From 6c54043f661ac2f3ac2a78d8b06755af3eb0053f Mon Sep 17 00:00:00 2001 From: Mehmood Deshmukh Date: Sun, 24 Jun 2018 16:19:54 +0530 Subject: [PATCH 01/18] Fix docs for restart policies Clears the confusion between the policies `always` and `unless-stopped`. --- config/containers/start-containers-automatically.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/containers/start-containers-automatically.md b/config/containers/start-containers-automatically.md index a695072aeb..3efaabf6f6 100644 --- a/config/containers/start-containers-automatically.md +++ b/config/containers/start-containers-automatically.md @@ -28,8 +28,8 @@ any of the following: |:-----------------|:------------------------------------------------------------------------------------------------| | `no` | Do not automatically restart the container. (the default) | | `on-failure` | Restart the container if it exits due to an error, which manifests as a non-zero exit code. | -| `unless-stopped` | Restart the container unless it is explicitly stopped or Docker itself is stopped or restarted. | -| `always` | Always restart the container if it stops. | +| `always` | Always restart the container if it stops. If it is manually stopped, it will restart only when Docker daemon restarts or the container itself is manually restarted. (see the second bullet under [restart policy details](#restart-policy-details)) | +| `unless-stopped` | Similar to `always`, except that when it is manually stopped, it remains stopped even after Docker daemon restarts. | The following example starts a Redis container and configures it to always restart unless it is explicitly stopped or Docker is restarted. From cd21fc334e4e2ca6a26df7c6911762658c7464d1 Mon Sep 17 00:00:00 2001 From: Mehmood Deshmukh Date: Sun, 24 Jun 2018 16:22:18 +0530 Subject: [PATCH 02/18] Changes in the sentence structures --- config/containers/start-containers-automatically.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/containers/start-containers-automatically.md b/config/containers/start-containers-automatically.md index 3efaabf6f6..40a90856e6 100644 --- a/config/containers/start-containers-automatically.md +++ b/config/containers/start-containers-automatically.md @@ -28,8 +28,8 @@ any of the following: |:-----------------|:------------------------------------------------------------------------------------------------| | `no` | Do not automatically restart the container. (the default) | | `on-failure` | Restart the container if it exits due to an error, which manifests as a non-zero exit code. | -| `always` | Always restart the container if it stops. If it is manually stopped, it will restart only when Docker daemon restarts or the container itself is manually restarted. (see the second bullet under [restart policy details](#restart-policy-details)) | -| `unless-stopped` | Similar to `always`, except that when it is manually stopped, it remains stopped even after Docker daemon restarts. | +| `always` | Always restart the container if it stops. If it is manually stopped, it will be restarted only when Docker daemon restarts or the container itself is manually restarted. (see the second bullet under [restart policy details](#restart-policy-details)) | +| `unless-stopped` | Similar to `always`, except that when the container is manually stopped, it is not restarted even after Docker daemon restarts. | The following example starts a Redis container and configures it to always restart unless it is explicitly stopped or Docker is restarted. From 456b878b32ce7c49c9693828dde7a636a1d9f97f Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Sat, 19 Jan 2019 07:38:04 -0500 Subject: [PATCH 03/18] Update start-containers-automatically.md --- config/containers/start-containers-automatically.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/containers/start-containers-automatically.md b/config/containers/start-containers-automatically.md index 40a90856e6..4c24788bc1 100644 --- a/config/containers/start-containers-automatically.md +++ b/config/containers/start-containers-automatically.md @@ -28,8 +28,8 @@ any of the following: |:-----------------|:------------------------------------------------------------------------------------------------| | `no` | Do not automatically restart the container. (the default) | | `on-failure` | Restart the container if it exits due to an error, which manifests as a non-zero exit code. | -| `always` | Always restart the container if it stops. If it is manually stopped, it will be restarted only when Docker daemon restarts or the container itself is manually restarted. (see the second bullet under [restart policy details](#restart-policy-details)) | -| `unless-stopped` | Similar to `always`, except that when the container is manually stopped, it is not restarted even after Docker daemon restarts. | +| `always` | Always restart the container if it stops. If it is manually stopped, it is restarted only when Docker daemon restarts or the container itself is manually restarted. (See the second bullet listed in [restart policy details](#restart-policy-details)) | +| `unless-stopped` | Similar to `always`, except that when the container is stopped (manually or otherwise), it is not restarted even after Docker daemon restarts. | The following example starts a Redis container and configures it to always restart unless it is explicitly stopped or Docker is restarted. From bec34a4a6e1121146c54133aeee3195c780d8da7 Mon Sep 17 00:00:00 2001 From: Ryuji Coffee <37785939+ryujisnote@users.noreply.github.com> Date: Fri, 8 Feb 2019 17:10:47 +0900 Subject: [PATCH 04/18] Update systemd.md NO_PROXY does not support CIDR notation. #8191 --- config/daemon/systemd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/daemon/systemd.md b/config/daemon/systemd.md index 57d7863603..1c18eeae3e 100644 --- a/config/daemon/systemd.md +++ b/config/daemon/systemd.md @@ -101,7 +101,7 @@ you need to add this configuration in the Docker systemd service file. The `NO_PROXY` variable specifies a string that contains comma-separated values for hosts that should be excluded from proxying. These are the options you can specify to exclude hosts: - * IP address prefix (`1.2.3.4`) or in CIDR notation (`1.2.3.4/8`) + * IP address prefix (`1.2.3.4`) * Domain name, or a special DNS label (`*`) * A domain name matches that name and all subdomains. A domain name with a leading "." matches subdomains only. For example, given the domains From 4f5f6a4b3965c492d51245a334700fea3fb9e155 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 9 Feb 2019 00:27:16 +0100 Subject: [PATCH 05/18] Fix markdown issues Signed-off-by: Sebastiaan van Stijn --- engine/release-notes.md | 2 +- install/linux/docker-ce/ubuntu.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/engine/release-notes.md b/engine/release-notes.md index 399665134d..ec034a9422 100644 --- a/engine/release-notes.md +++ b/engine/release-notes.md @@ -260,7 +260,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d 2018-10-25 - > *** NOTE: *** If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. + > ***NOTE:*** If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. #### Client diff --git a/install/linux/docker-ce/ubuntu.md b/install/linux/docker-ce/ubuntu.md index 9e99ff9945..d6e31ca74a 100644 --- a/install/linux/docker-ce/ubuntu.md +++ b/install/linux/docker-ce/ubuntu.md @@ -56,7 +56,7 @@ networks, are preserved. The Docker CE package is now called `docker-ce`. ### Supported storage drivers Docker CE on Ubuntu supports `overlay2`, `aufs` and `btrfs` storage drivers. -> *** Note: *** In Docker Engine - Enterprise, `btrfs` is only supported on SLES. See the documentation on +> ***Note:*** In Docker Engine - Enterprise, `btrfs` is only supported on SLES. See the documentation on > [btrfs](/engine/userguide/storagedriver/btrfs-driver.md) for more details. For new installations on version 4 and higher of the Linux kernel, `overlay2` From 03d5b3396d3afd2881ba7b1c14e63cfda75a0b95 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 9 Feb 2019 00:49:57 +0100 Subject: [PATCH 06/18] Use consistent formatting for notes Signed-off-by: