|
@@ -98,10 +98,10 @@ improvements. These include:
|
|
We added a `--restart flag` to `docker run` to specify a restart policy for your
|
|
We added a `--restart flag` to `docker run` to specify a restart policy for your
|
|
container. Currently, there are three policies available:
|
|
container. Currently, there are three policies available:
|
|
|
|
|
|
-`no` – Do not restart the container if it dies. (default)
|
|
|
|
-`on-failure` – Restart the container if it exits with a non-zero exit code.
|
|
|
|
|
|
+* `no` – Do not restart the container if it dies. (default)
|
|
|
|
+* `on-failure` – Restart the container if it exits with a non-zero exit code.
|
|
This can also accept an optional maximum restart count (e.g. `on-failure:5`).
|
|
This can also accept an optional maximum restart count (e.g. `on-failure:5`).
|
|
-`always` – Always restart the container no matter what exit code is returned.
|
|
|
|
|
|
+* `always` – Always restart the container no matter what exit code is returned.
|
|
This deprecates the `--restart` flag on the Docker daemon.
|
|
This deprecates the `--restart` flag on the Docker daemon.
|
|
|
|
|
|
*New flags for `docker run`: `--cap-add` and `–-cap-drop`*
|
|
*New flags for `docker run`: `--cap-add` and `–-cap-drop`*
|
|
@@ -112,26 +112,25 @@ Further, using `--privileged` would grant all capabilities inside a container, r
|
|
applying a whitelist. This was not recommended for production use because it’s really
|
|
applying a whitelist. This was not recommended for production use because it’s really
|
|
unsafe; it’s as if you were directly in the host.
|
|
unsafe; it’s as if you were directly in the host.
|
|
|
|
|
|
-This release introduces two new flags for `docker run` --cap-add and --cap-drop that give
|
|
|
|
-you fine grain control over the specific capabilities you want grant to a particular
|
|
|
|
|
|
+This release introduces two new flags for `docker run`, `--cap-add` and `--cap-drop`, that
|
|
|
|
+give you fine-grain control over the specific capabilities you want grant to a particular
|
|
container.
|
|
container.
|
|
|
|
|
|
*New `-–device` flag for `docker run`*
|
|
*New `-–device` flag for `docker run`*
|
|
|
|
|
|
-Previously, you could only use devices inside your containers by bind mounting them ( with
|
|
|
|
|
|
+Previously, you could only use devices inside your containers by bind mounting them (with
|
|
`-v`) in a `--privileged` container. With this release, we introduce the `--device flag`
|
|
`-v`) in a `--privileged` container. With this release, we introduce the `--device flag`
|
|
to `docker run` which lets you use a device without requiring a privileged container.
|
|
to `docker run` which lets you use a device without requiring a privileged container.
|
|
|
|
|
|
-
|
|
|
|
*Writable `/etc/hosts`, `/etc/hostname` and `/etc/resolv.conf`*
|
|
*Writable `/etc/hosts`, `/etc/hostname` and `/etc/resolv.conf`*
|
|
|
|
|
|
You can now edit `/etc/hosts`, `/etc/hostname` and `/etc/resolve.conf` in a running
|
|
You can now edit `/etc/hosts`, `/etc/hostname` and `/etc/resolve.conf` in a running
|
|
-container. This is useful if you need to install bind or other services that might
|
|
|
|
|
|
+container. This is useful if you need to install BIND or other services that might
|
|
override one of those files.
|
|
override one of those files.
|
|
|
|
|
|
-Note, however, that changes to these files are not saved during a docker build and so will
|
|
|
|
-not be preserved in the resulting image. The changes will only “stick” in a running
|
|
|
|
-container.
|
|
|
|
|
|
+Note, however, that changes to these files are not saved when running `docker build` and
|
|
|
|
+so will not be preserved in the resulting image. The changes will only “stick” in a
|
|
|
|
+running container.
|
|
|
|
|
|
*Docker proxy in a separate process*
|
|
*Docker proxy in a separate process*
|
|
|
|
|
|
@@ -139,9 +138,11 @@ The Docker userland proxy that routes outbound traffic to your containers now ha
|
|
separate process (one process per connection). This greatly reduces the load on the
|
|
separate process (one process per connection). This greatly reduces the load on the
|
|
daemon, which increases stability and efficiency.
|
|
daemon, which increases stability and efficiency.
|
|
|
|
|
|
-*Other Improvements & Changes*
|
|
|
|
|
|
+*Other improvements & changes*
|
|
|
|
|
|
-* When using `docker rm -f`, Docker now kills the container (instead of stopping it) before removing it . If you intend to stop the container cleanly, you can use `docker stop`.
|
|
|
|
|
|
+* When using `docker rm -f`, Docker now kills the container (instead of stopping it)
|
|
|
|
+before removing it . If you intend to stop the container cleanly, you can use `docker
|
|
|
|
+stop`.
|
|
|
|
|
|
* Added support for IPv6 addresses in `--dns`
|
|
* Added support for IPv6 addresses in `--dns`
|
|
|
|
|