Publish UCP release notes and CSI (#1091)

Browse Source

* Raw content addition

* Merge default-backend info here

* Moved to interlock-vip info

* Incorporate Euan's changes

Add examples for sticky_session_cookie and redirects

* Fix indentation issue

* 1013: Move desktop ent content to docs-private

* fix yaml spacing error

* 1013 - Fix ToC indentation, missing images

* 1010, 1011 - Update user instructions, add new screenshot

* update Jenkinsfile

* update jenkinsfile with very important protections

So we're lucky we're not using the master branch to update our swarm services here because if we someone had pushed to it, it would have triggered a docs.docker.com build. This is becuase this Jenkinsfile, which has been merged from the docker.github.io project has the content for updating docs.docker.com and not beta.docs.docker.com. Maria and I have worked out a potential solution to this problem and I hope to implement it today.

* Fix the DDE Overview ToC

* make Jenkinsfile serve private and public docs

After a couple of Jenkins-based mix-ups it became obvious we needed a Jenkinsfile that would serve both public and private projects, that we could move between repos without worry. This Jenkinsfile knows which images to build and push and which swarm services to update because of the use of git_url and branch conditions.

* make jenkinsfile serve private and public docs

* Address review comments from Ben and GuillaumeT

* fix image path

* Fix review comments from Mathieu and Guillaume

* fix pending review comments

* Add documentation for --service-cluster-ip-range flag

https://github.com/docker/orca/pull/16417 adds support to make service cluster IP range subnet configurable for UCP install via the --service-cluster-ip-range flag

* Added a period.

* Add documentation for UCP install page

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>

* Add OS support statement

* Add Assemble docs

* Update ToC to include Assemble topics

* Remove version pack install section

* Adding APP CLI guide for customer beta2

Signed-off-by: Nigel Poulton <nigelpoulton@hotmail.com>

* Fix broken cross-refs

* fix the navigation

* Update version packs

The default version pack is now 3.0

We don't publicly advertise the Community version pack as its usage is for internal testing only.

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>

* bumped headings by one level + minor updates

* 1006 - Adding Docker Template content

* Update ToC to add Docker template entry

* Adding the CLI reference topic and an updated toc

* Added CLI reference, updated toc, fixed broken links

* replaced hardcoded names with 'username'

* Add registry-cli plugin reference

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Update docker_registry docs

* Add docker template reference docs

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Raw content addition

* Moved to interlock-vip info

* Fix indentation issue

* 1013: Move desktop ent content to docs-private

* fix yaml spacing error

* 1013 - Fix ToC indentation, missing images

* 1010, 1011 - Update user instructions, add new screenshot

* Fix the DDE Overview ToC

* Sync forked amberjack branch with docs-private (#1068)

* Service labels info

* Tuning info

* Update info

* New deploy landing page info

* Offline install info

* New production info

* New upgrade info

* New landing page info

* Canary info

* Context info

* Landing page info

* Interlock VIP mode info

* Labels reference info

* Redirects info

* Service clusters info

* Sessions info

* SSL info

* TLS info

* Websockets info

* Incorporated latest change from Netlify site

* Images

* Moved to images directory

* Moved info

* Changed default port based on github.io update

* Add HideInfoHeaders based on github.io update

* HideInfoHeaders in code sample

* Wording and tag updates

* Tag and link updates

* Fix some minor issues in vfs storage-driver section

- Fix mention of `storage-drivers` instead of `storage-opts`
- Repeat the selected driver in the second `daemon.json` example
- Remove mention of `CE` as this driver can be used
on Docker EE (although it's mainly intending for
debugging, so not a "supported" driver)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Wording cleanup

* Intra-doc links

* Link titles

* Wording and link changes

* Remove site URL from link path

* Removed Kube GC Known issue from UCP 3.1.4

* Update release-notes.md

DTR info

Edits on 2.5.10 and 2.6.4 entries

Add upgrade warning information

Updated engine info per Andrew's input

Added Component table info per Mark

* Update DTR release notes

* Fixed dates

* Fixed formatting issues

* Temporary - review later

* Remove stage compose file for docs-private

* Update compose-version to 1.24.0

https://github.com/docker/compose/releases/tag/1.24.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* re-add removed Jenkinsfile

* Added moby#36951 to 18.09.4 release notes

* Wording and link updates

* Updated Offline Bundles for March Patch

* Update release notes for 1.23.2 and 1.24.0

Signed-off-by: Ulysses Souza <ulysses.souza@docker.com>

* Link to client bundle instructions

* Minor edits

- Moved dates to be consistent with other release notes
- Made grammar a little more consistent

* Update index.md : #### host or none - network (#8425)

* Update index.md : #### host or none - network

Choosing specific network for a build instead of the [network_mode]. network_mode doesn't work when providing a network for a particular build rather it skips the block and move to next service thus using network.

