Either a single slash or localhost should be specified after http in the cURL URL, not http:// (double slash)
Signed-off-by: ohadschn <ohad188@gmail.com>
Upstream-commit: e31217fbc46e2dc99fa281332f9465562b26f073
Component: engine
Following #19995 and #17409 this PR enables skipping userns re-mapping
when creating a container (or when executing a command). Thus, enabling
privileged containers running side by side with userns remapped
containers.
The feature is enabled by specifying ```--userns:host```, which will not
remapped the user if userns are applied. If this flag is not specified,
the existing behavior (which blocks specific privileged operation)
remains.
Signed-off-by: Liron Levin <liron@twistlock.com>
Upstream-commit: 6993e891d10c760d22e0ea3d455f13858cd0de46
Component: engine
Prior to this change, the "docker network inspect" contains only the
endpoints that have active local container. This excludes all the remote
and stale endpoints. By including all the endpoints, it makes debugging
much simpler and also allows the user to cleanup any stale endpoints
using "docker network disconnect -f {network} {endpoint-name}".
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 2ef00ba89fc04b0a7571aa050d8a11c06f758d9b
Component: engine
Updating Docker's documentation file docker configuration file on Windows hosts.
This is of importance for Windows users whom are utilizing the Docker Toolbox.
Signed-off-by: Liran Tal <liran.talh@gmail.com>
Upstream-commit: d2aa521822135009168fe5a13d372fbc6969dc91
Component: engine
This page has been deleted from the Docker Cloud tutorials,
so adding redirects for the old locations.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 94336cb5dd7bce9f34901a86000a124a6d6c68ef
Component: engine
Resolves: #20113
Signed-off-by: Aditi Rajagopal <arajagopal@us.ibm.com>
Carry #20160
Tighten language
Updating with comments
Removing articles which is empty
Adding Brian's comments
Putting back what I took out
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: ae66d536a5928c9134a4a70761ebc93de0320197
Component: engine
Allowing to set their values in the daemon configuration file.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 59586d02b1cc004f14cd7ff6b454211f562da326
Component: engine
This change centralizes the template manipulation in a single package
and adds basic string functions to their execution.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 8514880997bd1bc944769dcc41e52307bb01f7ff
Component: engine
Update unit test and documentation to handle the new case where Username
is set to <token> to indicate an identity token is involved.
Change the "Password" field in communications with the credential helper
to "Secret" to make clear it has a more generic purpose.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: ba0aa5311aa27fe77166f03d8bcc0174e2985913
Component: engine
Dump from 1.10.1 has this fields.
Signed-off-by: Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
Close and carry #20377
Include David's request
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: 205844875cb848b04fef401d3e7fcc3a8959bba0
Component: engine
Previously docker used obsolete rfc3164 syslog format for syslog. rfc3164 explicitly
uses semicolon as a separator between 'TAG' and 'Content' section of the log message.
Docker uses semicolon as a separator between image name and version tag.
When {{.ImageName}} was used as a tag expression and contained ":" syslog parser mistreated
"tag" part of the image name as syslog message body, which resulted in incorrect "syslogtag" been reported by syslog
daemon.
Use of rfc5424 log format partually fixes the issue as it does not use semicolon as a separator.
However using default rfc5424 syslog format itroduces backward incompatability because rsyslog template keyword %syslogtag%
is parsed differently. In rfc3164 it uses the "TAG" part reported before the "pid" part. In rfc5424 it uses "appname" part reported
before the pid part, while tag part is introduced by %msgid% part.
For more information on rsyslog configuration properties see: http://www.rsyslog.com/doc/master/configuration/properties.html
Added two options to specify logging in either rfc5424, rfc3164 format or unix format omitting hostname in order to keep backwards compatability with
previous versions.
Signed-off-by: Solganik Alexander <solganik@gmail.com>
Upstream-commit: 1a40dd535fb12cade584f085baa23734e8a9bb0e
Component: engine
Once thin pool gets full, bad things can happen. Especially in case of xfs
it is possible that xfs keeps on retrying IO infinitely (for certain kind
of IO) and container hangs.
