InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: InTheForest:v1.12.2
Branches Tags
InTheForest:master InTheForest:docker-29.x InTheForest:copilot/add-task-issue-template InTheForest:25.0 InTheForest:28.x InTheForest:23.0 InTheForest:copilot/fix-50734 InTheForest:copilot/fix-50131 InTheForest:27.x InTheForest:26.1 InTheForest:19.03 InTheForest:20.10 InTheForest:24.0 InTheForest:26.0 InTheForest:22.06 InTheForest:17.03.x InTheForest:17.04.x InTheForest:17.05.x InTheForest:1.13.x InTheForest:docs InTheForest:1.12.x
InTheForest:docker-v29.1.4 InTheForest:docker-v29.2.0-rc.1 InTheForest:client/v0.2.2-rc.1 InTheForest:api/v1.53.0-rc.1 InTheForest:docker-v29.1.3 InTheForest:docker-v29.1.2 InTheForest:docker-v29.1.1 InTheForest:docker-v29.1.0 InTheForest:v2.0.0-beta.5 InTheForest:client/v0.2.1 InTheForest:v2.0.0-beta.4 InTheForest:client/v0.2.0 InTheForest:docker-v29.0.4 InTheForest:docker-v29.0.3 InTheForest:docker-v29.1.0-rc.1 InTheForest:docker-v29.0.2 InTheForest:docker-v29.0.1 InTheForest:docker-v29.0.0 InTheForest:v2.0.0-beta.3 InTheForest:client/v0.1.0 InTheForest:api/v1.52.0 InTheForest:docker-v29.0.0-rc.3 InTheForest:v2.0.0-beta.2 InTheForest:client/v0.1.0-rc.1 InTheForest:api/v1.52.0-rc.1 InTheForest:v25.0.14 InTheForest:v28.5.2 InTheForest:docker-v29.0.0-rc.2 InTheForest:v2.0.0-beta.1 InTheForest:client/v0.1.0-beta.3 InTheForest:api/v1.52.0-beta.4 InTheForest:api/v1.52.0-beta.3 InTheForest:docker-v29.0.0-rc.1 InTheForest:client/v0.1.0-beta.2 InTheForest:client/v0.1.0-beta.1 InTheForest:api/v1.52.0-beta.2 InTheForest:v28.5.1 InTheForest:v28.5.0 InTheForest:v28.5.0-rc.1 InTheForest:v2.0.0-beta.0 InTheForest:client/v0.1.0-beta.0 InTheForest:api/v1.52.0-beta.1 InTheForest:api/v1.52.0-beta.0 InTheForest:v28.4.0 InTheForest:v28.4.0-rc.2 InTheForest:v28.4.0-rc.1 InTheForest:v25.0.13 InTheForest:client/v0.1.0-alpha.0 InTheForest:api/v1.52.0-alpha.1 InTheForest:api/v1.52.0-alpha.0 InTheForest:v28.3.3 InTheForest:v25.0.12 InTheForest:v28.3.2 InTheForest:v28.3.1 InTheForest:v28.3.0 InTheForest:v28.3.0-rc.2 InTheForest:v25.0.11 InTheForest:v28.3.0-rc.1 InTheForest:v28.2.2 InTheForest:v28.2.1 InTheForest:v28.2.0 InTheForest:v28.2.0-rc.2 InTheForest:v28.2.0-rc.1 InTheForest:v23.0.18 InTheForest:v23.0.17 InTheForest:v25.0.10 InTheForest:v25.0.9 InTheForest:v28.1.1 InTheForest:v28.1.0 InTheForest:v28.1.0-rc.2 InTheForest:v28.1.0-rc.1 InTheForest:v28.0.4 InTheForest:v28.0.3 InTheForest:v28.0.2 InTheForest:v28.0.1 InTheForest:v28.0.0 InTheForest:v28.0.0-rc.3 InTheForest:v28.0.0-rc.2 InTheForest:v28.0.0-rc.1 InTheForest:v25.0.8 InTheForest:v27.5.1 InTheForest:v27.5.0 InTheForest:v27.5.0-rc.2 InTheForest:v27.5.0-rc.1 InTheForest:v27.4.1 InTheForest:v27.4.0 InTheForest:v23.0.16 InTheForest:v25.0.7 InTheForest:v27.4.0-rc.4 InTheForest:v27.4.0-rc.3 InTheForest:v27.4.0-rc.2 InTheForest:v27.4.0-rc.1 InTheForest:v23.0.15 InTheForest:v27.3.1 InTheForest:v27.3.0 InTheForest:v27.3.0-rc.2 InTheForest:v27.3.0-rc.1 InTheForest:v27.2.1 InTheForest:v27.2.0 InTheForest:v23.0.14 InTheForest:v27.2.0-rc.1 InTheForest:v27.1.2 InTheForest:v25.0.6 InTheForest:v27.1.1 InTheForest:v26.1.5 InTheForest:v27.1.0 InTheForest:v27.0.3 InTheForest:v27.0.2 InTheForest:v27.0.1 InTheForest:v23.0.13 InTheForest:v27.0.1-rc.1 InTheForest:v27.0.0-rc.2 InTheForest:v27.0.0-rc.1 InTheForest:v26.1.4 InTheForest:v23.0.12 InTheForest:v26.1.3 InTheForest:v26.1.2 InTheForest:v23.0.11 InTheForest:v26.1.1 InTheForest:v26.1.0 InTheForest:v26.0.2 InTheForest:v26.0.1 InTheForest:v23.0.10 InTheForest:v26.0.0 InTheForest:v26.0.0-rc3 InTheForest:v25.0.5 InTheForest:v26.0.0-rc2 InTheForest:v25.0.4 InTheForest:v26.0.0-rc1 InTheForest:v25.0.3 InTheForest:v24.0.9 InTheForest:v25.0.2 InTheForest:v23.0.9 InTheForest:v24.0.8 InTheForest:v25.0.1 InTheForest:v25.0.0 InTheForest:v25.0.0-rc.3 InTheForest:v25.0.0-rc.2 InTheForest:v25.0.0-rc.1 InTheForest:v25.0.0-beta.3 InTheForest:v25.0.0-beta.2 InTheForest:v20.10.27 InTheForest:v23.0.8 InTheForest:v25.0.0-beta.1 InTheForest:v24.0.7 InTheForest:v23.0.7 InTheForest:v20.10.26 InTheForest:v24.0.6 InTheForest:v24.0.5 InTheForest:v24.0.4 InTheForest:v24.0.3 InTheForest:v24.0.2 InTheForest:v24.0.1 InTheForest:v24.0.0 InTheForest:v20.10.25 InTheForest:v24.0.0-rc.4 InTheForest:v24.0.0-rc.3 InTheForest:v23.0.6 InTheForest:v24.0.0-rc.2 InTheForest:v24.0.0-rc.1 InTheForest:v23.0.5 InTheForest:v23.0.4 InTheForest:v24.0.0-beta.2 InTheForest:v23.0.3 InTheForest:v20.10.24 InTheForest:v24.0.0-beta.1 InTheForest:v23.0.2 InTheForest:v23.0.1 InTheForest:v23.0.0 InTheForest:v23.0.0-rc.4 InTheForest:v23.0.0-rc.3 InTheForest:v20.10.23 InTheForest:v23.0.0-rc.2 InTheForest:v23.0.0-rc.1 InTheForest:v20.10.22 InTheForest:v23.0.0-beta.1 InTheForest:v20.10.21 InTheForest:v20.10.20 InTheForest:v20.10.19 InTheForest:v20.10.18 InTheForest:v20.10.17 InTheForest:v22.06.0-beta.0 InTheForest:v20.10.16 InTheForest:v20.10.15 InTheForest:v20.10.14 InTheForest:v20.10.13 InTheForest:v20.10.12 InTheForest:v20.10.11 InTheForest:v20.10.10 InTheForest:v20.10.10-rc1 InTheForest:v20.10.9 InTheForest:v20.10.8 InTheForest:v20.10.7 InTheForest:v20.10.6 InTheForest:v20.10.5 InTheForest:v20.10.4 InTheForest:v19.03.15 InTheForest:v20.10.3 InTheForest:v20.10.2 InTheForest:v20.10.1 InTheForest:v20.10.0 InTheForest:v20.10.0-rc2 InTheForest:v19.03.14 InTheForest:v20.10.0-rc1 InTheForest:v20.10.0-beta1 InTheForest:v19.03.13 InTheForest:v19.03.13-beta2 InTheForest:v19.03.13-beta1 InTheForest:v19.03.12 InTheForest:v19.03.11 InTheForest:v19.03.10 InTheForest:v19.03.9 InTheForest:v19.03.8 InTheForest:v19.03.7 InTheForest:v19.03.6 InTheForest:v19.03.6-rc2 InTheForest:v19.03.6-rc1 InTheForest:v19.03.5 InTheForest:v19.03.5-rc1 InTheForest:v19.03.5-beta2 InTheForest:v19.03.5-beta1 InTheForest:v19.03.4 InTheForest:v19.03.4-rc1 InTheForest:v19.03.3 InTheForest:v19.03.3-rc1 InTheForest:v19.03.3-beta2 InTheForest:v19.03.3-beta1 InTheForest:v18.09.9 InTheForest:v19.03.2 InTheForest:v19.03.2-rc1 InTheForest:v18.09.9-rc1 InTheForest:v19.03.2-beta1 InTheForest:v19.03.1 InTheForest:v19.03.0 InTheForest:v18.09.8 InTheForest:v18.09.7 InTheForest:v18.09.7-rc1 InTheForest:v19.03.0-rc3 InTheForest:v19.03.0-rc2 InTheForest:v19.03.0-beta5 InTheForest:v19.03.0-beta4 InTheForest:v18.09.6 InTheForest:v18.09.6-rc1 InTheForest:v19.03.0-beta3 InTheForest:v19.03.0-beta2 InTheForest:v19.03.0-beta1 InTheForest:v18.09.5 InTheForest:v18.09.5-rc1 InTheForest:v18.09.4 InTheForest:v18.09.4-rc1 InTheForest:v18.09.3 InTheForest:v18.09.3-rc1 InTheForest:v18.06.3-ce InTheForest:v18.06.2-ce InTheForest:v18.09.2 InTheForest:v18.09.1 InTheForest:v18.09.1-rc1 InTheForest:v18.09.1-beta2 InTheForest:v18.09.1-beta1 InTheForest:v18.09.0 InTheForest:v18.09.0-rc1 InTheForest:v18.09.0-beta5 InTheForest:v18.09.0-beta3 InTheForest:v18.09.0-ce-beta1 InTheForest:v18.09.0-ce-tp6 InTheForest:v18.09.0-ce-tp5 InTheForest:v18.09.0-ce-tp4 InTheForest:v18.09.0-ce-tp3 InTheForest:v18.09.0-ce-tp0 InTheForest:v18.06.1-ce InTheForest:v18.06.1-ce-rc2 InTheForest:v18.06.1-ce-rc1 InTheForest:v18.06.0-ce InTheForest:v18.06.0-ce-rc3 InTheForest:v18.06.0-ce-rc2 InTheForest:v18.06.0-ce-rc1 InTheForest:v18.03.1-ce InTheForest:v18.05.0-ce InTheForest:v18.05.0-ce-rc1 InTheForest:v18.03.1-ce-rc1 InTheForest:v18.04.0-ce InTheForest:v18.04.0-ce-rc2 InTheForest:v18.03.1-ce-rc2 InTheForest:v18.04.0-ce-rc1 InTheForest:v18.03.0-ce-rc4 InTheForest:v18.03.0-ce InTheForest:v18.03.0-ce-rc3 InTheForest:v18.03.0-ce-rc2 InTheForest:v17.12.1-ce InTheForest:v17.12.1-ce-rc2 InTheForest:v18.02.0-ce-rc2 InTheForest:v18.02.0-ce InTheForest:v17.12.1-ce-rc1 InTheForest:v17.12.0-ce-rc4 InTheForest:v17.12.0-ce InTheForest:v17.12.0-ce-rc3 InTheForest:v18.01.0-ce-rc1 InTheForest:v18.01.0-ce InTheForest:v17.09.1-ce InTheForest:v17.12.0-ce-rc2 InTheForest:v17.12.0-ce-rc1 InTheForest:v17.11.0-ce InTheForest:v17.11.0-ce-rc4 InTheForest:v17.09.1-ce-rc1 InTheForest:v17.11.0-ce-rc3 InTheForest:v17.11.0-ce-rc2 InTheForest:v17.11.0-ce-rc1 InTheForest:v18.02.0-ce-rc1 InTheForest:v18.03.0-ce-rc1 InTheForest:v17.10.0-ce InTheForest:v17.10.0-ce-rc2 InTheForest:v17.10.0-ce-rc1 InTheForest:v17.09.0-ce InTheForest:v17.09.0-ce-rc3 InTheForest:v17.09.0-ce-rc2 InTheForest:v17.09.0-ce-rc1 InTheForest:v17.06.2-ce InTheForest:v17.07.0-ce InTheForest:v17.06.2-ce-rc1 InTheForest:v17.07.0-ce-rc4 InTheForest:v17.06.1-ce InTheForest:v17.07.0-ce-rc3 InTheForest:v17.06.1-ce-rc4 InTheForest:v17.07.0-ce-rc2 InTheForest:v17.06.1-ce-rc3 InTheForest:v17.06.1-ce-rc2 InTheForest:v17.07.0-ce-rc1 InTheForest:v17.06.1-ce-rc1 InTheForest:v17.03.2-ce InTheForest:v17.06.0-ce InTheForest:v17.06.0-ce-rc5 InTheForest:v17.06.0-ce-rc4 InTheForest:v17.06.0-ce-rc3 InTheForest:v17.06.0-ce-rc2 InTheForest:v17.03.2-ce-rc1 InTheForest:v17.06.0-ce-rc1 InTheForest:v17.05.0-ce InTheForest:v17.05.0-ce-rc3 InTheForest:v17.05.0-ce-rc2 InTheForest:v17.05.0-ce-rc1 InTheForest:v17.04.0-ce InTheForest:v17.04.0-ce-rc2 InTheForest:v17.03.1-ce InTheForest:v17.04.0-ce-rc1 InTheForest:v17.03.1-ce-rc1 InTheForest:v17.03.0-ce InTheForest:v17.03.0-ce-rc1 InTheForest:v1.13.1 InTheForest:v1.13.1-rc2 InTheForest:v1.13.1-rc1 InTheForest:v1.13.0 InTheForest:v1.13.0-rc7 InTheForest:v1.13.0-rc6 InTheForest:v1.12.6 InTheForest:v1.13.0-rc5 InTheForest:v1.13.0-rc4 InTheForest:v1.12.5 InTheForest:v1.12.5-rc1 InTheForest:v1.12.4 InTheForest:v1.12.4-rc1 InTheForest:v1.13.0-rc3 InTheForest:v1.13.0-rc2 InTheForest:v1.13.0-rc1 InTheForest:v1.12.3 InTheForest:v1.12.3-rc1 InTheForest:v1.12.2 InTheForest:v1.12.2-rc3 InTheForest:v1.12.2-rc2 InTheForest:v1.12.2-rc1 InTheForest:v1.12.1 InTheForest:v1.12.1-rc2 InTheForest:v1.12.1-rc1 InTheForest:docs-v1.12.1-2016-08-12 InTheForest:docs-v1.12.0-2016-08-09 InTheForest:docs-v1.12.0-2016-08-03.1 InTheForest:docs-v1.12.0-2016-08-03 InTheForest:docs-v1.12.0-2016-07-29 InTheForest:docs-v1.12.0-2016-07-28 InTheForest:v1.12.0 InTheForest:v1.12.0-rc5 InTheForest:docs-v1.12.0-rc4-2016-07-15 InTheForest:v1.12.0-rc4 InTheForest:v1.12.0-rc3 InTheForest:v1.12.0-rc2 InTheForest:v1.12.0-rc1 InTheForest:docs-v1.11.2-2016-06-10 InTheForest:v1.11.2 InTheForest:v1.11.2-rc1 InTheForest:xdocs-v1.10-09-05-2016 InTheForest:v1.11.1 InTheForest:v1.11.1-rc1 InTheForest:v1.11.0 InTheForest:v1.11.0-rc5 InTheForest:v1.11.0-rc4 InTheForest:v1.11.0-rc3 InTheForest:xdocs-v1.10-28-mar-2016 InTheForest:v1.11.0-rc2 InTheForest:v1.11.0-rc1 InTheForest:v1.10.3 InTheForest:v1.10.3-rc2 InTheForest:v1.10.3-rc1 InTheForest:v1.10.2 InTheForest:v1.10.2-rc1 InTheForest:v1.10.1 InTheForest:v1.10.1-rc1 InTheForest:v1.10.0 InTheForest:v1.10.0-rc4 InTheForest:v1.10.0-rc3 InTheForest:v1.10.0-rc2 InTheForest:v1.10.0-rc1 InTheForest:v1.9.1 InTheForest:v1.9.1-rc1 InTheForest:v1.9.0 InTheForest:v1.9.0-rc5 InTheForest:v1.9.0-rc4 InTheForest:v1.9.0-rc3 InTheForest:v1.9.0-rc2 InTheForest:v1.9.0-rc1 InTheForest:v1.8.3 InTheForest:v1.8.2 InTheForest:v1.8.2-rc1 InTheForest:v1.8.1 InTheForest:v1.8.0 InTheForest:v1.8.0-rc3 InTheForest:v1.8.0-rc2 InTheForest:v1.8.0-rc1 InTheForest:v1.7.1 InTheForest:v1.7.1-rc3 InTheForest:v1.7.1-rc2 InTheForest:v1.7.1-rc1 InTheForest:v1.7.0 InTheForest:v1.7.0-rc5 InTheForest:v1.7.0-rc4 InTheForest:v1.7.0-rc3 InTheForest:v1.7.0-rc2 InTheForest:v1.7.0-rc1 InTheForest:v1.6.2 InTheForest:v1.6.1 InTheForest:v1.6.0 InTheForest:v1.6.0-rc7 InTheForest:v1.6.0-rc6 InTheForest:v1.6.0-rc5 InTheForest:v1.6.0-rc4 InTheForest:v1.6.0-rc3 InTheForest:v1.6.0-rc2 InTheForest:v1.6.0-rc1 InTheForest:v1.5.0 InTheForest:v1.5.0-rc4 InTheForest:v1.5.0-rc3 InTheForest:v1.5.0-rc2 InTheForest:v1.5.0-rc1 InTheForest:v1.4.1 InTheForest:v1.4.0 InTheForest:v1.3.3 InTheForest:v1.3.2 InTheForest:v1.3.1 InTheForest:v1.3.0 InTheForest:v1.2.0 InTheForest:v1.1.2 InTheForest:v1.1.1 InTheForest:v1.1.0 InTheForest:v1.0.1 InTheForest:v1.0.0 InTheForest:v0.12.0 InTheForest:v0.11.1 InTheForest:v0.11.0 InTheForest:v0.10.0 InTheForest:v0.9.1 InTheForest:v0.9.0 InTheForest:v0.8.1 InTheForest:v0.8.0 InTheForest:v0.7.6 InTheForest:v0.7.5 InTheForest:v0.7.4 InTheForest:v0.7.3 InTheForest:v0.7.2 InTheForest:v0.7.1 InTheForest:v0.7.0 InTheForest:v0.7.0-rc1 InTheForest:v0.7.0-rc2 InTheForest:v0.7.0-rc3 InTheForest:v0.7.0-rc4 InTheForest:v0.7.0-rc5 InTheForest:v0.7.0-rc6 InTheForest:v0.7.0-rc7 InTheForest:v0.6.7 InTheForest:v0.6.6 InTheForest:v0.6.5 InTheForest:v0.6.4 InTheForest:v0.6.3 InTheForest:v0.6.2 InTheForest:v0.6.1 InTheForest:v0.6.0 InTheForest:v0.5.3 InTheForest:v0.5.2 InTheForest:v0.5.1 InTheForest:v0.5.0 InTheForest:v0.4.8 InTheForest:v0.4.7 InTheForest:v0.4.6 InTheForest:v0.4.5 InTheForest:v0.4.4 InTheForest:v0.4.3 InTheForest:v0.4.2 InTheForest:v0.4.1 InTheForest:v0.4.0 InTheForest:v0.3.4 InTheForest:v0.3.3 InTheForest:v0.3.2 InTheForest:v0.3.1 InTheForest:v0.3.0 InTheForest:v0.2.2 InTheForest:v0.2.1 InTheForest:builder/2 InTheForest:autorun/1 InTheForest:builder/1 InTheForest:v0.2.0 InTheForest:v0.1.8 InTheForest:v0.1.7 InTheForest:v0.1.6 InTheForest:v0.1.5 InTheForest:v0.1.4 InTheForest:v0.1.3 InTheForest:v0.1.2 InTheForest:v0.1.1 InTheForest:v0.1.0 InTheForest:upstream/0.1.4 InTheForest:upstream/0.1.3 InTheForest:0.0.3 InTheForest:upstream/0.1.2 InTheForest:debian/0.1.1-1 InTheForest:upstream/0.1.1
...
compare: InTheForest:docs-v1.12.1-2016-08-12
Branches Tags
InTheForest:master InTheForest:docker-29.x InTheForest:copilot/add-task-issue-template InTheForest:25.0 InTheForest:28.x InTheForest:23.0 InTheForest:copilot/fix-50734 InTheForest:copilot/fix-50131 InTheForest:27.x InTheForest:26.1 InTheForest:19.03 InTheForest:20.10 InTheForest:24.0 InTheForest:26.0 InTheForest:22.06 InTheForest:17.03.x InTheForest:17.04.x InTheForest:17.05.x InTheForest:1.13.x InTheForest:docs InTheForest:1.12.x
InTheForest:docker-v29.1.4 InTheForest:docker-v29.2.0-rc.1 InTheForest:client/v0.2.2-rc.1 InTheForest:api/v1.53.0-rc.1 InTheForest:docker-v29.1.3 InTheForest:docker-v29.1.2 InTheForest:docker-v29.1.1 InTheForest:docker-v29.1.0 InTheForest:v2.0.0-beta.5 InTheForest:client/v0.2.1 InTheForest:v2.0.0-beta.4 InTheForest:client/v0.2.0 InTheForest:docker-v29.0.4 InTheForest:docker-v29.0.3 InTheForest:docker-v29.1.0-rc.1 InTheForest:docker-v29.0.2 InTheForest:docker-v29.0.1 InTheForest:docker-v29.0.0 InTheForest:v2.0.0-beta.3 InTheForest:client/v0.1.0 InTheForest:api/v1.52.0 InTheForest:docker-v29.0.0-rc.3 InTheForest:v2.0.0-beta.2 InTheForest:client/v0.1.0-rc.1 InTheForest:api/v1.52.0-rc.1 InTheForest:v25.0.14 InTheForest:v28.5.2 InTheForest:docker-v29.0.0-rc.2 InTheForest:v2.0.0-beta.1 InTheForest:client/v0.1.0-beta.3 InTheForest:api/v1.52.0-beta.4 InTheForest:api/v1.52.0-beta.3 InTheForest:docker-v29.0.0-rc.1 InTheForest:client/v0.1.0-beta.2 InTheForest:client/v0.1.0-beta.1 InTheForest:api/v1.52.0-beta.2 InTheForest:v28.5.1 InTheForest:v28.5.0 InTheForest:v28.5.0-rc.1 InTheForest:v2.0.0-beta.0 InTheForest:client/v0.1.0-beta.0 InTheForest:api/v1.52.0-beta.1 InTheForest:api/v1.52.0-beta.0 InTheForest:v28.4.0 InTheForest:v28.4.0-rc.2 InTheForest:v28.4.0-rc.1 InTheForest:v25.0.13 InTheForest:client/v0.1.0-alpha.0 InTheForest:api/v1.52.0-alpha.1 InTheForest:api/v1.52.0-alpha.0 InTheForest:v28.3.3 InTheForest:v25.0.12 InTheForest:v28.3.2 InTheForest:v28.3.1 InTheForest:v28.3.0 InTheForest:v28.3.0-rc.2 InTheForest:v25.0.11 InTheForest:v28.3.0-rc.1 InTheForest:v28.2.2 InTheForest:v28.2.1 InTheForest:v28.2.0 InTheForest:v28.2.0-rc.2 InTheForest:v28.2.0-rc.1 InTheForest:v23.0.18 InTheForest:v23.0.17 InTheForest:v25.0.10 InTheForest:v25.0.9 InTheForest:v28.1.1 InTheForest:v28.1.0 InTheForest:v28.1.0-rc.2 InTheForest:v28.1.0-rc.1 InTheForest:v28.0.4 InTheForest:v28.0.3 InTheForest:v28.0.2 InTheForest:v28.0.1 InTheForest:v28.0.0 InTheForest:v28.0.0-rc.3 InTheForest:v28.0.0-rc.2 InTheForest:v28.0.0-rc.1 InTheForest:v25.0.8 InTheForest:v27.5.1 InTheForest:v27.5.0 InTheForest:v27.5.0-rc.2 InTheForest:v27.5.0-rc.1 InTheForest:v27.4.1 InTheForest:v27.4.0 InTheForest:v23.0.16 InTheForest:v25.0.7 InTheForest:v27.4.0-rc.4 InTheForest:v27.4.0-rc.3 InTheForest:v27.4.0-rc.2 InTheForest:v27.4.0-rc.1 InTheForest:v23.0.15 InTheForest:v27.3.1 InTheForest:v27.3.0 InTheForest:v27.3.0-rc.2 InTheForest:v27.3.0-rc.1 InTheForest:v27.2.1 InTheForest:v27.2.0 InTheForest:v23.0.14 InTheForest:v27.2.0-rc.1 InTheForest:v27.1.2 InTheForest:v25.0.6 InTheForest:v27.1.1 InTheForest:v26.1.5 InTheForest:v27.1.0 InTheForest:v27.0.3 InTheForest:v27.0.2 InTheForest:v27.0.1 InTheForest:v23.0.13 InTheForest:v27.0.1-rc.1 InTheForest:v27.0.0-rc.2 InTheForest:v27.0.0-rc.1 InTheForest:v26.1.4 InTheForest:v23.0.12 InTheForest:v26.1.3 InTheForest:v26.1.2 InTheForest:v23.0.11 InTheForest:v26.1.1 InTheForest:v26.1.0 InTheForest:v26.0.2 InTheForest:v26.0.1 InTheForest:v23.0.10 InTheForest:v26.0.0 InTheForest:v26.0.0-rc3 InTheForest:v25.0.5 InTheForest:v26.0.0-rc2 InTheForest:v25.0.4 InTheForest:v26.0.0-rc1 InTheForest:v25.0.3 InTheForest:v24.0.9 InTheForest:v25.0.2 InTheForest:v23.0.9 InTheForest:v24.0.8 InTheForest:v25.0.1 InTheForest:v25.0.0 InTheForest:v25.0.0-rc.3 InTheForest:v25.0.0-rc.2 InTheForest:v25.0.0-rc.1 InTheForest:v25.0.0-beta.3 InTheForest:v25.0.0-beta.2 InTheForest:v20.10.27 InTheForest:v23.0.8 InTheForest:v25.0.0-beta.1 InTheForest:v24.0.7 InTheForest:v23.0.7 InTheForest:v20.10.26 InTheForest:v24.0.6 InTheForest:v24.0.5 InTheForest:v24.0.4 InTheForest:v24.0.3 InTheForest:v24.0.2 InTheForest:v24.0.1 InTheForest:v24.0.0 InTheForest:v20.10.25 InTheForest:v24.0.0-rc.4 InTheForest:v24.0.0-rc.3 InTheForest:v23.0.6 InTheForest:v24.0.0-rc.2 InTheForest:v24.0.0-rc.1 InTheForest:v23.0.5 InTheForest:v23.0.4 InTheForest:v24.0.0-beta.2 InTheForest:v23.0.3 InTheForest:v20.10.24 InTheForest:v24.0.0-beta.1 InTheForest:v23.0.2 InTheForest:v23.0.1 InTheForest:v23.0.0 InTheForest:v23.0.0-rc.4 InTheForest:v23.0.0-rc.3 InTheForest:v20.10.23 InTheForest:v23.0.0-rc.2 InTheForest:v23.0.0-rc.1 InTheForest:v20.10.22 InTheForest:v23.0.0-beta.1 InTheForest:v20.10.21 InTheForest:v20.10.20 InTheForest:v20.10.19 InTheForest:v20.10.18 InTheForest:v20.10.17 InTheForest:v22.06.0-beta.0 InTheForest:v20.10.16 InTheForest:v20.10.15 InTheForest:v20.10.14 InTheForest:v20.10.13 InTheForest:v20.10.12 InTheForest:v20.10.11 InTheForest:v20.10.10 InTheForest:v20.10.10-rc1 InTheForest:v20.10.9 InTheForest:v20.10.8 InTheForest:v20.10.7 InTheForest:v20.10.6 InTheForest:v20.10.5 InTheForest:v20.10.4 InTheForest:v19.03.15 InTheForest:v20.10.3 InTheForest:v20.10.2 InTheForest:v20.10.1 InTheForest:v20.10.0 InTheForest:v20.10.0-rc2 InTheForest:v19.03.14 InTheForest:v20.10.0-rc1 InTheForest:v20.10.0-beta1 InTheForest:v19.03.13 InTheForest:v19.03.13-beta2 InTheForest:v19.03.13-beta1 InTheForest:v19.03.12 InTheForest:v19.03.11 InTheForest:v19.03.10 InTheForest:v19.03.9 InTheForest:v19.03.8 InTheForest:v19.03.7 InTheForest:v19.03.6 InTheForest:v19.03.6-rc2 InTheForest:v19.03.6-rc1 InTheForest:v19.03.5 InTheForest:v19.03.5-rc1 InTheForest:v19.03.5-beta2 InTheForest:v19.03.5-beta1 InTheForest:v19.03.4 InTheForest:v19.03.4-rc1 InTheForest:v19.03.3 InTheForest:v19.03.3-rc1 InTheForest:v19.03.3-beta2 InTheForest:v19.03.3-beta1 InTheForest:v18.09.9 InTheForest:v19.03.2 InTheForest:v19.03.2-rc1 InTheForest:v18.09.9-rc1 InTheForest:v19.03.2-beta1 InTheForest:v19.03.1 InTheForest:v19.03.0 InTheForest:v18.09.8 InTheForest:v18.09.7 InTheForest:v18.09.7-rc1 InTheForest:v19.03.0-rc3 InTheForest:v19.03.0-rc2 InTheForest:v19.03.0-beta5 InTheForest:v19.03.0-beta4 InTheForest:v18.09.6 InTheForest:v18.09.6-rc1 InTheForest:v19.03.0-beta3 InTheForest:v19.03.0-beta2 InTheForest:v19.03.0-beta1 InTheForest:v18.09.5 InTheForest:v18.09.5-rc1 InTheForest:v18.09.4 InTheForest:v18.09.4-rc1 InTheForest:v18.09.3 InTheForest:v18.09.3-rc1 InTheForest:v18.06.3-ce InTheForest:v18.06.2-ce InTheForest:v18.09.2 InTheForest:v18.09.1 InTheForest:v18.09.1-rc1 InTheForest:v18.09.1-beta2 InTheForest:v18.09.1-beta1 InTheForest:v18.09.0 InTheForest:v18.09.0-rc1 InTheForest:v18.09.0-beta5 InTheForest:v18.09.0-beta3 InTheForest:v18.09.0-ce-beta1 InTheForest:v18.09.0-ce-tp6 InTheForest:v18.09.0-ce-tp5 InTheForest:v18.09.0-ce-tp4 InTheForest:v18.09.0-ce-tp3 InTheForest:v18.09.0-ce-tp0 InTheForest:v18.06.1-ce InTheForest:v18.06.1-ce-rc2 InTheForest:v18.06.1-ce-rc1 InTheForest:v18.06.0-ce InTheForest:v18.06.0-ce-rc3 InTheForest:v18.06.0-ce-rc2 InTheForest:v18.06.0-ce-rc1 InTheForest:v18.03.1-ce InTheForest:v18.05.0-ce InTheForest:v18.05.0-ce-rc1 InTheForest:v18.03.1-ce-rc1 InTheForest:v18.04.0-ce InTheForest:v18.04.0-ce-rc2 InTheForest:v18.03.1-ce-rc2 InTheForest:v18.04.0-ce-rc1 InTheForest:v18.03.0-ce-rc4 InTheForest:v18.03.0-ce InTheForest:v18.03.0-ce-rc3 InTheForest:v18.03.0-ce-rc2 InTheForest:v17.12.1-ce InTheForest:v17.12.1-ce-rc2 InTheForest:v18.02.0-ce-rc2 InTheForest:v18.02.0-ce InTheForest:v17.12.1-ce-rc1 InTheForest:v17.12.0-ce-rc4 InTheForest:v17.12.0-ce InTheForest:v17.12.0-ce-rc3 InTheForest:v18.01.0-ce-rc1 InTheForest:v18.01.0-ce InTheForest:v17.09.1-ce InTheForest:v17.12.0-ce-rc2 InTheForest:v17.12.0-ce-rc1 InTheForest:v17.11.0-ce InTheForest:v17.11.0-ce-rc4 InTheForest:v17.09.1-ce-rc1 InTheForest:v17.11.0-ce-rc3 InTheForest:v17.11.0-ce-rc2 InTheForest:v17.11.0-ce-rc1 InTheForest:v18.02.0-ce-rc1 InTheForest:v18.03.0-ce-rc1 InTheForest:v17.10.0-ce InTheForest:v17.10.0-ce-rc2 InTheForest:v17.10.0-ce-rc1 InTheForest:v17.09.0-ce InTheForest:v17.09.0-ce-rc3 InTheForest:v17.09.0-ce-rc2 InTheForest:v17.09.0-ce-rc1 InTheForest:v17.06.2-ce InTheForest:v17.07.0-ce InTheForest:v17.06.2-ce-rc1 InTheForest:v17.07.0-ce-rc4 InTheForest:v17.06.1-ce InTheForest:v17.07.0-ce-rc3 InTheForest:v17.06.1-ce-rc4 InTheForest:v17.07.0-ce-rc2 InTheForest:v17.06.1-ce-rc3 InTheForest:v17.06.1-ce-rc2 InTheForest:v17.07.0-ce-rc1 InTheForest:v17.06.1-ce-rc1 InTheForest:v17.03.2-ce InTheForest:v17.06.0-ce InTheForest:v17.06.0-ce-rc5 InTheForest:v17.06.0-ce-rc4 InTheForest:v17.06.0-ce-rc3 InTheForest:v17.06.0-ce-rc2 InTheForest:v17.03.2-ce-rc1 InTheForest:v17.06.0-ce-rc1 InTheForest:v17.05.0-ce InTheForest:v17.05.0-ce-rc3 InTheForest:v17.05.0-ce-rc2 InTheForest:v17.05.0-ce-rc1 InTheForest:v17.04.0-ce InTheForest:v17.04.0-ce-rc2 InTheForest:v17.03.1-ce InTheForest:v17.04.0-ce-rc1 InTheForest:v17.03.1-ce-rc1 InTheForest:v17.03.0-ce InTheForest:v17.03.0-ce-rc1 InTheForest:v1.13.1 InTheForest:v1.13.1-rc2 InTheForest:v1.13.1-rc1 InTheForest:v1.13.0 InTheForest:v1.13.0-rc7 InTheForest:v1.13.0-rc6 InTheForest:v1.12.6 InTheForest:v1.13.0-rc5 InTheForest:v1.13.0-rc4 InTheForest:v1.12.5 InTheForest:v1.12.5-rc1 InTheForest:v1.12.4 InTheForest:v1.12.4-rc1 InTheForest:v1.13.0-rc3 InTheForest:v1.13.0-rc2 InTheForest:v1.13.0-rc1 InTheForest:v1.12.3 InTheForest:v1.12.3-rc1 InTheForest:v1.12.2 InTheForest:v1.12.2-rc3 InTheForest:v1.12.2-rc2 InTheForest:v1.12.2-rc1 InTheForest:v1.12.1 InTheForest:v1.12.1-rc2 InTheForest:v1.12.1-rc1 InTheForest:docs-v1.12.1-2016-08-12 InTheForest:docs-v1.12.0-2016-08-09 InTheForest:docs-v1.12.0-2016-08-03.1 InTheForest:docs-v1.12.0-2016-08-03 InTheForest:docs-v1.12.0-2016-07-29 InTheForest:docs-v1.12.0-2016-07-28 InTheForest:v1.12.0 InTheForest:v1.12.0-rc5 InTheForest:docs-v1.12.0-rc4-2016-07-15 InTheForest:v1.12.0-rc4 InTheForest:v1.12.0-rc3 InTheForest:v1.12.0-rc2 InTheForest:v1.12.0-rc1 InTheForest:docs-v1.11.2-2016-06-10 InTheForest:v1.11.2 InTheForest:v1.11.2-rc1 InTheForest:xdocs-v1.10-09-05-2016 InTheForest:v1.11.1 InTheForest:v1.11.1-rc1 InTheForest:v1.11.0 InTheForest:v1.11.0-rc5 InTheForest:v1.11.0-rc4 InTheForest:v1.11.0-rc3 InTheForest:xdocs-v1.10-28-mar-2016 InTheForest:v1.11.0-rc2 InTheForest:v1.11.0-rc1 InTheForest:v1.10.3 InTheForest:v1.10.3-rc2 InTheForest:v1.10.3-rc1 InTheForest:v1.10.2 InTheForest:v1.10.2-rc1 InTheForest:v1.10.1 InTheForest:v1.10.1-rc1 InTheForest:v1.10.0 InTheForest:v1.10.0-rc4 InTheForest:v1.10.0-rc3 InTheForest:v1.10.0-rc2 InTheForest:v1.10.0-rc1 InTheForest:v1.9.1 InTheForest:v1.9.1-rc1 InTheForest:v1.9.0 InTheForest:v1.9.0-rc5 InTheForest:v1.9.0-rc4 InTheForest:v1.9.0-rc3 InTheForest:v1.9.0-rc2 InTheForest:v1.9.0-rc1 InTheForest:v1.8.3 InTheForest:v1.8.2 InTheForest:v1.8.2-rc1 InTheForest:v1.8.1 InTheForest:v1.8.0 InTheForest:v1.8.0-rc3 InTheForest:v1.8.0-rc2 InTheForest:v1.8.0-rc1 InTheForest:v1.7.1 InTheForest:v1.7.1-rc3 InTheForest:v1.7.1-rc2 InTheForest:v1.7.1-rc1 InTheForest:v1.7.0 InTheForest:v1.7.0-rc5 InTheForest:v1.7.0-rc4 InTheForest:v1.7.0-rc3 InTheForest:v1.7.0-rc2 InTheForest:v1.7.0-rc1 InTheForest:v1.6.2 InTheForest:v1.6.1 InTheForest:v1.6.0 InTheForest:v1.6.0-rc7 InTheForest:v1.6.0-rc6 InTheForest:v1.6.0-rc5 InTheForest:v1.6.0-rc4 InTheForest:v1.6.0-rc3 InTheForest:v1.6.0-rc2 InTheForest:v1.6.0-rc1 InTheForest:v1.5.0 InTheForest:v1.5.0-rc4 InTheForest:v1.5.0-rc3 InTheForest:v1.5.0-rc2 InTheForest:v1.5.0-rc1 InTheForest:v1.4.1 InTheForest:v1.4.0 InTheForest:v1.3.3 InTheForest:v1.3.2 InTheForest:v1.3.1 InTheForest:v1.3.0 InTheForest:v1.2.0 InTheForest:v1.1.2 InTheForest:v1.1.1 InTheForest:v1.1.0 InTheForest:v1.0.1 InTheForest:v1.0.0 InTheForest:v0.12.0 InTheForest:v0.11.1 InTheForest:v0.11.0 InTheForest:v0.10.0 InTheForest:v0.9.1 InTheForest:v0.9.0 InTheForest:v0.8.1 InTheForest:v0.8.0 InTheForest:v0.7.6 InTheForest:v0.7.5 InTheForest:v0.7.4 InTheForest:v0.7.3 InTheForest:v0.7.2 InTheForest:v0.7.1 InTheForest:v0.7.0 InTheForest:v0.7.0-rc1 InTheForest:v0.7.0-rc2 InTheForest:v0.7.0-rc3 InTheForest:v0.7.0-rc4 InTheForest:v0.7.0-rc5 InTheForest:v0.7.0-rc6 InTheForest:v0.7.0-rc7 InTheForest:v0.6.7 InTheForest:v0.6.6 InTheForest:v0.6.5 InTheForest:v0.6.4 InTheForest:v0.6.3 InTheForest:v0.6.2 InTheForest:v0.6.1 InTheForest:v0.6.0 InTheForest:v0.5.3 InTheForest:v0.5.2 InTheForest:v0.5.1 InTheForest:v0.5.0 InTheForest:v0.4.8 InTheForest:v0.4.7 InTheForest:v0.4.6 InTheForest:v0.4.5 InTheForest:v0.4.4 InTheForest:v0.4.3 InTheForest:v0.4.2 InTheForest:v0.4.1 InTheForest:v0.4.0 InTheForest:v0.3.4 InTheForest:v0.3.3 InTheForest:v0.3.2 InTheForest:v0.3.1 InTheForest:v0.3.0 InTheForest:v0.2.2 InTheForest:v0.2.1 InTheForest:builder/2 InTheForest:autorun/1 InTheForest:builder/1 InTheForest:v0.2.0 InTheForest:v0.1.8 InTheForest:v0.1.7 InTheForest:v0.1.6 InTheForest:v0.1.5 InTheForest:v0.1.4 InTheForest:v0.1.3 InTheForest:v0.1.2 InTheForest:v0.1.1 InTheForest:v0.1.0 InTheForest:upstream/0.1.4 InTheForest:upstream/0.1.3 InTheForest:0.0.3 InTheForest:upstream/0.1.2 InTheForest:debian/0.1.1-1 InTheForest:upstream/0.1.1