* Minor syntax updates

* Update index.md

those changes were a result of conflict that i tried to resolve.

* add slack webhook to Jenkinsfile

* Update release-notes.md

* add slack webhook to Jenkinsfile

* Fix labels-reference link

* Add pip dependencies to compose doc for alpine (#8554)

* Add pip dependencies to compose doc for alpine

Signed-off-by: Ulysses Souza <ulysses.souza@docker.com>

* Minor edit

* Audit branch (#8564)

* Update trust-with-remote-ucp.md

* Fix link texts

* Addresses 8446

* Update trust_delegation.md

* - Addresses 8446
- Cleans up broken links
- Fixes vague link texts

Addresses 8446

Update trust_delegation.md

* Update running_ssh_service.md

Fixed formatting and wording. Also moved note above the code.

* Update running_ssh_service.md

Fixed typo.

* Compose: Update build docs, Add --quiet flag

* Fix destroy reference page link

Relates to https://github.com/docker/docker.github.io/pull/8441

* Rephrase Ubuntu 14.04 note

* Revert "Compose: Update build docs, Add --quiet flag"

* # This is a combination of 4 commits.
# This is the 1st commit message:

- Addresses 8446
- Cleans up broken links
- Fixes vague link texts

Addresses 8446

Update trust_delegation.md

# This is the commit message #2:

# This is a combination of 2 commits.
# This is the 1st commit message:

- Addresses 8446
- Cleans up broken links
- Fixes vague link texts

Addresses 8446

Update trust_delegation.md

# This is the commit message #2:

Update trust-with-remote-ucp.md
# This is the commit message #3:

- Addresses 8446
- Cleans up broken links
- Fixes vague link texts

# This is the commit message #4:

Fix destroy reference page link

Relates to https://github.com/docker/docker.github.io/pull/8441

* - Addresses 8446
- Cleans up broken links
- Fixes vague link texts

* Addresses 8446 with text and link cleanup.

* Update syntax language from none to bash

* Update index.md

* Remove merge conflict

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Adding Azure note (#8566)

* Adding Azure note

* Rephrase additional line and update link

* Fix typo

* Update configs.md

* Adding Azure note (#8566)

* Adding Azure note

* Rephrase additional line and update link

* Final edit

* Updated the 3.1.4 release notes to include Centos 7.6 support

* update jenkinsfile with very important protections

* add protection to Jenkinsfile

* fix git url protection in jenkinsfile

* typo fix

friendlyname -> friendlyhello

* Storage backend data migration updates

Fix incorrect API command, add backup updates

Update incorrect commands

* --unmanaged-cni is not a valid option for upgrade

* Update to UCP known issues

* Update UCP release notes

* Update release-notes.md

* make jenkinsfile serve private and public docs

* Add HSTS warning for specifying --dtr-external-url

* Typo on logging driver name

* Addressed engineering feedback

* Netlify redirects interlock (#8595)

* Added netlify redirect

* Remove redundant "be"

* Update the "role-based access control" link

On page "https://docs.docker.com/ee/ucp/user-access/", update the hyperlink "role-based access control" to point to "https://docs.docker.com/ee/ucp/authorization/" instead of "https://docs.docker.com/ee/access-control".

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

We had a customer (00056641) who changed IPs like this all at once, and they are in a messy status. We should make it clear that static IP is absolutely required.
```***-ucp-0-dw original="10.15.89.6" updated="10.15.89.7"
***-ucp-1-dw original="10.15.89.5" updated="10.15.89.6"
***-ucp-2-dw original="10.15.89.7" updated="10.15.89.5" ```

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Add the 'Install on Azure' page back to the TOC for UCP 3.0 (#8623)

* Add the Install on Azure page back to the UCP 3.0 TOC

* Fix the copy / paste error on Install on UCP

* Fix Liquid syntax error in "reset user password"

```
Liquid Warning: Liquid syntax error (line 33): Expected end_of_string but found number in "{{ index .Spec.TaskTemplate.ContainerSpec.Args 0 }}" in ee/ucp/authorization/reset-user-password.md
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Fix link text

* Patch release notes 04 2019 (#8633)

* Add version update for Engine/UCP

* Add DTR version updates

* Added April Offline Bundles

* Engine release notes update

* Update release-notes.md

* Minor edit

* Add 2.4.11 DTR info

* Remove statement about supporting CNI plugin (#8594)

* Remove statement about supporting CNI plugin

* Update install-cni-plugin.md

* Removing internal JIRA links

* Use site parameter to use latest compose file versions in examples (#8630)

* Use site parameter to use latest compose file versions in examples

Make sure that examples use the latest version of the compose file
format, to encourage using the latest version, and to prevent
users from running into "not supported by this version" problems
when copy/pasting, and combining examples that use different
versions.

