Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit 94dfa200668a2520d1fbd6a5a540887beebc28df)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
... | ... |
@@ -212,6 +212,76 @@ To manually remove all plugins and resolve this problem, take the following step |
212 | 212 |
- Deprecate MAINTAINER in Dockerfile [#25466](https://github.com/docker/docker/pull/25466) |
213 | 213 |
- Deprecated filter param for endpoint `/images/json` [#27872](https://github.com/docker/docker/pull/27872) |
214 | 214 |
|
215 |
+## 1.12.6 (2017-01-10) |
|
216 |
+ |
|
217 |
+**IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm |
|
218 |
+based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When |
|
219 |
+upgrading from an older version of docker, the upgrade process may not |
|
220 |
+automatically install the updated version of the unit file, or fail to start |
|
221 |
+the docker service if; |
|
222 |
+ |
|
223 |
+- the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or |
|
224 |
+- a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive |
|
225 |
+ |
|
226 |
+Starting the docker service will produce an error: |
|
227 |
+ |
|
228 |
+ Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. |
|
229 |
+ |
|
230 |
+or |
|
231 |
+ |
|
232 |
+ no sockets found via socket activation: make sure the service was started by systemd. |
|
233 |
+ |
|
234 |
+To resolve this: |
|
235 |
+ |
|
236 |
+- Backup the current version of the unit file, and replace the file with the |
|
237 |
+ [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) |
|
238 |
+- Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present |
|
239 |
+- Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). |
|
240 |
+ |
|
241 |
+After making those changes, run `sudo systemctl daemon-reload`, and `sudo |
|
242 |
+systemctl restart docker` to reload changes and (re)start the docker daemon. |
|
243 |
+ |
|
244 |
+**NOTE**: Docker 1.12.5 will correctly validate that either an IPv6 subnet is provided or |
|
245 |
+that the IPAM driver can provide one when you specify the `--ipv6` option. |
|
246 |
+ |
|
247 |
+If you are currently using the `--ipv6` option _without_ specifying the |
|
248 |
+`--fixed-cidr-v6` option, the Docker daemon will refuse to start with the |
|
249 |
+following message: |
|
250 |
+ |
|
251 |
+```none |
|
252 |
+Error starting daemon: Error initializing network controller: Error creating |
|
253 |
+ default "bridge" network: failed to parse pool request |
|
254 |
+ for address space "LocalDefault" pool " subpool ": |
|
255 |
+ could not find an available, non-overlapping IPv6 address |
|
256 |
+ pool among the defaults to assign to the network |
|
257 |
+``` |
|
258 |
+ |
|
259 |
+To resolve this error, either remove the `--ipv6` flag (to preserve the same |
|
260 |
+behavior as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the |
|
261 |
+value of the `--fixed-cidr-v6` flag. |
|
262 |
+ |
|
263 |
+In a similar way, if you specify the `--ipv6` flag when creating a network |
|
264 |
+with the default IPAM driver, without providing an IPv6 `--subnet`, network |
|
265 |
+creation will fail with the following message: |
|
266 |
+ |
|
267 |
+```none |
|
268 |
+Error response from daemon: failed to parse pool request for address space |
|
269 |
+ "LocalDefault" pool "" subpool "": could not find an |
|
270 |
+ available, non-overlapping IPv6 address pool among |
|
271 |
+ the defaults to assign to the network |
|
272 |
+``` |
|
273 |
+ |
|
274 |
+To resolve this, either remove the `--ipv6` flag (to preserve the same behavior |
|
275 |
+as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the value of the |
|
276 |
+`--subnet` flag. |
|
277 |
+ |
|
278 |
+The network network creation will instead succeed if you use an external IPAM driver |
|
279 |
+which supports automatic allocation of IPv6 subnets. |
|
280 |
+ |
|
281 |
+### Runtime |
|
282 |
+ |
|
283 |
+- Fix runC privilege escalation (CVE-2016-9962) |
|
284 |
+ |
|
215 | 285 |
## 1.12.5 (2016-12-15) |
216 | 286 |
|
217 | 287 |
**IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm |