From 026093444fca5ac23cf360da3c847eb9608b14b3 Mon Sep 17 00:00:00 2001 From: JayG Date: Wed, 1 Dec 2021 16:39:56 -0700 Subject: [PATCH 1/8] Clarify Advanced Wordpress section I believe this is the intended meaning, otherwise it is unclear where the name wp_db_secret is coming from when referenced as "keeping the same" by wp_db_password --- engine/swarm/secrets.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/swarm/secrets.md b/engine/swarm/secrets.md index b1d93f448d..8a9e26057a 100644 --- a/engine/swarm/secrets.md +++ b/engine/swarm/secrets.md @@ -896,7 +896,7 @@ use it, then remove the old secret. ``` 4. Update the `wordpress` service to use the new password, keeping the target - path at `/run/secrets/wp_db_secret` and keeping the file permissions at + path at `/run/secrets/wp_db_password` and keeping the file permissions at `0400`. This triggers a rolling restart of the WordPress service and the new secret is used. From 171171531876793f97789b9306d18f5ed9868cb5 Mon Sep 17 00:00:00 2001 From: ertegun Date: Fri, 3 Dec 2021 16:02:16 +0300 Subject: [PATCH 2/8] WORDPRESS_DB_HOST: db port must removed --- samples/wordpress.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/wordpress.md b/samples/wordpress.md index 06d4e00092..7ac51a254e 100644 --- a/samples/wordpress.md +++ b/samples/wordpress.md @@ -62,7 +62,7 @@ Compose to set up and run WordPress. Before starting, make sure you have - "8000:80" restart: always environment: - WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_HOST: db WORDPRESS_DB_USER: wordpress WORDPRESS_DB_PASSWORD: wordpress WORDPRESS_DB_NAME: wordpress From 93bd69ac0360938327f6510dc7c60f7089218ce2 Mon Sep 17 00:00:00 2001 From: Miroslav Tomasik Date: Mon, 6 Dec 2021 15:08:18 +0100 Subject: [PATCH 3/8] Update 02_our_app.md --- get-started/02_our_app.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/get-started/02_our_app.md b/get-started/02_our_app.md index 4733d98205..817e5ec0cc 100644 --- a/get-started/02_our_app.md +++ b/get-started/02_our_app.md @@ -45,7 +45,7 @@ see a few flaws in the Dockerfile below. But, don't worry. We'll go over them. ```dockerfile # syntax=docker/dockerfile:1 FROM node:12-alpine - RUN apk add --no-cache python3 g++ make + RUN apk add --no-cache python2 g++ make WORKDIR /app COPY . . RUN yarn install --production From b3675c82bdbe5c0f5b77d2aac528b1c91cd51ca0 Mon Sep 17 00:00:00 2001 From: Nathaniel <314009+nathanielks@users.noreply.github.com> Date: Fri, 10 Dec 2021 13:37:23 -0600 Subject: [PATCH 4/8] Clarify which image architecture is run by default Given the list of architectures supported by the busybox image, it's confusing to reference "the `x86_64` variant is pulled and run" when there's no platform architecture that matches that name. Instead, changing the documentation to reference `amd64` makes more sense as there is no `linux/x86_64` architecture that's supported by Docker (AFAIK), but there _is_ `linux/amd64`. --- desktop/multi-arch.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/desktop/multi-arch.md b/desktop/multi-arch.md index 92775e29e0..ed42c671d3 100644 --- a/desktop/multi-arch.md +++ b/desktop/multi-arch.md @@ -17,7 +17,7 @@ selects the image variant that matches your OS and architecture. Most of the Docker Official Images on Docker Hub provide a [variety of architectures](https://github.com/docker-library/official-images#architectures-other-than-amd64){: target="_blank" rel="noopener" class="_" }. For example, the `busybox` image supports `amd64`, `arm32v5`, `arm32v6`, `arm32v7`, `arm64v8`, `i386`, `ppc64le`, and `s390x`. When running this image -on an `x86_64` / `amd64` machine, the `x86_64` variant is pulled and run. +on an `x86_64` / `amd64` machine, the `amd64` variant is pulled and run. ## Multi-arch support on Docker Desktop From 52cde9ff947dacaa0e4c22b92601d08837dba211 Mon Sep 17 00:00:00 2001 From: Tom Lankhorst Date: Fri, 17 Dec 2021 07:44:42 +0100 Subject: [PATCH 5/8] Fix `driver_opts` indent --- compose/networking.