Sebastiaan van Stijn --- _includes/ee-linux-install-reuse.md | 2 +- compose/compose-file/compose-file-v2.md | 8 ++-- compose/compose-file/index.md | 12 +++--- compose/install.md | 2 +- datacenter/dtr/2.3/reference/cli/install.md | 4 +- datacenter/dtr/2.4/reference/cli/install.md | 4 +- datacenter/ucp/1.1/release_notes.md | 38 +++++++++---------- .../use-domain-names-to-access-services.md | 3 +- .../ucp/3.0/guides/admin/install/upgrade.md | 2 +- .../use-domain-names-to-access-services.md | 3 +- docker-for-mac/index.md | 6 +-- docker-hub/builds/index.md | 6 +-- docker-hub/orgs.md | 4 +- docker-hub/publish/certify-images.md | 6 +-- docker-hub/publish/certify-plugins-logging.md | 5 +-- .../configure/deploy-caches/simple-kube.md | 2 +- ee/dtr/admin/configure/use-a-web-proxy.md | 3 +- ee/ucp/admin/configure/external-auth/index.md | 2 +- ee/ucp/admin/install/plan-installation.md | 2 +- ee/ucp/admin/install/upgrade.md | 2 +- ee/ucp/authorization/ee-standard.md | 4 +- ee/ucp/interlock/usage/sessions.md | 6 +-- ee/ucp/interlock/usage/tls.md | 2 +- ee/ucp/interlock/usage/websockets.md | 4 +- ee/ucp/kubernetes/install-cni-plugin.md | 9 +++-- ee/upgrade.md | 2 +- engine/ce-ee-node-activate.md | 10 ++--- engine/release-notes.md | 8 ++-- engine/security/https.md | 2 +- engine/security/https/README.md | 2 +- engine/swarm/join-nodes.md | 2 +- engine/swarm/networking.md | 2 +- install/linux/docker-ce/ubuntu.md | 2 +- install/linux/docker-ee/rhel.md | 2 +- install/linux/docker-ee/suse.md | 2 +- install/linux/docker-ee/ubuntu.md | 2 +- install/windows/docker-ee.md | 4 +- machine/drivers/azure.md | 2 +- reference/dtr/2.6/cli/install.md | 4 +- registry/recipes/nginx.md | 2 +- release-notes/docker-compose.md | 2 +- storage/storagedriver/zfs-driver.md | 2 +- 42 files changed, 101 insertions(+), 92 deletions(-) diff --git a/_includes/ee-linux-install-reuse.md b/_includes/ee-linux-install-reuse.md index bbd1cfa6b5..62e845c7a2 100644 --- a/_includes/ee-linux-install-reuse.md +++ b/_includes/ee-linux-install-reuse.md @@ -137,7 +137,7 @@ You only need to set up the repository once, after which you can install Docker {% elsif section == "install-using-yum-repo" %} -> ***NOTE:*** If you need to run Docker EE 2.0, please see the following instructions: +> **Note**: If you need to run Docker EE 2.0, please see the following instructions: > * [18.03](https://docs.docker.com/v18.03/ee/supported-platforms/) - Older Docker EE Engine only release > * [17.06](https://docs.docker.com/v17.06/engine/installation/) - Docker Enterprise Edition 2.0 (Docker Engine, > UCP, and DTR). diff --git a/compose/compose-file/compose-file-v2.md b/compose/compose-file/compose-file-v2.md index cf59a2a446..5a527360db 100644 --- a/compose/compose-file/compose-file-v2.md +++ b/compose/compose-file/compose-file-v2.md @@ -990,7 +990,7 @@ as it has the highest priority. It then connects to `app_net_3`, then app_net_2: app_net_3: -> **Note:** If multiple networks have the same priority, the connection order +> **Note**: If multiple networks have the same priority, the connection order > is undefined. ### pid @@ -1235,7 +1235,7 @@ volumes: mydata: ``` -> **Note:** When creating bind mounts, using the long syntax requires the +> **Note**: When creating bind mounts, using the long syntax requires the > referenced folder to be created beforehand. Using the short syntax > creates the folder on the fly if it doesn't exist. > See the [bind mounts documentation](/engine/admin/volumes/bind-mounts.md/#differences-between--v-and---mount-behavior) @@ -1248,7 +1248,7 @@ service. volume_driver: mydriver -> **Note:** In [version 2 files](compose-versioning.md#version-2), this +> **Note**: In [version 2 files](compose-versioning.md#version-2), this > option only applies to anonymous volumes (those specified in the image, > or specified under `volumes` without an explicit named volume or host path). > To configure the driver for a named volume, use the `driver` key under the @@ -1298,7 +1298,7 @@ then read-write is used. Each of these is a single value, analogous to its [docker run](/engine/reference/run.md) counterpart. -> **Note:** The following options were added in [version 2.2](compose-versioning.md#version-22): +> **Note**: The following options were added in [version 2.2](compose-versioning.md#version-22): > `cpu_count`, `cpu_percent`, `cpus`. > The following options were added in [version 2.1](compose-versioning.md#version-21): > `oom_kill_disable`, `cpu_period` diff --git a/compose/compose-file/index.md b/compose/compose-file/index.md index 76d4ec4dc7..9a1595bb7b 100644 --- a/compose/compose-file/index.md +++ b/compose/compose-file/index.md @@ -279,7 +279,7 @@ at build time is the value in the environment where Compose is running. #### cache_from -> **Note:** This option is new in v3.2 +> **Note**: This option is new in v3.2 A list of images that the engine uses for cache resolution. @@ -291,7 +291,7 @@ A list of images that the engine uses for cache resolution. #### labels -> **Note:** This option is new in v3.3 +> **Note**: This option is new in v3.3 Add metadata to the resulting image using [Docker labels](/engine/userguide/labels-custom-metadata.md). You can use either an array or a dictionary. @@ -490,7 +490,7 @@ an error. ### credential_spec -> **Note:** this option was added in v3.3. +> **Note**: this option was added in v3.3. Configure the credential spec for managed service account. This option is only used for services using Windows containers. The `credential_spec` must be in the @@ -1431,7 +1431,7 @@ containers in the bare-metal machine's namespace and vice versa. Expose ports. -> **Note:** Port mapping is incompatible with `network_mode: host` +> **Note**: Port mapping is incompatible with `network_mode: host` #### Short syntax @@ -1473,7 +1473,7 @@ ports: ``` -> **Note:** The long syntax is new in v3.2 +> **Note**: The long syntax is new in v3.2 ### restart @@ -1810,7 +1810,7 @@ volumes: mydata: ``` -> **Note:** The long syntax is new in v3.2 +> **Note**: The long syntax is new in v3.2 #### Volumes for services, swarms, and stack files diff --git a/compose/install.md b/compose/install.md index 25125a1340..4b190c3d6f 100644 --- a/compose/install.md +++ b/compose/install.md @@ -129,7 +129,7 @@ by step instructions are also included below. sudo chmod +x /usr/local/bin/docker-compose ``` -> ***Note:*** If the command `docker-compose` fails after installation, check your path. +> **Note**: If the command `docker-compose` fails after installation, check your path. > You can also create a symbolic link to `/usr/bin` or any other directory in your path. For example: diff --git a/datacenter/dtr/2.3/reference/cli/install.md b/datacenter/dtr/2.3/reference/cli/install.md index af70dd5652..9ab28e346b 100644 --- a/datacenter/dtr/2.3/reference/cli/install.md +++ b/datacenter/dtr/2.3/reference/cli/install.md @@ -24,11 +24,13 @@ command. Example usage: +```bash $ docker run -it --rm dtr-internal.caas.docker.io/caas/dtr:2.4.0-alpha-008434_ge02413a install \ --ucp-node \ --ucp-insecure-tls +``` -Note: Use --ucp-ca "$(cat ca.pem)" instead of --ucp-insecure-tls for a production deployment. +> **Note**: Use `--ucp-ca "$(cat ca.pem)"` instead of `--ucp-insecure-tls` for a production deployment. ## Options diff --git a/datacenter/dtr/2.4/reference/cli/install.md b/datacenter/dtr/2.4/reference/cli/install.md index 8769054686..34590c63a5 100644 --- a/datacenter/dtr/2.4/reference/cli/install.md +++ b/datacenter/dtr/2.4/reference/cli/install.md @@ -24,11 +24,13 @@ command. Example usage: +```bash $ docker run -it --rm docker/dtr:2.4.1 install \ --ucp-node \ --ucp-insecure-tls +``` -Note: Use --ucp-ca "$(cat ca.pem)" instead of --ucp-insecure-tls for a production deployment. +> **Note**: Use `--ucp-ca "$(cat ca.pem)"` instead of `--ucp-insecure-tls` for a production deployment. ## Options diff --git a/datacenter/ucp/1.1/release_notes.md b/datacenter/ucp/1.1/release_notes.md index 1586de609e..1cc0707fb3 100644 --- a/datacenter/ucp/1.1/release_notes.md +++ b/datacenter/ucp/1.1/release_notes.md @@ -14,10 +14,10 @@ upgrade your installation to the latest