* Change the repository link to open an issue on docker scan plugin
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
* Remove the statement on trials
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
BuildKit allows using alternative Dockerfile syntaxes to introduce new features
without having to update Docker itself. The general recommendation is to always
specify a "syntax" directive in a Dockerfile, so that (if needed) older versions
of Docker can download the correct syntax to build the Dockerfile.
This updates our examples to include a syntax directive, to make users more familiar
with these directives, and to illustrate best-pracitces in our documentation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- btrfs is now supported (moby/moby PR 42253)
- CLI context "rootless" is now created by default (moby/moby PR 42109)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
these commands are hidden in the cli, but functional, and mentioned
in the "working with buildx" introduction.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Added important disambiguation to swarm mode
This really needs to be added, I had no idea people gave up on docker/swarm because of a misunderstanding, but it's common enough we need to clarify it.
From Docker's public #swarm slack channel:
```
andrew grosser 4:45 PM
Hey @channel I am about to give a talk in San Francisco to a bunch of devops experts about swarm using my ingress and reverse proxy controller https://github.com/sfproductlabs/roo and one of the organizers said swarm was deprecated, is that so? It's so much easier than kubernetes, I can't imagine losing it.
sfproductlabs/roo
A zero config distributed edge-router & reverse-proxy (supporting multiple letsencrypt/https hosts). No dependencies.
Stars
40
Language
Go
<https://github.com/sfproductlabs/roo|sfproductlabs/roo>sfproductlabs/roo | Apr 9th | Added by GitHub
4:46
Is there something we don't know?
james_wells 4:48 PM
As of the most recent official Docker release, no Swarm is still officially part of Docker... They merely added native support for Kubernetes
andrew grosser 4:49 PM
🙏 Phew, is there an EOL?
4:49
Thanks @james_wells
4:50
I think they going to get the grenade launchers out if I can't answer these questions
james_wells 4:51 PM
Now that is a good question and my guess is that no, there is no plan to remove it, at least before Docker 3.
andrew grosser 4:52 PM
Amazing thx, I have a system that is a startups dream and is personally saving me more than 10x using swarm, so praying it stays
bmitch:docker: 4:53 PM
Classic container deployed swarm is deprecated (I believe). Swarm mode that's integrated into the engine is still being developed by Mirantis with no EOL set.
4:53
So if someone says swarm is deprecated, make sure to ask "which swarm" they are referring to.
andrew grosser 4:54 PM
Ok thanks @bmitch
4:54
Think that's a brand thing we'll need to help change
james_wells 4:56 PM
@bmitch I am not sure I understand what you are sayin there. Could you please explain the differences
bmitch:docker: 4:56 PM
See the disambiguation section: https://hub.docker.com/r/dockerswarm/swarm
james_wells 4:57 PM
Excellent. Thank you sir
andrew grosser 5:02 PM
Thanks
bmitch:docker: 5:02 PM
See also this link where they are getting ready to archive the standalone swarm, aka classic swarm. https://github.com/docker/classicswarm/issues/2985#issuecomment-640486361
justincormackjustincormack
Comment on #2985 Why have all issues been closed?
The vast majority of issues were from 5 years ago when it was being actively developed, and the recent ones were all mistakes for swarmkit, other than some issues I resolved. Many were issues in components or Moby or other software and may be resolved. It is GitHubs (reasonable) recommendation that you close issues and PRs before archiving a repository so that people know they are not being worked on, and I was also looking to see if anyone came forward to say that they were still working on things or, indeed, actively using Swarm Classic.