Also add a note about `version: x` not being equivalent to
`version: x.latest`.

Note that there are still some examples using fixed versions
in the UCP sections; we need to evaluate those to make sure
the right (and supported) versions are used for UCP (which may
be different than "latest").

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Address some v3/v2 issues, and YAML syntax error

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Minor edit

* Final updates

- Added note around v2 and v3 versioning
- Updated note for v3 to match the v2 update

* compose-file: remove reference to custom init path (#8628)

* compose-file: remove reference to custom init path

This option was never functional, and was not intended
to be added to the "container create" API, so let's
remove it, because it has been removed in Docker 17.05,
and was broken in versions before that; see

- docker/docker-py#2309 Remove init_path from create
- moby/moby#32355 --init-path does not seem to work
- moby/moby#32470 remove --init-path from client

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Update index.md

* Remove extra which

Change below line

From

AUFS, which can suffer noticeable latencies when searching for files in images with many layers

AUFS can suffer noticeable latencies when searching for files in images with many layers

* Fix a broken link

* Add documentation for --service-cluster-ip-range flag

https://github.com/docker/orca/pull/16417 adds support to make service cluster IP range subnet configurable for UCP install via the --service-cluster-ip-range flag

* Added a period.

* Add documentation for UCP install page

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>

* Redirect to current version of page, since it's reached EOL

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

1. Local and NFS mount image backup commands were invalid (incorrectly used -C flag). Replaced them with commands that work.
2. The new commands automatically populate the correct replica ID and add a datestamp to the backup filename.

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

1. The prior metadata backup command was subject to user error. Improved the command to automatically collect the DTR version and select a replica.
2. Improved security of the command by automatically collecting UCP CA certificate for verification rather than using --ucp-insecure-tls flag.
3. Improved the backup filename by adding the backed-up version information and date of backup. Knowledge of the version information is required for restoring a backup.
4. Described these improvements for the user.

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

@omegamormegil I removed the example with prepopulated fields, as I think it doesn't add much, and will only add confusion. Users who need this much detail can run the basic command and follow the terminal prompts.

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Published (#8674)

* add slack webhook to Jenkinsfile

* make jenkinsfile serve private and public docs

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Fixed heading inconsistency

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Update concatenated to chained

* Minor fix

* interlock --> ucp-interlock (#8675)

* interlock --> ucp-interlock

* Fixed code samples

- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable

* Typo

* Final syntax fix

* Update backup.md

* Sync published with master (#8685)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Published (#8674)

* add slack webhook to Jenkinsfile

* make jenkinsfile serve private and public docs

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Fixed heading inconsistency

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Update concatenated to chained

* Minor fix

* interlock --> ucp-interlock (#8675)

* interlock --> ucp-interlock

* Fixed code samples

- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable

* Typo

* Final syntax fix

* Update backup.md

* Removed Reference to Interlock Preview Image, and added relevant UCP Image Org and Tag

* Fix syntax error which caused the master build to fail

* Preview page.ucp_org output

* Sync published with master (#8693) (#8694)

* Adding Azure note (#8566)

* Adding Azure note

* Rephrase additional line and update link

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Published (#8674)

* add slack webhook to Jenkinsfile

* make jenkinsfile serve private and public docs

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Fixed heading inconsistency

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Update concatenated to chained

* Minor fix

* interlock --> ucp-interlock (#8675)

* interlock --> ucp-interlock

* Fixed code samples

- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable

* Typo

* Final syntax fix

* Update backup.md

* Removed Reference to Interlock Preview Image, and added relevant UCP Image Org and Tag

* Fix syntax error which caused the master build to fail

* docs: fix typo in removal of named volumes (#8686)

* Updated the ToC for Upgrading Interlock

* Removed the Previous Interlock SSL Page

* Moved Redirect to latest page

* Update index.md (#8690)

Fix typo - missing word.

* Update bind-mounts.md (#8696)

* Minor edits (#8708)

* Minor edits

- Standardized setting of replica ID as per @caervs
- Fix broken link

* Consistency edits

- Standardized setting of replica ID
- Added note that this command only works on Linux

* Standardize replica setting

- Update commands for creating tar files for local and NFS-mounted images

* Fixed broken 'important changes' link (#8721)

* Interlock fix - remove haproxy and custom template files (#8722)

* Removed haproxy and custom template info

* Delete file

* Render DTR version (#8726)

* Release notes for 2.0.4.0 win (Edge)

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>

* Release notes for 2.0.4.0 mac (Edge)

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>

* Update-edge-release-notes.md

Minor updates to the proposed content. Looks good otherwise.

