vendor docker/engine-api@f9cef590446e4e6073b49b652f47a337b897c1a3

Signed-off-by: Antonio Murdaca <runcom@redhat.com>

api/client/container/update.go

@@ -135,13 +135,21 @@ func runUpdate(dockerCli *client.DockerCli, opts *updateOptions) error {
 
 	ctx := context.Background()
 
-	var errs []string
+	var (
+		warns []string
+		errs  []string
+	)
 	for _, container := range opts.containers {
-		if err := dockerCli.Client().ContainerUpdate(ctx, container, updateConfig); err != nil {
+		r, err := dockerCli.Client().ContainerUpdate(ctx, container, updateConfig)
+		if err != nil {
 			errs = append(errs, err.Error())
 		} else {
 			fmt.Fprintf(dockerCli.Out(), "%s\n", container)
 		}
+		warns = append(warns, r.Warnings...)
+	}
+	if len(warns) > 0 {
+		fmt.Fprintf(dockerCli.Out(), "%s", strings.Join(warns, "\n"))
 	}
 	if len(errs) > 0 {
 		return fmt.Errorf("%s", strings.Join(errs, "\n"))

api/client/network/create.go

@@ -79,7 +79,7 @@ func runCreate(dockerCli *client.DockerCli, opts createOptions) error {
 	nc := types.NetworkCreate{
 		Driver:  opts.driver,
 		Options: opts.driverOpts.GetAll(),
-		IPAM: network.IPAM{
+		IPAM: &network.IPAM{
 			Driver:  opts.ipamDriver,
 			Config:  ipamCfg,
 			Options: opts.ipamOpt.GetAll(),

api/client/stack/deploy.go

@@ -12,7 +12,6 @@ import (
 	"github.com/docker/docker/api/client/bundlefile"
 	"github.com/docker/docker/cli"
 	"github.com/docker/engine-api/types"
-	"github.com/docker/engine-api/types/network"
 	"github.com/docker/engine-api/types/swarm"
 )
 
@@ -105,8 +104,6 @@ func updateNetworks(
 	createOpts := types.NetworkCreate{
 		Labels: getStackLabels(namespace, nil),
 		Driver: defaultNetworkDriver,
-		// TODO: remove when engine-api uses omitempty for IPAM
-		IPAM: network.IPAM{Driver: "default"},
 	}
 
 	for _, internalName := range networks {

api/client/swarm/opts.go

@@ -172,7 +172,7 @@ func addSwarmFlags(flags *pflag.FlagSet, opts *swarmOptions) {
 func (opts *swarmOptions) ToSpec() swarm.Spec {
 	spec := swarm.Spec{}
 	spec.Orchestration.TaskHistoryRetentionLimit = opts.taskHistoryLimit
-	spec.Dispatcher.HeartbeatPeriod = uint64(opts.dispatcherHeartbeat.Nanoseconds())
+	spec.Dispatcher.HeartbeatPeriod = opts.dispatcherHeartbeat
 	spec.CAConfig.NodeCertExpiry = opts.nodeCertExpiry
 	spec.CAConfig.ExternalCAs = opts.externalCA.Value()
 	return spec

api/client/swarm/update.go

@@ -63,7 +63,7 @@ func mergeSwarm(swarm *swarm.Swarm, flags *pflag.FlagSet) error {
 
 	if flags.Changed(flagDispatcherHeartbeat) {
 		if v, err := flags.GetDuration(flagDispatcherHeartbeat); err == nil {
-			spec.Dispatcher.HeartbeatPeriod = uint64(v.Nanoseconds())
+			spec.Dispatcher.HeartbeatPeriod = v
 		}
 	}
 

api/server/router/container/backend.go

@@ -42,7 +42,7 @@ type stateBackend interface {
 	ContainerStart(name string, hostConfig *container.HostConfig, validateHostname bool) error
 	ContainerStop(name string, seconds int) error
 	ContainerUnpause(name string) error
-	ContainerUpdate(name string, hostConfig *container.HostConfig, validateHostname bool) ([]string, error)
+	ContainerUpdate(name string, hostConfig *container.HostConfig, validateHostname bool) (types.ContainerUpdateResponse, error)
 	ContainerWait(name string, timeout time.Duration) (int, error)
 }
 

api/server/router/container/container_routes.go

@@ -327,14 +327,12 @@ func (s *containerRouter) postContainerUpdate(ctx context.Context, w http.Respon
 
 	name := vars["name"]
 	validateHostname := versions.GreaterThanOrEqualTo(version, "1.24")
-	warnings, err := s.backend.ContainerUpdate(name, hostConfig, validateHostname)
+	resp, err := s.backend.ContainerUpdate(name, hostConfig, validateHostname)
 	if err != nil {
 		return err
 	}
 