<https://github.com/docker/classicswarm|docker/classicswarm>docker/classicswarm | Jun 8th | Added by GitHub
james_wells 5:08 PM
That is really unfortunate... Kubernetes is simply too expensive IMNSHO, Swarm is nice and lightweight.
andrew grosser 5:08 PM
Both the different swarms point to the same point in the documentation in the disambiguation @bmitch
bmitch:docker: 5:09 PM
Swarm mode, aka swarmkit is alive and well.
andrew grosser 5:10 PM
Whoa I can see why they were confused
bmitch:docker: 5:10 PM
If you type docker swarm init you are not running classic swarm
andrew grosser 5:11 PM
Can someone inside docker add this to the swarm docs page? I think it's important
5:12
I think something talking about 2014 was EOLd but this is still current and alive would help.
bmitch:docker: 5:12 PM
Docker themselves isn't maintaining it, that team went to Mirantis, so someone over there would need to submit the PR
andrew grosser 5:12 PM
OK, could I?
bmitch:docker: 5:13 PM
Docs are in GitHub
andrew grosser 5:13 PM
Thanks
```
* Minor edit to the wording to clarify the diff
* Minor update
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
Certain installations may not have this. Without this, the step
where `/etc/apt/sources.list.d/docker.list` will fail and write
garbled data to the file, potentially breaking apt.
Co-Authored-By: Andrew Kester <akester@cox.net>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This tones down the prompt and command output, so that the commands
to run stand out more clearly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Looks like the Debian version was updated during review, but the Ubuntu variant
was forgotten in 760bb64ea3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Offering an alternative to apt-key (deprecated)
[Use trusted.gpg.d instead of apt-key · Issue #11625 · docker/docker.github.io](https://github.com/docker/docker.github.io/issues/11625)
As of Debian 10 / Ubuntu 20.10, apt-key is deprecated and will not be available after Debian 11 / Ubuntu 22.04
Although adding keys directly to `/etc/apt/trusted.gpg.d`/ is suggested by apt-key deprecation message, as per [Debian Wiki](https://wiki.debian.org/DebianRepository/UseThirdParty) GPG keys for third party repositories should be added to `/usr/share/keyrings` and referenced with the `signed-by` option in the source.list.d entry.
Providing a binary .gpg key instead of an ASCII Armored one might help shorten the lengthy command by removing the ` | gpg --dearmor ` bit.
This removes the software-properties-common provides add-apt-repository which we don't use anymore
= _includes/install-script.md, engine/install/linux-postinstall.md =
- Remove "Rootless mode is currently available as an experimental feature."
Close issue 12050
= engine/security/rootless.md =
== "Prerequiresites" section ==
- Remove information about old distros (Debian 9, CentOS 7.5-7.6)
== "Distribution-specific hint" section ==
- Tabified (`<div class="tab-content" />`)
== "Known limitations" section ==
- Kernel 5.11 supports rootless overlayfs, without the Ubuntu/Debian patch.
== "Install" section ==
- Promote RPM/DEB installation over TGZ installation.
See docker/roadmap issue 188
== "Uninstall" section ==
- Add "Uninstall" section.
Close issue 12053
== "Usage" section ==
- Added more information about systemd
- Move `nsenter` tips to "Tips for debugging" subsection under "Troubleshooting" section
== "Best practice" section ==
- Remove guide for `lxc-user-nic` network driver due to immaturity.
Will be brought back in future.
See rootless-containers/rootlesskit issue 138 .
== "Troubleshooting" section ==
- Add a guide for "can't open lock file /run/xtables.lock: Permission denied" (SELinux).
See moby/moby issue 41230
- Add a guide for "failed to register layer: ApplyLayer exit status 1 ..." (NFS).
Close docker/for-linux issue 1172
- Improve guides for slirp4netns.
- Remove v19.03 information (e.g., "cgroup v2 is unsupported, use cgroup v1")
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Previously, the `ssh://` helper was only mentioned in `engine/security/index.md`.
The `ssh://` helper is now documented in "Protect the Docker daemon socket"
(`engine/security/protect-access.md`, nee `engine/security/https.md`).
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Metal
Sebastiaan van Stijn
Matthias Scholz
Usha Mandya
Guillaume Lours
Sebastiaan van Stijn
Visarut Phusua
Anca Iordache
Adrián Tóth
Akihiro Suda
Tibor Vass
Tibor Vass
Jimmy
avivmu
Aaron Stults
Andrew Grosser
Usha Mandya
Andrew Kester
Nicolas De Loof
denis-roy
Akash Borad