docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated CLI reference for UCP 3.2 (#9122)

This commit is contained in:
Olly P 2019-07-25 17:35:19 +01:00 committed by GitHub
parent 0c1974b06a
commit 6a43ef1dfa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 177 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
_data/toc.yaml
View File

@ -1116,12 +1116,10 @@ reference:
title: images
- path: /reference/ucp/3.2/cli/install/
title: install
- path: /reference/ucp/3.2/cli/restart/
title: restart
- path: /reference/ucp/3.2/cli/port-check-server/
title: port-check-server
- path: /reference/ucp/3.2/cli/restore/
title: restore
- path: /reference/ucp/3.2/cli/stop/
title: stop
- path: /reference/ucp/3.2/cli/support/
title: support
- path: /reference/ucp/3.2/cli/uninstall-ucp/

26
reference/ucp/3.2/cli/backup.md
View File

@ -31,24 +31,22 @@ Note:
* The backup contains private keys and other sensitive information. Use the
`--passphrase` flag to encrypt the backup with PGP-compatible encryption
or `--no-passphrase` to opt out (not recommended).
* If using the `--file` option, the path to the file must be bind mounted onto the container that is performing the backup, and the filepath must be relative to the container's file tree. For example:
* If using the `--file` option, the path to the file must be bind mounted
onto the container that is performing the backup, and the filepath must be
relative to the container's file tree. For example:
```
docker run <other options> --mount type=bind,src=/home/user/backup:/backup docker/ucp --file /backup/backup.tar
```
> **Note**: A bind mount with a `/backup/` target path must be added to the container performing the backup. In this case, the backup file is placed in the source directory of the bind mount. For example:
> ```
> docker run -v /nfs/ucp-backups:/backup docker/ucp-backup --file backup1.tar
> ```
> This command places the backup under the `/nfs/ucp-backups/backup1.tar` path on the host.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--file`|Name of the file for backup contents. This is ignored when `--interactive` is specified. If not provided, backup contents are sent to stdout.|
|`--include-logs`|Only applicable is `--file` is specified. If `true`, includes logs from the backup execution in a file adjacent to the backup file, specified with the same name but with a `.log` extension. **Note**: Log files are not encrypted.|
|`--interactive, i`|Run in interactive mode and prompt for configuration values|
|`--jsonlog`|Produce json formatted output for easier parsing|
|`--passphrase`|Encrypt the tar file with a passphrase|
|:-----------------------|:------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| --file *value* | Name of the file to write the backup contents to. Ignored in interactive mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--no-passphrase` | Opt out to encrypt the tar file with a passphrase (not recommended) |
| `--passphrase` *value* | Encrypt the tar file with a passphrase |

10
reference/ucp/3.2/cli/dump-certs.md
View File

@ -28,8 +28,8 @@ to configure DTR.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--ca`|Only print the contents of the ca.pem file|
|`--cluster`|Print the internal UCP swarm root CA and cert instead of the public server cert|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|
|:-------------|:--------------------------------------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--ca` | Only print the contents of the ca.pem file |
| `--cluster` | Print the internal UCP swarm root CA and cert instead of the public server cert |

6
reference/ucp/3.2/cli/id.md
View File

@ -23,3 +23,9 @@ a client bundle.
This ID is used by other commands as confirmation.
## Options
| Option | Description |
|:-------------|:-------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |

14
reference/ucp/3.2/cli/images.md
View File

@ -25,10 +25,10 @@ the ones that are missing.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|
|`--list`|List all images used by UCP but don't pull them|
|`--pull`|Pull UCP images: `always`, when `missing`, or `never`|
|`--registry-username`|Username to use when pulling images|
|`--registry-password`|Password to use when pulling images|
|:------------------------------|:-----------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--list` | List all images used by UCP but don't pull them |
| `--pull` *value* | Pull UCP images: `always`, when `missing`, or `never`|
| `--registry-password` *value* | Password to use when pulling images |
| `--registry-username` *value* | Username to use when pulling images |

4
reference/ucp/3.2/cli/index.md
View File

@ -30,13 +30,15 @@ docker container run -it --rm \
## Commands
| Option | Description |
|:-----------------|:----------------------------------------------------------|
|:--------------------|:----------------------------------------------------------|
| `backup` | Create a backup of a UCP manager node |
| `dump-certs` | Print the public certificates used by this UCP web server |
| `example-config` | Display an example configuration file for UCP |
| `help` | Shows a list of commands or help for one command |
| `id` | Print the ID of UCP running on this node |
| `images` | Verify the UCP images on this node |
| `install` | Install UCP on this node |
| `port-check-server` | Checks the ports on a node before a UCP installation |
| `restart` | Start or restart UCP components running on this node |
| `restore` | Restore a UCP cluster from a backup |
| `stop` | Stop UCP components running on this node |