release. (18 Jan 2017) -Note: UCP 1.1.6 supports Docker Engine 1.12 but does not use the built-in -orchestration capabilities provided by the Docker Engine with swarm mode enabled. -When installing this UCP version on a Docker Engine 1.12 host, UCP creates a -cluster using the older Docker Swarm v1.2. +> **Note**: UCP 1.1.6 supports Docker Engine 1.12 but does not use the built-in +> orchestration capabilities provided by the Docker Engine with swarm mode enabled. +> When installing this UCP version on a Docker Engine 1.12 host, UCP creates a +> cluster using the older Docker Swarm v1.2. **Security Update** @@ -41,10 +41,10 @@ the [permissions levels section](user-management/permission-levels.md) for more (8 Dec 2016) -Note: UCP 1.1.5 supports Docker Engine 1.12 but does not use the built-in -orchestration capabilities provided by the Docker Engine with swarm mode enabled. -When installing this UCP version on a Docker Engine 1.12 host, UCP creates a -cluster using the older Docker Swarm v1.2. +> **Note**: UCP 1.1.5 supports Docker Engine 1.12 but does not use the built-in +> orchestration capabilities provided by the Docker Engine with swarm mode enabled. +> When installing this UCP version on a Docker Engine 1.12 host, UCP creates a +> cluster using the older Docker Swarm v1.2. **Bug fixes** @@ -61,10 +61,10 @@ the authentication process. (29 Sept 2016) -Note: UCP 1.1.4 supports Docker Engine 1.12 but does not use the built-in -orchestration capabilities provided by the Docker Engine with swarm mode enabled. -When installing this UCP version on a Docker Engine 1.12 host, UCP creates a -cluster using Docker Swarm v1.2.5. +> **Note**: UCP 1.1.4 supports Docker Engine 1.12 but does not use the built-in +> orchestration capabilities provided by the Docker Engine with swarm mode enabled. +> When installing this UCP version on a Docker Engine 1.12 host, UCP creates a +> cluster using Docker Swarm v1.2.5. **Bug fixes** @@ -76,10 +76,10 @@ organization accounts ## Version 1.1.3 -Note: UCP 1.1.3 supports Docker Engine 1.12 but does not use the built-in -orchestration capabilities provided by the Docker Engine with swarm mode enabled. -When installing this UCP version on a Docker Engine 1.12 host, UCP creates a -cluster using Docker Swarm v1.2.5. +> **Note**: UCP 1.1.3 supports Docker Engine 1.12 but does not use the built-in +> orchestration capabilities provided by the Docker Engine with swarm mode enabled. +> When installing this UCP version on a Docker Engine 1.12 host, UCP creates a +> cluster using Docker Swarm v1.2.5. **Security Update** @@ -125,9 +125,9 @@ enabled, and is not compatible with swarm-mode based APIs, e.g. `docker service` ## Version 1.1.2 -Note: UCP 1.1.2 supports Docker Engine 1.12 but doesn't use the new clustering -capabilities provided by the Docker swarm mode. When installing this UCP version -on a Docker Engine 1.12, UCP creates a "classic" Docker Swarm 1.2.3 cluster. +> **Note**: UCP 1.1.2 supports Docker Engine 1.12 but doesn't use the new clustering +> capabilities provided by the Docker swarm mode. When installing this UCP version +> on a Docker Engine 1.12, UCP creates a "classic" Docker Swarm 1.2.3 cluster. **Features** diff --git a/datacenter/ucp/2.2/guides/user/services/use-domain-names-to-access-services.md b/datacenter/ucp/2.2/guides/user/services/use-domain-names-to-access-services.md index 20bc8c6d6c..81a13d9361 100644 --- a/datacenter/ucp/2.2/guides/user/services/use-domain-names-to-access-services.md +++ b/datacenter/ucp/2.2/guides/user/services/use-domain-names-to-access-services.md @@ -194,7 +194,8 @@ apply two labels to your service: com.docker.ucp.mesh.http.1=external_route=http://example.org,redirect=https://example.org com.docker.ucp.mesh.http.2=external_route=sni://example.org ``` -Note: It is not possible to redirect HTTPS to HTTP. + +> **Note**: It is not possible to redirect HTTPS to HTTP. ### X-Forwarded-For header diff --git a/datacenter/ucp/3.0/guides/admin/install/upgrade.md b/datacenter/ucp/3.0/guides/admin/install/upgrade.md index 243c401039..47a6b2271d 100644 --- a/datacenter/ucp/3.0/guides/admin/install/upgrade.md +++ b/datacenter/ucp/3.0/guides/admin/install/upgrade.md @@ -22,7 +22,7 @@ impact to your users. Don't make changes to UCP configurations while you're upgrading. This can lead to misconfigurations that are difficult to troubleshoot. -> Note: If you are upgrading a cluster to UCP 3.0.2 or higher on Microsoft +> **Note**: If you are upgrading a cluster to UCP 3.0.2 or higher on Microsoft > Azure then please ensure all of the Azure [prerequisities](install-on-azure.md/#azure-prerequisites) > are met. diff --git a/datacenter/ucp/3.0/guides/user/services/use-domain-names-to-access-services.md b/datacenter/ucp/3.0/guides/user/services/use-domain-names-to-access-services.md index 4f70c76168..f7be26d1dc 100644 --- a/datacenter/ucp/3.0/guides/user/services/use-domain-names-to-access-services.md +++ b/datacenter/ucp/3.0/guides/user/services/use-domain-names-to-access-services.md @@ -187,7 +187,8 @@ apply two labels to your service: com.docker.ucp.mesh.http.1=external_route=http://example.org,redirect=https://example.org com.docker.ucp.mesh.http.2=external_route=sni://example.org ``` -Note: It is not possible to redirect HTTPS to HTTP. + +> **Note**: It is not possible to redirect HTTPS to HTTP. ### X-Forwarded-For header diff --git a/docker-for-mac/index.md b/docker-for-mac/index.md index 7d4dcde633..3032e0ce5a 100644 --- a/docker-for-mac/index.md +++ b/docker-for-mac/index.md @@ -412,9 +412,9 @@ $ security add-trusted-cert -d -r trustRoot -k ~/Library/Keychains/login.keychai See also, [Directory structures for certificates](#directory-structures-for-certificates). -> **Note:** You need to restart Docker Desktop for Mac after making any changes to the -keychain or to the `~/.docker/certs.d` directory in order for the changes to -take effect. +> **Note**: You need to restart Docker Desktop for Mac after making any changes to the +> keychain or to the `~/.docker/certs.d` directory in order for the changes to +> take effect. For a complete explanation of how to do this, see the blog post [Adding Self-signed Registry Certs to Docker & Docker Desktop for diff --git a/docker-hub/builds/index.md b/docker-hub/builds/index.md index e773c20e8e..0b128ec895 100644 --- a/docker-hub/builds/index.md +++ b/docker-hub/builds/index.md @@ -129,9 +129,9 @@ For each source: * Specify the **Dockerfile location** as a path relative to the root of the source code repository. (If the Dockerfile is at the repository root, leave this path set to `/`.) -> **Note:** When Docker Hub pulls a branch from a source code repository, it performs -a shallow clone (only the tip of the specified branch). Refer to [Advanced options for Autobuild and Autotest](advanced.md) -for more information. +> **Note**: When Docker Hub pulls a branch from a source code repository, it performs +> a shallow clone (only the tip of the specified branch). Refer to [Advanced options for Autobuild and Autotest](advanced.md) +> for more information. ### Environment variables for builds diff --git a/docker-hub/orgs.md b/docker-hub/orgs.md index ca70da6e76..72ba707b37 100644 --- a/docker-hub/orgs.md +++ b/docker-hub/orgs.md @@ -13,7 +13,7 @@ Docker Hub Organizations let you create teams so you can give your team access t - **Organizations** are a collection of teams and repositories that can be managed together. - **Teams** are groups of Docker Hub users that belong to your organization. -**Note:** in Docker Hub, users cannot be associated directly to an organization. They belong only to teams within an organization. +> **Note**: in Docker Hub, users cannot be associated directly to an organization. They belong only to teams within an organization. ### Creating an organization @@ -48,7 +48,7 @@ To create a team: 2. Click on **Add User** 3. Provide the user's Docker ID username _or_ email to add them to the team ![Add User to Team](images/orgs-team-add-user.png) -**Note:** you are not automatically added to teams created by your organization. +> **Note**: you are not automatically added