* Updated edge-release-notes (Windows)

Minor edits

* Added Docker-Compose awslogs example (#8638)

* Added docker compose aws logs information

* Fixed formatting and text

- Signed off by @bermudezmt

* Fix: duplicate paragraph `depends_on` (#8539)

* Fix: duplicate paragraph `depends_on`

Amend duplicate paragraph `depends_on` in Compose file reference doc.

* Fix: add missing blank line

* Updated Engine/DTR/UCP version info (#8744)

* Updated Engine/DTR/UCP version info

* Fixed version

* Updates for May patch

* Release notes update (May) (#8763)

* Latest info including known issues

* Updates for 2.6.6, 2.5.11, 2.4.12

* Added 18.09.6 updates

* Added link

* Fixed link error

* Syntax error

* 2.6.6 info cleanup

* Added Hub info

* Added Hub info for 2.6.6

* Added Hub info for 3.1.7

* Link fix

* Update line items for DTR 2.6.6

* Add line break after Known Issues

- Affects 2.5.11.

* Edit line items

Minor edits and formatting fixes

* Remove outdated links/fix links (#8760)

* Fix dates

* Fixed syntax error (#8732)

* Fixed syntax error

Last edit to the REPLICA_ID command introduced a syntax error by adding an extra ')'. Removed it.

* Fix replica ID setting examples

- Accept suggestion from @thajeztah based on product testing
- Apply change to page examples
- Remove NFS backup example based on the following errors:
tar: /var/lib/docker/volumes/dtr-registry-nfs-36e6bf87816d: Cannot stat: No such file or directory
tar: Exiting with failure status due to previous errors

* Update header for example tar

* Fixed link title

* Added new example and deprecation info (#8773)

* Updated multi-stage build doc (#8769)

Changed the 'as' keyword to 'AS' to match the Dockerfile reference docs here: https://docs.docker.com/engine/reference/builder/#from

* Fix typo (#8766)

* Fixed a sentence (#8728)

* Fixed a sentence

* Minor edit

* Update configure-tls.md (#8719)

* Update upgrade.md (#8718)

* Update index.md (#8717)

* Update configure-tls.md (#8716)

* Add TOC entry for Hub page title change (#8777)

* Update upgrade.md

* Fix left navigation TOC

* Update get-started.md (#8713)

* Update tmpfs.md (#8711)

* Add an indentation in compose-gettingstarted.md (#8487)

* Add an indentation

* Fix messaging on service dependencies

* Sync master with published (#8779)

* Sync published with master (#8693)

* Adding Azure note (#8566)

* Adding Azure note

* Rephrase additional line and update link

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Published (#8674)

* add slack webhook to Jenkinsfile

* make jenkinsfile serve private and public docs

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Fixed heading inconsistency

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Update concatenated to chained

* Minor fix

* interlock --> ucp-interlock (#8675)

* interlock --> ucp-interlock

* Fixed code samples

- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable

* Typo

* Final syntax fix

* Update backup.md

* Removed Reference to Interlock Preview Image, and added relevant UCP Image Org and Tag

* Fix syntax error which caused the master build to fail

* Sync published with master (#8695)

* Sync published with master (#8693) (#8694)

* Adding Azure note (#8566)

* Adding Azure note

* Rephrase additional line and update link

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Published (#8674)

* add slack webhook to Jenkinsfile

* make jenkinsfile serve private and public docs

* Sync published with master (#8619)

* Update install.md

add note: 8 character password minimum length

* Include Ubuntu version in Dockerfile

more recent versions of Ubuntu don't work with the given Dockerfile

* Updated the 3.1.4 release notes to include Centos 7.6 support

* Remove redundant "be"

* Update the "role-based access control" link

* Add UCP user password limitation

* Revert "Updated the UCP 3.1.4 release notes to include Centos 7.6 support"

* Adding emphasis on Static IP requirement (#7276)

* Adding emphasis on Static IP requirement

* Link to prod requirement of static IP addresses

* Adding warning about layer7 config (#8617)

* Adding warning about layer7 config

Adding warning about layer7 config not being included in the backup

* Text edit

* Sync published with master (#8673)

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Fix grammar on the 2nd pre-req, and did markdown formatting on the rest :)

* Correct Pod-CIDR Warning

* Content cleanup

Please check that I haven't changed the meaning of the updated prerequisites.

* Create a new section on configuring the IP Count value, also responded to feedback from Follis, Steve R and Xinfeng.

* Incorporated Steven F's feedback and Issue 8551

* Provide a warning when setting a small IP Count variable

* Final edits

* Update install-on-azure.md

* Following feedback I have expanded on the 0644 azure.json file permissions and Added the --existing-config file to the UCP install command

* Removed Orchestrator Tag Pre Req from Azure Docs

* Clarifying need for 0644 permissions

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

DTR Metadata backup command improvements:

DTR metadata backups are more difficult than they need to be and generate many support tickets. I updated the DTR command to avoid common user pitfalls:

Image backup commands were tested with local and NFS image storage. The metadata backup command was tested by running it directly on a DTR node and through a UCP client bundle with multiple replicas.

