docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CLI

This commit is contained in:
Paige Hargrave 2019-05-23 12:28:16 -04:00
parent da18e3600e
commit bdb6a7785f
13 changed files with 524 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
reference/ucp/3.2/cli/backup.md Normal file
View File

@ -0,0 +1,46 @@
---
title: docker/ucp backup
description: Create a backup of a UCP manager node
keywords: ucp, cli, backup
---
Create a backup of a UCP manager node
## Usage
```bash
docker container run --log-driver none --rm -i \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
backup [command options] > backup.tar
```
## Description
This command creates a tar file with the contents of the volumes used by
this UCP manager node, and prints it. You can then use the `restore` command to
restore the data from an existing backup.
To create backups of a multi-node cluster, you only need to back up a single
manager node. The restore operation will reconstitute a new UCP installation
from the backup of any previous manager.
Note:
* During the backup, UCP is temporarily stopped. This does not affect your
applications.
* The backup contains private keys and other sensitive information. Use the
`--passphrase` flag to encrypt the backup with PGP-compatible encryption.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|
|`--interactive, i`|Run in interactive mode and prompt for configuration values|
|`--id`|The ID of the UCP instance to back up|
|`--passphrase`|Encrypt the tar file with a passphrase|

35
reference/ucp/3.2/cli/dump-certs.md Normal file
View File

@ -0,0 +1,35 @@
---
title: docker/ucp dump-certs
description: Print the public certificates used by this UCP web server
keywords: ucp, cli, dump-certs
---
Print the public certificates used by this UCP web server
## Usage
```
docker container run --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
dump-certs [command options]
```
## Description
This command outputs the public certificates for the UCP web server running on
this node. By default it prints the contents of the ca.pem and cert.pem files.
When integrating UCP and DTR, use this command with the `--cluster --ca` flags
to configure DTR.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|
|`--ca`|Only print the contents of the ca.pem file|
|`--cluster`|Print the internal UCP swarm root CA and cert instead of the public server cert|

17
reference/ucp/3.2/cli/example-config.md Normal file
View File

@ -0,0 +1,17 @@
---
title: docker/ucp example-config
description: Display an example configuration file for UCP
keywords: ucp, cli, config, configuration
---
Display an example configuration file for UCP
## Usage
```
docker container run --rm -i \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
example-config
```

25
reference/ucp/3.2/cli/id.md Normal file
View File

@ -0,0 +1,25 @@
---
title: docker/ucp id
description: Print the ID of UCP running on this node
keywords: ucp, cli, id
---
Print the ID of UCP running on this node
## Usage
```
docker container run --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
id
```
## Description
This command prints the ID of the UCP components running on this node. This ID
matches what you see when running the `docker info` command while using
a client bundle.
This ID is used by other commands as confirmation.

