docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8980 from ollypom/ucp318configfilepatch 

Added UCP 3.1.8 Configuration file and CLI reference
This commit is contained in:
Usha Mandya 2019-06-27 20:43:38 +01:00 committed by GitHub
parent 6cc323e935 50c0596101
commit 7fac809ba8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 75 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
ee/ucp/admin/configure/ucp-configuration-file.md
View File

@ -93,17 +93,6 @@ An array of tables that specifies the DTR instances that the current UCP instanc
| `service_id` | yes | The DTR instance's OpenID Connect Client ID, as registered with the Docker authentication provider. |
| `ca_bundle` | no | If you're using a custom certificate authority (CA), `ca_bundle` specifies the root CA bundle for the DTR instance. The value is a string with the contents of a `ca.pem` file. |
### custom headers (optional)
Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`.
[[custom_api_server_headers]]
| Item | Description |
| ----------- | ----------- |
| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". |
| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". |
### audit_log_configuration table (optional)
Configures audit logging options for UCP components.
@ -165,6 +154,29 @@ Specifies whether the your UCP license is automatically renewed.
|:---------------|:---------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `auto_refresh` | no | Set to `true` to enable attempted automatic license renewal when the license nears expiration. If disabled, you must manually upload renewed license after expiration. The default is `true`. |
### custom headers (optional)
Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`.
[[custom_api_server_headers]]
| Item | Description |
|:--------|:--------------------------------------------------------------------------------------|
| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". |
| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". |
### user_workload_defaults (optional)
`user_workload_defaults.swarm_defaults`
A map describing default values to set on Swarm services at creation time if
those fields are not explicitly set in the service spec.
| Parameter | Required | Description |
|:-----------------------------------------|:---------|:---------------------------------------------------------------------|
| `tasktemplate.restartpolicy.delay` | no | Delay between restart attempts (ns|us|ms|s|m|h).The default is `5s`. |
| `tasktemplate.restartpolicy.maxattempts` | no | Maximum number of restarts before giving up. The default is `3`. |
### cluster_config table (required)
Configures the cluster that the current UCP instance manages.
@ -191,22 +203,23 @@ components. Assigning these values overrides the settings in a container's
| `metrics_retention_time` | no | Adjusts the metrics retention time. |
| `metrics_scrape_interval` | no | Sets the interval for how frequently managers gather metrics from nodes in the cluster. |
| `metrics_disk_usage_interval` | no | Sets the interval for how frequently storage metrics are gathered. This operation can be expensive when large volumes are present. |
| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. |
| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. |
| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. |
| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. |
| `cloud_provider` | no | Set the cloud provider for the kubernetes cluster. |
| `pod_cidr` | yes | Sets the subnet pool from which the IP for the Pod should be allocated from the CNI ipam plugin. Default is `192.168.0.0/16`. |
| `calico_mtu` | no | Set the MTU (maximum transmission unit) size for the Calico plugin. |
| `ipip_mtu` | no | Set the IPIP MTU size for the calico IPIP tunnel interface. |
| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. |
| `service-cluster-ip-range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`.
| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. |
| `service_cluster_ip_range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`. |
| `nodeport_range` | yes | Set the port range that for Kubernetes services of type NodePort can be exposed in. Default is `32768-35535`. |
| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) |
| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) |
| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) |
| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) |
| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) |
| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) |
| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) |
| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) |
| `local_volume_collection_mapping` | no | Store data about collections for volumes in UCP's local KV store instead of on the volume labels. This is used for enforcing access control on volumes. |
| `manager_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on manager nodes. |
| `worker_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on worker nodes. |
| `kubelet_max_pods` | yes | Set Number of Pods that can run on a node. Default is `110`.
*dev indicates that the functionality is only for development and testing. Arbitrary Kubernetes configuration parameters are not tested and supported under the Docker Enterprise Software Support Agreement.

85
reference/ucp/3.1/cli/install.md
View File

@ -42,46 +42,47 @@ If you are installing on Azure, see [Install UCP on Azure](/ee/ucp/admin/install
## Options
| Option | Description |
|:--------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] |
| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` *value* | The cloud provider for the cluster |
| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed |
| `--controller-port` *value* | Port for the web UI and API (default: 443) |
| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] |
| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] |
| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found |
| `--external-server-cert` | Customize the certificates used by the UCP web server |
| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] |
| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] |
| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] |
| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] |
| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") |
| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] |
| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] |
| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) |
| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] |
| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) | |
| Option | Description |
|:-------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--debug, -D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, -i` | Run in interactive mode and prompt for configuration values |
| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] |
| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` *value* | The cloud provider for the cluster |
| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed |
| `--controller-port` *value* | Port for the web UI and API (default: 443) |
| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] |
| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] |
| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found |
| `--external-server-cert` | Customize the certificates used by the UCP web server |
| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] |
| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] |
| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] |
| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] |
| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") |
| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] |
| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] |
| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] |
| `--service-cluster-ip-range` *value* | Kubernetes Cluster IP Range for Services (Default: 10.96.0.0/16) (default: "10.96.0.0/16") |
| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) |
| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) |
| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] |
| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) |