## Options
| Option | Description |
|:--------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] |
| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` *value* | The cloud provider for the cluster |
| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed |
| `--controller-port` *value* | Port for the web UI and API (default: 443) |
| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] |
| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] |
| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found |
| `--external-server-cert` | Customize the certificates used by the UCP web server |
| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] |
| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] |
| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] |
| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] |
| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") |
| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] |
| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] |
| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) |
| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] |
| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) | |
| Option | Description |
|:-------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] |
| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` *value* | The cloud provider for the cluster |
| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed |
| `--controller-port` *value* | Port for the web UI and API (default: 443) |
| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] |
| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] |
| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found |
| `--external-server-cert` | Customize the certificates used by the UCP web server |
| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] |
| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] |
| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] |
| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] |
| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") |
| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] |
| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] |
| `--service-cluster-ip-range` *value* | Kubernetes Cluster IP Range for Services (default: "10.96.0.0/16") |
| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) |
| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] |
| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) |

3
reference/ucp/3.1/cli/support.md
View File

@ -11,7 +11,8 @@ Create a support dump for specified UCP nodes
```
docker container run --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
--log-driver none \
--volume /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
support [command options] > docker-support.tgz
```

135
release-notes/docker-compose.md
View File

@ -5,7 +5,12 @@ keywords: release notes, compose
toc_max: 2
---
## 1.24.0
## 1.24.1
(2019-06-24)
This release contains minor improvements and bug fixes.
## 1.24.0
(2019-03-28)
### Features
@ -29,7 +34,7 @@ toc_max: 2
- Fixed an issue where the output of `docker-compose start` before containers were created
was misleading.
- Compose will no longer accept whitespace in variable names sourced from environment files.
- Compose will no longer accept whitespace in variable names sourced from environment files.
This matches the Docker CLI behavior.
- Compose will now report a configuration error if a service attempts to declare
@ -44,7 +49,7 @@ toc_max: 2
- Fixed an issue that caused some container events to not appear in the output of
the `docker-compose events` command.
- Missing images will no longer stop the execution of `docker-compose down` commands. A warning is
- Missing images will no longer stop the execution of `docker-compose down` commands. A warning is
now displayed instead.
- Force `virtualenv` version for macOS CI.
@ -57,7 +62,7 @@ toc_max: 2
- Fixed release script and some typos on release documentation.
## 1.23.2
## 1.23.2
(2018-11-28)
### Bug Fixes
@ -81,7 +86,7 @@ toc_max: 2
- Fixed a bug where some invalid Compose files would raise an uncaught
exception during validation.
## 1.23.1
## 1.23.1
(2018-11-01)
### Bug Fixes
@ -92,7 +97,7 @@ toc_max: 2
- Fixed an issue where the behavior of the `--project-directory` flag would
vary depending on which subcommand was used.
## 1.23.0
## 1.23.0
(2018-10-30)
### Important note
@ -167,7 +172,7 @@ naming scheme accordingly before upgrading.