34
reference/ucp/3.2/cli/images.md Normal file
View File

@ -0,0 +1,34 @@
---
title: docker/ucp images
description: Verify the UCP images on this node
keywords: ucp, cli, images
---
Verify the UCP images on this node
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
images [command options]
```
## Description
This command checks the UCP images that are available in this node, and pulls
the ones that are missing.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|
|`--pull`|Pull UCP images: `always`, when `missing`, or `never`|
|`--registry-username`|Username to use when pulling images|
|`--registry-password`|Password to use when pulling images|
|`--list`|List all images used by UCP but don't pull them|

45
reference/ucp/3.2/cli/index.md Normal file
View File

@ -0,0 +1,45 @@
---
title: docker/ucp overview
description: Learn about the commands available in the docker/ucp image.
keywords: ucp, cli, ucp
---
This image has commands to install and manage
Docker Universal Control Plane (UCP) on a Docker Engine.
You can configure the commands using flags or environment variables. When using
environment variables, use the `docker container run -e VARIABLE_NAME` syntax to pass the
value from your shell, or `docker container run -e VARIABLE_NAME=value` to specify the
value explicitly on the command line.
The container running this image needs to be named `ucp` and bind-mount the
Docker daemon socket. Below you can find an example of how to run this image.
Additional help is available for each command with the `--help` flag.
## Usage
```bash
docker container run -it --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
command [command arguments]
```
## Commands
| Option | Description |
|:-----------------|:----------------------------------------------------------|
| `install` | Install UCP on this node |
| `restart` | Start or restart UCP components running on this node |
| `stop` | Stop UCP components running on this node |
| `upgrade` | Upgrade the UCP cluster |
| `images` | Verify the UCP images on this node |
| `uninstall-ucp` | Uninstall UCP from this swarm |
| `dump-certs` | Print the public certificates used by this UCP web server |
| `support` | Create a support dump for this UCP node |
| `id` | Print the ID of UCP running on this node |
| `backup` | Create a backup of a UCP manager node |
| `restore` | Restore a UCP cluster from a backup |
| `example-config` | Display an example configuration file for UCP |

86
reference/ucp/3.2/cli/install.md Normal file
View File

@ -0,0 +1,86 @@
---
title: docker/ucp install
description: Install UCP on a node
keywords: ucp, cli, install
---
Install UCP on a node
## Usage
```bash
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
install [command options]
```
## Description
This command initializes a new swarm, turns anode into a manager, and installs
Docker Universal Control Plane (UCP).
When installing UCP you can customize:
* The UCP web server certificates. Create a volume named `ucp-controller-server-certs` and copy the `ca.pem`, `cert.pem`, and `key.pem` files to the root directory. Then run the install command with the `--external-server-cert` flag.
* The license used by UCP, which you can accomplish by bind-mounting the file at `/config/docker_subscription.lic` in the tool. For example, `-v /path/to/my/config/docker_subscription.lic:/config/docker_subscription.lic` or by specifying the `--license $(cat license.lic)` option.
If you're joining more nodes to this swarm, open the following ports in your
firewall:
* 443 or the `--controller-port`
* 2376 or the `--swarm-port`
* 12376, 12379, 12380, 12381, 12382, 12383, 12384, 12385, 12386, 12387
* 4789 (udp) and 7946 (tcp/udp) for overlay networking
If you have SELinux policies enabled for your Docker install, you will need to
use `docker container run --rm -it --security-opt label=disable ...` when running this
command.
If you are installing on Azure, see [Install UCP on Azure](/ee/ucp/admin/install/install-on-azure/).
## Options
| Option | Description |
|:-------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `--admin-password` | The UCP administrator password. Must be at least 8 characters. |
| `--admin-username` | The UCP administrator username |
| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility |
| `--cloud-provider` | The cloud provider for the cluster
| `--cni-installer-url` | Deprecated feature. A URL pointing to a Kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin is not installed. If the URL uses the HTTPS scheme, no certificate verification is performed. |
| `--controller-port` | Port for the web UI and API
| `--data-path-addr` | Address or interface to use for data path traffic. Format: IP address or network interface name
| `--debug, D` | Enable debug mode |
| `--disable-tracking` | Disable anonymous tracking and analytics |
| `--disable-usage` | Disable anonymous usage reporting |
| `--dns` | Set custom DNS servers for the UCP containers |
| `--dns-opt` | Set DNS options for the UCP containers |
| `--dns-search` | Set custom DNS search domains for the UCP containers |
| `--enable-profiling` | Enable performance profiling |
| `--existing-config` | Use the latest existing UCP config during this installation. The install fails if a config is not found. |
| `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation |
| `--external-service-lb` | Set the external service load balancer reported in the UI |
| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports |
| `--force-minimums` | Force the install/upgrade even if the system doesn't meet the minimum requirements. |
| `--host-address` | The network address to advertise to other nodes. Format: IP address or network interface name |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--kube-apiserver-port` | Port for the Kubernetes API server (default: 6443) |
| `--kv-snapshot-count` | Number of changes between key-value store snapshots |
| `--kv-timeout` | Timeout in milliseconds for the key-value store |
| `--license` | Add a license: e.g.` --license "$(cat license.lic)" ` |
| `--pod-cidr` | Kubernetes cluster IP pool for the pods to allocated IPs from (Default: `192.168.0.0/16`) |
|`--service-cluster-ip-range`| Sets the subnet pool from which the IP for Services should be allocated (Default is `10.96.0.0/16`). |
| `--preserve-certs` | Don't generate certificates if they already exist |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--san` | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
| `--skip-cloud-provider` | Disables checks that rely on detecting the cloud provider (if any) on which the cluster is currently running. |
| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility |
| `--swarm-port` | Port for the Docker Swarm manager. Used for backwards compatibility |
| `--swarm-grpc-port` | Port for communication between nodes |
| `--unlock-key` | The unlock key for this swarm-mode cluster, if one exists. |
| `--unmanaged-cni` |The default value of `false` indicates that Kubernetes networking is managed by UCP with its default managed CNI plugin, Calico. When set to `true`, UCP does not deploy or manage the lifecycle of the default CNI plugin - the CNI plugin is deployed and managed independently of UCP. Note that when `unmanaged-cni=true`, networking in the cluster will not function for Kubernetes until a CNI plugin is deployed. |

24
reference/ucp/3.2/cli/restart.md Normal file
View File

@ -0,0 +1,24 @@
---
title: docker/ucp restart
description: Start or restart UCP components running on this node
keywords: ucp, cli, restart
---
Start or restart UCP components running on this node
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
restart [command options]
```
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|

