github.com/boynux/docker@v1.11.0-rc4/CHANGELOG.md (about) 1 # Changelog 2 3 Items starting with `DEPRECATE` are important deprecation notices. For more 4 information on the list of deprecated flags and APIs please have a look at 5 https://docs.docker.com/engine/deprecated/ where target removal dates can also 6 be found. 7 8 ## 1.11.0 (2016-04-12) 9 10 **IMPORTANT**: With Docker 1.11, a Linux docker installation is now made of 4 binaries (`docker`, [`docker-containerd`](https://github.com/docker/containerd), [`docker-containerd-shim`](https://github.com/docker/containerd) and [`docker-runc`](https://github.com/opencontainers/runc)). If you have scripts relying on docker being a single static binaries, please make sure to update them. Interaction with the daemon stay the same otherwise, the usage of the other binaries should be transparent. A Windows docker installation remains a single binary, `docker.exe`. 11 12 ### Builder 13 14 - Fix docker not sending credentials during build if content trust is enabled ([#21693](https://github.com/docker/docker/pull/21693)) 15 - Fix a bug where Docker would not used the correct uid/gid when processing the `WORKDIR` command ([#21033](https://github.com/docker/docker/pull/21033)) 16 - Fix a bug where copy operations with userns would not use the proper uid/gid ([#20782](https://github.com/docker/docker/pull/20782), [#21162](https://github.com/docker/docker/pull/21162)) 17 18 ### Client 19 20 * Usage of the `:` separator for security option has been deprecated. `=` should be used instead ([#21232](https://github.com/docker/docker/pull/21232)) 21 + The client user agent is now passed to the registry on `pull`, `build`, `push`, `login` and `search` operations ([#21306](https://github.com/docker/docker/pull/21306), [#21373](https://github.com/docker/docker/pull/21373)) 22 * Allow setting the Domainname and Hostname separately through the API ([#20200](https://github.com/docker/docker/pull/20200)) 23 * Docker info will now warn users if it can not detect the kernel version or the operating system ([#21128](https://github.com/docker/docker/pull/21128)) 24 - Fix an issue where `docker stats --no-stream` output could be all 0s ([#20803](https://github.com/docker/docker/pull/20803)) 25 - Fix a bug where some newly started container would not appear in a running `docker stats` command ([#20792](https://github.com/docker/docker/pull/20792)) 26 * Post processing is no longer enabled for linux-cgo terminals ([#20587](https://github.com/docker/docker/pull/20587)) 27 - Values to `--hostname` are now refused if they do not comply with [RFC1123](https://tools.ietf.org/html/rfc1123) ([#20566](https://github.com/docker/docker/pull/20566)) 28 + Docker learned how to use a SOCKS proxy ([#20366](https://github.com/docker/docker/pull/20366), [#18373](https://github.com/docker/docker/pull/18373)) 29 + Docker now supports external credential stores ([#20107](https://github.com/docker/docker/pull/20107)) 30 * `docker ps` now supports displaying the list of volumes mounted inside a container ([#20017](https://github.com/docker/docker/pull/20017)) 31 * `docker info` now also report Docker's root directory location ([#19986](https://github.com/docker/docker/pull/19986)) 32 - Docker now prohibits login in with an empty username (spaces are trimmed) ([#19806](https://github.com/docker/docker/pull/19806)) 33 * Docker events attributes are now sorted by key ([#19761](https://github.com/docker/docker/pull/19761)) 34 * `docker ps` no longer show exported port for stopped containers ([#19483](https://github.com/docker/docker/pull/19483)) 35 - Docker now cleans after itself if a save/export command fails ([#17849](https://github.com/docker/docker/pull/17849)) 36 * Docker load learned how to display a progress bar ([#17329](https://github.com/docker/docker/pull/17329), [#120078](https://github.com/docker/docker/pull/20078)) 37 38 ### Distribution 39 40 - Fix the download manager closing the tempfile twice ([#21676](https://github.com/docker/docker/pull/21676)) 41 - Fix a panic that occurred when pulling an images with 0 layers ([#21222](https://github.com/docker/docker/pull/21222)) 42 - Fix a panic that could occur on error while pushing to a registry with a misconfigured token service ([#21212](https://github.com/docker/docker/pull/21212)) 43 + All first-level delegation roles are now signed when doing a trusted push ([#21046](https://github.com/docker/docker/pull/21046)) 44 + OAuth support for registries was added ([#20970](https://github.com/docker/docker/pull/20970)) 45 * `docker login` now handles token using the implementation found in [docker/distribution](https://github.com/docker/distribution) ([#20832](https://github.com/docker/docker/pull/20832)) 46 * `docker login` will no longer prompt for an email ([#20565](https://github.com/docker/docker/pull/20565)) 47 * Docker will now fallback to registry V1 if no basic auth credentials are available ([#20241](https://github.com/docker/docker/pull/20241)) 48 * Docker will now try to resume layer download where it left off after a network error/timeout ([#19840](https://github.com/docker/docker/pull/19840)) 49 - Fix generated manifest mediaType when pushing cross-repository ([#19509](https://github.com/docker/docker/pull/19509)) 50 51 ### Logging 52 53 - Fix a race in the journald log driver ([#21311](https://github.com/docker/docker/pull/21311)) 54 * Docker syslog driver now uses the RFC-5424 format when emitting logs ([#20121](https://github.com/docker/docker/pull/20121)) 55 * Docker GELF log driver now allows to specify the compression algorithm and level via the `gelf-compression-type` and `gelf-compression-level` options ([#19831](https://github.com/docker/docker/pull/19831)) 56 * Docker daemon learned to output uncolorized logs via the `--raw-logs` options ([#19794](https://github.com/docker/docker/pull/19794)) 57 + Docker, on Windows platform, now includes an ETW (Event Tracing in Windows) logging driver named `etwlogs` ([#19689](https://github.com/docker/docker/pull/19689)) 58 * Journald log driver learned how to handle tags ([#19564](https://github.com/docker/docker/pull/19564)) 59 + The fluentd log driver learned the following options: `fluentd-address`, `fluentd-buffer-limit`, `fluentd-retry-wait`, `fluentd-max-retries` and `fluentd-async-connect` ([#19439](https://github.com/docker/docker/pull/19439)) 60 + Docker learned to send log to Google Cloud via the new `gcplogs` logging driver. ([#18766](https://github.com/docker/docker/pull/18766)) 61 62 63 ### Misc 64 65 + When saving linked images together with `docker save` a subsequent `docker load` will correctly restore their parent/child relationship ([#21385](https://github.com/docker/docker/pull/c)) 66 + Support for building the Docker cli for OpenBSD was added ([#21325](https://github.com/docker/docker/pull/21325)) 67 + Labels can now be applied at network, volume and image creation ([#21270](https://github.com/docker/docker/pull/21270)) 68 * The `dockremap` is now created as a system user ([#21266](https://github.com/docker/docker/pull/21266)) 69 - Fix a few response body leaks ([#21258](https://github.com/docker/docker/pull/21258)) 70 - Docker, when run as a service with systemd, will now properly manage its processes cgroups ([#20633](https://github.com/docker/docker/pull/20633)) 71 * Docker info now reports the value of cgroup KernelMemory or emits a warning if it is not supported ([#20863](https://github.com/docker/docker/pull/20863)) 72 * Docker info now also reports the cgroup driver in use ([#20388](https://github.com/docker/docker/pull/20388)) 73 * Docker completion is now available on PowerShell ([#19894](https://github.com/docker/docker/pull/19894)) 74 * `dockerinit` is no more ([#19490](https://github.com/docker/docker/pull/19490),[#19851](https://github.com/docker/docker/pull/19851)) 75 + Support for building Docker on arm64 was added ([#19013](https://github.com/docker/docker/pull/19013)) 76 + Experimental support for building docker.exe in a native Windows Docker installation ([#18348](https://github.com/docker/docker/pull/18348)) 77 78 ### Networking 79 80 - Fix panic if a node is forcibly removed from the cluster ([#21671](https://github.com/docker/docker/pull/21671)) 81 - Fix "error creating vxlan interface" when starting a container in a Swarm cluster ([#21671](https://github.com/docker/docker/pull/21671)) 82 - Fix `host` and `none` networks to disappear until restart when SIGHUP is used to reload cluster configuration ([#21671](https://github.com/docker/docker/pull/21671)) 83 - Fix a bug where IPv6 addresses were not properly handled ([#20842](https://github.com/docker/docker/pull/20842)) 84 * `docker network inspect` will now report all endpoints whether they have an active container or not ([#21160](https://github.com/docker/docker/pull/21160)) 85 + Experimental support for the MacVlan and IPVlan network drivers have been added ([#21122](https://github.com/docker/docker/pull/21122)) 86 * Output of `docker network ls` is now sorted by network name ([#20383](https://github.com/docker/docker/pull/20383)) 87 - Fix a bug where Docker would allow a network to be created with the reserved `default` name ([#19431](https://github.com/docker/docker/pull/19431)) 88 * `docker network inspect` now returns whether a network is internal or not ([#19357](https://github.com/docker/docker/pull/19357)) 89 + Control IPv6 via explicit option when creating a network (`docker network create --ipv6`). This shows up as a new `EnableIPv6` field in `docker network inspect` ([#17513](https://github.com/docker/docker/pull/17513)) 90 * Support for AAAA Records (aka IPv6 Service Discovery) in embedded DNS Server [#21396](https://github.com/docker/docker/pull/21396) 91 * Multiple A/AAAA records from embedded DNS Server for DNS Round robin [#21019](https://github.com/docker/docker/pull/21019) 92 93 ### Plugins 94 95 - Fix a file descriptor leak that would occur every time plugins were enumerated ([#20686](https://github.com/docker/docker/pull/20686)) 96 - Fix an issue where Authz plugin would corrupt the payload body when faced with a large amount of data ([#20602](https://github.com/docker/docker/pull/20602)) 97 98 ### Runtime 99 100 - Fix a panic that could occur when cleanup after a container started with invalid parameters ([#21716](https://github.com/docker/docker/pull/21716)) 101 - Fix a race with event timers stopping early ([#21692](https://github.com/docker/docker/pull/21692)) 102 - Fix race conditions in the layer store, potentially corrupting the map and crashing the process ([#21677](https://github.com/docker/docker/pull/21677)) 103 - Un-deprecate auto-creation of host directories for mounts. This feature was marked deprecated in ([#21666](https://github.com/docker/docker/pull/21666)) 104 Docker 1.9, but was decided to be too much of an backward-incompatible change, so it was decided to keep the feature. 105 - Fix an issue where parallel aufs mount calls produce invalid argument error ([#21552](https://github.com/docker/docker/pull/21552)) 106 + It is now possible for containers to share the NET and IPC namespaces when `userns` is enabled ([#21383](https://github.com/docker/docker/pull/21383)) 107 + `docker inspect <image-id>` will now expose the rootfs layers ([#21370](https://github.com/docker/docker/pull/21370)) 108 + Docker Windows gained a minimal `top` implementation ([#21354](https://github.com/docker/docker/pull/21354)) 109 * Docker learned to report the faulty exe when a container cannot be started due to its condition ([#21345](https://github.com/docker/docker/pull/21345)) 110 * Docker with device mapper will now refuse to run if `udev sync` is not available ([#21097](https://github.com/docker/docker/pull/21097)) 111 - Fix a bug where Docker would not validate the config file upon configuration reload ([#21089](https://github.com/docker/docker/pull/21089)) 112 - Fix a hang that would happen on attach if initial start was to fail ([#21048](https://github.com/docker/docker/pull/21048)) 113 - Fix an issue where registry service options in the daemon configuration file were not properly taken into account ([#21045](https://github.com/docker/docker/pull/21045)) 114 - Fix a race between the exec and resize operations ([#21022](https://github.com/docker/docker/pull/21022)) 115 - Fix an issue where nanoseconds were not correctly taken in account when filtering Docker events ([#21013](https://github.com/docker/docker/pull/21013)) 116 - Fix the handling of Docker command when passed a 64 bytes id ([#21002](https://github.com/docker/docker/pull/21002)) 117 * Docker will now return a `204` (i.e http.StatusNoContent) code when it successfully deleted a network ([#20977](https://github.com/docker/docker/pull/20977)) 118 - Fix a bug where the daemon would wait indefinitely in case the process it was about to killed had already exited on its own ([#20967](https://github.com/docker/docker/pull/20967) 119 * The devmapper driver learned the `dm.min_free_space` option. If the mapped device free space reaches the passed value, new device creation will be prohibited. ([#20786](https://github.com/docker/docker/pull/20786)) 120 + Docker can now prevent processes in container to gain new privileges via the `--security-opt=no-new-privileges` flag ([#20727](https://github.com/docker/docker/pull/20727)) 121 - Starting a container with the `--device` option will now correctly resolves symlinks ([#20684](https://github.com/docker/docker/pull/20684)) 122 + Docker now relies on [`containerd`](https://github.com/docker/containerd) and [`runc`](https://github.com/opencontainers/runc) to spawn containers. ([#20662](https://github.com/docker/docker/pull/20662)) 123 - Fix docker configuration reloading to only alter value present in the given config file ([#20604](https://github.com/docker/docker/pull/20604)) 124 + Docker now allows setting a container hostname via the `--hostname` flag when `--net=host` ([#20177](https://github.com/docker/docker/pull/20177)) 125 + Docker now allows executing privileged container while running with `--userns-remap` if both `--privileged` and the new `--userns=host` flag are specified ([#20111](https://github.com/docker/docker/pull/20111)) 126 - Fix Docker not cleaning up correctly old containers upon restarting after a crash ([#19679](https://github.com/docker/docker/pull/19679)) 127 * Docker will now error out if it doesn't recognize a configuration key within the config file ([#19517](https://github.com/docker/docker/pull/19517)) 128 - Fix container loading, on daemon startup, when they depends on a plugin running within a container ([#19500](https://github.com/docker/docker/pull/19500)) 129 * `docker update` learned how to change a container restart policy ([#19116](https://github.com/docker/docker/pull/19116)) 130 * `docker inspect` now also returns a new `State` field containing the container state in a human readable way (i.e. one of `created`, `restarting`, `running`, `paused`, `exited` or `dead`)([#18966](https://github.com/docker/docker/pull/18966)) 131 + Docker learned to limit the number of active pids (i.e. processes) within the container via the `pids-limit` flags. NOTE: This requires `CGROUP_PIDS=y` to be in the kernel configuration. ([#18697](https://github.com/docker/docker/pull/18697)) 132 - `docker load` now has a `--quiet` option to suppress the load output ([#20078](https://github.com/docker/docker/pull/20078)) 133 134 ### Security 135 136 * Object with the `pcp_pmcd_t` selinux type were given management access to `/var/lib/docker(/.