83
reference/ucp/3.2/cli/install.md
View File

@ -4,7 +4,7 @@ description: Install UCP on a node
keywords: ucp, cli, install
---
Install UCP on a node.
Install UCP on a node
## Usage
@ -18,7 +18,7 @@ docker container run --rm -it \
## Description
This command initializes a new swarm, turns a node into a manager, and installs
This command initializes a new swarm, turns anode into a manager, and installs
Docker Universal Control Plane (UCP).
When installing UCP you can customize:
@ -43,49 +43,50 @@ If you are installing on Azure, see [Install UCP on Azure](/ee/ucp/admin/install
## Options
| Option | Description |
|:-------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--admin-password` | The UCP administrator password. Must be at least 8 characters. |
| `--admin-username` | The UCP administrator username |
|:-------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] |
| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` | The cloud provider for the cluster
| `--cni-installer-url` | Deprecated feature. A URL pointing to a Kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin is not installed. If the URL uses the HTTPS scheme, no certificate verification is performed. |
| `--controller-port` | Port for the web UI and API
| `--data-path-addr` | Address or interface to use for data path traffic. Format: IP address or network interface name
| `--debug, D` | Enable debug mode |
| `--cloud-provider` *value* | The cloud provider for the cluster |
| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed |
| `--controller-port` *value* | Port for the web UI and API (default: 443) |
| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns` | Set custom DNS servers for the UCP containers |
| `--dns-opt` | Set DNS options for the UCP containers |
| `--dns-search` | Set custom DNS search domains for the UCP containers |
| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] |
| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] |
| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install fails if a config is not found. |
| `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation |
| `--external-service-lb` | Set the external service load balancer reported in the UI |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports |
| `--force-minimums` | Force the install/upgrade even if the system doesn't meet the minimum requirements. |
| `--fresh-install` | Destroy any existing state and start fresh. |
| `--host-address` | The network address to advertise to other nodes. Format: IP address or network interface name |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--iscsiadm-path` | Path to the host iscsiadm binary. This option is only applicable if `--storage-iscsi` is specified. |
| `--iscsidb-path` | Path to the host iscsi database. This option is only applicable if `--storage-iscsi` is specified. |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--kube-apiserver-port` | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` | Number of changes between key-value store snapshots |
| `--kv-timeout` | Timeout in milliseconds for the key-value store |
| `--license` | Add a license: e.g.` --license "$(cat license.lic)" ` |
| `--pod-cidr` | Kubernetes cluster IP pool for the pods to allocated IPs from (Default: `192.168.0.0/16`) |
|`--service-cluster-ip-range`| Sets the subnet pool from which the IP for Services should be allocated (Default is `10.96.0.0/16`). |
| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found |
| `--external-server-cert` | Customize the certificates used by the UCP web server |
| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] |
| `--iscsiadm-path`*value* | Path to the host iscsiadm binary. This option is applicable only when --storage-iscsi is specified |
| `--iscsidb-path` *value* | Path to the host iscsi DB. This option is applicable only when --storage-iscsi is specified |
| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] |
| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] |
| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] |
| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") |
| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--san` | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
| `--skip-cloud-provider` | Disables checks that rely on detecting the cloud provider (if any) on which the cluster is currently running. |
| `--storage-expt-enabled` | Enable experimental features in Kubernetes storage. |
| `--storage-iscsi` | Enable iSCSI-based Persistent Volumes in Kubernetes. |
| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] |
| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] |
| `--service-cluster-ip-range` *value* | Kubernetes Cluster IP Range for Services (default: "10.96.0.0/16") |
| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on |
| `--storage-expt-enabled` | Flag to enable experimental features in Kubernetes storage |
| `--storage-iscsi` | Enable ISCSI based Persistent Volumes in Kubernetes |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-port` | Port for the Docker Swarm manager. Used for backwards compatibility |
| `--swarm-grpc-port` | Port for communication between nodes |
| `--unlock-key` | The unlock key for this swarm-mode cluster, if one exists. |
| `--unmanaged-cni` |The default value of `false` indicates that Kubernetes networking is managed by UCP with its default managed CNI plugin, Calico. When set to `true`, UCP does not deploy or manage the lifecycle of the default CNI plugin - the CNI plugin is deployed and managed independently of UCP. Note that when `unmanaged-cni=true`, networking in the cluster will not function for Kubernetes until a CNI plugin is deployed. |
| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) |
| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] |
| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) |

26
reference/ucp/3.2/cli/port-check-server.md Normal file
View File

@ -0,0 +1,26 @@
---
title: docker/ucp port-check-server
description: Check the firewall ports for UCP
keywords: ucp, cli, images
---
Checks the suitablility of the node for a UCP installation
## Usage
```
docker run --rm -it \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
port-check-server [command options]
```
## Description
Checks the suitablility of the node for a UCP installation
## Options
| Option | Description |
|:------------------------------|:----------------------------------|
| --listen-address -l *value* | Listen Address (default: ":2376") |