30 Commits
v1.12.2 ... docs-v1.12

Author SHA1 Message Date
Charles Smith
0dc92ee015 Merge pull request #25420 from sfsmithcha/add_networking_guide 
per @mavenugo , merging after addressing comments
add overlay networking guide
(cherry picked from commit 84ef31a79c)

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>

Conflicts:
	docs/userguide/networking/dockernetworks.md
 2016-08-12 23:06:46 +00:00
Charles Smith
45cc839324 Merge pull request #25135 from sfsmithcha/add_overlay_networking_note 
per @mavenugo , merging after addressing his comments:
add swarm mode overlay networking security model
(cherry picked from commit ccf3dd85f0)

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
 2016-08-12 23:06:28 +00:00
Sebastiaan van Stijn
8c16b5eb4d Merge pull request #25530 from thaJeztah/docs-update-image-load-response 
docs: add missing "quiet" parameter for image/load and update response
(cherry picked from commit 06e3ea1417)

Conflicts:
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-09 21:49:19 +00:00
Sebastiaan van Stijn
66375de76e Merge pull request #25527 from thaJeztah/fix-image-load-api-docs 
docs: add missing content-type header for image load
(cherry picked from commit 5fd483695f)

Conflicts:
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-09 21:48:58 +00:00
Sebastiaan van Stijn
adeba54893 Merge pull request #25506 from sfsmithcha/fix_network_name 
fix overlay network example
(cherry picked from commit c51f639531)
 2016-08-09 21:48:35 +00:00
Sebastiaan van Stijn
e3b6cca8de Merge pull request #25422 from sfsmithcha/fix_tutorial_advisory 
update D4M D4W advisory in swarm tutorial
(cherry picked from commit e4bca49356)
 2016-08-09 21:48:29 +00:00
Sebastiaan van Stijn
01940944e4 Merge pull request #25441 from thaJeztah/sync-api-docs 
Sync API docs to older API versions
(cherry picked from commit f4575970a7)
 2016-08-09 21:48:21 +00:00
Sebastiaan van Stijn
15cbede98c Merge pull request #25435 from kfr2/fix-run-docs-typo 
Fix typo in run command documentation
(cherry picked from commit 0af3ca6933)
 2016-08-09 21:48:09 +00:00
Sebastiaan van Stijn
3c55fb8c06 Merge pull request #25430 from padyx/doc_swarmjoin_conflictmarker 
Remove git conflict markers in docs/reference/commandline/swarm_join.md
(cherry picked from commit 4981916546)
 2016-08-09 21:48:02 +00:00
Sebastiaan van Stijn
9738defd13 Merge pull request #25425 from thaJeztah/remove-rc-suffix 
Remove "-rc" from documentation
(cherry picked from commit 9513aa3a48)
 2016-08-09 21:47:57 +00:00
Sebastiaan van Stijn
1aecea09a5 Merge pull request #25421 from avaid96/patch-1 
minor nit typo in opensl(openssl) genrsa -out delegation.key 2048
(cherry picked from commit 4191b786c5)
 2016-08-09 21:47:50 +00:00
Sebastiaan van Stijn
f41f93a0e5 Merge pull request #25405 from thaJeztah/fix-api-markdown 
Fix Markdown formatting in API docs
(cherry picked from commit 66671d4ec2)

Conflicts:
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-09 21:47:42 +00:00
Brian Goff
75070282f2 Merge pull request #25399 from ilkka/swarm-tutorial-service-ps-output 
Update `service ps` output format in swarm tutorial to match 1.12.0
(cherry picked from commit e1b77bd69a)
 2016-08-09 21:46:52 +00:00
Brian Goff
40ea65a1b5 Merge pull request #25376 from sfsmithcha/fix_typo 
add missing period
(cherry picked from commit f7d48d74a3)
 2016-08-03 21:10:47 +00:00
Sebastiaan van Stijn
a39aca4a60 Merge pull request #25194 from vdemeester/23597-swarm-api-ref-fixes 
Update `/node/*` api reference documentation
(cherry picked from commit 0ab06816ea)

Conflicts:
	docs/reference/api/docker_remote_api_v1.24.md
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-03 21:10:03 +00:00
Sebastiaan van Stijn
2a3562f599 Merge pull request #25358 from lixiaobing10051267/masterBe 
Remove reduntant word in device-mapper-driver.md
(cherry picked from commit 5c9bcaa942)
 2016-08-03 21:08:57 +00:00
Sebastiaan van Stijn
3a184996c0 Merge pull request #24736 from johnharris85/fix-sinatra-tutorial 
Fix broken gem instructions.
(cherry picked from commit 29648795cd)
 2016-08-03 21:01:39 +00:00
Sebastiaan van Stijn
88b2dd9d04 Merge pull request #25350 from thaJeztah/carry-24314-mongodb-example-update 
[Carry 24314] Make MongoDB sample Dockerfile working again
(cherry picked from commit 6e19e7b1d7)
 2016-08-03 00:06:01 +00:00
Sebastiaan van Stijn
36911c3a2f Merge pull request #25349 from thaJeztah/carry-25174-api-docs-update 
[carry 25174] 409 status code result to create service
(cherry picked from commit 2cb1281a4a)

Conflicts:
	docs/reference/api/docker_remote_api_v1.24.md
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-03 00:02:44 +00:00
Sebastiaan van Stijn
28120f1236 Merge pull request #25318 from lixiaobing10051267/masterParentheses 
A parenthesis omitted in Seccomp.md
(cherry picked from commit d7c9c85e30)
 2016-08-02 22:16:22 +00:00
Sven Dowideit
f00afff382 Merge pull request #25282 from clhlc/clhlc-patch-1 
Update swarm-mode.md
(cherry picked from commit 181f5ac627)
 2016-08-02 22:16:14 +00:00
Sven Dowideit
62091d021b Merge pull request #25241 from jhorwit2/jah/ps-doc-fix 
Added shutdown to desired-state docs for filter node/service ps
(cherry picked from commit 1d8617a42b)

Conflicts:
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-02 22:15:59 +00:00
Vincent Demeester
a377019a13 Merge pull request #25269 from allencloud/update-remote-api-docs-about-409 
add status code 409 in attach in docs
(cherry picked from commit 56cbfc587f)

Conflicts:
	docs/reference/api/docker_remote_api_v1.25.md
 2016-08-02 22:15:28 +00:00
Tõnis Tiigi
4488ae06df Merge pull request #25265 from adamwalz/docs_swarm_cluster_fault_tolerance 
Fix swarm manager node fault tolerance table
(cherry picked from commit ceb4126aa0)
 2016-08-02 22:15:00 +00:00
Charles Smith
f61b71549b Merge pull request #25205 from lixiaobing10051267/masterPath 
Give the correct link of docker swarm init
(cherry picked from commit 93fea86d1d)
 2016-08-02 22:14:53 +00:00
Vincent Demeester
be4ef641d9 Merge pull request #25239 from dlech/patch-1 
Make it clear which parmeter is the user
(cherry picked from commit c7fcf496af)
 2016-08-02 22:14:46 +00:00
Sebastiaan van Stijn
53e75284a6 Merge pull request #25020 from jfrazelle/update-non-events 
update security non-events
(cherry picked from commit 14664beda9)
 2016-08-02 22:14:38 +00:00
Charles Smith
3696d1fff5 Merge pull request #25182 from sfsmithcha/clarify_join_token 
Author Merge add advertise address, clarify join token

CI errors expected.
(cherry picked from commit ee355e017d)
 2016-07-29 16:17:48 -07:00
Charles Smith
c79ef9842a Merge pull request #25197 from sfsmithcha/add_services_guide 
author merge: add services guide to manage a swarm
(cherry picked from commit 8b69d50c79)
 2016-07-29 16:17:27 -07:00
Sven Dowideit
0fa541496b Merge pull request #25156 from londoncalling/docs-v112-getstarted-a 
modifed d4mac and d4win download links to stable for v1.12
(cherry picked from commit 352c720d69)
 2016-07-28 17:25:37 -07:00
53 changed files with 2900 additions and 2038 deletions
Expand all files Collapse all files

2
docs/admin/live-restore.md
View File

@@ -36,7 +36,7 @@ Use your favorite editor to enable the `live-restore` option in the
You have to send a `SIGHUP` signal to the daemon process for it to reload the
configuration. For more information on how to configure the Docker daemon using
config.json, see [daemon configuration file](../reference/commandline/dockerd.md#daemon-configuration-file)
config.json, see [daemon configuration file](../reference/commandline/dockerd.md#daemon-configuration-file).
* When you start the Docker daemon, pass the `--live-restore` flag:

9
docs/examples/mongodb/Dockerfile
View File

@@ -1,14 +1,15 @@
# Dockerizing MongoDB: Dockerfile for building MongoDB images
# Based on ubuntu:latest, installs MongoDB following the instructions from:
# Based on ubuntu:16.04, installs MongoDB following the instructions from:
# http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
FROM ubuntu:latest
FROM ubuntu:16.04
MAINTAINER Docker
# Installation:
# Import MongoDB public GPG key AND create a MongoDB list file
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
RUN echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-3.0.list
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
RUN echo "deb http://repo.mongodb.org/apt/ubuntu $(cat /etc/lsb-release | grep DISTRIB_CODENAME | cut -d= -f2)/mongodb-org/3.2 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-3.2.list
# Update apt-get sources AND install MongoDB
RUN apt-get update && apt-get install -y mongodb-org

4
docs/getstarted/step_one.md
View File

@@ -27,7 +27,7 @@ weight = 1
Docker for Mac is our newest offering for the Mac. It runs as a native Mac application and uses <a href="https://github.com/mist64/xhyve/" target="_blank">xhyve</a> to virtualize the Docker Engine environment and Linux kernel-specific features for the Docker daemon.
<a class="button" href="https://download.docker.com/mac/beta/Docker.dmg">Get Docker for Mac</a>
<a class="button" href="https://download.docker.com/mac/stable/Docker.dmg">Get Docker for Mac</a>
**Requirements**
@@ -49,7 +49,7 @@ See [Docker Toolbox Overview](/toolbox/overview.md) for help on installing Docke
Docker for Windows is our newest offering for PCs. It runs as a native Windows application and uses Hyper-V to virtualize the Docker Engine environment and Linux kernel-specific features for the Docker daemon.
<a class="button" href="https://download.docker.com/win/beta/InstallDocker.msi">Get Docker for Windows</a>
<a class="button" href="https://download.docker.com/win/stable/InstallDocker.msi">Get Docker for Windows</a>
**Requirements**

4
docs/installation/linux/ubuntulinux.md
View File

@@ -243,15 +243,13 @@ To create the `docker` group and add your user:
1. Log into Ubuntu as a user with `sudo` privileges.
This procedure assumes you log in as the `ubuntu` user.
2. Create the `docker` group.
$ sudo groupadd docker
3. Add your user to `docker` group.
$ sudo usermod -aG docker ubuntu
$ sudo usermod -aG docker $USER
4. Log out and log back in.

