github.com/lazyboychen7/engine@v17.12.1-ce-rc2+incompatible/CHANGELOG.md (about) 1 # Changelog 2 3 Items starting with `DEPRECATE` are important deprecation notices. For more 4 information on the list of deprecated flags and APIs please have a look at 5 https://docs.docker.com/engine/deprecated/ where target removal dates can also 6 be found. 7 8 ## 17.05.0-ce (2017-05-04) 9 10 ### Builder 11 12 + Add multi-stage build support [#31257](https://github.com/docker/docker/pull/31257) [#32063](https://github.com/docker/docker/pull/32063) 13 + Allow using build-time args (`ARG`) in `FROM` [#31352](https://github.com/docker/docker/pull/31352) 14 + Add an option for specifying build target [#32496](https://github.com/docker/docker/pull/32496) 15 * Accept `-f -` to read Dockerfile from `stdin`, but use local context for building [#31236](https://github.com/docker/docker/pull/31236) 16 * The values of default build time arguments (e.g `HTTP_PROXY`) are no longer displayed in docker image history unless a corresponding `ARG` instruction is written in the Dockerfile. [#31584](https://github.com/docker/docker/pull/31584) 17 - Fix setting command if a custom shell is used in a parent image [#32236](https://github.com/docker/docker/pull/32236) 18 - Fix `docker build --label` when the label includes single quotes and a space [#31750](https://github.com/docker/docker/pull/31750) 19 20 ### Client 21 22 * Add `--mount` flag to `docker run` and `docker create` [#32251](https://github.com/docker/docker/pull/32251) 23 * Add `--type=secret` to `docker inspect` [#32124](https://github.com/docker/docker/pull/32124) 24 * Add `--format` option to `docker secret ls` [#31552](https://github.com/docker/docker/pull/31552) 25 * Add `--filter` option to `docker secret ls` [#30810](https://github.com/docker/docker/pull/30810) 26 * Add `--filter scope=<swarm|local>` to `docker network ls` [#31529](https://github.com/docker/docker/pull/31529) 27 * Add `--cpus` support to `docker update` [#31148](https://github.com/docker/docker/pull/31148) 28 * Add label filter to `docker system prune` and other `prune` commands [#30740](https://github.com/docker/docker/pull/30740) 29 * `docker stack rm` now accepts multiple stacks as input [#32110](https://github.com/docker/docker/pull/32110) 30 * Improve `docker version --format` option when the client has downgraded the API version [#31022](https://github.com/docker/docker/pull/31022) 31 * Prompt when using an encrypted client certificate to connect to a docker daemon [#31364](https://github.com/docker/docker/pull/31364) 32 * Display created tags on successful `docker build` [#32077](https://github.com/docker/docker/pull/32077) 33 * Cleanup compose convert error messages [#32087](https://github.com/moby/moby/pull/32087) 34 35 ### Contrib 36 37 + Add support for building docker debs for Ubuntu 17.04 Zesty on amd64 [#32435](https://github.com/docker/docker/pull/32435) 38 39 ### Daemon 40 41 - Fix `--api-cors-header` being ignored if `--api-enable-cors` is not set [#32174](https://github.com/docker/docker/pull/32174) 42 - Cleanup docker tmp dir on start [#31741](https://github.com/docker/docker/pull/31741) 43 - Deprecate `--graph` flag in favor or `--data-root` [#28696](https://github.com/docker/docker/pull/28696) 44 45 ### Logging 46 47 + Add support for logging driver plugins [#28403](https://github.com/docker/docker/pull/28403) 48 * Add support for showing logs of individual tasks to `docker service logs`, and add `/task/{id}/logs` REST endpoint [#32015](https://github.com/docker/docker/pull/32015) 49 * Add `--log-opt env-regex` option to match environment variables using a regular expression [#27565](https://github.com/docker/docker/pull/27565) 50 51 ### Networking 52 53 + Allow user to replace, and customize the ingress network [#31714](https://github.com/docker/docker/pull/31714) 54 - Fix UDP traffic in containers not working after the container is restarted [#32505](https://github.com/docker/docker/pull/32505) 55 - Fix files being written to `/var/lib/docker` if a different data-root is set [#32505](https://github.com/docker/docker/pull/32505) 56 57 ### Runtime 58 59 - Ensure health probe is stopped when a container exits [#32274](https://github.com/docker/docker/pull/32274) 60 61 ### Swarm Mode 62 63 + Add update/rollback order for services (`--update-order` / `--rollback-order`) [#30261](https://github.com/docker/docker/pull/30261) 64 + Add support for synchronous `service create` and `service update` [#31144](https://github.com/docker/docker/pull/31144) 65 + Add support for "grace periods" on healthchecks through the `HEALTHCHECK --start-period` and `--health-start-period` flag to 66 `docker service create`, `docker service update`, `docker create`, and `docker run` to support containers with an initial startup 67 time [#28938](https://github.com/docker/docker/pull/28938) 68 * `docker service create` now omits fields that are not specified by the user, when possible. This will allow defaults to be applied inside the manager [#32284](https://github.com/docker/docker/pull/32284) 69 * `docker service inspect` now shows default values for fields that are not specified by the user [#32284](https://github.com/docker/docker/pull/32284) 70 * Move `docker service logs` out of experimental [#32462](https://github.com/docker/docker/pull/32462) 71 * Add support for Credential Spec and SELinux to services to the API [#32339](https://github.com/docker/docker/pull/32339) 72 * Add `--entrypoint` flag to `docker service create` and `docker service update` [#29228](https://github.com/docker/docker/pull/29228) 73 * Add `--network-add` and `--network-rm` to `docker service update` [#32062](https://github.com/docker/docker/pull/32062) 74 * Add `--credential-spec` flag to `docker service create` and `docker service update` [#32339](https://github.com/docker/docker/pull/32339) 75 * Add `--filter mode=<global|replicated>` to `docker service ls` [#31538](https://github.com/docker/docker/pull/31538) 76 * Resolve network IDs on the client side, instead of in the daemon when creating services [#32062](https://github.com/docker/docker/pull/32062) 77 * Add `--format` option to `docker node ls` [#30424](https://github.com/docker/docker/pull/30424) 78 * Add `--prune` option to `docker stack deploy` to remove services that are no longer defined in the docker-compose file [#31302](https://github.com/docker/docker/pull/31302) 79 * Add `PORTS` column for `docker service ls` when using `ingress` mode [#30813](https://github.com/docker/docker/pull/30813) 80 - Fix unnescessary re-deploying of tasks when environment-variables are used [#32364](https://github.com/docker/docker/pull/32364) 81 - Fix `docker stack deploy` not supporting `endpoint_mode` when deploying from a docker compose file [#32333](https://github.com/docker/docker/pull/32333) 82 - Proceed with startup if cluster component cannot be created to allow recovering from a broken swarm setup [#31631](https://github.com/docker/docker/pull/31631) 83 84 ### Security 85 86 * Allow setting SELinux type or MCS labels when using `--ipc=container:` or `--ipc=host` [#30652](https://github.com/docker/docker/pull/30652) 87 88 89 ### Deprecation 90 91 - Deprecate `--api-enable-cors` daemon flag. This flag was marked deprecated in Docker 1.6.0 but not listed in deprecated features [#32352](https://github.com/docker/docker/pull/32352) 92 - Remove Ubuntu 12.04 (Precise Pangolin) as supported platform. Ubuntu 12.04 is EOL, and no longer receives updates [#32520](https://github.com/docker/docker/pull/32520) 93 94 ## 17.04.0-ce (2017-04-05) 95 96 ### Builder 97 98 * Disable container logging for build containers [#29552](https://github.com/docker/docker/pull/29552) 99 * Fix use of `**/` in `.dockerignore` [#29043](https://github.com/docker/docker/pull/29043) 100 101 ### Client 102 103 + Sort `docker stack ls` by name [#31085](https://github.com/docker/docker/pull/31085) 104 + Flags for specifying bind mount consistency [#31047](https://github.com/docker/docker/pull/31047) 105 * Output of docker CLI --help is now wrapped to the terminal width [#28751](https://github.com/docker/docker/pull/28751) 106 * Suppress image digest in docker ps [#30848](https://github.com/docker/docker/pull/30848) 107 * Hide command options that are related to Windows [#30788](https://github.com/docker/docker/pull/30788) 108 * Fix `docker plugin install` prompt to accept "enter" for the "N" default [#30769](https://github.com/docker/docker/pull/30769) 109 + Add `truncate` function for Go templates [#30484](https://github.com/docker/docker/pull/30484) 110 * Support expanded syntax of ports in `stack deploy` [#30476](https://github.com/docker/docker/pull/30476) 111 * Support expanded syntax of mounts in `stack deploy` [#30597](https://github.com/docker/docker/pull/30597) [#31795](https://github.com/docker/docker/pull/31795) 112 + Add `--add-host` for docker build [#30383](https://github.com/docker/docker/pull/30383) 113 + Add `.CreatedAt` placeholder for `docker network ls --format` [#29900](https://github.com/docker/docker/pull/29900) 114 * Update order of `--secret-rm` and `--secret-add` [#29802](https://github.com/docker/docker/pull/29802) 115 + Add `--filter enabled=true` for `docker plugin ls` [#28627](https://github.com/docker/docker/pull/28627) 116 + Add `--format` to `docker service ls` [#28199](https://github.com/docker/docker/pull/28199) 117 + Add `publish` and `expose` filter for `docker ps --filter` [#27557](https://github.com/docker/docker/pull/27557) 118 * Support multiple service IDs on `docker service ps` [#25234](https://github.com/docker/docker/pull/25234) 119 + Allow swarm join with `--availability=drain` [#24993](https://github.com/docker/docker/pull/24993) 120 * Docker inspect now shows "docker-default" when AppArmor is enabled and no other profile was defined [#27083](https://github.com/docker/docker/pull/27083) 121 122 ### Logging 123 124 + Implement optional ring buffer for container logs [#28762](https://github.com/docker/docker/pull/28762) 125 + Add `--log-opt awslogs-create-group=<true|false>` for awslogs (CloudWatch) to support creation of log groups as needed [#29504](https://github.com/docker/docker/pull/29504) 126 - Fix segfault when using the gcplogs logging driver with a "static" binary [#29478](https://github.com/docker/docker/pull/29478) 127 128 129 ### Networking 130 131 * Check parameter `--ip`, `--ip6` and `--link-local-ip` in `docker network connect` [#30807](https://github.com/docker/docker/pull/30807) 132 + Added support for `dns-search` [#30117](https://github.com/docker/docker/pull/30117) 133 + Added --verbose option for docker network inspect to show task details from all swarm nodes [#31710](https://github.com/docker/docker/pull/31710) 134 * Clear stale datapath encryption states when joining the cluster [docker/libnetwork#1354](https://github.com/docker/libnetwork/pull/1354) 135 + Ensure iptables initialization only happens once [docker/libnetwork#1676](https://github.com/docker/libnetwork/pull/1676) 136 * Fix bad order of iptables filter rules [docker/libnetwork#961](https://github.com/docker/libnetwork/pull/961) 137 + Add anonymous container alias to service record on attachable network [docker/libnetwork#1651](https://github.com/docker/libnetwork/pull/1651) 138 + Support for `com.docker.network.container_interface_prefix` driver label [docker/libnetwork#1667](https://github.com/docker/libnetwork/pull/1667) 139 + Improve network list performance by omitting network details that are not used [#30673](https://github.com/docker/docker/pull/30673) 140 141 ### Runtime 142 143 * Handle paused container when restoring without live-restore set [#31704](https://github.com/docker/docker/pull/31704) 144 - Do not allow sub second in healthcheck options in Dockerfile [#31177](https://github.com/docker/docker/pull/31177) 145 * Support name and id prefix in `secret update` [#30856](https://github.com/docker/docker/pull/30856) 146 * Use binary frame for websocket attach endpoint [#30460](https://github.com/docker/docker/pull/30460) 147 * Fix linux mount calls not applying propagation type changes [#30416](https://github.com/docker/docker/pull/30416) 148 * Fix ExecIds leak on failed `exec -i` [#30340](https://github.com/docker/docker/pull/30340) 149 * Prune named but untagged images if `danglingOnly=true` [#30330](https://github.com/docker/docker/pull/30330) 150 + Add daemon flag to set `no_new_priv` as default for unprivileged containers [#29984](https://github.com/docker/docker/pull/29984) 151 + Add daemon option `--default-shm-size` [#29692](https://github.com/docker/docker/pull/29692) 152 + Support registry mirror config reload [#29650](https://github.com/docker/docker/pull/29650) 153 - Ignore the daemon log config when building images [#29552](https://github.com/docker/docker/pull/29552) 154 * Move secret name or ID prefix resolving from client to daemon [#29218](https://github.com/docker/docker/pull/29218) 155 + Allow adding rules to `cgroup devices.allow` on container create/run [#22563](https://github.com/docker/docker/pull/22563) 156 - Fix `cpu.cfs_quota_us` being reset when running `systemd daemon-reload` [#31736](https://github.com/docker/docker/pull/31736) 157 158 ### Swarm Mode 159 160 + Topology-aware scheduling [#30725](https://github.com/docker/docker/pull/30725) 161 + Automatic service rollback on failure [#31108](https://github.com/docker/docker/pull/31108) 162 + Worker and manager on the same node are now connected through a UNIX socket [docker/swarmkit#1828](https://github.com/docker/swarmkit/pull/1828), [docker/swarmkit#1850](https://github.com/docker/swarmkit/pull/1850), [docker/swarmkit#1851](https://github.com/docker/swarmkit/pull/1851) 163 * Improve raft transport package [docker/swarmkit#1748](https://github.com/docker/swarmkit/pull/1748) 164 * No automatic manager shutdown on demotion/removal [docker/swarmkit#1829](https://github.com/docker/swarmkit/pull/1829) 165 * Use TransferLeadership to make leader demotion safer [docker/swarmkit#1939](https://github.com/docker/swarmkit/pull/1939) 166 * Decrease default monitoring period [docker/swarmkit#1967](https://github.com/docker/swarmkit/pull/1967) 167 + Add Service logs formatting [#31672](https://github.com/docker/docker/pull/31672) 168 * Fix service logs API to be able to specify stream [#31313](https://github.com/docker/docker/pull/31313) 169 + Add `--stop-signal` for `service create` and `service update` [#30754](https://github.com/docker/docker/pull/30754) 170 + Add `--read-only` for `service create` and `service update` [#30162](https://github.com/docker/docker/pull/30162) 171 + Renew the context after communicating with the registry [#31586](https://github.com/docker/docker/pull/31586) 172 + (experimental) Add `--tail` and `--since` options to `docker service logs` [#31500](https://github.com/docker/docker/pull/31500) 173 + (experimental) Add `--no-task-ids` and `--no-trunc` options to `docker service logs` [#31672](https://github.com/docker/docker/pull/31672) 174 175 ### Windows 176 177 * Block pulling Windows images on non-Windows daemons [#29001](https://github.com/docker/docker/pull/29001) 178 179 ## 17.03.1-ce (2017-03-27) 180 181 ### Remote API (v1.27) & Client 182 183 * Fix autoremove on older api [#31692](https://github.com/docker/docker/pull/31692) 184 * Fix default network customization for a stack [#31258](https://github.com/docker/docker/pull/31258/) 185 * Correct CPU usage calculation in presence of offline CPUs and newer Linux [#31802](https://github.com/docker/docker/pull/31802) 186 * Fix issue where service healthcheck is `{}` in remote API [#30197](https://github.com/docker/docker/pull/30197) 187 188 ### Runtime 189 190 * Update runc to 54296cf40ad8143b62dbcaa1d90e520a2136ddfe [#31666](https://github.com/docker/docker/pull/31666) 191 * Ignore cgroup2 mountpoints [opencontainers/runc#1266](https://github.com/opencontainers/runc/pull/1266) 192 * Update containerd to 4ab9917febca54791c5f071a9d1f404867857fcc [#31662](https://github.com/docker/docker/pull/31662) [#31852](https://github.com/docker/docker/pull/31852) 193 * Register healthcheck service before calling restore() [docker/containerd#609](https://github.com/docker/containerd/pull/609) 194 * Fix `docker exec` not working after unattended upgrades that reload apparmor profiles [#31773](https://github.com/docker/docker/pull/31773) 195 * Fix unmounting layer without merge dir with Overlay2 [#31069](https://github.com/docker/docker/pull/31069) 196 * Do not ignore "volume in use" errors when force-delete [#31450](https://github.com/docker/docker/pull/31450) 197 198 ### Swarm Mode 199 200 * Update swarmkit to 17756457ad6dc4d8a639a1f0b7a85d1b65a617bb [#31807](https://github.com/docker/docker/pull/31807) 201 * Scheduler now correctly considers tasks which have been assigned to a node but aren't yet running [docker/swarmkit#1980](https://github.com/docker/swarmkit/pull/1980) 202 * Allow removal of a network when only dead tasks reference it [docker/swarmkit#2018](https://github.com/docker/swarmkit/pull/2018) 203 * Retry failed network allocations less aggressively [docker/swarmkit#2021](https://github.com/docker/swarmkit/pull/2021) 204 * Avoid network allocation for tasks that are no longer running [docker/swarmkit#2017](https://github.com/docker/swarmkit/pull/2017) 205 * Bookkeeping fixes inside network allocator allocator [docker/swarmkit#2019](https://github.com/docker/swarmkit/pull/2019) [docker/swarmkit#2020](https://github.com/docker/swarmkit/pull/2020) 206 207 ### Windows 208 209 * Cleanup HCS on restore [#31503](https://github.com/docker/docker/pull/31503) 210 211 ## 17.03.0-ce (2017-03-01) 212 213 **IMPORTANT**: Starting with this release, Docker is on a monthly release cycle and uses a 214 new YY.MM versioning scheme to reflect this. Two channels are available: monthly and quarterly. 215 Any given monthly release will only receive security and bugfixes until the next monthly 216 release is available. Quarterly releases receive security and bugfixes for 4 months after 217 initial release. This release includes bugfixes for 1.13.1 but 218 there are no major feature additions and the API version stays the same. 219 Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk. 220 221 ### Client 222 223 * Fix panic in `docker stats --format` [#30776](https://github.com/docker/docker/pull/30776) 224 225 ### Contrib 226 227 * Update various `bash` and `zsh` completion scripts [#30823](https://github.com/docker/docker/pull/30823), [#30945](https://github.com/docker/docker/pull/30945) and more... 228 * Block obsolete socket families in default seccomp profile - mitigates unpatched kernels' CVE-2017-6074 [#29076](https://github.com/docker/docker/pull/29076) 229 230 ### Networking 231 232 * Fix bug on overlay encryption keys rotation in cross-datacenter swarm [#30727](https://github.com/docker/docker/pull/30727) 233 * Fix side effect panic in overlay encryption and network control plane communication failure ("No installed keys could decrypt the message") on frequent swarm leader re-election [#25608](https://github.com/docker/docker/pull/25608) 234 * Several fixes around system responsiveness and datapath programming when using overlay network with external kv-store [docker/libnetwork#1639](https://github.com/docker/libnetwork/pull/1639), [docker/libnetwork#1632](https://github.com/docker/libnetwork/pull/1632) and more... 235 * Discard incoming plain vxlan packets for encrypted overlay network [#31170](https://github.com/docker/docker/pull/31170) 236 * Release the network attachment on allocation failure [#31073](https://github.com/docker/docker/pull/31073) 237 * Fix port allocation when multiple published ports map to the same target port [docker/swarmkit#1835](https://github.com/docker/swarmkit/pull/1835) 238 239 ### Runtime 240 241 * Fix a deadlock in docker logs [#30223](https://github.com/docker/docker/pull/30223) 242 * Fix cpu spin waiting for log write events [#31070](https://github.com/docker/docker/pull/31070) 243 * Fix a possible crash when using journald [#31231](https://github.com/docker/docker/pull/31231) [#31263](https://github.com/docker/docker/pull/31263) 244 * Fix a panic on close of nil channel [#31274](https://github.com/docker/docker/pull/31274) 245 * Fix duplicate mount point for `--volumes-from` in `docker run` [#29563](https://github.com/docker/docker/pull/29563) 246 * Fix `--cache-from` does not cache last step [#31189](https://github.com/docker/docker/pull/31189) 247 248 ### Swarm Mode 249 250 * Shutdown leaks an error when the container was never started [#31279](https://github.com/docker/docker/pull/31279) 251 * Fix possibility of tasks getting stuck in the "NEW" state during a leader failover [docker/swarmkit#1938](https://github.com/docker/swarmkit/pull/1938) 252 * Fix extraneous task creations for global services that led to confusing replica counts in `docker service ls` [docker/swarmkit#1957](https://github.com/docker/swarmkit/pull/1957) 253 * Fix problem that made rolling updates slow when `task-history-limit` was set to 1 [docker/swarmkit#1948](https://github.com/docker/swarmkit/pull/1948) 254 * Restart tasks elsewhere, if appropriate, when they are shut down as a result of nodes no longer satisfying constraints [docker/swarmkit#1958](https://github.com/docker/swarmkit/pull/1958) 255 * (experimental) 256 257 ## 1.13.1 (2017-02-08) 258 259 **IMPORTANT**: On Linux distributions where `devicemapper` was the default storage driver, 260 the `overlay2`, or `overlay` is now used by default (if the kernel supports it). 261 To use devicemapper, you can manually configure the storage driver to use through 262 the `--storage-driver` daemon option, or by setting "storage-driver" in the `daemon.json` 263 configuration file. 264 265 **IMPORTANT**: In Docker 1.13, the managed plugin api changed, as compared to the experimental 266 version introduced in Docker 1.12. You must **uninstall** plugins which you installed with Docker 1.12 267 _before_ upgrading to Docker 1.13. You can uninstall plugins using the `docker plugin rm` command. 268 269 If you have already upgraded to Docker 1.13 without uninstalling 270 previously-installed plugins, you may see this message when the Docker daemon 271 starts: 272 273 Error starting daemon: json: cannot unmarshal string into Go value of type types.PluginEnv 274 275 To manually remove all plugins and resolve this problem, take the following steps: 276 277 1. Remove plugins.json from: `/var/lib/docker/plugins/`. 278 2. Restart Docker. Verify that the Docker daemon starts with no errors. 279 3. Reinstall your plugins. 