* Technical and editorial review

* More edits

* line 8; remove unnecessary a (#8672)

* line 8; remove unnecessary a

* Minor edit

* Updated the UCP Logging page to include UCP 3.1 screenshots (#8646)

* Added examples (#8599)

* Added examples

Added examples with more detail and automation to help customers backup DTR without creating support tickets.

* Linked to explanation of example command

We can re-add in a follow-up PR, if you think that example is crucial to this page.

* Remove deadlink in the Interlock ToC (#8668)

* Found a deadlink in the Interlock ToC

* Added Redirect

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8678)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Fixed heading inconsistency

* Trying to fix command rendering of '--format "{{ .Names }}"' (#8677)

* Trying to fix command rendering of '--format "{{ .Names }}"'

--format "{{ .Names }}" is showing up in the markup but is rendering as --format "" in the published version. Added {% raw %} tags to try to fix.

* Update concatenated to chained

* Minor fix

* interlock --> ucp-interlock (#8675)

* interlock --> ucp-interlock

* Fixed code samples

- Use the latest UCP version and the latest ucp-interlock image
- Leverage ucp page version Jekyll variable

* Typo

* Final syntax fix

* Update backup.md

* Removed Reference to Interlock Preview Image, and added relevant UCP Image Org and Tag

* Fix syntax error which caused the master build to fail

* docs: fix typo in removal of named volumes (#8686)

* Sync published with master (#8709)

* Sync published with master (#8693) (#8694)

* Adding Azure note (#8566)

* Rephrase additional line and update link

* Revert "Netlify redirects interlock (#8595)"

This reverts commit a7793edc74.

* UCP Install on Azure Patch (#8522)

* Improved backup commands (#8597)

* Improved backup commands

DTR image backup command improvements:

1. Local and NFS mount image ba…

* Follow-up cleanup (#1069)

* Delete interlock_service_clusters.png~HEAD

* Delete interlock_service_clusters.png~Raw content addition

* Clean up interlock files for Amberjack

* Remove merge markers in toc.yml

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Add correct UCP interlock TOC entries

Fingers crossed on this one - did it from the browser. :D

* added api reference, fixed tech review comments

* Added patch release changelogs

* Update docker cli reference for 19.03

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* SAML SCIM update (#1073)

* Added SCIM entry

* SCIM content

* Updates per Ryan's feedback

* Removed delete

* Update per Ryan's feedback

* Minor wording changes

* Additional endpoints added

* Update per Ryan's feedback

* Metadata updates

* Anchor links added

* Updates per Maria

* Adding links to Docker for Mac and Windows Community content

* OSCAL TOC entry (#1083)

* Added Docker Desktop Enterprise 2.0.0.4-ent changelogs

Signed-off-by: Ulrich VACHON <ulrich.vachon@docker.com>

* minor updates to the public beta release notes

* gMSA info (#1074)

* Added gMSA note.

* Added gMSA bullet

* Added gMSA info

* Changes per Drew's feedback

* Updates per Drew's feedback

* Moved content per feedback

* Updates per Drew's feedback

* Update per feedback

* Update release-notes.md

* Update release notes

Public beta

* iSCSI info (#1075)

* Added raw content

* Added iscsi options

* Added iSCSI entry

* Images

* Clean up

* Updates per feedback

* Updates per Anusha

* Update to iscsi parameter

* Added updates per Deep's feedback

* Updates per Deep's feedback

* Updated iSCSI parameter description

* Update page versions for UCP and DTR

* UCP CSI info (#1064)

* New file

* Added image

* Added image link

* TOC change for new file

* Updates per feedback

* Added example screen shots

* Added screen shots to images folder

* Fixed image link info

* Fixed image link

* Updates per Anusha

* Updates per Deep's feedback

* UCP release notes info for Amberjack (#1087)

* UCP release notes info for Amberjack

* Stop and restart update

This commit is contained in:

Maria Bermudez

2019-05-16 12:35:57 -07:00

committed by

Maria Bermudez

parent ffe8ffd1e8

commit 6d07603256

7 changed files with 229 additions and 0 deletions

									
										2

_data/toc.yaml

										View File
									
				@ -1483,6 +1483,8 @@ manuals:

				        path: /ee/ucp/kubernetes/install-cni-plugin/

				      - title: Kubernetes network encryption

				        path: /ee/ucp/kubernetes/kubernetes-network-encryption/

				      - title: Deploy a CSI plugin

				        path: /ee/ucp/kubernetes/use-csi/

				      - sectiontitle: Persistent Storage

				        section:

				        - title: Use NFS Storage

BIN
ee/ucp/images/csi-host-path-plugin.png Normal file

View File

Binary file not shown.