1
docs/reference/api/docker_remote_api.md
View File

@@ -163,6 +163,7 @@ This section lists each version from latest to oldest. Each listing includes a
* `POST /containers/create` with both `Hostname` and `Domainname` fields specified will result in the container's hostname being set to `Hostname`, rather than `Hostname.Domainname`.
* `GET /volumes` now supports more filters, new added filters are `name` and `driver`.
* `GET /containers/(id or name)/logs` now accepts a `details` query parameter to stream the extra attributes that were provided to the containers `LogOpts`, such as environment variables and labels, with the logs.
* `POST /images/load` now returns progress information as a JSON stream, and has a `quiet` query parameter to suppress progress details.
### v1.22 API changes

1380
docs/reference/api/docker_remote_api_v1.18.md
View File

File diff suppressed because it is too large Load Diff

225
docs/reference/api/docker_remote_api_v1.19.md
View File

@@ -96,7 +96,7 @@ List containers
}
]
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, Show all containers.
Only running containers are shown by default (i.e., this defaults to false)
@@ -113,7 +113,7 @@ Query Parameters:
- `status=`(`restarting`|`running`|`paused`|`exited`)
- `label=key` or `label="key=value"` of a container label
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -147,7 +147,7 @@ Create a container
"Cmd": [
"date"
],
"Entrypoint": "",
"Entrypoint": null,
"Image": "ubuntu",
"Labels": {
"com.example.vendor": "Acme",
@@ -155,7 +155,7 @@ Create a container
"com.example.version": "1.0"
},
"Volumes": {
"/tmp": {}
"/volumes/data": {}
},
"WorkingDir": "",
"NetworkDisabled": false,
@@ -207,7 +207,7 @@ Create a container
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **Hostname** - A string value containing the hostname to use for the
container.
@@ -226,7 +226,7 @@ Json Parameters:
- **Entrypoint** - Set the entry point for the container as a string or an array
of strings.
- **Image** - A string specifying the image name to use for the container.
- **Volumes** An object mapping mount point paths (strings) inside the
- **Volumes** - An object mapping mount point paths (strings) inside the
container to empty objects.
- **WorkingDir** - A string specifying the working directory for commands to
run in.
@@ -296,15 +296,15 @@ Json Parameters:
- **LogConfig** - Log configuration for the container, specified as a JSON object in the form
`{ "Type": "<driver_name>", "Config": {"key1": "val1"}}`.
Available types: `json-file`, `syslog`, `journald`, `none`.
`syslog` available options are: `address`.
- **CgroupParent** - Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
`syslog` available options are: `address`.
- **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
Query Parameters:
**Query parameters**:
- **name** Assign the specified name to the container. Must
match `/?[a-zA-Z0-9_-]+`.
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -319,7 +319,6 @@ Status Codes:
Return low-level information on the container `id`
**Example request**:
GET /containers/4fa6e0f0c678/json HTTP/1.1
@@ -445,7 +444,7 @@ Return low-level information on the container `id`
"VolumesRW": {}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -505,11 +504,11 @@ supported on Windows.
],
}
Query Parameters:
**Query parameters**:
- **ps_args** `ps` arguments to use (e.g., `aux`), defaults to `-ef`
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -537,7 +536,7 @@ Get `stdout` and `stderr` logs from the container ``id``
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **follow** 1/True/true or 0/False/false, return stream. Default `false`.
- **stdout** 1/True/true or 0/False/false, show `stdout` log. Default `false`.
@@ -548,7 +547,7 @@ Query Parameters:
every log line. Default `false`.
- **tail** Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -591,7 +590,7 @@ Values for `Kind`:
- `1`: Add
- `2`: Delete
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -614,7 +613,7 @@ Export the contents of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -719,11 +718,11 @@ This endpoint returns a live stream of a container's resource usage statistics.
The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
Query Parameters:
**Query parameters**:
- **stream** 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -745,7 +744,12 @@ Resize the TTY for container with `id`. You must restart the container for the
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Status Codes:
**Query parameters**:
- **h** height of `tty` session
- **w** width
**Status codes**:
- **200** no error
- **404** No such container
@@ -763,13 +767,13 @@ Start the container `id`
**Example request**:
POST /containers/e90e34656806/start HTTP/1.1
POST /containers/e90e34656806/start HTTP/1.1
**Example response**:
HTTP/1.1 204 No Content
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **304** container already started
@@ -790,11 +794,11 @@ Stop the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **304** container already stopped
@@ -815,11 +819,11 @@ Restart the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -839,12 +843,12 @@ Kill the container `id`
HTTP/1.1 204 No Content
Query Parameters
**Query parameters**:
- **signal** - Signal to send to the container: integer or string like `SIGINT`.
When not set, `SIGKILL` is assumed and the call waits for the container to exit.
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -864,11 +868,11 @@ Rename the container `id` to a `new_name`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **name** new name for the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -889,7 +893,7 @@ Pause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -909,7 +913,7 @@ Unpause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -934,7 +938,7 @@ Attach to the container `id`
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -946,7 +950,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -1014,7 +1018,7 @@ Implements websocket protocol handshake according to [RFC 6455](http://tools.iet
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -1026,7 +1030,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1050,7 +1054,7 @@ Block until container `id` stops, then returns the exit code
{"StatusCode": 0}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1070,14 +1074,14 @@ Remove the container `id` from the filesystem
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **v** 1/True/true or 0/False/false, Remove the volumes
associated to the container. Default `false`.
- **force** - 1/True/true or 0/False/false, Kill then remove the container.
Default `false`.
Status Codes:
**Status codes**:
- **204** no error
- **400** bad parameter
@@ -1107,7 +1111,7 @@ Copy files or folders of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1198,7 +1202,7 @@ digest. You can reference this digest using the value:
See the `docker run` and `docker build` commands for examples of digest and tag
references on the command line.
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, default false
- **filters** a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
@@ -1242,10 +1246,10 @@ command*](../../reference/builder.md#add)).
The build is canceled if the client drops the connection by quitting
or being killed.
Query Parameters:
**Query parameters**:
- **dockerfile** - Path within the build context to the `Dockerfile`. This is
ignored if `remote` is specified and points to an external `Dockerfile`.
- **dockerfile** - Path within the build context to the Dockerfile. This is
ignored if `remote` is specified and points to an individual filename.
- **t** Repository name (and optionally a tag) to be applied to
the resulting image in case of success.
- **remote** A Git repository URI or HTTP/HTTPS context URI. If the
@@ -1272,7 +1276,7 @@ Query Parameters:
- **Content-type** Set to `"application/tar"`.
- **X-Registry-Config** base64-encoded ConfigFile object
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1301,7 +1305,7 @@ When using this endpoint to pull an image from the registry, the
`X-Registry-Auth` header can be used to include
a base64-encoded AuthConfig object.
Query Parameters:
**Query parameters**:
- **fromImage** Name of the image to pull.
- **fromSrc** Source to import. The value may be a URL from which the image
@@ -1313,7 +1317,7 @@ Query Parameters:
- **X-Registry-Auth** base64-encoded AuthConfig object
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1367,7 +1371,7 @@ Return low-level information on the image `name`
"Size": 6824592
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1421,7 +1425,7 @@ Return the history of the image `name`
}
]
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1456,7 +1460,7 @@ then be used in the URL. This duplicates the command line's flow.
POST /images/registry.acme.com:5000/test/push HTTP/1.1
Query Parameters:
**Query parameters**:
- **tag** The tag to associate with the image on the registry. This is optional.
@@ -1465,7 +1469,7 @@ Request Headers:
- **X-Registry-Auth** Include a base64-encoded AuthConfig.
object.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1485,13 +1489,13 @@ Tag the image `name` into a repository
HTTP/1.1 201 Created
Query Parameters:
**Query parameters**:
- **repo** The repository to tag in
- **force** 1/True/true or 0/False/false, default false
- **tag** - The new tag name
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -1520,12 +1524,12 @@ Remove the image `name` from the filesystem
{"Deleted": "53b4f83ac9"}
]
Query Parameters:
**Query parameters**:
- **force** 1/True/true or 0/False/false, default false
- **noprune** 1/True/true or 0/False/false, default false
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1554,39 +1558,39 @@ be deprecated and replaced by the `is_automated` property.
HTTP/1.1 200 OK
Content-Type: application/json
[
{
"star_count": 12,
"is_official": false,
"name": "wma55/u1210sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
},
{
"star_count": 10,
"is_official": false,
"name": "jdswinbank/sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
},
{
"star_count": 18,
"is_official": false,
"name": "vgauthier/sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
}
...
]
[
{
"star_count": 12,
"is_official": false,
"name": "wma55/u1210sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
},
{
"star_count": 10,
"is_official": false,
"name": "jdswinbank/sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
},
{
"star_count": 18,
"is_official": false,
"name": "vgauthier/sshd",
"is_trusted": false,
"is_automated": false,
"description": "",
}
...
]
Query Parameters:
**Query parameters**:
- **term** term to search
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1615,7 +1619,7 @@ Get the default username and email
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **204** no error
@@ -1685,7 +1689,7 @@ Display system-wide information
"SystemTime": "2015-03-10T11:11:23.730591467-07:00"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1715,7 +1719,7 @@ Show the docker version information
"ApiVersion": "1.19"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1737,7 +1741,7 @@ Ping the docker server
OK
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -1789,11 +1793,11 @@ Create a new image from a container's changes
{"Id": "596069db4bf5"}
Json Parameters:
**JSON parameters**:
- **config** - the container's configuration
Query Parameters:
**Query parameters**:
- **container** source container
- **repo** repository
@@ -1802,7 +1806,7 @@ Query Parameters:
- **author** author (e.g., "John Hannibal Smith
<[hannibal@a-team.com](mailto:hannibal%40a-team.com)>")
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -1837,16 +1841,16 @@ and Docker images report:
{"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
{"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
Query Parameters:
**Query parameters**:
- **since** Timestamp used for polling
- **until** Timestamp used for polling
- **filters** A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
- `container=<string>`; -- container to filter
- `event=<string>`; -- event to filter
- `image=<string>`; -- image to filter
- `container=<string>`; -- container to filter
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1876,7 +1880,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1905,7 +1909,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1920,6 +1924,7 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
@@ -1927,7 +1932,7 @@ See the [image tarball format](#image-tarball-format) for more details.
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1971,7 +1976,7 @@ Sets up an exec instance in a running container `id`
"Tty": false,
"Cmd": [
"date"
],
]
}
**Example response**:
@@ -1984,7 +1989,7 @@ Sets up an exec instance in a running container `id`
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
- **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
@@ -1993,7 +1998,7 @@ Json Parameters:
- **Cmd** - Command to run specified as a string or an array of strings.
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2013,7 +2018,7 @@ interactive session with the `exec` command.
{
"Detach": false,
"Tty": false,
"Tty": false
}
**Example response**:
@@ -2023,12 +2028,12 @@ interactive session with the `exec` command.
{{ STREAM }}
Json Parameters:
**JSON parameters**:
- **Detach** - Detach from the `exec` command.
- **Tty** - Boolean value to allocate a pseudo-TTY.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2040,12 +2045,12 @@ Status Codes:
`POST /exec/(id)/resize`
Resizes the `tty` session used by the `exec` command `id`.
Resizes the `tty` session used by the `exec` command `id`. The unit is number of characters.
This API is valid only if `tty` was specified as part of creating and starting the `exec` command.
**Example request**:
POST /exec/e90e34656806/resize HTTP/1.1
POST /exec/e90e34656806/resize?h=40&w=80 HTTP/1.1
Content-Type: text/plain
**Example response**:
@@ -2053,12 +2058,12 @@ This API is valid only if `tty` was specified as part of creating and starting t
HTTP/1.1 201 Created
Content-Type: text/plain
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **201** no error
- **404** no such exec instance
@@ -2162,7 +2167,7 @@ Return low-level information about the `exec` command `id`.
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance

197
docs/reference/api/docker_remote_api_v1.20.md
View File

@@ -96,7 +96,7 @@ List containers
}
]
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, Show all containers.
Only running containers are shown by default (i.e., this defaults to false)
@@ -113,7 +113,7 @@ Query Parameters:
- `status=`(`created`|`restarting`|`running`|`paused`|`exited`)
- `label=key` or `label="key=value"` of a container label
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -147,7 +147,7 @@ Create a container
"Cmd": [
"date"
],
"Entrypoint": "",
"Entrypoint": null,
"Image": "ubuntu",
"Labels": {
"com.example.vendor": "Acme",
@@ -209,7 +209,7 @@ Create a container
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **Hostname** - A string value containing the hostname to use for the
container.
@@ -303,12 +303,12 @@ Json Parameters:
`json-file` logging driver.
- **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
Query Parameters:
**Query parameters**:
- **name** Assign the specified name to the container. Must
match `/?[a-zA-Z0-9_-]+`.
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -323,7 +323,6 @@ Status Codes:
Return low-level information on the container `id`
**Example request**:
GET /containers/4fa6e0f0c678/json HTTP/1.1
@@ -454,7 +453,7 @@ Return low-level information on the container `id`
]
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -514,11 +513,11 @@ supported on Windows.
],
}
Query Parameters:
**Query parameters**:
- **ps_args** `ps` arguments to use (e.g., `aux`), defaults to `-ef`
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -546,7 +545,7 @@ Get `stdout` and `stderr` logs from the container ``id``
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **follow** 1/True/true or 0/False/false, return stream. Default `false`.
- **stdout** 1/True/true or 0/False/false, show `stdout` log. Default `false`.
@@ -557,7 +556,7 @@ Query Parameters:
every log line. Default `false`.
- **tail** Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -600,7 +599,7 @@ Values for `Kind`:
- `1`: Add
- `2`: Delete
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -623,7 +622,7 @@ Export the contents of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -728,11 +727,11 @@ This endpoint returns a live stream of a container's resource usage statistics.
The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
Query Parameters:
**Query parameters**:
- **stream** 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -754,7 +753,12 @@ Resize the TTY for container with `id`. You must restart the container for the
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Status Codes:
**Query parameters**:
- **h** height of `tty` session
- **w** width
**Status codes**:
- **200** no error
- **404** No such container
@@ -778,7 +782,7 @@ Start the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **304** container already started
@@ -799,11 +803,11 @@ Stop the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **304** container already stopped
@@ -824,11 +828,11 @@ Restart the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -848,12 +852,12 @@ Kill the container `id`
HTTP/1.1 204 No Content
Query Parameters
**Query parameters**:
- **signal** - Signal to send to the container: integer or string like `SIGINT`.
When not set, `SIGKILL` is assumed and the call waits for the container to exit.
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -873,11 +877,11 @@ Rename the container `id` to a `new_name`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **name** new name for the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -898,7 +902,7 @@ Pause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -918,7 +922,7 @@ Unpause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -943,7 +947,7 @@ Attach to the container `id`
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -955,7 +959,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -1023,7 +1027,7 @@ Implements websocket protocol handshake according to [RFC 6455](http://tools.iet
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -1035,7 +1039,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1059,7 +1063,7 @@ Block until container `id` stops, then returns the exit code
{"StatusCode": 0}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1079,14 +1083,14 @@ Remove the container `id` from the filesystem
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **v** 1/True/true or 0/False/false, Remove the volumes
associated to the container. Default `false`.
- **force** - 1/True/true or 0/False/false, Kill then remove the container.
Default `false`.
Status Codes:
**Status codes**:
- **204** no error
- **400** bad parameter
@@ -1118,7 +1122,7 @@ Copy files or folders of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1137,7 +1141,7 @@ following section.
Get a tar archive of a resource in the filesystem of container `id`.
Query Parameters:
**Query parameters**:
- **path** - resource in the container's filesystem to archive. Required.
@@ -1148,39 +1152,41 @@ Query Parameters:
indicates that only the contents of the **path** directory should be
copied. A symlink is always resolved to its target.
**Note**: It is not possible to copy certain system files such as resources
under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
container.
> **Note**: It is not possible to copy certain system files such as resources
> under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
> container.
**Example request**:
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
{{ TAR STREAM }}
{{ TAR STREAM }}
On success, a response header `X-Docker-Container-Path-Stat` will be set to a
base64-encoded JSON object containing some filesystem header information about
the archived resource. The above example value would decode to the following
JSON object (whitespace added for readability):
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```json
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```
A `HEAD` request can also be made to this endpoint if only this information is
desired.
Status Codes:
**Status codes**:
- **200** - success, returns archive of copied resource
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1199,7 +1205,7 @@ Status Codes:
Upload a tar archive to be extracted to a path in the filesystem of container
`id`.
Query Parameters:
**Query parameters**:
- **path** - path to a directory in the container
to extract the archive's contents into. Required.
@@ -1212,16 +1218,16 @@ Query Parameters:
**Example request**:
PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
Content-Type: application/x-tar
PUT /containers/8cce319429b2/archive?path=/vol1 HTTP/1.1
Content-Type: application/x-tar
{{ TAR STREAM }}
{{ TAR STREAM }}
**Example response**:
HTTP/1.1 200 OK
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** the content was extracted successfully
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1323,7 +1329,7 @@ digest. You can reference this digest using the value:
See the `docker run` and `docker build` commands for examples of digest and tag
references on the command line.
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, default false
- **filters** a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
@@ -1367,7 +1373,7 @@ command*](../../reference/builder.md#add)).
The build is canceled if the client drops the connection by quitting
or being killed.
Query Parameters:
**Query parameters**:
- **dockerfile** - Path within the build context to the Dockerfile. This is
ignored if `remote` is specified and points to an individual filename.
@@ -1375,7 +1381,7 @@ Query Parameters:
the resulting image in case of success.
- **remote** A Git repository URI or HTTP/HTTPS URI build source. If the
URI specifies a filename, the file's contents are placed into a file
called `Dockerfile`.
called `Dockerfile`.
- **q** Suppress verbose build output.
- **nocache** Do not use the cache when building the image.
- **pull** - Attempt to pull the image even if an older image exists locally.
@@ -1414,7 +1420,7 @@ Query Parameters:
be specified with both a "https://" prefix and a "/v1/" suffix even
though Docker will prefer to use the v2 registry API.
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1443,7 +1449,7 @@ When using this endpoint to pull an image from the registry, the
`X-Registry-Auth` header can be used to include
a base64-encoded AuthConfig object.
Query Parameters:
**Query parameters**:
- **fromImage** Name of the image to pull.
- **fromSrc** Source to import. The value may be a URL from which the image
@@ -1455,7 +1461,7 @@ Query Parameters:
- **X-Registry-Auth** base64-encoded AuthConfig object
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1508,7 +1514,7 @@ Return low-level information on the image `name`
"Size": 6824592
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1562,7 +1568,7 @@ Return the history of the image `name`
}
]
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1597,7 +1603,7 @@ then be used in the URL. This duplicates the command line's flow.
POST /images/registry.acme.com:5000/test/push HTTP/1.1
Query Parameters:
**Query parameters**:
- **tag** The tag to associate with the image on the registry. This is optional.
@@ -1606,7 +1612,7 @@ Request Headers:
- **X-Registry-Auth** Include a base64-encoded AuthConfig.
object.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1626,13 +1632,13 @@ Tag the image `name` into a repository
HTTP/1.1 201 Created
Query Parameters:
**Query parameters**:
- **repo** The repository to tag in
- **force** 1/True/true or 0/False/false, default false
- **tag** - The new tag name
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -1661,12 +1667,12 @@ Remove the image `name` from the filesystem
{"Deleted": "53b4f83ac9"}
]
Query Parameters:
**Query parameters**:
- **force** 1/True/true or 0/False/false, default false
- **noprune** 1/True/true or 0/False/false, default false
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1717,11 +1723,11 @@ Search for an image on [Docker Hub](https://hub.docker.com).
...
]
Query Parameters:
**Query parameters**:
- **term** term to search
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1750,7 +1756,7 @@ Get the default username and email
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **204** no error
@@ -1820,7 +1826,7 @@ Display system-wide information
"SystemTime": "2015-03-10T11:11:23.730591467-07:00"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1851,7 +1857,7 @@ Show the docker version information
"Experimental": false
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1873,7 +1879,7 @@ Ping the docker server
OK
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -1929,11 +1935,11 @@ Create a new image from a container's changes
{"Id": "596069db4bf5"}
Json Parameters:
**JSON parameters**:
- **config** - the container's configuration
Query Parameters:
**Query parameters**:
- **container** source container
- **repo** repository
@@ -1944,7 +1950,7 @@ Query Parameters:
- **pause** 1/True/true or 0/False/false, whether to pause the container before committing
- **changes** Dockerfile instructions to apply while committing
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -1979,16 +1985,16 @@ and Docker images report:
{"status": "stop", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067966}
{"status": "destroy", "id": "dfdf82bd3881","from": "ubuntu:latest", "time":1374067970}
Query Parameters:
**Query parameters**:
- **since** Timestamp used for polling
- **until** Timestamp used for polling
- **filters** A json encoded value of the filters (a map[string][]string) to process on the event list. Available filters:
- `container=<string>`; -- container to filter
- `event=<string>`; -- event to filter
- `image=<string>`; -- image to filter
- `container=<string>`; -- container to filter
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2018,7 +2024,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2047,7 +2053,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2062,6 +2068,7 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
@@ -2069,7 +2076,7 @@ See the [image tarball format](#image-tarball-format) for more details.
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2126,7 +2133,7 @@ Sets up an exec instance in a running container `id`
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
- **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
@@ -2135,7 +2142,7 @@ Json Parameters:
- **Cmd** - Command to run specified as a string or an array of strings.
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2165,12 +2172,12 @@ interactive session with the `exec` command.
{{ STREAM }}
Json Parameters:
**JSON parameters**:
- **Detach** - Detach from the `exec` command.
- **Tty** - Boolean value to allocate a pseudo-TTY.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2195,12 +2202,12 @@ This API is valid only if `tty` was specified as part of creating and starting t
HTTP/1.1 201 Created
Content-Type: text/plain
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **201** no error
- **404** no such exec instance
@@ -2302,7 +2309,7 @@ Return low-level information about the `exec` command `id`.
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance

222
docs/reference/api/docker_remote_api_v1.21.md
View File

@@ -100,7 +100,7 @@ List containers
}
]
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, Show all containers.
Only running containers are shown by default (i.e., this defaults to false)
@@ -117,7 +117,7 @@ Query Parameters:
- `status=`(`created`|`restarting`|`running`|`paused`|`exited`)
- `label=key` or `label="key=value"` of a container label
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -151,7 +151,7 @@ Create a container
"Cmd": [
"date"
],
"Entrypoint": "",
"Entrypoint": null,
"Image": "ubuntu",
"Labels": {
"com.example.vendor": "Acme",
@@ -219,7 +219,7 @@ Create a container
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **Hostname** - A string value containing the hostname to use for the
container.
@@ -322,12 +322,12 @@ Json Parameters:
- **CgroupParent** - Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist.
- **VolumeDriver** - Driver that this container users to mount volumes.
Query Parameters:
**Query parameters**:
- **name** Assign the specified name to the container. Must
match `/?[a-zA-Z0-9_-]+`.
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -342,7 +342,6 @@ Status Codes:
Return low-level information on the container `id`
**Example request**:
GET /containers/4fa6e0f0c678/json HTTP/1.1
@@ -517,11 +516,11 @@ Return low-level information on the container `id`
....
}
Query Parameters:
**Query parameters**:
- **size** 1/True/true or 0/False/false, return container size information. Default is `false`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -581,11 +580,11 @@ supported on Windows.
],
}
Query Parameters:
**Query parameters**:
- **ps_args** `ps` arguments to use (e.g., `aux`), defaults to `-ef`
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -613,7 +612,7 @@ Get `stdout` and `stderr` logs from the container ``id``
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **follow** 1/True/true or 0/False/false, return stream. Default `false`.
- **stdout** 1/True/true or 0/False/false, show `stdout` log. Default `false`.
@@ -624,7 +623,7 @@ Query Parameters:
every log line. Default `false`.
- **tail** Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -667,7 +666,7 @@ Values for `Kind`:
- `1`: Add
- `2`: Delete
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -690,7 +689,7 @@ Export the contents of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -807,11 +806,11 @@ This endpoint returns a live stream of a container's resource usage statistics.
The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
Query Parameters:
**Query parameters**:
- **stream** 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -833,12 +832,12 @@ Resize the TTY for container with `id`. The unit is number of characters. You m
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **200** no error
- **404** No such container
@@ -862,7 +861,7 @@ Start the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **304** container already started
@@ -883,11 +882,11 @@ Stop the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **304** container already stopped
@@ -908,11 +907,11 @@ Restart the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -932,12 +931,12 @@ Kill the container `id`
HTTP/1.1 204 No Content
Query Parameters
**Query parameters**:
- **signal** - Signal to send to the container: integer or string like `SIGINT`.
When not set, `SIGKILL` is assumed and the call waits for the container to exit.
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -957,11 +956,11 @@ Rename the container `id` to a `new_name`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **name** new name for the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -982,7 +981,7 @@ Pause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1002,7 +1001,7 @@ Unpause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1027,7 +1026,7 @@ Attach to the container `id`
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -1039,7 +1038,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -1107,7 +1106,7 @@ Implements websocket protocol handshake according to [RFC 6455](http://tools.iet
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **logs** 1/True/true or 0/False/false, return logs. Default `false`.
- **stream** 1/True/true or 0/False/false, return stream.
@@ -1119,7 +1118,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1143,7 +1142,7 @@ Block until container `id` stops, then returns the exit code
{"StatusCode": 0}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1163,14 +1162,14 @@ Remove the container `id` from the filesystem
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **v** 1/True/true or 0/False/false, Remove the volumes
associated to the container. Default `false`.
- **force** - 1/True/true or 0/False/false, Kill then remove the container.
Default `false`.
Status Codes:
**Status codes**:
- **204** no error
- **400** bad parameter
@@ -1202,7 +1201,7 @@ Copy files or folders of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1221,7 +1220,7 @@ following section.
Get a tar archive of a resource in the filesystem of container `id`.
Query Parameters:
**Query parameters**:
- **path** - resource in the container's filesystem to archive. Required.
@@ -1232,39 +1231,41 @@ Query Parameters:
indicates that only the contents of the **path** directory should be
copied. A symlink is always resolved to its target.
**Note**: It is not possible to copy certain system files such as resources
under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
container.
> **Note**: It is not possible to copy certain system files such as resources
> under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
> container.
**Example request**:
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
{{ TAR STREAM }}
{{ TAR STREAM }}
On success, a response header `X-Docker-Container-Path-Stat` will be set to a
base64-encoded JSON object containing some filesystem header information about
the archived resource. The above example value would decode to the following
JSON object (whitespace added for readability):
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```json
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```
A `HEAD` request can also be made to this endpoint if only this information is
desired.
Status Codes:
**Status codes**:
- **200** - success, returns archive of copied resource
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1283,7 +1284,7 @@ Status Codes:
Upload a tar archive to be extracted to a path in the filesystem of container
`id`.
Query Parameters:
**Query parameters**:
- **path** - path to a directory in the container
to extract the archive's contents into. Required.
@@ -1305,7 +1306,7 @@ Query Parameters:
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** the content was extracted successfully
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1407,7 +1408,7 @@ digest. You can reference this digest using the value:
See the `docker run` and `docker build` commands for examples of digest and tag
references on the command line.
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, default false
- **filters** a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
@@ -1451,7 +1452,7 @@ command*](../../reference/builder.md#add)).
The build is canceled if the client drops the connection by quitting
or being killed.
Query Parameters:
**Query parameters**:
- **dockerfile** - Path within the build context to the Dockerfile. This is
ignored if `remote` is specified and points to an individual filename.
@@ -1460,7 +1461,7 @@ Query Parameters:
You can provide one or more `t` parameters.
- **remote** A Git repository URI or HTTP/HTTPS URI build source. If the
URI specifies a filename, the file's contents are placed into a file
called `Dockerfile`.
called `Dockerfile`.
- **q** Suppress verbose build output.
- **nocache** Do not use the cache when building the image.
- **pull** - Attempt to pull the image even if an older image exists locally.
@@ -1504,7 +1505,7 @@ Query Parameters:
be specified with both a "https://" prefix and a "/v1/" suffix even
though Docker will prefer to use the v2 registry API.
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1533,7 +1534,7 @@ When using this endpoint to pull an image from the registry, the
`X-Registry-Auth` header can be used to include
a base64-encoded AuthConfig object.
Query Parameters:
**Query parameters**:
- **fromImage** Name of the image to pull. The name may include a tag or
digest. This parameter may only be used when pulling an image.
@@ -1549,7 +1550,7 @@ Query Parameters:
- **X-Registry-Auth** base64-encoded AuthConfig object
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1661,7 +1662,7 @@ Return low-level information on the image `name`
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1715,7 +1716,7 @@ Return the history of the image `name`
}
]
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1750,7 +1751,7 @@ then be used in the URL. This duplicates the command line's flow.
POST /images/registry.acme.com:5000/test/push HTTP/1.1
Query Parameters:
**Query parameters**:
- **tag** The tag to associate with the image on the registry. This is optional.
@@ -1759,7 +1760,7 @@ Request Headers:
- **X-Registry-Auth** Include a base64-encoded AuthConfig.
object.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1779,13 +1780,13 @@ Tag the image `name` into a repository
HTTP/1.1 201 Created
Query Parameters:
**Query parameters**:
- **repo** The repository to tag in
- **force** 1/True/true or 0/False/false, default false
- **tag** - The new tag name
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -1814,12 +1815,12 @@ Remove the image `name` from the filesystem
{"Deleted": "53b4f83ac9"}
]
Query Parameters:
**Query parameters**:
- **force** 1/True/true or 0/False/false, default false
- **noprune** 1/True/true or 0/False/false, default false
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1870,11 +1871,11 @@ Search for an image on [Docker Hub](https://hub.docker.com).
...
]
Query Parameters:
**Query parameters**:
- **term** term to search
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1903,7 +1904,7 @@ Get the default username and email
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **204** no error
@@ -1975,7 +1976,7 @@ Display system-wide information
"SystemTime": "2015-03-10T11:11:23.730591467-07:00"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2006,7 +2007,7 @@ Show the docker version information
"Experimental": false
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2028,7 +2029,7 @@ Ping the docker server
OK
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2084,11 +2085,11 @@ Create a new image from a container's changes
{"Id": "596069db4bf5"}
Json Parameters:
**JSON parameters**:
- **config** - the container's configuration
Query Parameters:
**Query parameters**:
- **container** source container
- **repo** repository
@@ -2099,7 +2100,7 @@ Query Parameters:
- **pause** 1/True/true or 0/False/false, whether to pause the container before committing
- **changes** Dockerfile instructions to apply while committing
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2134,7 +2135,7 @@ and Docker images report:
{"status":"attach","id":"5745704abe9caa5","from":"busybox","time":1442421716,"timeNano":1442421716894759198}
{"status":"start","id":"5745704abe9caa5","from":"busybox","time":1442421716,"timeNano":1442421716983607193}
Query Parameters:
**Query parameters**:
- **since** Timestamp used for polling
- **until** Timestamp used for polling
@@ -2144,7 +2145,7 @@ Query Parameters:
- `image=<string>`; -- image to filter
- `label=<string>`; -- image and container label to filter
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2174,7 +2175,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2203,7 +2204,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2218,6 +2219,7 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
@@ -2225,7 +2227,7 @@ See the [image tarball format](#image-tarball-format) for more details.
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2282,7 +2284,7 @@ Sets up an exec instance in a running container `id`
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
- **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
@@ -2291,7 +2293,7 @@ Json Parameters:
- **Cmd** - Command to run specified as a string or an array of strings.
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2323,12 +2325,12 @@ interactive session with the `exec` command.
{{ STREAM }}
Json Parameters:
**JSON parameters**:
- **Detach** - Detach from the `exec` command.
- **Tty** - Boolean value to allocate a pseudo-TTY.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2354,12 +2356,12 @@ This API is valid only if `tty` was specified as part of creating and starting t
HTTP/1.1 201 Created
Content-Type: text/plain
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **201** no error
- **404** no such exec instance
@@ -2484,7 +2486,7 @@ Return low-level information about the `exec` command `id`.
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2515,11 +2517,11 @@ Status Codes:
]
}
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2550,12 +2552,12 @@ Create a volume
"Mountpoint": "/var/lib/docker/volumes/tardis"
}
Status Codes:
**Status codes**:
- **201** - no error
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new volume's name. If not specified, Docker generates a name.
- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
@@ -2583,7 +2585,7 @@ Return low-level information on the volume `name`
"Mountpoint": "/var/lib/docker/volumes/tardis"
}
Status Codes:
**Status codes**:
- **200** - no error
- **404** - no such volume
@@ -2603,7 +2605,7 @@ Instruct the driver to remove the volume (`name`).
HTTP/1.1 204 No Content
Status Codes
**Status codes**:
- **204** - no error
- **404** - no such volume or volume driver
@@ -2684,13 +2686,11 @@ Content-Type: application/json
]
```
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the networks list. Available filters: `name=[network-names]` , `id=[network-ids]`
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2741,7 +2741,7 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network not found
@@ -2760,7 +2760,7 @@ Content-Type: application/json
{
"Name":"isolated_nw",
"Driver":"bridge"
"Driver":"bridge",
"IPAM":{
"Config":[{
"Subnet":"172.20.0.0/16",
@@ -2782,13 +2782,13 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **201** - no error
- **404** - plugin not found
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new network's name. this is a mandatory field
- **Driver** - Name of the network driver plugin to use. Defaults to `bridge` driver
@@ -2817,13 +2817,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container is not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **container** - container-id/name to be connected to the network
@@ -2848,13 +2848,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **Container** - container-id/name to be disconnected from a network
@@ -2872,7 +2872,7 @@ Instruct the driver to remove the network (`id`).
HTTP/1.1 200 OK
Status Codes
**Status codes**:
- **200** - no error
- **404** - no such network

248
docs/reference/api/docker_remote_api_v1.22.md
View File

@@ -187,7 +187,7 @@ List containers
}
]
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, Show all containers.
Only running containers are shown by default (i.e., this defaults to false)
@@ -205,7 +205,7 @@ Query Parameters:
- `label=key` or `label="key=value"` of a container label
- `isolation=`(`default`|`process`|`hyperv`) (Windows daemon only)
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -239,7 +239,7 @@ Create a container
"Cmd": [
"date"
],
"Entrypoint": "",
"Entrypoint": null,
"Image": "ubuntu",
"Labels": {
"com.example.vendor": "Acme",
@@ -301,14 +301,15 @@ Create a container
"ShmSize": 67108864
},
"NetworkingConfig": {
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033"
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033"
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
}
}
}
}
@@ -323,7 +324,7 @@ Create a container
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **Hostname** - A string value containing the hostname to use for the
container.
@@ -434,12 +435,12 @@ Json Parameters:
- **VolumeDriver** - Driver that this container users to mount volumes.
- **ShmSize** - Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB.
Query Parameters:
**Query parameters**:
- **name** Assign the specified name to the container. Must
match `/?[a-zA-Z0-9_-]+`.
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -454,7 +455,6 @@ Status Codes:
Return low-level information on the container `id`
**Example request**:
GET /containers/4fa6e0f0c678/json HTTP/1.1
@@ -500,8 +500,8 @@ Return low-level information on the container `id`
"Tty": false,
"User": "",
"Volumes": {
"/volumes/data": {}
},
"/volumes/data": {}
},
"WorkingDir": "",
"StopSignal": "SIGTERM"
},
@@ -642,11 +642,11 @@ Return low-level information on the container `id`
....
}
Query Parameters:
**Query parameters**:
- **size** 1/True/true or 0/False/false, return container size information. Default is `false`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -706,11 +706,11 @@ supported on Windows.
],
}
Query Parameters:
**Query parameters**:
- **ps_args** `ps` arguments to use (e.g., `aux`), defaults to `-ef`
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -738,7 +738,7 @@ Get `stdout` and `stderr` logs from the container ``id``
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **follow** 1/True/true or 0/False/false, return stream. Default `false`.
- **stdout** 1/True/true or 0/False/false, show `stdout` log. Default `false`.
@@ -749,7 +749,7 @@ Query Parameters:
every log line. Default `false`.
- **tail** Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -792,7 +792,7 @@ Values for `Kind`:
- `1`: Add
- `2`: Delete
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -815,7 +815,7 @@ Export the contents of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -932,11 +932,11 @@ This endpoint returns a live stream of a container's resource usage statistics.
The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
Query Parameters:
**Query parameters**:
- **stream** 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -958,12 +958,12 @@ Resize the TTY for container with `id`. The unit is number of characters. You m
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **200** no error
- **404** No such container
@@ -987,13 +987,13 @@ Start the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
Status Codes:
**Status codes**:
- **204** no error
- **304** container already started
@@ -1014,11 +1014,11 @@ Stop the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **304** container already stopped
@@ -1039,11 +1039,11 @@ Restart the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1063,12 +1063,12 @@ Kill the container `id`
HTTP/1.1 204 No Content
Query Parameters
**Query parameters**:
- **signal** - Signal to send to the container: integer or string like `SIGINT`.
When not set, `SIGKILL` is assumed and the call waits for the container to exit.
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1107,7 +1107,7 @@ Update resource configs of one or more containers.
"Warnings": []
}
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1128,11 +1128,11 @@ Rename the container `id` to a `new_name`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **name** new name for the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1153,7 +1153,7 @@ Pause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1173,7 +1173,7 @@ Unpause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1198,7 +1198,7 @@ Attach to the container `id`
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
@@ -1213,12 +1213,13 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
- **400** bad parameter
- **404** no such container
- **409** - container is paused
- **500** server error
**Stream details**:
@@ -1281,7 +1282,7 @@ Implements websocket protocol handshake according to [RFC 6455](http://tools.iet
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
@@ -1296,7 +1297,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1320,7 +1321,7 @@ Block until container `id` stops, then returns the exit code
{"StatusCode": 0}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1340,14 +1341,14 @@ Remove the container `id` from the filesystem
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **v** 1/True/true or 0/False/false, Remove the volumes
associated to the container. Default `false`.
- **force** - 1/True/true or 0/False/false, Kill then remove the container.
Default `false`.
Status Codes:
**Status codes**:
- **204** no error
- **400** bad parameter
@@ -1379,7 +1380,7 @@ Copy files or folders of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1398,7 +1399,7 @@ following section.
Get a tar archive of a resource in the filesystem of container `id`.
Query Parameters:
**Query parameters**:
- **path** - resource in the container's filesystem to archive. Required.
@@ -1409,39 +1410,41 @@ Query Parameters:
indicates that only the contents of the **path** directory should be
copied. A symlink is always resolved to its target.
**Note**: It is not possible to copy certain system files such as resources
under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
container.
> **Note**: It is not possible to copy certain system files such as resources
> under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
> container.
**Example request**:
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
{{ TAR STREAM }}
{{ TAR STREAM }}
On success, a response header `X-Docker-Container-Path-Stat` will be set to a
base64-encoded JSON object containing some filesystem header information about
the archived resource. The above example value would decode to the following
JSON object (whitespace added for readability):
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```json
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```
A `HEAD` request can also be made to this endpoint if only this information is
desired.
Status Codes:
**Status codes**:
- **200** - success, returns archive of copied resource
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1460,7 +1463,7 @@ Status Codes:
Upload a tar archive to be extracted to a path in the filesystem of container
`id`.
Query Parameters:
**Query parameters**:
- **path** - path to a directory in the container
to extract the archive's contents into. Required.
@@ -1482,7 +1485,7 @@ Query Parameters:
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** the content was extracted successfully
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1584,7 +1587,7 @@ digest. You can reference this digest using the value:
See the `docker run` and `docker build` commands for examples of digest and tag
references on the command line.
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, default false
- **filters** a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
@@ -1628,7 +1631,7 @@ command*](../../reference/builder.md#add)).
The build is canceled if the client drops the connection by quitting
or being killed.
Query Parameters:
**Query parameters**:
- **dockerfile** - Path within the build context to the Dockerfile. This is
ignored if `remote` is specified and points to an individual filename.
@@ -1637,7 +1640,7 @@ Query Parameters:
You can provide one or more `t` parameters.
- **remote** A Git repository URI or HTTP/HTTPS URI build source. If the
URI specifies a filename, the file's contents are placed into a file
called `Dockerfile`.
called `Dockerfile`.
- **q** Suppress verbose build output.
- **nocache** Do not use the cache when building the image.
- **pull** - Attempt to pull the image even if an older image exists locally.
@@ -1682,7 +1685,7 @@ Query Parameters:
be specified with both a "https://" prefix and a "/v1/" suffix even
though Docker will prefer to use the v2 registry API.
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1711,7 +1714,7 @@ When using this endpoint to pull an image from the registry, the
`X-Registry-Auth` header can be used to include
a base64-encoded AuthConfig object.
Query Parameters:
**Query parameters**:
- **fromImage** Name of the image to pull. The name may include a tag or
digest. This parameter may only be used when pulling an image.
@@ -1745,7 +1748,7 @@ Query Parameters:
}
```
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1857,7 +1860,7 @@ Return low-level information on the image `name`
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1911,7 +1914,7 @@ Return the history of the image `name`
}
]
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1948,7 +1951,7 @@ The push is cancelled if the HTTP connection is closed.
POST /images/registry.acme.com:5000/test/push HTTP/1.1
Query Parameters:
**Query parameters**:
- **tag** The tag to associate with the image on the registry. This is optional.
@@ -1973,7 +1976,7 @@ Request Headers:
}
```
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1993,13 +1996,13 @@ Tag the image `name` into a repository
HTTP/1.1 201 Created
Query Parameters:
**Query parameters**:
- **repo** The repository to tag in
- **force** 1/True/true or 0/False/false, default false
- **tag** - The new tag name
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -2028,12 +2031,12 @@ Remove the image `name` from the filesystem
{"Deleted": "53b4f83ac9"}
]
Query Parameters:
**Query parameters**:
- **force** 1/True/true or 0/False/false, default false
- **noprune** 1/True/true or 0/False/false, default false
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -2084,11 +2087,11 @@ Search for an image on [Docker Hub](https://hub.docker.com).
...
]
Query Parameters:
**Query parameters**:
- **term** term to search
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2117,7 +2120,7 @@ Get the default username and email
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **204** no error
@@ -2205,7 +2208,7 @@ Display system-wide information
"SystemTime": "2015-03-10T11:11:23.730591467-07:00"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2237,7 +2240,7 @@ Show the docker version information
"Experimental": true
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2259,7 +2262,7 @@ Ping the docker server
OK
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2315,11 +2318,11 @@ Create a new image from a container's changes
{"Id": "596069db4bf5"}
Json Parameters:
**JSON parameters**:
- **config** - the container's configuration
Query Parameters:
**Query parameters**:
- **container** source container
- **repo** repository
@@ -2330,7 +2333,7 @@ Query Parameters:
- **pause** 1/True/true or 0/False/false, whether to pause the container before committing
- **changes** Dockerfile instructions to apply while committing
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2518,7 +2521,7 @@ Docker networks report the following events:
"timeNano": 1461943105338056026
}
Query Parameters:
**Query parameters**:
- **since** Timestamp used for polling
- **until** Timestamp used for polling
@@ -2531,7 +2534,7 @@ Query Parameters:
- `volume=<string>`; -- volume to filter
- `network=<string>`; -- network to filter
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2561,12 +2564,12 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
### Get a tarball containing all images.
### Get a tarball containing all images
`GET /images/get`
@@ -2590,7 +2593,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2605,6 +2608,7 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
@@ -2612,7 +2616,7 @@ See the [image tarball format](#image-tarball-format) for more details.
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2670,7 +2674,7 @@ Sets up an exec instance in a running container `id`
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
- **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
@@ -2682,7 +2686,7 @@ Json Parameters:
- **Cmd** - Command to run specified as a string or an array of strings.
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2714,12 +2718,12 @@ interactive session with the `exec` command.
{{ STREAM }}
Json Parameters:
**JSON parameters**:
- **Detach** - Detach from the `exec` command.
- **Tty** - Boolean value to allocate a pseudo-TTY.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2745,12 +2749,12 @@ This API is valid only if `tty` was specified as part of creating and starting t
HTTP/1.1 201 Created
Content-Type: text/plain
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **201** no error
- **404** no such exec instance
@@ -2792,7 +2796,7 @@ Return low-level information about the `exec` command `id`.
"Running": false
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2824,11 +2828,11 @@ Status Codes:
"Warnings": []
}
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2859,12 +2863,12 @@ Create a volume
"Mountpoint": "/var/lib/docker/volumes/tardis"
}
Status Codes:
**Status codes**:
- **201** - no error
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new volume's name. If not specified, Docker generates a name.
- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
@@ -2892,7 +2896,7 @@ Return low-level information on the volume `name`
"Mountpoint": "/var/lib/docker/volumes/tardis"
}
Status Codes:
**Status codes**:
- **200** - no error
- **404** - no such volume
@@ -2912,7 +2916,7 @@ Instruct the driver to remove the volume (`name`).
HTTP/1.1 204 No Content
Status Codes
**Status codes**:
- **204** - no error
- **404** - no such volume or volume driver
@@ -2993,14 +2997,14 @@ Content-Type: application/json
]
```
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded network list filter. The filter value is one of:
- `name=<network-name>` Matches all or part of a network name.
- `id=<network-id>` Matches all or part of a network id.
- `name=<network-name>` Matches all or part of a network name.
- `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks.
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -3056,7 +3060,7 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network not found
@@ -3108,13 +3112,13 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **201** - no error
- **404** - plugin not found
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new network's name. this is a mandatory field
- **Driver** - Name of the network driver plugin to use. Defaults to `bridge` driver
@@ -3149,13 +3153,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container is not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **container** - container-id/name to be connected to the network
@@ -3181,13 +3185,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **Container** - container-id/name to be disconnected from a network
- **Force** - Force the container to disconnect from a network
@@ -3206,7 +3210,7 @@ Instruct the driver to remove the network (`id`).
HTTP/1.1 200 OK
Status Codes
**Status codes**:
- **200** - no error
- **404** - no such network