280 281 ### Contrib 282 283 * Do not require a custom build of tini [#28454](https://github.com/docker/docker/pull/28454) 284 * Upgrade to Go 1.7.5 [#30489](https://github.com/docker/docker/pull/30489) 285 286 ### Remote API (v1.26) & Client 287 288 + Support secrets in docker stack deploy with compose file [#30144](https://github.com/docker/docker/pull/30144) 289 290 ### Runtime 291 292 * Fix size issue in `docker system df` [#30378](https://github.com/docker/docker/pull/30378) 293 * Fix error on `docker inspect` when Swarm certificates were expired. [#29246](https://github.com/docker/docker/pull/29246) 294 * Fix deadlock on v1 plugin with activate error [#30408](https://github.com/docker/docker/pull/30408) 295 * Fix SELinux regression [#30649](https://github.com/docker/docker/pull/30649) 296 297 ### Plugins 298 299 * Support global scoped network plugins (v2) in swarm mode [#30332](https://github.com/docker/docker/pull/30332) 300 + Add `docker plugin upgrade` [#29414](https://github.com/docker/docker/pull/29414) 301 302 ### Windows 303 304 * Fix small regression with old plugins in Windows [#30150](https://github.com/docker/docker/pull/30150) 305 * Fix warning on Windows [#30730](https://github.com/docker/docker/pull/30730) 306 307 ## 1.13.0 (2017-01-18) 308 309 **IMPORTANT**: On Linux distributions where `devicemapper` was the default storage driver, 310 the `overlay2`, or `overlay` is now used by default (if the kernel supports it). 311 To use devicemapper, you can manually configure the storage driver to use through 312 the `--storage-driver` daemon option, or by setting "storage-driver" in the `daemon.json` 313 configuration file. 314 315 **IMPORTANT**: In Docker 1.13, the managed plugin api changed, as compared to the experimental 316 version introduced in Docker 1.12. You must **uninstall** plugins which you installed with Docker 1.12 317 _before_ upgrading to Docker 1.13. You can uninstall plugins using the `docker plugin rm` command. 318 319 If you have already upgraded to Docker 1.13 without uninstalling 320 previously-installed plugins, you may see this message when the Docker daemon 321 starts: 322 323 Error starting daemon: json: cannot unmarshal string into Go value of type types.PluginEnv 324 325 To manually remove all plugins and resolve this problem, take the following steps: 326 327 1. Remove plugins.json from: `/var/lib/docker/plugins/`. 328 2. Restart Docker. Verify that the Docker daemon starts with no errors. 329 3. Reinstall your plugins. 330 331 ### Builder 332 333 + Add capability to specify images used as a cache source on build. These images do not need to have local parent chain and can be pulled from other registries [#26839](https://github.com/docker/docker/pull/26839) 334 + (experimental) Add option to squash image layers to the FROM image after successful builds [#22641](https://github.com/docker/docker/pull/22641) 335 * Fix dockerfile parser with empty line after escape [#24725](https://github.com/docker/docker/pull/24725) 336 - Add step number on `docker build` [#24978](https://github.com/docker/docker/pull/24978) 337 + Add support for compressing build context during image build [#25837](https://github.com/docker/docker/pull/25837) 338 + add `--network` to `docker build` [#27702](https://github.com/docker/docker/pull/27702) 339 - Fix inconsistent behavior between `--label` flag on `docker build` and `docker run` [#26027](https://github.com/docker/docker/issues/26027) 340 - Fix image layer inconsistencies when using the overlay storage driver [#27209](https://github.com/docker/docker/pull/27209) 341 * Unused build-args are now allowed. A warning is presented instead of an error and failed build [#27412](https://github.com/docker/docker/pull/27412) 342 - Fix builder cache issue on Windows [#27805](https://github.com/docker/docker/pull/27805) 343 + Allow `USER` in builder on Windows [#28415](https://github.com/docker/docker/pull/28415) 344 + Handle env case-insensitive on Windows [#28725](https://github.com/docker/docker/pull/28725) 345 346 ### Contrib 347 348 + Add support for building docker debs for Ubuntu 16.04 Xenial on PPC64LE [#23438](https://github.com/docker/docker/pull/23438) 349 + Add support for building docker debs for Ubuntu 16.04 Xenial on s390x [#26104](https://github.com/docker/docker/pull/26104) 350 + Add support for building docker debs for Ubuntu 16.10 Yakkety Yak on PPC64LE [#28046](https://github.com/docker/docker/pull/28046) 351 - Add RPM builder for VMWare Photon OS [#24116](https://github.com/docker/docker/pull/24116) 352 + Add shell completions to tgz [#27735](https://github.com/docker/docker/pull/27735) 353 * Update the install script to allow using the mirror in China [#27005](https://github.com/docker/docker/pull/27005) 354 + Add DEB builder for Ubuntu 16.10 Yakkety Yak [#27993](https://github.com/docker/docker/pull/27993) 355 + Add RPM builder for Fedora 25 [#28222](https://github.com/docker/docker/pull/28222) 356 + Add `make deb` support for aarch64 [#27625](https://github.com/docker/docker/pull/27625) 357 358 ### Distribution 359 360 * Update notary dependency to 0.4.2 (full changelogs [here](https://github.com/docker/notary/releases/tag/v0.4.2)) [#27074](https://github.com/docker/docker/pull/27074) 361 - Support for compilation on windows [docker/notary#970](https://github.com/docker/notary/pull/970) 362 - Improved error messages for client authentication errors [docker/notary#972](https://github.com/docker/notary/pull/972) 363 - Support for finding keys that are anywhere in the `~/.docker/trust/private` directory, not just under `~/.docker/trust/private/root_keys` or `~/.docker/trust/private/tuf_keys` [docker/notary#981](https://github.com/docker/notary/pull/981) 364 - Previously, on any error updating, the client would fall back on the cache. Now we only do so if there is a network error or if the server is unavailable or missing the TUF data. Invalid TUF data will cause the update to fail - for example if there was an invalid root rotation. [docker/notary#982](https://github.com/docker/notary/pull/982) 365 - Improve root validation and yubikey debug logging [docker/notary#858](https://github.com/docker/notary/pull/858) [docker/notary#891](https://github.com/docker/notary/pull/891) 366 - Warn if certificates for root or delegations are near expiry [docker/notary#802](https://github.com/docker/notary/pull/802) 367 - Warn if role metadata is near expiry [docker/notary#786](https://github.com/docker/notary/pull/786) 368 - Fix passphrase retrieval attempt counting and terminal detection [docker/notary#906](https://github.com/docker/notary/pull/906) 369 - Avoid unnecessary blob uploads when different users push same layers to authenticated registry [#26564](https://github.com/docker/docker/pull/26564) 370 * Allow external storage for registry credentials [#26354](https://github.com/docker/docker/pull/26354) 371 372 ### Logging 373 374 * Standardize the default logging tag value in all logging drivers [#22911](https://github.com/docker/docker/pull/22911) 375 - Improve performance and memory use when logging of long log lines [#22982](https://github.com/docker/docker/pull/22982) 376 + Enable syslog driver for windows [#25736](https://github.com/docker/docker/pull/25736) 377 + Add Logentries Driver [#27471](https://github.com/docker/docker/pull/27471) 378 + Update of AWS log driver to support tags [#27707](https://github.com/docker/docker/pull/27707) 379 + Unix socket support for fluentd [#26088](https://github.com/docker/docker/pull/26088) 380 * Enable fluentd logging driver on Windows [#28189](https://github.com/docker/docker/pull/28189) 381 - Sanitize docker labels when used as journald field names [#23725](https://github.com/docker/docker/pull/23725) 382 - Fix an issue where `docker logs --tail` returned less lines than expected [#28203](https://github.com/docker/docker/pull/28203) 383 - Splunk Logging Driver: performance and reliability improvements [#26207](https://github.com/docker/docker/pull/26207) 384 - Splunk Logging Driver: configurable formats and skip for verifying connection [#25786](https://github.com/docker/docker/pull/25786) 385 386 ### Networking 387 388 + Add `--attachable` network support to enable `docker run` to work in swarm-mode overlay network [#25962](https://github.com/docker/docker/pull/25962) 389 + Add support for host port PublishMode in services using the `--publish` option in `docker service create` [#27917](https://github.com/docker/docker/pull/27917) and [#28943](https://github.com/docker/docker/pull/28943) 390 + Add support for Windows server 2016 overlay network driver (requires upcoming ws2016 update) [#28182](https://github.com/docker/docker/pull/28182) 391 * Change the default `FORWARD` policy to `DROP` [#28257](https://github.com/docker/docker/pull/28257) 392 + Add support for specifying static IP addresses for predefined network on windows [#22208](https://github.com/docker/docker/pull/22208) 393 - Fix `--publish` flag on `docker run` not working with IPv6 addresses [#27860](https://github.com/docker/docker/pull/27860) 394 - Fix inspect network show gateway with mask [#25564](https://github.com/docker/docker/pull/25564) 395 - Fix an issue where multiple addresses in a bridge may cause `--fixed-cidr` to not have the correct addresses [#26659](https://github.com/docker/docker/pull/26659) 396 + Add creation timestamp to `docker network inspect` [#26130](https://github.com/docker/docker/pull/26130) 397 - Show peer nodes in `docker network inspect` for swarm overlay networks [#28078](https://github.com/docker/docker/pull/28078) 398 - Enable ping for service VIP address [#28019](https://github.com/docker/docker/pull/28019) 399 400 ### Plugins 401 402 - Move plugins out of experimental [#28226](https://github.com/docker/docker/pull/28226) 403 - Add `--force` on `docker plugin remove` [#25096](https://github.com/docker/docker/pull/25096) 404 * Add support for dynamically reloading authorization plugins [#22770](https://github.com/docker/docker/pull/22770) 405 + Add description in `docker plugin ls` [#25556](https://github.com/docker/docker/pull/25556) 406 + Add `-f`/`--format` to `docker plugin inspect` [#25990](https://github.com/docker/docker/pull/25990) 407 + Add `docker plugin create` command [#28164](https://github.com/docker/docker/pull/28164) 408 * Send request's TLS peer certificates to authorization plugins [#27383](https://github.com/docker/docker/pull/27383) 409 * Support for global-scoped network and ipam plugins in swarm-mode [#27287](https://github.com/docker/docker/pull/27287) 410 * Split `docker plugin install` into two API call `/privileges` and `/pull` [#28963](https://github.com/docker/docker/pull/28963) 411 412 ### Remote API (v1.25) & Client 413 414 + Support `docker stack deploy` from a Compose file [#27998](https://github.com/docker/docker/pull/27998) 415 + (experimental) Implement checkpoint and restore [#22049](https://github.com/docker/docker/pull/22049) 416 + Add `--format` flag to `docker info` [#23808](https://github.com/docker/docker/pull/23808) 417 * Remove `--name` from `docker volume create` [#23830](https://github.com/docker/docker/pull/23830) 418 + Add `docker stack ls` [#23886](https://github.com/docker/docker/pull/23886) 419 + Add a new `is-task` ps filter [#24411](https://github.com/docker/docker/pull/24411) 420 + Add `--env-file` flag to `docker service create` [#24844](https://github.com/docker/docker/pull/24844) 421 + Add `--format` on `docker stats` [#24987](https://github.com/docker/docker/pull/24987) 422 + Make `docker node ps` default to `self` in swarm node [#25214](https://github.com/docker/docker/pull/25214) 423 + Add `--group` in `docker service create` [#25317](https://github.com/docker/docker/pull/25317) 424 + Add `--no-trunc` to service/node/stack ps output [#25337](https://github.com/docker/docker/pull/25337) 425 + Add Logs to `ContainerAttachOptions` so go clients can request to retrieve container logs as part of the attach process [#26718](https://github.com/docker/docker/pull/26718) 426 + Allow client to talk to an older server [#27745](https://github.com/docker/docker/pull/27745) 427 * Inform user client-side that a container removal is in progress [#26074](https://github.com/docker/docker/pull/26074) 428 + Add `Isolation` to the /info endpoint [#26255](https://github.com/docker/docker/pull/26255) 429 + Add `userns` to the /info endpoint [#27840](https://github.com/docker/docker/pull/27840) 430 - Do not allow more than one mode be requested at once in the services endpoint [#26643](https://github.com/docker/docker/pull/26643) 431 + Add capability to /containers/create API to specify mounts in a more granular and safer way [#22373](https://github.com/docker/docker/pull/22373) 432 + Add `--format` flag to `network ls` and `volume ls` [#23475](https://github.com/docker/docker/pull/23475) 433 * Allow the top-level `docker inspect` command to inspect any kind of resource [#23614](https://github.com/docker/docker/pull/23614) 434 + Add --cpus flag to control cpu resources for `docker run` and `docker create`, and add `NanoCPUs` to `HostConfig` [#27958](https://github.com/docker/docker/pull/27958) 435 - Allow unsetting the `--entrypoint` in `docker run` or `docker create` [#23718](https://github.com/docker/docker/pull/23718) 436 * Restructure CLI commands by adding `docker image` and `docker container` commands for more consistency [#26025](https://github.com/docker/docker/pull/26025) 437 - Remove `COMMAND` column from `service ls` output [#28029](https://github.com/docker/docker/pull/28029) 438 + Add `--format` to `docker events` [#26268](https://github.com/docker/docker/pull/26268) 439 * Allow specifying multiple nodes on `docker node ps` [#26299](https://github.com/docker/docker/pull/26299) 440 * Restrict fractional digits to 2 decimals in `docker images` output [#26303](https://github.com/docker/docker/pull/26303) 441 + Add `--dns-option` to `docker run` [#28186](https://github.com/docker/docker/pull/28186) 442 + Add Image ID to container commit event [#28128](https://github.com/docker/docker/pull/28128) 443 + Add external binaries version to docker info [#27955](https://github.com/docker/docker/pull/27955) 444 + Add information for `Manager Addresses` in the output of `docker info` [#28042](https://github.com/docker/docker/pull/28042) 445 + Add a new reference filter for `docker images` [#27872](https://github.com/docker/docker/pull/27872) 446 447 ### Runtime 448 449 + Add `--experimental` daemon flag to enable experimental features, instead of shipping them in a separate build [#27223](https://github.com/docker/docker/pull/27223) 450 + Add a `--shutdown-timeout` daemon flag to specify the default timeout (in seconds) to stop containers gracefully before daemon exit [#23036](https://github.com/docker/docker/pull/23036) 451 + Add `--stop-timeout` to specify the timeout value (in seconds) for individual containers to stop [#22566](https://github.com/docker/docker/pull/22566) 452 + Add a new daemon flag `--userland-proxy-path` to allow configuring the userland proxy instead of using the hardcoded `docker-proxy` from `$PATH` [#26882](https://github.com/docker/docker/pull/26882) 453 + Add boolean flag `--init` on `dockerd` and on `docker run` to use [tini](https://github.com/krallin/tini) a zombie-reaping init process as PID 1 [#26061](https://github.com/docker/docker/pull/26061) [#28037](https://github.com/docker/docker/pull/28037) 454 + Add a new daemon flag `--init-path` to allow configuring the path to the `docker-init` binary [#26941](https://github.com/docker/docker/pull/26941) 455 + Add support for live reloading insecure registry in configuration [#22337](https://github.com/docker/docker/pull/22337) 456 + Add support for storage-opt size on Windows daemons [#23391](https://github.com/docker/docker/pull/23391) 457 * Improve reliability of `docker run --rm` by moving it from the client to the daemon [#20848](https://github.com/docker/docker/pull/20848) 458 + Add support for `--cpu-rt-period` and `--cpu-rt-runtime` flags, allowing containers to run real-time threads when `CONFIG_RT_GROUP_SCHED` is enabled in the kernel [#23430](https://github.com/docker/docker/pull/23430) 459 * Allow parallel stop, pause, unpause [#24761](https://github.com/docker/docker/pull/24761) / [#26778](https://github.com/docker/docker/pull/26778) 460 * Implement XFS quota for overlay2 [#24771](https://github.com/docker/docker/pull/24771) 461 - Fix partial/full filter issue in `service tasks --filter` [#24850](https://github.com/docker/docker/pull/24850) 462 - Allow engine to run inside a user namespace [#25672](https://github.com/docker/docker/pull/25672) 463 - Fix a race condition between device deferred removal and resume device, when using the devicemapper graphdriver [#23497](https://github.com/docker/docker/pull/23497) 464 - Add `docker stats` support in Windows [#25737](https://github.com/docker/docker/pull/25737) 465 - Allow using `--pid=host` and `--net=host` when `--userns=host` [#25771](https://github.com/docker/docker/pull/25771) 466 + (experimental) Add metrics (Prometheus) output for basic `container`, `image`, and `daemon` operations [#25820](https://github.com/docker/docker/pull/25820) 467 - Fix issue in `docker stats` with `NetworkDisabled=true` [#25905](https://github.com/docker/docker/pull/25905) 468 + Add `docker top` support in Windows [#25891](https://github.com/docker/docker/pull/25891) 469 + Record pid of exec'd process [#27470](https://github.com/docker/docker/pull/27470) 470 + Add support for looking up user/groups via `getent` [#27599](https://github.com/docker/docker/pull/27599) 471 + Add new `docker system` command with `df` and `prune` subcommands for system resource management, as well as `docker {container,image,volume,network} prune` subcommands [#26108](https://github.com/docker/docker/pull/26108) [#27525](https://github.com/docker/docker/pull/27525) / [#27525](https://github.com/docker/docker/pull/27525) 472 - Fix an issue where containers could not be stopped or killed by setting xfs max_retries to 0 upon ENOSPC with devicemapper [#26212](https://github.com/docker/docker/pull/26212) 473 - Fix `docker cp` failing to copy to a container's volume dir on CentOS with devicemapper [#28047](https://github.com/docker/docker/pull/28047) 474 * Promote overlay(2) graphdriver [#27932](https://github.com/docker/docker/pull/27932) 475 + Add `--seccomp-profile` daemon flag to specify a path to a seccomp profile that overrides the default [#26276](https://github.com/docker/docker/pull/26276) 476 - Fix ulimits in `docker inspect` when `--default-ulimit` is set on daemon [#26405](https://github.com/docker/docker/pull/26405) 477 - Add workaround for overlay issues during build in older kernels [#28138](https://github.com/docker/docker/pull/28138) 478 + Add `TERM` environment variable on `docker exec -t` [#26461](https://github.com/docker/docker/pull/26461) 479 * Honor a container’s `--stop-signal` setting upon `docker kill` [#26464](https://github.com/docker/docker/pull/26464) 480 481 ### Swarm Mode 482 483 + Add secret management [#27794](https://github.com/docker/docker/pull/27794) 484 + Add support for templating service options (hostname, mounts, and environment variables) [#28025](https://github.com/docker/docker/pull/28025) 485 * Display the endpoint mode in the output of `docker service inspect --pretty` [#26906](https://github.com/docker/docker/pull/26906) 486 * Make `docker service ps` output more bearable by shortening service IDs in task names [#28088](https://github.com/docker/docker/pull/28088) 487 * Make `docker node ps` default to the current node [#25214](https://github.com/docker/docker/pull/25214) 488 + Add `--dns`, -`-dns-opt`, and `--dns-search` to service create. [#27567](https://github.com/docker/docker/pull/27567) 489 + Add `--force` to `docker service update` [#27596](https://github.com/docker/docker/pull/27596) 490 + Add `--health-*` and `--no-healthcheck` flags to `docker service create` and `docker service update` [#27369](https://github.com/docker/docker/pull/27369) 491 + Add `-q` to `docker service ps` [#27654](https://github.com/docker/docker/pull/27654) 492 * Display number of global services in `docker service ls` [#27710](https://github.com/docker/docker/pull/27710) 493 - Remove `--name` flag from `docker service update`. This flag is only functional on `docker service create`, so was removed from the `update` command [#26988](https://github.com/docker/docker/pull/26988) 494 - Fix worker nodes failing to recover because of transient networking issues [#26646](https://github.com/docker/docker/issues/26646) 495 * Add support for health aware load balancing and DNS records [#27279](https://github.com/docker/docker/pull/27279) 496 + Add `--hostname` to `docker service create` [#27857](https://github.com/docker/docker/pull/27857) 497 + Add `--host` to `docker service create`, and `--host-add`, `--host-rm` to `docker service update` [#28031](https://github.com/docker/docker/pull/28031) 498 + Add `--tty` flag to `docker service create`/`update` [#28076](https://github.com/docker/docker/pull/28076) 499 * Autodetect, store, and expose node IP address as seen by the manager [#27910](https://github.com/docker/docker/pull/27910) 500 * Encryption at rest of manager keys and raft data [#27967](https://github.com/docker/docker/pull/27967) 501 + Add `--update-max-failure-ratio`, `--update-monitor` and `--rollback` flags to `docker service update` [#26421](https://github.com/docker/docker/pull/26421) 502 - Fix an issue with address autodiscovery on `docker swarm init` running inside a container [#26457](https://github.com/docker/docker/pull/26457) 503 + (experimental) Add `docker service logs` command to view logs for a service [#28089](https://github.com/docker/docker/pull/28089) 504 + Pin images by digest for `docker service create` and `update` [#28173](https://github.com/docker/docker/pull/28173) 505 * Add short (`-f`) flag for `docker node rm --force` and `docker swarm leave --force` [#28196](https://github.com/docker/docker/pull/28196) 506 + Add options to customize Raft snapshots (`--max-snapshots`, `--snapshot-interval`) [#27997](https://github.com/docker/docker/pull/27997) 507 - Don't repull image if pinned by digest [#28265](https://github.com/docker/docker/pull/28265) 508 + Swarm-mode support for Windows [#27838](https://github.com/docker/docker/pull/27838) 509 + Allow hostname to be updated on service [#28771](https://github.com/docker/docker/pull/28771) 510 + Support v2 plugins [#29433](https://github.com/docker/docker/pull/29433) 511 + Add content trust for services [#29469](https://github.com/docker/docker/pull/29469) 512 513 ### Volume 514 515 + Add support for labels on volumes [#21270](https://github.com/docker/docker/pull/21270) 516 + Add support for filtering volumes by label [#25628](https://github.com/docker/docker/pull/25628) 517 * Add a `--force` flag in `docker volume rm` to forcefully purge the data of the volume that has already been deleted [#23436](https://github.com/docker/docker/pull/23436) 518 * Enhance `docker volume inspect` to show all options used when creating the volume [#26671](https://github.com/docker/docker/pull/26671) 519 * Add support for local NFS volumes to resolve hostnames [#27329](https://github.com/docker/docker/pull/27329) 520 521 ### Security 522 523 - Fix selinux labeling of volumes shared in a container [#23024](https://github.com/docker/docker/pull/23024) 524 - Prohibit `/sys/firmware/**` from being accessed with apparmor [#26618](https://github.com/docker/docker/pull/26618) 525 526 ### Deprecation 527 528 - Marked the `docker daemon` command as deprecated. The daemon is moved to a separate binary (`dockerd`), and should be used instead [#26834](https://github.com/docker/docker/pull/26834) 529 - Deprecate unversioned API endpoints [#28208](https://github.com/docker/docker/pull/28208) 530 - Remove Ubuntu 15.10 (Wily Werewolf) as supported platform. Ubuntu 15.10 is EOL, and no longer receives updates [#27042](https://github.com/docker/docker/pull/27042) 531 - Remove Fedora 22 as supported platform. Fedora 22 is EOL, and no longer receives updates [#27432](https://github.com/docker/docker/pull/27432) 532 - Remove Fedora 23 as supported platform. Fedora 23 is EOL, and no longer receives updates [#29455](https://github.com/docker/docker/pull/29455) 533 - Deprecate the `repo:shortid` syntax on `docker pull` [#27207](https://github.com/docker/docker/pull/27207) 534 - Deprecate backing filesystem without `d_type` for overlay and overlay2 storage drivers [#27433](https://github.com/docker/docker/pull/27433) 535 - Deprecate `MAINTAINER` in Dockerfile [#25466](https://github.com/docker/docker/pull/25466) 536 - Deprecate `filter` param for endpoint `/images/json` [#27872](https://github.com/docker/docker/pull/27872) 537 - Deprecate setting duplicate engine labels [#24533](https://github.com/docker/docker/pull/24533) 538 - Deprecate "top-level" network information in `NetworkSettings` [#28437](https://github.com/docker/docker/pull/28437) 539 540 ## 1.12.6 (2017-01-10) 541 542 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 543 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 544 upgrading from an older version of docker, the upgrade process may not 545 automatically install the updated version of the unit file, or fail to start 546 the docker service if; 547 548 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 549 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 550 551 Starting the docker service will produce an error: 552 553 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 554 555 or 556 557 no sockets found via socket activation: make sure the service was started by systemd. 