Implement the proposal from
https://github.com/docker/docker/issues/24430#issuecomment-233100121
Removes acceptance policy and secret in favor of an automatically
generated join token that combines the secret, CA hash, and
manager/worker role into a single opaque string.
Adds a docker swarm join-token subcommand to inspect and rotate the
tokens.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 2cc5bd33eef038bf5721582e2410ba459bb656e9)
Signed-off-by: Tibor Vass <tibor@docker.com>
these values were changed to lowercase in
690cb2d08c,
but not changed accordingly in docker/docker.
this changes the mounttypes to lowercase
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8f93128cd619e1d11be1bc0ae21f1362b1e3f9ad)
Signed-off-by: Tibor Vass <tibor@docker.com>
When #24648 was merged, only the main Dockerfile was updated with the
new containerd commit, this commit brings the other Dockerfile up to
speed.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit d5cbc57eff0df651bfbfb455608da45747651d0c)
Signed-off-by: Tibor Vass <tibor@docker.com>
At the moment docker's deprecation policy is 2 release cycles by
default, which is around 5 months. This may not be enough for
production environment and there is a need to extend the
deprecation cycle to 3 releases (see #24494).
This fix updates the docs/deprecated.md and extend the deprecation
cycle to 3 releases.
This fix is related to #24494 and #24534.
This fix fixes#24534.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 9414955c608834c20e3764e753854e667f2e0cbe)
Signed-off-by: Tibor Vass <tibor@docker.com>
this improves the formatting, and code-highlighting
of the `docker ps` reference page, and wraps sentences
to 80 chars
also adds single quotes around the formatting
example for labels.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 07ef0a37f85fbb3ba0be4a09bb301108bf461d96)
Signed-off-by: Tibor Vass <tibor@docker.com>
`volume-driver-opt` was too verbose for its own existence and the sanity
of those in the vicinity. The much better, sleeker `volume-opt` replaces
it. 7 bytes and a case of carpal tunnel syndrome are saved!
Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit a40b5820c91640183b40e0668f6802415e6adc14)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit 6c98d5bfaccda4b211e537f5072767160a20d497)
Signed-off-by: Tibor Vass <tibor@docker.com>
Looks like I copied from the line below, not
from the output :)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 83b12c0c1144dc3778177fab8dc5052108388f1e)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b5503ef0a511f5be11d9dcfa1359976f159d8a67)
Signed-off-by: Tibor Vass <tibor@docker.com>
Adds documentation for "--log-driver" and "--log-opt"
for services.
Also updated the API docs to include the new
options, and generated a more complete JSON
example.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5ece2a6e0d748fe3960a7459b745ceb4302e9202)
Signed-off-by: Tibor Vass <tibor@docker.com>
the output/response slightly changed in
340964db1c8f161a2ad156023eb47dcc93bf804b,
and `:latest` is no longer required for
various actions.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9d532b5e2d4e68888e38ad2793d9075815e230f7)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Charles Smith <charles.smith@docker.com>
(cherry picked from commit 137261f97ce3f27a8c28a50e286429ead4a6fc18)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit 492fdf1f57bff10bed5d44bf63f344c1d7961eb2)
Signed-off-by: Tibor Vass <tibor@docker.com>
This commit update swarmkit to 9ee5fc3b8db5de8c8593a57bc45fc178f74ceee1.
This is part of step to fix#24270.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 467107cd401ce9d3678e4f7ec1abfb65a0e46018)
Signed-off-by: Tibor Vass <tibor@docker.com>
This fix is an extension to last commit to expand the partial
filter to node and task searches.
Additional integration tests have been added to cover the changes.
This fix fixes 24270.
This fix fixes 24112.
Note: A separate pull request will be opened on swarmkit.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit e734fa58eadb4dfaa33b4be275d6f8f29d899e78)
Signed-off-by: Tibor Vass <tibor@docker.com>
This fix tries to address the issue raised in 24270 where it was
not possible to have a partial name match when list services
with name filter.
This fix updates swarmkit and allows prefix search when name is
provided as the filter for listing services.
An additional integration test is added to cover the changes.
This fix fixes 24270.
Note: A separate pull request will be opened on swarmkit.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 1d600ebcb5750c4c93356fae08e562d836ecee45)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Charles Smith <charles.smith@docker.com>
(cherry picked from commit 68a9224bd42437e63972dc9c3374c065872363b3)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f49dc528ed29e6285c24ef356652cc8bc637c8c7)
Signed-off-by: Tibor Vass <tibor@docker.com>
This renames the '--bundle' flag for docker (stack) deploy
to be consistent with 'docker build'.