24
reference/ucp/3.2/cli/restart.md
View File

@ -1,24 +0,0 @@
---
title: docker/ucp restart
description: Start or restart UCP components running on this node
keywords: ucp, cli, restart
---
Start or restart UCP components running on this node.
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
restart [command options]
```
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|

16
reference/ucp/3.2/cli/restore.md
View File

@ -59,12 +59,14 @@ Notes:
## Options
| Option | Description |
|:-------------------|:----------------------------------------------------------------------------------------------|
| `--data-path-addr` | Address or interface to use for data path traffic |
|:---------------------------|:----------------------------------------------------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--host-address` | The network address to advertise to other nodes. Format: IP address or network interface name |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--passphrase` | Decrypt the backup tar file with the provided passphrase |
| `--san` | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
| `--unlock-key` | The unlock key for this swarm-mode cluster, if one exists. |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--data-path-addr` *value* | Address or interface to use for data path traffic |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name |
| `--passphrase` *value* | Decrypt the backup tar file with the provided passphrase |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
| `--swarm-grpc-port *value* | Port for communication between nodes (default: 2377) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. |

24
reference/ucp/3.2/cli/stop.md
View File

@ -1,24 +0,0 @@
---
title: docker/ucp stop
description: Stop UCP components running on this node
keywords: ucp, cli, stop
---
Stop UCP components running on this node.
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
stop [command options]
```
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|

17
reference/ucp/3.2/cli/support.md
View File

@ -11,21 +11,22 @@ Create a support dump for specified UCP nodes.
```
docker container run --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
--log-driver none \
--volume /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
support [command options] > docker-support.tgz
```
## Description
This command creates a support dump file for the specified node(s), and prints it to stdout. This includes
the ID of the UCP components running on the node. The ID matches what you see when running
the `docker info` command while using a client bundle, and is used by other commands as confirmation.
This command creates a support dump file for the specified node(s), and prints
it to stdout. This includes the ID of the UCP components running on the node.
The ID matches what you see when running the `docker info` command while using
a client bundle, and is used by other commands as confirmation.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--loglines`|Specify number of lines to grab from `journalctl`. The default is 10,000 lines.|
|`--nodes`|Select specific nodes on which to produce a support dump. Comma-separated node IDs are allowed. The default selects all nodes.|
|`--servicedriller`|Run the swarm service driller (ssd) tool. For more information on this tool, see [Docker Swarm Service Driller (ssd)](https://github.com/docker/libnetwork/tree/master/cmd/ssd) Not run by default.|
|:-------------|:-------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |

12
reference/ucp/3.2/cli/uninstall-ucp.md
View File

@ -31,12 +31,12 @@ UCP is installed again.
## Options
| Option | Description |
| :-------------------- | :---------------------------------------------------------- |
|:------------------------------|:----------------------------------------------------------- |
| `--debug, D` | Enable debug mode |
| `--id` | The ID of the UCP instance to uninstall |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--id` *value* | The ID of the UCP instance to uninstall |
| `--pull` *value* | Pull UCP images: `always`, when `missing`, or `never` |
| `--purge-config` | Remove UCP configs during uninstallation |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--registry-password` *value* | Password to use when pulling images |
| `--registry-username` *value* | Username to use when pulling images |

26
reference/ucp/3.2/cli/upgrade.md
View File

@ -18,10 +18,7 @@ Upgrade the UCP cluster.
## Description
This command upgrades the UCP running on this cluster. To upgrade UCP:
- (Optional) Upgrade the Docker Engine in all nodes.
- Run the upgrade command on one manager node.
This command upgrades the UCP running on this cluster.
Before performing an upgrade, you should perform a backup by using the
[backup](backup.md) command.
@ -33,19 +30,16 @@ healthy and that all nodes have been upgraded successfully.
## Options
| Option | Description |
|:----------------------|:------------------------------------------------------------------------------------------------------|
| `--admin-username` | The UCP administrator username |
| `--admin-password` | The UCP administrator password |
| `--cloud-provider` | The cloud provider for the cluster |
|:------------------------------|:------------------------------------------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` | Override the previously configured host address with this IP or network interface |
| `--id` | The ID of the UCP instance to upgrade |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--manual-worker-upgrade` | Specifies whether to manually upgrade worker nodes. Defaults to `false`. |
| `--nodeport-range` | Allowed port range for Kubernetes services of type `NodePort`. The default port range is `32768-35535`. |
| `--pod-cidr` | Kubernetes cluster IP pool for the pods to allocated IP. The default IP pool is `192.168.0.0/16`. |
| `--admin-password` *value* | The UCP administrator password |
| `--admin-username` *value* | The UCP administrator username |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | Override the previously configured host address with this IP or network interface |
| `--id` | The ID of the UCP instance to upgrade |
| --manual-worker-upgrade | Whether to manually upgrade worker nodes. Defaults to false |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--registry-password` *value* | Password to use when pulling images |
| `--registry-username` *value* | Username to use when pulling images |