558 559 To resolve this: 560 561 - Backup the current version of the unit file, and replace the file with the 562 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 563 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 564 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 565 566 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 567 systemctl restart docker` to reload changes and (re)start the docker daemon. 568 569 **NOTE**: Docker 1.12.5 will correctly validate that either an IPv6 subnet is provided or 570 that the IPAM driver can provide one when you specify the `--ipv6` option. 571 572 If you are currently using the `--ipv6` option _without_ specifying the 573 `--fixed-cidr-v6` option, the Docker daemon will refuse to start with the 574 following message: 575 576 ```none 577 Error starting daemon: Error initializing network controller: Error creating 578 default "bridge" network: failed to parse pool request 579 for address space "LocalDefault" pool " subpool ": 580 could not find an available, non-overlapping IPv6 address 581 pool among the defaults to assign to the network 582 ``` 583 584 To resolve this error, either remove the `--ipv6` flag (to preserve the same 585 behavior as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the 586 value of the `--fixed-cidr-v6` flag. 587 588 In a similar way, if you specify the `--ipv6` flag when creating a network 589 with the default IPAM driver, without providing an IPv6 `--subnet`, network 590 creation will fail with the following message: 591 592 ```none 593 Error response from daemon: failed to parse pool request for address space 594 "LocalDefault" pool "" subpool "": could not find an 595 available, non-overlapping IPv6 address pool among 596 the defaults to assign to the network 597 ``` 598 599 To resolve this, either remove the `--ipv6` flag (to preserve the same behavior 600 as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the value of the 601 `--subnet` flag. 602 603 The network network creation will instead succeed if you use an external IPAM driver 604 which supports automatic allocation of IPv6 subnets. 605 606 ### Runtime 607 608 - Fix runC privilege escalation (CVE-2016-9962) 609 610 ## 1.12.5 (2016-12-15) 611 612 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 613 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 614 upgrading from an older version of docker, the upgrade process may not 615 automatically install the updated version of the unit file, or fail to start 616 the docker service if; 617 618 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 619 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 620 621 Starting the docker service will produce an error: 622 623 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 624 625 or 626 627 no sockets found via socket activation: make sure the service was started by systemd. 628 629 To resolve this: 630 631 - Backup the current version of the unit file, and replace the file with the 632 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 633 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 634 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 635 636 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 637 systemctl restart docker` to reload changes and (re)start the docker daemon. 638 639 **NOTE**: Docker 1.12.5 will correctly validate that either an IPv6 subnet is provided or 640 that the IPAM driver can provide one when you specify the `--ipv6` option. 641 642 If you are currently using the `--ipv6` option _without_ specifying the 643 `--fixed-cidr-v6` option, the Docker daemon will refuse to start with the 644 following message: 645 646 ```none 647 Error starting daemon: Error initializing network controller: Error creating 648 default "bridge" network: failed to parse pool request 649 for address space "LocalDefault" pool " subpool ": 650 could not find an available, non-overlapping IPv6 address 651 pool among the defaults to assign to the network 652 ``` 653 654 To resolve this error, either remove the `--ipv6` flag (to preserve the same 655 behavior as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the 656 value of the `--fixed-cidr-v6` flag. 657 658 In a similar way, if you specify the `--ipv6` flag when creating a network 659 with the default IPAM driver, without providing an IPv6 `--subnet`, network 660 creation will fail with the following message: 661 662 ```none 663 Error response from daemon: failed to parse pool request for address space 664 "LocalDefault" pool "" subpool "": could not find an 665 available, non-overlapping IPv6 address pool among 666 the defaults to assign to the network 667 ``` 668 669 To resolve this, either remove the `--ipv6` flag (to preserve the same behavior 670 as in Docker 1.12.3 and earlier), or provide an IPv6 subnet as the value of the 671 `--subnet` flag. 672 673 The network network creation will instead succeed if you use an external IPAM driver 674 which supports automatic allocation of IPv6 subnets. 675 676 ### Runtime 677 678 - Fix race on sending stdin close event [#29424](https://github.com/docker/docker/pull/29424) 679 680 ### Networking 681 682 - Fix panic in docker network ls when a network was created with `--ipv6` and no ipv6 `--subnet` in older docker versions [#29416](https://github.com/docker/docker/pull/29416) 683 684 ### Contrib 685 686 - Fix compilation on Darwin [#29370](https://github.com/docker/docker/pull/29370) 687 688 ## 1.12.4 (2016-12-12) 689 690 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 691 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 692 upgrading from an older version of docker, the upgrade process may not 693 automatically install the updated version of the unit file, or fail to start 694 the docker service if; 695 696 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 697 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 698 699 Starting the docker service will produce an error: 700 701 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 702 703 or 704 705 no sockets found via socket activation: make sure the service was started by systemd. 706 707 To resolve this: 708 709 - Backup the current version of the unit file, and replace the file with the 710 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 711 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 712 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 713 714 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 715 systemctl restart docker` to reload changes and (re)start the docker daemon. 716 717 718 ### Runtime 719 720 - Fix issue where volume metadata was not removed [#29083](https://github.com/docker/docker/pull/29083) 721 - Asynchronously close streams to prevent holding container lock [#29050](https://github.com/docker/docker/pull/29050) 722 - Fix selinux labels for newly created container volumes [#29050](https://github.com/docker/docker/pull/29050) 723 - Remove hostname validation [#28990](https://github.com/docker/docker/pull/28990) 724 - Fix deadlocks caused by IO races [#29095](https://github.com/docker/docker/pull/29095) [#29141](https://github.com/docker/docker/pull/29141) 725 - Return an empty stats if the container is restarting [#29150](https://github.com/docker/docker/pull/29150) 726 - Fix volume store locking [#29151](https://github.com/docker/docker/pull/29151) 727 - Ensure consistent status code in API [#29150](https://github.com/docker/docker/pull/29150) 728 - Fix incorrect opaque directory permission in overlay2 [#29093](https://github.com/docker/docker/pull/29093) 729 - Detect plugin content and error out on `docker pull` [#29297](https://github.com/docker/docker/pull/29297) 730 731 ### Swarm Mode 732 733 * Update Swarmkit [#29047](https://github.com/docker/docker/pull/29047) 734 - orchestrator/global: Fix deadlock on updates [docker/swarmkit#1760](https://github.com/docker/swarmkit/pull/1760) 735 - on leader switchover preserve the vxlan id for existing networks [docker/swarmkit#1773](https://github.com/docker/swarmkit/pull/1773) 736 - Refuse swarm spec not named "default" [#29152](https://github.com/docker/docker/pull/29152) 737 738 ### Networking 739 740 * Update libnetwork [#29004](https://github.com/docker/docker/pull/29004) [#29146](https://github.com/docker/docker/pull/29146) 741 - Fix panic in embedded DNS [docker/libnetwork#1561](https://github.com/docker/libnetwork/pull/1561) 742 - Fix unmarhalling panic when passing --link-local-ip on global scope network [docker/libnetwork#1564](https://github.com/docker/libnetwork/pull/1564) 743 - Fix panic when network plugin returns nil StaticRoutes [docker/libnetwork#1563](https://github.com/docker/libnetwork/pull/1563) 744 - Fix panic in osl.(*networkNamespace).DeleteNeighbor [docker/libnetwork#1555](https://github.com/docker/libnetwork/pull/1555) 745 - Fix panic in swarm networking concurrent map read/write [docker/libnetwork#1570](https://github.com/docker/libnetwork/pull/1570) 746 * Allow encrypted networks when running docker inside a container [docker/libnetwork#1502](https://github.com/docker/libnetwork/pull/1502) 747 - Do not block autoallocation of IPv6 pool [docker/libnetwork#1538](https://github.com/docker/libnetwork/pull/1538) 748 - Set timeout for netlink calls [docker/libnetwork#1557](https://github.com/docker/libnetwork/pull/1557) 749 - Increase networking local store timeout to one minute [docker/libkv#140](https://github.com/docker/libkv/pull/140) 750 - Fix a panic in libnetwork.(*sandbox).execFunc [docker/libnetwork#1556](https://github.com/docker/libnetwork/pull/1556) 751 - Honor icc=false for internal networks [docker/libnetwork#1525](https://github.com/docker/libnetwork/pull/1525) 752 753 ### Logging 754 755 * Update syslog log driver [#29150](https://github.com/docker/docker/pull/29150) 756 757 ### Contrib 758 759 - Run "dnf upgrade" before installing in fedora [#29150](https://github.com/docker/docker/pull/29150) 760 - Add build-date back to RPM packages [#29150](https://github.com/docker/docker/pull/29150) 761 - deb package filename changed to include distro to distinguish between distro code names [#27829](https://github.com/docker/docker/pull/27829) 762 763 ## 1.12.3 (2016-10-26) 764 765 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 766 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 767 upgrading from an older version of docker, the upgrade process may not 768 automatically install the updated version of the unit file, or fail to start 769 the docker service if; 770 771 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 772 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 773 774 Starting the docker service will produce an error: 775 776 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 777 778 or 779 780 no sockets found via socket activation: make sure the service was started by systemd. 781 782 To resolve this: 783 784 - Backup the current version of the unit file, and replace the file with the 785 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 786 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 787 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 788 789 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 790 systemctl restart docker` to reload changes and (re)start the docker daemon. 791 792 793 ### Runtime 794 795 - Fix ambient capability usage in containers (CVE-2016-8867) [#27610](https://github.com/docker/docker/pull/27610) 796 - Prevent a deadlock in libcontainerd for Windows [#27136](https://github.com/docker/docker/pull/27136) 797 - Fix error reporting in CopyFileWithTar [#27075](https://github.com/docker/docker/pull/27075) 798 * Reset health status to starting when a container is restarted [#27387](https://github.com/docker/docker/pull/27387) 799 * Properly handle shared mount propagation in storage directory [#27609](https://github.com/docker/docker/pull/27609) 800 - Fix docker exec [#27610](https://github.com/docker/docker/pull/27610) 801 - Fix backward compatibility with containerd’s events log [#27693](https://github.com/docker/docker/pull/27693) 802 803 ### Swarm Mode 804 805 - Fix conversion of restart-policy [#27062](https://github.com/docker/docker/pull/27062) 806 * Update Swarmkit [#27554](https://github.com/docker/docker/pull/27554) 807 * Avoid restarting a task that has already been restarted [docker/swarmkit#1305](https://github.com/docker/swarmkit/pull/1305) 808 * Allow duplicate published ports when they use different protocols [docker/swarmkit#1632](https://github.com/docker/swarmkit/pull/1632) 809 * Allow multiple randomly assigned published ports on service [docker/swarmkit#1657](https://github.com/docker/swarmkit/pull/1657) 810 - Fix panic when allocations happen at init time [docker/swarmkit#1651](https://github.com/docker/swarmkit/pull/1651) 811 812 ### Networking 813 814 * Update libnetwork [#27559](https://github.com/docker/docker/pull/27559) 815 - Fix race in serializing sandbox to string [docker/libnetwork#1495](https://github.com/docker/libnetwork/pull/1495) 816 - Fix race during deletion [docker/libnetwork#1503](https://github.com/docker/libnetwork/pull/1503) 817 * Reset endpoint port info on connectivity revoke in bridge driver [docker/libnetwork#1504](https://github.com/docker/libnetwork/pull/1504) 818 - Fix a deadlock in networking code [docker/libnetwork#1507](https://github.com/docker/libnetwork/pull/1507) 819 - Fix a race in load balancer state [docker/libnetwork#1512](https://github.com/docker/libnetwork/pull/1512) 820 821 ### Logging 822 823 * Update fluent-logger-golang to v1.2.1 [#27474](https://github.com/docker/docker/pull/27474) 824 825 ### Contrib 826 827 * Update buildtags for armhf ubuntu-trusty [#27327](https://github.com/docker/docker/pull/27327) 828 * Add AppArmor to runc buildtags for armhf [#27421](https://github.com/docker/docker/pull/27421) 829 830 ## 1.12.2 (2016-10-11) 831 832 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 833 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 834 upgrading from an older version of docker, the upgrade process may not 835 automatically install the updated version of the unit file, or fail to start 836 the docker service if; 837 838 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 839 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 840 841 Starting the docker service will produce an error: 842 843 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 844 845 or 846 847 no sockets found via socket activation: make sure the service was started by systemd. 848 849 To resolve this: 850 851 - Backup the current version of the unit file, and replace the file with the 852 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 853 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 854 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 855 856 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 857 systemctl restart docker` to reload changes and (re)start the docker daemon. 858 859 860 ### Runtime 861 862 - Fix a panic due to a race condition filtering `docker ps` [#26049](https://github.com/docker/docker/pull/26049) 863 * Implement retry logic to prevent "Unable to remove filesystem" errors when using the aufs storage driver [#26536](https://github.com/docker/docker/pull/26536) 864 * Prevent devicemapper from removing device symlinks if `dm.use_deferred_removal` is enabled [#24740](https://github.com/docker/docker/pull/24740) 865 - Fix an issue where the CLI did not return correct exit codes if a command was run with invalid options [#26777](https://github.com/docker/docker/pull/26777) 866 - Fix a panic due to a bug in stdout / stderr processing in health checks [#26507](https://github.com/docker/docker/pull/26507) 867 - Fix exec's children handling [#26874](https://github.com/docker/docker/pull/26874) 868 - Fix exec form of HEALTHCHECK CMD [#26208](https://github.com/docker/docker/pull/26208) 869 870 ### Networking 871 872 - Fix a daemon start panic on armv5 [#24315](https://github.com/docker/docker/issues/24315) 873 * Vendor libnetwork [#26879](https://github.com/docker/docker/pull/26879) [#26953](https://github.com/docker/docker/pull/26953) 874 * Avoid returning early on agent join failures [docker/libnetwork#1473](https://github.com/docker/libnetwork/pull/1473) 875 - Fix service published port cleanup issues [docker/libetwork#1432](https://github.com/docker/libnetwork/pull/1432) [docker/libnetwork#1433](https://github.com/docker/libnetwork/pull/1433) 876 * Recover properly from transient gossip failures [docker/libnetwork#1446](https://github.com/docker/libnetwork/pull/1446) 877 * Disambiguate node names known to gossip cluster to avoid node name collision [docker/libnetwork#1451](https://github.com/docker/libnetwork/pull/1451) 878 * Honor user provided listen address for gossip [docker/libnetwork#1460](https://github.com/docker/libnetwork/pull/1460) 879 * Allow reachability via published port across services on the same host [docker/libnetwork#1398](https://github.com/docker/libnetwork/pull/1398) 880 * Change the ingress sandbox name from random id to just `ingress_sbox` [docker/libnetwork#1449](https://github.com/docker/libnetwork/pull/1449) 881 - Disable service discovery in ingress network [docker/libnetwork#1489](https://github.com/docker/libnetwork/pull/1489) 882 883 ### Swarm Mode 884 885 * Fix remote detection of a node's address when it joins the cluster [#26211](https://github.com/docker/docker/pull/26211) 886 * Vendor SwarmKit [#26765](https://github.com/docker/docker/pull/26765) 887 * Bounce session after failed status update [docker/swarmkit#1539](https://github.com/docker/swarmkit/pull/1539) 888 - Fix possible raft deadlocks [docker/swarmkit#1537](https://github.com/docker/swarmkit/pull/1537) 889 - Fix panic and endpoint leak when a service is updated with no endpoints [docker/swarmkit#1481](https://github.com/docker/swarmkit/pull/1481) 890 * Produce an error if the same port is published twice on `service create` or `service update` [docker/swarmkit#1495](https://github.com/docker/swarmkit/pull/1495) 891 - Fix an issue where changes to a service were not detected, resulting in the service not being updated [docker/swarmkit#1497](https://github.com/docker/swarmkit/pull/1497) 892 - Do not allow service creation on ingress network [docker/swarmkit#1600](https://github.com/docker/swarmkit/pull/1600) 893 894 ### Contrib 895 896 * Update the debian sysv-init script to use `dockerd` instead of `docker daemon` [#25869](https://github.com/docker/docker/pull/25869) 897 * Improve stability when running the docker client on MacOS Sierra [#26875](https://github.com/docker/docker/pull/26875) 898 - Fix installation on debian stretch [#27184](https://github.com/docker/docker/pull/27184) 899 900 ### Windows 901 902 - Fix an issue where arrow-navigation did not work when running the docker client in ConEmu [#25578](https://github.com/docker/docker/pull/25578) 903 904 ## 1.12.1 (2016-08-18) 905 906 **IMPORTANT**: Docker 1.12 ships with an updated systemd unit file for rpm 907 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 908 upgrading from an older version of docker, the upgrade process may not 909 automatically install the updated version of the unit file, or fail to start 910 the docker service if; 911 912 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 913 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 914 915 Starting the docker service will produce an error: 916 917 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 918 919 or 920 921 no sockets found via socket activation: make sure the service was started by systemd. 922 923 To resolve this: 924 925 - Backup the current version of the unit file, and replace the file with the 926 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 927 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 928 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 929 930 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 931 systemctl restart docker` to reload changes and (re)start the docker daemon. 