This patch will allow users to specify namespace specific "kernel parameters"
for running inside of a container.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Upstream-commit: 9caf7aeefd23263a209c26c8439d26c147972d81
Component: engine
This change include filter `name` and `driver`,
and also update related docs to reflect that filters usage.
Closes: #21243
Signed-off-by: Kai Qiang Wu(Kennan) <wkqwu@cn.ibm.com>
Upstream-commit: 8e9305ef946843ce2f8ef47909d6a866eab5dfa8
Component: engine
This allows a user to specify explicitly to enable
automatic copying of data from the container path to the volume path.
This does not change the default behavior of automatically copying, but
does allow a user to disable it at runtime.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: b0ac69b67ef79c6c937f84bee3df20a1924ad334
Component: engine
This allows users to provide a FQDN as hostname or to use distinct hostname and
domainname parts. Depends on https://github.com/docker/libnetwork/pull/950
Signed-off-by: Tim Hockin <thockin@google.com>
Upstream-commit: 53c5de29217f9633117cb01ada180d1133d76737
Component: engine
Either a single slash or localhost should be specified after http in the cURL URL, not http:// (double slash)
Signed-off-by: ohadschn <ohad188@gmail.com>
Upstream-commit: e31217fbc46e2dc99fa281332f9465562b26f073
Component: engine
Following #19995 and #17409 this PR enables skipping userns re-mapping
when creating a container (or when executing a command). Thus, enabling
privileged containers running side by side with userns remapped
containers.
The feature is enabled by specifying ```--userns:host```, which will not
remapped the user if userns are applied. If this flag is not specified,
the existing behavior (which blocks specific privileged operation)
remains.
Signed-off-by: Liron Levin <liron@twistlock.com>
Upstream-commit: 6993e891d10c760d22e0ea3d455f13858cd0de46
Component: engine
This change adds "KernelMemory" to the /info endpoint and
shows a warning if KernelMemory is not supported by the kernel.
This makes it more consistent with the other memory-limit
options.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 747a486b4aac2ebbbb28bd713b9a4a929f89353b
Component: engine
- Allow to filter containers by volume with `--filter volume=name` and `filter volume=/dest`.
- Show their names in the list with the custom format `{{ .Mounts }}`.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: bd4fb00fb6241d35537b460a2d9f48256111ae7a
Component: engine
Most of them were found and fixed by codespell.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Upstream-commit: 2eee613326fb59fd168849618d14a9054a40f9f5
Component: engine
Add `--restart` flag for `update` command, so we can change restart
policy for a container no matter it's running or stopped.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Upstream-commit: ff3ea4c90f2ede5cccc6b49c4d2aad7201c91a4c
Component: engine
I was confused for the longest time on how to actually use and make requests against the remote API, so I think that it might help for those getting started with it to know how to actually test it out via curl. I added in parts on how to access the remote API via curl against the default unix socket, and also on how to configure the docker daemon to expose the API on a TCP port as well if desired.
Signed-off-by: Michelle Liu <michelle@michelleliu.io>
Upstream-commit: 2c60a9cba2e0920c9f1e8a193dcf0b6ddad71c5a
Component: engine
Updated documentation to reflect the new State property in the inspect remote api
Updated API changes for 1.23
Signed-off-by: Marius Gundersen <me@mariusgundersen.net>
Upstream-commit: 2ed72a5d9368cab3bf9e3dadde95b3d4d50048d1
Component: engine
Update the location of cert.pem and key.pem to use within the
~/.docker folder
Resolves: #18778
Signed-off-by: Aditi Rajagopal <arajagopal@us.ibm.com>
Upstream-commit: 3fd25d98b818c5e381571c9ba6ee7d00984f6bc7
Component: engine
Fixing the links
Updating with Seb's comments
Adding weight
Fixing the engine aliases
Updating after Arun pushed
Removing empty file
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: e310d070f498a2ac494c6d3fde0ec5d6e4479e14
Component: engine
* If user doesn't specify the subnets to create a network, it will pick
subnets from inside preferred pool. This PR aims to inspect these subnets info
* Add integration tests for docker inspect the subnets.
* docker-py project is already synchronized.
* jenkins checks depend on https://github.com/docker/docker-py/pull/888
Fixes issue #18626
Signed-off-by: Wen Cheng Ma <wenchma@cn.ibm.com>
Upstream-commit: 5cc672b0061f3df41073cb7b4ff962998a13a09c
Component: engine
docker's network disconnect api now supports `Force` option which can be
used to force cleanup an endpoint from any host in the cluster.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: b464f1d78cdfa2a4124e083b8f7b0f2353f12de3
Component: engine
This allows to define clearly what is mutable or not in a container
and remove the use of the internal HostConfig struct to be used.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: a4f6920731c6af27a7e89c3da8d0e6fd309de90a
Component: engine
Add filter support for `network ls` to hide predefined network,
then user can use "docker network rm `docker network ls -f type=custom`"
to delete a bundle of userdefined networks.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Upstream-commit: 26dd026bd70c9c18a16b0e339821c309e56d8ff0
Component: engine
After addition of multi-host networking in Docker 1.9, Docker Remote
API is still returning only the network specified during creation
of the container in the “List Containers” (`/containers/json`) endpoint:
...
"HostConfig": {
"NetworkMode": "default"
},
The list of networks containers are attached to is only available at
Get Container (`/containers/<id>/json`) endpoint.
This does not allow applications utilizing multi-host networking to
be built on top of Docker Remote API.
Therefore I added a simple `"NetworkSettings"` section to the
`/containers/json` endpoint. This is not identical to the NetworkSettings
returned in Get Container (`/containers/<id>/json`) endpoint. It only
contains a single field `"Networks"`, which is essentially the same
value shown in inspect output of a container.
This change adds the following section to the `/containers/json`:
"NetworkSettings": {
"Networks": {
"bridge": {
"EndpointID": "2cdc4edb1ded3631c81f57966563e...",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
This is of type `SummaryNetworkSettings` type, a minimal version of
`api/types#NetworkSettings`.
Actually all I need is the network name and the IPAddress fields. If folks
find this addition too big, I can create a `SummaryEndpointSettings` field
as well, containing just the IPAddress field.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 755f8609f699a20cb47ec7269e3a9469541a9419
Component: engine
Closing the HTTP connection requesting a push or pull will cancel the
push or pull. This behavior also applies to the CLI.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: d92e7ad7356e10c86e7dc479356578ac40fd2bbd
Component: engine
This change allows API clients to retrieve an authentication token from
a registry, and then pass that token directly to the API.
Example usage:
REPO_USER=dhiltgen
read -s PASSWORD
REPO=privateorg/repo
AUTH_URL=https://auth.docker.io/token
TOKEN=$(curl -s -u "${REPO_USER}:${PASSWORD}" "${AUTH_URL}?scope=repository:${REPO}:pull&service=registry.docker.io" |
jq -r ".token")
HEADER=$(echo "{\"registrytoken\":\"${TOKEN}\"}"|base64 -w 0 )
curl -s -D - -H "X-Registry-Auth: ${HEADER}" -X POST "http://localhost:2376/images/create?fromImage=${REPO}"
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
Upstream-commit: 8dce8e9901501863a80caf47d71713d4d36925a3
Component: engine