-	return httputils.WriteJSON(w, http.StatusOK, &types.ContainerUpdateResponse{
-		Warnings: warnings,
-	})
+	return httputils.WriteJSON(w, http.StatusOK, resp)
 }
 
 func (s *containerRouter) postContainersCreate(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {

daemon/cluster/cluster.go

@@ -67,7 +67,7 @@ var defaultSpec = types.Spec{
 		NodeCertExpiry: 90 * 24 * time.Hour,
 	},
 	Dispatcher: types.DispatcherConfig{
-		HeartbeatPeriod: uint64((5 * time.Second).Nanoseconds()),
+		HeartbeatPeriod: 5 * time.Second,
 	},
 	Orchestration: types.OrchestrationConfig{
 		TaskHistoryRetentionLimit: 10,

daemon/cluster/convert/network.go

@@ -179,21 +179,23 @@ func BasicNetworkCreateToGRPC(create basictypes.NetworkCreateRequest) swarmapi.N
 		},
 		Ipv6Enabled: create.EnableIPv6,
 		Internal:    create.Internal,
-		IPAM: &swarmapi.IPAMOptions{
+	}
+	if create.IPAM != nil {
+		ns.IPAM = &swarmapi.IPAMOptions{
 			Driver: &swarmapi.Driver{
 				Name:    create.IPAM.Driver,
 				Options: create.IPAM.Options,
 			},
-		},
-	}
-	ipamSpec := make([]*swarmapi.IPAMConfig, 0, len(create.IPAM.Config))
-	for _, ipamConfig := range create.IPAM.Config {
-		ipamSpec = append(ipamSpec, &swarmapi.IPAMConfig{
-			Subnet:  ipamConfig.Subnet,
-			Range:   ipamConfig.IPRange,
-			Gateway: ipamConfig.Gateway,
-		})
+		}
+		ipamSpec := make([]*swarmapi.IPAMConfig, 0, len(create.IPAM.Config))
+		for _, ipamConfig := range create.IPAM.Config {
+			ipamSpec = append(ipamSpec, &swarmapi.IPAMConfig{
+				Subnet:  ipamConfig.Subnet,
+				Range:   ipamConfig.IPRange,
+				Gateway: ipamConfig.Gateway,
+			})
+		}
+		ns.IPAM.Configs = ipamSpec
 	}
-	ns.IPAM.Configs = ipamSpec
 	return ns
 }

daemon/cluster/convert/swarm.go

@@ -23,8 +23,8 @@ func SwarmFromGRPC(c swarmapi.Cluster) types.Swarm {
 					SnapshotInterval:           c.Spec.Raft.SnapshotInterval,
 					KeepOldSnapshots:           c.Spec.Raft.KeepOldSnapshots,
 					LogEntriesForSlowFollowers: c.Spec.Raft.LogEntriesForSlowFollowers,
-					HeartbeatTick:              c.Spec.Raft.HeartbeatTick,
-					ElectionTick:               c.Spec.Raft.ElectionTick,
+					HeartbeatTick:              int(c.Spec.Raft.HeartbeatTick),
+					ElectionTick:               int(c.Spec.Raft.ElectionTick),
 				},
 			},
 		},
@@ -35,7 +35,7 @@ func SwarmFromGRPC(c swarmapi.Cluster) types.Swarm {
 	}
 
 	heartbeatPeriod, _ := ptypes.Duration(c.Spec.Dispatcher.HeartbeatPeriod)
-	swarm.Spec.Dispatcher.HeartbeatPeriod = uint64(heartbeatPeriod)
+	swarm.Spec.Dispatcher.HeartbeatPeriod = heartbeatPeriod
 
 	swarm.Spec.CAConfig.NodeCertExpiry, _ = ptypes.Duration(c.Spec.CAConfig.NodeCertExpiry)
 