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/compose/networking.md b/compose/networking.md index 84889c0239..8b8aaac2b9 100644 --- a/compose/networking.md +++ b/compose/networking.md @@ -133,8 +133,8 @@ networks: # Use a custom driver which takes special options driver: custom-driver-2 driver_opts: - foo: "1" - bar: "2" + foo: "1" + bar: "2" ``` Networks can be configured with static IP addresses by setting the [ipv4_address and/or ipv6_address](compose-file/compose-file-v2.md#ipv4_address-ipv6_address) for each attached network. From 0ead2583b590ebce20d13eb858e483fe3d720c39 Mon Sep 17 00:00:00 2001 From: Jim Flattery <6561797+jflattery@users.noreply.github.com> Date: Fri, 17 Dec 2021 05:39:27 -0500 Subject: [PATCH 6/8] Make Compose-Switch version dynamic (#13922) * Make Compose-Switch version dynamic Fixes https://github.com/docker/docker.github.io/issues/13914 * Update cli-command.md Fix typo by remove unneeded parenthesis. * Updating to the latest version Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com> --- _config.yml | 1 + compose/cli-command.md | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/_config.yml b/_config.yml index 475084a166..499ea1157c 100644 --- a/_config.yml +++ b/_config.yml @@ -27,6 +27,7 @@ compose_file_v3: "3.9" compose_file_v2: "2.4" machine_version: "0.16.0" distribution_version: "2.7" +compose_switch_version: "1.0.4" # List of plugins to enable for local development builds. Mostly the same as # for production, but without the "jekyll-sitemap" plugin, which is not needed diff --git a/compose/cli-command.md b/compose/cli-command.md index c35e87e109..3d8e7c9125 100644 --- a/compose/cli-command.md +++ b/compose/cli-command.md @@ -112,7 +112,7 @@ To install Compose Switch manually: 1. Download the `compose-switch` binary for your architecture ```console - $ curl -fL https://github.com/docker/compose-switch/releases/download/v1.0.1/docker-compose-linux-amd64 -o /usr/local/bin/compose-switch + $ curl -fL https://github.com/docker/compose-switch/releases/download/v{{site.compose_switch_version}}/docker-compose-linux-amd64 -o /usr/local/bin/compose-switch ``` 2. Run the following command to make it an executable: From a78ebbaab8025343e6ccf222e3dc2243fb013083 Mon Sep 17 00:00:00 2001 From: Stefan Scherer Date: Fri, 17 Dec 2021 11:43:46 +0100 Subject: [PATCH 7/8] Add compose V2 version variable Signed-off-by: Stefan Scherer --- _config.yml | 1 + compose/cli-command.md | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/_config.yml b/_config.yml index 499ea1157c..bd5013f13b 100644 --- a/_config.yml +++ b/_config.yml @@ -23,6 +23,7 @@ exclude: ["_samples", "_scripts", "404.html", "datacenter", "ee", "index.html", latest_engine_api_version: "1.41" docker_ce_version: "20.10" compose_version: "1.29.2" +compose_v2_version: "2.2.2" compose_file_v3: "3.9" compose_file_v2: "2.4" machine_version: "0.16.0" diff --git a/compose/cli-command.md b/compose/cli-command.md index 3d8e7c9125..8012e353fe 100644 --- a/compose/cli-command.md +++ b/compose/cli-command.md @@ -79,7 +79,7 @@ from the [project release page](https://github.com/docker/compose/releases){:tar ```console $ mkdir -p ~/.docker/cli-plugins/ - $ curl -SL https://github.com/docker/compose/releases/download/v2.0.1/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose + $ curl -SL https://github.com/docker/compose/releases/download/v{{site.compose_v2_version}}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose ``` This command installs Compose V2 for the active user under `$HOME` directory. To install Docker Compose for all users on your system, replace `~/.docker/cli-plugins` with `/usr/local/lib/docker/cli-plugins`. @@ -94,7 +94,7 @@ from the [project release page](https://github.com/docker/compose/releases){:tar ```console $ docker compose version - Docker Compose version 2.0.1 + Docker Compose version {{site.compose_v2_version}} ``` ### Compose Switch From 5bcc3246889f374e1aaaa3b4ff90d6f0e6e7a314 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kevin=20K=C3=B6llmann?= Date: Fri, 17 Dec 2021 12:22:30 +0100 Subject: [PATCH 8/8] Fixed rootlesskit binary path, mention daemon restart (#13932) * Fixed rootlesskit binary path, mention daemon restart `rootlesskit` lives at `/usr/bin/rootlesskit`. After setting `CAP_NET_BIND_SERVICE` capability daemon has to be restarted. * Changed rootlesskit binary path to be dynamically resolved --- engine/security/rootless.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/engine/security/rootless.md b/engine/security/rootless.md index d213ab81f6..e52c33d714 100644 --- a/engine/security/rootless.md +++ b/engine/security/rootless.md @@ -345,10 +345,11 @@ Add `net.ipv4.ping_group_range = 0 2147483647` to `/etc/sysctl.conf` (or ### Exposing privileged ports -To expose privileged ports (< 1024), set `CAP_NET_BIND_SERVICE` on `rootlesskit` binary. +To expose privileged ports (< 1024), set `CAP_NET_BIND_SERVICE` on `rootlesskit` binary and restart the daemon. ```console -$ sudo setcap cap_net_bind_service=ep $HOME/bin/rootlesskit +$ sudo setcap cap_net_bind_service=ep $(which rootlesskit) +$ systemctl --user restart docker ``` Or add `net.ipv4.ip_unprivileged_port_start=0` to `/etc/sysctl.conf` (or