70
reference/ucp/3.2/cli/restore.md Normal file
View File

@ -0,0 +1,70 @@
---
title: docker/ucp restore
description: Restore a UCP cluster from a backup
keywords: ucp, cli, restore
---
Restore a UCP cluster from a backup
## Usage
```
docker container run --rm -i \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
restore [command options] < backup.tar
```
## Description
This command installs a new UCP cluster that is populated with the state of
a previous UCP manager node using a tar file generated by the `backup` command.
All UCP settings, users, teams and permissions will be restored from the backup
file. The Restore operation does not alter or recover any containers, networks,
volumes or services of an underlying cluster.
The restore command can be performed on any manager node of an existing
cluster. If the current node does not belong in a cluster, one will be
initialized using the value of the `--host-address` flag. When restoring on an
existing swarm-mode cluster, no previous UCP components must be running on any
node of the cluster. This cleanup can be performed with the `uninstall-ucp`
command.
If restore is performed on a different cluster than the one
where the backup file was taken on, the Cluster Root CA of the old UCP
installation will not be restored. This will invalidate any
previously issued Admin Client Bundles and all administrator will be required
to download new client bundles after the operation is completed.
Any existing Client Bundles for non-admin users will still be fully
operational.
By default the backup tar file is read from stdin. You can also bind-mount the
backup file under /config/backup.tar, and run the restore command with the
`--interactive` flag.
Notes:
* Run `uninstall-ucp` before attempting the restore operation on an
existing UCP cluster.
* If your swarm-mode cluster has lost quorum and the original set of managers
are not recoverable, you can attempt to recover a single-manager cluster
with `docker swarm init --force-new-cluster`.
* You can restore from a backup that was taken on a different manager node or
a different cluster altogether.
## Options
| Option | Description |
|:-------------------|:----------------------------------------------------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--passphrase` | Decrypt the backup tar file with the provided passphrase |
| `--san` | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
| `--host-address` | The network address to advertise to other nodes. Format: IP address or network interface name |
| `--data-path-addr` | Address or interface to use for data path traffic |
| `--unlock-key` | The unlock key for this swarm-mode cluster, if one exists. |

24
reference/ucp/3.2/cli/stop.md Normal file
View File

@ -0,0 +1,24 @@
---
title: docker/ucp stop
description: Stop UCP components running on this node
keywords: ucp, cli, stop
---
Stop UCP components running on this node
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
stop [command options]
```
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--debug, D`|Enable debug mode|
|`--jsonlog`|Produce json formatted output for easier parsing|

29
reference/ucp/3.2/cli/support.md Normal file
View File

@ -0,0 +1,29 @@
---
title: docker/ucp support
description: Create a support dump for UCP nodes
keywords: ucp, cli, support, support dump, troubleshooting
---
Create a support dump for specified UCP nodes
## Usage
```
docker container run --rm \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
support [command options] > docker-support.tgz
```
## Description
This command creates a support dump file for the specified node(s), and prints it to stdout.
## Options
| Option | Description |
|:--------------------------|:---------------------------|
|`--loglines`|Specify number of lines to grab from `journalctl`. The default is 10,000 lines.|
|`--servicedriller`|Run the swarm service driller (ssd) tool. For more information on this tool, see [Docker Swarm Service Driller (ssd)](https://github.com/docker/libnetwork/tree/master/cmd/ssd) Not run by default.|
|`--nodes`|Select specific nodes on which to produce a support dump. Comma-separated node IDs are allowed. The default selects all nodes.|

42
reference/ucp/3.2/cli/uninstall-ucp.md Normal file
View File

@ -0,0 +1,42 @@
---
title: docker/ucp uninstall-ucp
description: Uninstall UCP from this swarm
keywords: ucp, cli, uninstall-ucp
---
Uninstall UCP from this swarm
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
uninstall-ucp [command options]
```
## Description
This command uninstalls UCP from the swarm, but preserves the swarm so that
your applications can continue running.
After UCP is uninstalled you can use the `docker swarm leave` and
`docker node rm` commands to remove nodes from the swarm.
Once UCP is uninstalled, you won't be able to join nodes to the swarm unless
UCP is installed again.
## Options
| Option | Description |
| :-------------------- | :---------------------------------------------------------- |
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--id` | The ID of the UCP instance to uninstall |
| `--purge-config` | Remove UCP configs during uninstallation |

47
reference/ucp/3.2/cli/upgrade.md Normal file
View File

@ -0,0 +1,47 @@
---
title: docker/ucp upgrade
description: Upgrade the UCP components on this node
keywords: ucp, cli, upgrade
---
Upgrade the UCP cluster
## Usage
```
docker container run --rm -it \
--name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp \
upgrade [command options]
```
## Description
This command upgrades the UCP running on this cluster.
Before performing an upgrade, you should perform a backup by using the
[backup](backup.md) command.
After upgrading UCP, go to the UCP web interface and confirm each node is
healthy and that all nodes have been upgraded successfully.
## Options
| Option | Description |
|:----------------------|:------------------------------------------------------------------------------------------------------|
| `--debug, D` | Enable debug mode |
| `--jsonlog` | Produce json formatted output for easier parsing |
| `--interactive, i` | Run in interactive mode and prompt for configuration values |
| `--admin-username` | The UCP administrator username |
| `--admin-password` | The UCP administrator password |
| `--pull` | Pull UCP images: `always`, when `missing`, or `never` |
| `--registry-username` | Username to use when pulling images |
| `--registry-password` | Password to use when pulling images |
| `--id` | The ID of the UCP instance to upgrade |
| `--host-address` | Override the previously configured host address with this IP or network interface |
| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements |
| `--pod-cidr` | Kubernetes cluster IP pool for the pods to allocated IP. The default IP pool is `192.168.0.0/16`. |
| `--nodeport-range` | Allowed port range for Kubernetes services of type `NodePort`. The default port range is `32768-35535`. |
| `--cloud-provider` | The cloud provider for the cluster |