932 933 934 ### Client 935 936 * Add `Joined at` information in `node inspect --pretty` [#25512](https://github.com/docker/docker/pull/25512) 937 - Fix a crash on `service inspect` [#25454](https://github.com/docker/docker/pull/25454) 938 - Fix issue preventing `service update --env-add` to work as intended [#25427](https://github.com/docker/docker/pull/25427) 939 - Fix issue preventing `service update --publish-add` to work as intended [#25428](https://github.com/docker/docker/pull/25428) 940 - Remove `service update --network-add` and `service update --network-rm` flags 941 because this feature is not yet implemented in 1.12, but was inadvertently added 942 to the client in 1.12.0 [#25646](https://github.com/docker/docker/pull/25646) 943 944 ### Contrib 945 946 + Official ARM installation for Debian Jessie, Ubuntu Trusty, and Raspbian Jessie [#24815](https://github.com/docker/docker/pull/24815) [#25591](https://github.com/docker/docker/pull/25637) 947 - Add selinux policy per distro/version, fixing issue preventing successful installation on Fedora 24, and Oracle Linux [#25334](https://github.com/docker/docker/pull/25334) [#25593](https://github.com/docker/docker/pull/25593) 948 949 ### Networking 950 951 - Fix issue that prevented containers to be accessed by hostname with Docker overlay driver in Swarm Mode [#25603](https://github.com/docker/docker/pull/25603) [#25648](https://github.com/docker/docker/pull/25648) 952 - Fix random network issues on service with published port [#25603](https://github.com/docker/docker/pull/25603) 953 - Fix unreliable inter-service communication after scaling down and up [#25603](https://github.com/docker/docker/pull/25603) 954 - Fix issue where removing all tasks on a node and adding them back breaks connectivity with other services [#25603](https://github.com/docker/docker/pull/25603) 955 - Fix issue where a task that fails to start results in a race, causing a `network xxx not found` error that masks the actual error [#25550](https://github.com/docker/docker/pull/25550) 956 - Relax validation of SRV records for external services that use SRV records not formatted according to RFC 2782 [#25739](https://github.com/docker/docker/pull/25739) 957 958 ### Plugins (experimental) 959 960 * Make daemon events listen for plugin lifecycle events [#24760](https://github.com/docker/docker/pull/24760) 961 * Check for plugin state before enabling plugin [#25033](https://github.com/docker/docker/pull/25033) 962 - Remove plugin root from filesystem on `plugin rm` [#25187](https://github.com/docker/docker/pull/25187) 963 - Prevent deadlock when more than one plugin is installed [#25384](https://github.com/docker/docker/pull/25384) 964 965 ### Runtime 966 967 * Mask join tokens in daemon logs [#25346](https://github.com/docker/docker/pull/25346) 968 - Fix `docker ps --filter` causing the results to no longer be sorted by creation time [#25387](https://github.com/docker/docker/pull/25387) 969 - Fix various crashes [#25053](https://github.com/docker/docker/pull/25053) 970 971 ### Security 972 973 * Add `/proc/timer_list` to the masked paths list to prevent information leak from the host [#25630](https://github.com/docker/docker/pull/25630) 974 * Allow systemd to run with only `--cap-add SYS_ADMIN` rather than having to also add `--cap-add DAC_READ_SEARCH` or disabling seccomp filtering [#25567](https://github.com/docker/docker/pull/25567) 975 976 ### Swarm 977 978 - Fix an issue where the swarm can get stuck electing a new leader after quorum is lost [#25055](https://github.com/docker/docker/issues/25055) 979 - Fix unwanted rescheduling of containers after a leader failover [#25017](https://github.com/docker/docker/issues/25017) 980 - Change swarm root CA key to P256 curve [swarmkit#1376](https://github.com/docker/swarmkit/pull/1376) 981 - Allow forced removal of a node from a swarm [#25159](https://github.com/docker/docker/pull/25159) 982 - Fix connection leak when a node leaves a swarm [swarmkit/#1277](https://github.com/docker/swarmkit/pull/1277) 983 - Backdate swarm certificates by one hour to tolerate more clock skew [swarmkit/#1243](https://github.com/docker/swarmkit/pull/1243) 984 - Avoid high CPU use with many unschedulable tasks [swarmkit/#1287](https://github.com/docker/swarmkit/pull/1287) 985 - Fix issue with global tasks not starting up [swarmkit/#1295](https://github.com/docker/swarmkit/pull/1295) 986 - Garbage collect raft logs [swarmkit/#1327](https://github.com/docker/swarmkit/pull/1327) 987 988 ### Volume 989 990 - Persist local volume options after a daemon restart [#25316](https://github.com/docker/docker/pull/25316) 991 - Fix an issue where the mount ID was not returned on volume unmount [#25333](https://github.com/docker/docker/pull/25333) 992 - Fix an issue where a volume mount could inadvertently create a bind mount [#25309](https://github.com/docker/docker/pull/25309) 993 - `docker service create --mount type=bind,...` now correctly validates if the source path exists, instead of creating it [#25494](https://github.com/docker/docker/pull/25494) 994 995 ## 1.12.0 (2016-07-28) 996 997 998 **IMPORTANT**: Docker 1.12.0 ships with an updated systemd unit file for rpm 999 based installs (which includes RHEL, Fedora, CentOS, and Oracle Linux 7). When 1000 upgrading from an older version of docker, the upgrade process may not 1001 automatically install the updated version of the unit file, or fail to start 1002 the docker service if; 1003 1004 - the systemd unit file (`/usr/lib/systemd/system/docker.service`) contains local changes, or 1005 - a systemd drop-in file is present, and contains `-H fd://` in the `ExecStart` directive 1006 1007 Starting the docker service will produce an error: 1008 1009 Failed to start docker.service: Unit docker.socket failed to load: No such file or directory. 1010 1011 or 1012 1013 no sockets found via socket activation: make sure the service was started by systemd. 1014 1015 To resolve this: 1016 1017 - Backup the current version of the unit file, and replace the file with the 1018 [version that ships with docker 1.12](https://raw.githubusercontent.com/docker/docker/v1.12.0/contrib/init/systemd/docker.service.rpm) 1019 - Remove the `Requires=docker.socket` directive from the `/usr/lib/systemd/system/docker.service` file if present 1020 - Remove `-H fd://` from the `ExecStart` directive (both in the main unit file, and in any drop-in files present). 1021 1022 After making those changes, run `sudo systemctl daemon-reload`, and `sudo 1023 systemctl restart docker` to reload changes and (re)start the docker daemon. 1024 1025 **IMPORTANT**: With Docker 1.12, a Linux docker installation now has two 1026 additional binaries; `dockerd`, and `docker-proxy`. If you have scripts for 1027 installing docker, please make sure to update them accordingly. 1028 1029 ### Builder 1030 1031 + New `HEALTHCHECK` Dockerfile instruction to support user-defined healthchecks [#23218](https://github.com/docker/docker/pull/23218) 1032 + New `SHELL` Dockerfile instruction to specify the default shell when using the shell form for commands in a Dockerfile [#22489](https://github.com/docker/docker/pull/22489) 1033 + Add `#escape=` Dockerfile directive to support platform-specific parsing of file paths in Dockerfile [#22268](https://github.com/docker/docker/pull/22268) 1034 + Add support for comments in `.dockerignore` [#23111](https://github.com/docker/docker/pull/23111) 1035 * Support for UTF-8 in Dockerfiles [#23372](https://github.com/docker/docker/pull/23372) 1036 * Skip UTF-8 BOM bytes from `Dockerfile` and `.dockerignore` if exist [#23234](https://github.com/docker/docker/pull/23234) 1037 * Windows: support for `ARG` to match Linux [#22508](https://github.com/docker/docker/pull/22508) 1038 - Fix error message when building using a daemon with the bridge network disabled [#22932](https://github.com/docker/docker/pull/22932) 1039 1040 ### Contrib 1041 1042 * Enable seccomp for Centos 7 and Oracle Linux 7 [#22344](https://github.com/docker/docker/pull/22344) 1043 - Remove MountFlags in systemd unit to allow shared mount propagation [#22806](https://github.com/docker/docker/pull/22806) 1044 1045 ### Distribution 1046 1047 + Add `--max-concurrent-downloads` and `--max-concurrent-uploads` daemon flags useful for situations where network connections don't support multiple downloads/uploads [#22445](https://github.com/docker/docker/pull/22445) 1048 * Registry operations now honor the `ALL_PROXY` environment variable [#22316](https://github.com/docker/docker/pull/22316) 1049 * Provide more information to the user on `docker load` [#23377](https://github.com/docker/docker/pull/23377) 1050 * Always save registry digest metadata about images pushed and pulled [#23996](https://github.com/docker/docker/pull/23996) 1051 1052 ### Logging 1053 1054 + Syslog logging driver now supports DGRAM sockets [#21613](https://github.com/docker/docker/pull/21613) 1055 + Add `--details` option to `docker logs` to also display log tags [#21889](https://github.com/docker/docker/pull/21889) 1056 + Enable syslog logger to have access to env and labels [#21724](https://github.com/docker/docker/pull/21724) 1057 + An additional syslog-format option `rfc5424micro` to allow microsecond resolution in syslog timestamp [#21844](https://github.com/docker/docker/pull/21844) 1058 * Inherit the daemon log options when creating containers [#21153](https://github.com/docker/docker/pull/21153) 1059 * Remove `docker/` prefix from log messages tag and replace it with `{{.DaemonName}}` so that users have the option of changing the prefix [#22384](https://github.com/docker/docker/pull/22384) 1060 1061 ### Networking 1062 1063 + Built-in Virtual-IP based internal and ingress load-balancing using IPVS [#23361](https://github.com/docker/docker/pull/23361) 1064 + Routing Mesh using ingress overlay network [#23361](https://github.com/docker/docker/pull/23361) 1065 + Secured multi-host overlay networking using encrypted control-plane and Data-plane [#23361](https://github.com/docker/docker/pull/23361) 1066 + MacVlan driver is out of experimental [#23524](https://github.com/docker/docker/pull/23524) 1067 + Add `driver` filter to `network ls` [#22319](https://github.com/docker/docker/pull/22319) 1068 + Adding `network` filter to `docker ps --filter` [#23300](https://github.com/docker/docker/pull/23300) 1069 + Add `--link-local-ip` flag to `create`, `run` and `network connect` to specify a container's link-local address [#23415](https://github.com/docker/docker/pull/23415) 1070 + Add network label filter support [#21495](https://github.com/docker/docker/pull/21495) 1071 * Removed dependency on external KV-Store for Overlay networking in Swarm-Mode [#23361](https://github.com/docker/docker/pull/23361) 1072 * Add container's short-id as default network alias [#21901](https://github.com/docker/docker/pull/21901) 1073 * `run` options `--dns` and `--net=host` are no longer mutually exclusive [#22408](https://github.com/docker/docker/pull/22408) 1074 - Fix DNS issue when renaming containers with generated names [#22716](https://github.com/docker/docker/pull/22716) 1075 - Allow both `network inspect -f {{.Id}}` and `network inspect -f {{.ID}}` to address inconsistency with inspect output [#23226](https://github.com/docker/docker/pull/23226) 1076 1077 ### Plugins (experimental) 1078 1079 + New `plugin` command to manager plugins with `install`, `enable`, `disable`, `rm`, `inspect`, `set` subcommands [#23446](https://github.com/docker/docker/pull/23446) 1080 1081 ### Remote API (v1.24) & Client 1082 1083 + Split the binary into two: `docker` (client) and `dockerd` (daemon) [#20639](https://github.com/docker/docker/pull/20639) 1084 + Add `before` and `since` filters to `docker images --filter` [#22908](https://github.com/docker/docker/pull/22908) 1085 + Add `--limit` option to `docker search` [#23107](https://github.com/docker/docker/pull/23107) 1086 + Add `--filter` option to `docker search` [#22369](https://github.com/docker/docker/pull/22369) 1087 + Add security options to `docker info` output [#21172](https://github.com/docker/docker/pull/21172) [#23520](https://github.com/docker/docker/pull/23520) 1088 + Add insecure registries to `docker info` output [#20410](https://github.com/docker/docker/pull/20410) 1089 + Extend Docker authorization with TLS user information [#21556](https://github.com/docker/docker/pull/21556) 1090 + devicemapper: expose Minimum Thin Pool Free Space through `docker info` [#21945](https://github.com/docker/docker/pull/21945) 1091 * API now returns a JSON object when an error occurs making it more consistent [#22880](https://github.com/docker/docker/pull/22880) 1092 - Prevent `docker run -i --restart` from hanging on exit [#22777](https://github.com/docker/docker/pull/22777) 1093 - Fix API/CLI discrepancy on hostname validation [#21641](https://github.com/docker/docker/pull/21641) 1094 - Fix discrepancy in the format of sizes in `stats` from HumanSize to BytesSize [#21773](https://github.com/docker/docker/pull/21773) 1095 - authz: when request is denied return forbidden exit code (403) [#22448](https://github.com/docker/docker/pull/22448) 1096 - Windows: fix tty-related displaying issues [#23878](https://github.com/docker/docker/pull/23878) 1097 1098 ### Runtime 1099 1100 + Split the userland proxy to a separate binary (`docker-proxy`) [#23312](https://github.com/docker/docker/pull/23312) 1101 + Add `--live-restore` daemon flag to keep containers running when daemon shuts down, and regain control on startup [#23213](https://github.com/docker/docker/pull/23213) 1102 + Ability to add OCI-compatible runtimes (via `--add-runtime` daemon flag) and select one with `--runtime` on `create` and `run` [#22983](https://github.com/docker/docker/pull/22983) 1103 + New `overlay2` graphdriver for Linux 4.0+ with multiple lower directory support [#22126](https://github.com/docker/docker/pull/22126) 1104 + New load/save image events [#22137](https://github.com/docker/docker/pull/22137) 1105 + Add support for reloading daemon configuration through systemd [#22446](https://github.com/docker/docker/pull/22446) 1106 + Add disk quota support for btrfs [#19651](https://github.com/docker/docker/pull/19651) 1107 + Add disk quota support for zfs [#21946](https://github.com/docker/docker/pull/21946) 1108 + Add support for `docker run --pid=container:<id>` [#22481](https://github.com/docker/docker/pull/22481) 1109 + Align default seccomp profile with selected capabilities [#22554](https://github.com/docker/docker/pull/22554) 1110 + Add a `daemon reload` event when the daemon reloads its configuration [#22590](https://github.com/docker/docker/pull/22590) 1111 + Add `trace` capability in the pprof profiler to show execution traces in binary form [#22715](https://github.com/docker/docker/pull/22715) 1112 + Add a `detach` event [#22898](https://github.com/docker/docker/pull/22898) 1113 + Add support for setting sysctls with `--sysctl` [#19265](https://github.com/docker/docker/pull/19265) 1114 + Add `--storage-opt` flag to `create` and `run` allowing to set `size` on devicemapper [#19367](https://github.com/docker/docker/pull/19367) 1115 + Add `--oom-score-adjust` daemon flag with a default value of `-500` making the daemon less likely to be killed before containers [#24516](https://github.com/docker/docker/pull/24516) 1116 * Undeprecate the `-c` short alias of `--cpu-shares` on `run`, `build`, `create`, `update` [#22621](https://github.com/docker/docker/pull/22621) 1117 * Prevent from using aufs and overlay graphdrivers on an eCryptfs mount [#23121](https://github.com/docker/docker/pull/23121) 1118 - Fix issues with tmpfs mount ordering [#22329](https://github.com/docker/docker/pull/22329) 1119 - Created containers are no longer listed on `docker ps -a -f exited=0` [#21947](https://github.com/docker/docker/pull/21947) 1120 - Fix an issue where containers are stuck in a "Removal In Progress" state [#22423](https://github.com/docker/docker/pull/22423) 1121 - Fix bug that was returning an HTTP 500 instead of a 400 when not specifying a command on run/create [#22762](https://github.com/docker/docker/pull/22762) 1122 - Fix bug with `--detach-keys` whereby input matching a prefix of the detach key was not preserved [#22943](https://github.com/docker/docker/pull/22943) 1123 - SELinux labeling is now disabled when using `--privileged` mode [#22993](https://github.com/docker/docker/pull/22993) 1124 - If volume-mounted into a container, `/etc/hosts`, `/etc/resolv.conf`, `/etc/hostname` are no longer SELinux-relabeled [#22993](https://github.com/docker/docker/pull/22993) 1125 - Fix inconsistency in `--tmpfs` behavior regarding mount options [#22438](https://github.com/docker/docker/pull/22438) 1126 - Fix an issue where daemon hangs at startup [#23148](https://github.com/docker/docker/pull/23148) 1127 - Ignore SIGPIPE events to prevent journald restarts to crash docker in some cases [#22460](https://github.com/docker/docker/pull/22460) 1128 - Containers are not removed from stats list on error [#20835](https://github.com/docker/docker/pull/20835) 1129 - Fix `on-failure` restart policy when daemon restarts [#20853](https://github.com/docker/docker/pull/20853) 1130 - Fix an issue with `stats` when a container is using another container's network [#21904](https://github.com/docker/docker/pull/21904) 1131 1132 ### Swarm Mode 1133 1134 + New `swarm` command to manage swarms with `init`, `join`, `join-token`, `leave`, `update` subcommands [#23361](https://github.com/docker/docker/pull/23361) [#24823](https://github.com/docker/docker/pull/24823) 1135 + New `service` command to manage swarm-wide services with `create`, `inspect`, `update`, `rm`, `ps` subcommands [#23361](https://github.com/docker/docker/pull/23361) [#25140](https://github.com/docker/docker/pull/25140) 1136 + New `node` command to manage nodes with `accept`, `promote`, `demote`, `inspect`, `update`, `ps`, `ls` and `rm` subcommands [#23361](https://github.com/docker/docker/pull/23361) [#25140](https://github.com/docker/docker/pull/25140) 1137 + (experimental) New `stack` and `deploy` commands to manage and deploy multi-service applications [#23522](https://github.com/docker/docker/pull/23522) [#25140](https://github.com/docker/docker/pull/25140) 1138 1139 ### Volume 1140 1141 + Add support for local and global volume scopes (analogous to network scopes) [#22077](https://github.com/docker/docker/pull/22077) 1142 + Allow volume drivers to provide a `Status` field [#21006](https://github.com/docker/docker/pull/21006) 1143 + Add name/driver filter support for volume [#21361](https://github.com/docker/docker/pull/21361) 1144 * Mount/Unmount operations now receives an opaque ID to allow volume drivers to differentiate between two callers [#21015](https://github.com/docker/docker/pull/21015) 1145 - Fix issue preventing to remove a volume in a corner case [#22103](https://github.com/docker/docker/pull/22103) 1146 - Windows: Enable auto-creation of host-path to match Linux [#22094](https://github.com/docker/docker/pull/22094) 1147 1148 1149 ### Deprecation 1150 1151 * Environment variables `DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE` and `DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE` have been renamed 1152 to `DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE` and `DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE` respectively [#22574](https://github.com/docker/docker/pull/22574) 1153 * Remove deprecated `syslog-tag`, `gelf-tag`, `fluentd-tag` log option in favor of the more generic `tag` one [#22620](https://github.com/docker/docker/pull/22620) 1154 * Remove deprecated feature of passing HostConfig at API container start [#22570](https://github.com/docker/docker/pull/22570) 1155 * Remove deprecated `-f`/`--force` flag on docker tag [#23090](https://github.com/docker/docker/pull/23090) 1156 * Remove deprecated `/containers/<id|name>/copy` endpoint [#22149](https://github.com/docker/docker/pull/22149) 1157 * Remove deprecated `docker ps` flags `--since` and `--before` [#22138](https://github.com/docker/docker/pull/22138) 1158 * Deprecate the old 3-args form of `docker import` [#23273](https://github.com/docker/docker/pull/23273) 1159 1160 ## 1.11.2 (2016-05-31) 1161 1162 ### Networking 1163 1164 - Fix a stale endpoint issue on overlay networks during ungraceful restart ([#23015](https://github.com/docker/docker/pull/23015)) 1165 - Fix an issue where the wrong port could be reported by `docker inspect/ps/port` ([#22997](https://github.com/docker/docker/pull/22997)) 1166 1167 ### Runtime 1168 1169 - Fix a potential panic when running `docker build` ([#23032](https://github.com/docker/docker/pull/23032)) 1170 - Fix interpretation of `--user` parameter ([#22998](https://github.com/docker/docker/pull/22998)) 1171 - Fix a bug preventing container statistics to be correctly reported ([#22955](https://github.com/docker/docker/pull/22955)) 1172 - Fix an issue preventing container to be restarted after daemon restart ([#22947](https://github.com/docker/docker/pull/22947)) 1173 - Fix issues when running 32 bit binaries on Ubuntu 16.04 ([#22922](https://github.com/docker/docker/pull/22922)) 1174 - Fix a possible deadlock on image deletion and container attach ([#22918](https://github.com/docker/docker/pull/22918)) 1175 - Fix an issue where containers fail to start after a daemon restart if they depend on a containerized cluster store ([#22561](https://github.com/docker/docker/pull/22561)) 1176 - Fix an issue causing `docker ps` to hang on CentOS when using devicemapper ([#22168](https://github.com/docker/docker/pull/22168), [#23067](https://github.com/docker/docker/pull/23067)) 1177 - Fix a bug preventing to `docker exec` into a container when using devicemapper ([#22168](https://github.com/docker/docker/pull/22168), [#23067](https://github.com/docker/docker/pull/23067)) 1178 1179 1180 ## 1.11.1 (2016-04-26) 1181 1182 ### Distribution 1183 1184 - Fix schema2 manifest media type to be of type `application/vnd.docker.container.image.v1+json` ([#21949](https://github.com/docker/docker/pull/21949)) 1185 1186 ### Documentation 1187 1188 + Add missing API documentation for changes introduced with 1.11.0 ([#22048](https://github.com/docker/docker/pull/22048)) 1189 1190 ### Builder 1191 1192 * Append label passed to `docker build` as arguments as an implicit `LABEL` command at the end of the processed `Dockerfile` ([#22184](https://github.com/docker/docker/pull/22184)) 1193 1194 ### Networking 1195 1196 - Fix a panic that would occur when forwarding DNS query ([#22261](https://github.com/docker/docker/pull/22261)) 1197 - Fix an issue where OS threads could end up within an incorrect network namespace when using user defined networks ([#22261](https://github.com/docker/docker/pull/22261)) 1198 1199 ### Runtime 1200 1201 - Fix a bug preventing labels configuration to be reloaded via the config file ([#22299](https://github.com/docker/docker/pull/22299)) 1202 - Fix a regression where container mounting `/var/run` would prevent other containers from being removed ([#22256](https://github.com/docker/docker/pull/22256)) 1203 - Fix an issue where it would be impossible to update both `memory-swap` and `memory` value together ([#22255](https://github.com/docker/docker/pull/22255)) 1204 - Fix a regression from 1.11.0 where the `/auth` endpoint would not initialize `serveraddress` if it is not provided ([#22254](https://github.com/docker/docker/pull/22254)) 1205 - Add missing cleanup of container temporary files when cancelling a schedule restart ([#22237](https://github.com/docker/docker/pull/22237)) 1206 - Remove scary error message when no restart policy is specified ([#21993](https://github.com/docker/docker/pull/21993)) 1207 - Fix a panic that would occur when the plugins were activated via the json spec ([#22191](https://github.com/docker/docker/pull/22191)) 1208 - Fix restart backoff logic to correctly reset delay if container ran for at least 10secs ([#22125](https://github.com/docker/docker/pull/22125)) 1209 - Remove error message when a container restart get cancelled ([#22123](https://github.com/docker/docker/pull/22123)) 1210 - Fix an issue where `docker` would not correctly clean up after `docker exec` ([#22121](https://github.com/docker/docker/pull/22121)) 1211 - Fix a panic that could occur when serving concurrent `docker stats` commands ([#22120](https://github.com/docker/docker/pull/22120))` 1212 - Revert deprecation of non-existent host directories auto-creation ([#22065](https://github.com/docker/docker/pull/22065)) 1213 - Hide misleading rpc error on daemon shutdown ([#22058](https://github.com/docker/docker/pull/22058)) 1214 1215 ## 1.11.0 (2016-04-13) 1216 1217 **IMPORTANT**: With Docker 1.11, a Linux docker installation is now made of 4 binaries (`docker`, [`docker-containerd`](https://github.com/docker/containerd), [`docker-containerd-shim`](https://github.com/docker/containerd) and [`docker-runc`](https://github.com/opencontainers/runc)). If you have scripts relying on docker being a single static binaries, please make sure to update them. Interaction with the daemon stay the same otherwise, the usage of the other binaries should be transparent. A Windows docker installation remains a single binary, `docker.exe`. 