Add a paragraph about how to force a stack trace dump to the daemon log.
This feature was added in Docker 1.9 I believe, but documentation was
never added.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: ae466aafcbd3e000ff9ec2e8bd354fc3cc3729e5
Component: engine
This pull request fixes several typos in the documentation.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 3c6aa163a3fd04c344a2072ab379f0778734b269
Component: engine
Missing documentation and man pages on seccomp options.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Upstream-commit: 450fa7536edc03fb5b071c0d04af534b2f8572ff
Component: engine
This adds the following new syscalls that are supported in libseccomp 2.3.0,
including calls added up to kernel 4.5-rc4:
mlock2 - same as mlock but with a flag
copy_file_range - copy file contents, like splice but with reflink support.
The following are not added, and mentioned in docs:
userfaultfd - userspace page fault handling, mainly designed for process migration
The following are not added, only apply to less common architectures:
switch_endian
membarrier
breakpoint
set_tls
I plan to review the other architectures, some of which can now have seccomp
enabled in the build as they are now supported.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 96896f2d0bc16269778dd4f60a4920b49953ffed
Component: engine
The old examples no longer worked due to changes in
the client and Docker Hub.
This updates the "docker pull" documentation and
adds more examples and explanation of the features.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 32eff909b4d3072524041fffc9d43efe87d2116f
Component: engine
this allows user to choose the compression type (i.e. gzip/zlib/none) using
--log-opt=gelf-compression-type=none or the compression level (-1..9) using
--log-opt=gelf-compression-level=0 for gelf driver.
Signed-off-by: Daniel Dao <dqminh@cloudflare.com>
Upstream-commit: bd94baa353498df2457b3d5aa192cc488b9fa0c6
Component: engine
Fixes: #21195
The current size of the debian image is 125.1 MB so I have updated the Markdown to say "under 150". Also removed "extremely" (minimal) as requested. Documentation built and tested using `make docs`.
Signed-off-by: Lucas Chan <lucas-github@lucaschan.com>
Upstream-commit: 2f634e4691d13616cf8c714ec7653616ec3b121a
Component: engine
Either a single slash or localhost should be specified after http in the cURL URL, not http:// (double slash)
Signed-off-by: ohadschn <ohad188@gmail.com>
Upstream-commit: e31217fbc46e2dc99fa281332f9465562b26f073
Component: engine
Following #19995 and #17409 this PR enables skipping userns re-mapping
when creating a container (or when executing a command). Thus, enabling
privileged containers running side by side with userns remapped
containers.
The feature is enabled by specifying ```--userns:host```, which will not
remapped the user if userns are applied. If this flag is not specified,
the existing behavior (which blocks specific privileged operation)
remains.
Signed-off-by: Liron Levin <liron@twistlock.com>
Upstream-commit: 6993e891d10c760d22e0ea3d455f13858cd0de46
Component: engine
Prior to this change, the "docker network inspect" contains only the
endpoints that have active local container. This excludes all the remote
and stale endpoints. By including all the endpoints, it makes debugging
much simpler and also allows the user to cleanup any stale endpoints
using "docker network disconnect -f {network} {endpoint-name}".
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 2ef00ba89fc04b0a7571aa050d8a11c06f758d9b
Component: engine
Updating Docker's documentation file docker configuration file on Windows hosts.
This is of importance for Windows users whom are utilizing the Docker Toolbox.
Signed-off-by: Liran Tal <liran.talh@gmail.com>
Upstream-commit: d2aa521822135009168fe5a13d372fbc6969dc91
Component: engine
This page has been deleted from the Docker Cloud tutorials,
so adding redirects for the old locations.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 94336cb5dd7bce9f34901a86000a124a6d6c68ef
Component: engine
Resolves: #20113
Signed-off-by: Aditi Rajagopal <arajagopal@us.ibm.com>
Carry #20160
Tighten language
Updating with comments
Removing articles which is empty
Adding Brian's comments
Putting back what I took out
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: ae66d536a5928c9134a4a70761ebc93de0320197
Component: engine
Fixes#20818
This syscall was blocked as there was some concern that it could be
used to bypass filtering of other syscall arguments. However none of the
potential syscalls where this could be an issue (poll, nanosleep,
clock_nanosleep, futex) are blocked in the default profile anyway.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 5abd881883883a132f96f8adb1b07b5545af452b
Component: engine
Allowing to set their values in the daemon configuration file.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 59586d02b1cc004f14cd7ff6b454211f562da326
Component: engine
Docker creates a UTS namespace by default, even with --net=host, so it
is reasonable to let the user set the hostname. Note that --hostname is
forbidden if the user specifies --uts=host.
Closes#12076
Signed-off-by: Jason Heiss <jheiss@aput.net>
Upstream-commit: 3f445e63b4568845f439c5d30a99ba10603b1938
Component: engine
This change centralizes the template manipulation in a single package
and adds basic string functions to their execution.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 8514880997bd1bc944769dcc41e52307bb01f7ff
Component: engine
Update unit test and documentation to handle the new case where Username
is set to <token> to indicate an identity token is involved.
Change the "Password" field in communications with the credential helper
to "Secret" to make clear it has a more generic purpose.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: ba0aa5311aa27fe77166f03d8bcc0174e2985913
Component: engine
Dump from 1.10.1 has this fields.
Signed-off-by: Kanstantsin Shautsou <kanstantsin.sha@gmail.com>
Close and carry #20377
Include David's request
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: 205844875cb848b04fef401d3e7fcc3a8959bba0
Component: engine
Previously docker used obsolete rfc3164 syslog format for syslog. rfc3164 explicitly
uses semicolon as a separator between 'TAG' and 'Content' section of the log message.
Docker uses semicolon as a separator between image name and version tag.
When {{.ImageName}} was used as a tag expression and contained ":" syslog parser mistreated
"tag" part of the image name as syslog message body, which resulted in incorrect "syslogtag" been reported by syslog
daemon.
Use of rfc5424 log format partually fixes the issue as it does not use semicolon as a separator.
However using default rfc5424 syslog format itroduces backward incompatability because rsyslog template keyword %syslogtag%
is parsed differently. In rfc3164 it uses the "TAG" part reported before the "pid" part. In rfc5424 it uses "appname" part reported
before the pid part, while tag part is introduced by %msgid% part.
For more information on rsyslog configuration properties see: http://www.rsyslog.com/doc/master/configuration/properties.html
Added two options to specify logging in either rfc5424, rfc3164 format or unix format omitting hostname in order to keep backwards compatability with
previous versions.
Signed-off-by: Solganik Alexander <solganik@gmail.com>
Upstream-commit: 1a40dd535fb12cade584f085baa23734e8a9bb0e
Component: engine
