Browse code
rootless: update `docker info` docs
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit ca5aab19b482f27629374cdde4df26b5676e39cb)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Akihiro Suda authored on 2019/06/03 19:41:50Showing 3 changed files
| ... | ... |
@@ -3805,7 +3805,7 @@ definitions: |
| 3805 | 3805 |
description: | |
| 3806 | 3806 |
The driver to use for managing cgroups. |
| 3807 | 3807 |
type: "string" |
| 3808 |
- enum: ["cgroupfs", "systemd"] |
|
| 3808 |
+ enum: ["cgroupfs", "systemd", "none"] |
|
| 3809 | 3809 |
default: "cgroupfs" |
| 3810 | 3810 |
example: "cgroupfs" |
| 3811 | 3811 |
NEventsListener: |
| ... | ... |
@@ -4040,7 +4040,7 @@ definitions: |
| 4040 | 4040 |
SecurityOptions: |
| 4041 | 4041 |
description: | |
| 4042 | 4042 |
List of security features that are enabled on the daemon, such as |
| 4043 |
- apparmor, seccomp, SELinux, and user-namespaces (userns). |
|
| 4043 |
+ apparmor, seccomp, SELinux, user-namespaces (userns), and rootless. |
|
| 4044 | 4044 |
|
| 4045 | 4045 |
Additional configuration options for each security feature may |
| 4046 | 4046 |
be present, and are included as a comma-separated list of key/value |
| ... | ... |
@@ -4053,6 +4053,7 @@ definitions: |
| 4053 | 4053 |
- "name=seccomp,profile=default" |
| 4054 | 4054 |
- "name=selinux" |
| 4055 | 4055 |
- "name=userns" |
| 4056 |
+ - "name=rootless" |
|
| 4056 | 4057 |
ProductLicense: |
| 4057 | 4058 |
description: | |
| 4058 | 4059 |
Reports a summary of the product license on the daemon. |
| ... | ... |
@@ -49,6 +49,11 @@ keywords: "API, Docker, rcli, REST, documentation" |
| 49 | 49 |
* `GET /info` now returns information about `DataPathPort` that is currently used in swarm |
| 50 | 50 |
* `GET /info` now returns `PidsLimit` boolean to indicate if the host kernel has |
| 51 | 51 |
PID limit support enabled. |
| 52 |
+* `GET /info` now includes `name=rootless` in `SecurityOptions` when the daemon is running in |
|
| 53 |
+ rootless mode. This change is not versioned, and affects all API versions if the daemon has |
|
| 54 |
+ this patch. |
|
| 55 |
+* `GET /info` now returns `none` as `CgroupDriver` when the daemon is running in rootless mode. |
|
| 56 |
+ This change is not versioned, and affects all API versions if the daemon has this patch. |
|
| 52 | 57 |
* `POST /containers/create` now accepts `DeviceRequests` as part of `HostConfig`. |
| 53 | 58 |
Can be used to set Nvidia GPUs. |
| 54 | 59 |
* `GET /swarm` endpoint now returns DataPathPort info |
| ... | ... |
@@ -64,6 +64,8 @@ Remarks: |
| 64 | 64 |
* The exec dir is set to `$XDG_RUNTIME_DIR/docker` by default. |
| 65 | 65 |
* The daemon config dir is set to `~/.config/docker` (not `~/.docker`, which is used by the client) by default. |
| 66 | 66 |
* The `dockerd-rootless.sh` script executes `dockerd` in its own user, mount, and network namespaces. You can enter the namespaces by running `nsenter -U --preserve-credentials -n -m -t $(cat $XDG_RUNTIME_DIR/docker.pid)`. |
| 67 |
+* `docker info` shows `rootless` in `SecurityOptions` |
|
| 68 |
+* `docker info` shows `none` as `Cgroup Driver` |
|
| 67 | 69 |
|
| 68 | 70 |
### Client |
| 69 | 71 |
|