1218 1219 ### Builder 1220 1221 - Fix a bug where Docker would not use the correct uid/gid when processing the `WORKDIR` command ([#21033](https://github.com/docker/docker/pull/21033)) 1222 - Fix a bug where copy operations with userns would not use the proper uid/gid ([#20782](https://github.com/docker/docker/pull/20782), [#21162](https://github.com/docker/docker/pull/21162)) 1223 1224 ### Client 1225 1226 * Usage of the `:` separator for security option has been deprecated. `=` should be used instead ([#21232](https://github.com/docker/docker/pull/21232)) 1227 + The client user agent is now passed to the registry on `pull`, `build`, `push`, `login` and `search` operations ([#21306](https://github.com/docker/docker/pull/21306), [#21373](https://github.com/docker/docker/pull/21373)) 1228 * Allow setting the Domainname and Hostname separately through the API ([#20200](https://github.com/docker/docker/pull/20200)) 1229 * Docker info will now warn users if it can not detect the kernel version or the operating system ([#21128](https://github.com/docker/docker/pull/21128)) 1230 - Fix an issue where `docker stats --no-stream` output could be all 0s ([#20803](https://github.com/docker/docker/pull/20803)) 1231 - Fix a bug where some newly started container would not appear in a running `docker stats` command ([#20792](https://github.com/docker/docker/pull/20792)) 1232 * Post processing is no longer enabled for linux-cgo terminals ([#20587](https://github.com/docker/docker/pull/20587)) 1233 - Values to `--hostname` are now refused if they do not comply with [RFC1123](https://tools.ietf.org/html/rfc1123) ([#20566](https://github.com/docker/docker/pull/20566)) 1234 + Docker learned how to use a SOCKS proxy ([#20366](https://github.com/docker/docker/pull/20366), [#18373](https://github.com/docker/docker/pull/18373)) 1235 + Docker now supports external credential stores ([#20107](https://github.com/docker/docker/pull/20107)) 1236 * `docker ps` now supports displaying the list of volumes mounted inside a container ([#20017](https://github.com/docker/docker/pull/20017)) 1237 * `docker info` now also reports Docker's root directory location ([#19986](https://github.com/docker/docker/pull/19986)) 1238 - Docker now prohibits login in with an empty username (spaces are trimmed) ([#19806](https://github.com/docker/docker/pull/19806)) 1239 * Docker events attributes are now sorted by key ([#19761](https://github.com/docker/docker/pull/19761)) 1240 * `docker ps` no longer shows exported port for stopped containers ([#19483](https://github.com/docker/docker/pull/19483)) 1241 - Docker now cleans after itself if a save/export command fails ([#17849](https://github.com/docker/docker/pull/17849)) 1242 * Docker load learned how to display a progress bar ([#17329](https://github.com/docker/docker/pull/17329), [#120078](https://github.com/docker/docker/pull/20078)) 1243 1244 ### Distribution 1245 1246 - Fix a panic that occurred when pulling an image with 0 layers ([#21222](https://github.com/docker/docker/pull/21222)) 1247 - Fix a panic that could occur on error while pushing to a registry with a misconfigured token service ([#21212](https://github.com/docker/docker/pull/21212)) 1248 + All first-level delegation roles are now signed when doing a trusted push ([#21046](https://github.com/docker/docker/pull/21046)) 1249 + OAuth support for registries was added ([#20970](https://github.com/docker/docker/pull/20970)) 1250 * `docker login` now handles token using the implementation found in [docker/distribution](https://github.com/docker/distribution) ([#20832](https://github.com/docker/docker/pull/20832)) 1251 * `docker login` will no longer prompt for an email ([#20565](https://github.com/docker/docker/pull/20565)) 1252 * Docker will now fallback to registry V1 if no basic auth credentials are available ([#20241](https://github.com/docker/docker/pull/20241)) 1253 * Docker will now try to resume layer download where it left off after a network error/timeout ([#19840](https://github.com/docker/docker/pull/19840)) 1254 - Fix generated manifest mediaType when pushing cross-repository ([#19509](https://github.com/docker/docker/pull/19509)) 1255 - Fix docker requesting additional push credentials when pulling an image if Content Trust is enabled ([#20382](https://github.com/docker/docker/pull/20382)) 1256 1257 ### Logging 1258 1259 - Fix a race in the journald log driver ([#21311](https://github.com/docker/docker/pull/21311)) 1260 * Docker syslog driver now uses the RFC-5424 format when emitting logs ([#20121](https://github.com/docker/docker/pull/20121)) 1261 * Docker GELF log driver now allows to specify the compression algorithm and level via the `gelf-compression-type` and `gelf-compression-level` options ([#19831](https://github.com/docker/docker/pull/19831)) 1262 * Docker daemon learned to output uncolorized logs via the `--raw-logs` options ([#19794](https://github.com/docker/docker/pull/19794)) 1263 + Docker, on Windows platform, now includes an ETW (Event Tracing in Windows) logging driver named `etwlogs` ([#19689](https://github.com/docker/docker/pull/19689)) 1264 * Journald log driver learned how to handle tags ([#19564](https://github.com/docker/docker/pull/19564)) 1265 + The fluentd log driver learned the following options: `fluentd-address`, `fluentd-buffer-limit`, `fluentd-retry-wait`, `fluentd-max-retries` and `fluentd-async-connect` ([#19439](https://github.com/docker/docker/pull/19439)) 1266 + Docker learned to send log to Google Cloud via the new `gcplogs` logging driver. ([#18766](https://github.com/docker/docker/pull/18766)) 1267 1268 1269 ### Misc 1270 1271 + When saving linked images together with `docker save` a subsequent `docker load` will correctly restore their parent/child relationship ([#21385](https://github.com/docker/docker/pull/21385)) 1272 + Support for building the Docker cli for OpenBSD was added ([#21325](https://github.com/docker/docker/pull/21325)) 1273 + Labels can now be applied at network, volume and image creation ([#21270](https://github.com/docker/docker/pull/21270)) 1274 * The `dockremap` is now created as a system user ([#21266](https://github.com/docker/docker/pull/21266)) 1275 - Fix a few response body leaks ([#21258](https://github.com/docker/docker/pull/21258)) 1276 - Docker, when run as a service with systemd, will now properly manage its processes cgroups ([#20633](https://github.com/docker/docker/pull/20633)) 1277 * `docker info` now reports the value of cgroup KernelMemory or emits a warning if it is not supported ([#20863](https://github.com/docker/docker/pull/20863)) 1278 * `docker info` now also reports the cgroup driver in use ([#20388](https://github.com/docker/docker/pull/20388)) 1279 * Docker completion is now available on PowerShell ([#19894](https://github.com/docker/docker/pull/19894)) 1280 * `dockerinit` is no more ([#19490](https://github.com/docker/docker/pull/19490),[#19851](https://github.com/docker/docker/pull/19851)) 1281 + Support for building Docker on arm64 was added ([#19013](https://github.com/docker/docker/pull/19013)) 1282 + Experimental support for building docker.exe in a native Windows Docker installation ([#18348](https://github.com/docker/docker/pull/18348)) 1283 1284 ### Networking 1285 1286 - Fix panic if a node is forcibly removed from the cluster ([#21671](https://github.com/docker/docker/pull/21671)) 1287 - Fix "error creating vxlan interface" when starting a container in a Swarm cluster ([#21671](https://github.com/docker/docker/pull/21671)) 1288 * `docker network inspect` will now report all endpoints whether they have an active container or not ([#21160](https://github.com/docker/docker/pull/21160)) 1289 + Experimental support for the MacVlan and IPVlan network drivers has been added ([#21122](https://github.com/docker/docker/pull/21122)) 1290 * Output of `docker network ls` is now sorted by network name ([#20383](https://github.com/docker/docker/pull/20383)) 1291 - Fix a bug where Docker would allow a network to be created with the reserved `default` name ([#19431](https://github.com/docker/docker/pull/19431)) 1292 * `docker network inspect` returns whether a network is internal or not ([#19357](https://github.com/docker/docker/pull/19357)) 1293 + Control IPv6 via explicit option when creating a network (`docker network create --ipv6`). This shows up as a new `EnableIPv6` field in `docker network inspect` ([#17513](https://github.com/docker/docker/pull/17513)) 1294 * Support for AAAA Records (aka IPv6 Service Discovery) in embedded DNS Server ([#21396](https://github.com/docker/docker/pull/21396)) 1295 - Fix to not forward docker domain IPv6 queries to external servers ([#21396](https://github.com/docker/docker/pull/21396)) 1296 * Multiple A/AAAA records from embedded DNS Server for DNS Round robin ([#21019](https://github.com/docker/docker/pull/21019)) 1297 - Fix endpoint count inconsistency after an ungraceful dameon restart ([#21261](https://github.com/docker/docker/pull/21261)) 1298 - Move the ownership of exposed ports and port-mapping options from Endpoint to Sandbox ([#21019](https://github.com/docker/docker/pull/21019)) 1299 - Fixed a bug which prevents docker reload when host is configured with ipv6.disable=1 ([#21019](https://github.com/docker/docker/pull/21019)) 1300 - Added inbuilt nil IPAM driver ([#21019](https://github.com/docker/docker/pull/21019)) 1301 - Fixed bug in iptables.Exists() logic [#21019](https://github.com/docker/docker/pull/21019) 1302 - Fixed a Veth interface leak when using overlay network ([#21019](https://github.com/docker/docker/pull/21019)) 1303 - Fixed a bug which prevents docker reload after a network delete during shutdown ([#20214](https://github.com/docker/docker/pull/20214)) 1304 - Make sure iptables chains are recreated on firewalld reload ([#20419](https://github.com/docker/docker/pull/20419)) 1305 - Allow to pass global datastore during config reload ([#20419](https://github.com/docker/docker/pull/20419)) 1306 - For anonymous containers use the alias name for IP to name mapping, ie:DNS PTR record ([#21019](https://github.com/docker/docker/pull/21019)) 1307 - Fix a panic when deleting an entry from /etc/hosts file ([#21019](https://github.com/docker/docker/pull/21019)) 1308 - Source the forwarded DNS queries from the container net namespace ([#21019](https://github.com/docker/docker/pull/21019)) 1309 - Fix to retain the network internal mode config for bridge networks on daemon reload ([#21780] (https://github.com/docker/docker/pull/21780)) 1310 - Fix to retain IPAM driver option configs on daemon reload ([#21914] (https://github.com/docker/docker/pull/21914)) 1311 1312 ### Plugins 1313 1314 - Fix a file descriptor leak that would occur every time plugins were enumerated ([#20686](https://github.com/docker/docker/pull/20686)) 1315 - Fix an issue where Authz plugin would corrupt the payload body when faced with a large amount of data ([#20602](https://github.com/docker/docker/pull/20602)) 1316 1317 ### Runtime 1318 1319 - Fix a panic that could occur when cleanup after a container started with invalid parameters ([#21716](https://github.com/docker/docker/pull/21716)) 1320 - Fix a race with event timers stopping early ([#21692](https://github.com/docker/docker/pull/21692)) 1321 - Fix race conditions in the layer store, potentially corrupting the map and crashing the process ([#21677](https://github.com/docker/docker/pull/21677)) 1322 - Un-deprecate auto-creation of host directories for mounts. This feature was marked deprecated in ([#21666](https://github.com/docker/docker/pull/21666)) 1323 Docker 1.9, but was decided to be too much of a backward-incompatible change, so it was decided to keep the feature. 1324 + It is now possible for containers to share the NET and IPC namespaces when `userns` is enabled ([#21383](https://github.com/docker/docker/pull/21383)) 1325 + `docker inspect <image-id>` will now expose the rootfs layers ([#21370](https://github.com/docker/docker/pull/21370)) 1326 + Docker Windows gained a minimal `top` implementation ([#21354](https://github.com/docker/docker/pull/21354)) 1327 * Docker learned to report the faulty exe when a container cannot be started due to its condition ([#21345](https://github.com/docker/docker/pull/21345)) 1328 * Docker with device mapper will now refuse to run if `udev sync` is not available ([#21097](https://github.com/docker/docker/pull/21097)) 1329 - Fix a bug where Docker would not validate the config file upon configuration reload ([#21089](https://github.com/docker/docker/pull/21089)) 1330 - Fix a hang that would happen on attach if initial start was to fail ([#21048](https://github.com/docker/docker/pull/21048)) 1331 - Fix an issue where registry service options in the daemon configuration file were not properly taken into account ([#21045](https://github.com/docker/docker/pull/21045)) 1332 - Fix a race between the exec and resize operations ([#21022](https://github.com/docker/docker/pull/21022)) 1333 - Fix an issue where nanoseconds were not correctly taken in account when filtering Docker events ([#21013](https://github.com/docker/docker/pull/21013)) 1334 - Fix the handling of Docker command when passed a 64 bytes id ([#21002](https://github.com/docker/docker/pull/21002)) 1335 * Docker will now return a `204` (i.e http.StatusNoContent) code when it successfully deleted a network ([#20977](https://github.com/docker/docker/pull/20977)) 1336 - Fix a bug where the daemon would wait indefinitely in case the process it was about to killed had already exited on its own ([#20967](https://github.com/docker/docker/pull/20967) 1337 * The devmapper driver learned the `dm.min_free_space` option. If the mapped device free space reaches the passed value, new device creation will be prohibited. ([#20786](https://github.com/docker/docker/pull/20786)) 1338 + Docker can now prevent processes in container to gain new privileges via the `--security-opt=no-new-privileges` flag ([#20727](https://github.com/docker/docker/pull/20727)) 1339 - Starting a container with the `--device` option will now correctly resolves symlinks ([#20684](https://github.com/docker/docker/pull/20684)) 1340 + Docker now relies on [`containerd`](https://github.com/docker/containerd) and [`runc`](https://github.com/opencontainers/runc) to spawn containers. ([#20662](https://github.com/docker/docker/pull/20662)) 1341 - Fix docker configuration reloading to only alter value present in the given config file ([#20604](https://github.com/docker/docker/pull/20604)) 1342 + Docker now allows setting a container hostname via the `--hostname` flag when `--net=host` ([#20177](https://github.com/docker/docker/pull/20177)) 1343 + Docker now allows executing privileged container while running with `--userns-remap` if both `--privileged` and the new `--userns=host` flag are specified ([#20111](https://github.com/docker/docker/pull/20111)) 1344 - Fix Docker not cleaning up correctly old containers upon restarting after a crash ([#19679](https://github.com/docker/docker/pull/19679)) 1345 * Docker will now error out if it doesn't recognize a configuration key within the config file ([#19517](https://github.com/docker/docker/pull/19517)) 1346 - Fix container loading, on daemon startup, when they depends on a plugin running within a container ([#19500](https://github.com/docker/docker/pull/19500)) 1347 * `docker update` learned how to change a container restart policy ([#19116](https://github.com/docker/docker/pull/19116)) 1348 * `docker inspect` now also returns a new `State` field containing the container state in a human readable way (i.e. one of `created`, `restarting`, `running`, `paused`, `exited` or `dead`)([#18966](https://github.com/docker/docker/pull/18966)) 1349 + Docker learned to limit the number of active pids (i.e. processes) within the container via the `pids-limit` flags. NOTE: This requires `CGROUP_PIDS=y` to be in the kernel configuration. ([#18697](https://github.com/docker/docker/pull/18697)) 1350 - `docker load` now has a `--quiet` option to suppress the load output ([#20078](https://github.com/docker/docker/pull/20078)) 1351 - Fix a bug in neighbor discovery for IPv6 peers ([#20842](https://github.com/docker/docker/pull/20842)) 1352 - Fix a panic during cleanup if a container was started with invalid options ([#21802](https://github.com/docker/docker/pull/21802)) 1353 - Fix a situation where a container cannot be stopped if the terminal is closed ([#21840](https://github.com/docker/docker/pull/21840)) 1354 1355 ### Security 1356 1357 * Object with the `pcp_pmcd_t` selinux type were given management access to `/var/lib/docker(/.*)?` ([#21370](https://github.com/docker/docker/pull/21370)) 1358 * `restart_syscall`, `copy_file_range`, `mlock2` joined the list of allowed calls in the default seccomp profile ([#21117](https://github.com/docker/docker/pull/21117), [#21262](https://github.com/docker/docker/pull/21262)) 1359 * `send`, `recv` and `x32` were added to the list of allowed syscalls and arch in the default seccomp profile ([#19432](https://github.com/docker/docker/pull/19432)) 1360 * Docker Content Trust now requests the server to perform snapshot signing ([#21046](https://github.com/docker/docker/pull/21046)) 1361 * Support for using YubiKeys for Content Trust signing has been moved out of experimental ([#21591](https://github.com/docker/docker/pull/21591)) 1362 1363 ### Volumes 1364 1365 * Output of `docker volume ls` is now sorted by volume name ([#20389](https://github.com/docker/docker/pull/20389)) 1366 * Local volumes can now accept options similar to the unix `mount` tool ([#20262](https://github.com/docker/docker/pull/20262)) 1367 - Fix an issue where one letter directory name could not be used as source for volumes ([#21106](https://github.com/docker/docker/pull/21106)) 1368 + `docker run -v` now accepts a new flag `nocopy`. This tells the runtime not to copy the container path content into the volume (which is the default behavior) ([#21223](https://github.com/docker/docker/pull/21223)) 1369 1370 ## 1.10.3 (2016-03-10) 1371 1372 ### Runtime 1373 1374 - Fix Docker client exiting with an "Unrecognized input header" error [#20706](https://github.com/docker/docker/pull/20706) 1375 - Fix Docker exiting if Exec is started with both `AttachStdin` and `Detach` [#20647](https://github.com/docker/docker/pull/20647) 1376 1377 ### Distribution 1378 1379 - Fix a crash when pushing multiple images sharing the same layers to the same repository in parallel [#20831](https://github.com/docker/docker/pull/20831) 1380 - Fix a panic when pushing images to a registry which uses a misconfigured token service [#21030](https://github.com/docker/docker/pull/21030) 1381 1382 ### Plugin system 1383 1384 - Fix issue preventing volume plugins to start when SELinux is enabled [#20834](https://github.com/docker/docker/pull/20834) 1385 - Prevent Docker from exiting if a volume plugin returns a null response for Get requests [#20682](https://github.com/docker/docker/pull/20682) 1386 - Fix plugin system leaking file descriptors if a plugin has an error [#20680](https://github.com/docker/docker/pull/20680) 1387 1388 ### Security 1389 1390 - Fix linux32 emulation to fail during docker build [#20672](https://github.com/docker/docker/pull/20672) 1391 It was due to the `personality` syscall being blocked by the default seccomp profile. 1392 - Fix Oracle XE 10g failing to start in a container [#20981](https://github.com/docker/docker/pull/20981) 1393 It was due to the `ipc` syscall being blocked by the default seccomp profile. 1394 - Fix user namespaces not working on Linux From Scratch [#20685](https://github.com/docker/docker/pull/20685) 1395 - Fix issue preventing daemon to start if userns is enabled and the `subuid` or `subgid` files contain comments [#20725](https://github.com/docker/docker/pull/20725) 1396 1397 ## 1.10.2 (2016-02-22) 1398 1399 ### Runtime 1400 1401 - Prevent systemd from deleting containers' cgroups when its configuration is reloaded [#20518](https://github.com/docker/docker/pull/20518) 1402 - Fix SELinux issues by disregarding `--read-only` when mounting `/dev/mqueue` [#20333](https://github.com/docker/docker/pull/20333) 1403 - Fix chown permissions used during `docker cp` when userns is used [#20446](https://github.com/docker/docker/pull/20446) 1404 - Fix configuration loading issue with all booleans defaulting to `true` [#20471](https://github.com/docker/docker/pull/20471) 1405 - Fix occasional panic with `docker logs -f` [#20522](https://github.com/docker/docker/pull/20522) 1406 1407 ### Distribution 1408 1409 - Keep layer reference if deletion failed to avoid a badly inconsistent state [#20513](https://github.com/docker/docker/pull/20513) 1410 - Handle gracefully a corner case when canceling migration [#20372](https://github.com/docker/docker/pull/20372) 1411 - Fix docker import on compressed data [#20367](https://github.com/docker/docker/pull/20367) 1412 - Fix tar-split files corruption during migration that later cause docker push and docker save to fail [#20458](https://github.com/docker/docker/pull/20458) 1413 1414 ### Networking 1415 1416 - Fix daemon crash if embedded DNS is sent garbage [#20510](https://github.com/docker/docker/pull/20510) 1417 1418 ### Volumes 1419 1420 - Fix issue with multiple volume references with same name [#20381](https://github.com/docker/docker/pull/20381) 1421 1422 ### Security 1423 1424 - Fix potential cache corruption and delegation conflict issues [#20523](https://github.com/docker/docker/pull/20523) 1425 1426 ## 1.10.1 (2016-02-11) 1427 1428 ### Runtime 1429 1430 * Do not stop daemon on migration hard failure [#20156](https://github.com/docker/docker/pull/20156) 1431 - Fix various issues with migration to content-addressable images [#20058](https://github.com/docker/docker/pull/20058) 1432 - Fix ZFS permission bug with user namespaces [#20045](https://github.com/docker/docker/pull/20045) 1433 - Do not leak /dev/mqueue from the host to all containers, keep it container-specific [#19876](https://github.com/docker/docker/pull/19876) [#20133](https://github.com/docker/docker/pull/20133) 1434 - Fix `docker ps --filter before=...` to not show stopped containers without providing `-a` flag [#20135](https://github.com/docker/docker/pull/20135) 1435 1436 ### Security 1437 1438 - Fix issue preventing docker events to work properly with authorization plugin [#20002](https://github.com/docker/docker/pull/20002) 1439 1440 ### Distribution 1441 1442 * Add additional verifications and prevent from uploading invalid data to registries [#20164](https://github.com/docker/docker/pull/20164) 1443 - Fix regression preventing uppercase characters in image reference hostname [#20175](https://github.com/docker/docker/pull/20175) 1444 1445 ### Networking 1446 1447 - Fix embedded DNS for user-defined networks in the presence of firewalld [#20060](https://github.com/docker/docker/pull/20060) 1448 - Fix issue where removing a network during shutdown left Docker inoperable [#20181](https://github.com/docker/docker/issues/20181) [#20235](https://github.com/docker/docker/issues/20235) 1449 - Embedded DNS is now able to return compressed results [#20181](https://github.com/docker/docker/issues/20181) 1450 - Fix port-mapping issue with `userland-proxy=false` [#20181](https://github.com/docker/docker/issues/20181) 1451 1452 ### Logging 1453 1454 - Fix bug where tcp+tls protocol would be rejected [#20109](https://github.com/docker/docker/pull/20109) 1455 1456 ### Volumes 1457 1458 - Fix issue whereby older volume drivers would not receive volume options [#19983](https://github.com/docker/docker/pull/19983) 1459 1460 ### Misc 1461 1462 - Remove TasksMax from Docker systemd service [#20167](https://github.com/docker/docker/pull/20167) 1463 1464 ## 1.10.0 (2016-02-04) 1465 1466 **IMPORTANT**: Docker 1.10 uses a new content-addressable storage for images and layers. 1467 A migration is performed the first time docker is run, and can take a significant amount of time depending on the number of images present. 1468 Refer to this page on the wiki for more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration 1469 We also released a cool migration utility that enables you to perform the migration before updating to reduce downtime. 1470 Engine 1.10 migrator can be found on Docker Hub: https://hub.docker.com/r/docker/v1.10-migrator/ 1471 1472 ### Runtime 1473 1474 + New `docker update` command that allows updating resource constraints on running containers [#15078](https://github.com/docker/docker/pull/15078) 1475 + Add `--tmpfs` flag to `docker run` to create a tmpfs mount in a container [#13587](https://github.com/docker/docker/pull/13587) 1476 + Add `--format` flag to `docker images` command [#17692](https://github.com/docker/docker/pull/17692) 1477 + Allow to set daemon configuration in a file and hot-reload it with the `SIGHUP` signal [#18587](https://github.com/docker/docker/pull/18587) 1478 + Updated docker events to include more meta-data and event types [#18888](https://github.com/docker/docker/pull/18888) 1479 This change is backward compatible in the API, but not on the CLI. 1480 + Add `--blkio-weight-device` flag to `docker run` [#13959](https://github.com/docker/docker/pull/13959) 1481 + Add `--device-read-bps` and `--device-write-bps` flags to `docker run` [#14466](https://github.com/docker/docker/pull/14466) 1482 + Add `--device-read-iops` and `--device-write-iops` flags to `docker run` [#15879](https://github.com/docker/docker/pull/15879) 1483 + Add `--oom-score-adj` flag to `docker run` [#16277](https://github.com/docker/docker/pull/16277) 1484 + Add `--detach-keys` flag to `attach`, `run`, `start` and `exec` commands to override the default key sequence that detaches from a container [#15666](https://github.com/docker/docker/pull/15666) 1485 + Add `--shm-size` flag to `run`, `create` and `build` to set the size of `/dev/shm` [#16168](https://github.com/docker/docker/pull/16168) 1486 + Show the number of running, stopped, and paused containers in `docker info` [#19249](https://github.com/docker/docker/pull/19249) 1487 + Show the `OSType` and `Architecture` in `docker info` [#17478](https://github.com/docker/docker/pull/17478) 1488 + Add `--cgroup-parent` flag on `daemon` to set cgroup parent for all containers [#19062](https://github.com/docker/docker/pull/19062) 1489 + Add `-L` flag to docker cp to follow symlinks [#16613](https://github.com/docker/docker/pull/16613) 1490 + New `status=dead` filter for `docker ps` [#17908](https://github.com/docker/docker/pull/17908) 1491 * Change `docker run` exit codes to distinguish between runtime and application errors [#14012](https://github.com/docker/docker/pull/14012) 1492 * Enhance `docker events --since` and `--until` to support nanoseconds and timezones [#17495](https://github.com/docker/docker/pull/17495) 1493 * Add `--all`/`-a` flag to `stats` to include both running and stopped containers [#16742](https://github.com/docker/docker/pull/16742) 1494 * Change the default cgroup-driver to `cgroupfs` [#17704](https://github.com/docker/docker/pull/17704) 1495 * Emit a "tag" event when tagging an image with `build -t` [#17115](https://github.com/docker/docker/pull/17115) 1496 * Best effort for linked containers' start order when starting the daemon [#18208](https://github.com/docker/docker/pull/18208) 1497 * Add ability to add multiple tags on `build` [#15780](https://github.com/docker/docker/pull/15780) 1498 * Permit `OPTIONS` request against any url, thus fixing issue with CORS [#19569](https://github.com/docker/docker/pull/19569) 1499 - Fix the `--quiet` flag on `docker build` to actually be quiet [#17428](https://github.com/docker/docker/pull/17428) 1500 - Fix `docker images --filter dangling=false` to now show all non-dangling images [#19326](https://github.com/docker/docker/pull/19326) 1501 - Fix race condition causing autorestart turning off on restart [#17629](https://github.com/docker/docker/pull/17629) 1502 - Recognize GPFS filesystems [#19216](https://github.com/docker/docker/pull/19216) 1503 - Fix obscure bug preventing to start containers [#19751](https://github.com/docker/docker/pull/19751) 1504 - Forbid `exec` during container restart [#19722](https://github.com/docker/docker/pull/19722) 1505 - devicemapper: Increasing `--storage-opt dm.basesize` will now increase the base device size on daemon restart [#19123](https://github.com/docker/docker/pull/19123) 1506 1507 ### Security 1508 1509 + Add `--userns-remap` flag to `daemon` to support user namespaces (previously in experimental) [#19187](https://github.com/docker/docker/pull/19187) 1510 + Add support for custom seccomp profiles in `--security-opt` [#17989](https://github.com/docker/docker/pull/17989) 1511 + Add default seccomp profile [#18780](https://github.com/docker/docker/pull/18780) 1512 + Add `--authorization-plugin` flag to `daemon` to customize ACLs [#15365](https://github.com/docker/docker/pull/15365) 1513 + Docker Content Trust now supports the ability to read and write user delegations [#18887](https://github.com/docker/docker/pull/18887) 1514 This is an optional, opt-in feature that requires the explicit use of the Notary command-line utility in order to be enabled. 1515 Enabling delegation support in a specific repository will break the ability of Docker 1.9 and 1.8 to pull from that repository, if content trust is enabled. 1516 * Allow SELinux to run in a container when using the BTRFS storage driver [#16452](https://github.com/docker/docker/pull/16452) 1517 1518 ### Distribution 1519 1520 * Use content-addressable storage for images and layers [#17924](https://github.com/docker/docker/pull/17924) 1521 Note that a migration is performed the first time docker is run; it can take a significant amount of time depending on the number of images and containers present. 1522 Images no longer depend on the parent chain but contain a list of layer references. 1523 `docker load`/`docker save` tarballs now also contain content-addressable image configurations. 1524 For more information: https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration 1525 * Add support for the new [manifest format ("schema2")](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md) [#18785](https://github.com/docker/docker/pull/18785) 1526 * Lots of improvements for push and pull: performance++, retries on failed downloads, cancelling on client disconnect [#18353](https://github.com/docker/docker/pull/18353), [#18418](https://github.com/docker/docker/pull/18418), [#19109](https://github.com/docker/docker/pull/19109), [#18353](https://github.com/docker/docker/pull/18353) 1527 * Limit v1 protocol fallbacks [#18590](https://github.com/docker/docker/pull/18590) 1528 - Fix issue where docker could hang indefinitely waiting for a nonexistent process to pull an image [#19743](https://github.com/docker/docker/pull/19743) 1529 1530 ### Networking 1531 1532 + Use DNS-based discovery instead of `/etc/hosts` [#19198](https://github.com/docker/docker/pull/19198) 1533 + Support for network-scoped alias using `--net-alias` on `run` and `--alias` on `network connect` [#19242](https://github.com/docker/docker/pull/19242) 1534 + Add `--ip` and `--ip6` on `run` and `network connect` to support custom IP addresses for a container in a network [#19001](https://github.com/docker/docker/pull/19001) 1535 + Add `--ipam-opt` to `network create` for passing custom IPAM options [#17316](https://github.com/docker/docker/pull/17316) 1536 + Add `--internal` flag to `network create` to restrict external access to and from the network [#19276](https://github.com/docker/docker/pull/19276) 1537 + Add `kv.path` option to `--cluster-store-opt` [#19167](https://github.com/docker/docker/pull/19167) 1538 + Add `discovery.heartbeat` and `discovery.ttl` options to `--cluster-store-opt` to configure discovery TTL and heartbeat timer [#18204](https://github.com/docker/docker/pull/18204) 1539 + Add `--format` flag to `network inspect` [#17481](https://github.com/docker/docker/pull/17481) 1540 + Add `--link` to `network connect` to provide a container-local alias [#19229](https://github.com/docker/docker/pull/19229) 1541 + Support for Capability exchange with remote IPAM plugins [#18775](https://github.com/docker/docker/pull/18775) 1542 + Add `--force` to `network disconnect` to force container to be disconnected from network [#19317](https://github.com/docker/docker/pull/19317) 1543 * Support for multi-host networking using built-in overlay driver for all engine supported kernels: 3.10+ [#18775](https://github.com/docker/docker/pull/18775) 1544 * `--link` is now supported on `docker run` for containers in user-defined network [#19229](https://github.com/docker/docker/pull/19229) 1545 * Enhance `docker network rm` to allow removing multiple networks [#17489](https://github.com/docker/docker/pull/17489) 1546 * Include container names in `network inspect` [#17615](https://github.com/docker/docker/pull/17615) 1547 * Include auto-generated subnets for user-defined networks in `network inspect` [#17316](https://github.com/docker/docker/pull/17316) 1548 * Add `--filter` flag to `network ls` to hide predefined networks [#17782](https://github.com/docker/docker/pull/17782) 1549 * Add support for network connect/disconnect to stopped containers [#18906](https://github.com/docker/docker/pull/18906) 1550 * Add network ID to container inspect [#19323](https://github.com/docker/docker/pull/19323) 1551 - Fix MTU issue where Docker would not start with two or more default routes [#18108](https://github.com/docker/docker/pull/18108) 1552 - Fix duplicate IP address for containers [#18106](https://github.com/docker/docker/pull/18106) 1553 - Fix issue preventing sometimes docker from creating the bridge network [#19338](https://github.com/docker/docker/pull/19338) 1554 - Do not substitute 127.0.0.1 name server when using `--net=host` [#19573](https://github.com/docker/docker/pull/19573) 1555 1556 ### Logging 1557 1558 + New logging driver for Splunk [#16488](https://github.com/docker/docker/pull/16488) 1559 + Add support for syslog over TCP+TLS [#18998](https://github.com/docker/docker/pull/18998) 1560 * Enhance `docker logs --since` and `--until` to support nanoseconds and time [#17495](https://github.com/docker/docker/pull/17495) 1561 * Enhance AWS logs to auto-detect region [#16640](https://github.com/docker/docker/pull/16640) 1562 1563 ### Volumes 1564 1565 + Add support to set the mount propagation mode for a volume [#17034](https://github.com/docker/docker/pull/17034) 1566 * Add `ls` and `inspect` endpoints to volume plugin API [#16534](https://github.com/docker/docker/pull/16534) 1567 Existing plugins need to make use of these new APIs to satisfy users' expectation 1568 For that, please use the new MIME type `application/vnd.docker.plugins.v1.2+json` [#19549](https://github.com/docker/docker/pull/19549) 1569 - Fix data not being copied to named volumes [#19175](https://github.com/docker/docker/pull/19175) 1570 - Fix issues preventing volume drivers from being containerized [#19500](https://github.com/docker/docker/pull/19500) 1571 - Fix `docker volumes ls --dangling=false` to now show all non-dangling volumes [#19671](https://github.com/docker/docker/pull/19671) 1572 - Do not remove named volumes on container removal [#19568](https://github.com/docker/docker/pull/19568) 1573 - Allow external volume drivers to host anonymous volumes [#19190](https://github.com/docker/docker/pull/19190) 1574 1575 ### Builder 1576 1577 + Add support for `**` in `.dockerignore` to wildcard multiple levels of directories [#17090](https://github.com/docker/docker/pull/17090) 1578 - Fix handling of UTF-8 characters in Dockerfiles [#17055](https://github.com/docker/docker/pull/17055) 1579 - Fix permissions problem when reading from STDIN [#19283](https://github.com/docker/docker/pull/19283) 1580 1581 ### Client 1582 1583 + Add support for overriding the API version to use via an `DOCKER_API_VERSION` environment-variable [#15964](https://github.com/docker/docker/pull/15964) 1584 - Fix a bug preventing Windows clients to log in to Docker Hub [#19891](https://github.com/docker/docker/pull/19891) 1585 1586 ### Misc 1587 1588 * systemd: Set TasksMax in addition to LimitNPROC in systemd service file [#19391](https://github.com/docker/docker/pull/19391) 1589 1590 ### Deprecations 1591 1592 * Remove LXC support. The LXC driver was deprecated in Docker 1.8, and has now been removed [#17700](https://github.com/docker/docker/pull/17700) 1593 * Remove `--exec-driver` daemon flag, because it is no longer in use [#17700](https://github.com/docker/docker/pull/17700) 1594 * Remove old deprecated single-dashed long CLI flags (such as `-rm`; use `--rm` instead) [#17724](https://github.com/docker/docker/pull/17724) 1595 * Deprecate HostConfig at API container start [#17799](https://github.com/docker/docker/pull/17799) 1596 * Deprecate docker packages for newly EOL'd Linux distributions: Fedora 21 and Ubuntu 15.04 (Vivid) [#18794](https://github.com/docker/docker/pull/18794), [#18809](https://github.com/docker/docker/pull/18809) 1597 * Deprecate `-f` flag for docker tag [#18350](https://github.com/docker/docker/pull/18350) 1598 1599 ## 1.9.1 (2015-11-21) 1600 1601 ### Runtime 1602 1603 - Do not prevent daemon from booting if images could not be restored (#17695) 1604 - Force IPC mount to unmount on daemon shutdown/init (#17539) 1605 - Turn IPC unmount errors into warnings (#17554) 1606 - Fix `docker stats` performance regression (#17638) 1607 - Clarify cryptic error message upon `docker logs` if `--log-driver=none` (#17767) 1608 - Fix seldom panics (#17639, #17634, #17703) 1609 - Fix opq whiteouts problems for files with dot prefix (#17819) 1610 - devicemapper: try defaulting to xfs instead of ext4 for performance reasons (#17903, #17918) 1611 - devicemapper: fix displayed fs in docker info (#17974) 1612 - selinux: only relabel if user requested so with the `z` option (#17450, #17834) 1613 - Do not make network calls when normalizing names (#18014) 1614 1615 ### Client 1616 1617 - Fix `docker login` on windows (#17738) 1618 - Fix bug with `docker inspect` output when not connected to daemon (#17715) 1619 - Fix `docker inspect -f {{.HostConfig.Dns}} somecontainer` (#17680) 1620 1621 ### Builder 1622 1623 - Fix regression with symlink behavior in ADD/COPY (#17710) 1624 1625 ### Networking 1626 1627 - Allow passing a network ID as an argument for `--net` (#17558) 1628 - Fix connect to host and prevent disconnect from host for `host` network (#17476) 1629 - Fix `--fixed-cidr` issue when gateway ip falls in ip-range and ip-range is 1630 not the first block in the network (#17853) 1631 - Restore deterministic `IPv6` generation from `MAC` address on default `bridge` network (#17890) 1632 - Allow port-mapping only for endpoints created on docker run (#17858) 1633 - Fixed an endpoint delete issue with a possible stale sbox (#18102) 1634 1635 ### Distribution 1636 1637 - Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent (#18047) 1638 1639 ## 1.9.0 (2015-11-03) 1640 1641 ### Runtime 1642 1643 + `docker stats` now returns block IO metrics (#15005) 1644 + `docker stats` now details network stats per interface (#15786) 1645 + Add `ancestor=<image>` filter to `docker ps --filter` flag to filter 1646 containers based on their ancestor images (#14570) 1647 + Add `label=<somelabel>` filter to `docker ps --filter` to filter containers 1648 based on label (#16530) 1649 + Add `--kernel-memory` flag to `docker run` (#14006) 1650 + Add `--message` flag to `docker import` allowing to specify an optional 1651 message (#15711) 1652 + Add `--privileged` flag to `docker exec` (#14113) 1653 + Add `--stop-signal` flag to `docker run` allowing to replace the container 1654 process stopping signal (#15307) 1655 + Add a new `unless-stopped` restart policy (#15348) 1656 + Inspecting an image now returns tags (#13185) 1657 + Add container size information to `docker inspect` (#15796) 1658 + Add `RepoTags` and `RepoDigests` field to `/images/{name:.*}/json` (#17275) 1659 - Remove the deprecated `/container/ps` endpoint from the API (#15972) 1660 - Send and document correct HTTP codes for `/exec/<name>/start` (#16250) 1661 - Share shm and mqueue between containers sharing IPC namespace (#15862) 1662 - Event stream now shows OOM status when `--oom-kill-disable` is set (#16235) 1663 - Ensure special network files (/etc/hosts etc.) are read-only if bind-mounted 1664 with `ro` option (#14965) 1665 - Improve `rmi` performance (#16890) 1666 - Do not update /etc/hosts for the default bridge network, except for links (#17325) 1667 - Fix conflict with duplicate container names (#17389) 1668 - Fix an issue with incorrect template execution in `docker inspect` (#17284) 1669 - DEPRECATE `-c` short flag variant for `--cpu-shares` in docker run (#16271) 1670 1671 ### Client 1672 1673 + Allow `docker import` to import from local files (#11907) 1674 1675 ### Builder 1676 1677 + Add a `STOPSIGNAL` Dockerfile instruction allowing to set a different 1678 stop-signal for the container process (#15307) 1679 + Add an `ARG` Dockerfile instruction and a `--build-arg` flag to `docker build` 1680 that allows to add build-time environment variables (#15182) 1681 - Improve cache miss performance (#16890) 1682 1683 ### Storage 1684 1685 - devicemapper: Implement deferred deletion capability (#16381) 1686 1687 ### Networking 1688 1689 + `docker network` exits experimental and is part of standard release (#16645) 1690 + New network top-level concept, with associated subcommands and API (#16645) 1691 WARNING: the API is different from the experimental API 1692 + Support for multiple isolated/micro-segmented networks (#16645) 1693 + Built-in multihost networking using VXLAN based overlay driver (#14071) 1694 + Support for third-party network plugins (#13424) 1695 + Ability to dynamically connect containers to multiple networks (#16645) 1696 + Support for user-defined IP address management via pluggable IPAM drivers (#16910) 1697 + Add daemon flags `--cluster-store` and `--cluster-advertise` for built-in nodes discovery (#16229) 1698 + Add `--cluster-store-opt` for setting up TLS settings (#16644) 1699 + Add `--dns-opt` to the daemon (#16031) 1700 - DEPRECATE following container `NetworkSettings` fields in API v1.21: `EndpointID`, `Gateway`, 1701 `GlobalIPv6Address`, `GlobalIPv6PrefixLen`, `IPAddress`, `IPPrefixLen`, `IPv6Gateway` and `MacAddress`. 1702 Those are now specific to the `bridge` network. Use `NetworkSettings.Networks` to inspect 1703 the networking settings of a container per network. 1704 1705 ### Volumes 1706 1707 + New top-level `volume` subcommand and API (#14242) 1708 - Move API volume driver settings to host-specific config (#15798) 1709 - Print an error message if volume name is not unique (#16009) 1710 - Ensure volumes created from Dockerfiles always use the local volume driver 1711 (#15507) 1712 - DEPRECATE auto-creating missing host paths for bind mounts (#16349) 1713 1714 ### Logging 1715 1716 + Add `awslogs` logging driver for Amazon CloudWatch (#15495) 1717 + Add generic `tag` log option to allow customizing container/image 1718 information passed to driver (e.g. show container names) (#15384) 1719 - Implement the `docker logs` endpoint for the journald driver (#13707) 1720 - DEPRECATE driver-specific log tags (e.g. `syslog-tag`, etc.) (#15384) 1721 1722 ### Distribution 1723 1724 + `docker search` now works with partial names (#16509) 1725 - Push optimization: avoid buffering to file (#15493) 1726 - The daemon will display progress for images that were already being pulled 1727 by another client (#15489) 1728 - Only permissions required for the current action being performed are requested (#) 1729 + Renaming trust keys (and respective environment variables) from `offline` to 1730 `root` and `tagging` to `repository` (#16894) 1731 - DEPRECATE trust key environment variables 1732 `DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE` and 1733 `DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE` (#16894) 1734 1735 ### Security 1736 1737 + Add SELinux profiles to the rpm package (#15832) 1738 - Fix various issues with AppArmor profiles provided in the deb package 1739 (#14609) 1740 - Add AppArmor policy that prevents writing to /proc (#15571) 1741 1742 ## 1.8.3 (2015-10-12) 1743 1744 ### Distribution 1745 1746 - Fix layer IDs lead to local graph poisoning (CVE-2014-8178) 1747 - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179) 1748 + Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry 1749 1750 ## 1.8.2 (2015-09-10) 1751 1752 ### Distribution 1753 1754 - Fixes rare edge case of handling GNU LongLink and LongName entries. 