Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 674d227445887ea2f9a0fde6ebb7838bcce58578)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7bf0faf42377a91a8535b443201d9ad62326889b)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit e4a024d5902df1d3db8b9fff8865304afa2305e6)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit ea365e4cb37d037046364773d01a744b1258ce4e)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit c6b7bd1aa6b94ab242d6310419f1c3a7964ffa02)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: John Harris <john@johnharris.io>
(cherry picked from commit 8e148827734a94165156adfd0f6d202d28dff142)
Signed-off-by: Tibor Vass <tibor@docker.com>
We use containerd and there is no execution driver anymore.
Addresses: https://github.com/docker/docker/issues/24461
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
(cherry picked from commit 1fb1136fecfd761300a38f64ac9178979cc0b270)
Signed-off-by: Tibor Vass <tibor@docker.com>
- Update ps with `--last` flag
- Update commands with current output
- Make sure hugo does not detect the wrong language
- Update usage for `tag` command to be more coherent with the other ones
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit f4cfc6b9830ed236eb588d6a4dddca7455145e70)
Signed-off-by: Tibor Vass <tibor@docker.com>
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.
This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.
`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.
Closes#23785
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 7342e42fcecbc243bcb8723b8422879662452017)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit a859a336475f39c7b7d7739c58a1dae40df86a86)
Signed-off-by: Tibor Vass <tibor@docker.com>
In the API:
`Writable` changed to `ReadOnly`
`Populate` changed to `NoCopy`
Corresponding CLI options updated to:
`volume-writable` changed to `volume-readonly`
`volume-populate` changed to `volume-nocopy`
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 56f3422468a0b43da7bae7a01762ce4f0a92d9ff)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 140ec59db6e413de5025fb8686b97bf80b66c519)
Signed-off-by: Tibor Vass <tibor@docker.com>
In order to keep a little bit of "sanity" on the API side, validate
hostname only starting from v1.24 API version.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 6daf3d2a783fd042e870c8af8bbd19fc28989505)
Signed-off-by: Tibor Vass <tibor@docker.com>
* Detect name conflicts on network creation
* Detect and prevent network connect/disconnect for managed containers
Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 0ce5158a2a9a3f10a62d3c1ea289c55e524cdac5)
Signed-off-by: Tibor Vass <tibor@docker.com>
The libtrust keyfile which is used to set the "ID" property of a daemon must be generated or loaded on every startup.
If the process crashes during startup this could cause the file to be incomplete causing future startup errors.
Ensure that the file is written atomically to ensure the file is never in an incomplete state.
Fixes#23985
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
(cherry picked from commit 9836162446bd0deadecbf0eed38ef3c134754f16)
Signed-off-by: Tibor Vass <tibor@docker.com>
… on `docker node tasks` and `docker service tasks` commands.
This changes is mainly server-side (between engine api and
swarmkit). There is just a check in `api/client/service/tasks.go` to
handle the special *self* meaning.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit b0fc5a21f1138f48e0431a550c936e8908d72840)
Signed-off-by: Tibor Vass <tibor@docker.com>
lowercase the output, to prevent "About" halfway,
and add "ago" to the output, as timestamps are always
in the past.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 04c94a013ccba1690933156830efdc314de67ef8)
Signed-off-by: Tibor Vass <tibor@docker.com>
For consistency with other filters (such as
"is-official"), this renames the desired_state
filter to "desired-state".
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d761719eb4e45fbd6f092f6d0b4eb42206e298f6)
Signed-off-by: Tibor Vass <tibor@docker.com>
Just like `docker service tasks`, we should add `desired_state` filters
only in case there is no provided filters.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 3c194bd2a4fb4693deba366b3400c2efeeb90369)
This fix tries to address an issue raised in #24090 where
the title field of `docker node ls` use NAME instead of
HOSTNAME. Yet the content of this field is actually
hostname.
The fix makes needed changes for the output of
`docker node ls`.
An additional test has been added to cover the change in
this fix.