@@ -73,8 +73,8 @@ func SwarmSpecToGRPC(s types.Spec) (swarmapi.ClusterSpec, error) {
 			SnapshotInterval:           s.Raft.SnapshotInterval,
 			KeepOldSnapshots:           s.Raft.KeepOldSnapshots,
 			LogEntriesForSlowFollowers: s.Raft.LogEntriesForSlowFollowers,
-			HeartbeatTick:              s.Raft.HeartbeatTick,
-			ElectionTick:               s.Raft.ElectionTick,
+			HeartbeatTick:              uint32(s.Raft.HeartbeatTick),
+			ElectionTick:               uint32(s.Raft.ElectionTick),
 		},
 		Dispatcher: swarmapi.DispatcherConfig{
 			HeartbeatPeriod: ptypes.DurationProto(time.Duration(s.Dispatcher.HeartbeatPeriod)),

daemon/cluster/executor/container/container.go

@@ -478,7 +478,7 @@ func (c *containerConfig) networkCreateRequest(name string) (clustertypes.Networ
 	options := types.NetworkCreate{
 		// ID:     na.Network.ID,
 		Driver: na.Network.DriverState.Name,
-		IPAM: network.IPAM{
+		IPAM: &network.IPAM{
 			Driver: na.Network.IPAM.Driver.Name,
 		},
 		Options:        na.Network.DriverState.Options,

daemon/cluster/executor/container/executor.go

@@ -94,7 +94,7 @@ func (e *executor) Configure(ctx context.Context, node *api.Node) error {
 
 	options := types.NetworkCreate{
 		Driver: na.Network.DriverState.Name,
-		IPAM: network.IPAM{
+		IPAM: &network.IPAM{
 			Driver: na.Network.IPAM.Driver.Name,
 		},
 		Options:        na.Network.DriverState.Options,

daemon/network.go

@@ -234,18 +234,21 @@ func (daemon *Daemon) createNetwork(create types.NetworkCreateRequest, id string
 		driver = c.Config().Daemon.DefaultDriver
 	}
 
-	ipam := create.IPAM
-	v4Conf, v6Conf, err := getIpamConfig(ipam.Config)
-	if err != nil {
-		return nil, err
-	}
-
 	nwOptions := []libnetwork.NetworkOption{
-		libnetwork.NetworkOptionIpam(ipam.Driver, "", v4Conf, v6Conf, ipam.Options),
 		libnetwork.NetworkOptionEnableIPv6(create.EnableIPv6),
 		libnetwork.NetworkOptionDriverOpts(create.Options),
 		libnetwork.NetworkOptionLabels(create.Labels),
 	}
+
+	if create.IPAM != nil {
+		ipam := create.IPAM
+		v4Conf, v6Conf, err := getIpamConfig(ipam.Config)
+		if err != nil {
+			return nil, err
+		}
+		nwOptions = append(nwOptions, libnetwork.NetworkOptionIpam(ipam.Driver, "", v4Conf, v6Conf, ipam.Options))
+	}
+
 	if create.Internal {
 		nwOptions = append(nwOptions, libnetwork.NetworkOptionInternalNetwork())
 	}

daemon/update.go

@@ -3,23 +3,24 @@ package daemon
 import (
 	"fmt"
 
+	"github.com/docker/engine-api/types"
 	"github.com/docker/engine-api/types/container"
 )
 
 // ContainerUpdate updates configuration of the container
-func (daemon *Daemon) ContainerUpdate(name string, hostConfig *container.HostConfig, validateHostname bool) ([]string, error) {
+func (daemon *Daemon) ContainerUpdate(name string, hostConfig *container.HostConfig, validateHostname bool) (types.ContainerUpdateResponse, error) {
 	var warnings []string
 
 	warnings, err := daemon.verifyContainerSettings(hostConfig, nil, true, validateHostname)
 	if err != nil {
-		return warnings, err
+		return types.ContainerUpdateResponse{Warnings: warnings}, err
 	}
 
 	if err := daemon.update(name, hostConfig); err != nil {
-		return warnings, err
+		return types.ContainerUpdateResponse{Warnings: warnings}, err
 	}
 
-	return warnings, nil
+	return types.ContainerUpdateResponse{Warnings: warnings}, nil
 }
 
 // ContainerUpdateCmdOnBuild updates Path and Args for the container with ID cID.

hack/vendor.sh

@@ -66,7 +66,7 @@ clone git golang.org/x/sys eb2c74142fd19a79b3f237334c7384d5167b1b46 https://gith
 clone git github.com/docker/go-units eb879ae3e2b84e2a142af415b679ddeda47ec71c
 clone git github.com/docker/go-connections fa2850ff103453a9ad190da0df0af134f0314b3d
 