1755 - Fix ^C on docker pull. 1756 - Fix docker pull issues on client disconnection. 1757 - Fix issue that caused the daemon to panic when loggers weren't configured properly. 1758 - Fix goroutine leak pulling images from registry V2. 1759 1760 ### Runtime 1761 1762 - Fix a bug mounting cgroups for docker daemons running inside docker containers. 1763 - Initialize log configuration properly. 1764 1765 ### Client: 1766 1767 - Handle `-q` flag in `docker ps` properly when there is a default format. 1768 1769 ### Networking 1770 1771 - Fix several corner cases with netlink. 1772 1773 ### Contrib 1774 1775 - Fix several issues with bash completion. 1776 1777 ## 1.8.1 (2015-08-12) 1778 1779 ### Distribution 1780 1781 * Fix a bug where pushing multiple tags would result in invalid images 1782 1783 ## 1.8.0 (2015-08-11) 1784 1785 ### Distribution 1786 1787 + Trusted pull, push and build, disabled by default 1788 * Make tar layers deterministic between registries 1789 * Don't allow deleting the image of running containers 1790 * Check if a tag name to load is a valid digest 1791 * Allow one character repository names 1792 * Add a more accurate error description for invalid tag name 1793 * Make build cache ignore mtime 1794 1795 ### Cli 1796 1797 + Add support for DOCKER_CONFIG/--config to specify config file dir 1798 + Add --type flag for docker inspect command 1799 + Add formatting options to `docker ps` with `--format` 1800 + Replace `docker -d` with new subcommand `docker daemon` 1801 * Zsh completion updates and improvements 1802 * Add some missing events to bash completion 1803 * Support daemon urls with base paths in `docker -H` 1804 * Validate status= filter to docker ps 1805 * Display when a container is in --net=host in docker ps 1806 * Extend docker inspect to export image metadata related to graph driver 1807 * Restore --default-gateway{,-v6} daemon options 1808 * Add missing unpublished ports in docker ps 1809 * Allow duration strings in `docker events` as --since/--until 1810 * Expose more mounts information in `docker inspect` 1811 1812 ### Runtime 1813 1814 + Add new Fluentd logging driver 1815 + Allow `docker import` to load from local files 1816 + Add logging driver for GELF via UDP 1817 + Allow to copy files from host to containers with `docker cp` 1818 + Promote volume drivers from experimental to master 1819 + Add rollover options to json-file log driver, and --log-driver-opts flag 1820 + Add memory swappiness tuning options 1821 * Remove cgroup read-only flag when privileged 1822 * Make /proc, /sys, & /dev readonly for readonly containers 1823 * Add cgroup bind mount by default 1824 * Overlay: Export metadata for container and image in `docker inspect` 1825 * Devicemapper: external device activation 1826 * Devicemapper: Compare uuid of base device on startup 1827 * Remove RC4 from the list of registry cipher suites 1828 * Add syslog-facility option 1829 * LXC execdriver compatibility with recent LXC versions 1830 * Mark LXC execriver as deprecated (to be removed with the migration to runc) 1831 1832 ### Plugins 1833 1834 * Separate plugin sockets and specs locations 1835 * Allow TLS connections to plugins 1836 1837 ### Bug fixes 1838 1839 - Add missing 'Names' field to /containers/json API output 1840 - Make `docker rmi` of dangling images safe while pulling 1841 - Devicemapper: Change default basesize to 100G 1842 - Go Scheduler issue with sync.Mutex and gcc 1843 - Fix issue where Search API endpoint would panic due to empty AuthConfig 1844 - Set image canonical names correctly 1845 - Check dockerinit only if lxc driver is used 1846 - Fix ulimit usage of nproc 1847 - Always attach STDIN if -i,--interactive is specified 1848 - Show error messages when saving container state fails 1849 - Fixed incorrect assumption on --bridge=none treated as disable network 1850 - Check for invalid port specifications in host configuration 1851 - Fix endpoint leave failure for --net=host mode 1852 - Fix goroutine leak in the stats API if the container is not running 1853 - Check for apparmor file before reading it 1854 - Fix DOCKER_TLS_VERIFY being ignored 1855 - Set umask to the default on startup 1856 - Correct the message of pause and unpause a non-running container 1857 - Adjust disallowed CpuShares in container creation 1858 - ZFS: correctly apply selinux context 1859 - Display empty string instead of <nil> when IP opt is nil 1860 - `docker kill` returns error when container is not running 1861 - Fix COPY/ADD quoted/json form 1862 - Fix goroutine leak on logs -f with no output 1863 - Remove panic in nat package on invalid hostport 1864 - Fix container linking in Fedora 22 1865 - Fix error caused using default gateways outside of the allocated range 1866 - Format times in inspect command with a template as RFC3339Nano 1867 - Make registry client to accept 2xx and 3xx http status responses as successful 1868 - Fix race issue that caused the daemon to crash with certain layer downloads failed in a specific order. 1869 - Fix error when the docker ps format was not valid. 1870 - Remove redundant ip forward check. 1871 - Fix issue trying to push images to repository mirrors. 1872 - Fix error cleaning up network entrypoints when there is an initialization issue. 1873 1874 ## 1.7.1 (2015-07-14) 1875 1876 #### Runtime 1877 1878 - Fix default user spawning exec process with `docker exec` 1879 - Make `--bridge=none` not to configure the network bridge 1880 - Publish networking stats properly 1881 - Fix implicit devicemapper selection with static binaries 1882 - Fix socket connections that hung intermittently 1883 - Fix bridge interface creation on CentOS/RHEL 6.6 1884 - Fix local dns lookups added to resolv.conf 1885 - Fix copy command mounting volumes 1886 - Fix read/write privileges in volumes mounted with --volumes-from 1887 1888 #### Remote API 1889 1890 - Fix unmarshaling of Command and Entrypoint 1891 - Set limit for minimum client version supported 1892 - Validate port specification 1893 - Return proper errors when attach/reattach fail 1894 1895 #### Distribution 1896 1897 - Fix pulling private images 1898 - Fix fallback between registry V2 and V1 1899 1900 ## 1.7.0 (2015-06-16) 1901 1902 #### Runtime 1903 + Experimental feature: support for out-of-process volume plugins 1904 * The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag 1905 * The `exec` command supports the `-u|--user` flag to specify the new process owner 1906 + Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags 1907 + The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota` 1908 + Container block IO can be controlled in `docker run` using`--blkio-weight` 1909 + ZFS support 1910 + The `docker logs` command supports a `--since` argument 1911 + UTS namespace can be shared with the host with `docker run --uts=host` 1912 1913 #### Quality 1914 * Networking stack was entirely rewritten as part of the libnetwork effort 1915 * Engine internals refactoring 1916 * Volumes code was entirely rewritten to support the plugins effort 1917 + Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting 1918 1919 #### Build 1920 + Support ${variable:-value} and ${variable:+value} syntax for environment variables 1921 + Support resource management flags `--cgroup-parent`, `--cpu-period`, `--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems` 1922 + git context changes with branches and directories 1923 * The .dockerignore file support exclusion rules 1924 1925 #### Distribution 1926 + Client support for v2 mirroring support for the official registry 1927 1928 #### Bugfixes 1929 * Firewalld is now supported and will automatically be used when available 1930 * mounting --device recursively 1931 1932 ## 1.6.2 (2015-05-13) 1933 1934 #### Runtime 1935 - Revert change prohibiting mounting into /sys 1936 1937 ## 1.6.1 (2015-05-07) 1938 1939 #### Security 1940 - Fix read/write /proc paths (CVE-2015-3630) 1941 - Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631) 1942 - Fix opening of file-descriptor 1 (CVE-2015-3627) 1943 - Fix symlink traversal on container respawn allowing local privilege escalation (CVE-2015-3629) 1944 - Prohibit mount of /sys 1945 1946 #### Runtime 1947 - Update AppArmor policy to not allow mounts 1948 1949 ## 1.6.0 (2015-04-07) 1950 1951 #### Builder 1952 + Building images from an image ID 1953 + Build containers with resource constraints, ie `docker build --cpu-shares=100 --memory=1024m...` 1954 + `commit --change` to apply specified Dockerfile instructions while committing the image 1955 + `import --change` to apply specified Dockerfile instructions while importing the image 1956 + Builds no longer continue in the background when canceled with CTRL-C 1957 1958 #### Client 1959 + Windows Support 1960 1961 #### Runtime 1962 + Container and image Labels 1963 + `--cgroup-parent` for specifying a parent cgroup to place container cgroup within 1964 + Logging drivers, `json-file`, `syslog`, or `none` 1965 + Pulling images by ID 1966 + `--ulimit` to set the ulimit on a container 1967 + `--default-ulimit` option on the daemon which applies to all created containers (and overwritten by `--ulimit` on run) 1968 1969 ## 1.5.0 (2015-02-10) 1970 1971 #### Builder 1972 + Dockerfile to use for a given `docker build` can be specified with the `-f` flag 1973 * Dockerfile and .dockerignore files can be themselves excluded as part of the .dockerignore file, thus preventing modifications to these files invalidating ADD or COPY instructions cache 1974 * ADD and COPY instructions accept relative paths 1975 * Dockerfile `FROM scratch` instruction is now interpreted as a no-base specifier 1976 * Improve performance when exposing a large number of ports 1977 1978 #### Hack 1979 + Allow client-side only integration tests for Windows 1980 * Include docker-py integration tests against Docker daemon as part of our test suites 1981 1982 #### Packaging 1983 + Support for the new version of the registry HTTP API 1984 * Speed up `docker push` for images with a majority of already existing layers 1985 - Fixed contacting a private registry through a proxy 1986 1987 #### Remote API 1988 + A new endpoint will stream live container resource metrics and can be accessed with the `docker stats` command 1989 + Containers can be renamed using the new `rename` endpoint and the associated `docker rename` command 1990 * Container `inspect` endpoint show the ID of `exec` commands running in this container 1991 * Container `inspect` endpoint show the number of times Docker auto-restarted the container 1992 * New types of event can be streamed by the `events` endpoint: ‘OOM’ (container died with out of memory), ‘exec_create’, and ‘exec_start' 1993 - Fixed returned string fields which hold numeric characters incorrectly omitting surrounding double quotes 1994 1995 #### Runtime 1996 + Docker daemon has full IPv6 support 1997 + The `docker run` command can take the `--pid=host` flag to use the host PID namespace, which makes it possible for example to debug host processes using containerized debugging tools 1998 + The `docker run` command can take the `--read-only` flag to make the container’s root filesystem mounted as readonly, which can be used in combination with volumes to force a container’s processes to only write to locations that will be persisted 1999 + Container total memory usage can be limited for `docker run` using the `--memory-swap` flag 2000 * Major stability improvements for devicemapper storage driver 2001 * Better integration with host system: containers will reflect changes to the host's `/etc/resolv.conf` file when restarted 2002 * Better integration with host system: per-container iptable rules are moved to the DOCKER chain 2003 - Fixed container exiting on out of memory to return an invalid exit code 2004 2005 #### Other 2006 * The HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables are properly taken into account by the client when connecting to the Docker daemon 2007 2008 ## 1.4.1 (2014-12-15) 2009 2010 #### Runtime 2011 - Fix issue with volumes-from and bind mounts not being honored after create 2012 2013 ## 1.4.0 (2014-12-11) 2014 2015 #### Notable Features since 1.3.0 2016 + Set key=value labels to the daemon (displayed in `docker info`), applied with 2017 new `-label` daemon flag 2018 + Add support for `ENV` in Dockerfile of the form: 2019 `ENV name=value name2=value2...` 2020 + New Overlayfs Storage Driver 2021 + `docker info` now returns an `ID` and `Name` field 2022 + Filter events by event name, container, or image 2023 + `docker cp` now supports copying from container volumes 2024 - Fixed `docker tag`, so it honors `--force` when overriding a tag for existing 2025 image. 2026 2027 ## 1.3.3 (2014-12-11) 2028 2029 #### Security 2030 - Fix path traversal vulnerability in processing of absolute symbolic links (CVE-2014-9356) 2031 - Fix decompression of xz image archives, preventing privilege escalation (CVE-2014-9357) 2032 - Validate image IDs (CVE-2014-9358) 2033 2034 #### Runtime 2035 - Fix an issue when image archives are being read slowly 2036 2037 #### Client 2038 - Fix a regression related to stdin redirection 2039 - Fix a regression with `docker cp` when destination is the current directory 2040 2041 ## 1.3.2 (2014-11-20) 2042 2043 #### Security 2044 - Fix tar breakout vulnerability 2045 * Extractions are now sandboxed chroot 2046 - Security options are no longer committed to images 2047 2048 #### Runtime 2049 - Fix deadlock in `docker ps -f exited=1` 2050 - Fix a bug when `--volumes-from` references a container that failed to start 2051 2052 #### Registry 2053 + `--insecure-registry` now accepts CIDR notation such as 10.1.0.0/16 2054 * Private registries whose IPs fall in the 127.0.0.0/8 range do no need the `--insecure-registry` flag 2055 - Skip the experimental registry v2 API when mirroring is enabled 2056 2057 ## 1.3.1 (2014-10-28) 2058 2059 #### Security 2060 * Prevent fallback to SSL protocols < TLS 1.0 for client, daemon and registry 2061 + Secure HTTPS connection to registries with certificate verification and without HTTP fallback unless `--insecure-registry` is specified 2062 2063 #### Runtime 2064 - Fix issue where volumes would not be shared 2065 2066 #### Client 2067 - Fix issue with `--iptables=false` not automatically setting `--ip-masq=false` 2068 - Fix docker run output to non-TTY stdout 2069 2070 #### Builder 2071 - Fix escaping `$` for environment variables 2072 - Fix issue with lowercase `onbuild` Dockerfile instruction 2073 - Restrict environment variable expansion to `ENV`, `ADD`, `COPY`, `WORKDIR`, `EXPOSE`, `VOLUME` and `USER` 2074 2075 ## 1.3.0 (2014-10-14) 2076 2077 #### Notable features since 1.2.0 2078 + Docker `exec` allows you to run additional processes inside existing containers 2079 + Docker `create` gives you the ability to create a container via the CLI without executing a process 2080 + `--security-opts` options to allow user to customize container labels and apparmor profiles 2081 + Docker `ps` filters 2082 - Wildcard support to COPY/ADD 2083 + Move production URLs to get.docker.com from get.docker.io 2084 + Allocate IP address on the bridge inside a valid CIDR 2085 + Use drone.io for PR and CI testing 2086 + Ability to setup an official registry mirror 2087 + Ability to save multiple images with docker `save` 2088 2089 ## 1.2.0 (2014-08-20) 2090 2091 #### Runtime 2092 + Make /etc/hosts /etc/resolv.conf and /etc/hostname editable at runtime 2093 + Auto-restart containers using policies 2094 + Use /var/lib/docker/tmp for large temporary files 2095 + `--cap-add` and `--cap-drop` to tweak what linux capability you want 2096 + `--device` to use devices in containers 2097 2098 #### Client 2099 + `docker search` on private registries 2100 + Add `exited` filter to `docker ps --filter` 2101 * `docker rm -f` now kills instead of stop 2102 + Support for IPv6 addresses in `--dns` flag 2103 2104 #### Proxy 2105 + Proxy instances in separate processes 2106 * Small bug fix on UDP proxy 2107 2108 ## 1.1.2 (2014-07-23) 2109 2110 #### Runtime 2111 + Fix port allocation for existing containers 2112 + Fix containers restart on daemon restart 2113 2114 #### Packaging 2115 + Fix /etc/init.d/docker issue on Debian 2116 2117 ## 1.1.1 (2014-07-09) 2118 2119 #### Builder 2120 * Fix issue with ADD 2121 2122 ## 1.1.0 (2014-07-03) 2123 2124 #### Notable features since 1.0.1 2125 + Add `.dockerignore` support 2126 + Pause containers during `docker commit` 2127 + Add `--tail` to `docker logs` 2128 2129 #### Builder 2130 + Allow a tar file as context for `docker build` 2131 * Fix issue with white-spaces and multi-lines in `Dockerfiles` 2132 2133 #### Runtime 2134 * Overall performance improvements 2135 * Allow `/` as source of `docker run -v` 2136 * Fix port allocation 2137 * Fix bug in `docker save` 2138 * Add links information to `docker inspect` 2139 2140 #### Client 2141 * Improve command line parsing for `docker commit` 2142 2143 #### Remote API 2144 * Improve status code for the `start` and `stop` endpoints 2145 2146 ## 1.0.1 (2014-06-19) 2147 2148 #### Notable features since 1.0.0 2149 * Enhance security for the LXC driver 2150 2151 #### Builder 2152 * Fix `ONBUILD` instruction passed to grandchildren 2153 2154 #### Runtime 2155 * Fix events subscription 2156 * Fix /etc/hostname file with host networking 2157 * Allow `-h` and `--net=none` 2158 * Fix issue with hotplug devices in `--privileged` 2159 2160 #### Client 2161 * Fix artifacts with events 2162 * Fix a panic with empty flags 2163 * Fix `docker cp` on Mac OS X 2164 2165 #### Miscellaneous 2166 * Fix compilation on Mac OS X 2167 * Fix several races 2168 2169 ## 1.0.0 (2014-06-09) 2170 2171 #### Notable features since 0.12.0 2172 * Production support 2173 2174 ## 0.12.0 (2014-06-05) 2175 2176 #### Notable features since 0.11.0 2177 * 40+ various improvements to stability, performance and usability 2178 * New `COPY` Dockerfile instruction to allow copying a local file from the context into the container without ever extracting if the file is a tar file 2179 * Inherit file permissions from the host on `ADD` 2180 * New `pause` and `unpause` commands to allow pausing and unpausing of containers using cgroup freezer 2181 * The `images` command has a `-f`/`--filter` option to filter the list of images 2182 * Add `--force-rm` to clean up after a failed build 2183 * Standardize JSON keys in Remote API to CamelCase 2184 * Pull from a docker run now assumes `latest` tag if not specified 2185 * Enhance security on Linux capabilities and device nodes 2186 2187 ## 0.11.1 (2014-05-07) 2188 2189 #### Registry 2190 - Fix push and pull to private registry 2191 2192 ## 0.11.0 (2014-05-07) 2193 2194 #### Notable features since 0.10.0 2195 2196 * SELinux support for mount and process labels 2197 * Linked containers can be accessed by hostname 2198 * Use the net `--net` flag to allow advanced network configuration such as host networking so that containers can use the host's network interfaces 2199 * Add a ping endpoint to the Remote API to do healthchecks of your docker daemon 2200 * Logs can now be returned with an optional timestamp 2201 * Docker now works with registries that support SHA-512 2202 * Multiple registry endpoints are supported to allow registry mirrors 2203 2204 ## 0.10.0 (2014-04-08) 2205 2206 #### Builder 2207 - Fix printing multiple messages on a single line. Fixes broken output during builds. 2208 - Follow symlinks inside container's root for ADD build instructions. 2209 - Fix EXPOSE caching. 2210 2211 #### Documentation 2212 - Add the new options of `docker ps` to the documentation. 2213 - Add the options of `docker restart` to the documentation. 2214 - Update daemon docs and help messages for --iptables and --ip-forward. 2215 - Updated apt-cacher-ng docs example. 2216 - Remove duplicate description of --mtu from docs. 2217 - Add missing -t and -v for `docker images` to the docs. 2218 - Add fixes to the cli docs. 2219 - Update libcontainer docs. 2220 - Update images in docs to remove references to AUFS and LXC. 2221 - Update the nodejs_web_app in the docs to use the new epel RPM address. 2222 - Fix external link on security of containers. 2223 - Update remote API docs. 2224 - Add image size to history docs. 2225 - Be explicit about binding to all interfaces in redis example. 2226 - Document DisableNetwork flag in the 1.10 remote api. 2227 - Document that `--lxc-conf` is lxc only. 2228 - Add chef usage documentation. 2229 - Add example for an image with multiple for `docker load`. 2230 - Explain what `docker run -a` does in the docs. 2231 2232 #### Contrib 2233 - Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile. 2234 - Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly. 2235 - Remove inotifywait hack from the upstart host-integration example because it's not necessary any more. 2236 - Add check-config script to contrib. 2237 - Fix fish shell completion. 2238 2239 #### Hack 2240 * Clean up "go test" output from "make test" to be much more readable/scannable. 2241 * Exclude more "definitely not unit tested Go source code" directories from hack/make/test. 2242 + Generate md5 and sha256 hashes when building, and upload them via hack/release.sh. 2243 - Include contributed completions in Ubuntu PPA. 2244 + Add cli integration tests. 2245 * Add tweaks to the hack scripts to make them simpler. 2246 2247 #### Remote API 2248 + Add TLS auth support for API. 2249 * Move git clone from daemon to client. 2250 - Fix content-type detection in docker cp. 2251 * Split API into 2 go packages. 2252 2253 #### Runtime 2254 * Support hairpin NAT without going through Docker server. 2255 - devicemapper: succeed immediately when removing non-existent devices. 2256 - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time and unlock while sleeping). 2257 - devicemapper: increase timeout in waitClose to 10 seconds. 2258 - devicemapper: ensure we shut down thin pool cleanly. 2259 - devicemapper: pass info, rather than hash to activateDeviceIfNeeded, deactivateDevice, setInitialized, deleteDevice. 2260 - devicemapper: avoid AB-BA deadlock. 2261 - devicemapper: make shutdown better/faster. 2262 - improve alpha sorting in mflag. 