This fix fixes#24090.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 4bc91ceeb750db6a6270b2f1821cb0b2f30117fc)
I think we doesn't provide dm.no_warn_on_loop_devices option
at all. I didn't found any code to handle this option.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
(cherry picked from commit 2aa01e0fbc76ecb8cf1a1b608e254e6cb8821ff7)
Initializing the network list struct in order to return an empty list
instead of a nil object.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit a7043ac5c423cf68d4f92024e694887099640d91)
Add api side validation and defaults for init and
join requests.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit fb3eb1c27ef5520571c599ead8a72b343748db39)
Also share mode code between update commands
and use flag constants
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit cacaeab9db51f42c33872c6cce1adc3e55f1c9c5)
Other docker command always print "[OPTIONS]" right after `docker
COMMAND`, but `build` and `push` has inconsistent help message.
This commit will fix help information format.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
(cherry picked from commit 0e5397633628ab154fae33152de7dc1fd4e122db)
This fix tries to fix the issue raised in #23716 where `docker start`
causes an error of `No such container:` if the container has been
renamed before `docker start` returns.
The issue is that `docker start` use container name passed at the
beginning to check for exit code at the end of the `docker start`.
This fix addresses the issue by always use container's `ID` to get
the information during `docker start`.
Additional integration tests have been added to cover this fix.
This fix fixes#23716.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 6e86733b47faf0d7629751987346022544b65cb7)
Change `docker service update` to replace attributes of the target
service rather than augment them. One particular occurrence where the
previous behavior proved problematic is when trying to update a port
mapping: the merge semantics provided no way of removing published
ports, but strictly of adding more.
The utility merge* functions where renamed accordingly to update*.
Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
(cherry picked from commit 1f8ab93b4422a88ef3053105c17acf1933576fbe)
This way, you don't have to specify the ":latest" tag for some command
and not for others
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit cb321e82db662f5190a6d83a90677a9dd9fdcd31)
This changes `docker swarm help` to be consistent with capitals
and removes full stops.
Before:
```
Commands:
init Initialize a Swarm.
join Join a Swarm as a node and/or manager.
update update the Swarm.
leave Leave a Swarm.
inspect Inspect the Swarm
```
After:
```
Commands:
init Initialize a Swarm
join Join a Swarm as a node and/or manager
update Update the Swarm
leave Leave a Swarm
inspect Inspect the Swarm
```
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
(cherry picked from commit 0ec78739ac7d8ec1579d1d4fd63cd207dc56e7c8)
When a repository has a tag and digests, show tag for each digest value.
Do not duplicate rows for the same image name with both tag and digest.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
(cherry picked from commit 79eada38141dca71f5195df59882f1cb46657640)
… for more consistency (api side).
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 2c82337b0490dc0a5b8329d1f23c6bad00d8551b)
The security infomation has already been added to `GET /info` in #21172.
However, it is not part of the output of `docker info` yet.
This fix adds the security information to `docker info`.
Additional tests has been added to cover changes.
This fix fixes#23500. This fix is related to #20909, #21172.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit eee20b564ffae0b8c8043115c959f0f9d1869fed)
To provide users a view of service status, list the number of running
task over the requested number of replicas.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit b86cb293ecc67e76ec90ec60766f52dad6903eac)
The `--update-parallelism` flaag should default to 0, which is
interpreted by the backend as unlimited. In other words, by default all
services should update simultaneously.
Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
(cherry picked from commit f22d0174f33e084445c5845c95aca346e187fb02)
Removes the leader column from node ls and shows whether a node is the
leader in the manager status column instead.
Signed-off-by: Drew Erny <drew.erny@docker.com>
(cherry picked from commit 4104c1dc131b62c033c702719909815fba679774)
Make `--dispatcher-heartbeat-period` a duration in `docker swarm
update`, allowing to express the value as "5s", "1h", etc.
Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
This patch introduces a new experimental engine-level plugin management
with a new API and command line. Plugins can be distributed via a Docker
registry, and their lifecycle is managed by the engine.
This makes plugins a first-class construct.
For more background, have a look at issue #20363.
Documentation is in a separate commit. If you want to understand how the
new plugin system works, you can start by reading the documentation.
Note: backwards compatibility with existing plugins is maintained,
albeit they won't benefit from the advantages of the new system.
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>