-clone git github.com/docker/engine-api 8d8fffdf863b12d03c76abf6ca1377e6f8f4e549
+clone git github.com/docker/engine-api f9cef590446e4e6073b49b652f47a337b897c1a3
 clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837
 clone git github.com/imdario/mergo 0.2.1
 

integration-cli/docker_api_network_test.go

@@ -101,7 +101,7 @@ func (s *DockerSuite) TestApiNetworkInspect(c *check.C) {
 	c.Assert(ip.String(), checker.Equals, containerIP)
 
 	// IPAM configuration inspect
-	ipam := network.IPAM{
+	ipam := &network.IPAM{
 		Driver: "default",
 		Config: []network.IPAMConfig{{Subnet: "172.28.0.0/16", IPRange: "172.28.5.0/24", Gateway: "172.28.5.254"}},
 	}
@@ -173,7 +173,7 @@ func (s *DockerSuite) TestApiNetworkConnectDisconnect(c *check.C) {
 func (s *DockerSuite) TestApiNetworkIpamMultipleBridgeNetworks(c *check.C) {
 	testRequires(c, DaemonIsLinux)
 	// test0 bridge network
-	ipam0 := network.IPAM{
+	ipam0 := &network.IPAM{
 		Driver: "default",
 		Config: []network.IPAMConfig{{Subnet: "192.178.0.0/16", IPRange: "192.178.128.0/17", Gateway: "192.178.138.100"}},
 	}
@@ -187,7 +187,7 @@ func (s *DockerSuite) TestApiNetworkIpamMultipleBridgeNetworks(c *check.C) {
 	id0 := createNetwork(c, config0, true)
 	c.Assert(isNetworkAvailable(c, "test0"), checker.Equals, true)
 
-	ipam1 := network.IPAM{
+	ipam1 := &network.IPAM{
 		Driver: "default",
 		Config: []network.IPAMConfig{{Subnet: "192.178.128.0/17", Gateway: "192.178.128.1"}},
 	}
@@ -202,7 +202,7 @@ func (s *DockerSuite) TestApiNetworkIpamMultipleBridgeNetworks(c *check.C) {
 	createNetwork(c, config1, false)
 	c.Assert(isNetworkAvailable(c, "test1"), checker.Equals, false)
 
-	ipam2 := network.IPAM{
+	ipam2 := &network.IPAM{
 		Driver: "default",
 		Config: []network.IPAMConfig{{Subnet: "192.169.0.0/16", Gateway: "192.169.100.100"}},
 	}

integration-cli/docker_cli_swarm_test.go

@@ -25,7 +25,7 @@ func (s *DockerSwarmSuite) TestSwarmUpdate(c *check.C) {
 
 	spec := getSpec()
 	c.Assert(spec.CAConfig.NodeCertExpiry, checker.Equals, 30*time.Hour)
-	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, uint64(11*time.Second))
+	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, 11*time.Second)
 
 	// setting anything under 30m for cert-expiry is not allowed
 	out, err = d.Cmd("swarm", "update", "--cert-expiry", "15m")
@@ -48,7 +48,7 @@ func (s *DockerSwarmSuite) TestSwarmInit(c *check.C) {
 
 	spec := getSpec()
 	c.Assert(spec.CAConfig.NodeCertExpiry, checker.Equals, 30*time.Hour)
-	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, uint64(11*time.Second))
+	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, 11*time.Second)
 
 	c.Assert(d.Leave(true), checker.IsNil)
 	time.Sleep(500 * time.Millisecond) // https://github.com/docker/swarmkit/issues/1421
@@ -57,7 +57,7 @@ func (s *DockerSwarmSuite) TestSwarmInit(c *check.C) {
 
 	spec = getSpec()
 	c.Assert(spec.CAConfig.NodeCertExpiry, checker.Equals, 90*24*time.Hour)
-	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, uint64(5*time.Second))
+	c.Assert(spec.Dispatcher.HeartbeatPeriod, checker.Equals, 5*time.Second)
 }
 
 func (s *DockerSwarmSuite) TestSwarmInitIPv6(c *check.C) {

vendor/src/github.com/docker/engine-api/client/container_update.go

@@ -1,13 +1,23 @@
 package client
 
 import (
+	"encoding/json"
+
+	"github.com/docker/engine-api/types"
 	"github.com/docker/engine-api/types/container"
 	"golang.org/x/net/context"
 )
 