to teams created by your organization. ### Removing team members diff --git a/docker-hub/publish/certify-images.md b/docker-hub/publish/certify-images.md index ab96a2045a..3cc5e6dc8f 100644 --- a/docker-hub/publish/certify-images.md +++ b/docker-hub/publish/certify-images.md @@ -466,11 +466,12 @@ root:[~/] # root:[~/] # ./inspectDockerImage --json gforghetti/apache:latest | jq ``` -Note: The output was piped to the **jq** command to display it "nicely". + +> **Note**: The output was piped to the `jq` command to display it "nicely". #### Output: -``` +```json { "Date": "Mon May 21 13:23:37 2018", "SystemOperatingSystem": "Operating System: Ubuntu 16.04.4 LTS", @@ -580,7 +581,6 @@ Note: The output was piped to the **jq** command to display it "nicely". } ] } -root:[~/] # ``` diff --git a/docker-hub/publish/certify-plugins-logging.md b/docker-hub/publish/certify-plugins-logging.md index fd806ae7bd..69cb248e27 100644 --- a/docker-hub/publish/certify-plugins-logging.md +++ b/docker-hub/publish/certify-plugins-logging.md @@ -364,12 +364,11 @@ gforghetti:~/$ gforghetti:~:$ ./inspectDockerLoggingPlugin --json gforghetti/docker-log-driver-test:latest | jq ``` -> Note: The output was piped to the **jq** command to display it "nicely". +> **Note**: The output was piped to the `jq` command to display it "nicely". #### Output: - -``` +```json { "Date": "Mon May 21 14:38:28 2018", "SystemOperatingSystem": "Operating System: Ubuntu 16.04.4 LTS", diff --git a/ee/dtr/admin/configure/deploy-caches/simple-kube.md b/ee/dtr/admin/configure/deploy-caches/simple-kube.md index cd9b70d2a1..0236edb6bc 100644 --- a/ee/dtr/admin/configure/deploy-caches/simple-kube.md +++ b/ee/dtr/admin/configure/deploy-caches/simple-kube.md @@ -82,7 +82,7 @@ stored in the primary DTR. You can [customize the storage parameters](/registry/configuration/#storage), if you want the cached images to be backended by persistent storage. -> Note: Kubernetes Peristent Volumes or Persistent Volume Claims would have to be +> **Note**: Kubernetes Peristent Volumes or Persistent Volume Claims would have to be > used to provide persistent backend storage capabilities for the cache. ``` diff --git a/ee/dtr/admin/configure/use-a-web-proxy.md b/ee/dtr/admin/configure/use-a-web-proxy.md index 9ea427ec12..56f8c86a51 100644 --- a/ee/dtr/admin/configure/use-a-web-proxy.md +++ b/ee/dtr/admin/configure/use-a-web-proxy.md @@ -38,7 +38,8 @@ docker run -it --rm \ --https-proxy username:password@: \ --ucp-insecure-tls ``` -NOTE: DTR will hide the password portion of the URL, when it is displayed in the DTR UI. + +> **Note**: DTR will hide the password portion of the URL, when it is displayed in the DTR UI. ## Where to go next diff --git a/ee/ucp/admin/configure/external-auth/index.md b/ee/ucp/admin/configure/external-auth/index.md index a98deb7ea2..fd6f2e852e 100644 --- a/ee/ucp/admin/configure/external-auth/index.md +++ b/ee/ucp/admin/configure/external-auth/index.md @@ -141,7 +141,7 @@ Click **Yes** to enable integrating UCP users and teams with LDAP servers. | No simple pagination | If your LDAP server doesn't support pagination. | | Just-In-Time User Provisioning | Whether to create user accounts only when users log in for the first time. The default value of `true` is recommended. If you upgraded from UCP 2.0.x, the default is `false`. | -> **Note:** LDAP connections using certificates created with TLS v1.2 do not currently advertise support for sha512WithRSAEncryption in the TLS handshake which leads to issues establishing connections with some clients. Support for advertising sha512WithRSAEncryption will be added in UCP 3.1.0. +> **Note**: LDAP connections using certificates created with TLS v1.2 do not currently advertise support for sha512WithRSAEncryption in the TLS handshake which leads to issues establishing connections with some clients. Support for advertising sha512WithRSAEncryption will be added in UCP 3.1.0. ![](../../../images/ldap-integration-1.png){: .with-border} diff --git a/ee/ucp/admin/install/plan-installation.md b/ee/ucp/admin/install/plan-installation.md index 7e19cf6341..6a3f3195d8 100644 --- a/ee/ucp/admin/install/plan-installation.md +++ b/ee/ucp/admin/install/plan-installation.md @@ -44,7 +44,7 @@ this. Swarm uses a default address pool of `10.0.0.0/16` for its overlay networks. If this conflicts with your current network implementation, please use a custom IP address pool. To specify a custom IP address pool, use the `--default-address-pool` command line option during [Swarm initialization](../../../../engine/swarm/swarm-mode.md). -**NOTE:** Currently, the UCP installation process does not support this flag. To deploy with a custom IP pool, Swarm must first be installed using this flag and UCP must be installed on top of it. +> **Note**: Currently, the UCP installation process does not support this flag. To deploy with a custom IP pool, Swarm must first be installed using this flag and UCP must be installed on top of it. Kubernetes uses a default cluster IP pool for pods that is `192.168.0.0/16`. If it conflicts with your current networks, please use a custom IP pool by specifying `--pod-cidr` during UCP installation. diff --git a/ee/ucp/admin/install/upgrade.md b/ee/ucp/admin/install/upgrade.md index 99e6360295..84a57e31e7 100644 --- a/ee/ucp/admin/install/upgrade.md +++ b/ee/ucp/admin/install/upgrade.md @@ -29,7 +29,7 @@ Learn about [UCP system requirements](system-requirements.md). Ensure that your cluster nodes meet the minimum requirements for port openings. [Ports used](system-requirements.md/#ports-used) are documented in the UCP system requirements. -> Note: If you are upgrading a cluster to UCP 3.0.2 or higher on Microsoft +> **Note**: If you are upgrading a cluster to UCP 3.0.2 or higher on Microsoft > Azure then please ensure all of the Azure [prerequisites](install-on-azure.md/#azure-prerequisites) > are met. diff --git a/ee/ucp/authorization/ee-standard.md b/ee/ucp/authorization/ee-standard.md index 8e5e9d7743..f43e08f4f3 100644 --- a/ee/ucp/authorization/ee-standard.md +++ b/ee/ucp/authorization/ee-standard.md @@ -53,7 +53,7 @@ built-in collection, `/Shared`. Other collections are also being created to enable shared `db` applications. -> **Note:** For increased security with node-based isolation, use Docker +> **Note**: For increased security with node-based isolation, use Docker > Enterprise Advanced. - `/Shared/mobile` hosts all Mobile applications and resources. @@ -107,7 +107,7 @@ collection boundaries. By assigning multiple grants per team, the Mobile and Payments applications teams can connect to dedicated Database resources through a secure and controlled interface, leveraging Database networks and secrets. -> **Note:** In Docker Enterprise Standard, all resources are deployed across the +> **Note**: In Docker Enterprise Standard, all resources are deployed across the > same group of UCP worker nodes. Node segmentation is provided in Docker > Enterprise Advanced and discussed in the [next tutorial](ee-advanced.md). diff --git a/ee/ucp/interlock/usage/sessions.md b/ee/ucp/interlock/usage/sessions.md index 93f39a72e2..46f43b65a6 100644 --- a/ee/ucp/interlock/usage/sessions.md +++ b/ee/ucp/interlock/usage/sessions.md @@ -125,7 +125,7 @@ $> curl -vs -H "Host: demo.local" http://127.0.0.1/ping You can use `docker service scale demo=10` to add some more replicas. Once scaled, you will notice that requests are pinned to a specific backend. -Note: due to the way the IP hashing works for extensions, you will notice a new upstream address when scaling replicas. This is -expected as internally the proxy uses the new set of replicas to decide on a backend on which to pin. Once the upstreams are -determined a new "sticky" backend will be chosen and that will be the dedicated upstream. +> **Note**: due to the way the IP hashing works for extensions, you will notice a new upstream address when scaling replicas. This is +> expected as internally the proxy uses the new set of replicas to decide on a backend on which to pin. Once the upstreams are +> determined a new "sticky" backend will be chosen and that