After

Width: | Height: | Size: 81 KiB

BIN
ee/ucp/images/csi-plugins.png Normal file

View File

Binary file not shown.

After

Width: | Height: | Size: 157 KiB

BIN
ee/ucp/images/csi-volume-mounted.png Normal file

View File

Binary file not shown.

After

Width: | Height: | Size: 70 KiB

BIN
ee/ucp/images/persistent-storage-object.png Normal file

View File

Binary file not shown.

After

Width: | Height: | Size: 66 KiB

									
										84

ee/ucp/kubernetes/use-csi.mdNormal file

										View File
									
				@ -0,0 +1,84 @@

				---

				title: Using CSI drivers

				description: Learn how to deploy a CSI driver with UCP.

				keywords: Universal Control Plane, UCP, Docker EE, Kubernetes, storage, volume

				---

				The Container Storage Interface (CSI) is a specification for container orchestrators to manage block and file-based 

				volumes for storing data. Storage vendors can each create a single CSI driver that works with multiple 

				container orchestrators. The Kubernetes community maintains sidecar containers that can be used by a containerized 

				CSI driver to interface with Kubernetes controllers in charge of managing persistent volumes, attaching volumes to 

				nodes (if applicable), mounting volumes to pods, taking snapshots, and more. These sidecar containers include 

				a driver registrar, external attacher, external provisioner, and external snapshotter.

				Docker Enterprise 3.0 supports version 1.0+ of the CSI specification. Therefore, UCP 3.2 (as part of Docker Enterprise 3.0) can manage storage backends that ship with an associated CSI driver, as illustrated in the following diagram.

				![Kubernetes and CSI components](ee/ucp/images/csi-plugins.png){: .with-border}

				**Note**: Docker Enterprise does not provide CSI drivers. CSI drivers are provided by enterprise storage vendors. 

				Kubernetes does not enforce a specific procedure for how Storage Providers (SP) should bundle and distribute CSI drivers.

				Review the [Kubernetes CSI Developer Documentation](https://kubernetes-csi.github.io/docs/) for CSI architecture, 

				security, and deployment details.

				## Prerequisites

				1. Select a storage provider from the list of [available CSI drivers](https://kubernetes-csi.github.io/docs/drivers.html) 

				or as documented by your storage vendor. 

				> Disclaimer: As of Docker Enterprise 3.0, none of the [available CSI drivers](https://kubernetes-csi.github.io/docs/drivers.html) 

				are production quality and are considered pre-GA. 

				2. Install Docker Enterprise 3.0, which includes UCP 3.2. 

				3. Optionally, set the `--csi-expt-enabled` flag in the UCP install configuration if you want to enable CSI 

				features that are experimental in Kubernetes 1.14. “VolumeSnapshotDataSource” is an experimental feature in 

				Kubernetes 1.14 and it controls whether restoring from a CSI volume snapshot is enabled or not. If your storage 

				plugin of choice supports snapshotting, setting this flag is useful.

				4. Install the CSI plugin from your storage provider. For notes regarding installation, refer to your 

				storage provider’s user manual.

				5. Apply RBAC for sidecars and the CSI driver. For details on how to apply RBAC for your specific storage provider, 

				refer to the storage vendor documentation for specific permissions and roles required for deploying CSI plugins 

				on the cluster.

				6. Perform static or dynamic provisioning of PVs using the CSI plugin as the provisioner. For details on how 

				to provision volumes for your specific storage provider, refer to the storage provider’s user manual.

				## CSI driver deployment

				Refer to documentation from your storage vendor around how to deploy the desired CSI driver. 

				For easy deployment, storage vendors can package the CSI driver in containers. In the context of 

				Kubernetes clusters, containerized CSI drivers are typically deployed as `StatefulSets` for 

				managing the cluster-wide logic and `DaemonSets` for managing node-specific logic.

				You can deploy multiple CSI drivers for different storage backends in the same cluster.

				**Note**: 

				- To avoid credential leak to user processes, Kubernetes recommends running CSI Controllers on master nodes and the CSI node plugin on worker nodes. 

				- UCP allows running privileged pods. This is needed to run CSI drivers.

				- The Docker daemon on the hosts must be configured with Shared Mount propagation for CSI to allow the sharing of volumes mounted by one container into other containers in the same pod or even to other pods on the same node. By default, Docker daemon in UCP enables "Bidirectional Mount Propagation".

				For additional information, refer to the [Kubernetes CSI documentation](https://kubernetes-csi.github.io/docs/deploying.html).