*)?` ([#21370](https://github.com/docker/docker/pull/21370)) 137 * `restart_syscall`, `copy_file_range`, `mlock2` joined the list of allowed calls in the default seccomp profile ([#21117](https://github.com/docker/docker/pull/21117), [#21262](https://github.com/docker/docker/pull/21262)) 138 * `send`, `recv` and `x32` were added to the list of allowed syscalls and arch in the default seccomp profile ([#19432](https://github.com/docker/docker/pull/19432)) 139 140 ### Volumes 141 142 * Output of `docker volume ls` is now sorted by volume name ([#20389](https://github.com/docker/docker/pull/20389)) 143 * Local volumes can now accepts options similar to the unix `mount` tool ([#20262](https://github.com/docker/docker/pull/20262)) 144 - Fix an issue where one letter directory name could not be used as source for volumes ([#21106](https://github.com/docker/docker/pull/21106)) 145 + `docker run -v` now accepts a new flag `nocopy`. This tell the runtime not to copy the container path content into the volume (which is the default behavior) ([#21223](https://github.com/docker/docker/pull/21223)) 146 147 ## 1.10.3 (2016-03-10) 148 149 ### Runtime 150 151 - Fix Docker client exiting with an "Unrecognized input header" error [#20706](https://github.com/docker/docker/pull/20706) 152 - Fix Docker exiting if Exec is started with both `AttachStdin` and `Detach` [#20647](https://github.com/docker/docker/pull/20647) 153 154 ### Distribution 155 156 - Fix a crash when pushing multiple images sharing the same layers to the same repository in parallel [#20831](https://github.com/docker/docker/pull/20831) 157 - Fix a panic when pushing images to a registry which uses a misconfigured token service [#21030](https://github.com/docker/docker/pull/21030) 158 159 ### Plugin system 160 161 - Fix issue preventing volume plugins to start when SELinux is enabled [#20834](https://github.com/docker/docker/pull/20834) 162 - Prevent Docker from exiting if a volume plugin returns a null response for Get requests [#20682](https://github.com/docker/docker/pull/20682) 163 - Fix plugin system leaking file descriptors if a plugin has an error [#20680](https://github.com/docker/docker/pull/20680) 164 165 ### Security 166 167 - Fix linux32 emulation to fail during docker build [#20672](https://github.com/docker/docker/pull/20672) 168 It was due to the `personality` syscall being blocked by the default seccomp profile. 169 - Fix Oracle XE 10g failing to start in a container [#20981](https://github.com/docker/docker/pull/20981) 170 It was due to the `ipc` syscall being blocked by the default seccomp profile. 171 - Fix user namespaces not working on Linux From Scratch [#20685](https://github.com/docker/docker/pull/20685) 172 - Fix issue preventing daemon to start if userns is enabled and the `subuid` or `subgid` files contain comments [#20725](https://github.com/docker/docker/pull/20725) 173 174 ## 1.10.2 (2016-02-22) 175 176 ### Runtime 177 178 - Prevent systemd from deleting containers' cgroups when its configuration is reloaded [#20518](https://github.com/docker/docker/pull/20518) 179 - Fix SELinux issues by disregarding `--read-only` when mounting `/dev/mqueue` [#20333](https://github.com/docker/docker/pull/20333) 180 - Fix chown permissions used during `docker cp` when userns is used [#20446](https://github.com/docker/docker/pull/20446) 181 - Fix configuration loading issue with all booleans defaulting to `true` [#20471](https://github.com/docker/docker/pull/20471) 182 - Fix occasional panic with `docker logs -f` [#20522](https://github.com/docker/docker/pull/20522) 183 184 ### Distribution 185 186 - Keep layer reference if deletion failed to avoid a badly inconsistent state [#20513](https://github.com/docker/docker/pull/20513) 187 - Handle gracefully a corner case when canceling migration [#20372](https://github.com/docker/docker/pull/20372) 188 - Fix docker import on compressed data [#20367](https://github.com/docker/docker/pull/20367) 189 - Fix tar-split files corruption during migration that later cause docker push and docker save to fail [#20458](https://github.com/docker/docker/pull/20458) 190 191 ### Networking 192 193 - Fix daemon crash if embedded DNS is sent garbage [#20510](https://github.com/docker/docker/pull/20510) 194 195 ### Volumes 196 197 - Fix issue with multiple volume references with same name [#20381](https://github.com/docker/docker/pull/20381) 198 199 ### Security 200 201 - Fix potential cache corruption and delegation conflict issues [#20523](https://github.com/docker/docker/pull/20523) 202 203 ## 1.10.1 (2016-02-11) 204 205 ### Runtime 206 207 * Do not stop daemon on migration hard failure [#20156](https://github.com/docker/docker/pull/20156) 208 - Fix various issues with migration to content-addressable images [#20058](https://github.com/docker/docker/pull/20058) 209 - Fix ZFS permission bug with user namespaces [#20045](https://github.com/docker/docker/pull/20045) 210 - Do not leak /dev/mqueue from the host to all containers, keep it container-specific [#19876](https://github.com/docker/docker/pull/19876) [#20133](https://github.com/docker/docker/pull/20133) 211 - Fix `docker ps --filter before=...` to not show stopped containers without providing `-a` flag [#20135](https://github.com/docker/docker/pull/20135) 212 213 ### Security 214 215 - Fix issue preventing docker events to work properly with authorization plugin [#20002](https://github.com/docker/docker/pull/20002) 216 217 ### Distribution 218 219 * Add additional verifications and prevent from uploading invalid data to registries [#20164](https://github.com/docker/docker/pull/20164) 220 - Fix regression preventing uppercase characters in image reference hostname [#20175](https://github.com/docker/docker/pull/20175) 221 222 ### Networking 223 224 - Fix embedded DNS for user-defined networks in the presence of firewalld [#20060](https://github.com/docker/docker/pull/20060) 225 - Fix issue where removing a network during shutdown left Docker inoperable [#20181](https://github.com/docker/docker/issues/20181) [#20235](https://github.com/docker/docker/issues/20235) 226 - Embedded DNS is now able to return compressed results [#20181](https://github.com/docker/docker/issues/20181) 227 - Fix port-mapping issue with `userland-proxy=false` [#20181](https://github.com/docker/docker/issues/20181) 228 229 ### Logging 230 231 - Fix bug where tcp+tls protocol would be rejected [#20109](https://github.com/docker/docker/pull/20109) 232 233 ### Volumes 234 235 - Fix issue whereby older volume drivers would not receive volume options [#19983](https://github.com/docker/docker/pull/19983) 236 237 ### Misc 238 239 - Remove TasksMax from Docker systemd service [#20167](https://github.com/docker/docker/pull/20167) 240 241 ## 1.10.0 (2016-02-04) 242 243 **IMPORTANT**: Docker 1.10 uses a new content-addressable storage for images and layers. 244 A migration is performed the first time docker is run, and can take a significant amount of time depending on the number of images present. 245 Refer to this page on the wiki for more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration 246 We also released a cool migration utility that enables you to perform the migration before updating to reduce downtime. 247 Engine 1.10 migrator can be found on Docker Hub: https://hub.docker.com/r/docker/v1.10-migrator/ 248 249 ### Runtime 250 251 + New `docker update` command that allows updating resource constraints on running containers [#15078](https://github.com/docker/docker/pull/15078) 252 + Add `--tmpfs` flag to `docker run` to create a tmpfs mount in a container [#13587](https://github.com/docker/docker/pull/13587) 253 + Add `--format` flag to `docker images` command [#17692](https://github.com/docker/docker/pull/17692) 254 + Allow to set daemon configuration in a file and hot-reload it with the `SIGHUP` signal [#18587](https://github.com/docker/docker/pull/18587) 255 + Updated docker events to include more meta-data and event types [#18888](https://github.com/docker/docker/pull/18888) 256 This change is backward compatible in the API, but not on the CLI. 257 + Add `--blkio-weight-device` flag to `docker run` [#13959](https://github.com/docker/docker/pull/13959) 258 + Add `--device-read-bps` and `--device-write-bps` flags to `docker run` [#14466](https://github.com/docker/docker/pull/14466) 259 + Add `--device-read-iops` and `--device-write-iops` flags to `docker run` [#15879](https://github.com/docker/docker/pull/15879) 260 + Add `--oom-score-adj` flag to `docker run` [#16277](https://github.com/docker/docker/pull/16277) 261 + Add `--detach-keys` flag to `attach`, `run`, `start` and `exec` commands to override the default key sequence that detaches from a container [#15666](https://github.com/docker/docker/pull/15666) 262 + Add `--shm-size` flag to `run`, `create` and `build` to set the size of `/dev/shm` [#16168](https://github.com/docker/docker/pull/16168) 263 + Show the number of running, stopped, and paused containers in `docker info` [#19249](https://github.com/docker/docker/pull/19249) 264 + Show the `OSType` and `Architecture` in `docker info` [#17478](https://github.com/docker/docker/pull/17478) 265 + Add `--cgroup-parent` flag on `daemon` to set cgroup parent for all containers [#19062](https://github.com/docker/docker/pull/19062) 266 + Add `-L` flag to docker cp to follow symlinks [#16613](https://github.com/docker/docker/pull/16613) 267 + New `status=dead` filter for `docker ps` [#17908](https://github.com/docker/docker/pull/17908) 268 * Change `docker run` exit codes to distinguish between runtime and application errors [#14012](https://github.com/docker/docker/pull/14012) 269 * Enhance `docker events --since` and `--until` to support nanoseconds and timezones [#17495](https://github.com/docker/docker/pull/17495) 270 * Add `--all`/`-a` flag to `stats` to include both running and stopped containers [#16742](https://github.com/docker/docker/pull/16742) 271 * Change the default cgroup-driver to `cgroupfs` [#17704](https://github.com/docker/docker/pull/17704) 272 * Emit a "tag" event when tagging an image with `build -t` [#17115](https://github.com/docker/docker/pull/17115) 273 * Best effort for linked containers' start order when starting the daemon [#18208](https://github.com/docker/docker/pull/18208) 274 * Add ability to add multiple tags on `build` [#15780](https://github.com/docker/docker/pull/15780) 275 * Permit `OPTIONS` request against any url, thus fixing issue with CORS [#19569](https://github.com/docker/docker/pull/19569) 276 - Fix the `--quiet` flag on `docker build` to actually be quiet [#17428](https://github.com/docker/docker/pull/17428) 277 - Fix `docker images --filter dangling=false` to now show all non-dangling images [#19326](https://github.com/docker/docker/pull/19326) 278 - Fix race condition causing autorestart turning off on restart [#17629](https://github.com/docker/docker/pull/17629) 279 - Recognize GPFS filesystems [#19216](https://github.com/docker/docker/pull/19216) 280 - Fix obscure bug preventing to start containers [#19751](https://github.com/docker/docker/pull/19751) 281 - Forbid `exec` during container restart [#19722](https://github.com/docker/docker/pull/19722) 282 - devicemapper: Increasing `--storage-opt dm.basesize` will now increase the base device size on daemon restart [#19123](https://github.com/docker/docker/pull/19123) 283 284 ### Security 285 286 + Add `--userns-remap` flag to `daemon` to support user namespaces (previously in experimental) [#19187](https://github.com/docker/docker/pull/19187) 287 + Add support for custom seccomp profiles in `--security-opt` [#17989](https://github.com/docker/docker/pull/17989) 288 + Add default seccomp profile [#18780](https://github.com/docker/docker/pull/18780) 289 + Add `--authorization-plugin` flag to `daemon` to customize ACLs [#15365](https://github.com/docker/docker/pull/15365) 290 + Docker Content Trust now supports the ability to read and write user delegations [#18887](https://github.com/docker/docker/pull/18887) 291 This is an optional, opt-in feature that requires the explicit use of the Notary command-line utility in order to be enabled. 292 Enabling delegation support in a specific repository will break the ability of Docker 1.9 and 1.8 to pull from that repository, if content trust is enabled. 293 * Allow SELinux to run in a container when using the BTRFS storage driver [#16452](https://github.com/docker/docker/pull/16452) 294 295 ### Distribution 296 297 * Use content-addressable storage for images and layers [#17924](https://github.com/docker/docker/pull/17924) 298 Note that a migration is performed the first time docker is run; it can take a significant amount of time depending on the number of images and containers present. 299 Images no longer depend on the parent chain but contain a list of layer references. 300 `docker load`/`docker save` tarballs now also contain content-addressable image configurations. 