269
docs/reference/api/docker_remote_api_v1.23.md
View File

@@ -202,7 +202,7 @@ List containers
}
]
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, Show all containers.
Only running containers are shown by default (i.e., this defaults to false)
@@ -224,7 +224,7 @@ Query Parameters:
- `since`=(`<container id>` or `<container name>`)
- `volume`=(`<volume name>` or `<mount point destination>`)
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -321,14 +321,15 @@ Create a container
"ShmSize": 67108864
},
"NetworkingConfig": {
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033"
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033"
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
}
}
}
}
@@ -343,7 +344,7 @@ Create a container
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **Hostname** - A string value containing the hostname to use for the
container.
@@ -457,12 +458,12 @@ Json Parameters:
- **VolumeDriver** - Driver that this container users to mount volumes.
- **ShmSize** - Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB.
Query Parameters:
**Query parameters**:
- **name** Assign the specified name to the container. Must
match `/?[a-zA-Z0-9_-]+`.
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -477,7 +478,6 @@ Status Codes:
Return low-level information on the container `id`
**Example request**:
GET /containers/4fa6e0f0c678/json HTTP/1.1
@@ -665,11 +665,11 @@ Return low-level information on the container `id`
....
}
Query Parameters:
**Query parameters**:
- **size** 1/True/true or 0/False/false, return container size information. Default is `false`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -729,11 +729,11 @@ supported on Windows.
],
}
Query Parameters:
**Query parameters**:
- **ps_args** `ps` arguments to use (e.g., `aux`), defaults to `-ef`
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -761,7 +761,7 @@ Get `stdout` and `stderr` logs from the container ``id``
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **follow** 1/True/true or 0/False/false, return stream. Default `false`.
- **stdout** 1/True/true or 0/False/false, show `stdout` log. Default `false`.
@@ -772,7 +772,7 @@ Query Parameters:
every log line. Default `false`.
- **tail** Output specified number of lines at the end of logs: `all` or `<number>`. Default all.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
@@ -815,7 +815,7 @@ Values for `Kind`:
- `1`: Add
- `2`: Delete
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -838,7 +838,7 @@ Export the contents of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -958,11 +958,11 @@ This endpoint returns a live stream of a container's resource usage statistics.
The precpu_stats is the cpu statistic of last read, which is used for calculating the cpu usage percent. It is not the exact copy of the “cpu_stats” field.
Query Parameters:
**Query parameters**:
- **stream** 1/True/true or 0/False/false, pull stats once then disconnect. Default `true`.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -984,12 +984,12 @@ Resize the TTY for container with `id`. The unit is number of characters. You m
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **200** no error
- **404** No such container
@@ -1013,13 +1013,13 @@ Start the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
Status Codes:
**Status codes**:
- **204** no error
- **304** container already started
@@ -1040,11 +1040,11 @@ Stop the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **304** container already stopped
@@ -1065,11 +1065,11 @@ Restart the container `id`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **t** number of seconds to wait before killing the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1089,12 +1089,12 @@ Kill the container `id`
HTTP/1.1 204 No Content
Query Parameters
**Query parameters**:
- **signal** - Signal to send to the container: integer or string like `SIGINT`.
When not set, `SIGKILL` is assumed and the call waits for the container to exit.
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1137,7 +1137,7 @@ Update configuration of one or more containers.
"Warnings": []
}
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1158,11 +1158,11 @@ Rename the container `id` to a `new_name`
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **name** new name for the container
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1183,7 +1183,7 @@ Pause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1203,7 +1203,7 @@ Unpause the container `id`
HTTP/1.1 204 No Content
Status Codes:
**Status codes**:
- **204** no error
- **404** no such container
@@ -1228,7 +1228,7 @@ Attach to the container `id`
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
@@ -1243,12 +1243,13 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **101** no error, hints proxy about hijacking
- **200** no error, no upgrade header found
- **400** bad parameter
- **404** no such container
- **409** - container is paused
- **500** server error
**Stream details**:
@@ -1311,7 +1312,7 @@ Implements websocket protocol handshake according to [RFC 6455](http://tools.iet
{{ STREAM }}
Query Parameters:
**Query parameters**:
- **detachKeys** Override the key sequence for detaching a
container. Format is a single character `[a-Z]` or `ctrl-<value>`
@@ -1326,7 +1327,7 @@ Query Parameters:
- **stderr** 1/True/true or 0/False/false, if `logs=true`, return
`stderr` log, if `stream=true`, attach to `stderr`. Default `false`.
Status Codes:
**Status codes**:
- **200** no error
- **400** bad parameter
@@ -1350,7 +1351,7 @@ Block until container `id` stops, then returns the exit code
{"StatusCode": 0}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1370,14 +1371,14 @@ Remove the container `id` from the filesystem
HTTP/1.1 204 No Content
Query Parameters:
**Query parameters**:
- **v** 1/True/true or 0/False/false, Remove the volumes
associated to the container. Default `false`.
- **force** - 1/True/true or 0/False/false, Kill then remove the container.
Default `false`.
Status Codes:
**Status codes**:
- **204** no error
- **400** bad parameter
@@ -1409,7 +1410,7 @@ Copy files or folders of container `id`
{{ TAR STREAM }}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such container
@@ -1428,7 +1429,7 @@ following section.
Get a tar archive of a resource in the filesystem of container `id`.
Query Parameters:
**Query parameters**:
- **path** - resource in the container's filesystem to archive. Required.
@@ -1439,39 +1440,41 @@ Query Parameters:
indicates that only the contents of the **path** directory should be
copied. A symlink is always resolved to its target.
**Note**: It is not possible to copy certain system files such as resources
under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
container.
> **Note**: It is not possible to copy certain system files such as resources
> under `/proc`, `/sys`, `/dev`, and mounts created by the user in the
> container.
**Example request**:
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
GET /containers/8cce319429b2/archive?path=/root HTTP/1.1
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
HTTP/1.1 200 OK
Content-Type: application/x-tar
X-Docker-Container-Path-Stat: eyJuYW1lIjoicm9vdCIsInNpemUiOjQwOTYsIm1vZGUiOjIxNDc0ODQwOTYsIm10aW1lIjoiMjAxNC0wMi0yN1QyMDo1MToyM1oiLCJsaW5rVGFyZ2V0IjoiIn0=
{{ TAR STREAM }}
{{ TAR STREAM }}
On success, a response header `X-Docker-Container-Path-Stat` will be set to a
base64-encoded JSON object containing some filesystem header information about
the archived resource. The above example value would decode to the following
JSON object (whitespace added for readability):
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```json
{
"name": "root",
"size": 4096,
"mode": 2147484096,
"mtime": "2014-02-27T20:51:23Z",
"linkTarget": ""
}
```
A `HEAD` request can also be made to this endpoint if only this information is
desired.
Status Codes:
**Status codes**:
- **200** - success, returns archive of copied resource
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1490,7 +1493,7 @@ Status Codes:
Upload a tar archive to be extracted to a path in the filesystem of container
`id`.
Query Parameters:
**Query parameters**:
- **path** - path to a directory in the container
to extract the archive's contents into. Required.
@@ -1512,7 +1515,7 @@ Query Parameters:
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** the content was extracted successfully
- **400** - client error, bad parameter, details in JSON response body, one of:
@@ -1614,7 +1617,7 @@ digest. You can reference this digest using the value:
See the `docker run` and `docker build` commands for examples of digest and tag
references on the command line.
Query Parameters:
**Query parameters**:
- **all** 1/True/true or 0/False/false, default false
- **filters** a JSON encoded value of the filters (a map[string][]string) to process on the images list. Available filters:
@@ -1658,7 +1661,7 @@ command*](../../reference/builder.md#add)).
The build is canceled if the client drops the connection by quitting
or being killed.
Query Parameters:
**Query parameters**:
- **dockerfile** - Path within the build context to the Dockerfile. This is
ignored if `remote` is specified and points to an individual filename.
@@ -1713,7 +1716,7 @@ Query Parameters:
be specified with both a "https://" prefix and a "/v1/" suffix even
though Docker will prefer to use the v2 registry API.
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1742,7 +1745,7 @@ When using this endpoint to pull an image from the registry, the
`X-Registry-Auth` header can be used to include
a base64-encoded AuthConfig object.
Query Parameters:
**Query parameters**:
- **fromImage** Name of the image to pull. The name may include a tag or
digest. This parameter may only be used when pulling an image.
@@ -1776,7 +1779,7 @@ Query Parameters:
}
```
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -1895,7 +1898,7 @@ Return low-level information on the image `name`
}
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1949,7 +1952,7 @@ Return the history of the image `name`
}
]
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -1986,7 +1989,7 @@ The push is cancelled if the HTTP connection is closed.
POST /images/registry.acme.com:5000/test/push HTTP/1.1
Query Parameters:
**Query parameters**:
- **tag** The tag to associate with the image on the registry. This is optional.
@@ -2011,7 +2014,7 @@ Request Headers:
}
```
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -2031,13 +2034,13 @@ Tag the image `name` into a repository
HTTP/1.1 201 Created
Query Parameters:
**Query parameters**:
- **repo** The repository to tag in
- **force** 1/True/true or 0/False/false, default false
- **tag** - The new tag name
Status Codes:
**Status codes**:
- **201** no error
- **400** bad parameter
@@ -2066,12 +2069,12 @@ Remove the image `name` from the filesystem
{"Deleted": "53b4f83ac9"}
]
Query Parameters:
**Query parameters**:
- **force** 1/True/true or 0/False/false, default false
- **noprune** 1/True/true or 0/False/false, default false
Status Codes:
**Status codes**:
- **200** no error
- **404** no such image
@@ -2122,11 +2125,11 @@ Search for an image on [Docker Hub](https://hub.docker.com).
...
]
Query Parameters:
**Query parameters**:
- **term** term to search
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2160,7 +2163,7 @@ if available, for accessing the registry without password.
"IdentityToken": "9cbaf023786cd7..."
}
Status Codes:
**Status codes**:
- **200** no error
- **204** no error
@@ -2250,7 +2253,7 @@ Display system-wide information
"SystemTime": "2015-03-10T11:11:23.730591467-07:00"
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2282,7 +2285,7 @@ Show the docker version information
"Experimental": true
}
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2304,7 +2307,7 @@ Ping the docker server
OK
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2360,11 +2363,11 @@ Create a new image from a container's changes
{"Id": "596069db4bf5"}
Json Parameters:
**JSON parameters**:
- **config** - the container's configuration
Query Parameters:
**Query parameters**:
- **container** source container
- **repo** repository
@@ -2375,7 +2378,7 @@ Query Parameters:
- **pause** 1/True/true or 0/False/false, whether to pause the container before committing
- **changes** Dockerfile instructions to apply while committing
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2563,8 +2566,7 @@ Docker networks report the following events:
"timeNano": 1461943105338056026
}
Query Parameters:
**Query parameters**:
- **since** Timestamp used for polling
- **until** Timestamp used for polling
@@ -2577,7 +2579,7 @@ Query Parameters:
- `volume=<string>`; -- volume to filter
- `network=<string>`; -- network to filter
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2607,12 +2609,12 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
### Get a tarball containing all images.
### Get a tarball containing all images
`GET /images/get`
@@ -2636,7 +2638,7 @@ See the [image tarball format](#image-tarball-format) for more details.
Binary data stream
Status Codes:
**Status codes**:
- **200** no error
- **500** server error
@@ -2651,14 +2653,41 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Status Codes:
{"status":"Loading layer","progressDetail":{"current":32768,"total":1292800},"progress":"[= ] 32.77 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":65536,"total":1292800},"progress":"[== ] 65.54 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":98304,"total":1292800},"progress":"[=== ] 98.3 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":131072,"total":1292800},"progress":"[===== ] 131.1 kB/1.293 MB","id":"8ac8bfaff55a"}
...
{"stream":"Loaded image: busybox:latest\n"}
**Example response**:
If the "quiet" query parameter is set to `true` / `1` (`?quiet=1`), progress
details are suppressed, and only a confirmation message is returned as plain text
once the action completes.
HTTP/1.1 200 OK
Content-Length: 29
Content-Type: text/plain; charset=utf-8
Loaded image: busybox:latest
**Query parameters**:
- **quiet** Boolean value, suppress progress details during load. Defaults
to `0` / `false` if omitted.
**Status codes**:
- **200** no error
- **500** server error
@@ -2716,7 +2745,7 @@ Sets up an exec instance in a running container `id`
"Warnings":[]
}
Json Parameters:
**JSON parameters**:
- **AttachStdin** - Boolean value, attaches to `stdin` of the `exec` command.
- **AttachStdout** - Boolean value, attaches to `stdout` of the `exec` command.
@@ -2728,7 +2757,7 @@ Json Parameters:
- **Cmd** - Command to run specified as a string or an array of strings.
Status Codes:
**Status codes**:
- **201** no error
- **404** no such container
@@ -2760,12 +2789,12 @@ interactive session with the `exec` command.
{{ STREAM }}
Json Parameters:
**JSON parameters**:
- **Detach** - Detach from the `exec` command.
- **Tty** - Boolean value to allocate a pseudo-TTY.
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2791,12 +2820,12 @@ This API is valid only if `tty` was specified as part of creating and starting t
HTTP/1.1 201 Created
Content-Type: text/plain
Query Parameters:
**Query parameters**:
- **h** height of `tty` session
- **w** width
Status Codes:
**Status codes**:
- **201** no error
- **404** no such exec instance
@@ -2838,7 +2867,7 @@ Return low-level information about the `exec` command `id`.
"Running": false
}
Status Codes:
**Status codes**:
- **200** no error
- **404** no such exec instance
@@ -2870,11 +2899,11 @@ Status Codes:
"Warnings": []
}
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded value of the filters (a `map[string][]string`) to process on the volumes list. There is one available filter: `dangling=true`
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -2913,12 +2942,12 @@ Create a volume
},
}
Status Codes:
**Status codes**:
- **201** - no error
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new volume's name. If not specified, Docker generates a name.
- **Driver** - Name of the volume driver to use. Defaults to `local` for the name.
@@ -2951,7 +2980,7 @@ Return low-level information on the volume `name`
}
}
Status Codes:
**Status codes**:
- **200** - no error
- **404** - no such volume
@@ -2971,14 +3000,14 @@ Instruct the driver to remove the volume (`name`).
HTTP/1.1 204 No Content
Status Codes
**Status codes**:
- **204** - no error
- **404** - no such volume or volume driver
- **409** - volume is in use and cannot be removed
- **500** - server error
## 2.5 Networks
## 3.5 Networks
### List networks
@@ -3058,14 +3087,14 @@ Content-Type: application/json
]
```
Query Parameters:
**Query parameters**:
- **filters** - JSON encoded network list filter. The filter value is one of:
- `name=<network-name>` Matches all or part of a network name.
- `id=<network-id>` Matches all or part of a network id.
- `name=<network-name>` Matches all or part of a network name.
- `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks.
Status Codes:
**Status codes**:
- **200** - no error
- **500** - server error
@@ -3127,7 +3156,7 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network not found
@@ -3193,13 +3222,13 @@ Content-Type: application/json
}
```
Status Codes:
**Status codes**:
- **201** - no error
- **404** - plugin not found
- **500** - server error
JSON Parameters:
**JSON parameters**:
- **Name** - The new network's name. this is a mandatory field
- **CheckDuplicate** - Requests daemon to check for networks with same name
@@ -3237,13 +3266,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container is not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **container** - container-id/name to be connected to the network
@@ -3269,13 +3298,13 @@ Content-Type: application/json
HTTP/1.1 200 OK
Status Codes:
**Status codes**:
- **200** - no error
- **404** - network or container not found
- **500** - Internal Server Error
JSON Parameters:
**JSON parameters**:
- **Container** - container-id/name to be disconnected from a network
- **Force** - Force the container to disconnect from a network
@@ -3294,7 +3323,7 @@ Instruct the driver to remove the network (`id`).
HTTP/1.1 204 No Content
Status Codes
**Status codes**:
- **204** - no error
- **404** - no such network

213
docs/reference/api/docker_remote_api_v1.24.md
View File

@@ -336,15 +336,16 @@ Create a container
"ShmSize": 67108864
},
"NetworkingConfig": {
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033",
"LinkLocalIPs:["169.254.34.68", "fe80::3468"]
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
"EndpointsConfig": {
"isolated_nw" : {
"IPAMConfig": {
"IPv4Address":"172.20.30.33",
"IPv6Address":"2001:db8:abcd::3033",
"LinkLocalIPs":["169.254.34.68", "fe80::3468"]
},
"Links":["container_1", "container_2"],
"Aliases":["server_x", "server_y"]
}
}
}
}
@@ -1276,6 +1277,7 @@ Attach to the container `id`
- **200** no error, no upgrade header found
- **400** bad parameter
- **404** no such container
- **409** - container is paused
- **500** server error
**Stream details**:
@@ -2664,12 +2666,39 @@ See the [image tarball format](#image-tarball-format) for more details.
**Example request**
POST /images/load
Content-Type: application/x-tar
Tarball in body
**Example response**:
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
{"status":"Loading layer","progressDetail":{"current":32768,"total":1292800},"progress":"[= ] 32.77 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":65536,"total":1292800},"progress":"[== ] 65.54 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":98304,"total":1292800},"progress":"[=== ] 98.3 kB/1.293 MB","id":"8ac8bfaff55a"}
{"status":"Loading layer","progressDetail":{"current":131072,"total":1292800},"progress":"[===== ] 131.1 kB/1.293 MB","id":"8ac8bfaff55a"}
...
{"stream":"Loaded image: busybox:latest\n"}
**Example response**:
If the "quiet" query parameter is set to `true` / `1` (`?quiet=1`), progress
details are suppressed, and only a confirmation message is returned as plain text
once the action completes.
HTTP/1.1 200 OK
Content-Length: 29
Content-Type: text/plain; charset=utf-8
Loaded image: busybox:latest
**Query parameters**:
- **quiet** Boolean value, suppress progress details during load. Defaults
to `0` / `false` if omitted.
**Status codes**:
@@ -3350,8 +3379,12 @@ List nodes
"CreatedAt": "2016-06-07T20:31:11.853781916Z",
"UpdatedAt": "2016-06-07T20:31:11.999868824Z",
"Spec": {
"Name": "my-node",
"Role": "MANAGER",
"Availability": "ACTIVE"
"Labels": {
"foo": "bar"
}
},
"Description": {
"Hostname": "bf3067039e47",
@@ -3365,11 +3398,22 @@ List nodes
},
"Engine": {
"EngineVersion": "1.12.0-dev",
"Labels": {
"foo": "bar",
}
"Plugins": [
{
"Type": "Volume",
"Name": "local"
},
{
"Type": "Network",
"Name": "bridge"
}
{
"Type": "Network",
"Name": "null"
}
{
"Type": "Network",
"Name": "overlay"
@@ -3378,63 +3422,12 @@ List nodes
}
},
"Status": {
"State": "READY"
"State": "ready"
},
"Manager": {
"Raft": {
"RaftID": 10070664527094528000,
"Addr": "172.17.0.2:4500",
"Status": {
"Leader": true,
"Reachability": "REACHABLE"
}
}
},
"Attachment": {
"Network": {
"ID": "4qvuz4ko70xaltuqbt8956gd1",
"Version": {
"Index": 6
},
"CreatedAt": "2016-06-07T20:31:11.912919752Z",
"UpdatedAt": "2016-06-07T20:31:11.921784144Z",
"Spec": {
"Name": "ingress",
"Labels": {
"com.docker.swarm.internal": "true"
},
"DriverConfiguration": {},
"IPAM": {
"Driver": {},
"Configs": [
{
"Family": "UNKNOWN",
"Subnet": "10.255.0.0/16"
}
]
}
},
"DriverState": {
"Name": "overlay",
"Options": {
"com.docker.network.driver.overlay.vxlanid_list": "256"
}
},
"IPAM": {
"Driver": {
"Name": "default"
},
"Configs": [
{
"Family": "UNKNOWN",
"Subnet": "10.255.0.0/16"
}
]
}
},
"Addresses": [
"10.255.0.2/16"
]
"ManagerStatus": {
"Leader": true,
"Reachability": "reachable",
"Addr": "172.17.0.2:2377""
}
}
]
@@ -3477,8 +3470,12 @@ Return low-level information on the node `id`
"CreatedAt": "2016-06-07T20:31:11.853781916Z",
"UpdatedAt": "2016-06-07T20:31:11.999868824Z",
"Spec": {
"Name": "my-node",
"Role": "MANAGER",
"Availability": "ACTIVE"
"Labels": {
"foo": "bar"
}
},
"Description": {
"Hostname": "bf3067039e47",
@@ -3492,11 +3489,22 @@ Return low-level information on the node `id`
},
"Engine": {
"EngineVersion": "1.12.0-dev",
"Labels": {
"foo": "bar",
}
"Plugins": [
{
"Type": "Volume",
"Name": "local"
},
{
"Type": "Network",
"Name": "bridge"
}
{
"Type": "Network",
"Name": "null"
}
{
"Type": "Network",
"Name": "overlay"
@@ -3505,63 +3513,12 @@ Return low-level information on the node `id`
}
},
"Status": {
"State": "READY"
"State": "ready"
},
"Manager": {
"Raft": {
"RaftID": 10070664527094528000,
"Addr": "172.17.0.2:4500",
"Status": {
"Leader": true,
"Reachability": "REACHABLE"
}
}
},
"Attachment": {
"Network": {
"ID": "4qvuz4ko70xaltuqbt8956gd1",
"Version": {
"Index": 6
},
"CreatedAt": "2016-06-07T20:31:11.912919752Z",
"UpdatedAt": "2016-06-07T20:31:11.921784144Z",
"Spec": {
"Name": "ingress",
"Labels": {
"com.docker.swarm.internal": "true"
},
"DriverConfiguration": {},
"IPAM": {
"Driver": {},
"Configs": [
{
"Family": "UNKNOWN",
"Subnet": "10.255.0.0/16"
}
]
}
},
"DriverState": {
"Name": "overlay",
"Options": {
"com.docker.network.driver.overlay.vxlanid_list": "256"
}
},
"IPAM": {
"Driver": {
"Name": "default"
},
"Configs": [
{
"Family": "UNKNOWN",
"Subnet": "10.255.0.0/16"
}
]
}
},
"Addresses": [
"10.255.0.2/16"
]
"ManagerStatus": {
"Leader": true,
"Reachability": "reachable",
"Addr": "172.17.0.2:2377""
}
}
@@ -3586,8 +3543,8 @@ Initialize a new Swarm
Content-Type: application/json
{
"ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr": "192.168.1.1:4500",
"ListenAddr": "0.0.0.0:2377",
"AdvertiseAddr": "192.168.1.1:2377",
"ForceNewCluster": false,
"Spec": {
"Orchestration": {},
@@ -3658,9 +3615,9 @@ Join an existing new Swarm
Content-Type: application/json
{
"ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr: "192.168.1.1:4500",
"RemoteAddrs": ["node1:4500"],
"ListenAddr": "0.0.0.0:2377",
"AdvertiseAddr": "192.168.1.1:2377",
"RemoteAddrs": ["node1:2377"],
"JoinToken": "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2"
}
@@ -3980,6 +3937,7 @@ Create a service
- **201** no error
- **406** server error or node is not part of a Swarm
- **409** name conflicts with an existing object
JSON Parameters:
@@ -4504,6 +4462,9 @@ List tasks
- `id=<task id>`
- `name=<task name>`
- `service=<service name>`
- `node=<node id>`
- `label=key` or `label="key=value"`
- `desired-state=(running | shutdown | accepted)`
**Status codes**:

2
docs/reference/commandline/network_connect.md
View File

@@ -93,5 +93,5 @@ You can connect a container to one or more networks. The networks need not be th
* [network disconnect](network_disconnect.md)
* [network ls](network_ls.md)
* [network rm](network_rm.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)
* [Work with networks](../../userguide/networking/work-with-networks.md)

2
docs/reference/commandline/network_create.md
View File

@@ -192,4 +192,4 @@ to create an externally isolated `overlay` network, you can specify the
* [network disconnect](network_disconnect.md)
* [network ls](network_ls.md)
* [network rm](network_rm.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)

2
docs/reference/commandline/network_disconnect.md
View File

@@ -34,4 +34,4 @@ Disconnects a container from a network. The container must be running to disconn
* [network create](network_create.md)
* [network ls](network_ls.md)
* [network rm](network_rm.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)

2
docs/reference/commandline/network_inspect.md
View File

@@ -119,4 +119,4 @@ $ docker network inspect simple-network
* [network create](network_create.md)
* [network ls](network_ls.md)
* [network rm](network_rm.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)

2
docs/reference/commandline/network_ls.md
View File

@@ -176,4 +176,4 @@ attached.
* [network create](network_create.md)
* [network inspect](network_inspect.md)
* [network rm](network_rm.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)

2
docs/reference/commandline/network_rm.md
View File

@@ -50,4 +50,4 @@ deletion.
* [network create](network_create.md)
* [network ls](network_ls.md)
* [network inspect](network_inspect.md)
* [Understand Docker container networks](../../userguide/networking/dockernetworks.md)
* [Understand Docker container networks](../../userguide/networking/index.md)

2
docs/reference/commandline/node_ps.md
View File

@@ -91,7 +91,7 @@ bg8c07zzg87di2mufeq51a2qp redis.7 redis redis:3.0.6 Running 9 minutes Ru
#### desired-state
The `desired-state` filter can take the values `running` and `accepted`.
The `desired-state` filter can take the values `running`, `shutdown`, and `accepted`.
## Related information

2
docs/reference/commandline/run.md
View File

@@ -95,7 +95,7 @@ Options:
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
Possible values are : no, on-failuer[:max-retry], always, unless-stopped
Possible values are : no, on-failure[:max-retry], always, unless-stopped
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt value Security Options (default [])

2
docs/reference/commandline/service_ps.md
View File

@@ -89,7 +89,7 @@ ID NAME SERVICE IMAGE DESIRED STATE LAST S
#### desired-state
The `desired-state` filter can take the values `running` and `accepted`.
The `desired-state` filter can take the values `running`, `shutdown`, and `accepted`.
## Related information

1
docs/reference/commandline/swarm_join.md
View File

@@ -90,7 +90,6 @@ This flag is generally not necessary when joining an existing swarm.
### `--manager`
Joins the node as a manager
>>>>>>> 22565e1... Split advertised address from listen address
### `--token string`

33
docs/reference/commandline/swarm_join_token.md
View File

@@ -21,13 +21,17 @@ Options:
--rotate Rotate join token
```
Join tokens are secrets that determine whether or not a node will join the swarm as a manager node
or a worker node. You pass the token using the `--token flag` when you run
[swarm join](swarm_join.md). You can access the current tokens or rotate the tokens using
`swarm join-token`.
Join tokens are secrets that allow a node to join the swarm. There are two
different join tokens available, one for the worker role and one for the manager
role. You pass the token using the `--token` flag when you run
[swarm join](swarm_join.md). Nodes use the join token only when they join the
swarm.
Run with only a single `worker` or `manager` argument, it will print a command for joining a new
node to the swarm, including the necessary token:
You can view or rotate the join tokens using `swarm join-token`.
As a convenience, you can pass `worker` or `manager` as an argument to
`join-token` to print the full `docker swarm join` command to join a new node to
the swarm:
```bash
$ docker swarm join-token worker
@@ -64,7 +68,22 @@ SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-b30ljddcqhef9b9v4rs7
### `--rotate`
Update the join token for a specified role with a new token and print the token.
Because tokens allow new nodes to join the swarm, you should keep them secret.
Be particularly careful with manager tokens since they allow new manager nodes
to join the swarm. A rogue manager has the potential to disrupt the operation of
your swarm.
Rotate your swarm's join token if a token gets checked-in to version control,
stolen, or a node is compromised. You may also want to periodically rotate the
token to ensure any unknown token leaks do not allow a rogue node to join
the swarm.
To rotate the join token and print the newly generated token, run
`docker swarm join-token --rotate` and pass the role: `manager` or `worker`.
Rotating a join-token means that no new nodes will be able to join the swarm
using the old token. Rotation does not affect existing nodes in the swarm
because the join token is only used for authorizing new nodes joining the swarm.
### `--quiet`

8
docs/security/non-events.md
View File

@@ -73,6 +73,14 @@ seccomp profile.
A bug in eBPF -- the special in-kernel DSL used to express things like seccomp
filters -- allowed arbitrary reads of kernel memory. The `bpf()` system call
is blocked inside Docker containers using (ironically) seccomp.
* [CVE-2016-3134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134),
[4997](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997),
[4998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998):
A bug in setsockopt with `IPT_SO_SET_REPLACE`, `ARPT_SO_SET_REPLACE`, and
`ARPT_SO_SET_REPLACE` causing memory corruption / local privilege escalation.
These arguments are blocked by `CAP_NET_ADMIN`, which Docker does not allow by
default.
Bugs *not* mitigated:

2
docs/security/seccomp.md
View File

@@ -35,7 +35,7 @@ CONFIG_SECCOMP=y
The default seccomp profile provides a sane default for running containers with
seccomp and disables around 44 system calls out of 300+. It is moderately protective while providing wide application
compatibility. The default Docker profile (found [here](https://github.com/docker/docker/blob/master/profiles/seccomp/default.json) has a JSON layout in the following form:
compatibility. The default Docker profile (found [here](https://github.com/docker/docker/blob/master/profiles/seccomp/default.json)) has a JSON layout in the following form:
```json
{

