these commands are hidden in the cli, but functional, and mentioned
in the "working with buildx" introduction.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Added important disambiguation to swarm mode
This really needs to be added, I had no idea people gave up on docker/swarm because of a misunderstanding, but it's common enough we need to clarify it.
From Docker's public #swarm slack channel:
```
andrew grosser 4:45 PM
Hey @channel I am about to give a talk in San Francisco to a bunch of devops experts about swarm using my ingress and reverse proxy controller https://github.com/sfproductlabs/roo and one of the organizers said swarm was deprecated, is that so? It's so much easier than kubernetes, I can't imagine losing it.
sfproductlabs/roo
A zero config distributed edge-router & reverse-proxy (supporting multiple letsencrypt/https hosts). No dependencies.
Stars
40
Language
Go
<https://github.com/sfproductlabs/roo|sfproductlabs/roo>sfproductlabs/roo | Apr 9th | Added by GitHub
4:46
Is there something we don't know?
james_wells 4:48 PM
As of the most recent official Docker release, no Swarm is still officially part of Docker... They merely added native support for Kubernetes
andrew grosser 4:49 PM
🙏 Phew, is there an EOL?
4:49
Thanks @james_wells
4:50
I think they going to get the grenade launchers out if I can't answer these questions
james_wells 4:51 PM
Now that is a good question and my guess is that no, there is no plan to remove it, at least before Docker 3.
andrew grosser 4:52 PM
Amazing thx, I have a system that is a startups dream and is personally saving me more than 10x using swarm, so praying it stays
bmitch:docker: 4:53 PM
Classic container deployed swarm is deprecated (I believe). Swarm mode that's integrated into the engine is still being developed by Mirantis with no EOL set.
4:53
So if someone says swarm is deprecated, make sure to ask "which swarm" they are referring to.
andrew grosser 4:54 PM
Ok thanks @bmitch
4:54
Think that's a brand thing we'll need to help change
james_wells 4:56 PM
@bmitch I am not sure I understand what you are sayin there. Could you please explain the differences
bmitch:docker: 4:56 PM
See the disambiguation section: https://hub.docker.com/r/dockerswarm/swarm
james_wells 4:57 PM
Excellent. Thank you sir
andrew grosser 5:02 PM
Thanks
bmitch:docker: 5:02 PM
See also this link where they are getting ready to archive the standalone swarm, aka classic swarm. https://github.com/docker/classicswarm/issues/2985#issuecomment-640486361
justincormackjustincormack
Comment on #2985 Why have all issues been closed?
The vast majority of issues were from 5 years ago when it was being actively developed, and the recent ones were all mistakes for swarmkit, other than some issues I resolved. Many were issues in components or Moby or other software and may be resolved. It is GitHubs (reasonable) recommendation that you close issues and PRs before archiving a repository so that people know they are not being worked on, and I was also looking to see if anyone came forward to say that they were still working on things or, indeed, actively using Swarm Classic.
<https://github.com/docker/classicswarm|docker/classicswarm>docker/classicswarm | Jun 8th | Added by GitHub
james_wells 5:08 PM
That is really unfortunate... Kubernetes is simply too expensive IMNSHO, Swarm is nice and lightweight.
andrew grosser 5:08 PM
Both the different swarms point to the same point in the documentation in the disambiguation @bmitch
bmitch:docker: 5:09 PM
Swarm mode, aka swarmkit is alive and well.
andrew grosser 5:10 PM
Whoa I can see why they were confused
bmitch:docker: 5:10 PM
If you type docker swarm init you are not running classic swarm
andrew grosser 5:11 PM
Can someone inside docker add this to the swarm docs page? I think it's important
5:12
I think something talking about 2014 was EOLd but this is still current and alive would help.
bmitch:docker: 5:12 PM
Docker themselves isn't maintaining it, that team went to Mirantis, so someone over there would need to submit the PR
andrew grosser 5:12 PM
OK, could I?
bmitch:docker: 5:13 PM
Docs are in GitHub
andrew grosser 5:13 PM
Thanks
```
* Minor edit to the wording to clarify the diff
* Minor update
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
Certain installations may not have this. Without this, the step
where `/etc/apt/sources.list.d/docker.list` will fail and write
garbled data to the file, potentially breaking apt.
Co-Authored-By: Andrew Kester <akester@cox.net>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This tones down the prompt and command output, so that the commands
to run stand out more clearly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Looks like the Debian version was updated during review, but the Ubuntu variant
was forgotten in 760bb64ea3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Offering an alternative to apt-key (deprecated)
[Use trusted.gpg.d instead of apt-key · Issue #11625 · docker/docker.github.io](https://github.com/docker/docker.github.io/issues/11625)
As of Debian 10 / Ubuntu 20.10, apt-key is deprecated and will not be available after Debian 11 / Ubuntu 22.04
Although adding keys directly to `/etc/apt/trusted.gpg.d`/ is suggested by apt-key deprecation message, as per [Debian Wiki](https://wiki.debian.org/DebianRepository/UseThirdParty) GPG keys for third party repositories should be added to `/usr/share/keyrings` and referenced with the `signed-by` option in the source.list.d entry.