301 For more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration 302 * Add support for the new [manifest format ("schema2")](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md) [#18785](https://github.com/docker/docker/pull/18785) 303 * Lots of improvements for push and pull: performance++, retries on failed downloads, cancelling on client disconnect [#18353](https://github.com/docker/docker/pull/18353), [#18418](https://github.com/docker/docker/pull/18418), [#19109](https://github.com/docker/docker/pull/19109), [#18353](https://github.com/docker/docker/pull/18353) 304 * Limit v1 protocol fallbacks [#18590](https://github.com/docker/docker/pull/18590) 305 - Fix issue where docker could hang indefinitely waiting for a nonexistent process to pull an image [#19743](https://github.com/docker/docker/pull/19743) 306 307 ### Networking 308 309 + Use DNS-based discovery instead of `/etc/hosts` [#19198](https://github.com/docker/docker/pull/19198) 310 + Support for network-scoped alias using `--net-alias` on `run` and `--alias` on `network connect` [#19242](https://github.com/docker/docker/pull/19242) 311 + Add `--ip` and `--ip6` on `run` and `network connect` to support custom IP addresses for a container in a network [#19001](https://github.com/docker/docker/pull/19001) 312 + Add `--ipam-opt` to `network create` for passing custom IPAM options [#17316](https://github.com/docker/docker/pull/17316) 313 + Add `--internal` flag to `network create` to restrict external access to and from the network [#19276](https://github.com/docker/docker/pull/19276) 314 + Add `kv.path` option to `--cluster-store-opt` [#19167](https://github.com/docker/docker/pull/19167) 315 + Add `discovery.heartbeat` and `discovery.ttl` options to `--cluster-store-opt` to configure discovery TTL and heartbeat timer [#18204](https://github.com/docker/docker/pull/18204) 316 + Add `--format` flag to `network inspect` [#17481](https://github.com/docker/docker/pull/17481) 317 + Add `--link` to `network connect` to provide a container-local alias [#19229](https://github.com/docker/docker/pull/19229) 318 + Support for Capability exchange with remote IPAM plugins [#18775](https://github.com/docker/docker/pull/18775) 319 + Add `--force` to `network disconnect` to force container to be disconnected from network [#19317](https://github.com/docker/docker/pull/19317) 320 * Support for multi-host networking using built-in overlay driver for all engine supported kernels: 3.10+ [#18775](https://github.com/docker/docker/pull/18775) 321 * `--link` is now supported on `docker run` for containers in user-defined network [#19229](https://github.com/docker/docker/pull/19229) 322 * Enhance `docker network rm` to allow removing multiple networks [#17489](https://github.com/docker/docker/pull/17489) 323 * Include container names in `network inspect` [#17615](https://github.com/docker/docker/pull/17615) 324 * Include auto-generated subnets for user-defined networks in `network inspect` [#17316](https://github.com/docker/docker/pull/17316) 325 * Add `--filter` flag to `network ls` to hide predefined networks [#17782](https://github.com/docker/docker/pull/17782) 326 * Add support for network connect/disconnect to stopped containers [#18906](https://github.com/docker/docker/pull/18906) 327 * Add network ID to container inspect [#19323](https://github.com/docker/docker/pull/19323) 328 - Fix MTU issue where Docker would not start with two or more default routes [#18108](https://github.com/docker/docker/pull/18108) 329 - Fix duplicate IP address for containers [#18106](https://github.com/docker/docker/pull/18106) 330 - Fix issue preventing sometimes docker from creating the bridge network [#19338](https://github.com/docker/docker/pull/19338) 331 - Do not substitute 127.0.0.1 name server when using `--net=host` [#19573](https://github.com/docker/docker/pull/19573) 332 333 ### Logging 334 335 + New logging driver for Splunk [#16488](https://github.com/docker/docker/pull/16488) 336 + Add support for syslog over TCP+TLS [#18998](https://github.com/docker/docker/pull/18998) 337 * Enhance `docker logs --since` and `--until` to support nanoseconds and time [#17495](https://github.com/docker/docker/pull/17495) 338 * Enhance AWS logs to auto-detect region [#16640](https://github.com/docker/docker/pull/16640) 339 340 ### Volumes 341 342 + Add support to set the mount propagation mode for a volume [#17034](https://github.com/docker/docker/pull/17034) 343 * Add `ls` and `inspect` endpoints to volume plugin API [#16534](https://github.com/docker/docker/pull/16534) 344 Existing plugins need to make use of these new APIs to satisfy users' expectation 345 For that, please use the new MIME type `application/vnd.docker.plugins.v1.2+json` [#19549](https://github.com/docker/docker/pull/19549) 346 - Fix data not being copied to named volumes [#19175](https://github.com/docker/docker/pull/19175) 347 - Fix issues preventing volume drivers from being containerized [#19500](https://github.com/docker/docker/pull/19500) 348 - Fix `docker volumes ls --dangling=false` to now show all non-dangling volumes [#19671](https://github.com/docker/docker/pull/19671) 349 - Do not remove named volumes on container removal [#19568](https://github.com/docker/docker/pull/19568) 350 - Allow external volume drivers to host anonymous volumes [#19190](https://github.com/docker/docker/pull/19190) 351 352 ### Builder 353 354 + Add support for `**` in `.dockerignore` to wildcard multiple levels of directories [#17090](https://github.com/docker/docker/pull/17090) 355 - Fix handling of UTF-8 characters in Dockerfiles [#17055](https://github.com/docker/docker/pull/17055) 356 - Fix permissions problem when reading from STDIN [#19283](https://github.com/docker/docker/pull/19283) 357 358 ### Client 359 360 + Add support for overriding the API version to use via an `DOCKER_API_VERSION` environment-variable [#15964](https://github.com/docker/docker/pull/15964) 361 - Fix a bug preventing Windows clients to log in to Docker Hub [#19891](https://github.com/docker/docker/pull/19891) 362 363 ### Misc 364 365 * systemd: Set TasksMax in addition to LimitNPROC in systemd service file [#19391](https://github.com/docker/docker/pull/19391) 366 367 ### Deprecations 368 369 * Remove LXC support. The LXC driver was deprecated in Docker 1.8, and has now been removed [#17700](https://github.com/docker/docker/pull/17700) 370 * Remove `--exec-driver` daemon flag, because it is no longer in use [#17700](https://github.com/docker/docker/pull/17700) 371 * Remove old deprecated single-dashed long CLI flags (such as `-rm`; use `--rm` instead) [#17724](https://github.com/docker/docker/pull/17724) 372 * Deprecate HostConfig at API container start [#17799](https://github.com/docker/docker/pull/17799) 373 * Deprecate docker packages for newly EOL'd Linux distributions: Fedora 21 and Ubuntu 15.04 (Vivid) [#18794](https://github.com/docker/docker/pull/18794), [#18809](https://github.com/docker/docker/pull/18809) 374 * Deprecate `-f` flag for docker tag [#18350](https://github.com/docker/docker/pull/18350) 375 376 ## 1.9.1 (2015-11-21) 377 378 ### Runtime 379 380 - Do not prevent daemon from booting if images could not be restored (#17695) 381 - Force IPC mount to unmount on daemon shutdown/init (#17539) 382 - Turn IPC unmount errors into warnings (#17554) 383 - Fix `docker stats` performance regression (#17638) 384 - Clarify cryptic error message upon `docker logs` if `--log-driver=none` (#17767) 385 - Fix seldom panics (#17639, #17634, #17703) 386 - Fix opq whiteouts problems for files with dot prefix (#17819) 387 - devicemapper: try defaulting to xfs instead of ext4 for performance reasons (#17903, #17918) 388 - devicemapper: fix displayed fs in docker info (#17974) 389 - selinux: only relabel if user requested so with the `z` option (#17450, #17834) 390 - Do not make network calls when normalizing names (#18014) 391 392 ### Client 393 394 - Fix `docker login` on windows (#17738) 395 - Fix bug with `docker inspect` output when not connected to daemon (#17715) 396 - Fix `docker inspect -f {{.HostConfig.Dns}} somecontainer` (#17680) 397 398 ### Builder 399 400 - Fix regression with symlink behavior in ADD/COPY (#17710) 401 402 ### Networking 403 404 - Allow passing a network ID as an argument for `--net` (#17558) 405 - Fix connect to host and prevent disconnect from host for `host` network (#17476) 406 - Fix `--fixed-cidr` issue when gateway ip falls in ip-range and ip-range is 407 not the first block in the network (#17853) 408 - Restore deterministic `IPv6` generation from `MAC` address on default `bridge` network (#17890) 409 - Allow port-mapping only for endpoints created on docker run (#17858) 410 - Fixed an endpoint delete issue with a possible stale sbox (#18102) 411 412 ### Distribution 413 414 - Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent (#18047) 415 416 ## 1.9.0 (2015-11-03) 417 418 ### Runtime 419 420 + `docker stats` now returns block IO metrics (#15005) 421 + `docker stats` now details network stats per interface (#15786) 422 + Add `ancestor=<image>` filter to `docker ps --filter` flag to filter 423 containers based on their ancestor images (#14570) 424 + Add `label=<somelabel>` filter to `docker ps --filter` to filter containers 425 based on label (#16530) 426 + Add `--kernel-memory` flag to `docker run` (#14006) 427 + Add `--message` flag to `docker import` allowing to specify an optional 428 message (#15711) 429 + Add `--privileged` flag to `docker exec` (#14113) 430 + Add `--stop-signal` flag to `docker run` allowing to replace the container 431 process stopping signal (#15307) 432 + Add a new `unless-stopped` restart policy (#15348) 433 + Inspecting an image now returns tags (#13185) 434 + Add container size information to `docker inspect` (#15796) 435 + Add `RepoTags` and `RepoDigests` field to `/images/{name:.*}/json` (#17275) 436 - Remove the deprecated `/container/ps` endpoint from the API (#15972) 437 - Send and document correct HTTP codes for `/exec/<name>/start` (#16250) 438 - Share shm and mqueue between containers sharing IPC namespace (#15862) 439 - Event stream now shows OOM status when `--oom-kill-disable` is set (#16235) 440 - Ensure special network files (/etc/hosts etc.) are read-only if bind-mounted 441 with `ro` option (#14965) 442 - Improve `rmi` performance (#16890) 443 - Do not update /etc/hosts for the default bridge network, except for links (#17325) 444 - Fix conflict with duplicate container names (#17389) 445 - Fix an issue with incorrect template execution in `docker inspect` (#17284) 446 - DEPRECATE `-c` short flag variant for `--cpu-shares` in docker run (#16271) 447 448 ### Client 449 450 + Allow `docker import` to import from local files (#11907) 451 452 ### Builder 453 454 + Add a `STOPSIGNAL` Dockerfile instruction allowing to set a different 455 stop-signal for the container process (#15307) 456 + Add an `ARG` Dockerfile instruction and a `--build-arg` flag to `docker build` 457 that allows to add build-time environment variables (#15182) 458 - Improve cache miss performance (#16890) 459 460 ### Storage 461 462 - devicemapper: Implement deferred deletion capability (#16381) 463 464 ## Networking 465 466 + `docker network` exits experimental and is part of standard release (#16645) 467 + New network top-level concept, with associated subcommands and API (#16645) 468 WARNING: the API is different from the experimental API 469 + Support for multiple isolated/micro-segmented networks (#16645) 470 + Built-in multihost networking using VXLAN based overlay driver (#14071) 471 + Support for third-party network plugins (#13424) 472 + Ability to dynamically connect containers to multiple networks (#16645) 473 + Support for user-defined IP address management via pluggable IPAM drivers (#16910) 474 + Add daemon flags `--cluster-store` and `--cluster-advertise` for built-in nodes discovery (#16229) 475 + Add `--cluster-store-opt` for setting up TLS settings (#16644) 476 + Add `--dns-opt` to the daemon (#16031) 477 - DEPRECATE following container `NetworkSettings` fields in API v1.21: `EndpointID`, `Gateway`, 478 `GlobalIPv6Address`, `GlobalIPv6PrefixLen`, `IPAddress`, `IPPrefixLen`, `IPv6Gateway` and `MacAddress`. 479 Those are now specific to the `bridge` network. Use `NetworkSettings.Networks` to inspect 480 the networking settings of a container per network. 481 482 ### Volumes 483 484 + New top-level `volume` subcommand and API (#14242) 485 - Move API volume driver settings to host-specific config (#15798) 486 - Print an error message if volume name is not unique (#16009) 487 - Ensure volumes created from Dockerfiles always use the local volume driver 488 (#15507) 489 - DEPRECATE auto-creating missing host paths for bind mounts (#16349) 490 491 ### Logging 492 493 + Add `awslogs` logging driver for Amazon CloudWatch (#15495) 494 + Add generic `tag` log option to allow customizing container/image 495 information passed to driver (e.g. show container names) (#15384) 496 - Implement the `docker logs` endpoint for the journald driver (#13707) 497 - DEPRECATE driver-specific log tags (e.g. `syslog-tag`, etc.) (#15384) 498 499 ### Distribution 500 501 + `docker search` now works with partial names (#16509) 502 - Push optimization: avoid buffering to file (#15493) 503 - The daemon will display progress for images that were already being pulled 504 by another client (#15489) 505 - Only permissions required for the current action being performed are requested (#) 506 + Renaming trust keys (and respective environment variables) from `offline` to 507 `root` and `tagging` to `repository` (#16894) 508 - DEPRECATE trust key environment variables 509 `DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE` and 510 `DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE` (#16894) 511 512 ### Security 513 514 + Add SELinux profiles to the rpm package (#15832) 515 - Fix various issues with AppArmor profiles provided in the deb package 516 (#14609) 517 - Add AppArmor policy that prevents writing to /proc (#15571) 518 519 ## 1.8.3 (2015-10-12) 520 521 ### Distribution 522 523 - Fix layer IDs lead to local graph poisoning (CVE-2014-8178) 524 - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179) 525 + Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry 526 527 ## 1.8.2 (2015-09-10) 528 529 ### Distribution 530 531 - Fixes rare edge case of handling GNU LongLink and LongName entries. 532 - Fix ^C on docker pull. 533 - Fix docker pull issues on client disconnection. 534 - Fix issue that caused the daemon to panic when loggers weren't configured properly. 535 - Fix goroutine leak pulling images from registry V2. 536 537 ### Runtime 538 539 - Fix a bug mounting cgroups for docker daemons running inside docker containers. 540 - Initialize log configuration properly. 541 542 ### Client: 543 544 - Handle `-q` flag in `docker ps` properly when there is a default format. 545 546 ### Networking 547 548 - Fix several corner cases with netlink. 549 550 ### Contrib 551 552 - Fix several issues with bash completion. 