0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
moby/docs/reference/commandline
History
Aaron Lehmann a00d12a8dd Generate a swarm joining secret if none is specified 
The current behavior of `docker swarm init` is to set up a swarm that
has no secret for joining, and does not require manual acceptance for
workers. Since workers may sometimes receive sensitive data such as pull
credentials, it makes sense to harden the defaults.

This change makes `docker swarm init` generate a random secret if none
is provided, and print it to the terminal. This secret will be needed to
join workers or managers to the swarm. In addition to improving access
control to the cluster, this setup removes an avenue for
denial-of-service attacks, since the secret is necessary to even create
an entry in the node list.

`docker swarm init --secret ""` will set up a swarm without a secret,
matching the old behavior. `docker swarm update --secret ""` removes the
automatically generated secret after `docker swarm init`.

Closes #23785

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 7342e42fce)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-08 15:33:27 -07:00
..
attach.md Fix a couple of typos in the docs of docker attach 2016-06-06 19:06:50 -07:00
build.md Add powershell example and make linux build example consistent with other examples 2016-05-27 11:49:09 -07:00
cli.md docs: add $ before HOME 2016-03-12 14:11:01 +01:00
commit.md Document valid chars in image name and tag 2016-05-21 19:49:19 +01:00
cp.md update docs/reference/commandline/cp.md 2016-05-24 11:09:38 +00:00
create.md PR 19367 doc change: Mention supported drivers for --storage-opt size option in docker create/run. 2016-06-30 16:47:41 -07:00
diff.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
docker_images.gif retooling for hugo 2015-06-15 13:19:38 -07:00
dockerd.md man: add missing --add-runtime 2016-07-08 15:31:24 -07:00
events.md attach: replace interface with simple type 2016-06-03 16:40:43 -07:00
exec.md Implement configurable detach key 2016-01-03 23:03:39 +01:00
export.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
history.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
images.md Add before and since filter to images 2016-05-25 13:49:10 +02:00
import.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
index.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
info.md Update docker info output example 2016-06-16 23:36:56 -07:00
inspect.md Update help output to match Docker 1.11. 2016-06-18 20:58:25 -07:00
kill.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
load.md Update docker-load documentation 2016-06-08 17:40:37 +02:00
login.md Merge pull request #20970 from dmcgowan/login-oauth 2016-03-14 15:49:44 +01:00
logout.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
logs.md Add support for reading logs extra attrs 2016-05-06 20:42:20 -04:00
menu.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
network_connect.md make cmd short short consistency and change docs 2016-06-30 17:11:29 -07:00
network_create.md Update network_create.md 2016-07-08 15:31:23 -07:00
network_disconnect.md Forced endpoint cleanup 2016-01-13 21:28:52 -08:00
network_inspect.md Include all endpoints in network inspect object 2016-03-13 16:58:53 -07:00
network_ls.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
network_rm.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
node_accept.md no more 'docker node reject' in docs 2016-06-14 14:55:25 -07:00
node_demote.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
node_inspect.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
node_ls.md Change NAME to HOSTNAME in docs for docker node ls 2016-07-08 15:32:22 -07:00
node_promote.md no more 'docker node reject' in docs 2016-06-14 14:55:25 -07:00
node_rm.md CLI docs 2016-06-13 22:17:15 -07:00
node_tasks.md rename desired_state filter to desired-state 2016-07-08 15:31:22 -07:00
node_update.md update output for node commands, minor edits 2016-06-16 23:36:59 -07:00
pause.md Fix up stale links 2016-05-27 00:28:46 +00:00
plugin_disable.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
plugin_enable.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
plugin_inspect.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
plugin_install.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
plugin_ls.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
plugin_rm.md docs: move "advisory" to general metadata 2016-06-16 23:36:55 -07:00
port.md Fix the typo in ps 2016-01-21 04:26:49 +00:00
ps.md add support for filtering by network ID 2016-06-07 16:50:31 +02:00
pull.md Add link to Docker Hub. 2016-06-11 14:31:53 -07:00
push.md Document valid chars in image name and tag 2016-05-21 19:49:19 +01:00
rename.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
restart.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
rm.md Fix some flaws in docs 2016-02-19 09:27:03 +08:00
rmi.md Correct old virtual size 2016-02-02 12:28:33 +00:00
run.md Fix typo 2016-07-08 15:31:24 -07:00
save.md Update 'save' command help 2016-03-22 08:16:52 +01:00
search.md Fix spelling in comments, strings and documentation 2016-07-08 15:31:42 -07:00
service_create.md Use "on-failure" for both containers and services 2016-07-08 15:33:21 -07:00
service_inspect.md make cmd short short consistency and change docs 2016-06-30 17:11:29 -07:00
service_ls.md Add initial "service" docs 2016-06-18 20:58:23 -07:00
service_rm.md Add initial "service" docs 2016-06-18 20:58:23 -07:00
service_scale.md Add initial "service" docs 2016-06-18 20:58:23 -07:00
service_tasks.md rename desired_state filter to desired-state 2016-07-08 15:31:22 -07:00
service_update.md Use "on-failure" for both containers and services 2016-07-08 15:33:21 -07:00
start.md Implement configurable detach key 2016-01-03 23:03:39 +01:00
stats.md Change HumanSize to BytesSize for memory output in docker stats. 2016-04-08 20:01:50 +00:00
stop.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
swarm_init.md Generate a swarm joining secret if none is specified 2016-07-08 15:33:27 -07:00
swarm_join.md Generate a swarm joining secret if none is specified 2016-07-08 15:33:27 -07:00
swarm_leave.md Change NAME to HOSTNAME in docs for docker node ls 2016-07-08 15:32:22 -07:00
swarm_update.md add menu.md, make index.md command line reference, update typos/minor errors in cli docs 2016-07-08 15:31:22 -07:00
tag.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
top.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
unpause.md Fix up stale links 2016-05-27 00:28:46 +00:00
update.md Update RestartPolicy of container 2016-02-20 17:06:32 +08:00
version.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00
volume_create.md [Docs] clarified local volume driver docs 2016-07-08 15:31:22 -07:00
volume_inspect.md make cmd short short consistency and change docs 2016-06-30 17:11:29 -07:00
volume_ls.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
volume_rm.md surfacing Learn by example topics to top level of Docker Engine docs 2016-06-13 13:32:30 -07:00
wait.md remove =false from options that default to false in the docs 2015-12-23 07:11:35 -08:00