Providing a binary .gpg key instead of an ASCII Armored one might help shorten the lengthy command by removing the ` | gpg --dearmor ` bit.
This removes the software-properties-common provides add-apt-repository which we don't use anymore
= _includes/install-script.md, engine/install/linux-postinstall.md =
- Remove "Rootless mode is currently available as an experimental feature."
Close issue 12050
= engine/security/rootless.md =
== "Prerequiresites" section ==
- Remove information about old distros (Debian 9, CentOS 7.5-7.6)
== "Distribution-specific hint" section ==
- Tabified (`<div class="tab-content" />`)
== "Known limitations" section ==
- Kernel 5.11 supports rootless overlayfs, without the Ubuntu/Debian patch.
== "Install" section ==
- Promote RPM/DEB installation over TGZ installation.
See docker/roadmap issue 188
== "Uninstall" section ==
- Add "Uninstall" section.
Close issue 12053
== "Usage" section ==
- Added more information about systemd
- Move `nsenter` tips to "Tips for debugging" subsection under "Troubleshooting" section
== "Best practice" section ==
- Remove guide for `lxc-user-nic` network driver due to immaturity.
Will be brought back in future.
See rootless-containers/rootlesskit issue 138 .
== "Troubleshooting" section ==
- Add a guide for "can't open lock file /run/xtables.lock: Permission denied" (SELinux).
See moby/moby issue 41230
- Add a guide for "failed to register layer: ApplyLayer exit status 1 ..." (NFS).
Close docker/for-linux issue 1172
- Improve guides for slirp4netns.
- Remove v19.03 information (e.g., "cgroup v2 is unsupported, use cgroup v1")
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Previously, the `ssh://` helper was only mentioned in `engine/security/index.md`.
The `ssh://` helper is now documented in "Protect the Docker daemon socket"
(`engine/security/protect-access.md`, nee `engine/security/https.md`).
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The documentation curently doesn't contain reference docs for the
unified (version-less) compose-file syntax, so for now replacing
all links to point to the v3 compose-file reference, which is still
present.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Update dotnetcore.md
Adding an example for .Net Core docker files as consumed by build agents and recommended by Microsoft best practices.
* Update engine/examples/dotnetcore.md
Co-authored-by: Guillaume Tardif <guillaume.tardif@gmail.com>
* Format updates
* Update dotnetcore.md
Co-authored-by: Guillaume Tardif <guillaume.tardif@gmail.com>
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
* Some more details and links
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
* Minor edits
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
* Docker now supports cgroup v2 (both rootful and rootless)
* Rootless mode graduated from experimental
* New storage driver: fuse-overlayfs
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The current instructions lead the user through creating a context and running a sample nginx container, but it never shows the user how to go about viewing it. I have added that.
The ssh example was really bad; it even leaks the root password as a plain text in the image :(
This commit removes the sshd example and discourage people to dockerize sshd.
The `running_ssh_service.md` page itself is not removed because there
are hyperlinks on the Internet to that page.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This allows deep-linking to specific sections. Also fixed the checks
in the support table to be left-aligned as they were supposed to be.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- The index pages were not in the redirect (they were not in the TOC,
but were published before, so could be indexed).
- Added "redirect_from" pages that were in the pages that were removed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
See https://web.dev/external-anchors-use-rel-noopener/
Using noopener, as that addresses the security issue. "noreferer" blocks
the REFERER header, which may still be useful for some target URLs.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Update ubuntu.md
After doing the 'apt-get rmove', I had to search to determine whether it was safe to remove /var/lib/docker, then found at the bottom of the page that it's OK to do so (if you don't have anything there you need).
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
Generated yaml files were temporarily updated manually (pending
pull request to be merged in the upstream docker/cli repository)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `ENV key value` form can be ambiguous, for example, the following defines
a single env-variable (`ONE`) with value `"TWO= THREE=world"`:
ENV ONE TWO= THREE=world
While we cannot deprecate/remove that syntax (as it would break existing
Dockerfiles), we should reduce exposure of the format in our examples.
Also updating some code-blocks that were missing language-hints
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
`docker secret` creates secrets in AWS Secrets Manager Service - not in AWS Systems Manager Parameter Store Service. Note the `arn:aws:secretsmanager:...` reference in the existing example.
* Configure existing security-groups by `external.name`
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
* Minor style updates
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
* Document ECS local simulation mode
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
* List "jocker" as SDK java implementation
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
* Style updates
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
Sebastiaan van Stijn