- The `zsh` completion script has been updated with new options, and no
longer suggests container names where service names are expected.
## 1.22.0
## 1.22.0
(2018-07-17)
### New features
@ -221,7 +226,7 @@ naming scheme accordingly before upgrading.
- Fixed a bug that caused auth values in legacy `.dockercfg` files to be ignored
- `docker-compose build` will no longer attempt to create image names starting with an invalid character
## 1.21.2
## 1.21.2
(2018-05-03)
### Bug Fixes
@ -229,7 +234,7 @@ naming scheme accordingly before upgrading.
- Fixed a bug where the ip_range attribute in IPAM configs was prevented
from passing validation
## 1.21.1
## 1.21.1
(2018-04-27)
### Bug Fixes
@ -255,7 +260,7 @@ naming scheme accordingly before upgrading.
elements with some v3.2 files, triggering errors at the Engine level during
deployment.
## 1.21.0
## 1.21.0
(2018-04-11)
### New features
@ -319,7 +324,7 @@ naming scheme accordingly before upgrading.
recognized as inexistent by Compose, interrupting otherwise valid
operations.
## 1.20.0
## 1.20.0
(2018-03-20)
### New features
@ -406,7 +411,7 @@ naming scheme accordingly before upgrading.
- Fixed an encoding bug when streaming build progress
## 1.19.0
## 1.19.0
(2018-02-07)
### Breaking changes
@ -499,7 +504,7 @@ naming scheme accordingly before upgrading.
containing scalar types (number, boolean) now get automatically converted
to strings
## 1.18.0
## 1.18.0
(2017-12-18)
### New features
@ -582,7 +587,7 @@ naming scheme accordingly before upgrading.
- The CLI now explicit prevents using `-d` and `--timeout` together
in `docker-compose up`
## 1.17.0
## 1.17.0
(2017-11-01)
### New features
@ -640,7 +645,7 @@ naming scheme accordingly before upgrading.
- Fixed an issue where networks with identical names would sometimes be
created when running `up` commands concurrently.
## 1.16.0
## 1.16.0
(2017-08-31)
### New features
@ -700,7 +705,7 @@ naming scheme accordingly before upgrading.
- Fixed the output of `docker-compose config` when a port definition used
`0` as the value for the published port
## 1.15.0
## 1.15.0
(2017-07-26)
### New features
@ -747,7 +752,7 @@ naming scheme accordingly before upgrading.
- Fixed an issue preventing `up` operations on a previously created stack on
Windows Engine.
## 1.14.0
## 1.14.0
(2017-06-19)
### New features
@ -802,7 +807,7 @@ naming scheme accordingly before upgrading.
- Fixed a bug where the output of `docker-compose config` would sometimes
contain invalid port definitions
## 1.13.0
## 1.13.0
(2017-05-02)
### Breaking changes
@ -858,7 +863,7 @@ naming scheme accordingly before upgrading.
`volumes` would result in an invalid config state
## 1.12.0
## 1.12.0
(2017-04-04)
### New features
@ -955,7 +960,7 @@ naming scheme accordingly before upgrading.
- Fixed an issue where Compose would not pick up on the value of
COMPOSE_TLS_VERSION when used in combination with command-line TLS flags
## 1.11.2
## 1.11.2
(2017-02-17)
### Bug Fixes
@ -976,7 +981,7 @@ naming scheme accordingly before upgrading.
- Fixed an issue where recursive wildcard patterns `**` were not being
recognized in `.dockerignore` files.
## 1.11.1
## 1.11.1
(2017-02-09)
### Bug Fixes
@ -984,7 +989,7 @@ naming scheme accordingly before upgrading.
- Fixed a bug where the 3.1 file format was not being recognized as valid
by the Compose parser
## 1.11.0
## 1.11.0
(2017-02-08)
### New Features
@ -1008,7 +1013,7 @@ naming scheme accordingly before upgrading.
- Fixed an issue where the `pid` entry in a service definition was being
ignored when using multiple Compose files.
## 1.10.1
## 1.10.1
(2017-02-01)
### Bug Fixes
@ -1031,7 +1036,7 @@ naming scheme accordingly before upgrading.
- Fixed a bug where Compose would occasionally crash while streaming logs
when containers would stop or restart
## 1.10.0
## 1.10.0
(2017-01-18)
### New Features
@ -1079,7 +1084,7 @@ naming scheme accordingly before upgrading.
being parsed correctly on Windows
## 1.9.0
## 1.9.0
(2016-11-16)
**Breaking changes**
@ -1137,7 +1142,7 @@ naming scheme accordingly before upgrading.
mismatch for overlay networks.
## 1.8.1
## 1.8.1
(2016-09-22)
### Bug Fixes
@ -1179,7 +1184,7 @@ naming scheme accordingly before upgrading.
a connection timeout.
## 1.8.0
## 1.8.0
(2016-06-14)
### Breaking Changes
@ -1241,7 +1246,7 @@ naming scheme accordingly before upgrading.
descriptive error messages when something goes wrong.
## 1.7.1
## 1.7.1
(2016-05-04)
### Bug Fixes
@ -1282,7 +1287,7 @@ naming scheme accordingly before upgrading.
location as the Compose file.
## 1.7.0
## 1.7.0
(2016-04-13)
### Breaking Changes
@ -1370,13 +1375,13 @@ naming scheme accordingly before upgrading.
- Fixed a bug where empty values for build args would cause file validation
to fail.
## 1.6.2
## 1.6.2
(2016-02-23)
- Fixed a bug where connecting to a TLS-enabled Docker Engine would fail with
a certificate verification error.
## 1.6.1
## 1.6.1
(2016-02-23)
### Bug Fixes
@ -1431,7 +1436,7 @@ naming scheme accordingly before upgrading.
as a value in a mapping.
## 1.6.0
## 1.6.0
(2016-01-15)
### Major Features:
@ -1548,7 +1553,7 @@ naming scheme accordingly before upgrading.
non-standard logging driver (or none at all).
## 1.5.2
## 1.5.2
(2015-12-03)
- Fixed a bug which broke the use of `environment` and `env_file` with
@ -1570,7 +1575,7 @@ naming scheme accordingly before upgrading.
- Improved the validation of the `expose` option
## 1.5.1
## 1.5.1
(2015-11-12)
- Add the `--force-rm` option to `build`.
@ -1623,7 +1628,7 @@ naming scheme accordingly before upgrading.
error message.
## 1.5.0
## 1.5.0
(2015-11-03)
### Breaking changes
@ -1724,13 +1729,13 @@ https://github.com/docker/compose/blob/8cc8e61/docs/compose-file.md#variable-sub
- `docker-compose build` can now be run successfully against a Swarm cluster.
## 1.4.2
## 1.4.2
(2015-09-22)
- Fixed a regression in the 1.4.1 release that would cause `docker-compose up`
without the `-d` option to exit immediately.
## 1.4.1
## 1.4.1
(2015-09-10)
### Bug fixes
@ -1746,7 +1751,7 @@ https://github.com/docker/compose/blob/8cc8e61/docs/compose-file.md#variable-sub
the configuration had not changed.
## 1.4.0
## 1.4.0
(2015-08-04)
- By default, `docker-compose up` now only recreates containers for services whose configuration has changed since they were created. This should result in a dramatic speed-up for many applications.
@ -1785,7 +1790,7 @@ https://github.com/docker/compose/blob/8cc8e61/docs/compose-file.md#variable-sub
Thanks @mnowster, @dnephin, @ekristen, @funkyfuture, @jeffk and @lukemarsden!
## 1.3.3
## 1.3.3
(2015-07-15)
### Regression fixes
@ -1793,7 +1798,7 @@ Thanks @mnowster, @dnephin, @ekristen, @funkyfuture, @jeffk and @lukemarsden!
- When stopping containers gracefully, Compose was setting the timeout to 0, effectively forcing a SIGKILL every time.
- Compose would sometimes crash depending on the formatting of container data returned from the Docker API.
## 1.3.2
## 1.3.2
(2015-07-14)
### Bug fixes
@ -1808,7 +1813,7 @@ Thanks @mnowster, @dnephin, @ekristen, @funkyfuture, @jeffk and @lukemarsden!
Thanks @dano, @josephpage, @kevinsimper, @lieryan, @phemmer, @soulrebel and @sschepens!
## 1.3.1
## 1.3.1
(2015-06-21)
### Bug fixes
@ -1817,7 +1822,7 @@ Thanks @dano, @josephpage, @kevinsimper, @lieryan, @phemmer, @soulrebel and @ssc
- `docker-compose help migrate-to-labels` failed with an error.
- If no network mode was specified, Compose would set it to "bridge", rather than allowing the Docker daemon to use its configured default network mode.
## 1.3.0
## 1.3.0
(2015-06-18)
### Important notes
@ -1862,7 +1867,7 @@ Several new configuration keys have been added to `docker-compose.yml`:
Thanks @ahromis, @albers, @aleksandr-vin, @antoineco, @ccverak, @chernjie, @dnephin, @edmorley, @fordhurley, @josephpage, @KyleJamesWalker, @lsowen, @mchasal, @noironetworks, @sdake, @sdurrheimer, @sherter, @stephenlawrence, @thaJeztah, @thieman, @turtlemonvh, @twhiteman, @vdemeester, @xuxinkun and @zwily!
## 1.2.0
## 1.2.0
(2015-04-16)
- `docker-compose.yml` now supports an `extends` option, which enables a service to inherit configuration from another service in another configuration file. This is really good for sharing common configuration between apps, or for configuring the same app for different environments. Here's the [documentation](https://github.com/docker/compose/blob/master/docs/yml.md#extends).
@ -1885,7 +1890,7 @@ Thanks @ahromis, @albers, @aleksandr-vin, @antoineco, @ccverak, @chernjie, @dnep
Thanks, @abesto, @albers, @alunduil, @dnephin, @funkyfuture, @gilclark, @IanVS, @KingsleyKelly, @knutwalker, @thaJeztah and @vmalloc!
## 1.1.0
## 1.1.0
(2015-02-25)
Fig has been renamed to Docker Compose, or just Compose for short. This has several implications for you:
@ -1918,14 +1923,14 @@ Besides that, theres a lot of new stuff in this release:
Thanks @dnephin, @squebe, @jbalonso, @raulcd, @benlangfield, @albers, @ggtools, @bersace, @dtenenba, @petercv, @drewkett, @TFenby, @paulRbr, @Aigeruth and @salehe!
## 1.0.1
## 1.0.1
(2014-11-04)
- Added an `--allow-insecure-ssl` option to allow `fig up`, `fig run` and `fig pull` to pull from insecure registries.
- Fixed `fig run` not showing output in Jenkins.
- Fixed a bug where Fig couldn't build Dockerfiles with ADD statements pointing at URLs.
## 1.0.0
## 1.0.0
(2014-10-16)
The highlights:
@ -1969,7 +1974,7 @@ Other things:
Thanks @dnephin, @d11wtq, @marksteve, @rubbish, @jbalonso, @timfreund, @alunduil, @mieciu, @shuron, @moss, @suzaku and @chmouel! Whew.
## 0.5.2
## 0.5.2
(2014-07-28)
- Added a `--no-cache` option to `fig build`, which bypasses the cache just like `docker build --no-cache`.
@ -1980,7 +1985,7 @@ Thanks @dnephin, @d11wtq, @marksteve, @rubbish, @jbalonso, @timfreund, @alunduil
Thanks @dnephin and @marksteve!
## 0.5.1
## 0.5.1
(2014-07-11)
- If a service has a command defined, `fig run [service]` with no further arguments will run it.
@ -1991,7 +1996,7 @@ Thanks @dnephin and @marksteve!
Thanks @ryanbrainard and @d11wtq!
## 0.5.0
## 0.5.0
(2014-07-11)
- Fig now starts links when you run `fig run` or `fig up`.
@ -2029,19 +2034,19 @@ Thanks @ryanbrainard and @d11wtq!
Thanks to @d11wtq, @ryanbrainard, @rail44, @j0hnsmith, @binarin, @Elemecca, @mozz100 and @marksteve for their help with this release!
## 0.4.2
## 0.4.2
(2014-06-18)
- Fix various encoding errors when using `fig run`, `fig up` and `fig build`.
## 0.4.1
## 0.4.1
(2014-05-08)
- Add support for Docker 0.11.0. (Thanks @marksteve!)
- Make project name configurable. (Thanks @jefmathiot!)
- Return correct exit code from `fig run`.
## 0.4.0
## 0.4.0
(2014-04-29)
- Support Docker 0.9 and 0.10
@ -2053,20 +2058,20 @@ Thanks to @d11wtq, @ryanbrainard, @rail44, @j0hnsmith, @binarin, @Elemecca, @moz
- Handle UTF-8 correctly when streaming `fig build/run/up` output (thanks @mauvm and @shanejonas!)
- Error message improvements
## 0.3.2
## 0.3.2
(2014-03-05)
- Added an `--rm` option to `fig run`. (Thanks @marksteve!)
- Added an `expose` option to `fig.yml`.
## 0.3.1
## 0.3.1
(2014-03-04)
- Added contribution instructions. (Thanks @kvz!)
- Fixed `fig rm` throwing an error.
- Fixed a bug in `fig ps` on Docker 0.8.1 when there is a container with no command.
## 0.3.0
## 0.3.0
(2014-03-03)
- We now ship binaries for OS X and Linux. No more having to install with Pip!
@ -2079,7 +2084,7 @@ Thanks to @d11wtq, @ryanbrainard, @rail44, @j0hnsmith, @binarin, @Elemecca, @moz
Thanks @marksteve, @Gazler and @teozkr!
## 0.2.2
## 0.2.2
(2014-02-17)
- Resolve dependencies using Cormen/Tarjan topological sort
@ -2089,12 +2094,12 @@ Thanks @marksteve, @Gazler and @teozkr!
Thanks to @barnybug and @dustinlacewell for their work on this release.
## 0.2.1
## 0.2.1
(2014-02-04)
- General improvements to error reporting (#77, #79)
## 0.2.0
## 0.2.0
(2014-01-31)
- Link services to themselves so run commands can access the running service. (#67)
@ -2104,30 +2109,30 @@ Thanks to @barnybug and @dustinlacewell for their work on this release.
Big thanks to @cameronmaske, @mrchrisadams and @damianmoore for their help with this release.
## 0.1.4
## 0.1.4
(2014-01-27)
- Add a link alias without the project name. This makes the environment variables a little shorter: `REDIS_1_PORT_6379_TCP_ADDR`. (#54)
## 0.1.3
## 0.1.3
(2014-01-23)
- Fix ports sometimes being configured incorrectly. (#46)
- Fix log output sometimes not displaying. (#47)
## 0.1.2
## 0.1.2
(2014-01-22)
- Add `-T` option to `fig run` to disable pseudo-TTY. (#34)
- Fix `fig up` requiring the ubuntu image to be pulled to recreate containers. (#33) Thanks @cameronmaske!
- Improve reliability, fix arrow keys and fix a race condition in `fig run`. (#34, #39, #40)
## 0.1.1
## 0.1.1
(2014-01-17)
- Fix bug where ports were not exposed correctly (#29). Thanks @dustinlacewell!
## 0.1.0
## 0.1.0
(2014-01-16)
- Containers are recreated on each `fig up`, ensuring config is up-to-date with `fig.yml` (#2)
@ -2142,7 +2147,7 @@ Big thanks to @cameronmaske, @mrchrisadams and @damianmoore for their help with
Big thanks to @tomstuart, @EnTeQuAk, @schickling, @aronasorman and @GeoffreyPlitt.
## 0.0.2
## 0.0.2
(2014-01-02)
- Improve documentation
@ -2151,7 +2156,7 @@ Big thanks to @tomstuart, @EnTeQuAk, @schickling, @aronasorman and @GeoffreyPlit
- Add confirmation prompt to `fig rm`
- Add `fig build` command
## 0.0.1
## 0.0.1
(2013-12-20)
Initial release.