will be the dedicated upstream. diff --git a/ee/ucp/interlock/usage/tls.md b/ee/ucp/interlock/usage/tls.md index 7c52129323..aedd6ecabf 100644 --- a/ee/ucp/interlock/usage/tls.md +++ b/ee/ucp/interlock/usage/tls.md @@ -143,7 +143,7 @@ using a version of `curl` that includes the SNI header with insecure requests. If this doesn't happen, `curl` displays an error saying that the SSL handshake was aborterd. -> ***NOTE:*** Currently there is no way to update expired certificates using this method. +> **Note**: Currently there is no way to update expired certificates using this method. > The proper way is to create a new secret then update the corresponding service. ## Let your service handle TLS diff --git a/ee/ucp/interlock/usage/websockets.md b/ee/ucp/interlock/usage/websockets.md index ec2b1b46b5..5aa8a8c18a 100644 --- a/ee/ucp/interlock/usage/websockets.md +++ b/ee/ucp/interlock/usage/websockets.md @@ -27,8 +27,8 @@ $> docker service create \ ehazlett/websocket-chat ``` -Note: for this to work you must have an entry for `demo.local` in your local hosts (i.e. `/etc/hosts`) file. -This uses the browser for websocket communication so you will need to have an entry or use a routable domain. +> **Note**: for this to work you must have an entry for `demo.local` in your local hosts (i.e. `/etc/hosts`) file. +> This uses the browser for websocket communication so you will need to have an entry or use a routable domain. Interlock will detect once the service is available and publish it. Once the tasks are running and the proxy service has been updated the application should be available via `http://demo.local`. Open diff --git a/ee/ucp/kubernetes/install-cni-plugin.md b/ee/ucp/kubernetes/install-cni-plugin.md index d91f19981f..ee7c856d0d 100644 --- a/ee/ucp/kubernetes/install-cni-plugin.md +++ b/ee/ucp/kubernetes/install-cni-plugin.md @@ -11,7 +11,7 @@ UCP supports certified third-party Container Networking Interface (CNI) plugins. built-in [Calico](https://github.com/projectcalico/cni-plugin) plugin, but you can override that and install a Docker certified plugin. -***NOTE:*** The `--cni-installer-url` option is deprecated as of UCP 3.1. It is replaced by the `--unmanaged-cni` option. +> **Note**: The `--cni-installer-url` option is deprecated as of UCP 3.1. It is replaced by the `--unmanaged-cni` option. # Install UCP with a custom CNI plugin @@ -27,9 +27,10 @@ docker container run --rm -it --name ucp \ --unmanaged-cni \ --interactive ``` -***NOTE:*** Setting `--unmanaged-cni` to `true` value installs UCP without a managed CNI plugin. UCP and the -Kubernetes components will be running but pod-to-pod networking will not function until a CNI plugin is manually -installed. This will impact some functionality of UCP until a CNI plugin is running. + +> **Note**: Setting `--unmanaged-cni` to `true` value installs UCP without a managed CNI plugin. UCP and the +> Kubernetes components will be running but pod-to-pod networking will not function until a CNI plugin is manually +> installed. This will impact some functionality of UCP until a CNI plugin is running. You must provide a correct YAML installation file for the CNI plugin, but most of the default files work on Docker EE with no modification. diff --git a/ee/upgrade.md b/ee/upgrade.md index 144aa818f9..19f1c4cd60 100644 --- a/ee/upgrade.md +++ b/ee/upgrade.md @@ -11,7 +11,7 @@ redirect_from: In Docker Engine - Enterprise 18.09, significant architectural improvements were made to the network architecture in Swarm to increase the performance and scale of the built-in load balancing functionality. -> ***NOTE:*** These changes introduce new constraints to the Docker Engine - Enterprise upgrade process that, +> **Note**: These changes introduce new constraints to the Docker Engine - Enterprise upgrade process that, > if not correctly followed, can have impact on the availability of applications running on the Swarm. These > constraints impact any upgrades coming from any version before 18.09 to version 18.09 or greater. diff --git a/engine/ce-ee-node-activate.md b/engine/ce-ee-node-activate.md index 40cff6f21f..367980534d 100644 --- a/engine/ce-ee-node-activate.md +++ b/engine/ce-ee-node-activate.md @@ -26,7 +26,7 @@ on your hub/store account after starting the trial or paid license. This allows upgrade operations to work as expected and keep them current as long as your license is still valid and has not expired. -> ***NOTE:*** You can use the `docker engine update` command. However, if you continue to use +> **Note**: You can use the `docker engine update` command. However, if you continue to use > the CE packages, the OS package will no longer replace the active daemon binary during apt/yum > updates, so you are responsible for performing the `docker engine update` operation periodically > to keep your engine up to date. @@ -61,10 +61,10 @@ Server: Docker Engine - Community 2. Log into the Docker engine from the command line. -**NOTE:** When running the command `docker login`, the shell stores the credentials in the current user's home -directory. RHEL and Ubuntu-based Linux distributions have different behavior for sudo. RHEL sets $HOME to point -to `/root` while Ubuntu leaves `$HOME` pointing to the user's home directory who ran `sudo` and this can cause -permission and access problems when switching between `sudo` and non-sudo'd commands. +> **Note**: When running the command `docker login`, the shell stores the credentials in the current user's home +> directory. RHEL and Ubuntu-based Linux distributions have different behavior for sudo. RHEL sets $HOME to point +> to `/root` while Ubuntu leaves `$HOME` pointing to the user's home directory who ran `sudo` and this can cause +> permission and access problems when switching between `sudo` and non-sudo'd commands. For Ubuntu or Debian: diff --git a/engine/release-notes.md b/engine/release-notes.md index ec034a9422..eccde24e59 100644 --- a/engine/release-notes.md +++ b/engine/release-notes.md @@ -16,13 +16,13 @@ Docker EE is a superset of all the features in Docker CE. It incorporates defect that you can use in environments where new features cannot be adopted as quickly for consistency and compatibility reasons. -> ***NOTE:*** +> **Note**: > New in 18.09 is an aligned release model for Docker Engine - Community and Docker > Engine - Enterprise. The new versioning scheme is YY.MM.x where x is an incrementing > patch version. The enterprise engine is a superset of the community engine. They > will ship concurrently with the same x patch version based on the same code base. -> ***NOTE:*** +> **Note**: > The client and container runtime are now in separate packages from the daemon in > Docker Engine 18.09. Users should install and update all three packages at the same time > to get the latest patch releases. For example, on Ubuntu: @@ -260,7 +260,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d 2018-10-25 - > ***NOTE:*** If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. + > **Note**: If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. #### Client @@ -312,7 +312,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d 2018-10-25 -> ***NOTE:*** If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. +> **Note**: If you're deploying UCP or DTR, use Docker EE Engine 18.09 or higher. 