9
docs/security/security.md
View File

@@ -120,10 +120,10 @@ certificates](https.md).
The daemon is also potentially vulnerable to other inputs, such as image
loading from either disk with 'docker load', or from the network with
'docker pull'. As of Docker 1.3.2, images are now extracted in a chrooted
subprocess on Linux/Unix platforms, being the first-step in a wider effort
toward privilege separation. As of Docker 1.10.0, all images are stored and
accessed by the cryptographic checksums of their contents, limiting the
'docker pull'. As of Docker 1.3.2, images are now extracted in a chrooted
subprocess on Linux/Unix platforms, being the first-step in a wider effort
toward privilege separation. As of Docker 1.10.0, all images are stored and
accessed by the cryptographic checksums of their contents, limiting the
possibility of an attacker causing a collision with an existing image.
Eventually, it is expected that the Docker daemon will run restricted
@@ -272,3 +272,4 @@ pull requests, and communicate via the mailing list.
* [Seccomp security profiles for Docker](../security/seccomp.md)
* [AppArmor security profiles for Docker](../security/apparmor.md)
* [On the Security of Containers (2014)](https://medium.com/@ewindisch/on-the-security-of-containers-2c60ffe25a9e)
* [Docker swarm mode overlay network security model](../userguide/networking/overlay-security-model.md)

2
docs/security/trust/trust_delegation.md
View File

@@ -56,7 +56,7 @@ Here is an example of how to generate a 2048-bit RSA portion key (all RSA keys
must be at least 2048 bits):
```
$ opensl genrsa -out delegation.key 2048
$ openssl genrsa -out delegation.key 2048
Generating RSA private key, 2048 bit long modulus
....................................................+++
............+++

2
docs/swarm/admin_guide.md
View File

@@ -64,7 +64,7 @@ guaranteed if you encounter more than two network partitions.
| 1 | 1 | 0 |
| 2 | 2 | 0 |
| **3** | 2 | **1** |
| 4 | 3 | 2 |
| 4 | 3 | 1 |
| **5** | 3 | **2** |
| 6 | 4 | 2 |
| **7** | 4 | **3** |

BIN
docs/swarm/images/service-vip.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 69 KiB

1
docs/swarm/images/src/service-vip.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 42 KiB

4
docs/swarm/index.md
View File

@@ -11,7 +11,7 @@ weight="1"
<![end-metadata]-->
# Swarm mode overview
To use Docker Engine in swarm mode, install the Docker Engine `v1.12.0-rc1` or
To use Docker Engine in swarm mode, install the Docker Engine `v1.12.0` or
later from the [Docker releases GitHub
repository](https://github.com/docker/docker/releases). Alternatively, install
the latest Docker for Mac or Docker for Windows Beta.
@@ -21,7 +21,7 @@ Docker Engines called a Swarm. Use the Docker CLI to create a swarm, deploy
application services to a swarm, and manage swarm behavior.
If youre using a Docker version prior to `v1.12.0-rc1`, see [Docker
If youre using a Docker version prior to `v1.12.0`, see [Docker
Swarm](https://docs.docker.com/swarm).
## Feature highlights

29
docs/swarm/join-nodes.md
View File

@@ -29,6 +29,11 @@ also run tasks.
Before you add nodes to a swarm you must install Docker Engine 1.12 or later on
the host machine.
The Docker Engine joins the swarm depending on the **join-token** you provide to
the `docker swarm join` command. The node only uses the token at join time. If
you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer
to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token).
## Join as a worker node
To retrieve the join command including the join token for worker nodes, run the
@@ -100,30 +105,6 @@ $ docker swarm join \
This node joined a swarm as a manager.
```
<!--TODO WIP
Manager nodes use the listen address for cluster management communications. The
other nodes on the swarm must be able to access the manager node on the
IP address and port you specify for the listen address.
Especially when there are multiple active network interfaces, you should
you explicitly define the listen address when you add a manager node to the a
swarm:
```bash
docker swarm join \
--token <MANAGER-TOKEN> \
--listen-addr <NODE-IP>:<PORT> \
<MANAGER-IP>:<PORT>
```
this will change for https://github.com/docker/docker/pull/24237 ->>
Replace <NODE-IP> with the IP address of the node that is joining the swarm.
Replace <MANAGER-IP> with the address of the swarm manager.
Only manager nodes use the listen address. If you specify `--listen-addr` for a
worker node, the node only uses the listen address if it is promoted to a
manager.
-->
## Learn More
* `swarm join`[command line reference](../reference/commandline/swarm_join.md)

308
docs/swarm/networking.md Normal file
View File

@@ -0,0 +1,308 @@
<!--[metadata]>
+++
title = "Attach services to an overlay network"
description = "Use swarm mode networking features"
keywords = ["guide", "swarm mode", "swarm", "network"]
[menu.main]
identifier="networking-guide"
parent="engine_swarm"
weight=16
+++
<![end-metadata]-->
# Attach services to an overlay network
Docker Engine swarm mode natively supports **overlay networks**, so you can
enable container-to-container networks. When you use swarm mode, you don't need
an external key-value store. Features of swarm mode overlay networks include the
following:
* You can attach multiple services to the same network.
* By default, **service discovery** assigns a virtual IP address (VIP) and DNS
entry to each service in the swarm, making it available by its service name to
containers on the same network.
* You can configure the service to use DNS round-robin instead of a VIP.
In order to use overlay networks in the swarm, you need to have the following
ports open between the swarm nodes before you enable swarm mode:
* Port `7946` TCP/UDP for container network discovery.
* Port `4789` UDP for the container overlay network.
## Create an overlay network in a swarm
When you run Docker Engine in swarm mode, you can run `docker network create`
from a manager node to create an overlay network. For instance, to create a
network named `my-network`:
```
$ docker network create \
--driver overlay \
--subnet 10.0.9.0/24 \
--opt encrypted \
my-network
273d53261bcdfda5f198587974dae3827e947ccd7e74a41bf1f482ad17fa0d33
```
By default nodes in the swarm encrypt traffic between themselves and other
nodes. The optional `--opt encrypted` flag enables an additional layer of
encryption in the overlay driver for vxlan traffic between containers on
different nodes. For more information, refer to [Docker swarm mode overlay network security model](../userguide/networking/overlay-security-model.md).
The `--subnet` flag specifies the subnet for use with the overlay network. When
you don't specify a subnet, the swarm manager automatically chooses a subnet and
assigns it to the network. On some older kernels, including kernel 3.10,
automatically assigned adresses may overlap with another subnet in your
infrastructure. Such overlaps can cause connectivity issues or failures with containers connected to the network.
Before you attach a service to the network, the network only extends to manager
nodes. You can run `docker network ls` to view the network:
```bash
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
f9145f09b38b bridge bridge local
..snip..
bd0befxwiva4 my-network overlay swarm
```
The `swarm` scope indicates that the network is available for use with services
deployed to the swarm. After you create a service attached to the network, the
swarm only extends the network to worker nodes where the scheduler places tasks
for the service. On workers without tasks running for a service attached to the
network, `network ls` does not display the network.
## Attach a service to an overlay network
To attach a service to an overlay network, pass the `--network` flag when you
create a service. For example to create an nginx service attached to a
network called `my-network`:
```bash
$ docker service create \
--replicas 3 \
--name my-web \
--network my-network \
nginx
```
>**Note:** You have to create the network before you can attach a service to it.
The containers for the tasks in the service can connect to one another on the
overlay network. The swarm extends the network to all the nodes with `Running`
tasks for the service.
From a manager node, run `docker service ps <SERVICE>` to view the nodes where
tasks are running for the service:
```bash
$ docker service ps my-web
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
63s86gf6a0ms34mvboniev7bs my-web.1 nginx node1 Running Running 58 seconds ago
6b3q2qbjveo4zauc6xig7au10 my-web.2 nginx node2 Running Running 58 seconds ago
66u2hcrz0miqpc8h0y0f3v7aw my-web.3 nginx node3 Running Running about a minute ago
```
![service vip image](images/service-vip.png)
You can inspect the network from any node with a `Running` task for a service
attached to the network:
```bash
$ docker network inspect <NETWORK>
```
The network information includes a list of the containers on the node that are
attached to the network. For instance:
```bash
$ docker network inspect my-network
[
{
"Name": "my-network",
"Id": "7m2rjx0a97n88wzr4nu8772r3",
"Scope": "swarm",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "10.0.9.0/24",
"Gateway": "10.0.9.1"
}
]
},
"Internal": false,
"Containers": {
"404d1dec939a021678132a35259c3604b9657649437e59060621a17edae7a819": {
"Name": "my-web.1.63s86gf6a0ms34mvboniev7bs",
"EndpointID": "3c9588d04db9bc2bf8749cb079689a3072c44c68e544944cbea8e4bc20eb7de7",
"MacAddress": "02:42:0a:00:09:03",
"IPv4Address": "10.0.9.3/24",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.driver.overlay.vxlanid_list": "257"
},
"Labels": {}
}
]
```
In the example above, the container `my-web.1.63s86gf6a0ms34mvboniev7bs` for the
`my-web` service is attached to the `my-network` network on node2.
## Use swarm mode service discovery
By default, when you create a service attached to a network, the swarm assigns
the service a VIP. The VIP maps to a DNS alias based upon the service name.
Containers on the network share DNS mappings for the service via gossip so any container on the network can access the service via its service
name.
You don't need to expose service-specific ports to make the service
available to other services on the same overlay network. The swarm's internal
load balancer automatically distributes requests to the service VIP among the
active tasks.
You can inspect the service to view the virtual IP. For example:
```bash
$ docker service inspect \
--format='{{json .Endpoint.VirtualIPs}}' \
my-web
[{"NetworkID":"7m2rjx0a97n88wzr4nu8772r3" "Addr":"10.0.0.2/24"}]
```
The following example shows how you can add a `busybox` service on the same
network as the `nginx` service and the busybox service is able to access `nginx`
using the DNS name `my-web`:
1. From a manager node, deploy a busybox service to the same network as
`my-web`:
```bash
$ docker service create \
--name my-busybox \
--network my-network \
busybox \
sleep 3000
```
2. Lookup the node where `my-busybox` is running:
```bash
$ docker service ps my-busybox
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
1dok2cmx2mln5hbqve8ilnair my-busybox.1 busybox node1 Running Running 5 seconds ago
```
3. From the node where the busybox task is running, open an interactive shell to
the busybox container:
```bash
$ docker exec -it my-busybox.1.1dok2cmx2mln5hbqve8ilnair /bin/sh
```
You can deduce the container name as `<TASK-NAME>`+`<ID>`. Alternatively,
you can run `docker ps` on the node where the task is running.
4. From inside the busybox container, query the DNS to view the VIP for the
`my-web` service:
```bash
$ nslookup my-web
Server: 127.0.0.11
Address 1: 127.0.0.11
Name: my-web
Address 1: 10.0.9.2 ip-10-0-9-2.us-west-2.compute.internal
```
>**Note:** the examples here use `nslookup`, but you can use `dig` or any
available DNS query tool.
5. From inside the busybox container, query the DNS using a special query
<tasks.SERVICE-NAME> to find the IP addresses of all the containers for the
`my-web` service:
```bash
$ nslookup tasks.my-web
Server: 127.0.0.11
Address 1: 127.0.0.11
Name: tasks.my-web
Address 1: 10.0.9.4 my-web.2.6b3q2qbjveo4zauc6xig7au10.my-network
Address 2: 10.0.9.3 my-web.1.63s86gf6a0ms34mvboniev7bs.my-network
Address 3: 10.0.9.5 my-web.3.66u2hcrz0miqpc8h0y0f3v7aw.my-network
```
6. From inside the busybox container, run `wget` to access the nginx web server
running in the `my-web` service:
```bash
$ wget -O- my-web
Connecting to my-web (10.0.9.2:80)
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...snip...
```
The swarm load balancer automatically routes the HTTP request to the
service's VIP to an active task. It distributes subsequent requests to
other tasks using round-robin selection.
## Use DNS round-robin for a service
You can configure the service to use DNS round-robin directly without using a
VIP, by setting the `--endpoint-mode dnsrr` when you create the service. DNS round-robin is useful in cases where you want to use your own load balancer.
The following example shows a service with `dnsrr` endpoint mode:
```bash
$ docker service create \
--replicas 3 \
--name my-dnsrr-service \
--network my-network \
--endpoint-mode dnsrr \
nginx
```
When you query the DNS for the service name, the DNS service returns the IP
addresses for all the task containers:
```bash
$ nslookup my-dnsrr-service
Server: 127.0.0.11
Address 1: 127.0.0.11
Name: my-dnsrr
Address 1: 10.0.9.8 my-dnsrr-service.1.bd3a67p61by5dfdkyk7kog7pr.my-network
Address 2: 10.0.9.10 my-dnsrr-service.3.0sb1jxr99bywbvzac8xyw73b1.my-network
Address 3: 10.0.9.9 my-dnsrr-service.2.am6fx47p3bropyy2dy4f8hofb.my-network
```
## Confirm VIP connectivity
In genaral we recommend you use `dig`, `nslookup`, or another DNS query tool to
test access to the service name via DNS. Because a VIP is a logical IP, `ping`
is not the right tool to confirm VIP connectivity.
## Learn More
* [Deploy services to a swarm](services.md)
* [Swarm administration guide](admin_guide.md)
* [Docker Engine command line reference](../reference/commandline/index.md)
* [Swarm mode tutorial](swarm-tutorial/index.md)

329
docs/swarm/services.md Normal file
View File

@@ -0,0 +1,329 @@
<!--[metadata]>
+++
title = "Deploy services to a swarm"
description = "Deploy services to a swarm"
keywords = ["guide", "swarm mode", "swarm", "service"]
[menu.main]
identifier="services-guide"
parent="engine_swarm"
weight=15
+++
<![end-metadata]-->
# Deploy services to a swarm
When you are running Docker Engine in swarm mode, you run
`docker service create` to deploy your application in the swarm. The swarm
manager accepts the service description as the desired state for your
application. The built-in swarm orchestrator and scheduler deploy your
application to nodes in your swarm to achieve and maintain the desired state.
For an overview of how services work, refer to [How services work](how-swarm-mode-works/services.md).
This guide assumes you are working with the Docker Engine running in swarm
mode. You must run all `docker service` commands from a manager node.
If you haven't already, read through [Swarm mode key concepts](key-concepts.md)
and [How services work](how-swarm-mode-works/services.md).
## Create a service
To create the simplest type of service in a swarm, you only need to supply
a container image:
```bash
$ docker service create <IMAGE>
```
The swarm orchestrator schedules one task on an available node. The task invokes
a container based upon the image. For example, you could run the following
command to create a service of one instance of an nginx web server:
```bash
$ docker service create --name my_web nginx
anixjtol6wdfn6yylbkrbj2nx
```
In this example the `--name` flag names the service `my_web`.
To list the service, run `docker service ls` from a manager node:
```bash
$ docker service ls
ID NAME REPLICAS IMAGE COMMAND
anixjtol6wdf my_web 1/1 nginx
```
To make the web server accessible from outside the swarm, you need to
[publish the port](#publish-ports-externally-to-the-swarm) where the swarm
listens for web requests.
You can include a command to run inside containers after the image:
```bash
$ docker service create <IMAGE> <COMMAND>
```
For example to start an `alpine` image that runs `ping docker.com`:
```bash
$ docker service create --name helloworld alpine ping docker.com
9uk4639qpg7npwf3fn2aasksr
```
## Configure the runtime environment
You can configure the following options for the runtime environment in the
container:
* environment variables using the `--env` flag
* the working directory inside the container using the `--workdir` flag
* the username or UID using the `--user` flag
For example:
```bash
$ docker service create --name helloworld \
--env MYVAR=myvalue \
--workdir /tmp \
--user my_user \
alpine ping docker.com
9uk4639qpg7npwf3fn2aasksr
```
## Control service scale and placement
Swarm mode has two types of services, replicated and global. For replicated
services, you specify the number of replica tasks for the swarm manager to
schedule onto available nodes. For global services, the scheduler places one
task on each available node.
You control the type of service using the `--mode` flag. If you don't specify a
mode, the service defaults to `replicated`. For replicated services, you specify
the number of replica tasks you want to start using the `--replicas` flag. For
example, to start a replicated nginx service with 3 replica tasks:
```bash
$ docker service create --name my_web --replicas 3 nginx
```
To start a global service on each available node, pass `--mode global` to
`docker service create`. Every time a new node becomes available, the scheduler
places a task for the global service on the new node. For example to start a
service that runs alpine on every node in the swarm:
```bash
$ docker service create --name myservice --mode global alpine top
```
Service constraints let you set criteria for a node to meet before the scheduler
deploys a service to the node. You can apply constraints to the
service based upon node attributes and metadata or engine metadata. For more
information on constraints, refer to the `docker service create` [CLI reference](../reference/commandline/service_create.md).
## Configure service networking options
Swarm mode lets you network services in a couple of ways:
* publish ports externally to the swarm using ingress networking
* connect services and tasks within the swarm using overlay networks
### Publish ports externally to the swarm
You publish service ports externally to the swarm using the `--publish
<TARGET-PORT>:<SERVICE-PORT>` flag. When you publish a service port, the swarm
makes the service accessible at the target port on every node regardless if
there is a task for the service running on the node.
For example, imagine you want to deploy a 3-replica nginx service to a 10-node
swarm as follows:
```bash
docker service create --name my_web --replicas 3 --publish 8080:80 nginx
```
The scheduler will deploy nginx tasks to a maximum of 3 nodes. However, the
swarm makes nginx port 80 from the task container accessible at port 8080 on any
node in the swarm. You can direct `curl` at port 8080 of any node in the swarm
to access the web server:
```bash
$ curl localhost:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
```
### Add an overlay network
Use overlay networks to connect one or more services within the swarm.
First, create an overlay network on a manager node the `docker network create`
command:
```bash
$ docker network create --driver overlay my-network
etjpu59cykrptrgw0z0hk5snf
```
After you create an overlay network in swarm mode, all manager nodes have access
to the network.
When you create a service and pass the `--network` flag to attach the service to
the overlay network:
```bash
$ docker service create \
--replicas 3 \
--network my-network \
--name my-web \
nginx
716thylsndqma81j6kkkb5aus
```
The swarm extends `my-network` to each node running the service.
For more information on overlay networking and service discovery, refer to
[Attach services to an overlay network](networking.md). See also
[Docker swarm mode overlay network security model](../userguide/networking/overlay-security-model.md).
## Configure update behavior
When you create a service, you can specify a rolling update behavior for how the
swarm should apply changes to the service when you run `docker service update`.
You can also specify these flags as part of the update, as arguments to
`docker service update`.
The `--update-delay` flag configures the time delay between updates to a service
task or sets of tasks. You can describe the time `T` as a combination of the
number of seconds `Ts`, minutes `Tm`, or hours `Th`. So `10m30s` indicates a 10
minute 30 second delay.
By default the scheduler updates 1 task at a time. You can pass the
`--update-parallelism` flag to configure the maximum number of service tasks
that the scheduler updates simultaneously.
When an update to an individual task returns a state of `RUNNING`, the scheduler
continues the update by continuing to another task until all tasks are updated.
If, at any time during an update a task returns `FAILED`, the scheduler pauses
the update. You can control the behavior using the `--update-failure-action`
flag for `docker service create` or `docker service update`.
In the example service below, the scheduler applies updates to a maximum of 2
replicas at a time. When an updated task returns either `RUNNING` or `FAILED`,
the scheduler waits 10 seconds before stopping the next task to update:
```bash
$ docker service create \
--replicas 10 \
--name my_web \
--update-delay 10s \
--update-parallelism 2 \
--update-failure-action continue \
alpine
0u6a4s31ybk7yw2wyvtikmu50
```
## Configure mounts
You can create two types of mounts for services in a swarm, `volume` mounts or
`bind` mounts. You pass the `--mount` flag when you create a service. The
default is a volume mount if you don't specify a type.
* Volumes are storage that remain alive after a container for a task has
been removed. The preferred method to mount volumes is to leverage an existing
volume:
```bash
$ docker service create \
--mount src=<VOLUME-NAME>,dst=<CONTAINER-PATH> \
--name myservice \
<IMAGE>
```
For more information on how to create a volume, see the `volume create` [CLI reference](../reference/commandline/volume_create.md).
The following method creates the volume at deployment time when the scheduler
dispatches a task, just before the starting the container:
```bash
$ docker service create \
--mount type=volume,src=<VOLUME-NAME>,dst=<CONTAINER-PATH>,volume-driver=<DRIVER>,volume-opt=<KEY0>=<VALUE0>,volume-opt=<KEY1>=<VALUE1>
--name myservice \
<IMAGE>
```
* Bind mounts are file system paths from the host where the scheduler deploys
the container for the task. Docker mounts the path into the container. The
file system path must exist before the swarm initializes the container for the
task.
The following examples show bind mount syntax:
```bash
# Mount a read-write bind
$ docker service create \
--mount type=bind,src=<HOST-PATH>,dst=<CONTAINER-PATH> \
--name myservice \
<IMAGE>
# Mount a read-only bind
$ docker service create \
--mount type=bind,src=<HOST-PATH>,dst=<CONTAINER-PATH>,readonly \
--name myservice \
<IMAGE>
```
>**Important note:** Bind mounts can be useful but they are also dangerous. In
most cases, we recommend that you architect your application such that mounting
paths from the host is unnecessary. The main risks include the following:<br />
> <br />
> If you bind mount a host path into your services containers, the path
> must exist on every machine. The Docker swarm mode scheduler can schedule
> containers on any machine that meets resource availability requirements
> and satisfies all `--constraint`s you specify.<br />
> <br />
> The Docker swarm mode scheduler may reschedule your running service
> containers at any time if they become unhealthy or unreachable.<br />
> <br />
> Host bind mounts are completely non-portable. When you use bind mounts,
> there is no guarantee that your application will run the same way in
> development as it does in production.
## Learn More
* [Swarm administration guide](admin_guide.md)
* [Docker Engine command line reference](../reference/commandline/index.md)
* [Swarm mode tutorial](swarm-tutorial/index.md)

62
docs/swarm/swarm-mode.md
View File

@@ -27,7 +27,7 @@ your production environment, swarm mode provides a fault-tolerant platform with
cluster management features to keep your services running and available.
These instructions assume you have installed the Docker Engine 1.12 or later on
a machine to serve as a manager node in your swawrm.
a machine to serve as a manager node in your swarm.
If you haven't already, read through the [swarm mode key concepts](key-concepts.md)
and try the [swarm mode tutorial](swarm-tutorial/index.md).
@@ -36,7 +36,7 @@ and try the [swarm mode tutorial](swarm-tutorial/index.md).
When you run the command to create a swarm, the Docker Engine starts running in swarm mode.
Run [`docker swarm init`](/engine/reference/commandline/swarm_init.md)]
Run [`docker swarm init`](../reference/commandline/swarm_init.md)
to create a single-node swarm on the current node. The Engine sets up the swarm
as follows:
@@ -73,10 +73,41 @@ To add a manager to this swarm, run the following command:
192.168.99.100:2377
```
### Configure the advertise address
Manager nodes use an advertise address to allow other nodes in the swarm access
to the Swarmkit API and overlay networking. The other nodes on the swarm must be
able to access the manager node on its advertise address IP address.
If you don't specify an advertise address, Docker checks if the system has a
single IP address. If so, Docker uses the IP address with with the listening
port `2377` by default. If the system has multiple IP addresses, you must
specify the correct `--advertise-addr` to enable inter-manager communication
and overlay networking:
```bash
$ docker swarm init --advertise-addr <MANAGER-IP>
```
You must also specify the `--advertise-addr` if the address where other nodes
reach the first manager node is not the same address the manager sees as its
own. For instance, in a cloud setup that spans different regions, hosts have
both internal addresses for access within the region and external addresses that
you use for access from outside that region. In this case, specify the external
address with `--advertise-addr` so that the node can propogate that information
to other nodes that subsequently connect to it.
Refer to the `docker swarm init` [CLI reference](../reference/commandline/swarm_init.md)
for more detail on the advertise address.
### View the join command or update a swarm join token
The manager node requires a secret token for a new node to join the swarm. The
token for worker nodes is different from the token for manager nodes.
Nodes require a secret token to join the swarm. The token for worker nodes is
different from the token for manager nodes. Nodes only use the join-token at the
moment they join the swarm. Rotating the join token after a node has already
joined a swarm does not affect the node's swarm membership. Token rotation
ensures an old token cannot be used by any new nodes attempting to join the
swarm.
To retrieve the join command including the join token for worker nodes, run:
@@ -110,10 +141,29 @@ $ docker swarm join-token --quiet worker
SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c
```
Pass the `--rotate` for `swarm join-token` to the token for a worker or manager
Be careful with the join tokens because they are the secrets necessary to join
the swarm. In particular, checking a secret into version control is a bad
practice because it would allow anyone with access to the the application source
code to add new nodes to the swarm. Manager tokens are especially sensitive
because they allow a new manager node to join and gain control over the whole
swarm.
We recommend that you rotate the join tokens in the following circumstances:
* If a token was checked-in by accident into a version control system, group
chat or accidentally printed to your logs.
* If you suspect a node has been compromised.
* If you wish to guarantee that no new nodes can join the swarm.
Additionally, it is a best practice to implement a regular rotation schedule for
any secret including swarm join tokens. We recommend that you rotate your tokens
at least every 6 months.
Run `swarm join-token --rotate` to invalidate the old token and generate a new
token. Specify whether you want to rotate the token for `worker` or `manager`
nodes:
```
```bash
$docker swarm join-token --rotate worker
To add a worker to this swarm, run the following command:

9
docs/swarm/swarm-tutorial/drain-node.md
View File

@@ -90,10 +90,11 @@ task assignments for the `redis` service:
```bash
$ docker service ps redis
ID NAME SERVICE IMAGE LAST STATE DESIRED STATE NODE
7q92v0nr1hcgts2amcjyqg3pq redis.1 redis redis:3.0.6 Running 4 minutes Running manager1
b4hovzed7id8irg1to42egue8 redis.2 redis redis:3.0.6 Running About a minute Running worker2
9bg7cezvedmkgg6c8yzvbhwsd redis.3 redis redis:3.0.6 Running 4 minutes Running worker2
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
7q92v0nr1hcgts2amcjyqg3pq redis.1 redis:3.0.6 manager1 Running Running 4 minutes
b4hovzed7id8irg1to42egue8 redis.2 redis:3.0.6 worker2 Running Running About a minute
7h2l8h3q3wqy5f66hlv9ddmi6 \_ redis.2 redis:3.0.6 worker1 Shutdown Shutdown 2 minutes ago
9bg7cezvedmkgg6c8yzvbhwsd redis.3 redis:3.0.6 worker2 Running Running 4 minutes
```
The Swarm manager maintains the desired state by ending the task on a node

19
docs/swarm/swarm-tutorial/index.md
View File

@@ -50,23 +50,16 @@ provider. This tutorial uses the following machine names:
### Docker Engine 1.12 or later
You must install Docker Engine on each one of the host machines. To use swarm
mode, install the Docker Engine `v1.12.0-rc1` or later from the [Docker releases
GitHub repository](https://github.com/docker/docker/releases). Alternatively,
install the latest Docker for Mac or Docker for Windows Beta.
To use swarm mode, you must [install Docker Engine](../../installation/index.md)
on each one of the host machines. Alternatively, install the latest Docker for
Mac or Docker for Windows.
>**Advisory**: Some multi-node features may not work for Docker for Mac Beta and
Docker for Windows Beta. We're working on the multi-node features for GA.
>**Note**: Docker for Mac and Docker for Windows let you use single-node
features of swarm mode, like creating a swarm and creating a service. Multi-node
features like joining additional nodes and scaling a service are not available.
Verify that the Docker Engine daemon is running on each of the machines.
<!-- See the following options to install:
* [Install Docker Engine](../../installation/index.md).
* [Example: Manual install on cloud provider](../../installation/cloud/cloud-ex-aws.md).
-->
### The IP address of the manager machine
The IP address must be assigned to an a network interface available to the host

11
docs/swarm/swarm-tutorial/rolling-update.md
View File

@@ -138,10 +138,13 @@ desired state:
```bash
$ docker service ps redis
ID NAME SERVICE IMAGE LAST STATE DESIRED STATE NODE
dos1zffgeofhagnve8w864fco redis.1 redis redis:3.0.7 Running 37 seconds Running worker1
9l3i4j85517skba5o7tn5m8g0 redis.2 redis redis:3.0.7 Running About a minute Running worker2
egiuiqpzrdbxks3wxgn8qib1g redis.3 redis redis:3.0.7 Running 48 seconds Running worker1
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
dos1zffgeofhagnve8w864fco redis.1 redis:3.0.7 worker1 Running Running 37 seconds
88rdo6pa52ki8oqx6dogf04fh \_ redis.1 redis:3.0.6 worker2 Shutdown Shutdown 56 seconds ago
9l3i4j85517skba5o7tn5m8g0 redis.2 redis:3.0.7 worker2 Running Running About a minute
66k185wilg8ele7ntu8f6nj6i \_ redis.2 redis:3.0.6 worker1 Shutdown Shutdown 2 minutes ago
egiuiqpzrdbxks3wxgn8qib1g redis.3 redis:3.0.7 worker1 Running Running 48 seconds
ctzktfddb2tepkr45qcmqln04 \_ redis.3 redis:3.0.6 mmanager1 Shutdown Shutdown 2 minutes ago
```
Before Swarm updates all of the tasks, you can see that some are running

8
docs/tutorials/dockerimages.md
View File

@@ -187,9 +187,13 @@ you'd like to update.
> Take note of the container ID that has been created, `0b2616b0e5a8`, as you'll
> need it in a moment.
Inside our running container let's add the `json` gem.
Inside our running container first let's update Ruby:
root@0b2616b0e5a8:/# gem install json
root@0b2616b0e5a8:/# apt-get install -y ruby2.0-dev
Now let's add the `json` gem.
root@0b2616b0e5a8:/# gem2.0 install json
Once this has completed let's exit our container using the `exit`
command.

6
docs/userguide/index.md
View File

@@ -43,7 +43,7 @@ This guide helps users learn how to use Docker Engine.
## Configure networks
- [Understand Docker container networks](networking/dockernetworks.md)
- [Understand Docker container networks](networking/index.md)
- [Embedded DNS server in user-defined networks](networking/configure-dns.md)
- [Get started with multi-host networking](networking/get-started-overlay.md)
- [Work with network commands](networking/work-with-networks.md)
@@ -55,8 +55,8 @@ This guide helps users learn how to use Docker Engine.
- [Binding container ports to the host](networking/default_network/binding.md)
- [Build your own bridge](networking/default_network/build-bridges.md)
- [Configure container DNS](networking/default_network/configure-dns.md)
- [Customize the docker0 bridge](networking/default_network/custom-docker0.md)
- [IPv6 with Docker](networking/default_network/ipv6.md)
- [Customize the docker0 bridge](networking/default_network/custom-docker0.md)
- [IPv6 with Docker](networking/default_network/ipv6.md)
## Misc

4
docs/userguide/networking/default_network/binding.md
View File

@@ -12,7 +12,7 @@ parent = "smn_networking_def"
The information in this section explains binding container ports within the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker.
> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to
> **Note**: The [Docker networks feature](../index.md) allows you to
create user-defined networks in addition to the default bridge network.
By default Docker containers can make connections to the outside world, but the
@@ -100,6 +100,6 @@ address: this alternative is preferred for performance reasons.
## Related information
- [Understand Docker container networks](../dockernetworks.md)
- [Understand Docker container networks](../index.md)
- [Work with network commands](../work-with-networks.md)
- [Legacy container links](dockerlinks.md)

2
docs/userguide/networking/default_network/build-bridges.md
View File

@@ -14,7 +14,7 @@ This section explains how to build your own bridge to replace the Docker default
bridge. This is a `bridge` network named `bridge` created automatically when you
install Docker.
> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to
> **Note**: The [Docker networks feature](../index.md) allows you to
create user-defined networks in addition to the default bridge network.
You can set up your own bridge before starting Docker and use `-b BRIDGE` or

2
docs/userguide/networking/default_network/configure-dns.md
View File

@@ -14,7 +14,7 @@ The information in this section explains configuring container DNS within
the Docker default bridge. This is a `bridge` network named `bridge` created
automatically when you install Docker.
> **Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network. Please refer to the [Docker Embedded DNS](../configure-dns.md) section for more information on DNS configurations in user-defined networks.
> **Note**: The [Docker networks feature](../index.md) allows you to create user-defined networks in addition to the default bridge network. Please refer to the [Docker Embedded DNS](../configure-dns.md) section for more information on DNS configurations in user-defined networks.
How can Docker supply each container with a hostname and DNS configuration, without having to build a custom image with the hostname written inside? Its trick is to overlay three crucial `/etc` files inside the container with virtual files where it can write fresh information. You can see this by running `mount` inside a container:

2
docs/userguide/networking/default_network/container-communication.md
View File

@@ -14,7 +14,7 @@ The information in this section explains container communication within the
Docker default bridge. This is a `bridge` network named `bridge` created
automatically when you install Docker.
**Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network.
**Note**: The [Docker networks feature](../index.md) allows you to create user-defined networks in addition to the default bridge network.
## Communicating to the outside world

2
docs/userguide/networking/default_network/custom-docker0.md
View File

@@ -12,7 +12,7 @@ parent = "smn_networking_def"
The information in this section explains how to customize the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker.
**Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network.
**Note**: The [Docker networks feature](../index.md) allows you to create user-defined networks in addition to the default bridge network.
By default, the Docker server creates and configures the host system's `docker0` interface as an _Ethernet bridge_ inside the Linux kernel that can pass packets back and forth between other physical or virtual network interfaces so that they behave as a single Ethernet network.

2
docs/userguide/networking/default_network/dockerlinks.md
View File

@@ -13,7 +13,7 @@ weight=-2
The information in this section explains legacy container links within the Docker default bridge. This is a `bridge` network named `bridge` created automatically when you install Docker.
Before the [Docker networks feature](../dockernetworks.md), you could use the
Before the [Docker networks feature](../index.md), you could use the
Docker link feature to allow containers to discover each other and securely
transfer information about one container to another container. With the
introduction of the Docker networks feature, you can still create links but they

538
docs/userguide/networking/dockernetworks.md
View File

@@ -1,538 +0,0 @@
<!--[metadata]>
+++
title = "Docker container networking"
description = "How do we connect docker containers within and across hosts ?"
keywords = ["Examples, Usage, network, docker, documentation, user guide, multihost, cluster"]
[menu.main]
parent = "smn_networking"
weight = -5
+++
<![end-metadata]-->
# Understand Docker container networks
To build web applications that act in concert but do so securely, use the Docker
networks feature. Networks, by definition, provide complete isolation for
containers. So, it is important to have control over the networks your
applications run on. Docker container networks give you that control.
This section provides an overview of the default networking behavior that Docker
Engine delivers natively. It describes the type of networks created by default
and how to create your own, user-defined networks. It also describes the
resources required to create networks on a single host or across a cluster of
hosts.
## Default Networks
When you install Docker, it creates three networks automatically. You can list
these networks using the `docker network ls` command:
```
$ docker network ls
NETWORK ID NAME DRIVER
7fca4eb8c647 bridge bridge
9f904ee27bf5 none null
cf03ee007fb4 host host
```
Historically, these three networks are part of Docker's implementation. When
you run a container you can use the `--network` flag to specify which network you
want to run a container on. These three networks are still available to you.
The `bridge` network represents the `docker0` network present in all Docker
installations. Unless you specify otherwise with the `docker run
--network=<NETWORK>` option, the Docker daemon connects containers to this network
by default. You can see this bridge as part of a host's network stack by using
the `ifconfig` command on the host.
```
$ ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:47:bc:3a:eb
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:47ff:febc:3aeb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:17 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1100 (1.1 KB) TX bytes:648 (648.0 B)
```
The `none` network adds a container to a container-specific network stack. That container lacks a network interface. Attaching to such a container and looking at its stack you see this:
```
$ docker attach nonenetcontainer
root@0cb243cd1293:/# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@0cb243cd1293:/# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@0cb243cd1293:/#
```
>**Note**: You can detach from the container and leave it running with `CTRL-p CTRL-q`.
The `host` network adds a container on the hosts network stack. You'll find the
network configuration inside the container is identical to the host.
With the exception of the `bridge` network, you really don't need to
interact with these default networks. While you can list and inspect them, you
cannot remove them. They are required by your Docker installation. However, you
can add your own user-defined networks and these you can remove when you no
longer need them. Before you learn more about creating your own networks, it is
worth looking at the default `bridge` network a bit.
### The default bridge network in detail
The default `bridge` network is present on all Docker hosts. The `docker network inspect`
command returns information about a network:
```
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.17.0.1/16",
"Gateway": "172.17.0.1"
}
]
},
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "9001"
}
}
]
```
The Engine automatically creates a `Subnet` and `Gateway` to the network.
The `docker run` command automatically adds new containers to this network.
```
$ docker run -itd --name=container1 busybox
3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c
$ docker run -itd --name=container2 busybox
94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c
```
Inspecting the `bridge` network again after starting two containers shows both newly launched containers in the network. Their ids show up in the "Containers" section of `docker network inspect`:
```
$ docker network inspect bridge
{[
{
"Name": "bridge",
"Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.17.0.1/16",
"Gateway": "172.17.0.1"
}
]
},
"Containers": {
"3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {
"EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c": {
"EndpointID": "b047d090f446ac49747d3c37d63e4307be745876db7f0ceef7b311cbba615f48",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "9001"
}
}
]
```
The `docker network inspect` command above shows all the connected containers and their network resources on a given network. Containers in this default network are able to communicate with each other using IP addresses. Docker does not support automatic service discovery on the default bridge network. If you want to communicate with container names in this default bridge network, you must connect the containers via the legacy `docker run --link` option.
You can `attach` to a running `container` and investigate its configuration:
```
$ docker attach container1
root@0cb243cd1293:/# ifconfig
ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KiB) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
```
Then use `ping` for about 3 seconds to test the connectivity of the containers on this `bridge` network.
```
root@0cb243cd1293:/# ping -w3 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.096 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.080 ms
64 bytes from 172.17.0.3: seq=2 ttl=64 time=0.074 ms
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.074/0.083/0.096 ms
```
Finally, use the `cat` command to check the `container1` network configuration:
```
root@0cb243cd1293:/# cat /etc/hosts
172.17.0.2 3386a527aa08
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
```
To detach from a `container1` and leave it running use `CTRL-p CTRL-q`.Then, attach to `container2` and repeat these three commands.
```
$ docker attach container2
root@0cb243cd1293:/# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:15 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1166 (1.1 KiB) TX bytes:1026 (1.0 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@0cb243cd1293:/# ping -w3 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.067 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.075 ms
64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.072 ms
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.067/0.071/0.075 ms
/ # cat /etc/hosts
172.17.0.3 94447ca47985
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
```
The default `docker0` bridge network supports the use of port mapping and `docker run --link` to allow communications between containers in the `docker0` network. These techniques are cumbersome to set up and prone to error. While they are still available to you as techniques, it is better to avoid them and define your own bridge networks instead.
## User-defined networks
You can create your own user-defined networks that better isolate containers.
Docker provides some default **network drivers** for creating these
networks. You can create a new **bridge network** or **overlay network**. You
can also create a **network plugin** or **remote network** written to your own
specifications.
You can create multiple networks. You can add containers to more than one
network. Containers can only communicate within networks but not across
networks. A container attached to two networks can communicate with member
containers in either network. When a container is connected to multiple
networks, its external connectivity is provided via the first non-internal
network, in lexical order.
The next few sections describe each of Docker's built-in network drivers in
greater detail.
### A bridge network
The easiest user-defined network to create is a `bridge` network. This network
is similar to the historical, default `docker0` network. There are some added
features and some old features that aren't available.
```
$ docker network create --driver bridge isolated_nw
1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b
$ docker network inspect isolated_nw
[
{
"Name": "isolated_nw",
"Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.21.0.0/16",
"Gateway": "172.21.0.1/16"
}
]
},
"Containers": {},
"Options": {}
}
]
$ docker network ls
NETWORK ID NAME DRIVER
9f904ee27bf5 none null
cf03ee007fb4 host host
7fca4eb8c647 bridge bridge
c5ee82f76de3 isolated_nw bridge
```
After you create the network, you can launch containers on it using the `docker run --network=<NETWORK>` option.
```
$ docker run --network=isolated_nw -itd --name=container3 busybox
8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c
$ docker network inspect isolated_nw
[
{
"Name": "isolated_nw",
"Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{}
]
},
"Containers": {
"8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c": {
"EndpointID": "93b2db4a9b9a997beb912d28bcfc117f7b0eb924ff91d48cfa251d473e6a9b08",
"MacAddress": "02:42:ac:15:00:02",
"IPv4Address": "172.21.0.2/16",
"IPv6Address": ""
}
},
"Options": {}
}
]
```
The containers you launch into this network must reside on the same Docker host.
Each container in the network can immediately communicate with other containers
in the network. Though, the network itself isolates the containers from external
networks.
![An isolated network](images/bridge_network.png)
Within a user-defined bridge network, linking is not supported. You can
expose and publish container ports on containers in this network. This is useful
if you want to make a portion of the `bridge` network available to an outside
network.
![Bridge network](images/network_access.png)
A bridge network is useful in cases where you want to run a relatively small
network on a single host. You can, however, create significantly larger networks
by creating an `overlay` network.
### An overlay network
Docker's `overlay` network driver supports multi-host networking natively
out-of-the-box. This support is accomplished with the help of `libnetwork`, a
built-in VXLAN-based overlay network driver, and Docker's `libkv` library.
The `overlay` network requires a valid key-value store service. Currently,
Docker's `libkv` supports Consul, Etcd, and ZooKeeper (Distributed store). Before
creating a network you must install and configure your chosen key-value store
service. The Docker hosts that you intend to network and the service must be
able to communicate.
![Key-value store](images/key_value.png)
Each host in the network must run a Docker Engine instance. The easiest way to
provision the hosts are with Docker Machine.
![Engine on each host](images/engine_on_net.png)
You should open the following ports between each of your hosts.
| Protocol | Port | Description |
|----------|------|-----------------------|
| udp | 4789 | Data plane (VXLAN) |
| tcp/udp | 7946 | Control plane |
Your key-value store service may require additional ports.
Check your vendor's documentation and open any required ports.
Once you have several machines provisioned, you can use Docker Swarm to quickly
form them into a swarm which includes a discovery service as well.
To create an overlay network, you configure options on the `daemon` on each
Docker Engine for use with `overlay` network. There are three options to set:
<table>
<thead>
<tr>
<th>Option</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><pre>--cluster-store=PROVIDER://URL</pre></td>
<td>Describes the location of the KV service.</td>
</tr>
<tr>
<td><pre>--cluster-advertise=HOST_IP|HOST_IFACE:PORT</pre></td>
<td>The IP address or interface of the HOST used for clustering.</td>
</tr>
<tr>
<td><pre>--cluster-store-opt=KEY-VALUE OPTIONS</pre></td>
<td>Options such as TLS certificate or tuning discovery Timers</td>
</tr>
</tbody>
</table>
Create an `overlay` network on one of the machines in the Swarm.
$ docker network create --driver overlay my-multi-host-network
This results in a single network spanning multiple hosts. An `overlay` network
provides complete isolation for the containers.
![An overlay network](images/overlay_network.png)
Then, on each host, launch containers making sure to specify the network name.
$ docker run -itd --network=my-multi-host-network busybox
Once connected, each container has access to all the containers in the network
regardless of which Docker host the container was launched on.
![Published port](images/overlay-network-final.png)
If you would like to try this for yourself, see the [Getting started for
overlay](get-started-overlay.md).
### Custom network plugin
If you like, you can write your own network driver plugin. A network
driver plugin makes use of Docker's plugin infrastructure. In this
infrastructure, a plugin is a process running on the same Docker host as the
Docker `daemon`.
Network plugins follow the same restrictions and installation rules as other
plugins. All plugins make use of the plugin API. They have a lifecycle that
encompasses installation, starting, stopping and activation.
Once you have created and installed a custom network driver, you use it like the
built-in network drivers. For example:
$ docker network create --driver weave mynet
You can inspect it, add containers to and from it, and so forth. Of course,
different plugins may make use of different technologies or frameworks. Custom
networks can include features not present in Docker's default networks. For more
information on writing plugins, see [Extending Docker](../../extend/index.md) and
[Writing a network driver plugin](../../extend/plugins_network.md).
### Docker embedded DNS server
Docker daemon runs an embedded DNS server to provide automatic service discovery
for containers connected to user defined networks. Name resolution requests from
the containers are handled first by the embedded DNS server. If the embedded DNS
server is unable to resolve the request it will be forwarded to any external DNS
servers configured for the container. To facilitate this when the container is
created, only the embedded DNS server reachable at `127.0.0.11` will be listed
in the container's `resolv.conf` file. More information on embedded DNS server on
user-defined networks can be found in the [embedded DNS server in user-defined networks]
(configure-dns.md)
## Links
Before the Docker network feature, you could use the Docker link feature to
allow containers to discover each other. With the introduction of Docker networks,
containers can be discovered by its name automatically. But you can still create
links but they behave differently when used in the default `docker0` bridge network
compared to user-defined networks. For more information, please refer to
[Legacy Links](default_network/dockerlinks.md) for link feature in default `bridge` network
and the [linking containers in user-defined networks](work-with-networks.md#linking-containers-in-user-defined-networks) for links
functionality in user-defined networks.
## Related information
- [Work with network commands](work-with-networks.md)
- [Get started with multi-host networking](get-started-overlay.md)
- [Managing Data in Containers](../../tutorials/dockervolumes.md)
- [Docker Machine overview](https://docs.docker.com/machine)
- [Docker Swarm overview](https://docs.docker.com/swarm)
- [Investigate the LibNetwork project](https://github.com/docker/libnetwork)