553 554 ## 1.8.1 (2015-08-12) 555 556 ### Distribution 557 558 * Fix a bug where pushing multiple tags would result in invalid images 559 560 ## 1.8.0 (2015-08-11) 561 562 ### Distribution 563 564 + Trusted pull, push and build, disabled by default 565 * Make tar layers deterministic between registries 566 * Don't allow deleting the image of running containers 567 * Check if a tag name to load is a valid digest 568 * Allow one character repository names 569 * Add a more accurate error description for invalid tag name 570 * Make build cache ignore mtime 571 572 ### Cli 573 574 + Add support for DOCKER_CONFIG/--config to specify config file dir 575 + Add --type flag for docker inspect command 576 + Add formatting options to `docker ps` with `--format` 577 + Replace `docker -d` with new subcommand `docker daemon` 578 * Zsh completion updates and improvements 579 * Add some missing events to bash completion 580 * Support daemon urls with base paths in `docker -H` 581 * Validate status= filter to docker ps 582 * Display when a container is in --net=host in docker ps 583 * Extend docker inspect to export image metadata related to graph driver 584 * Restore --default-gateway{,-v6} daemon options 585 * Add missing unpublished ports in docker ps 586 * Allow duration strings in `docker events` as --since/--until 587 * Expose more mounts information in `docker inspect` 588 589 ### Runtime 590 591 + Add new Fluentd logging driver 592 + Allow `docker import` to load from local files 593 + Add logging driver for GELF via UDP 594 + Allow to copy files from host to containers with `docker cp` 595 + Promote volume drivers from experimental to master 596 + Add rollover options to json-file log driver, and --log-driver-opts flag 597 + Add memory swappiness tuning options 598 * Remove cgroup read-only flag when privileged 599 * Make /proc, /sys, & /dev readonly for readonly containers 600 * Add cgroup bind mount by default 601 * Overlay: Export metadata for container and image in `docker inspect` 602 * Devicemapper: external device activation 603 * Devicemapper: Compare uuid of base device on startup 604 * Remove RC4 from the list of registry cipher suites 605 * Add syslog-facility option 606 * LXC execdriver compatibility with recent LXC versions 607 * Mark LXC execriver as deprecated (to be removed with the migration to runc) 608 609 ### Plugins 610 611 * Separate plugin sockets and specs locations 612 * Allow TLS connections to plugins 613 614 ### Bug fixes 615 616 - Add missing 'Names' field to /containers/json API output 617 - Make `docker rmi` of dangling images safe while pulling 618 - Devicemapper: Change default basesize to 100G 619 - Go Scheduler issue with sync.Mutex and gcc 620 - Fix issue where Search API endpoint would panic due to empty AuthConfig 621 - Set image canonical names correctly 622 - Check dockerinit only if lxc driver is used 623 - Fix ulimit usage of nproc 624 - Always attach STDIN if -i,--interactive is specified 625 - Show error messages when saving container state fails 626 - Fixed incorrect assumption on --bridge=none treated as disable network 627 - Check for invalid port specifications in host configuration 628 - Fix endpoint leave failure for --net=host mode 629 - Fix goroutine leak in the stats API if the container is not running 630 - Check for apparmor file before reading it 631 - Fix DOCKER_TLS_VERIFY being ignored 632 - Set umask to the default on startup 633 - Correct the message of pause and unpause a non-running container 634 - Adjust disallowed CpuShares in container creation 635 - ZFS: correctly apply selinux context 636 - Display empty string instead of <nil> when IP opt is nil 637 - `docker kill` returns error when container is not running 638 - Fix COPY/ADD quoted/json form 639 - Fix goroutine leak on logs -f with no output 640 - Remove panic in nat package on invalid hostport 641 - Fix container linking in Fedora 22 642 - Fix error caused using default gateways outside of the allocated range 643 - Format times in inspect command with a template as RFC3339Nano 644 - Make registry client to accept 2xx and 3xx http status responses as successful 645 - Fix race issue that caused the daemon to crash with certain layer downloads failed in a specific order. 646 - Fix error when the docker ps format was not valid. 647 - Remove redundant ip forward check. 648 - Fix issue trying to push images to repository mirrors. 649 - Fix error cleaning up network entrypoints when there is an initialization issue. 650 651 ## 1.7.1 (2015-07-14) 652 653 #### Runtime 654 655 - Fix default user spawning exec process with `docker exec` 656 - Make `--bridge=none` not to configure the network bridge 657 - Publish networking stats properly 658 - Fix implicit devicemapper selection with static binaries 659 - Fix socket connections that hung intermittently 660 - Fix bridge interface creation on CentOS/RHEL 6.6 661 - Fix local dns lookups added to resolv.conf 662 - Fix copy command mounting volumes 663 - Fix read/write privileges in volumes mounted with --volumes-from 664 665 #### Remote API 666 667 - Fix unmarshalling of Command and Entrypoint 668 - Set limit for minimum client version supported 669 - Validate port specification 670 - Return proper errors when attach/reattach fail 671 672 #### Distribution 673 674 - Fix pulling private images 675 - Fix fallback between registry V2 and V1 676 677 ## 1.7.0 (2015-06-16) 678 679 #### Runtime 680 + Experimental feature: support for out-of-process volume plugins 681 * The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag 682 * The `exec` command supports the `-u|--user` flag to specify the new process owner 683 + Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags 684 + The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota` 685 + Container block IO can be controlled in `docker run` using`--blkio-weight` 686 + ZFS support 687 + The `docker logs` command supports a `--since` argument 688 + UTS namespace can be shared with the host with `docker run --uts=host` 689 690 #### Quality 691 * Networking stack was entirely rewritten as part of the libnetwork effort 692 * Engine internals refactoring 693 * Volumes code was entirely rewritten to support the plugins effort 694 + Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting 695 696 #### Build 697 + Support ${variable:-value} and ${variable:+value} syntax for environment variables 698 + Support resource management flags `--cgroup-parent`, `--cpu-period`, `--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems` 699 + git context changes with branches and directories 700 * The .dockerignore file support exclusion rules 701 702 #### Distribution 703 + Client support for v2 mirroring support for the official registry 704 705 #### Bugfixes 706 * Firewalld is now supported and will automatically be used when available 707 * mounting --device recursively 708 709 ## 1.6.2 (2015-05-13) 710 711 #### Runtime 712 - Revert change prohibiting mounting into /sys 713 714 ## 1.6.1 (2015-05-07) 715 716 #### Security 717 - Fix read/write /proc paths (CVE-2015-3630) 718 - Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631) 719 - Fix opening of file-descriptor 1 (CVE-2015-3627) 720 - Fix symlink traversal on container respawn allowing local privilege escalation (CVE-2015-3629) 721 - Prohibit mount of /sys 722 723 #### Runtime 724 - Update AppArmor policy to not allow mounts 725 726 ## 1.6.0 (2015-04-07) 727 728 #### Builder 729 + Building images from an image ID 730 + Build containers with resource constraints, ie `docker build --cpu-shares=100 --memory=1024m...` 731 + `commit --change` to apply specified Dockerfile instructions while committing the image 732 + `import --change` to apply specified Dockerfile instructions while importing the image 733 + Builds no longer continue in the background when canceled with CTRL-C 734 735 #### Client 736 + Windows Support 737 738 #### Runtime 739 + Container and image Labels 740 + `--cgroup-parent` for specifying a parent cgroup to place container cgroup within 741 + Logging drivers, `json-file`, `syslog`, or `none` 742 + Pulling images by ID 743 + `--ulimit` to set the ulimit on a container 744 + `--default-ulimit` option on the daemon which applies to all created containers (and overwritten by `--ulimit` on run) 745 746 ## 1.5.0 (2015-02-10) 747 748 #### Builder 749 + Dockerfile to use for a given `docker build` can be specified with the `-f` flag 750 * Dockerfile and .dockerignore files can be themselves excluded as part of the .dockerignore file, thus preventing modifications to these files invalidating ADD or COPY instructions cache 751 * ADD and COPY instructions accept relative paths 752 * Dockerfile `FROM scratch` instruction is now interpreted as a no-base specifier 753 * Improve performance when exposing a large number of ports 754 755 #### Hack 756 + Allow client-side only integration tests for Windows 757 * Include docker-py integration tests against Docker daemon as part of our test suites 758 759 #### Packaging 760 + Support for the new version of the registry HTTP API 761 * Speed up `docker push` for images with a majority of already existing layers 762 - Fixed contacting a private registry through a proxy 763 764 #### Remote API 765 + A new endpoint will stream live container resource metrics and can be accessed with the `docker stats` command 766 + Containers can be renamed using the new `rename` endpoint and the associated `docker rename` command 767 * Container `inspect` endpoint show the ID of `exec` commands running in this container 768 * Container `inspect` endpoint show the number of times Docker auto-restarted the container 769 * New types of event can be streamed by the `events` endpoint: ‘OOM’ (container died with out of memory), ‘exec_create’, and ‘exec_start' 770 - Fixed returned string fields which hold numeric characters incorrectly omitting surrounding double quotes 771 772 #### Runtime 773 + Docker daemon has full IPv6 support 774 + The `docker run` command can take the `--pid=host` flag to use the host PID namespace, which makes it possible for example to debug host processes using containerized debugging tools 775 + The `docker run` command can take the `--read-only` flag to make the container’s root filesystem mounted as readonly, which can be used in combination with volumes to force a container’s processes to only write to locations that will be persisted 776 + Container total memory usage can be limited for `docker run` using the `--memory-swap` flag 777 * Major stability improvements for devicemapper storage driver 778 * Better integration with host system: containers will reflect changes to the host's `/etc/resolv.conf` file when restarted 779 * Better integration with host system: per-container iptable rules are moved to the DOCKER chain 780 - Fixed container exiting on out of memory to return an invalid exit code 781 782 #### Other 783 * The HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables are properly taken into account by the client when connecting to the Docker daemon 784 785 ## 1.4.1 (2014-12-15) 786 787 #### Runtime 788 - Fix issue with volumes-from and bind mounts not being honored after create 789 790 ## 1.4.0 (2014-12-11) 791 792 #### Notable Features since 1.3.0 793 + Set key=value labels to the daemon (displayed in `docker info`), applied with 794 new `-label` daemon flag 795 + Add support for `ENV` in Dockerfile of the form: 796 `ENV name=value name2=value2...` 797 + New Overlayfs Storage Driver 798 + `docker info` now returns an `ID` and `Name` field 799 + Filter events by event name, container, or image 800 + `docker cp` now supports copying from container volumes 801 - Fixed `docker tag`, so it honors `--force` when overriding a tag for existing 802 image. 803 804 ## 1.3.3 (2014-12-11) 805 806 #### Security 807 - Fix path traversal vulnerability in processing of absolute symbolic links (CVE-2014-9356) 808 - Fix decompression of xz image archives, preventing privilege escalation (CVE-2014-9357) 809 - Validate image IDs (CVE-2014-9358) 810 811 #### Runtime 812 - Fix an issue when image archives are being read slowly 813 814 #### Client 815 - Fix a regression related to stdin redirection 816 - Fix a regression with `docker cp` when destination is the current directory 817 818 ## 1.3.2 (2014-11-20) 819 820 #### Security 821 - Fix tar breakout vulnerability 822 * Extractions are now sandboxed chroot 823 - Security options are no longer committed to images 824 825 #### Runtime 826 - Fix deadlock in `docker ps -f exited=1` 827 - Fix a bug when `--volumes-from` references a container that failed to start 828 829 #### Registry 830 + `--insecure-registry` now accepts CIDR notation such as 10.1.0.0/16 831 * Private registries whose IPs fall in the 127.0.0.0/8 range do no need the `--insecure-registry` flag 832 - Skip the experimental registry v2 API when mirroring is enabled 833 834 ## 1.3.1 (2014-10-28) 835 836 #### Security 837 * Prevent fallback to SSL protocols < TLS 1.0 for client, daemon and registry 838 + Secure HTTPS connection to registries with certificate verification and without HTTP fallback unless `--insecure-registry` is specified 839 840 #### Runtime 841 - Fix issue where volumes would not be shared 842 843 #### Client 844 - Fix issue with `--iptables=false` not automatically setting `--ip-masq=false` 845 - Fix docker run output to non-TTY stdout 846 847 #### Builder 848 - Fix escaping `$` for environment variables 849 - Fix issue with lowercase `onbuild` Dockerfile instruction 850 - Restrict environment variable expansion to `ENV`, `ADD`, `COPY`, `WORKDIR`, `EXPOSE`, `VOLUME` and `USER` 851 852 ## 1.3.0 (2014-10-14) 853 854 #### Notable features since 1.2.0 855 + Docker `exec` allows you to run additional processes inside existing containers 856 + Docker `create` gives you the ability to create a container via the CLI without executing a process 857 + `--security-opts` options to allow user to customize container labels and apparmor profiles 858 + Docker `ps` filters 859 - Wildcard support to COPY/ADD 860 + Move production URLs to get.docker.com from get.docker.io 861 + Allocate IP address on the bridge inside a valid CIDR 862 + Use drone.io for PR and CI testing 863 + Ability to setup an official registry mirror 864 + Ability to save multiple images with docker `save` 865 866 ## 1.2.0 (2014-08-20) 867 868 #### Runtime 869 + Make /etc/hosts /etc/resolv.conf and /etc/hostname editable at runtime 870 + Auto-restart containers using policies 871 + Use /var/lib/docker/tmp for large temporary files 872 + `--cap-add` and `--cap-drop` to tweak what linux capability you want 873 + `--device` to use devices in containers 874 875 #### Client 876 + `docker search` on private registries 877 + Add `exited` filter to `docker ps --filter` 878 * `docker rm -f` now kills instead of stop 879 + Support for IPv6 addresses in `--dns` flag 880 881 #### Proxy 882 + Proxy instances in separate processes 883 * Small bug fix on UDP proxy 884 885 ## 1.1.2 (2014-07-23) 886 887 #### Runtime 888 + Fix port allocation for existing containers 889 + Fix containers restart on daemon restart 890 891 #### Packaging 892 + Fix /etc/init.d/docker issue on Debian 893 894 ## 1.1.1 (2014-07-09) 895 896 #### Builder 897 * Fix issue with ADD 898 899 ## 1.1.0 (2014-07-03) 900 901 #### Notable features since 1.0.1 902 + Add `.dockerignore` support 903 + Pause containers during `docker commit` 904 + Add `--tail` to `docker logs` 905 906 #### Builder 907 + Allow a tar file as context for `docker build` 908 * Fix issue with white-spaces and multi-lines in `Dockerfiles` 909 910 #### Runtime 911 * Overall performance improvements 912 * Allow `/` as source of `docker run -v` 913 * Fix port allocation 914 * Fix bug in `docker save` 915 * Add links information to `docker inspect` 916 917 #### Client 918 * Improve command line parsing for `docker commit` 919 920 #### Remote API 921 * Improve status code for the `start` and `stop` endpoints 922 923 ## 1.0.1 (2014-06-19) 924 925 #### Notable features since 1.0.0 926 * Enhance security for the LXC driver 927 928 #### Builder 929 * Fix `ONBUILD` instruction passed to grandchildren 930 931 #### Runtime 932 * Fix events subscription 933 * Fix /etc/hostname file with host networking 934 * Allow `-h` and `--net=none` 935 * Fix issue with hotplug devices in `--privileged` 936 937 #### Client 938 * Fix artifacts with events 939 * Fix a panic with empty flags 940 * Fix `docker cp` on Mac OS X 941 942 #### Miscellaneous 943 * Fix compilation on Mac OS X 944 * Fix several races 945 946 ## 1.0.0 (2014-06-09) 947 948 #### Notable features since 0.12.0 949 * Production support 950 951 ## 0.12.0 (2014-06-05) 952 953 #### Notable features since 0.11.0 954 * 40+ various improvements to stability, performance and usability 955 * New `COPY` Dockerfile instruction to allow copying a local file from the context into the container without ever extracting if the file is a tar file 956 * Inherit file permissions from the host on `ADD` 957 * New `pause` and `unpause` commands to allow pausing and unpausing of containers using cgroup freezer 958 * The `images` command has a `-f`/`--filter` option to filter the list of images 959 * Add `--force-rm` to clean up after a failed build 960 * Standardize JSON keys in Remote API to CamelCase 961 * Pull from a docker run now assumes `latest` tag if not specified 962 * Enhance security on Linux capabilities and device nodes 963 964 ## 0.11.1 (2014-05-07) 965 966 #### Registry 967 - Fix push and pull to private registry 968 969 ## 0.11.0 (2014-05-07) 970 971 #### Notable features since 0.10.0 972 973 * SELinux support for mount and process labels 974 * Linked containers can be accessed by hostname 975 * Use the net `--net` flag to allow advanced network configuration such as host networking so that containers can use the host's network interfaces 976 * Add a ping endpoint to the Remote API to do healthchecks of your docker daemon 977 * Logs can now be returned with an optional timestamp 978 * Docker now works with registries that support SHA-512 979 * Multiple registry endpoints are supported to allow registry mirrors 980 981 ## 0.10.0 (2014-04-08) 982 983 #### Builder 984 - Fix printing multiple messages on a single line. Fixes broken output during builds. 