One way to mitigate the problem is that once thin pool is about to get full,
start failing some of the docker operations like pulling new images or
creation of new containers. That way user will get warning ahead of time
and can try to rectify it by creating more free space in thin pool. This
can be done either by deleting existing images/containers or by adding more
free space to thin pool.
This patch adds a new option dm.min_free_space to devicemapper graph
driver. Say one specifies dm.min_free_space=10%. This means atleast
10% of data and metadata blocks should be free in pool before new device
creation is allowed, otherwise operation will fail.
By default min_free_space is 10%. User can change it by specifying
dm.min_free_space=X% on command line. A value of 0% will disable the
check.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Upstream-commit: 2e222f69b3486cf20039525a882ae4153b52f92c
Component: engine
The documentation for Docker 1.10.2 (API version 1.22) mentions under
the "Create a container"[1] section that `HostConfig.Binds` can be given
a "container path" which will automatically "create a new volume for the
container."
I interpreted this to mean it that the following two commands should
have the same net result:
# Create container with data volume via REST API
curl --unix-socket /var/run/docker.sock -XPOST \
http://localhost/containers/create \
-H"Content-Type: application/json" \
-d'{
"Image": "<image-id>",
...
"HostConfig": {
"Binds": [
"/some/data/volume"
]
}
}'
# Create container with data volume via CLI
docker create -v /some/data/volume <image-id> <command>
However, this turned out not the be the case, as the former would create
a mount with no source and no corresponding volume:
...
"Mounts": [
{
"Source": "",
"Destination": "/some/data/volume",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
...
"Config": {
...
"Volumes": null,
...
}
...whereas the latter would create a volume and mount it:
...
"Mounts": [
{
"Name": "9b38af46d6..."
"Source": "/var/lib/docker/volumes/9b38af46d6.../_data",
"Destination": "/some/data/volume",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
...
"Config": {
...
"Volumes": {
"/some/data/volume": {}
},
...
}
However, if you instead specify the data volume via the `Volumes` key,
then it works as expected, e.g.
curl --unix-socket /var/run/docker.sock -XPOST \
http://localhost/containers/create \
-H"Content-Type: application/json" \
-d'{
"Image": "...",
...
"Volumes": {"/some/data/volume": {}}
}'
...will create a data volume and mount it.
Thus the documentation is either incorrect, or this is a bug and the
ability to create a data volume via `HostConfig.Binds` does not
work as advertised for API version 1.22 (and likely others).
I concluded that the documentation was incorrect. Since I've only
verified this behavior for Docker 1.10.2, I updated the docs for
API versions 1.22 and 1.23, but this may apply to other versions as
well.
[1] https://docs.docker.com/engine/reference/api/docker_remote_api_v1.22/#create-a-container
Signed-off-by: Shane da Silva <shane@dasilva.io>
Upstream-commit: 62fef18d69be7d8c5338fe5a471966dc1e6d68f7
Component: engine
Updates links to Docker Hub with their new
URLs to prevent redirects.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 69004ff67eed6525d56a92fdc69466c41606151a
Component: engine
Make command line prompts consistent for both host and container shells.
Signed-off-by: Alan Thompson <cloojure@gmail.com>
Upstream-commit: 65a381ae32d86c4cfe3ae5157e53d16b97b4d64f
Component: engine
Allows users to submit options similar to the `mount` command when
creating a volume with the `local` volume driver.
For example:
```go
$ docker volume create -d local --opt type=nfs --opt device=myNfsServer:/data --opt o=noatime,nosuid
```
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: b05b2370757d7143d761e5e6abb8c0f9b009f737
Component: engine
This change adds "KernelMemory" to the /info endpoint and
shows a warning if KernelMemory is not supported by the kernel.
This makes it more consistent with the other memory-limit
options.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 747a486b4aac2ebbbb28bd713b9a4a929f89353b
Component: engine