				### Role-based access control (RBAC)

				Pods containing CSI plugins need the appropriate permissions to access and manipulate Kubernetes objects. 

				The desired cluster roles and bindings for service accounts associated with CSI driver pods can be configured 

				through YAML files distributed by the storage vendor. UCP administrators must apply those YAML files to 

				properly configure RBAC for the service accounts associated with CSI pods.

				## Usage 

				### Dynamic provisioning

				Dynamic provisioning of persistent storage depends on the capabilities of the CSI driver and underlying storage backend. The provider of the CSI driver should document the parameters available for configuration. 

				Refer to [CSI HostPath Driver](https://github.com/kubernetes-csi/csi-driver-host-path) for a generic CSI plugin example.

				### Manage CSI deployment

				The UCP user interface (UI) provides information about your CSI deployments, as shown in the following screen capture. In this example, a CSI Host Path Plugin was deployed as a `Pod`:

				![UCP UI with CSI host plugin](ee/ucp/images/csi-host-path-plugin.png)

				In the UCP UI, you can navigate to **Kubernetes** -> **Storage** for information about persistent storage objects such as `StorageClass`, `PersistentVolumeClaim`, and `PersistentVolume`. The following example provides information for objects specifically created using a CSI HostPath plugin:

				![UCP UI with persistent storage object information](ee/ucp/images/persistent-storage-object.png)

				The **Volumes** section on the Pod details page shows that the Pod using this CSI HostPath plugin has a volume mounted into the Pod:

				![UCP UI with CSI volume mount information](ee/ucp/images/csi-volume-mounted.png)

									
										143

ee/ucp/release-notes.md

										View File
									
				@ -19,6 +19,149 @@ upgrade your installation to the latest release.

				* [Version 3.0](#version-30)

				* [Version 2.2](#version-22)

				# Version 3.2.0-beta

				(2019-5-16)

				## New features

				### Group Managed Service Accounts (gMSA)

				On Windows, you can create or update a service using --credential-spec with the config://<config-name> format. 

				This passes the gMSA credentials file directly to nodes before a container starts. 

				### Open Security Controls Assessment Language (OSCAL)

				OSCAL API endpoints have been added in Engine and UCP. These endpoints are enabled by default.

				### Container storage interface (CSI)

				Version 1.0 of the CSI specification is now supported for container orchestrators to manage storage plugins. 

				Note: As of May 2019, none of the 

				(available CSI drivers)[https://kubernetes-csi.github.io/docs/drivers.html] are production quality and are considered pre-GA.

				### Internet Small Computer System Interface (iSCSI)

				Using iSCSI, a storage admin can now provision a UCP cluster with persistent storage from which UCP end 

				users can request storage resources without needing underlying infrastructure knowledge.

				### System for Cross-domain Identity Management (SCIM)

				SCIM implementation allows proactive synchronization with UCP and eliminates manual intervention for changing 

				user status and group membership.

				## Enhancements

				### Backup/restore

				- Backups no longer halt UCP containers.

				- Backup contents can now be redirected to a file instead of stdout/err.

				- You can now view information for all backups performed, including the date, status, and contents filenames. 

				Error log information can be accessed for troubleshooting.

				### Upgrade

				- Improved progress information for install and upgrade.

				- You can now manually control worker node upgrades.

				- User workloads no longer experience downtime during an upgrade.

				## Deprecations

				The following features are deprecated in UCP 3.1:

				- Collections

				    - The ability to create a nested collection of more than 2 layers deep within the root /Swarm/collection is 

				    now deprecated and will not be included in future versions of the product. However, current nested collections 

				    with more than 2 layers are still retained.

				    - Docker recommends a maximum of two layers when creating collections within UCP under the shared cluster 

				    collection designated as /Swarm/. For example, if a production collection called /Swarm/production is created 

				    under the shared cluster collection /Swarm/, only one level of nesting should be created, for 

				    example, /Swarm/production/app/. See Nested collections for more details.    

				- UCP `stop` and `restart`

				    - Additional upgrade functionality has been included which eliminates the need for these commands. 

				## Browser support 

				In order to optimize user experience and security, support for Internet Explorer (IE) version 11 is not provided for Windows 7 with UCP version 3.2. Docker recommends updating to a newer browser version if you plan to use UCP 3.2, or remaining on UCP 3.1.x or older until EOL of IE11 in January 2020.

				## Kubernetes

				Updated Kubernetes to version 1.14.

				- Enhancements:

				    - PodShareProcessNamespace

				        - The PodShareProcessNamespace feature, available by default, configures PID namespace sharing within a pod. 

				        See [Share Process Namespace between Containers in a Pod](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) for more information.

				         - https://github.com/kubernetes/kubernetes/pull/66507

				    - Volume Dynamic Provisioning

				        - Combined `VolumeScheduling` and `DynamicProvisioningScheduling`.