18.03 is an engine only release. #### Client diff --git a/engine/security/https.md b/engine/security/https.md index 18376b4a93..0e8bdd4d3d 100644 --- a/engine/security/https.md +++ b/engine/security/https.md @@ -102,7 +102,7 @@ Docker clients. For client authentication, create a client key and certificate signing request: -> **Note:** for simplicity of the next couple of steps, you may perform this +> **Note**: for simplicity of the next couple of steps, you may perform this > step on the Docker daemon's host machine as well. $ openssl genrsa -out key.pem 4096 diff --git a/engine/security/https/README.md b/engine/security/https/README.md index 41e9fe22ea..8db187c76b 100644 --- a/engine/security/https/README.md +++ b/engine/security/https/README.md @@ -16,7 +16,7 @@ My process is as following: lots of things to see and manually answer, as openssl wants to be interactive -**NOTE:** make sure you enter the hostname (`boot2docker` in my case) when prompted for `Computer Name`) +> **Note**: make sure you enter the hostname (`boot2docker` in my case) when prompted for `Computer Name`) root@boot2docker:/# sudo make run diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md index f5d8a267d1..3c9e216bfb 100644 --- a/engine/swarm/join-nodes.md +++ b/engine/swarm/join-nodes.md @@ -26,7 +26,7 @@ the `docker swarm join` command. The node only uses the token at join time. If you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token). -**NOTE:** Docker engine allows a non-FIPS node to join a FIPS-enabled swarm cluster. +> **Note**: Docker engine allows a non-FIPS node to join a FIPS-enabled swarm cluster. While a mixed FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed FIPS environment in production. diff --git a/engine/swarm/networking.md b/engine/swarm/networking.md index 615021621c..2b1e07109d 100644 --- a/engine/swarm/networking.md +++ b/engine/swarm/networking.md @@ -208,7 +208,7 @@ Multiple pools can be configured if discontiguous address space is required. How The default mask length can be configured and is the same for all networks. It is set to `/24` by default. To change the default subnet mask length, use the `--default-addr-pool-mask-length` command line option. -**NOTE:** Default address pools can only be configured on `swarm init` and cannot be altered after cluster creation. +> **Note**: Default address pools can only be configured on `swarm init` and cannot be altered after cluster creation. ##### Overlay network size limitations diff --git a/install/linux/docker-ce/ubuntu.md b/install/linux/docker-ce/ubuntu.md index d6e31ca74a..60fdaccc0f 100644 --- a/install/linux/docker-ce/ubuntu.md +++ b/install/linux/docker-ce/ubuntu.md @@ -56,7 +56,7 @@ networks, are preserved. The Docker CE package is now called `docker-ce`. ### Supported storage drivers Docker CE on Ubuntu supports `overlay2`, `aufs` and `btrfs` storage drivers. -> ***Note:*** In Docker Engine - Enterprise, `btrfs` is only supported on SLES. See the documentation on +> **Note**: In Docker Engine - Enterprise, `btrfs` is only supported on SLES. See the documentation on > [btrfs](/engine/userguide/storagedriver/btrfs-driver.md) for more details. For new installations on version 4 and higher of the Linux kernel, `overlay2` diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md index c182de5aaf..cfb50d1242 100644 --- a/install/linux/docker-ee/rhel.md +++ b/install/linux/docker-ee/rhel.md @@ -57,7 +57,7 @@ $ cat /proc/sys/crypto/fips_enabled 1 ``` -> ***NOTE:*** FIPS is only supported in the Docker Engine EE. UCP and DTR currently do not have support for FIPS-140-2. +> **Note**: FIPS is only supported in the Docker Engine EE. UCP and DTR currently do not have support for FIPS-140-2. To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following: diff --git a/install/linux/docker-ee/suse.md b/install/linux/docker-ee/suse.md index dc3ecafe5f..be83f8218f 100644 --- a/install/linux/docker-ee/suse.md +++ b/install/linux/docker-ee/suse.md @@ -164,7 +164,7 @@ Before you install Docker EE for the first time on a new host machine, you need to set up the Docker repository. Afterward, you can install and update Docker EE from the repository. -> ***NOTE:*** If you need to run Docker EE 2.0, please see the following instructions: +> **Note**: If you need to run Docker EE 2.0, please see the following instructions: > * [18.03](https://docs.docker.com/v18.03/ee/supported-platforms/) - Older Docker EE Engine only release > * [17.06](https://docs.docker.com/v17.06/engine/installation/) - Docker Enterprise Edition 2.0 (Docker Engine, > UCP, and DTR). diff --git a/install/linux/docker-ee/ubuntu.md b/install/linux/docker-ee/ubuntu.md index e46af2efd9..979220fc50 100644 --- a/install/linux/docker-ee/ubuntu.md +++ b/install/linux/docker-ee/ubuntu.md @@ -137,7 +137,7 @@ from the repository. 4. Temporarily add a `$DOCKER_EE_VERSION` variable into your environment. - > ***NOTE:*** If you need to run something other than Docker EE 2.0, please see the following instructions: + > **Note**: If you need to run something other than Docker EE 2.0, please see the following instructions: > * [18.03](https://docs.docker.com/v18.03/ee/supported-platforms/) - Older Docker EE Engine only release > * [17.06](https://docs.docker.com/v17.06/engine/installation/) - Docker Enterprise Edition 2.0 (Docker Engine, > UCP, and DTR). diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md index d300eb586e..1373a85423 100644 --- a/install/windows/docker-ee.md +++ b/install/windows/docker-ee.md @@ -91,7 +91,7 @@ Select option `6) Download and Install Updates`. With Docker EE Basic license for versions 18.09 and later, Docker provides FIPS 140-2 support in Windows Server 2016. This includes a FIPS supported cryptographic module. If the Windows implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine. -**NOTE:** FIPS 140-2 is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS 140-2. +> **Note**: FIPS 140-2 is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS 140-2. To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, execute the following command in PowerShell: @@ -119,7 +119,7 @@ Labels: com.docker.security.fips=enabled ``` -**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `"DOCKER_FIPS","0"` in the `[System.Environment]`.` +> **Note**: If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `"DOCKER_FIPS","0"` in the `[System.Environment]`.` ## Use a script to install Docker EE diff --git a/machine/drivers/azure.md b/machine/drivers/azure.md index 9c6f211507..3c7af9a01c 100644 --- a/machine/drivers/azure.md +++ b/machine/drivers/azure.md @@ -7,7 +7,7 @@ title: Microsoft Azure You need an Azure Subscription to use this Docker Machine driver. [Sign up for a free trial.][trial] -> **NOTE:** This documentation is for the new version of the Azure driver, which started +> **Note**: This documentation is for the new version of the Azure driver, which started > shipping with v0.7.0. This driver is not backwards-compatible with the old > Azure driver. If you want to continue managing your existing Azure machines, please > download and use machine versions prior to v0.7.0. diff --git a/reference/dtr/2.6/cli/install.md b/reference/dtr/2.6/cli/install.md index 36cfed2311..325a09f5b4 100644 --- a/reference/dtr/2.6/cli/install.md +++ b/reference/dtr/2.6/cli/install.md @@ -23,11 +23,13 @@ After installing DTR, you can join additional DTR replicas using `docker/dtr joi ## Example Usage +```bash $ docker run -it --rm docker/dtr:{{ site.dtr_version }}.0 install \ --ucp-node \ --ucp-insecure-tls +``` -> Note: Use `--ucp-ca "$(cat ca.pem)"` instead of `--ucp-insecure-tls` for a production deployment. +> **Note**: Use `--ucp-ca "$(cat ca.pem)"` instead of `--ucp-insecure-tls` for a production deployment. ## Options diff --git a/registry/recipes/nginx.md b/registry/recipes/nginx.md index 6673b2a22b..07ed4b62be 100644 --- a/registry/recipes/nginx.md +++ b/registry/recipes/nginx.md @@ -38,7 +38,7 @@ you want through the secondary authentication mechanism implemented inside your proxy, it also requires that you move TLS termination from the Registry to the proxy itself. -> ***NOTE:*** Docker does not recommend binding your registry to `localhost:5000` without +> **Note**: Docker does not recommend binding your registry to `localhost:5000` without > authentication. This creates a potential loophole in your Docker Registry security. > As a result, anyone who can log on to the server where your Docker Registry is running > can push images without authentication. diff --git a/release-notes/docker-compose.md b/release-notes/docker-compose.md index d4a72da42b..5021768df4 100644 --- a/release-notes/docker-compose.md +++ b/release-notes/docker-compose.md @@ -954,7 +954,7 @@ naming scheme accordingly before upgrading. - Containers dependencies can now be set up to wait on positive healthchecks when declared using `depends_on`. See the documentation for the updated syntax. - **Note:** This feature will not be ported to version 3 Compose files. + **Note**: This feature will not be ported to version 3 Compose files. - Added support for the `sysctls` parameter in service definitions diff --git a/storage/storagedriver/zfs-driver.md b/storage/storagedriver/zfs-driver.md index 46f83af919..2f3faa159a 100644 --- a/storage/storagedriver/zfs-driver.md +++ b/storage/storagedriver/zfs-driver.md @@ -44,7 +44,7 @@ use unless you have substantial experience with ZFS on Linux. and push existing images to Docker Hub or a private repository, so that you do not need to re-create them later. -> ***NOTE:*** There is no need to use `MountFlags=slave` with Docker Engine 18.09 or +> **Note**: There is no need to use `MountFlags=slave` with Docker Engine 18.09 or > later because `dockerd` and `containerd` are in different mount namespaces. ## Configure Docker with the `zfs` storage driver From 69ab07b1a960567246faf95833e6bddc0a600580 Mon Sep 17 00:00:00 2001 From: themousepotato Date: Sat, 9 Feb 2019 13:43:03 +0530 Subject: [PATCH 07/18] fix broken link --- install/windows/docker-ee.