Now that Windows base images can be loaded directly into docker via "docker load" of a specialized tar file (with docker pull support on the horizon) we no longer have need of the custom images code path that loads images from a shared central location. Removing that code and it's call points.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: 3e109f349ff42ea1a0f555b6e645c51d9bc1539b
Component: engine
In #24159, the title field of `docker node ls` has been
changed from NAME to HOSTNAME. However, in the docs the
NAMEs are still used for the output of `docker node ls`.
This fix updates docs so that NAME field is changed to
HOSTNAME for all `docker node ls`.
This fix is related to #24159 and #24090.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 668b8a998f5ebbe66c7376c432a5fd87208add73
Component: engine
In the API:
`Writable` changed to `ReadOnly`
`Populate` changed to `NoCopy`
Corresponding CLI options updated to:
`volume-writable` changed to `volume-readonly`
`volume-populate` changed to `volume-nocopy`
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 56f3422468a0b43da7bae7a01762ce4f0a92d9ff
Component: engine
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.
This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.
`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.
Closes#23785
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 7342e42fcecbc243bcb8723b8422879662452017
Component: engine
ping and ip command are need in integration-cli test, but
they are missing in ubuntu:wily.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: 276e234ca0ec0fa20497b22f9a6d193e999d73cb
Component: engine
In order to keep a little bit of "sanity" on the API side, validate
hostname only starting from v1.24 API version.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 6daf3d2a783fd042e870c8af8bbd19fc28989505
Component: engine
This is done in a hacky way as currently there is no better way.
Uses known implementation details about how tasks are scheduled to be
able to operate on the underlying container.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e5ec575b32d6979914dce576f1b8bb71f3057cea
Component: engine
Mike is going to help us with triaging issues,
so adding him to the curators list to make it
official.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 156e77cb0db0c9cb127780fac583b5a38f84493a
Component: engine
The image spec did not match the regexp that validates tags. It
neglected to mention that period and dash characters are allowed in
tags, as long as they are not the first character. It also did not
mention the length limit for tags.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 2f19e910bdeee94a2962ce8457325e92aa21ce0e
Component: engine
[carry 23503] Always store the image digest when pulling and pushing an image.
Upstream-commit: ee0283c97a44fd8e67f2df81d076eb4b1858b3d2
Component: engine
Makes it consistent with other Dockerfiles.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: d9e12cba5a9a2291f56eb3921b06ac1b5f85dfc7
Component: engine