985 - Follow symlinks inside container's root for ADD build instructions. 986 - Fix EXPOSE caching. 987 988 #### Documentation 989 - Add the new options of `docker ps` to the documentation. 990 - Add the options of `docker restart` to the documentation. 991 - Update daemon docs and help messages for --iptables and --ip-forward. 992 - Updated apt-cacher-ng docs example. 993 - Remove duplicate description of --mtu from docs. 994 - Add missing -t and -v for `docker images` to the docs. 995 - Add fixes to the cli docs. 996 - Update libcontainer docs. 997 - Update images in docs to remove references to AUFS and LXC. 998 - Update the nodejs_web_app in the docs to use the new epel RPM address. 999 - Fix external link on security of containers. 1000 - Update remote API docs. 1001 - Add image size to history docs. 1002 - Be explicit about binding to all interfaces in redis example. 1003 - Document DisableNetwork flag in the 1.10 remote api. 1004 - Document that `--lxc-conf` is lxc only. 1005 - Add chef usage documentation. 1006 - Add example for an image with multiple for `docker load`. 1007 - Explain what `docker run -a` does in the docs. 1008 1009 #### Contrib 1010 - Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile. 1011 - Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly. 1012 - Remove inotifywait hack from the upstart host-integration example because it's not necessary any more. 1013 - Add check-config script to contrib. 1014 - Fix fish shell completion. 1015 1016 #### Hack 1017 * Clean up "go test" output from "make test" to be much more readable/scannable. 1018 * Exclude more "definitely not unit tested Go source code" directories from hack/make/test. 1019 + Generate md5 and sha256 hashes when building, and upload them via hack/release.sh. 1020 - Include contributed completions in Ubuntu PPA. 1021 + Add cli integration tests. 1022 * Add tweaks to the hack scripts to make them simpler. 1023 1024 #### Remote API 1025 + Add TLS auth support for API. 1026 * Move git clone from daemon to client. 1027 - Fix content-type detection in docker cp. 1028 * Split API into 2 go packages. 1029 1030 #### Runtime 1031 * Support hairpin NAT without going through Docker server. 1032 - devicemapper: succeed immediately when removing non-existing devices. 1033 - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time and unlock while sleeping). 1034 - devicemapper: increase timeout in waitClose to 10 seconds. 1035 - devicemapper: ensure we shut down thin pool cleanly. 1036 - devicemapper: pass info, rather than hash to activateDeviceIfNeeded, deactivateDevice, setInitialized, deleteDevice. 1037 - devicemapper: avoid AB-BA deadlock. 1038 - devicemapper: make shutdown better/faster. 1039 - improve alpha sorting in mflag. 1040 - Remove manual http cookie management because the cookiejar is being used. 1041 - Use BSD raw mode on Darwin. Fixes nano, tmux and others. 1042 - Add FreeBSD support for the client. 1043 - Merge auth package into registry. 1044 - Add deprecation warning for -t on `docker pull`. 1045 - Remove goroutine leak on error. 1046 - Update parseLxcInfo to comply with new lxc1.0 format. 1047 - Fix attach exit on darwin. 1048 - Improve deprecation message. 1049 - Retry to retrieve the layer metadata up to 5 times for `docker pull`. 1050 - Only unshare the mount namespace for execin. 1051 - Merge existing config when committing. 1052 - Disable daemon startup timeout. 1053 - Fix issue #4681: add loopback interface when networking is disabled. 1054 - Add failing test case for issue #4681. 1055 - Send SIGTERM to child, instead of SIGKILL. 1056 - Show the driver and the kernel version in `docker info` even when not in debug mode. 1057 - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. 1058 - Fix issue caused by the absence of /etc/apparmor.d. 1059 - Don't leave empty cidFile behind when failing to create the container. 1060 - Mount cgroups automatically if they're not mounted already. 1061 - Use mock for search tests. 1062 - Update to double-dash everywhere. 1063 - Move .dockerenv parsing to lxc driver. 1064 - Move all bind-mounts in the container inside the namespace. 1065 - Don't use separate bind mount for container. 1066 - Always symlink /dev/ptmx for libcontainer. 1067 - Don't kill by pid for other drivers. 1068 - Add initial logging to libcontainer. 1069 * Sort by port in `docker ps`. 1070 - Move networking drivers into runtime top level package. 1071 + Add --no-prune to `docker rmi`. 1072 + Add time since exit in `docker ps`. 1073 - graphdriver: add build tags. 1074 - Prevent allocation of previously allocated ports & prevent improve port allocation. 1075 * Add support for --since/--before in `docker ps`. 1076 - Clean up container stop. 1077 + Add support for configurable dns search domains. 1078 - Add support for relative WORKDIR instructions. 1079 - Add --output flag for docker save. 1080 - Remove duplication of DNS entries in config merging. 1081 - Add cpuset.cpus to cgroups and native driver options. 1082 - Remove docker-ci. 1083 - Promote btrfs. btrfs is no longer considered experimental. 1084 - Add --input flag to `docker load`. 1085 - Return error when existing bridge doesn't match IP address. 1086 - Strip comments before parsing line continuations to avoid interpreting instructions as comments. 1087 - Fix TestOnlyLoopbackExistsWhenUsingDisableNetworkOption to ignore "DOWN" interfaces. 1088 - Add systemd implementation of cgroups and make containers show up as systemd units. 1089 - Fix commit and import when no repository is specified. 1090 - Remount /var/lib/docker as --private to fix scaling issue. 1091 - Use the environment's proxy when pinging the remote registry. 1092 - Reduce error level from harmless errors. 1093 * Allow --volumes-from to be individual files. 1094 - Fix expanding buffer in StdCopy. 1095 - Set error regardless of attach or stdin. This fixes #3364. 1096 - Add support for --env-file to load environment variables from files. 1097 - Symlink /etc/mtab and /proc/mounts. 1098 - Allow pushing a single tag. 1099 - Shut down containers cleanly at shutdown and wait forever for the containers to shut down. This makes container shutdown on daemon shutdown work properly via SIGTERM. 1100 - Don't throw error when starting an already running container. 1101 - Fix dynamic port allocation limit. 1102 - remove setupDev from libcontainer. 1103 - Add API version to `docker version`. 1104 - Return correct exit code when receiving signal and make SIGQUIT quit without cleanup. 1105 - Fix --volumes-from mount failure. 1106 - Allow non-privileged containers to create device nodes. 1107 - Skip login tests because of external dependency on a hosted service. 1108 - Deprecate `docker images --tree` and `docker images --viz`. 1109 - Deprecate `docker insert`. 1110 - Include base abstraction for apparmor. This fixes some apparmor related problems on Ubuntu 14.04. 1111 - Add specific error message when hitting 401 over HTTP on push. 1112 - Fix absolute volume check. 1113 - Remove volumes-from from the config. 1114 - Move DNS options to hostconfig. 1115 - Update the apparmor profile for libcontainer. 1116 - Add deprecation notice for `docker commit -run`. 1117 1118 ## 0.9.1 (2014-03-24) 1119 1120 #### Builder 1121 - Fix printing multiple messages on a single line. Fixes broken output during builds. 1122 1123 #### Documentation 1124 - Fix external link on security of containers. 1125 1126 #### Contrib 1127 - Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly. 1128 - Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile. 1129 1130 #### Hack 1131 - Generate md5 and sha256 hashes when building, and upload them via hack/release.sh. 1132 1133 #### Remote API 1134 - Fix content-type detection in `docker cp`. 1135 1136 #### Runtime 1137 - Use BSD raw mode on Darwin. Fixes nano, tmux and others. 1138 - Only unshare the mount namespace for execin. 1139 - Retry to retrieve the layer metadata up to 5 times for `docker pull`. 1140 - Merge existing config when committing. 1141 - Fix panic in monitor. 1142 - Disable daemon startup timeout. 1143 - Fix issue #4681: add loopback interface when networking is disabled. 1144 - Add failing test case for issue #4681. 1145 - Send SIGTERM to child, instead of SIGKILL. 1146 - Show the driver and the kernel version in `docker info` even when not in debug mode. 1147 - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. 1148 - Fix issue caused by the absence of /etc/apparmor.d. 1149 - Don't leave empty cidFile behind when failing to create the container. 1150 - Improve deprecation message. 1151 - Fix attach exit on darwin. 1152 - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time, unlock while sleeping). 1153 - devicemapper: succeed immediately when removing non-existing devices. 1154 - devicemapper: increase timeout in waitClose to 10 seconds. 1155 - Remove goroutine leak on error. 1156 - Update parseLxcInfo to comply with new lxc1.0 format. 1157 1158 ## 0.9.0 (2014-03-10) 1159 1160 #### Builder 1161 - Avoid extra mount/unmount during build. This fixes mount/unmount related errors during build. 1162 - Add error to docker build --rm. This adds missing error handling. 1163 - Forbid chained onbuild, `onbuild from` and `onbuild maintainer` triggers. 1164 - Make `--rm` the default for `docker build`. 1165 1166 #### Documentation 1167 - Download the docker client binary for Mac over https. 1168 - Update the titles of the install instructions & descriptions. 1169 * Add instructions for upgrading boot2docker. 1170 * Add port forwarding example in OS X install docs. 1171 - Attempt to disentangle repository and registry. 1172 - Update docs to explain more about `docker ps`. 1173 - Update sshd example to use a Dockerfile. 1174 - Rework some examples, including the Python examples. 1175 - Update docs to include instructions for a container's lifecycle. 1176 - Update docs documentation to discuss the docs branch. 1177 - Don't skip cert check for an example & use HTTPS. 1178 - Bring back the memory and swap accounting section which was lost when the kernel page was removed. 1179 - Explain DNS warnings and how to fix them on systems running and using a local nameserver. 1180 1181 #### Contrib 1182 - Add Tanglu support for mkimage-debootstrap. 1183 - Add SteamOS support for mkimage-debootstrap. 1184 1185 #### Hack 1186 - Get package coverage when running integration tests. 1187 - Remove the Vagrantfile. This is being replaced with boot2docker. 1188 - Fix tests on systems where aufs isn't available. 1189 - Update packaging instructions and remove the dependency on lxc. 1190 1191 #### Remote API 1192 * Move code specific to the API to the api package. 1193 - Fix header content type for the API. Makes all endpoints use proper content type. 1194 - Fix registry auth & remove ping calls from CmdPush and CmdPull. 1195 - Add newlines to the JSON stream functions. 1196 1197 #### Runtime 1198 * Do not ping the registry from the CLI. All requests to registries flow through the daemon. 1199 - Check for nil information return in the lxc driver. This fixes panics with older lxc versions. 1200 - Devicemapper: cleanups and fix for unmount. Fixes two problems which were causing unmount to fail intermittently. 1201 - Devicemapper: remove directory when removing device. Directories don't get left behind when removing the device. 1202 * Devicemapper: enable skip_block_zeroing. Improves performance by not zeroing blocks. 1203 - Devicemapper: fix shutdown warnings. Fixes shutdown warnings concerning pool device removal. 1204 - Ensure docker cp stream is closed properly. Fixes problems with files not being copied by `docker cp`. 1205 - Stop making `tcp://` default to `127.0.0.1:4243` and remove the default port for tcp. 1206 - Fix `--run` in `docker commit`. This makes `docker commit --run` work again. 1207 - Fix custom bridge related options. This makes custom bridges work again. 1208 + Mount-bind the PTY as container console. This allows tmux/screen to run. 1209 + Add the pure Go libcontainer library to make it possible to run containers using only features of the Linux kernel. 1210 + Add native exec driver which uses libcontainer and make it the default exec driver. 1211 - Add support for handling extended attributes in archives. 1212 * Set the container MTU to be the same as the host MTU. 1213 + Add simple sha256 checksums for layers to speed up `docker push`. 1214 * Improve kernel version parsing. 1215 * Allow flag grouping (`docker run -it`). 1216 - Remove chroot exec driver. 1217 - Fix divide by zero to fix panic. 1218 - Rewrite `docker rmi`. 1219 - Fix docker info with lxc 1.0.0. 1220 - Fix fedora tty with apparmor. 1221 * Don't always append env vars, replace defaults with vars from config. 1222 * Fix a goroutine leak. 1223 * Switch to Go 1.2.1. 1224 - Fix unique constraint error checks. 1225 * Handle symlinks for Docker's data directory and for TMPDIR. 1226 - Add deprecation warnings for flags (-flag is deprecated in favor of --flag) 1227 - Add apparmor profile for the native execution driver. 1228 * Move system specific code from archive to pkg/system. 1229 - Fix duplicate signal for `docker run -i -t` (issue #3336). 1230 - Return correct process pid for lxc. 1231 - Add a -G option to specify the group which unix sockets belong to. 1232 + Add `-f` flag to `docker rm` to force removal of running containers. 1233 + Kill ghost containers and restart all ghost containers when the docker daemon restarts. 1234 + Add `DOCKER_RAMDISK` environment variable to make Docker work when the root is on a ramdisk. 