0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
moby/docs/reference/commandline
History
Aaron Lehmann 7342e42fce Generate a swarm joining secret if none is specified 
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.

This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.

`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.

Closes #23785

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-07-06 13:04:50 -07:00
..
attach.md Fix a couple of typos in the docs of docker attach 2016-06-06 19:06:50 -07:00
build.md Add powershell example and make linux build example consistent with other examples 2016-05-27 11:49:09 -07:00
cli.md docs: add $ before HOME 2016-03-12 14:11:01 +01:00
commit.md Document valid chars in image name and tag 2016-05-21 19:49:19 +01:00
cp.md update docs/reference/commandline/cp.md 2016-05-24 11:09:38 +00:00
create.md PR 19367 doc change: Mention supported drivers for --storage-opt size option in docker create/run. 2016-06-20 22:27:02 -04:00
diff.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
docker_images.gif retooling for hugo 2015-06-15 13:19:38 -07:00
dockerd.md Merge pull request #24264 from runcom/mandokerd8 2016-07-03 10:13:28 -07:00
events.md attach: replace interface with simple type 2016-06-03 16:40:43 -07:00
exec.md Implement configurable detach key 2016-01-03 23:03:39 +01:00
export.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
history.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
images.md Add before and since filter to images 2016-05-25 13:49:10 +02:00
import.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
index.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-06-30 14:30:11 -07:00
info.md Update docker info output example 2016-06-16 16:29:23 -07:00
inspect.md Update help output to match Docker 1.11. 2016-06-18 13:47:12 -07:00
kill.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
load.md Update docker-load documentation 2016-06-08 17:40:37 +02:00
login.md Merge pull request #20970 from dmcgowan/login-oauth 2016-03-14 15:49:44 +01:00
logout.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
logs.md Add support for reading logs extra attrs 2016-05-06 20:42:20 -04:00
menu.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-06-30 14:30:11 -07:00
network_connect.md make cmd short short consistency and change docs 2016-06-30 21:17:51 +08:00
network_create.md Update network_create.md 2016-07-01 16:16:53 -07:00
network_disconnect.md Forced endpoint cleanup 2016-01-13 21:28:52 -08:00
network_inspect.md Include all endpoints in network inspect object 2016-03-13 16:58:53 -07:00
network_ls.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-06-30 14:30:11 -07:00
network_rm.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
node_accept.md no more 'docker node reject' in docs 2016-06-14 14:55:25 -07:00
node_demote.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-06-30 14:30:11 -07:00
node_inspect.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-06-30 14:30:11 -07:00
node_ls.md add documentation for desired_state filter 2016-06-29 08:27:25 -07:00
node_promote.md no more 'docker node reject' in docs 2016-06-14 14:55:25 -07:00
node_rm.md Add the advisory=rc metadata 2016-06-20 11:54:53 +00:00
node_tasks.md rename desired_state filter to desired-state 2016-06-30 14:49:46 -07:00
node_update.md Add the advisory=rc metadata 2016-06-20 11:54:53 +00:00
pause.md Fix up stale links 2016-05-27 00:28:46 +00:00
plugin_disable.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
plugin_enable.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
plugin_inspect.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
plugin_install.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
plugin_ls.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
plugin_rm.md docs: move "advisory" to general metadata 2016-06-16 11:52:34 -07:00
port.md Fix the typo in ps 2016-01-21 04:26:49 +00:00
ps.md add support for filtering by network ID 2016-06-07 16:50:31 +02:00
pull.md Add link to Docker Hub. 2016-06-11 14:31:53 -07:00
push.md Document valid chars in image name and tag 2016-05-21 19:49:19 +01:00
rename.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
restart.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
rm.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
rmi.md Correct old virtual size 2016-02-02 12:28:33 +00:00
run.md Fix typo 2016-07-03 15:20:27 +02:00
save.md Update 'save' command help 2016-03-22 08:16:52 +01:00
search.md Fix spelling in comments, strings and documentation 2016-07-03 20:58:11 +03:00
service_create.md For the lulz! (evalulate -> evaluate) 2016-06-23 16:26:43 +02:00
service_inspect.md make cmd short short consistency and change docs 2016-06-30 21:17:51 +08:00
service_ls.md Add the advisory=rc metadata 2016-06-20 11:54:53 +00:00
service_rm.md Add the advisory=rc metadata 2016-06-20 11:54:53 +00:00
service_scale.md Add the advisory=rc metadata 2016-06-20 11:54:53 +00:00
service_tasks.md rename desired_state filter to desired-state 2016-06-30 14:49:46 -07:00
service_update.md For the lulz! (evalulate -> evaluate) 2016-06-23 16:26:43 +02:00
start.md Implement configurable detach key 2016-01-03 23:03:39 +01:00
stats.md Change HumanSize to BytesSize for memory output in docker stats. 2016-04-08 20:01:50 +00:00
stop.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
swarm_init.md Generate a swarm joining secret if none is specified 2016-07-06 13:04:50 -07:00
swarm_join.md Generate a swarm joining secret if none is specified 2016-07-06 13:04:50 -07:00
swarm_leave.md Merge pull request #23696 from sfsmithcha/check_swarm_cli 2016-06-20 15:40:06 +02:00
swarm_update.md Merge pull request #24059 from sfsmithcha/fix_cli_ref_menu 2016-07-01 10:00:54 -07:00
tag.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
top.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
unpause.md Fix up stale links 2016-05-27 00:28:46 +00:00
update.md Update RestartPolicy of container 2016-02-20 17:06:32 +08:00
version.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
volume_create.md [Docs] clarified local volume driver docs 2016-06-30 14:15:44 -07:00
volume_inspect.md make cmd short short consistency and change docs 2016-06-30 21:17:51 +08:00
volume_ls.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
volume_rm.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
wait.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00