As discussed on the maintainers mailinglist,
and during a maintainers review session;
We've recently made changes to the Dockerfile
syntax (e.g., `HEALTHCHECK`, `SHELL`), so
mentioning the Dockerfile syntax as a frozen
feature is no longer accurate.
Removing it from frozen features does NOT
automatically state an intent to make big
changes to the syntax; making changes
to the syntax are important decisions and
should never be taken lightly.
This change is just to indicate that we
can *accept* changes if they are meaningful,
and we're confident they can be made.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `--user`/`-u` of the `docker create` is the same as
`docker run`, which could take either `uid` or `uid:gid`
format. However, the description in the man page of `docker create`
is missing and may cause some confusions (comared with `docker run`).
This fix updates the man page of `docker create` so that it is
consistent with the man page of `docker run`.
This fix is related to 25304.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
There were couple issues in the previous version of this Dockerfile
1. [MongoDB manual](https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu/) uses 3.2 repo version as of July'16.
2. Command `# lsb_release -sc` doesn't work out of box, because of `bash: lsb_release: command not found`.
Signed-off-by: Maxim Fedchyshyn <sevmax@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Printing off networks as part of --pretty was missing a newline, causing
the next thing printed to be concatenated onto the end of the line.
Added an empty println after all networks are printed.
Signed-off-by: Drew Erny <drew.erny@docker.com>
this change improves the instructions for
swarm join-token and swarm init;
- only print the join-token command for workers
instead of for both managers and workers, to
prevent users from copying the wrong command.
An extra line is added to explain how to obtain
the manager token.
- print a message that a token was rotated
sucesfully if '--rotate' is used.
- add some extra white-space before / after
the join commands, to make copy/pasting
easier.
this change also does some refactoring of join-token;
- move flagname-constants together with other constants
- use variables for selected role ("worker" / "manager")
to prevent checking for them multiple times, and to
keep the "worker" / "manager" sting centralized
- add an extra blank line after "join-token" instructions
this makes it easier to copy, and cleans up the
code a tiny bit
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Problem Description:
An example scenario that involves deferred removal
1. A new base image gets created (e.g. 'docker load -i'). The base device is activated and
mounted at some point in time during image creation.
2. While image creation is in progress, a privileged container is started
from another image and the host's mount name space is shared with this
container ('docker run --privileged -v /:/host').
3. Image creation completes and the base device gets unmounted. However,
as the privileged container still holds a reference on the base image
mount point, the base device cannot be removed right away. So it gets
flagged for deferred removal.
4. Next, the privileged container terminates and thus its reference to the
base image mount point gets released. The base device (which is flagged
for deferred removal) may now be cleaned up by the device-mapper. This
opens up an opportunity for a race between a 'kworker' thread (executing
the do_deferred_remove() function) and the Docker daemon (executing the
CreateSnapDevice() function).
This PR cancel the deferred removal, if the device is marked for it. And reschedule the
deferred removal later after the device is resumed successfully.
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
In `docker service create/update`, flag `--user` actually supports
`uid:gid` (same as `docker run`). However, this is not reflected
in the help and documentation yet.
This fix updates docs in `docker service create/update` to change
the description to `Username or UID (format: <name|uid>[:<group|gid>])`.
The help message output has also been updated.
This fix is related to 25304.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Fixes: #25073
Update kernel memory on running containers without initialized
is forbidden only on kernel version older than 4.6.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
On daemon restart the local volume driver will read options that it
persisted to disk, however it was reading an incorrect path, causing
volume options to be silently ignored after a daemon restart.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