Note that there's no shorthand '-f' added for now,
because this may be confusing on 'docker stack config',
which also takes a file, and for which we may want to
have a '--format' flag in future.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 06f35262c47629fef78e36daaa2742c2c0d7c3a9)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Harry Zhang <harryz@hyper.sh>
(cherry picked from commit 78a5480dfd8dc1b304e38bc9c18854c4ef86de33)
Signed-off-by: Tibor Vass <tibor@docker.com>
this removes a copy/pasta whoopsie on my side,
introduced in de64324109d2694b1525e62b5c0072267282a36c
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit effbd2b76decd00444d963e10eabe2766bb8c89c)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Yi EungJun <eungjun.yi@navercorp.com>
(cherry picked from commit cf61cd3a920809f6a0be44a584f365544acaf1a9)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Steve Durrheimer <s.durrheimer@gmail.com>
(cherry picked from commit cdb8383d7f4045a5cde0fe636f8fadb6560ba6cd)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Steve Durrheimer <s.durrheimer@gmail.com>
(cherry picked from commit 45484f5458e3b4cf7996d4cb8481ed7e38982200)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Charles Smith <charles.smith@docker.com>
(cherry picked from commit 9594ac97ce0c6e0777716be2a35b47208d440e8e)
Signed-off-by: Tibor Vass <tibor@docker.com>
Also removes the `-f` flags of bundle to follow the single-letter flags
evaluation.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit 10919e890942cbdaa65f180dbcd475d21b9c6713)
Signed-off-by: Tibor Vass <tibor@docker.com>
This version introduces the following:
- uses nanosecond timestamps for event
- ensure events are sent once their effect is "live"
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit 29b2714580d085533c29807fa337c2b7a302abb6)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 47cca88c8c151ebf3dd25adcf28ac1b2f75c76fb)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 25e9b06ac0750396f35d3f52f71c44b1072f0972)
Signed-off-by: Tibor Vass <tibor@docker.com>
Use the generate.sh script instead of md2man directly.
Update Dockerfile for generating man pages.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 00a8a40398263429f99b1a5f0be59048e1c6f38d)
Signed-off-by: Tibor Vass <tibor@docker.com>
Fixes#23981
The selinux issue we are seeing in the report is related to the socket
file for docker and nothing else. By removing the socket docker starts
up correctly.
However, there is another motivation for removing socket activation from
docker's systemd files and that is because when you have daemons running
with --restart always whenever you have a host reboot those daemons
will not be started again because the docker daemon is not started by
systemd until a request comes into the docker API.
Leave it for deb based systems because everything is working correctly
for both socket activation and starting normally at boot.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
(cherry picked from commit 04104c3a1e6cad30cb41b762e8832215466c0e95)
Signed-off-by: Tibor Vass <tibor@docker.com>
Legacy plugin model maintained a map of plugins. This is
not used by the new model. Using this map in the new model
causes incorrect lookup of plugins. This change uses adds
a plugin to the map only if its legacy.
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
(cherry picked from commit 8fd779dc28a11d8727d76e9553379b0c854f7c4c)
Signed-off-by: Tibor Vass <tibor@docker.com>
This removes the logic to automatically
add [OPTIONS] to the usage output.
The current logic was broken if a command
only has deprecated or hidden flags, and
in many cases put the [OPTIONS] in the
wrong location.
Requiring the usage string to be set
manually gives more predictable results,
and shouldn't require much to maintain.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4f0b5105524649169d765bb94c2806209ab21904)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit bc6e3c0b5e415f09957955782b4d51e94a5ff2b9)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit 823e161de73e2df04cd3905b72b7916c49091af4)
Signed-off-by: Tibor Vass <tibor@docker.com>
following the announcement;
https://groups.google.com/forum/m/#!topic/golang-announce/7JTsd70ZAT0
> [security] Go 1.6.3 and Go 1.7rc2 pre-announcement
>
> Hello gophers,
> We plan to issue Go 1.6.3 and Go 1.7rc2 on Monday July 18 at approximately 2am UTC.
> These are minor release to fix a security issue.
>
> Following our policy at https://golang.org/security, this is the pre-announcement of those releases.
>
> Because we are so late in the release cycle for Go 1.7, we will not issue a minor release of Go 1.5.
> Additionally, we plan to issue Go 1.7rc3 later next week, which will include any changes between 1.7rc1 and tip.
>
> Cheers,
> Chris on behalf of the Go team
**Note:**
the man/Dockerfile is not yet updated, because
the official image for Go 1.6.2 has not yet
been updated.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 589bafddf391cbf6aff8b22044266dc819cdcaeb)
Signed-off-by: Tibor Vass <tibor@docker.com>
Justin Cormack
Aaron Lehmann
Sebastiaan van Stijn
Kenfe-Mickael Laventure
Yong Tang
Alexandre Beslic
Nishant Totla
fonglh
Stephen J Day
Harald Albers
Drew Erny
Charles Smith
Harry Zhang
Yi EungJun
Steve Durrheimer
Dong Chen
Anusha Ragunathan
Vincent Demeester
Daniel Nephin
Michael Crosby
Damian Smyth
Tonis Tiigi