 // ContainerUpdate updates resources of a container
-func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, updateConfig container.UpdateConfig) error {
-	resp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil)
-	ensureReaderClosed(resp)
-	return err
+func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, updateConfig container.UpdateConfig) (types.ContainerUpdateResponse, error) {
+	var response types.ContainerUpdateResponse
+	serverResp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil)
+	if err != nil {
+		return response, err
+	}
+
+	err = json.NewDecoder(serverResp.body).Decode(&response)
+
+	ensureReaderClosed(serverResp)
+	return response, err
 }

vendor/src/github.com/docker/engine-api/client/interface.go

@@ -56,7 +56,7 @@ type ContainerAPIClient interface {
 	ContainerStop(ctx context.Context, container string, timeout *time.Duration) error
 	ContainerTop(ctx context.Context, container string, arguments []string) (types.ContainerProcessList, error)
 	ContainerUnpause(ctx context.Context, container string) error
-	ContainerUpdate(ctx context.Context, container string, updateConfig container.UpdateConfig) error
+	ContainerUpdate(ctx context.Context, container string, updateConfig container.UpdateConfig) (types.ContainerUpdateResponse, error)
 	ContainerWait(ctx context.Context, container string) (int, error)
 	CopyFromContainer(ctx context.Context, container, srcPath string) (io.ReadCloser, types.ContainerPathStat, error)
 	CopyToContainer(ctx context.Context, container, path string, content io.Reader, options types.CopyToContainerOptions) error

vendor/src/github.com/docker/engine-api/types/configs.go

@@ -49,6 +49,7 @@ type ExecConfig struct {
 	AttachStdout bool     // Attach the standard output
 	Detach       bool     // Execute in detach mode
 	DetachKeys   string   // Escape keys for detach
+	Env          []string // Environment variables
 	Cmd          []string // Execution commands and args
 }
 

vendor/src/github.com/docker/engine-api/types/seccomp.go

@@ -2,12 +2,22 @@ package types
 
 // Seccomp represents the config for a seccomp profile for syscall restriction.
 type Seccomp struct {
-	DefaultAction Action     `json:"defaultAction"`
-	Architectures []Arch     `json:"architectures"`
-	Syscalls      []*Syscall `json:"syscalls"`
+	DefaultAction Action `json:"defaultAction"`
+	// Architectures is kept to maintain backward compatibility with the old
+	// seccomp profile.
+	Architectures []Arch         `json:"architectures,omitempty"`
+	ArchMap       []Architecture `json:"archMap,omitempty"`
+	Syscalls      []*Syscall     `json:"syscalls"`
 }
 
-// Arch used for additional architectures
+// Architecture is used to represent an specific architecture
+// and its sub-architectures
+type Architecture struct {
+	Arch      Arch   `json:"architecture"`
+	SubArches []Arch `json:"subArchitectures"`
+}
+
+// Arch used for architectures
 type Arch string
 
 // Additional architectures permitted to be used for system calls
@@ -65,9 +75,19 @@ type Arg struct {
 	Op       Operator `json:"op"`
 }
 
-// Syscall is used to match a syscall in Seccomp
+// Filter is used to conditionally apply Seccomp rules
+type Filter struct {
+	Caps   []string `json:"caps,omitempty"`
+	Arches []string `json:"arches,omitempty"`
+}
+
+// Syscall is used to match a group of syscalls in Seccomp
 type Syscall struct {
-	Name   string `json:"name"`
-	Action Action `json:"action"`
-	Args   []*Arg `json:"args"`
+	Name     string   `json:"name,omitempty"`
+	Names    []string `json:"names,omitempty"`
+	Action   Action   `json:"action"`
+	Args     []*Arg   `json:"args"`
+	Comment  string   `json:"comment"`
+	Includes Filter   `json:"includes"`
+	Excludes Filter   `json:"excludes"`
 }

vendor/src/github.com/docker/engine-api/types/swarm/network.go

@@ -64,6 +64,7 @@ type NetworkSpec struct {
 	DriverConfiguration *Driver      `json:",omitempty"`
 	IPv6Enabled         bool         `json:",omitempty"`
 	Internal            bool         `json:",omitempty"`
+	Attachable          bool         `json:",omitempty"`
 	IPAMOptions         *IPAMOptions `json:",omitempty"`
 }
 