				        - Added allowedTopologies description in kubectl. 

				        - ACTION REQUIRED: The DynamicProvisioningScheduling alpha feature gate has been removed. 

				        The VolumeScheduling beta feature gate is still required for this feature)

				https://github.com/kubernetes/kubernetes/pull/67432

				    - TokenRequest and TokenRequestProjection

				        - Enable these features by starting the API server with the following flags:

				            * --service-account-issuer

				            * --service-account-signing-key-file

				            * --service-account-api-audiences

				        - https://github.com/kubernetes/kubernetes/pull/67349

				    - Removed `--cadvisor-port flag` from kubelet 

				        - ACTION REQUIRED: The cAdvisor web UI that the kubelet started using `--cadvisor-port` was removed 

				        in 1.12. If cAdvisor is needed, run it via a DaemonSet.

				        - https://github.com/kubernetes/kubernetes/pull/65707

				    - Support for Windows Server Containers

				        - Supports Windows Server Containers and Windows Server 2016 as the operating system of 

				        choice for the windows-based kubelet. You can run Windows-based and .NET-based applications inside 

				        containers on Kubernetes. 

				        - https://github.com/kubernetes/enhancements/issues/116

				    - Support for Out-of-tree CSI Volume Plugins (stable) with API

				        - Allows volume plugins to be developed out-of-tree.

				        - Not require building volume plugins (or their dependencies) into Kubernetes binaries.

				        - Not requiring direct machine access to deploy new volume plugins (drivers).

				        - https://github.com/kubernetes/enhancements/issues/178

				    - Server-side Apply leveraged by the UCP GUI for the yaml create page

				        - Moved "apply" and declarative object management from kubectl to the apiserver. Added "field ownership".

				        - https://github.com/kubernetes/enhancements/issues/555

				    - The PodPriority admission plugin

				        - For `kube-apiserver`, the `Priority` admission plugin is now enabled by default when using `--enable-admission-plugins`. If using `--admission-control` to fully specify the set of admission plugins, the `Priority` admission plugin should be added if using the `PodPriority` feature, which is enabled by default in 1.11.

				        - The priority admission plugin:

				            - Allows pod creation to include an explicit priority field if it matches the computed 

				            priority (allows export/import cases to continue to work on the same cluster, between 

				            clusters that match priorityClass values, and between clusters where priority is unused 

				            and all pods get priority:0)

				            - Preserves existing priority if a pod update does not include a priority value and the old 

				            pod did (allows POST, PUT, PUT, PUT workflows to continue to work, with the admission-set value 

				            on create being preserved by the admission plugin on update)

				            - https://github.com/kubernetes/kubernetes/pull/65739

				    - Volume Topology

				        - Made the scheduler aware of a Pod's volume's topology constraints, such as zone or node.

				        - https://github.com/kubernetes/enhancements/issues/490, Docs pr here: kubernetes/website#10736

				    - Admin RBAC role and edit RBAC roles

				        - The admin RBAC role is aggregated from edit and view.  The edit RBAC role is aggregated from a 

				        separate edit and view.

				        - https://github.com/kubernetes/kubernetes/pull/66684

				    - API 

				        - `autoscaling/v2beta2` and `custom_metrics/v1beta2` implement metric selectors for Object and Pods 

				        metrics, as well as allow AverageValue targets on Objects, similar to External metrics.

				        - https://github.com/kubernetes/kubernetes/pull/64097

				- Version updates

				    - Client-go libraries bump

				        - ACTION REQUIRED: the API server and client-go libraries support additional non-alpha-numeric 

				    characters in UserInfo "extra" data keys. Both support extra data containing "/" characters or 

				    other characters disallowed in HTTP headers.

				        - Old clients sending keys that were %-escaped by the user have their values unescaped by new API servers. 

				    New clients sending keys containing illegal characters (or "%") to old API servers do not have their values unescaped.

				        - https://github.com/kubernetes/kubernetes/pull/65799

				    - audit.k8s.io API group bump

				        - The audit.k8s.io API group has been bumped to v1.

				        - Deprecated element metav1.ObjectMeta and Timestamp are removed from audit Events in v1 version.

				        - Default value of option --audit-webhook-version and --audit-log-version are changed from `audit.k8s.io/v1beta1` 

				    to `audit.k8s.io/v1`.

				        - https://github.com/kubernetes/kubernetes/pull/65891

				- Known issues

				    - Backwards-incompatible changes in the Kube API that might affect user workloads will require warnings/documentation in the UCP release notes for Amberjack (list of deprecated features and APIs TBD).

				    - Does anything need to be noted for Kube 1.12 (deprecations, etc. that is not covered for 1.13?)

				# Version 3.1

				## 3.1.7