1235 1236 ## 0.8.1 (2014-02-18) 1237 1238 #### Builder 1239 1240 - Avoid extra mount/unmount during build. This removes an unneeded mount/unmount operation which was causing problems with devicemapper 1241 - Fix regression with ADD of tar files. This stops Docker from decompressing tarballs added via ADD from the local file system 1242 - Add error to `docker build --rm`. This adds a missing error check to ensure failures to remove containers are detected and reported 1243 1244 #### Documentation 1245 1246 * Update issue filing instructions 1247 * Warn against the use of symlinks for Docker's storage folder 1248 * Replace the Firefox example with an IceWeasel example 1249 * Rewrite the PostgresSQL example using a Dockerfile and add more details to it 1250 * Improve the OS X documentation 1251 1252 #### Remote API 1253 1254 - Fix broken images API for version less than 1.7 1255 - Use the right encoding for all API endpoints which return JSON 1256 - Move remote api client to api/ 1257 - Queue calls to the API using generic socket wait 1258 1259 #### Runtime 1260 1261 - Fix the use of custom settings for bridges and custom bridges 1262 - Refactor the devicemapper code to avoid many mount/unmount race conditions and failures 1263 - Remove two panics which could make Docker crash in some situations 1264 - Don't ping registry from the CLI client 1265 - Enable skip_block_zeroing for devicemapper. This stops devicemapper from always zeroing entire blocks 1266 - Fix --run in `docker commit`. This makes docker commit store `--run` in the image configuration 1267 - Remove directory when removing devicemapper device. This cleans up leftover mount directories 1268 - Drop NET_ADMIN capability for non-privileged containers. Unprivileged containers can't change their network configuration 1269 - Ensure `docker cp` stream is closed properly 1270 - Avoid extra mount/unmount during container registration. This removes an unneeded mount/unmount operation which was causing problems with devicemapper 1271 - Stop allowing tcp:// as a default tcp bin address which binds to 127.0.0.1:4243 and remove the default port 1272 + Mount-bind the PTY as container console. This allows tmux and screen to run in a container 1273 - Clean up archive closing. This fixes and improves archive handling 1274 - Fix engine tests on systems where temp directories are symlinked 1275 - Add test methods for save and load 1276 - Avoid temporarily unmounting the container when restarting it. This fixes a race for devicemapper during restart 1277 - Support submodules when building from a GitHub repository 1278 - Quote volume path to allow spaces 1279 - Fix remote tar ADD behavior. This fixes a regression which was causing Docker to extract tarballs 1280 1281 ## 0.8.0 (2014-02-04) 1282 1283 #### Notable features since 0.7.0 1284 1285 * Images and containers can be removed much faster 1286 * Building an image from source with docker build is now much faster 1287 * The Docker daemon starts and stops much faster 1288 * The memory footprint of many common operations has been reduced, by streaming files instead of buffering them in memory, fixing memory leaks, and fixing various suboptimal memory allocations 1289 * Several race conditions were fixed, making Docker more stable under very high concurrency load. This makes Docker more stable and less likely to crash and reduces the memory footprint of many common operations 1290 * All packaging operations are now built on the Go language’s standard tar implementation, which is bundled with Docker itself. This makes packaging more portable across host distributions, and solves several issues caused by quirks and incompatibilities between different distributions of tar 1291 * Docker can now create, remove and modify larger numbers of containers and images graciously thanks to more aggressive releasing of system resources. For example the storage driver API now allows Docker to do reference counting on mounts created by the drivers 1292 With the ongoing changes to the networking and execution subsystems of docker testing these areas have been a focus of the refactoring. By moving these subsystems into separate packages we can test, analyze, and monitor coverage and quality of these packages 1293 * Many components have been separated into smaller sub-packages, each with a dedicated test suite. As a result the code is better-tested, more readable and easier to change 1294 1295 * The ADD instruction now supports caching, which avoids unnecessarily re-uploading the same source content again and again when it hasn’t changed 1296 * The new ONBUILD instruction adds to your image a “trigger” instruction to be executed at a later time, when the image is used as the base for another build 1297 * Docker now ships with an experimental storage driver which uses the BTRFS filesystem for copy-on-write 1298 * Docker is officially supported on Mac OS X 1299 * The Docker daemon supports systemd socket activation 1300 1301 ## 0.7.6 (2014-01-14) 1302 1303 #### Builder 1304 1305 * Do not follow symlink outside of build context 1306 1307 #### Runtime 1308 1309 - Remount bind mounts when ro is specified 1310 * Use https for fetching docker version 1311 1312 #### Other 1313 1314 * Inline the test.docker.io fingerprint 1315 * Add ca-certificates to packaging documentation 1316 1317 ## 0.7.5 (2014-01-09) 1318 1319 #### Builder 1320 1321 * Disable compression for build. More space usage but a much faster upload 1322 - Fix ADD caching for certain paths 1323 - Do not compress archive from git build 1324 1325 #### Documentation 1326 1327 - Fix error in GROUP add example 1328 * Make sure the GPG fingerprint is inline in the documentation 1329 * Give more specific advice on setting up signing of commits for DCO 1330 1331 #### Runtime 1332 1333 - Fix misspelled container names 1334 - Do not add hostname when networking is disabled 1335 * Return most recent image from the cache by date 1336 - Return all errors from docker wait 1337 * Add Content-Type Header "application/json" to GET /version and /info responses 1338 1339 #### Other 1340 1341 * Update DCO to version 1.1 1342 + Update Makefile to use "docker:GIT_BRANCH" as the generated image name 1343 * Update Travis to check for new 1.1 DCO version 1344 1345 ## 0.7.4 (2014-01-07) 1346 1347 #### Builder 1348 1349 - Fix ADD caching issue with . prefixed path 1350 - Fix docker build on devicemapper by reverting sparse file tar option 1351 - Fix issue with file caching and prevent wrong cache hit 1352 * Use same error handling while unmarshalling CMD and ENTRYPOINT 1353 1354 #### Documentation 1355 1356 * Simplify and streamline Amazon Quickstart 1357 * Install instructions use unprefixed Fedora image 1358 * Update instructions for mtu flag for Docker on GCE 1359 + Add Ubuntu Saucy to installation 1360 - Fix for wrong version warning on master instead of latest 1361 1362 #### Runtime 1363 1364 - Only get the image's rootfs when we need to calculate the image size 1365 - Correctly handle unmapping UDP ports 1366 * Make CopyFileWithTar use a pipe instead of a buffer to save memory on docker build 1367 - Fix login message to say pull instead of push 1368 - Fix "docker load" help by removing "SOURCE" prompt and mentioning STDIN 1369 * Make blank -H option default to the same as no -H was sent 1370 * Extract cgroups utilities to own submodule 1371 1372 #### Other 1373 1374 + Add Travis CI configuration to validate DCO and gofmt requirements 1375 + Add Developer Certificate of Origin Text 1376 * Upgrade VBox Guest Additions 1377 * Check standalone header when pinging a registry server 1378 1379 ## 0.7.3 (2014-01-02) 1380 1381 #### Builder 1382 1383 + Update ADD to use the image cache, based on a hash of the added content 1384 * Add error message for empty Dockerfile 1385 1386 #### Documentation 1387 1388 - Fix outdated link to the "Introduction" on www.docker.io 1389 + Update the docs to get wider when the screen does 1390 - Add information about needing to install LXC when using raw binaries 1391 * Update Fedora documentation to disentangle the docker and docker.io conflict 1392 * Add a note about using the new `-mtu` flag in several GCE zones 1393 + Add FrugalWare installation instructions 1394 + Add a more complete example of `docker run` 1395 - Fix API documentation for creating and starting Privileged containers 1396 - Add missing "name" parameter documentation on "/containers/create" 1397 * Add a mention of `lxc-checkconfig` as a way to check for some of the necessary kernel configuration 1398 - Update the 1.8 API documentation with some additions that were added to the docs for 1.7 1399 1400 #### Hack 1401 1402 - Add missing libdevmapper dependency to the packagers documentation 1403 * Update minimum Go requirement to a hard line at Go 1.2+ 1404 * Many minor improvements to the Vagrantfile 1405 + Add ability to customize dockerinit search locations when compiling (to be used very sparingly only by packagers of platforms who require a nonstandard location) 1406 + Add coverprofile generation reporting 1407 - Add `-a` to our Go build flags, removing the need for recompiling the stdlib manually 1408 * Update Dockerfile to be more canonical and have less spurious warnings during build 1409 - Fix some miscellaneous `docker pull` progress bar display issues 1410 * Migrate more miscellaneous packages under the "pkg" folder 1411 * Update TextMate highlighting to automatically be enabled for files named "Dockerfile" 1412 * Reorganize syntax highlighting files under a common "contrib/syntax" directory 1413 * Update install.sh script (https://get.docker.io/) to not fail if busybox fails to download or run at the end of the Ubuntu/Debian installation 1414 * Add support for container names in bash completion 1415 1416 #### Packaging 1417 1418 + Add an official Docker client binary for Darwin (Mac OS X) 1419 * Remove empty "Vendor" string and added "License" on deb package 1420 + Add a stubbed version of "/etc/default/docker" in the deb package 1421 1422 #### Runtime 1423 1424 * Update layer application to extract tars in place, avoiding file churn while handling whiteouts 1425 - Fix permissiveness of mtime comparisons in tar handling (since GNU tar and Go tar do not yet support sub-second mtime precision) 1426 * Reimplement `docker top` in pure Go to work more consistently, and even inside Docker-in-Docker (thus removing the shell injection vulnerability present in some versions of `lxc-ps`) 1427 + Update `-H unix://` to work similarly to `-H tcp://` by inserting the default values for missing portions 1428 - Fix more edge cases regarding dockerinit and deleted or replaced docker or dockerinit files 1429 * Update container name validation to include '.' 1430 - Fix use of a symlink or non-absolute path as the argument to `-g` to work as expected 1431 * Update to handle external mounts outside of LXC, fixing many small mounting quirks and making future execution backends and other features simpler 1432 * Update to use proper box-drawing characters everywhere in `docker images -tree` 1433 * Move MTU setting from LXC configuration to directly use netlink 1434 * Add `-S` option to external tar invocation for more efficient spare file handling 1435 + Add arch/os info to User-Agent string, especially for registry requests 1436 + Add `-mtu` option to Docker daemon for configuring MTU 1437 - Fix `docker build` to exit with a non-zero exit code on error 1438 + Add `DOCKER_HOST` environment variable to configure the client `-H` flag without specifying it manually for every invocation 1439 1440 ## 0.7.2 (2013-12-16) 1441 1442 #### Runtime 1443 1444 + Validate container names on creation with standard regex 1445 * Increase maximum image depth to 127 from 42 1446 * Continue to move api endpoints to the job api 1447 + Add -bip flag to allow specification of dynamic bridge IP via CIDR 1448 - Allow bridge creation when ipv6 is not enabled on certain systems 1449 * Set hostname and IP address from within dockerinit 1450 * Drop capabilities from within dockerinit 1451 - Fix volumes on host when symlink is present the image 1452 - Prevent deletion of image if ANY container is depending on it even if the container is not running 1453 * Update docker push to use new progress display 1454 * Use os.Lstat to allow mounting unix sockets when inspecting volumes 1455 - Adjust handling of inactive user login 1456 - Add missing defines in devicemapper for older kernels 1457 - Allow untag operations with no container validation 1458 - Add auth config to docker build 1459 1460 #### Documentation 1461 1462 * Add more information about Docker logging 1463 + Add RHEL documentation 1464 * Add a direct example for changing the CMD that is run in a container 1465 * Update Arch installation documentation 1466 + Add section on Trusted Builds 1467 + Add Network documentation page 1468 1469 #### Other 1470 1471 + Add new cover bundle for providing code coverage reporting 1472 * Separate integration tests in bundles 1473 * Make Tianon the hack maintainer 1474 * Update mkimage-debootstrap with more tweaks for keeping images small 1475 * Use https to get the install script 1476 * Remove vendored dotcloud/tar now that Go 1.2 has been released 1477 1478 ## 0.7.1 (2013-12-05) 1479 1480 #### Documentation 1481 1482 + Add @SvenDowideit as documentation maintainer 1483 + Add links example 1484 + Add documentation regarding ambassador pattern 1485 + Add Google Cloud Platform docs 1486 + Add dockerfile best practices 1487 * Update doc for RHEL 1488 * Update doc for registry 1489 * Update Postgres examples 1490 * Update doc for Ubuntu install 1491 * Improve remote api doc 1492 1493 #### Runtime 1494 1495 + Add hostconfig to docker inspect 1496 + Implement `docker log -f` to stream logs 1497 + Add env variable to disable kernel version warning 1498 + Add -format to `docker inspect` 1499 + Support bind-mount for files 1500 - Fix bridge creation on RHEL 1501 - Fix image size calculation 1502 - Make sure iptables are called even if the bridge already exists 1503 - Fix issue with stderr only attach 1504 - Remove init layer when destroying a container 1505 - Fix same port binding on different interfaces 1506 - `docker build` now returns the correct exit code 1507 - Fix `docker port` to display correct port 1508 - `docker build` now check that the dockerfile exists client side 1509 - `docker attach` now returns the correct exit code 1510 - Remove the name entry when the container does not exist 1511 1512 #### Registry 1513 1514 * Improve progress bars, add ETA for downloads 1515 * Simultaneous pulls now waits for the first to finish instead of failing 1516 - Tag only the top-layer image when pushing to registry 1517 - Fix issue with offline image transfer 1518 - Fix issue preventing using ':' in password for registry 1519 1520 #### Other 1521 1522 + Add pprof handler for debug 1523 + Create a Makefile 1524 * Use stdlib tar that now includes fix 1525 * Improve make.sh test script 1526 * Handle SIGQUIT on the daemon 1527 * Disable verbose during tests 1528 * Upgrade to go1.2 for official build 1529 * Improve unit tests 1530 * The test suite now runs all tests even if one fails 1531 * Refactor C in Go (Devmapper) 1532 - Fix OS X compilation 1533 1534 ## 0.7.0 (2013-11-25) 1535 1536 #### Notable features since 0.6.0 1537 1538 * Storage drivers: choose from aufs, device-mapper, or vfs. 1539 * Standard Linux support: docker now runs on unmodified Linux kernels and all major distributions. 