83
docs/userguide/networking/get-started-overlay.md
View File

@@ -14,19 +14,70 @@ weight=-3
This article uses an example to explain the basics of creating a multi-host
network. Docker Engine supports multi-host networking out-of-the-box through the
`overlay` network driver. Unlike `bridge` networks, overlay networks require
some pre-existing conditions before you can create one. These conditions are:
some pre-existing conditions before you can create one:
* Access to a key-value store. Docker supports Consul, Etcd, and ZooKeeper (Distributed store) key-value stores.
* [Docker Engine running in swarm mode](#overlay-networking-and-swarm-mode)
OR
* [A cluster of hosts using a key value store](#overlay-networking-with-an-external-key-value-store)
## Overlay networking and swarm mode
Using docker engine running in [swarm mode](../../swarm/swarm-mode.md), you can create an overlay network on a manager node.
The swarm makes the overlay network available only to nodes in the swarm that
require it for a service. When you create a service that uses an overlay
network, the manager node automatically extends the overlay network to nodes
that run service tasks.
To learn more about running Docker Engine in swarm mode, refer to the
[Swarm mode overview](../../swarm/index.md).
The example below shows how to create a network and use it for a service from a manager node in the swarm:
```bash
# Create an overlay network `my-multi-host-network`.
$ docker network create \
--driver overlay \
--subnet 10.0.9.0/24 \
my-multi-host-network
400g6bwzd68jizzdx5pgyoe95
# Create an nginx service and extend the my-multi-host-network to nodes where
# the service's tasks run.
$ $ docker service create --replicas 2 --network my-multi-host-network --name my-web nginx
716thylsndqma81j6kkkb5aus
```
Overlay networks for a swarm are not available to unmanaged containers. For more information refer to [Docker swarm mode overlay network security model](overlay-security-model.md).
See also [Attach services to an overlay network](../../swarm/networking.md).
## Overlay networking with an external key-value store
To use an Docker engine with an external key-value store, you need the
following:
* Access to the key-value store. Docker supports Consul, Etcd, and ZooKeeper
(Distributed store) key-value stores.
* A cluster of hosts with connectivity to the key-value store.
* A properly configured Engine `daemon` on each host in the cluster.
* Hosts within the cluster must have unique hostnames because the key-value store uses the hostnames to identify cluster members.
* Hosts within the cluster must have unique hostnames because the key-value
store uses the hostnames to identify cluster members.
Though Docker Machine and Docker Swarm are not mandatory to experience Docker
multi-host networking, this example uses them to illustrate how they are
integrated. You'll use Machine to create both the key-value store
server and the host cluster. This example creates a Swarm cluster.
multi-host networking with a key-value store, this example uses them to
illustrate how they are integrated. You'll use Machine to create both the
key-value store server and the host cluster. This example creates a Swarm
cluster.
## Prerequisites
>**Note:** Docker Engine running in swarm mode is not compatible with networking
with an external key-value store.
### Prerequisites
Before you begin, make sure you have a system on your network with the latest
version of Docker Engine and Docker Machine installed. The example also relies
@@ -37,7 +88,7 @@ If you have not already done so, make sure you upgrade Docker Engine and Docker
Machine to the latest versions.
## Step 1: Set up a key-value store
### Set up a key-value store
An overlay network requires a key-value store. The key-value store holds
information about the network state which includes discovery, networks,
@@ -80,7 +131,7 @@ key-value stores. This example uses Consul.
Keep your terminal open and move onto the next step.
## Step 2: Create a Swarm cluster
### Create a Swarm cluster
In this step, you use `docker-machine` to provision the hosts for your network.
At this point, you won't actually create the network. You'll create several
@@ -123,7 +174,7 @@ At this point you have a set of hosts running on your network. You are ready to
Leave your terminal open and go onto the next step.
## Step 3: Create the overlay Network
### Create the overlay Network
To create an overlay network
@@ -147,12 +198,12 @@ To create an overlay network
└ Containers: 2
└ Reserved CPUs: 0 / 1
└ Reserved Memory: 0 B / 1.021 GiB
└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0-rc1 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
mhs-demo1: 192.168.99.105:2376
└ Containers: 1
└ Reserved CPUs: 0 / 1
└ Reserved Memory: 0 B / 1.021 GiB
└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0-rc1 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
└ Labels: executiondriver=native-0.2, kernelversion=4.1.10-boot2docker, operatingsystem=Boot2Docker 1.9.0 (TCL 6.4); master : 4187d2c - Wed Oct 14 14:00:28 UTC 2015, provider=virtualbox, storagedriver=aufs
CPUs: 2
Total Memory: 2.043 GiB
Name: 30438ece0915
@@ -213,7 +264,7 @@ To create an overlay network
Both agents report they have the `my-net` network with the `6b07d0be843f` ID.
You now have a multi-host container network running!
## Step 4: Run an application on your Network
### Run an application on your Network
Once your network is created, you can start a container on any of the hosts and it automatically is part of the network.
@@ -263,7 +314,7 @@ Once your network is created, you can start a container on any of the hosts and
</html>
- 100% |*******************************| 612 0:00:00 ETA
## Step 5: Check external connectivity
### Check external connectivity
As you've seen, Docker's built-in overlay network driver provides out-of-the-box
connectivity between the containers on multiple hosts within the same network.
@@ -326,7 +377,7 @@ to have external connectivity outside of their cluster.
the `my-net` overlay network. While the `eth1` interface represents the
container interface that is connected to the `docker_gwbridge` network.
## Step 6: Extra Credit with Docker Compose
### Extra Credit with Docker Compose
Please refer to the Networking feature introduced in [Compose V2 format]
(https://docs.docker.com/compose/networking/) and execute the
@@ -334,7 +385,7 @@ multi-host networking scenario in the Swarm cluster used above.
## Related information
* [Understand Docker container networks](dockernetworks.md)
* [Understand Docker container networks](index.md)
* [Work with network commands](work-with-networks.md)
* [Docker Swarm overview](https://docs.docker.com/swarm)
* [Docker Machine overview](https://docs.docker.com/machine)

574
docs/userguide/networking/index.md
View File

@@ -1,21 +1,573 @@
<!--[metadata]>
+++
title = "Network configuration"
description = "Docker networking feature is introduced"
keywords = ["network, networking, bridge, docker, documentation"]
aliases=[
"/engine/userguide/networking/dockernetworks/"
]
title = "Docker container networking"
description = "How do we connect docker containers within and across hosts ?"
keywords = ["Examples, Usage, network, docker, documentation, user guide, multihost, cluster"]
[menu.main]
identifier="smn_networking"
parent= "engine_guide"
weight=7
identifier="networking_index"
parent = "smn_networking"
weight = -5
+++
<![end-metadata]-->
# Docker networks feature overview
# Understand Docker container networks
This sections explains how to use the Docker networks feature. This feature allows users to define their own networks and connect containers to them. Using this feature you can create a network on a single host or a network that spans across multiple hosts.
This section provides an overview of the default networking behavior that Docker
Engine delivers natively. It describes the type of networks created by default
and how to create your own, user-defined networks. It also describes the
resources required to create networks on a single host or across a cluster of
hosts.
## Default Networks
When you install Docker, it creates three networks automatically. You can list
these networks using the `docker network ls` command:
```
$ docker network ls
NETWORK ID NAME DRIVER
7fca4eb8c647 bridge bridge
9f904ee27bf5 none null
cf03ee007fb4 host host
```
Historically, these three networks are part of Docker's implementation. When
you run a container you can use the `--network` flag to specify which network you
want to run a container on. These three networks are still available to you.
The `bridge` network represents the `docker0` network present in all Docker
installations. Unless you specify otherwise with the `docker run
--network=<NETWORK>` option, the Docker daemon connects containers to this network
by default. You can see this bridge as part of a host's network stack by using
the `ifconfig` command on the host.
```
$ ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:47:bc:3a:eb
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:47ff:febc:3aeb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:17 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1100 (1.1 KB) TX bytes:648 (648.0 B)
```
The `none` network adds a container to a container-specific network stack. That container lacks a network interface. Attaching to such a container and looking at its stack you see this:
```
$ docker attach nonenetcontainer
root@0cb243cd1293:/# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@0cb243cd1293:/# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@0cb243cd1293:/#
```
>**Note**: You can detach from the container and leave it running with `CTRL-p CTRL-q`.
The `host` network adds a container on the hosts network stack. You'll find the
network configuration inside the container is identical to the host.
With the exception of the `bridge` network, you really don't need to
interact with these default networks. While you can list and inspect them, you
cannot remove them. They are required by your Docker installation. However, you
can add your own user-defined networks and these you can remove when you no
longer need them. Before you learn more about creating your own networks, it is
worth looking at the default `bridge` network a bit.
### The default bridge network in detail
The default `bridge` network is present on all Docker hosts. The `docker network inspect`
command returns information about a network:
```
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.17.0.1/16",
"Gateway": "172.17.0.1"
}
]
},
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "9001"
}
}
]
```
The Engine automatically creates a `Subnet` and `Gateway` to the network.
The `docker run` command automatically adds new containers to this network.
```
$ docker run -itd --name=container1 busybox
3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c
$ docker run -itd --name=container2 busybox
94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c
```
Inspecting the `bridge` network again after starting two containers shows both newly launched containers in the network. Their ids show up in the "Containers" section of `docker network inspect`:
```
$ docker network inspect bridge
{[
{
"Name": "bridge",
"Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.17.0.1/16",
"Gateway": "172.17.0.1"
}
]
},
"Containers": {
"3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {
"EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c": {
"EndpointID": "b047d090f446ac49747d3c37d63e4307be745876db7f0ceef7b311cbba615f48",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "9001"
}
}
]
```
The `docker network inspect` command above shows all the connected containers and their network resources on a given network. Containers in this default network are able to communicate with each other using IP addresses. Docker does not support automatic service discovery on the default bridge network. If you want to communicate with container names in this default bridge network, you must connect the containers via the legacy `docker run --link` option.
You can `attach` to a running `container` and investigate its configuration:
```
$ docker attach container1
root@0cb243cd1293:/# ifconfig
ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KiB) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
```
Then use `ping`to send three ICMP requests and test the connectivity of the
containers on this `bridge` network.
```
root@0cb243cd1293:/# ping -w3 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.096 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.080 ms
64 bytes from 172.17.0.3: seq=2 ttl=64 time=0.074 ms
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.074/0.083/0.096 ms
```
Finally, use the `cat` command to check the `container1` network configuration:
```
root@0cb243cd1293:/# cat /etc/hosts
172.17.0.2 3386a527aa08
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
```
To detach from a `container1` and leave it running use `CTRL-p CTRL-q`.Then, attach to `container2` and repeat these three commands.
```
$ docker attach container2
root@0cb243cd1293:/# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:15 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1166 (1.1 KiB) TX bytes:1026 (1.0 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@0cb243cd1293:/# ping -w3 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.067 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.075 ms
64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.072 ms
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.067/0.071/0.075 ms
/ # cat /etc/hosts
172.17.0.3 94447ca47985
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
```
The default `docker0` bridge network supports the use of port mapping and `docker run --link` to allow communications between containers in the `docker0` network. These techniques are cumbersome to set up and prone to error. While they are still available to you as techniques, it is better to avoid them and define your own bridge networks instead.
## User-defined networks
You can create your own user-defined networks that better isolate containers.
Docker provides some default **network drivers** for creating these networks.
You can create a new **bridge network**, **overlay network** or **MACVLAN
network**. You can also create a **network plugin** or **remote network**
written to your own specifications.
You can create multiple networks. You can add containers to more than one
network. Containers can only communicate within networks but not across
networks. A container attached to two networks can communicate with member
containers in either network. When a container is connected to multiple
networks, its external connectivity is provided via the first non-internal
network, in lexical order.
The next few sections describe each of Docker's built-in network drivers in
greater detail.
### A bridge network
The easiest user-defined network to create is a `bridge` network. This network
is similar to the historical, default `docker0` network. There are some added
features and some old features that aren't available.
```
$ docker network create --driver bridge isolated_nw
1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b
$ docker network inspect isolated_nw
[
{
"Name": "isolated_nw",
"Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.21.0.0/16",
"Gateway": "172.21.0.1/16"
}
]
},
"Containers": {},
"Options": {}
}
]
$ docker network ls
NETWORK ID NAME DRIVER
9f904ee27bf5 none null
cf03ee007fb4 host host
7fca4eb8c647 bridge bridge
c5ee82f76de3 isolated_nw bridge
```
After you create the network, you can launch containers on it using the `docker run --network=<NETWORK>` option.
```
$ docker run --network=isolated_nw -itd --name=container3 busybox
8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c
$ docker network inspect isolated_nw
[
{
"Name": "isolated_nw",
"Id": "1196a4c5af43a21ae38ef34515b6af19236a3fc48122cf585e3f3054d509679b",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{}
]
},
"Containers": {
"8c1a0a5be480921d669a073393ade66a3fc49933f08bcc5515b37b8144f6d47c": {
"EndpointID": "93b2db4a9b9a997beb912d28bcfc117f7b0eb924ff91d48cfa251d473e6a9b08",
"MacAddress": "02:42:ac:15:00:02",
"IPv4Address": "172.21.0.2/16",
"IPv6Address": ""
}
},
"Options": {}
}
]
```
The containers you launch into this network must reside on the same Docker host.
Each container in the network can immediately communicate with other containers
in the network. Though, the network itself isolates the containers from external
networks.
![An isolated network](images/bridge_network.png)
Within a user-defined bridge network, linking is not supported. You can
expose and publish container ports on containers in this network. This is useful
if you want to make a portion of the `bridge` network available to an outside
network.
![Bridge network](images/network_access.png)
A bridge network is useful in cases where you want to run a relatively small
network on a single host. You can, however, create significantly larger networks
by creating an `overlay` network.
### An overlay network with Docker Engine swarm mode
You can create an overlay network on a manager node running in swarm mode
without an external key-value store. The swarm makes the overlay network
available only to nodes in the swarm that require it for a service. When you
create a service that uses the overlay network, the manager node automatically
extends the overlay network to nodes that run service tasks.
To learn more about running Docker Engine in swarm mode, refer to the
[Swarm mode overview](../../swarm/index.md).
The example below shows how to create a network and use it for a service from a manager node in the swarm:
```bash
# Create an overlay network `my-multi-host-network`.
$ docker network create \
--driver overlay \
--subnet 10.0.9.0/24 \
my-multi-host-network
400g6bwzd68jizzdx5pgyoe95
# Create an nginx service and extend the my-multi-host-network to nodes where
# the service's tasks run.
$ $ docker service create --replicas 2 --network my-multi-host-network --name my-web nginx
716thylsndqma81j6kkkb5aus
```
Overlay networks for a swarm are not available to containers started with
`docker run` that don't run as part of a swarm mode service. For more
information refer to [Docker swarm mode overlay network security model](overlay-security-model.md).
See also [Attach services to an overlay network](../../swarm/networking.md).
### An overlay network with an external key-value store
If you are not using Docker Engine in swarm mode, the `overlay` network requires
a valid key-value store service. Supported key-value stores include Consul,
Etcd, and ZooKeeper (Distributed store). Before creating a network on this
version of the Engine, you must install and configure your chosen key-value
store service. The Docker hosts that you intend to network and the service must
be able to communicate.
>**Note:** Docker Engine running in swarm mode is not compatible with networking
with an external key-value store.
![Key-value store](images/key_value.png)
Each host in the network must run a Docker Engine instance. The easiest way to
provision the hosts is with Docker Machine.
![Engine on each host](images/engine_on_net.png)
You should open the following ports between each of your hosts.
| Protocol | Port | Description |
|----------|------|-----------------------|
| udp | 4789 | Data plane (VXLAN) |
| tcp/udp | 7946 | Control plane |
Your key-value store service may require additional ports.
Check your vendor's documentation and open any required ports.
Once you have several machines provisioned, you can use Docker Swarm to quickly
form them into a swarm which includes a discovery service as well.
To create an overlay network, you configure options on the `daemon` on each
Docker Engine for use with `overlay` network. There are three options to set:
<table>
<thead>
<tr>
<th>Option</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><pre>--cluster-store=PROVIDER://URL</pre></td>
<td>Describes the location of the KV service.</td>
</tr>
<tr>
<td><pre>--cluster-advertise=HOST_IP|HOST_IFACE:PORT</pre></td>
<td>The IP address or interface of the HOST used for clustering.</td>
</tr>
<tr>
<td><pre>--cluster-store-opt=KEY-VALUE OPTIONS</pre></td>
<td>Options such as TLS certificate or tuning discovery Timers</td>
</tr>
</tbody>
</table>
Create an `overlay` network on one of the machines in the Swarm.
$ docker network create --driver overlay my-multi-host-network
This results in a single network spanning multiple hosts. An `overlay` network
provides complete isolation for the containers.
![An overlay network](images/overlay_network.png)
Then, on each host, launch containers making sure to specify the network name.
$ docker run -itd --network=my-multi-host-network busybox
Once connected, each container has access to all the containers in the network
regardless of which Docker host the container was launched on.
![Published port](images/overlay-network-final.png)
If you would like to try this for yourself, see the [Getting started for
overlay](get-started-overlay.md).
### Custom network plugin
If you like, you can write your own network driver plugin. A network
driver plugin makes use of Docker's plugin infrastructure. In this
infrastructure, a plugin is a process running on the same Docker host as the
Docker `daemon`.
Network plugins follow the same restrictions and installation rules as other
plugins. All plugins make use of the plugin API. They have a lifecycle that
encompasses installation, starting, stopping and activation.
Once you have created and installed a custom network driver, you use it like the
built-in network drivers. For example:
$ docker network create --driver weave mynet
You can inspect it, add containers to and from it, and so forth. Of course,
different plugins may make use of different technologies or frameworks. Custom
networks can include features not present in Docker's default networks. For more
information on writing plugins, see [Extending Docker](../../extend/index.md) and
[Writing a network driver plugin](../../extend/plugins_network.md).
### Docker embedded DNS server
Docker daemon runs an embedded DNS server to provide automatic service discovery
for containers connected to user defined networks. Name resolution requests from
the containers are handled first by the embedded DNS server. If the embedded DNS
server is unable to resolve the request it will be forwarded to any external DNS
servers configured for the container. To facilitate this when the container is
created, only the embedded DNS server reachable at `127.0.0.11` will be listed
in the container's `resolv.conf` file. More information on embedded DNS server on
user-defined networks can be found in the [embedded DNS server in user-defined networks]
(configure-dns.md)
## Links
Before the Docker network feature, you could use the Docker link feature to
allow containers to discover each other. With the introduction of Docker networks,
containers can be discovered by its name automatically. But you can still create
links but they behave differently when used in the default `docker0` bridge network
compared to user-defined networks. For more information, please refer to
[Legacy Links](default_network/dockerlinks.md) for link feature in default `bridge` network
and the [linking containers in user-defined networks](work-with-networks.md#linking-containers-in-user-defined-networks) for links
functionality in user-defined networks.
## Related information
- [Understand Docker container networks](dockernetworks.md)
- [Work with network commands](work-with-networks.md)
- [Get started with multi-host networking](get-started-overlay.md)
If you are already familiar with Docker's default bridge network, `docker0` that network continues to be supported. It is created automatically in every installation. The default bridge network is also named `bridge`. To see a list of topics related to that network, read the articles listed in the [Docker default bridge network](default_network/index.md).
- [Managing Data in Containers](../../tutorials/dockervolumes.md)
- [Docker Machine overview](https://docs.docker.com/machine)
- [Docker Swarm overview](https://docs.docker.com/swarm)
- [Investigate the LibNetwork project](https://github.com/docker/libnetwork)

22
docs/userguide/networking/menu.md Normal file
View File

@@ -0,0 +1,22 @@
<!--[metadata]>
+++
title = "Network configuration"
description = "Docker networking feature is introduced"
keywords = ["network, networking, bridge, docker, documentation"]
type="menu"
[menu.main]
identifier="smn_networking"
parent= "engine_guide"
weight=7
+++
<![end-metadata]-->
# Docker networks feature overview
This sections explains how to use the Docker networks feature. This feature allows users to define their own networks and connect containers to them. Using this feature you can create a network on a single host or a network that spans across multiple hosts.
- [Understand Docker container networks](index.md)
- [Work with network commands](work-with-networks.md)
- [Get started with multi-host networking](get-started-overlay.md)
If you are already familiar with Docker's default bridge network, `docker0` that network continues to be supported. It is created automatically in every installation. The default bridge network is also named `bridge`. To see a list of topics related to that network, read the articles listed in the [Docker default bridge network](default_network/index.md).

66
docs/userguide/networking/overlay-security-model.md Normal file
View File

@@ -0,0 +1,66 @@
<!--[metadata]>
+++
title = "Swarm mode overlay network security model"
description = "Docker swarm mode overlay network security model"
keywords = ["network, docker, documentation, user guide, multihost, swarm mode", "overlay"]
[menu.main]
parent = "smn_networking"
weight=-2
+++
<![end-metadata]-->
# Docker swarm mode overlay network security model
Overlay networking for Docker Engine swarm mode comes secure out of the box. The
swarm nodes exchange overlay network information using a gossip protocol. By
default the nodes encrypt and authenticate information they exchange via gossip
using the [AES algorithm](https://en.wikipedia.org/wiki/Galois/Counter_Mode) in
GCM mode. Manager nodes in the swarm rotate the key used to encrypt gossip data
every 12 hours.
You can also encrypt data exchanged between containers on different nodes on the
overlay network. To enable encryption, when you create an overlay network pass
the `--opt encrypted` flag:
```bash
$ docker network create --opt encrypted --driver overlay my-multi-host-network
dt0zvqn0saezzinc8a5g4worx
```
When you enable overlay encryption, Docker creates IPSEC tunnels between all the
nodes where tasks are scheduled for services attached to the overlay network.
These tunnels also use the AES algorithm in GCM mode and manager nodes
automatically rotate the keys every 12 hours.
## Swarm mode overlay networks and unmanaged containers
Because the overlay networks for swarm mode use encryption keys from the manager
nodes to encrypt the gossip communications, only containers running as tasks in
the swarm have access to the keys. Consequently, containers started outside of
swarm mode using `docker run` (unmanaged containers) cannot attach to the
overlay network.
For example:
```bash
$ docker run --network my-multi-host-network nginx
docker: Error response from daemon: swarm-scoped network
(my-multi-host-network) is not compatible with `docker create` or `docker
run`. This network can only be used by a docker service.
```
To work around this situation, migrate the unmanaged containers to managed
services. For instance:
```bash
$ docker service create --network my-multi-host-network my-image
```
Because [swarm mode](../../swarm/index.md) is an optional feature, the Docker
Engine preserves backward compatibility. You can continue to rely on a
third-party key-value store to support overlay networking if you wish.
However, switching to swarm-mode is strongly encouraged. In addition to the
security benefits described in this article, swarm mode enables you to leverage
the substantially greater scalability provided by the new services API.

2
docs/userguide/networking/work-with-networks.md
View File

@@ -23,7 +23,7 @@ available through the Docker Engine CLI. These commands are:
* `docker network inspect`
While not required, it is a good idea to read [Understanding Docker
network](dockernetworks.md) before trying the examples in this section. The
network](index.md) before trying the examples in this section. The
examples for the rely on a `bridge` network so that you can try them
immediately. If you would prefer to experiment with an `overlay` network see
the [Getting started with multi-host networks](get-started-overlay.md) instead.

4
docs/userguide/storagedriver/device-mapper-driver.md
View File

@@ -216,7 +216,7 @@ a `direct-lvm` configuration.
The procedure below will create a logical volume configured as a thin pool to
use as backing for the storage pool. It assumes that you have a spare block
device at `/dev/xvdf` with enough free space to complete the task. The device
identifier and volume sizes may be be different in your environment and you
identifier and volume sizes may be different in your environment and you
should substitute your own values throughout the procedure. The procedure also
assumes that the Docker daemon is in the `stopped` state.
@@ -423,7 +423,7 @@ Containers: 0
Paused: 0
Stopped: 0
Images: 2
Server Version: 1.11.0-rc2
Server Version: 1.11.0
Storage Driver: devicemapper
Pool Name: docker-8:1-123141-pool
Pool Blocksize: 65.54 kB