At the moment docker's deprecation policy is 2 release cycles by
default, which is around 5 months. This may not be enough for
production environment and there is a need to extend the
deprecation cycle to 3 releases (see #24494).
This fix updates the docs/deprecated.md and extend the deprecation
cycle to 3 releases.
This fix is related to #24494 and #24534.
This fix fixes#24534.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 9414955c608834c20e3764e753854e667f2e0cbe
Component: engine
The output uses tabs, but those don't
translate well to the rendered output in
the docs, so replacing the tabs with spaces.
Also updates the output, because REPLICATED,
and SPREAD are no longer all-caps in the
actual output.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 477a5f8fb0be1244858614cdda2d2528208fc88a
Component: engine
This adds an `--oom-score-adjust` flag to the daemon so that the value
provided can be set for the docker daemon's process. The default value
for the flag is -500. This will allow the docker daemon to have a
less chance of being killed before containers do. The default value for
processes is 0 with a min/max of -1000/1000.
-500 is a good middle ground because it is less than the default for
most processes and still not -1000 which basically means never kill this
process in an OOM condition on the host machine. The only processes on
my machine that have a score less than -500 are dbus at -900 and sshd
and xfce( my window manager ) at -1000. I don't think docker should be
set lower, by default, than dbus or sshd so that is why I chose -500.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: a894aec8d81de5484152a76d76b80809df9edd71
Component: engine
the executiondriver property was removed in
880484992c360881dc57a3317b84d75300c358af, but docs
were only updated for the 1.25 API, not for 1.24
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 3c6ef4c29d28e92ea29816d6117412162d829c60
Component: engine
The "none" option was not added to the documentation.
This adds an example, and adds additional information
on manually accepting or rejecting a node.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 06517753c19262129202b224a35965a2686e49e9
Component: engine
Add a `--network` flag which replaces `--net` without deprecating it
yet. The `--net` flag remains hidden and supported.
Add a `--network-alias` flag which replaces `--net-alias` without deprecating
it yet. The `--net-alias` flag remains hidden and supported.
Signed-off-by: Arnaud Porterie (icecrime) <arnaud.porterie@docker.com>
Upstream-commit: c0c7d5e71586ec8e4d54aef9e061f061e9223cc4
Component: engine
Looks like there's issues with sourceforge project
pages. Given that sourceforge isn't really what
it used to be, trying to find alternative URLs
where possible.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 0e7a1079be5e87aae2abcda7c27a2b0e67270a50
Component: engine
This fix fixes a minor typo in swarm tutorial's delete service docs.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 93fa7e75553c3332314b3b988f7082cfde857475
Component: engine
Kernel memory is not allowed to be updated if container is
running, it's not actually a precise kernel limitation.
Before kernel version 4.6, kernel memory will not be accounted
until kernel memory limit is set, if a container created with
kernel memory initialized, kernel memory is accounted as soon
as process created in container, so kernel memory limit update
is allowed afterward. If kernel memory is not initialized,
kernel memory consumed by processes in container will not be
accounted, so we can't update the limit because the account
will be wrong.
So update kernel memory of a running container with kernel memory
initialized is allowed, we should soften the limitation by docker.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Upstream-commit: 08c7075c403b86111b2c393b49075a81a1d2263f
Component: engine
The `--pid` flag was added in Docker 1.5.0, but the
API changes were not documented. In Docker 1.12.0,
`--pid=container:<name|id>` was added as an additional
option, but also undocumented.
This adds the missing API documentation for this
option.
Also see commits
47e3da848ffbe88d0188ae6cfc09d6e1668bc293 (for 1.5.0), and
ebeb5a0422be47e703353e327606a380eb9962ab (for 1.12.0).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 2c9b5addc5022dba33d5d0443b49b2e4c0041ef3
Component: engine
Add option to skip kernel check for older kernels which have been patched to support multiple lower directories in overlayfs.
Fixes#24023
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: ff98da0607c4d6a94a2356d9ccaa64cc9d7f6a78
Component: engine
The archive is only available on docs.docker.com, and not
when doing a "make docs", so relative links will not resolve.
Making these links absolute, so that they always
point to the live "docs.docker.com" domain.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 4b090ae5f259dcedb946463a8512b2416a971fcb
Component: engine
This is now up to date with contents of 1.12 tgz
Also change usage to `dockerd` not `docker daemon`
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 7102e09f29822e4bb0e375738c5194ded8b716ca
Component: engine
- Update ps with `--last` flag
- Update commands with current output
- Make sure hugo does not detect the wrong language
- Update usage for `tag` command to be more coherent with the other ones
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: f4cfc6b9830ed236eb588d6a4dddca7455145e70
Component: engine
In #24159, the title field of `docker node ls` has been
changed from NAME to HOSTNAME. However, in the docs the
NAMEs are still used for the output of `docker node ls`.
This fix updates docs so that NAME field is changed to
HOSTNAME for all `docker node ls`.
This fix is related to #24159 and #24090.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 668b8a998f5ebbe66c7376c432a5fd87208add73
Component: engine
In the API:
`Writable` changed to `ReadOnly`
`Populate` changed to `NoCopy`
Corresponding CLI options updated to:
`volume-writable` changed to `volume-readonly`
`volume-populate` changed to `volume-nocopy`
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 56f3422468a0b43da7bae7a01762ce4f0a92d9ff
Component: engine
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.
This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.
`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.
Closes#23785
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 7342e42fcecbc243bcb8723b8422879662452017
Component: engine