6
release-notes/docker-machine.md
View File

@ -505,7 +505,7 @@ toc_max: 2
- Amazon EC2
- Convert API calls to official SDK
- Make DeviceName configurable
- Digital Ocean
- DigitalOcean
- Custom SSH port support
- Generic
- Don't support `kill` since `stop` is not supported
@ -594,7 +594,7 @@ Non-core driver plugins should still work as intended (in externally distributed
- Activate the plugin only on OSX
- Add id/gid option to mount when using vmhgfs
- Fix for vSphere driver boot2docker ISO issues
- Digital Ocean
- DigitalOcean
- Support for creating Droplets with Cloud-init User Data
- Openstack
- Sanitize keynames by replacing dots with underscores
@ -877,7 +877,7 @@ Initial beta release.
### Included drivers
- Amazon EC2
- Digital Ocean
- DigitalOcean
- Google
- Microsoft Azure
- Microsoft Hyper-V

2
swarm/provision-with-machine.md
View File

@ -32,7 +32,7 @@ should already have Machine installed. If you need to install, see the
instructions for [macOS](/docker-for-mac/) or
[Windows](/docker-for-windows/).
Machine supports installing on AWS, Digital Ocean, Google Cloud Platform, IBM
Machine supports installing on AWS, DigitalOcean, Google Cloud Platform, IBM
Softlayer, Microsoft Azure and Hyper-V, OpenStack, Rackspace, VirtualBox, VMware
Fusion&reg;, vCloud&reg; Air<sup>TM</sup> and vSphere&reg;. This example uses
VirtualBox to run several VMs based on the `boot2docker.iso` image.

