p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,606 Commits 2 Branches 295 Tags
b0dc49bd20d02fe4cb7ca93a6038fe65262cb46d
Commit Graph

8 Commits

Author SHA1 Message Date
Aaron Lehmann
e128f0ccd5 Replace secrets with join tokens 
Implement the proposal from
https://github.com/docker/docker/issues/24430#issuecomment-233100121

Removes acceptance policy and secret in favor of an automatically
generated join token that combines the secret, CA hash, and
manager/worker role into a single opaque string.

Adds a docker swarm join-token subcommand to inspect and rotate the
tokens.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: acf0bc4b9a
Component: cli
 2017-06-02 00:10:02 +00:00
Vincent Demeester
177af81c48 Updates on cli reference documentation 
- Update ps with `--last` flag
- Update commands with current output
- Make sure hugo does not detect the wrong language
- Update usage for `tag` command to be more coherent with the other ones

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 3ebe3fe752
Component: cli
 2017-06-02 00:07:49 +00:00
Aaron Lehmann
29b9ce751d Generate a swarm joining secret if none is specified 
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.

This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.

`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.

Closes #23785

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: e632408a37
Component: cli
 2017-06-02 00:07:49 +00:00
Yong Tang
166ef9b898 Change NAME to HOSTNAME in docs for docker node ls 
In #24159, the title field of `docker node ls` has been
changed from NAME to HOSTNAME. However, in the docs the
NAMEs are still used for the output of `docker node ls`.

This fix updates docs so that NAME field is changed to
HOSTNAME for all `docker node ls`.

This fix is related to #24159 and #24090.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: cab7139a4b
Component: cli
 2017-06-02 00:07:48 +00:00
Charles Smith
50e82af126 update docker swarm cli 
Signed-off-by: Charles Smith <charles.smith@docker.com>
Upstream-commit: 87591ae9b7
Component: cli
 2017-06-02 00:07:45 +00:00
Sven Dowideit
5357e9b84b Add the advisory=rc metadata 
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
Upstream-commit: b6bfe363f8
Component: cli
 2017-06-02 00:07:45 +00:00
Sebastiaan van Stijn
16d2ae21bb remove "RC" warning from Markdown files 
A site-wide banner is going to be used, so we don't need this warning

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 7b22dbd02a
Component: cli
 2017-06-02 00:07:45 +00:00
Amit Shukla
15cc239caf CLI docs 
Signed-off-by: Amit Shukla <amit.shukla@docker.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 593ee1e29d
Component: cli
 2017-06-02 00:07:43 +00:00