1540 * Links: compose complex software stacks by connecting containers to each other. 1541 * Container naming: organize your containers by giving them memorable names. 1542 * Advanced port redirects: specify port redirects per interface, or keep sensitive ports private. 1543 * Offline transfer: push and pull images to the filesystem without losing information. 1544 * Quality: numerous bugfixes and small usability improvements. Significant increase in test coverage. 1545 1546 ## 0.6.7 (2013-11-21) 1547 1548 #### Runtime 1549 1550 * Improve stability, fixes some race conditions 1551 * Skip the volumes mounted when deleting the volumes of container. 1552 * Fix layer size computation: handle hard links correctly 1553 * Use the work Path for docker cp CONTAINER:PATH 1554 * Fix tmp dir never cleanup 1555 * Speedup docker ps 1556 * More informative error message on name collisions 1557 * Fix nameserver regex 1558 * Always return long id's 1559 * Fix container restart race condition 1560 * Keep published ports on docker stop;docker start 1561 * Fix container networking on Fedora 1562 * Correctly express "any address" to iptables 1563 * Fix network setup when reconnecting to ghost container 1564 * Prevent deletion if image is used by a running container 1565 * Lock around read operations in graph 1566 1567 #### RemoteAPI 1568 1569 * Return full ID on docker rmi 1570 1571 #### Client 1572 1573 + Add -tree option to images 1574 + Offline image transfer 1575 * Exit with status 2 on usage error and display usage on stderr 1576 * Do not forward SIGCHLD to container 1577 * Use string timestamp for docker events -since 1578 1579 #### Other 1580 1581 * Update to go 1.2rc5 1582 + Add /etc/default/docker support to upstart 1583 1584 ## 0.6.6 (2013-11-06) 1585 1586 #### Runtime 1587 1588 * Ensure container name on register 1589 * Fix regression in /etc/hosts 1590 + Add lock around write operations in graph 1591 * Check if port is valid 1592 * Fix restart runtime error with ghost container networking 1593 + Add some more colors and animals to increase the pool of generated names 1594 * Fix issues in docker inspect 1595 + Escape apparmor confinement 1596 + Set environment variables using a file. 1597 * Prevent docker insert to erase something 1598 + Prevent DNS server conflicts in CreateBridgeIface 1599 + Validate bind mounts on the server side 1600 + Use parent image config in docker build 1601 * Fix regression in /etc/hosts 1602 1603 #### Client 1604 1605 + Add -P flag to publish all exposed ports 1606 + Add -notrunc and -q flags to docker history 1607 * Fix docker commit, tag and import usage 1608 + Add stars, trusted builds and library flags in docker search 1609 * Fix docker logs with tty 1610 1611 #### RemoteAPI 1612 1613 * Make /events API send headers immediately 1614 * Do not split last column docker top 1615 + Add size to history 1616 1617 #### Other 1618 1619 + Contrib: Desktop integration. Firefox usecase. 1620 + Dockerfile: bump to go1.2rc3 1621 1622 ## 0.6.5 (2013-10-29) 1623 1624 #### Runtime 1625 1626 + Containers can now be named 1627 + Containers can now be linked together for service discovery 1628 + 'run -a', 'start -a' and 'attach' can forward signals to the container for better integration with process supervisors 1629 + Automatically start crashed containers after a reboot 1630 + Expose IP, port, and proto as separate environment vars for container links 1631 * Allow ports to be published to specific ips 1632 * Prohibit inter-container communication by default 1633 - Ignore ErrClosedPipe for stdin in Container.Attach 1634 - Remove unused field kernelVersion 1635 * Fix issue when mounting subdirectories of /mnt in container 1636 - Fix untag during removal of images 1637 * Check return value of syscall.Chdir when changing working directory inside dockerinit 1638 1639 #### Client 1640 1641 - Only pass stdin to hijack when needed to avoid closed pipe errors 1642 * Use less reflection in command-line method invocation 1643 - Monitor the tty size after starting the container, not prior 1644 - Remove useless os.Exit() calls after log.Fatal 1645 1646 #### Hack 1647 1648 + Add initial init scripts library and a safer Ubuntu packaging script that works for Debian 1649 * Add -p option to invoke debootstrap with http_proxy 1650 - Update install.sh with $sh_c to get sudo/su for modprobe 1651 * Update all the mkimage scripts to use --numeric-owner as a tar argument 1652 * Update hack/release.sh process to automatically invoke hack/make.sh and bail on build and test issues 1653 1654 #### Other 1655 1656 * Documentation: Fix the flags for nc in example 1657 * Testing: Remove warnings and prevent mount issues 1658 - Testing: Change logic for tty resize to avoid warning in tests 1659 - Builder: Fix race condition in docker build with verbose output 1660 - Registry: Fix content-type for PushImageJSONIndex method 1661 * Contrib: Improve helper tools to generate debian and Arch linux server images 1662 1663 ## 0.6.4 (2013-10-16) 1664 1665 #### Runtime 1666 1667 - Add cleanup of container when Start() fails 1668 * Add better comments to utils/stdcopy.go 1669 * Add utils.Errorf for error logging 1670 + Add -rm to docker run for removing a container on exit 1671 - Remove error messages which are not actually errors 1672 - Fix `docker rm` with volumes 1673 - Fix some error cases where a HTTP body might not be closed 1674 - Fix panic with wrong dockercfg file 1675 - Fix the attach behavior with -i 1676 * Record termination time in state. 1677 - Use empty string so TempDir uses the OS's temp dir automatically 1678 - Make sure to close the network allocators 1679 + Autorestart containers by default 1680 * Bump vendor kr/pty to commit 3b1f6487b `(syscall.O_NOCTTY)` 1681 * lxc: Allow set_file_cap capability in container 1682 - Move run -rm to the cli only 1683 * Split stdout stderr 1684 * Always create a new session for the container 1685 1686 #### Testing 1687 1688 - Add aggregated docker-ci email report 1689 - Add cleanup to remove leftover containers 1690 * Add nightly release to docker-ci 1691 * Add more tests around auth.ResolveAuthConfig 1692 - Remove a few errors in tests 1693 - Catch errClosing error when TCP and UDP proxies are terminated 1694 * Only run certain tests with TESTFLAGS='-run TestName' make.sh 1695 * Prevent docker-ci to test closing PRs 1696 * Replace panic by log.Fatal in tests 1697 - Increase TestRunDetach timeout 1698 1699 #### Documentation 1700 1701 * Add initial draft of the Docker infrastructure doc 1702 * Add devenvironment link to CONTRIBUTING.md 1703 * Add `apt-get install curl` to Ubuntu docs 1704 * Add explanation for export restrictions 1705 * Add .dockercfg doc 1706 * Remove Gentoo install notes about #1422 workaround 1707 * Fix help text for -v option 1708 * Fix Ping endpoint documentation 1709 - Fix parameter names in docs for ADD command 1710 - Fix ironic typo in changelog 1711 * Various command fixes in postgres example 1712 * Document how to edit and release docs 1713 - Minor updates to `postgresql_service.rst` 1714 * Clarify LGTM process to contributors 1715 - Corrected error in the package name 1716 * Document what `vagrant up` is actually doing 1717 + improve doc search results 1718 * Cleanup whitespace in API 1.5 docs 1719 * use angle brackets in MAINTAINER example email 1720 * Update archlinux.rst 1721 + Changes to a new style for the docs. Includes version switcher. 1722 * Formatting, add information about multiline json 1723 * Improve registry and index REST API documentation 1724 - Replace deprecated upgrading reference to docker-latest.tgz, which hasn't been updated since 0.5.3 1725 * Update Gentoo installation documentation now that we're in the portage tree proper 1726 * Cleanup and reorganize docs and tooling for contributors and maintainers 1727 - Minor spelling correction of protocoll -> protocol 1728 1729 #### Contrib 1730 1731 * Add vim syntax highlighting for Dockerfiles from @honza 1732 * Add mkimage-arch.sh 1733 * Reorganize contributed completion scripts to add zsh completion 1734 1735 #### Hack 1736 1737 * Add vagrant user to the docker group 1738 * Add proper bash completion for "docker push" 1739 * Add xz utils as a runtime dep 1740 * Add cleanup/refactor portion of #2010 for hack and Dockerfile updates 1741 + Add contrib/mkimage-centos.sh back (from #1621), and associated documentation link 1742 * Add several of the small make.sh fixes from #1920, and make the output more consistent and contributor-friendly 1743 + Add @tianon to hack/MAINTAINERS 1744 * Improve network performance for VirtualBox 1745 * Revamp install.sh to be usable by more people, and to use official install methods whenever possible (apt repo, portage tree, etc.) 1746 - Fix contrib/mkimage-debian.sh apt caching prevention 1747 + Add Dockerfile.tmLanguage to contrib 1748 * Configured FPM to make /etc/init/docker.conf a config file 1749 * Enable SSH Agent forwarding in Vagrant VM 1750 * Several small tweaks/fixes for contrib/mkimage-debian.sh 1751 1752 #### Other 1753 1754 - Builder: Abort build if mergeConfig returns an error and fix duplicate error message 1755 - Packaging: Remove deprecated packaging directory 1756 - Registry: Use correct auth config when logging in. 1757 - Registry: Fix the error message so it is the same as the regex 1758 1759 ## 0.6.3 (2013-09-23) 1760 1761 #### Packaging 1762 1763 * Add 'docker' group on install for ubuntu package 1764 * Update tar vendor dependency 1765 * Download apt key over HTTPS 1766 1767 #### Runtime 1768 1769 - Only copy and change permissions on non-bindmount volumes 1770 * Allow multiple volumes-from 1771 - Fix HTTP imports from STDIN 1772 1773 #### Documentation 1774 1775 * Update section on extracting the docker binary after build 1776 * Update development environment docs for new build process 1777 * Remove 'base' image from documentation 1778 1779 #### Other 1780 1781 - Client: Fix detach issue 1782 - Registry: Update regular expression to match index 1783 1784 ## 0.6.2 (2013-09-17) 1785 1786 #### Runtime 1787 1788 + Add domainname support 1789 + Implement image filtering with path.Match 1790 * Remove unnecessary warnings 1791 * Remove os/user dependency 1792 * Only mount the hostname file when the config exists 1793 * Handle signals within the `docker login` command 1794 - UID and GID are now also applied to volumes 1795 - `docker start` set error code upon error 1796 - `docker run` set the same error code as the process started 1797 1798 #### Builder 1799 1800 + Add -rm option in order to remove intermediate containers 1801 * Allow multiline for the RUN instruction 1802 1803 #### Registry 1804 1805 * Implement login with private registry 1806 - Fix push issues 1807 1808 #### Other 1809 1810 + Hack: Vendor all dependencies 1811 * Remote API: Bump to v1.5 1812 * Packaging: Break down hack/make.sh into small scripts, one per 'bundle': test, binary, ubuntu etc. 1813 * Documentation: General improvements 1814 1815 ## 0.6.1 (2013-08-23) 1816 1817 #### Registry 1818 1819 * Pass "meta" headers in API calls to the registry 1820 1821 #### Packaging 1822 1823 - Use correct upstart script with new build tool 1824 - Use libffi-dev, don`t build it from sources 1825 - Remove duplicate mercurial install command 1826 1827 ## 0.6.0 (2013-08-22) 1828 1829 #### Runtime 1830 1831 + Add lxc-conf flag to allow custom lxc options 1832 + Add an option to set the working directory 1833 * Add Image name to LogEvent tests 1834 + Add -privileged flag and relevant tests, docs, and examples 1835 * Add websocket support to /container/<name>/attach/ws 1836 * Add warning when net.ipv4.ip_forwarding = 0 1837 * Add hostname to environment 1838 * Add last stable version in `docker version` 1839 - Fix race conditions in parallel pull 1840 - Fix Graph ByParent() to generate list of child images per parent image. 1841 - Fix typo: fmt.Sprint -> fmt.Sprintf 1842 - Fix small \n error un docker build 1843 * Fix to "Inject dockerinit at /.dockerinit" 1844 * Fix #910. print user name to docker info output 1845 * Use Go 1.1.2 for dockerbuilder 1846 * Use ranged for loop on channels 1847 - Use utils.ParseRepositoryTag instead of strings.Split(name, ":") in server.ImageDelete 1848 - Improve CMD, ENTRYPOINT, and attach docs. 1849 - Improve connect message with socket error 1850 - Load authConfig only when needed and fix useless WARNING 1851 - Show tag used when image is missing 1852 * Apply volumes-from before creating volumes 1853 - Make docker run handle SIGINT/SIGTERM 1854 - Prevent crash when .dockercfg not readable 1855 - Install script should be fetched over https, not http. 1856 * API, issue 1471: Use groups for socket permissions 1857 - Correctly detect IPv4 forwarding 1858 * Mount /dev/shm as a tmpfs 1859 - Switch from http to https for get.docker.io 1860 * Let userland proxy handle container-bound traffic 1861 * Update the Docker CLI to specify a value for the "Host" header. 1862 - Change network range to avoid conflict with EC2 DNS 1863 - Reduce connect and read timeout when pinging the registry 1864 * Parallel pull 1865 - Handle ip route showing mask-less IP addresses 1866 * Allow ENTRYPOINT without CMD 1867 - Always consider localhost as a domain name when parsing the FQN repos name 1868 * Refactor checksum 1869 1870 #### Documentation 1871 1872 * Add MongoDB image example 1873 * Add instructions for creating and using the docker group 1874 * Add sudo to examples and installation to documentation 1875 * Add ufw doc 1876 * Add a reference to ps -a 1877 * Add information about Docker`s high level tools over LXC. 1878 * Fix typo in docs for docker run -dns 1879 * Fix a typo in the ubuntu installation guide 1880 * Fix to docs regarding adding docker groups 1881 * Update default -H docs 1882 * Update readme with dependencies for building 1883 * Update amazon.rst to explain that Vagrant is not necessary for running Docker on ec2 1884 * PostgreSQL service example in documentation 1885 * Suggest installing linux-headers by default. 