vendor/src/github.com/docker/engine-api/types/swarm/service.go

@@ -17,9 +17,13 @@ type ServiceSpec struct {
 
 	// TaskTemplate defines how the service should construct new tasks when
 	// orchestrating this service.
-	TaskTemplate TaskSpec                  `json:",omitempty"`
-	Mode         ServiceMode               `json:",omitempty"`
-	UpdateConfig *UpdateConfig             `json:",omitempty"`
+	TaskTemplate TaskSpec      `json:",omitempty"`
+	Mode         ServiceMode   `json:",omitempty"`
+	UpdateConfig *UpdateConfig `json:",omitempty"`
+
+	// Networks field in ServiceSpec is being deprecated. Users of
+	// engine-api should start using the same field in
+	// TaskSpec. This field will be removed in future releases.
 	Networks     []NetworkAttachmentConfig `json:",omitempty"`
 	EndpointSpec *EndpointSpec             `json:",omitempty"`
 }

vendor/src/github.com/docker/engine-api/types/swarm/swarm.go

@@ -54,13 +54,27 @@ type RaftConfig struct {
 	SnapshotInterval           uint64 `json:",omitempty"`
 	KeepOldSnapshots           uint64 `json:",omitempty"`
 	LogEntriesForSlowFollowers uint64 `json:",omitempty"`
-	HeartbeatTick              uint32 `json:",omitempty"`
-	ElectionTick               uint32 `json:",omitempty"`
+
+	// ElectionTick is the number of ticks that a follower will wait for a message
+	// from the leader before becoming a candidate and starting an election.
+	// ElectionTick must be greater than HeartbeatTick.
+	//
+	// A tick currently defaults to one second, so these translate directly to
+	// seconds currently, but this is NOT guaranteed.
+	ElectionTick int
+
+	// HeartbeatTick is the number of ticks between heartbeats. Every
+	// HeartbeatTick ticks, the leader will send a heartbeat to the
+	// followers.
+	//
+	// A tick currently defaults to one second, so these translate directly to
+	// seconds currently, but this is NOT guaranteed.
+	HeartbeatTick int
 }
 
 // DispatcherConfig represents dispatcher configuration.
 type DispatcherConfig struct {
-	HeartbeatPeriod uint64 `json:",omitempty"`
+	HeartbeatPeriod time.Duration `json:",omitempty"`
 }
 
 // CAConfig represents CA configuration.

vendor/src/github.com/docker/engine-api/types/swarm/task.go

@@ -51,10 +51,11 @@ type Task struct {
 
 // TaskSpec represents the spec of a task.
 type TaskSpec struct {
-	ContainerSpec ContainerSpec         `json:",omitempty"`
-	Resources     *ResourceRequirements `json:",omitempty"`
-	RestartPolicy *RestartPolicy        `json:",omitempty"`
-	Placement     *Placement            `json:",omitempty"`
+	ContainerSpec ContainerSpec             `json:",omitempty"`
+	Resources     *ResourceRequirements     `json:",omitempty"`
+	RestartPolicy *RestartPolicy            `json:",omitempty"`
+	Placement     *Placement                `json:",omitempty"`
+	Networks      []NetworkAttachmentConfig `json:",omitempty"`
 
 	// LogDriver specifies the LogDriver to use for tasks created from this
 	// spec. If not present, the one on cluster default on swarm.Spec will be

vendor/src/github.com/docker/engine-api/types/types.go

@@ -456,6 +456,7 @@ type NetworkResource struct {
 	EnableIPv6 bool                        // EnableIPv6 represents whether to enable IPv6
 	IPAM       network.IPAM                // IPAM is the network's IP Address Management
 	Internal   bool                        // Internal represents if the network is used internal only
+	Attachable bool                        // Attachable represents if the global scope is manually attachable by regular containers from workers in swarm mode.
 	Containers map[string]EndpointResource // Containers contains endpoints belonging to the network
 	Options    map[string]string           // Options holds the network specific options to use for when creating the network
 	Labels     map[string]string           // Labels holds metadata specific to the network being created
@@ -475,8 +476,9 @@ type NetworkCreate struct {
 	CheckDuplicate bool
 	Driver         string
 	EnableIPv6     bool
-	IPAM           network.IPAM
+	IPAM           *network.IPAM
 	Internal       bool
+	Attachable     bool
 	Options        map[string]string
 	Labels         map[string]string
 }