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md index d300eb586e..8e0e467353 100644 --- a/install/windows/docker-ee.md +++ b/install/windows/docker-ee.md @@ -25,8 +25,7 @@ LAHF/SAHF, and PrefetchW, security: DEP/NX, etc.). * OS Versions: Server 2016 (Core and GUI), 1709 and 1803 * RAM: 4GB -* Disk space: [32 GB minimum recommendation for Windows](https://docs.microsoft.com/en-us/windows-server/get-started/system - requirements). An additional 32 GB of Space is recommended for base images for ServerCore and NanoServer along with buffer +* Disk space: [32 GB minimum recommendation for Windows](https://docs.microsoft.com/en-us/windows-server/get-started/system-requirements). An additional 32 GB of Space is recommended for base images for ServerCore and NanoServer along with buffer space for workload containers running IIS, SQL Server and .Net apps. ## Install Docker Engine - Enterprise From 5b854186d84f782a702db120c1c87b8804690580 Mon Sep 17 00:00:00 2001 From: Derrick Miller Date: Tue, 12 Feb 2019 09:16:03 -0500 Subject: [PATCH 08/18] Update release notes with fixed known issue The known issue that was introduced in the 3.1.0 release that required the ID of the user when manually creating RoleBinding or ClusterRoleBinding, is fixed in 3.1.3 and this change updates the release notes to reflect this information. --- ee/ucp/release-notes.md | 1 + 1 file changed, 1 insertion(+) diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index f9535edbc8..d00a970e36 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -38,6 +38,7 @@ upgrade your installation to the latest release. * Non-admin users can no longer create `PersistentVolumes` that mount host directories. (docker/orca#15936) * Added support for the limit arg in `docker ps`. (docker/orca#15812) * Fixed an issue with ucp-proxy health check. (docker/orca#15814, docker/orca#15813, docker/orca#16021, docker/orca#15811) + * Fixed an issue where manually creating a **ClusterRoleBinding** or **RoleBinding** for `User` or `Group` subjects required the ID of the user, organization, or team. (docker/orca#14935) ### Known issue * By default, Kubelet begins deleting images, starting with the oldest unused images, after exceeding 85% disk space utilization. This causes an issue in an air-gapped environment. (docker/orca#16082) From 0e1ee5bc98dba6828aa6848e6bb3a83a4db32f84 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 11:16:00 -0500 Subject: [PATCH 09/18] Minor wording changes --- ee/ucp/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index d00a970e36..7e7c15c0e9 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -38,7 +38,7 @@ upgrade your installation to the latest release. * Non-admin users can no longer create `PersistentVolumes` that mount host directories. (docker/orca#15936) * Added support for the limit arg in `docker ps`. (docker/orca#15812) * Fixed an issue with ucp-proxy health check. (docker/orca#15814, docker/orca#15813, docker/orca#16021, docker/orca#15811) - * Fixed an issue where manually creating a **ClusterRoleBinding** or **RoleBinding** for `User` or `Group` subjects required the ID of the user, organization, or team. (docker/orca#14935) + * Fixed an issue with manual creation of a **ClusterRoleBinding** or **RoleBinding** for `User` or `Group` subjects requiring the ID of the user, organization, or team. (docker/orca#14935) ### Known issue * By default, Kubelet begins deleting images, starting with the oldest unused images, after exceeding 85% disk space utilization. This causes an issue in an air-gapped environment. (docker/orca#16082) From 3a123b7f38b7f085a76cc15c8bf7ab4196ba1cc6 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 11:37:19 -0500 Subject: [PATCH 10/18] Redacted audit log info for specific API endpoints --- ee/ucp/admin/configure/create-audit-logs.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ee/ucp/admin/configure/create-audit-logs.md b/ee/ucp/admin/configure/create-audit-logs.md index 931e670104..1656b63d13 100644 --- a/ee/ucp/admin/configure/create-audit-logs.md +++ b/ee/ucp/admin/configure/create-audit-logs.md @@ -195,6 +195,17 @@ events and may create a large amount of log entries. - /kubernetesdocs - /manage +## API endpoint information redacted + +Information for the following API endpoints is redacted from the audit logs for security purposes: + +- `/secrets/create` (POST) +- `/secrets/{id}/update` (POST) +- `/swarm/join` (POST) +- `/swarm/update` (POST) +-`/auth/login` (POST) +- Kube secrete create/update endpoints + ## Where to go next - [Collect UCP Cluster Metrics with Prometheus](collect-cluster-metrics.md) From 1548635d920ee4aa508d3add9b2fdd6d45216ec1 Mon Sep 17 00:00:00 2001 From: Derrick Miller Date: Tue, 12 Feb 2019 11:56:33 -0500 Subject: [PATCH 11/18] Fixed list indentations List indentations were incorrect yielding the list in one line instead of multiple lines. Fixed the indentation so the lists render correctly. --- .../admin/configure/collect-cluster-metrics.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ee/ucp/admin/configure/collect-cluster-metrics.md b/ee/ucp/admin/configure/collect-cluster-metrics.md index e3f2f9c304..274291c8a5 100644 --- a/ee/ucp/admin/configure/collect-cluster-metrics.md +++ b/ee/ucp/admin/configure/collect-cluster-metrics.md @@ -22,16 +22,16 @@ The Docker EE platform provides a base set of metrics that gets you running and ## Business metrics ## These are high-level aggregate metrics that typically combine technical, financial, and organizational data to create metrics for business leaders of the IT infrastructure. Some examples of business metrics might be: - - Company or division-level application downtime - - Aggregate resource utilization - - Application resource demand growth + - Company or division-level application downtime + - Aggregate resource utilization + - Application resource demand growth ## Application metrics ## These are metrics about domain of APM tools like AppDynamics or DynaTrace and provide metrics about the state or performance of the application itself. - - Service state metrics - - Container platform metrics - - Host infrastructure metrics + - Service state metrics + - Container platform metrics + - Host infrastructure metrics Docker EE 2.1 does not collect or expose application level metrics. @@ -40,9 +40,9 @@ The following are metrics Docker EE 2.1 collects, aggregates, and exposes: ## Service state metrics ## These are metrics about the state of services running on the container platform. These types of metrics have very low cardinality, meaning the values are typically from a small fixed set of possibilities, commonly binary. - - Application health - - Convergence of K8s deployments and Swarm services - - Cluster load by number of services or containers or pods + - Application health + - Convergence of K8s deployments and Swarm services + - Cluster load by number of services or containers or pods ## Deploy Prometheus on worker nodes From 2bd416f990fa1c312897dc13b97a06b3d25f620d Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 12:27:32 -0500 Subject: [PATCH 12/18] Moving NFS persistent storage info --- _data/toc.