1886 * Change the twitter handle 1887 * Clarify Amazon EC2 installation 1888 * 'Base' image is deprecated and should no longer be referenced in the docs. 1889 * Move note about officially supported kernel 1890 - Solved the logo being squished in Safari 1891 1892 #### Builder 1893 1894 + Add USER instruction do Dockerfile 1895 + Add workdir support for the Buildfile 1896 * Add no cache for docker build 1897 - Fix docker build and docker events output 1898 - Only count known instructions as build steps 1899 - Make sure ENV instruction within build perform a commit each time 1900 - Forbid certain paths within docker build ADD 1901 - Repository name (and optionally a tag) in build usage 1902 - Make sure ADD will create everything in 0755 1903 1904 #### Remote API 1905 1906 * Sort Images by most recent creation date. 1907 * Reworking opaque requests in registry module 1908 * Add image name in /events 1909 * Use mime pkg to parse Content-Type 1910 * 650 http utils and user agent field 1911 1912 #### Hack 1913 1914 + Bash Completion: Limit commands to containers of a relevant state 1915 * Add docker dependencies coverage testing into docker-ci 1916 1917 #### Packaging 1918 1919 + Docker-brew 0.5.2 support and memory footprint reduction 1920 * Add new docker dependencies into docker-ci 1921 - Revert "docker.upstart: avoid spawning a `sh` process" 1922 + Docker-brew and Docker standard library 1923 + Release docker with docker 1924 * Fix the upstart script generated by get.docker.io 1925 * Enabled the docs to generate manpages. 1926 * Revert Bind daemon to 0.0.0.0 in Vagrant. 1927 1928 #### Register 1929 1930 * Improve auth push 1931 * Registry unit tests + mock registry 1932 1933 #### Tests 1934 1935 * Improve TestKillDifferentUser to prevent timeout on buildbot 1936 - Fix typo in TestBindMounts (runContainer called without image) 1937 * Improve TestGetContainersTop so it does not rely on sleep 1938 * Relax the lo interface test to allow iface index != 1 1939 * Add registry functional test to docker-ci 1940 * Add some tests in server and utils 1941 1942 #### Other 1943 1944 * Contrib: bash completion script 1945 * Client: Add docker cp command and copy api endpoint to copy container files/folders to the host 1946 * Don`t read from stdout when only attached to stdin 1947 1948 ## 0.5.3 (2013-08-13) 1949 1950 #### Runtime 1951 1952 * Use docker group for socket permissions 1953 - Spawn shell within upstart script 1954 - Handle ip route showing mask-less IP addresses 1955 - Add hostname to environment 1956 1957 #### Builder 1958 1959 - Make sure ENV instruction within build perform a commit each time 1960 1961 ## 0.5.2 (2013-08-08) 1962 1963 * Builder: Forbid certain paths within docker build ADD 1964 - Runtime: Change network range to avoid conflict with EC2 DNS 1965 * API: Change daemon to listen on unix socket by default 1966 1967 ## 0.5.1 (2013-07-30) 1968 1969 #### Runtime 1970 1971 + Add `ps` args to `docker top` 1972 + Add support for container ID files (pidfile like) 1973 + Add container=lxc in default env 1974 + Support networkless containers with `docker run -n` and `docker -d -b=none` 1975 * Stdout/stderr logs are now stored in the same file as JSON 1976 * Allocate a /16 IP range by default, with fallback to /24. Try 12 ranges instead of 3. 1977 * Change .dockercfg format to json and support multiple auth remote 1978 - Do not override volumes from config 1979 - Fix issue with EXPOSE override 1980 1981 #### API 1982 1983 + Docker client now sets useragent (RFC 2616) 1984 + Add /events endpoint 1985 1986 #### Builder 1987 1988 + ADD command now understands URLs 1989 + CmdAdd and CmdEnv now respect Dockerfile-set ENV variables 1990 - Create directories with 755 instead of 700 within ADD instruction 1991 1992 #### Hack 1993 1994 * Simplify unit tests with helpers 1995 * Improve docker.upstart event 1996 * Add coverage testing into docker-ci 1997 1998 ## 0.5.0 (2013-07-17) 1999 2000 #### Runtime 2001 2002 + List all processes running inside a container with 'docker top' 2003 + Host directories can be mounted as volumes with 'docker run -v' 2004 + Containers can expose public UDP ports (eg, '-p 123/udp') 2005 + Optionally specify an exact public port (eg. '-p 80:4500') 2006 * 'docker login' supports additional options 2007 - Don't save a container`s hostname when committing an image. 2008 2009 #### Registry 2010 2011 + New image naming scheme inspired by Go packaging convention allows arbitrary combinations of registries 2012 - Fix issues when uploading images to a private registry 2013 2014 #### Builder 2015 2016 + ENTRYPOINT instruction sets a default binary entry point to a container 2017 + VOLUME instruction marks a part of the container as persistent data 2018 * 'docker build' displays the full output of a build by default 2019 2020 ## 0.4.8 (2013-07-01) 2021 2022 + Builder: New build operation ENTRYPOINT adds an executable entry point to the container. - Runtime: Fix a bug which caused 'docker run -d' to no longer print the container ID. 2023 - Tests: Fix issues in the test suite 2024 2025 ## 0.4.7 (2013-06-28) 2026 2027 #### Remote API 2028 2029 * The progress bar updates faster when downloading and uploading large files 2030 - Fix a bug in the optional unix socket transport 2031 2032 #### Runtime 2033 2034 * Improve detection of kernel version 2035 + Host directories can be mounted as volumes with 'docker run -b' 2036 - fix an issue when only attaching to stdin 2037 * Use 'tar --numeric-owner' to avoid uid mismatch across multiple hosts 2038 2039 #### Hack 2040 2041 * Improve test suite and dev environment 2042 * Remove dependency on unit tests on 'os/user' 2043 2044 #### Other 2045 2046 * Registry: easier push/pull to a custom registry 2047 + Documentation: add terminology section 2048 2049 ## 0.4.6 (2013-06-22) 2050 2051 - Runtime: fix a bug which caused creation of empty images (and volumes) to crash. 2052 2053 ## 0.4.5 (2013-06-21) 2054 2055 + Builder: 'docker build git://URL' fetches and builds a remote git repository 2056 * Runtime: 'docker ps -s' optionally prints container size 2057 * Tests: improved and simplified 2058 - Runtime: fix a regression introduced in 0.4.3 which caused the logs command to fail. 2059 - Builder: fix a regression when using ADD with single regular file. 2060 2061 ## 0.4.4 (2013-06-19) 2062 2063 - Builder: fix a regression introduced in 0.4.3 which caused builds to fail on new clients. 2064 2065 ## 0.4.3 (2013-06-19) 2066 2067 #### Builder 2068 2069 + ADD of a local file will detect tar archives and unpack them 2070 * ADD improvements: use tar for copy + automatically unpack local archives 2071 * ADD uses tar/untar for copies instead of calling 'cp -ar' 2072 * Fix the behavior of ADD to be (mostly) reverse-compatible, predictable and well-documented. 2073 - Fix a bug which caused builds to fail if ADD was the first command 2074 * Nicer output for 'docker build' 2075 2076 #### Runtime 2077 2078 * Remove bsdtar dependency 2079 * Add unix socket and multiple -H support 2080 * Prevent rm of running containers 2081 * Use go1.1 cookiejar 2082 - Fix issue detaching from running TTY container 2083 - Forbid parallel push/pull for a single image/repo. Fixes #311 2084 - Fix race condition within Run command when attaching. 2085 2086 #### Client 2087 2088 * HumanReadable ProgressBar sizes in pull 2089 * Fix docker version`s git commit output 2090 2091 #### API 2092 2093 * Send all tags on History API call 2094 * Add tag lookup to history command. Fixes #882 2095 2096 #### Documentation 2097 2098 - Fix missing command in irc bouncer example 2099 2100 ## 0.4.2 (2013-06-17) 2101 2102 - Packaging: Bumped version to work around an Ubuntu bug 2103 2104 ## 0.4.1 (2013-06-17) 2105 2106 #### Remote Api 2107 2108 + Add flag to enable cross domain requests 2109 + Add images and containers sizes in docker ps and docker images 2110 2111 #### Runtime 2112 2113 + Configure dns configuration host-wide with 'docker -d -dns' 2114 + Detect faulty DNS configuration and replace it with a public default 2115 + Allow docker run <name>:<id> 2116 + You can now specify public port (ex: -p 80:4500) 2117 * Improve image removal to garbage-collect unreferenced parents 2118 2119 #### Client 2120 2121 * Allow multiple params in inspect 2122 * Print the container id before the hijack in `docker run` 2123 2124 #### Registry 2125 2126 * Add regexp check on repo`s name 2127 * Move auth to the client 2128 - Remove login check on pull 2129 2130 #### Other 2131 2132 * Vagrantfile: Add the rest api port to vagrantfile`s port_forward 2133 * Upgrade to Go 1.1 2134 - Builder: don`t ignore last line in Dockerfile when it doesn`t end with \n 2135 2136 ## 0.4.0 (2013-06-03) 2137 2138 #### Builder 2139 2140 + Introducing Builder 2141 + 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile 2142 2143 #### Remote API 2144 2145 + Introducing Remote API 2146 + control Docker programmatically using a simple HTTP/json API 2147 2148 #### Runtime 2149 2150 * Various reliability and usability improvements 2151 2152 ## 0.3.4 (2013-05-30) 2153 2154 #### Builder 2155 2156 + 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile 2157 + 'docker build -t FOO' applies the tag FOO to the newly built container. 2158 2159 #### Runtime 2160 2161 + Interactive TTYs correctly handle window resize 2162 * Fix how configuration is merged between layers 2163 2164 #### Remote API 2165 2166 + Split stdout and stderr on 'docker run' 2167 + Optionally listen on a different IP and port (use at your own risk) 2168 2169 #### Documentation 2170 2171 * Improve install instructions. 2172 2173 ## 0.3.3 (2013-05-23) 2174 2175 - Registry: Fix push regression 2176 - Various bugfixes 2177 2178 ## 0.3.2 (2013-05-09) 2179 2180 #### Registry 2181 2182 * Improve the checksum process 2183 * Use the size to have a good progress bar while pushing 2184 * Use the actual archive if it exists in order to speed up the push 2185 - Fix error 400 on push 2186 2187 #### Runtime 2188 2189 * Store the actual archive on commit 2190 2191 ## 0.3.1 (2013-05-08) 2192 2193 #### Builder 2194 2195 + Implement the autorun capability within docker builder 2196 + Add caching to docker builder 2197 + Add support for docker builder with native API as top level command 2198 + Implement ENV within docker builder 2199 - Check the command existence prior create and add Unit tests for the case 2200 * use any whitespaces instead of tabs 2201 2202 #### Runtime 2203 2204 + Add go version to debug infos 2205 * Kernel version - don`t show the dash if flavor is empty 2206 2207 #### Registry 2208 2209 + Add docker search top level command in order to search a repository 2210 - Fix pull for official images with specific tag 2211 - Fix issue when login in with a different user and trying to push 2212 * Improve checksum - async calculation 2213 2214 #### Images 2215 2216 + Output graph of images to dot (graphviz) 2217 - Fix ByParent function 2218 2219 #### Documentation 2220 2221 + New introduction and high-level overview 2222 + Add the documentation for docker builder 2223 - CSS fix for docker documentation to make REST API docs look better. 2224 - Fix CouchDB example page header mistake 2225 - Fix README formatting 2226 * Update www.docker.io website. 2227 2228 #### Other 2229 2230 + Website: new high-level overview 2231 - Makefile: Swap "go get" for "go get -d", especially to compile on go1.1rc 2232 * Packaging: packaging ubuntu; issue #510: Use goland-stable PPA package to build docker 2233 2234 ## 0.3.0 (2013-05-06) 2235 2236 #### Runtime 2237 2238 - Fix the command existence check 2239 - strings.Split may return an empty string on no match 2240 - Fix an index out of range crash if cgroup memory is not 2241 2242 #### Documentation 2243 2244 * Various improvements 2245 + New example: sharing data between 2 couchdb databases 2246 2247 #### Other 2248 2249 * Vagrant: Use only one deb line in /etc/apt 2250 + Registry: Implement the new registry 2251 2252 ## 0.2.2 (2013-05-03) 2253 2254 + Support for data volumes ('docker run -v=PATH') 2255 + Share data volumes between containers ('docker run -volumes-from') 2256 + Improve documentation 2257 * Upgrade to Go 1.0.3 2258 * Various upgrades to the dev environment for contributors 2259 2260 ## 0.2.1 (2013-05-01) 2261 2262 + 'docker commit -run' bundles a layer with default runtime options: command, ports etc. 2263 * Improve install process on Vagrant 2264 + New Dockerfile operation: "maintainer" 2265 + New Dockerfile operation: "expose" 2266 + New Dockerfile operation: "cmd" 2267 + Contrib script to build a Debian base layer 2268 + 'docker -d -r': restart crashed containers at daemon startup 2269 * Runtime: improve test coverage 2270 2271 ## 0.2.0 (2013-04-23) 2272 2273 - Runtime: ghost containers can be killed and waited for 2274 * Documentation: update install instructions 2275 - Packaging: fix Vagrantfile 2276 - Development: automate releasing binaries and ubuntu packages 2277 + Add a changelog 2278 - Various bugfixes 2279 2280 ## 0.1.8 (2013-04-22) 2281 2282 - Dynamically detect cgroup capabilities 2283 - Issue stability warning on kernels <3.8 2284 - 'docker push' buffers on disk instead of memory 2285 - Fix 'docker diff' for removed files 2286 - Fix 'docker stop' for ghost containers 2287 - Fix handling of pidfile 2288 - Various bugfixes and stability improvements 2289 2290 ## 0.1.7 (2013-04-18) 2291 2292 - Container ports are available on localhost 2293 - 'docker ps' shows allocated TCP ports 2294 - Contributors can run 'make hack' to start a continuous integration VM 2295 - Streamline ubuntu packaging & uploading 2296 - Various bugfixes and stability improvements 2297 2298 ## 0.1.6 (2013-04-17) 2299 2300 - Record the author an image with 'docker commit -author' 2301 2302 ## 0.1.5 (2013-04-17) 2303 2304 - Disable standalone mode 2305 - Use a custom DNS resolver with 'docker -d -dns' 2306 - Detect ghost containers 2307 - Improve diagnosis of missing system capabilities 2308 - Allow disabling memory limits at compile time 2309 - Add debian packaging 2310 - Documentation: installing on Arch Linux 2311 - Documentation: running Redis on docker 2312 - Fix lxc 0.9 compatibility 2313 - Automatically load aufs module 2314 - Various bugfixes and stability improvements 2315 2316 ## 0.1.4 (2013-04-09) 2317 2318 - Full support for TTY emulation 2319 - Detach from a TTY session with the escape sequence `C-p C-q` 2320 - Various bugfixes and stability improvements 2321 - Minor UI improvements 2322 - Automatically create our own bridge interface 'docker0' 2323 2324 ## 0.1.3 (2013-04-04) 2325 2326 - Choose TCP frontend port with '-p :PORT' 2327 - Layer format is versioned 2328 - Major reliability improvements to the process manager 2329 - Various bugfixes and stability improvements 2330 2331 ## 0.1.2 (2013-04-03) 2332 2333 - Set container hostname with 'docker run -h' 2334 - Selective attach at run with 'docker run -a [stdin[,stdout[,stderr]]]' 2335 - Various bugfixes and stability improvements 2336 - UI polish 2337 - Progress bar on push/pull 2338 - Use XZ compression by default 2339 - Make IP allocator lazy 2340 2341 ## 0.1.1 (2013-03-31) 2342 2343 - Display shorthand IDs for convenience 2344 - Stabilize process management 2345 - Layers can include a commit message 2346 - Simplified 'docker attach' 2347 - Fix support for re-attaching 2348 - Various bugfixes and stability improvements 2349 - Auto-download at run 2350 - Auto-login on push 2351 - Beefed up documentation 2352 2353 ## 0.1.0 (2013-03-23) 2354 2355 Initial public release 2356 2357 - Implement registry in order to push/pull images 2358 - TCP port allocation 2359 - Fix termcaps on Linux 2360 - Add documentation 2361 - Add Vagrant support with Vagrantfile 2362 - Add unit tests 2363 - Add repository/tags to ease image management 2364 - Improve the layer implementation