25
toolbox/overview.md
View File

@ -30,30 +30,11 @@ You can find various versions of the tools on [Toolbox Releases](https://github.
## Ready to get started?
1. Get the latest Toolbox installer for your platform:
Choose the install instructions for your platform, and follow the steps:
<table style="width:100%">
<tr>
<th style="font-size: medium; font-family: arial; text-align: center">
Toolbox for Mac</th>
<th style="font-size: medium; font-family: arial; text-align: center">
Toolbox for Windows</th>
</tr>
<tr valign="top">
<td width="50%" style="font-size: medium; font-family: arial; text-align: center">
<a class="button outline-btn" href="https://download.docker.com/mac/stable/DockerToolbox.pkg">Get Docker Toolbox for Mac</a>
</td>
<td width="50%" style="font-size: medium; font-family: arial; text-align: center">
<a class="button outline-btn" href="https://download.docker.com/win/stable/DockerToolbox.exe">Get Docker Toolbox for Windows</a>
</td>
</tr>
</table>
- [Install Docker Toolbox for macOS](toolbox_install_mac.md)
2. Choose the install instructions for your platform, and follow the steps:
* [Install Docker Toolbox on macOS](toolbox_install_mac.md)
* [Install Docker Toolbox for Windows](toolbox_install_windows.md)
- [Install Docker Toolbox for Windows](toolbox_install_windows.md)
## Next steps

20
toolbox/toolbox_install_mac.md
View File

@ -9,10 +9,6 @@ Docker Toolbox provides a way to use Docker on older Macs
that do not meet
minimal system requirements for [Docker Desktop for Mac](/docker-for-mac/index.md).
If you have not done so already, download the installer here:
[Get Docker Toolbox for Mac](https://download.docker.com/mac/stable/DockerToolbox.pkg){: class="button outline-btn" }
## What you get and how it works
Docker Toolbox includes the following Docker tools:
@ -60,14 +56,22 @@ software. To find out what version of the OS you have:
## Step 2: Install Docker Toolbox
1. Install Docker Toolbox by double-clicking the package or by right-clicking
> **Note**: Docker are no longer maintaining the download.docker.com url for
> Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is
> displayed during the installation process.
1. To download the latest version of Docker Toolbox, go to [Toolbox
Releases](https://github.com/docker/toolbox/releases) and download the
latest `.pkg` file.
2. Install Docker Toolbox by double-clicking the package or by right-clicking
and choosing "Open" from the pop-up menu.
The installer launches an introductory dialog, followed by an overview of what's installed.
![Install Docker Toolbox](images/mac-welcome-page.png)
2. Press **Continue** to install the toolbox.
3. Press **Continue** to install the toolbox.
The installer presents you with options to customize the standard
installation.
@ -82,13 +86,13 @@ and choosing "Open" from the pop-up menu.
For now, don't change any of the defaults.
3. Press **Install** to perform the standard installation.
4. Press **Install** to perform the standard installation.
The system prompts you for your password.
![Password prompt](images/mac-password-prompt.png)
4. Provide your password to continue with the installation.
5. Provide your password to continue with the installation.
When it completes, the installer provides you with some
shortcuts. You can ignore this for now and click **Continue**.

18
toolbox/toolbox_install_windows.md
View File

@ -97,13 +97,15 @@ If you have a previous version of VirtualBox installed, do not reinstall it with
If you have Virtual Box running, you must shut it down before running the
installer.
1. Go to the [Docker Toolbox](https://www.docker.com/toolbox){: target="_blank" class="_" } page.
> **Note**: Docker no longer maintains the download.docker.com url for
> Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is
> displayed during the installation process.
> **Note**: To continue with the latest version of Docker Toolbox, see https://github.com/docker/toolbox/releases for information about downloading the latest version and related components. If you choose to download from this location, an unsigned warning (verified publisher dialog) is displayed.
1. To download the latest version of Docker Toolbox, go to [Toolbox
Releases](https://github.com/docker/toolbox/releases) and download the
latest `.exe` file.
2. Click the installer link to download.
3. Install Docker Toolbox by double-clicking the installer.
2. Install Docker Toolbox by double-clicking the installer.
The installer launches the "Setup - Docker Toolbox" dialog.
@ -113,17 +115,17 @@ installer.
![Release page](images/installer_open.png)
4. Press **Next** to accept all the defaults and then **Install**.
3. Press **Next** to accept all the defaults and then **Install**.
Accept all the installer defaults. The installer takes a few minutes to install all the components:
5. When notified by Windows Security the installer will make changes, make sure you allow the installer to make the necessary changes.
4. When notified by Windows Security the installer will make changes, make sure you allow the installer to make the necessary changes.
When it completes, the installer reports it was successful:
![Success](images/finish.png)
6. Uncheck "View Shortcuts in File Explorer" and press **Finish**.
5. Uncheck "View Shortcuts in File Explorer" and press **Finish**.
## Step 3: Verify your installation