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_data/toc.yaml b/_data/toc.yaml index 26b237c3a7..a82b930f5f 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1204,8 +1204,6 @@ manuals: title: UCP configuration file - path: /ee/ucp/admin/configure/use-node-local-network-in-swarm/ title: Use a local node network in a swarm - - path: /ee/ucp/admin/configure/use-nfs-volumes/ - title: Use NFS persistent storage - path: /ee/ucp/admin/configure/use-your-own-tls-certificates/ title: Use your own TLS certificates - path: /ee/ucp/admin/configure/manage-and-deploy-private-images/ @@ -1345,6 +1343,8 @@ manuals: section: - title: Access Kubernetes Resources path: /ee/ucp/kubernetes/kube-resources/ + - title: Use NFS persistent storage + path: /ee/ucp/admin/configure/use-nfs-volumes/ - title: Configure AWS EBS Storage for Kubernetes path: /ee/ucp/kubernetes/configure-aws-storage/ - title: Deploy a workload From 15e80ea3a7f29b477e2f0103108d7f1eb06bf133 Mon Sep 17 00:00:00 2001 From: Mayank Jethva Date: Tue, 12 Feb 2019 11:19:24 -0700 Subject: [PATCH 13/18] Update overlay.md --- network/overlay.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/overlay.md b/network/overlay.md index c3e75a04d7..18d555de08 100644 --- a/network/overlay.md +++ b/network/overlay.md @@ -230,7 +230,7 @@ preferred because it is somewhat self-documenting. -p 8080:80/tcp -p 8080:80/udp or
-p published=8080,target=80,protocol=tcp -p published=8080,target=80,protocol=udp -Map TCP port 80 on the service to TCP port 8080 on the routing mesh, and map UDP port 80 on the service to UDP port 8080 on the routine mesh. +Map TCP port 80 on the service to TCP port 8080 on the routing mesh, and map UDP port 80 on the service to UDP port 8080 on the routing mesh. From 66bbbdc6a528744823530bfac1ceb6f601544d9b Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 15:12:53 -0500 Subject: [PATCH 14/18] Update backups-and-disaster-recovery.md --- ee/ucp/admin/backups-and-disaster-recovery.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ee/ucp/admin/backups-and-disaster-recovery.md b/ee/ucp/admin/backups-and-disaster-recovery.md index fb487b0aa8..839ae0e659 100644 --- a/ee/ucp/admin/backups-and-disaster-recovery.md +++ b/ee/ucp/admin/backups-and-disaster-recovery.md @@ -45,6 +45,17 @@ As part of your backup policy you should regularly create backups of UCP. DTR is backed up independently. [Learn about DTR backups and recovery](../../dtr/2.5/admin/disaster-recovery/index.md). +> Warning: On UCP versions 3.1.0 - 3.1.2, before performing a UCP backup, you must clean up multiple /dev/shm mounts in the ucp-kublet entrypoint script by running the following script on all nodes via cron job: + +``` +SHM_MOUNT=$(grep -m1 '^tmpfs./dev/shm' /proc/mounts) +while [ $(grep -cm2 '^tmpfs./dev/shm' /proc/mounts) -gt 1 ]; do + sudo umount /dev/shm +done +grep -q '^tmpfs./dev/shm' /proc/mounts || sudo mount "${SHM_MOUNT}" +``` +For additional details, refer to [Docker issue 934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} + To create a UCP backup, run the `{{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} backup` command on a single UCP manager. This command creates a tar archive with the contents of all the [volumes used by UCP](../ucp-architecture.md) to persist data From afa67f77fc3711cf8cb5508acf86da2b47d4abe6 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 15:13:53 -0500 Subject: [PATCH 15/18] Update backups-and-disaster-recovery.md --- .../3.0/guides/admin/backups-and-disaster-recovery.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md index 58bb999f5b..accc7f6272 100644 --- a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md +++ b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md @@ -41,6 +41,17 @@ As part of your backup policy you should regularly create backups of UCP. DTR is backed up independently. [Learn about DTR backups and recovery](../../../../dtr/2.3/guides/admin/backups-and-disaster-recovery.md). +> Warning: On UCP versions 3.1.0 - 3.1.2, before performing a UCP backup, you must clean up multiple /dev/shm mounts in the ucp-kublet entrypoint script by running the following script on all nodes via cron job: + +``` +SHM_MOUNT=$(grep -m1 '^tmpfs./dev/shm' /proc/mounts) +while [ $(grep -cm2 '^tmpfs./dev/shm' /proc/mounts) -gt 1 ]; do + sudo umount /dev/shm +done +grep -q '^tmpfs./dev/shm' /proc/mounts || sudo mount "${SHM_MOUNT}" +``` +For additional details, refer to [Docker issue 934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} + To create a UCP backup, run the `{{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} backup` command on a single UCP manager. This command creates a tar archive with the contents of all the [volumes used by UCP](../architecture.md) to persist data From 54caa6772ad25704285211a0f48bd5ff1fbd3c22 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 16:41:32 -0500 Subject: [PATCH 16/18] Fix version info --- .../ucp/3.0/guides/admin/backups-and-disaster-recovery.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md index accc7f6272..35c8eb44a0 100644 --- a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md +++ b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md @@ -41,7 +41,7 @@ As part of your backup policy you should regularly create backups of UCP. DTR is backed up independently. [Learn about DTR backups and recovery](../../../../dtr/2.3/guides/admin/backups-and-disaster-recovery.md). -> Warning: On UCP versions 3.1.0 - 3.1.2, before performing a UCP backup, you must clean up multiple /dev/shm mounts in the ucp-kublet entrypoint script by running the following script on all nodes via cron job: +> Warning: On UCP versions 3.0.0 - 3.0.7, before performing a UCP backup, you must clean up multiple /dev/shm mounts in the ucp-kublet entrypoint script by running the following script on all nodes via cron job: ``` SHM_MOUNT=$(grep -m1 '^tmpfs./dev/shm' /proc/mounts) From d0594c3e385e7a9d1bc71c775d07aac2b1701655 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 16:42:30 -0500 Subject: [PATCH 17/18] Link title change --- .../ucp/3.0/guides/admin/backups-and-disaster-recovery.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md index 35c8eb44a0..688f6d6b98 100644 --- a/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md +++ b/datacenter/ucp/3.0/guides/admin/backups-and-disaster-recovery.md @@ -50,7 +50,7 @@ while [ $(grep -cm2 '^tmpfs./dev/shm' /proc/mounts) -gt 1 ]; do done grep -q '^tmpfs./dev/shm' /proc/mounts || sudo mount "${SHM_MOUNT}" ``` -For additional details, refer to [Docker issue 934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} +For additional details, refer to [Docker KB000934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} To create a UCP backup, run the `{{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} backup` command on a single UCP manager. This command creates a tar archive with the From a4869b159ca008f8fac2f2c288a38ebade6bc1a3 Mon Sep 17 00:00:00 2001 From: paigehargrave Date: Tue, 12 Feb 2019 16:43:05 -0500 Subject: [PATCH 18/18] Link title change --- ee/ucp/admin/backups-and-disaster-recovery.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/admin/backups-and-disaster-recovery.md b/ee/ucp/admin/backups-and-disaster-recovery.md index 839ae0e659..c07aa4f8a0 100644 --- a/ee/ucp/admin/backups-and-disaster-recovery.md +++ b/ee/ucp/admin/backups-and-disaster-recovery.md @@ -54,7 +54,7 @@ while [ $(grep -cm2 '^tmpfs./dev/shm' /proc/mounts) -gt 1 ]; do done grep -q '^tmpfs./dev/shm' /proc/mounts || sudo mount "${SHM_MOUNT}" ``` -For additional details, refer to [Docker issue 934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} +For additional details, refer to [Docker KB000934](https://success.docker.com/article/more-than-one-dev-shm-mount-in-the-host-namespace){: target="_blank"} To create a UCP backup, run the `{{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} backup` command on a single UCP manager. This command creates a tar archive with the