2263 - Remove manual http cookie management because the cookiejar is being used. 2264 - Use BSD raw mode on Darwin. Fixes nano, tmux and others. 2265 - Add FreeBSD support for the client. 2266 - Merge auth package into registry. 2267 - Add deprecation warning for -t on `docker pull`. 2268 - Remove goroutine leak on error. 2269 - Update parseLxcInfo to comply with new lxc1.0 format. 2270 - Fix attach exit on darwin. 2271 - Improve deprecation message. 2272 - Retry to retrieve the layer metadata up to 5 times for `docker pull`. 2273 - Only unshare the mount namespace for execin. 2274 - Merge existing config when committing. 2275 - Disable daemon startup timeout. 2276 - Fix issue #4681: add loopback interface when networking is disabled. 2277 - Add failing test case for issue #4681. 2278 - Send SIGTERM to child, instead of SIGKILL. 2279 - Show the driver and the kernel version in `docker info` even when not in debug mode. 2280 - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. 2281 - Fix issue caused by the absence of /etc/apparmor.d. 2282 - Don't leave empty cidFile behind when failing to create the container. 2283 - Mount cgroups automatically if they're not mounted already. 2284 - Use mock for search tests. 2285 - Update to double-dash everywhere. 2286 - Move .dockerenv parsing to lxc driver. 2287 - Move all bind mounts in the container inside the namespace. 2288 - Don't use separate bind mount for container. 2289 - Always symlink /dev/ptmx for libcontainer. 2290 - Don't kill by pid for other drivers. 2291 - Add initial logging to libcontainer. 2292 * Sort by port in `docker ps`. 2293 - Move networking drivers into runtime top level package. 2294 + Add --no-prune to `docker rmi`. 2295 + Add time since exit in `docker ps`. 2296 - graphdriver: add build tags. 2297 - Prevent allocation of previously allocated ports & prevent improve port allocation. 2298 * Add support for --since/--before in `docker ps`. 2299 - Clean up container stop. 2300 + Add support for configurable dns search domains. 2301 - Add support for relative WORKDIR instructions. 2302 - Add --output flag for docker save. 2303 - Remove duplication of DNS entries in config merging. 2304 - Add cpuset.cpus to cgroups and native driver options. 2305 - Remove docker-ci. 2306 - Promote btrfs. btrfs is no longer considered experimental. 2307 - Add --input flag to `docker load`. 2308 - Return error when existing bridge doesn't match IP address. 2309 - Strip comments before parsing line continuations to avoid interpreting instructions as comments. 2310 - Fix TestOnlyLoopbackExistsWhenUsingDisableNetworkOption to ignore "DOWN" interfaces. 2311 - Add systemd implementation of cgroups and make containers show up as systemd units. 2312 - Fix commit and import when no repository is specified. 2313 - Remount /var/lib/docker as --private to fix scaling issue. 2314 - Use the environment's proxy when pinging the remote registry. 2315 - Reduce error level from harmless errors. 2316 * Allow --volumes-from to be individual files. 2317 - Fix expanding buffer in StdCopy. 2318 - Set error regardless of attach or stdin. This fixes #3364. 2319 - Add support for --env-file to load environment variables from files. 2320 - Symlink /etc/mtab and /proc/mounts. 2321 - Allow pushing a single tag. 2322 - Shut down containers cleanly at shutdown and wait forever for the containers to shut down. This makes container shutdown on daemon shutdown work properly via SIGTERM. 2323 - Don't throw error when starting an already running container. 2324 - Fix dynamic port allocation limit. 2325 - remove setupDev from libcontainer. 2326 - Add API version to `docker version`. 2327 - Return correct exit code when receiving signal and make SIGQUIT quit without cleanup. 2328 - Fix --volumes-from mount failure. 2329 - Allow non-privileged containers to create device nodes. 2330 - Skip login tests because of external dependency on a hosted service. 2331 - Deprecate `docker images --tree` and `docker images --viz`. 2332 - Deprecate `docker insert`. 2333 - Include base abstraction for apparmor. This fixes some apparmor related problems on Ubuntu 14.04. 2334 - Add specific error message when hitting 401 over HTTP on push. 2335 - Fix absolute volume check. 2336 - Remove volumes-from from the config. 2337 - Move DNS options to hostconfig. 2338 - Update the apparmor profile for libcontainer. 2339 - Add deprecation notice for `docker commit -run`. 2340 2341 ## 0.9.1 (2014-03-24) 2342 2343 #### Builder 2344 - Fix printing multiple messages on a single line. Fixes broken output during builds. 2345 2346 #### Documentation 2347 - Fix external link on security of containers. 2348 2349 #### Contrib 2350 - Fix init script cgroup mounting workarounds to be more similar to cgroupfs-mount and thus work properly. 2351 - Add variable for DOCKER_LOGFILE to sysvinit and use append instead of overwrite in opening the logfile. 2352 2353 #### Hack 2354 - Generate md5 and sha256 hashes when building, and upload them via hack/release.sh. 2355 2356 #### Remote API 2357 - Fix content-type detection in `docker cp`. 2358 2359 #### Runtime 2360 - Use BSD raw mode on Darwin. Fixes nano, tmux and others. 2361 - Only unshare the mount namespace for execin. 2362 - Retry to retrieve the layer metadata up to 5 times for `docker pull`. 2363 - Merge existing config when committing. 2364 - Fix panic in monitor. 2365 - Disable daemon startup timeout. 2366 - Fix issue #4681: add loopback interface when networking is disabled. 2367 - Add failing test case for issue #4681. 2368 - Send SIGTERM to child, instead of SIGKILL. 2369 - Show the driver and the kernel version in `docker info` even when not in debug mode. 2370 - Always symlink /dev/ptmx for libcontainer. This fixes console related problems. 2371 - Fix issue caused by the absence of /etc/apparmor.d. 2372 - Don't leave empty cidFile behind when failing to create the container. 2373 - Improve deprecation message. 2374 - Fix attach exit on darwin. 2375 - devicemapper: improve handling of devicemapper devices (add per device lock, increase sleep time, unlock while sleeping). 2376 - devicemapper: succeed immediately when removing non-existent devices. 2377 - devicemapper: increase timeout in waitClose to 10 seconds. 2378 - Remove goroutine leak on error. 2379 - Update parseLxcInfo to comply with new lxc1.0 format. 2380 2381 ## 0.9.0 (2014-03-10) 2382 2383 #### Builder 2384 - Avoid extra mount/unmount during build. This fixes mount/unmount related errors during build. 2385 - Add error to docker build --rm. This adds missing error handling. 2386 - Forbid chained onbuild, `onbuild from` and `onbuild maintainer` triggers. 2387 - Make `--rm` the default for `docker build`. 2388 2389 #### Documentation 2390 - Download the docker client binary for Mac over https. 2391 - Update the titles of the install instructions & descriptions. 2392 * Add instructions for upgrading boot2docker. 2393 * Add port forwarding example in OS X install docs. 2394 - Attempt to disentangle repository and registry. 2395 - Update docs to explain more about `docker ps`. 2396 - Update sshd example to use a Dockerfile. 2397 - Rework some examples, including the Python examples. 2398 - Update docs to include instructions for a container's lifecycle. 2399 - Update docs documentation to discuss the docs branch. 2400 - Don't skip cert check for an example & use HTTPS. 2401 - Bring back the memory and swap accounting section which was lost when the kernel page was removed. 2402 - Explain DNS warnings and how to fix them on systems running and using a local nameserver. 2403 2404 #### Contrib 2405 - Add Tanglu support for mkimage-debootstrap. 2406 - Add SteamOS support for mkimage-debootstrap. 2407 2408 #### Hack 2409 - Get package coverage when running integration tests. 2410 - Remove the Vagrantfile. This is being replaced with boot2docker. 2411 - Fix tests on systems where aufs isn't available. 2412 - Update packaging instructions and remove the dependency on lxc. 2413 2414 #### Remote API 2415 * Move code specific to the API to the api package. 2416 - Fix header content type for the API. Makes all endpoints use proper content type. 2417 - Fix registry auth & remove ping calls from CmdPush and CmdPull. 2418 - Add newlines to the JSON stream functions. 2419 2420 #### Runtime 2421 * Do not ping the registry from the CLI. All requests to registries flow through the daemon. 2422 - Check for nil information return in the lxc driver. This fixes panics with older lxc versions. 2423 - Devicemapper: cleanups and fix for unmount. Fixes two problems which were causing unmount to fail intermittently. 2424 - Devicemapper: remove directory when removing device. Directories don't get left behind when removing the device. 2425 * Devicemapper: enable skip_block_zeroing. Improves performance by not zeroing blocks. 2426 - Devicemapper: fix shutdown warnings. Fixes shutdown warnings concerning pool device removal. 2427 - Ensure docker cp stream is closed properly. Fixes problems with files not being copied by `docker cp`. 2428 - Stop making `tcp://` default to `127.0.0.1:4243` and remove the default port for tcp. 2429 - Fix `--run` in `docker commit`. This makes `docker commit --run` work again. 2430 - Fix custom bridge related options. This makes custom bridges work again. 2431 + Mount-bind the PTY as container console. This allows tmux/screen to run. 2432 + Add the pure Go libcontainer library to make it possible to run containers using only features of the Linux kernel. 2433 + Add native exec driver which uses libcontainer and make it the default exec driver. 2434 - Add support for handling extended attributes in archives. 2435 * Set the container MTU to be the same as the host MTU. 2436 + Add simple sha256 checksums for layers to speed up `docker push`. 2437 * Improve kernel version parsing. 2438 * Allow flag grouping (`docker run -it`). 2439 - Remove chroot exec driver. 2440 - Fix divide by zero to fix panic. 2441 - Rewrite `docker rmi`. 2442 - Fix docker info with lxc 1.0.0. 2443 - Fix fedora tty with apparmor. 2444 * Don't always append env vars, replace defaults with vars from config. 2445 * Fix a goroutine leak. 2446 * Switch to Go 1.2.1. 2447 - Fix unique constraint error checks. 2448 * Handle symlinks for Docker's data directory and for TMPDIR. 2449 - Add deprecation warnings for flags (-flag is deprecated in favor of --flag) 2450 - Add apparmor profile for the native execution driver. 2451 * Move system specific code from archive to pkg/system. 2452 - Fix duplicate signal for `docker run -i -t` (issue #3336). 2453 - Return correct process pid for lxc. 2454 - Add a -G option to specify the group which unix sockets belong to. 2455 + Add `-f` flag to `docker rm` to force removal of running containers. 2456 + Kill ghost containers and restart all ghost containers when the docker daemon restarts. 2457 + Add `DOCKER_RAMDISK` environment variable to make Docker work when the root is on a ramdisk. 2458 2459 ## 0.8.1 (2014-02-18) 2460 2461 #### Builder 2462 2463 - Avoid extra mount/unmount during build. This removes an unneeded mount/unmount operation which was causing problems with devicemapper 2464 - Fix regression with ADD of tar files. This stops Docker from decompressing tarballs added via ADD from the local file system 2465 - Add error to `docker build --rm`. This adds a missing error check to ensure failures to remove containers are detected and reported 2466 2467 #### Documentation 2468 2469 * Update issue filing instructions 2470 * Warn against the use of symlinks for Docker's storage folder 2471 * Replace the Firefox example with an IceWeasel example 2472 * Rewrite the PostgreSQL example using a Dockerfile and add more details to it 2473 * Improve the OS X documentation 2474 2475 #### Remote API 2476 2477 - Fix broken images API for version less than 1.7 2478 - Use the right encoding for all API endpoints which return JSON 2479 - Move remote api client to api/ 2480 - Queue calls to the API using generic socket wait 2481 2482 #### Runtime 2483 2484 - Fix the use of custom settings for bridges and custom bridges 2485 - Refactor the devicemapper code to avoid many mount/unmount race conditions and failures 2486 - Remove two panics which could make Docker crash in some situations 2487 - Don't ping registry from the CLI client 2488 - Enable skip_block_zeroing for devicemapper. This stops devicemapper from always zeroing entire blocks 2489 - Fix --run in `docker commit`. This makes docker commit store `--run` in the image configuration 2490 - Remove directory when removing devicemapper device. This cleans up leftover mount directories 2491 - Drop NET_ADMIN capability for non-privileged containers. Unprivileged containers can't change their network configuration 2492 - Ensure `docker cp` stream is closed properly 2493 - Avoid extra mount/unmount during container registration. This removes an unneeded mount/unmount operation which was causing problems with devicemapper 2494 - Stop allowing tcp:// as a default tcp bin address which binds to 127.0.0.1:4243 and remove the default port 2495 + Mount-bind the PTY as container console. This allows tmux and screen to run in a container 2496 - Clean up archive closing. This fixes and improves archive handling 2497 - Fix engine tests on systems where temp directories are symlinked 2498 - Add test methods for save and load 2499 - Avoid temporarily unmounting the container when restarting it. This fixes a race for devicemapper during restart 2500 - Support submodules when building from a GitHub repository 2501 - Quote volume path to allow spaces 2502 - Fix remote tar ADD behavior. This fixes a regression which was causing Docker to extract tarballs 2503 2504 ## 0.8.0 (2014-02-04) 2505 2506 #### Notable features since 0.7.0 2507 2508 * Images and containers can be removed much faster 2509 * Building an image from source with docker build is now much faster 2510 * The Docker daemon starts and stops much faster 2511 * The memory footprint of many common operations has been reduced, by streaming files instead of buffering them in memory, fixing memory leaks, and fixing various suboptimal memory allocations 2512 * Several race conditions were fixed, making Docker more stable under very high concurrency load. This makes Docker more stable and less likely to crash and reduces the memory footprint of many common operations 2513 * All packaging operations are now built on the Go language’s standard tar implementation, which is bundled with Docker itself. This makes packaging more portable across host distributions, and solves several issues caused by quirks and incompatibilities between different distributions of tar 2514 * Docker can now create, remove and modify larger numbers of containers and images graciously thanks to more aggressive releasing of system resources. For example the storage driver API now allows Docker to do reference counting on mounts created by the drivers 2515 With the ongoing changes to the networking and execution subsystems of docker testing these areas have been a focus of the refactoring. By moving these subsystems into separate packages we can test, analyze, and monitor coverage and quality of these packages 2516 * Many components have been separated into smaller sub-packages, each with a dedicated test suite. As a result the code is better-tested, more readable and easier to change 2517 2518 * The ADD instruction now supports caching, which avoids unnecessarily re-uploading the same source content again and again when it hasn’t changed 2519 * The new ONBUILD instruction adds to your image a “trigger” instruction to be executed at a later time, when the image is used as the base for another build 2520 * Docker now ships with an experimental storage driver which uses the BTRFS filesystem for copy-on-write 2521 * Docker is officially supported on Mac OS X 2522 * The Docker daemon supports systemd socket activation 2523 2524 ## 0.7.6 (2014-01-14) 2525 2526 #### Builder 2527 2528 * Do not follow symlink outside of build context 2529 2530 #### Runtime 2531 2532 - Remount bind mounts when ro is specified 2533 * Use https for fetching docker version 2534 2535 #### Other 2536 2537 * Inline the test.docker.io fingerprint 2538 * Add ca-certificates to packaging documentation 2539 2540 ## 0.7.5 (2014-01-09) 2541 2542 #### Builder 2543 2544 * Disable compression for build. More space usage but a much faster upload 2545 - Fix ADD caching for certain paths 2546 - Do not compress archive from git build 2547 2548 #### Documentation 2549 2550 - Fix error in GROUP add example 2551 * Make sure the GPG fingerprint is inline in the documentation 2552 * Give more specific advice on setting up signing of commits for DCO 2553 2554 #### Runtime 2555 2556 - Fix misspelled container names 2557 - Do not add hostname when networking is disabled 2558 * Return most recent image from the cache by date 2559 - Return all errors from docker wait 2560 * Add Content-Type Header "application/json" to GET /version and /info responses 2561 2562 #### Other 2563 2564 * Update DCO to version 1.1 2565 + Update Makefile to use "docker:GIT_BRANCH" as the generated image name 2566 * Update Travis to check for new 1.1 DCO version 2567 2568 ## 0.7.4 (2014-01-07) 2569 2570 #### Builder 2571 2572 - Fix ADD caching issue with . prefixed path 2573 - Fix docker build on devicemapper by reverting sparse file tar option 2574 - Fix issue with file caching and prevent wrong cache hit 2575 * Use same error handling while unmarshaling CMD and ENTRYPOINT 2576 2577 #### Documentation 2578 2579 * Simplify and streamline Amazon Quickstart 2580 * Install instructions use unprefixed Fedora image 2581 * Update instructions for mtu flag for Docker on GCE 2582 + Add Ubuntu Saucy to installation 2583 - Fix for wrong version warning on master instead of latest 2584 2585 #### Runtime 2586 2587 - Only get the image's rootfs when we need to calculate the image size 2588 - Correctly handle unmapping UDP ports 2589 * Make CopyFileWithTar use a pipe instead of a buffer to save memory on docker build 2590 - Fix login message to say pull instead of push 2591 - Fix "docker load" help by removing "SOURCE" prompt and mentioning STDIN 2592 * Make blank -H option default to the same as no -H was sent 2593 * Extract cgroups utilities to own submodule 2594 2595 #### Other 2596 2597 + Add Travis CI configuration to validate DCO and gofmt requirements 2598 + Add Developer Certificate of Origin Text 2599 * Upgrade VBox Guest Additions 2600 * Check standalone header when pinging a registry server 2601 2602 ## 0.7.3 (2014-01-02) 2603 2604 #### Builder 2605 2606 + Update ADD to use the image cache, based on a hash of the added content 2607 * Add error message for empty Dockerfile 2608 2609 #### Documentation 2610 2611 - Fix outdated link to the "Introduction" on www.docker.io 2612 + Update the docs to get wider when the screen does 2613 - Add information about needing to install LXC when using raw binaries 2614 * Update Fedora documentation to disentangle the docker and docker.io conflict 2615 * Add a note about using the new `-mtu` flag in several GCE zones 2616 + Add FrugalWare installation instructions 2617 + Add a more complete example of `docker run` 2618 - Fix API documentation for creating and starting Privileged containers 2619 - Add missing "name" parameter documentation on "/containers/create" 2620 * Add a mention of `lxc-checkconfig` as a way to check for some of the necessary kernel configuration 2621 - Update the 1.8 API documentation with some additions that were added to the docs for 1.7 2622 2623 #### Hack 2624 2625 - Add missing libdevmapper dependency to the packagers documentation 2626 * Update minimum Go requirement to a hard line at Go 1.2+ 2627 * Many minor improvements to the Vagrantfile 2628 + Add ability to customize dockerinit search locations when compiling (to be used very sparingly only by packagers of platforms who require a nonstandard location) 2629 + Add coverprofile generation reporting 2630 - Add `-a` to our Go build flags, removing the need for recompiling the stdlib manually 2631 * Update Dockerfile to be more canonical and have less spurious warnings during build 2632 - Fix some miscellaneous `docker pull` progress bar display issues 2633 * Migrate more miscellaneous packages under the "pkg" folder 2634 * Update TextMate highlighting to automatically be enabled for files named "Dockerfile" 2635 * Reorganize syntax highlighting files under a common "contrib/syntax" directory 2636 * Update install.sh script (https://get.docker.io/) to not fail if busybox fails to download or run at the end of the Ubuntu/Debian installation 2637 * Add support for container names in bash completion 2638 2639 #### Packaging 2640 2641 + Add an official Docker client binary for Darwin (Mac OS X) 2642 * Remove empty "Vendor" string and added "License" on deb package 2643 + Add a stubbed version of "/etc/default/docker" in the deb package 2644 2645 #### Runtime 2646 2647 * Update layer application to extract tars in place, avoiding file churn while handling whiteouts 2648 - Fix permissiveness of mtime comparisons in tar handling (since GNU tar and Go tar do not yet support sub-second mtime precision) 2649 * Reimplement `docker top` in pure Go to work more consistently, and even inside Docker-in-Docker (thus removing the shell injection vulnerability present in some versions of `lxc-ps`) 2650 + Update `-H unix://` to work similarly to `-H tcp://` by inserting the default values for missing portions 2651 - Fix more edge cases regarding dockerinit and deleted or replaced docker or dockerinit files 2652 * Update container name validation to include '.' 2653 - Fix use of a symlink or non-absolute path as the argument to `-g` to work as expected 2654 * Update to handle external mounts outside of LXC, fixing many small mounting quirks and making future execution backends and other features simpler 2655 * Update to use proper box-drawing characters everywhere in `docker images -tree` 2656 * Move MTU setting from LXC configuration to directly use netlink 2657 * Add `-S` option to external tar invocation for more efficient spare file handling 2658 + Add arch/os info to User-Agent string, especially for registry requests 2659 + Add `-mtu` option to Docker daemon for configuring MTU 2660 - Fix `docker build` to exit with a non-zero exit code on error 2661 + Add `DOCKER_HOST` environment variable to configure the client `-H` flag without specifying it manually for every invocation 2662 2663 ## 0.7.2 (2013-12-16) 2664 2665 #### Runtime 2666 2667 + Validate container names on creation with standard regex 2668 * Increase maximum image depth to 127 from 42 2669 * Continue to move api endpoints to the job api 2670 + Add -bip flag to allow specification of dynamic bridge IP via CIDR 2671 - Allow bridge creation when ipv6 is not enabled on certain systems 2672 * Set hostname and IP address from within dockerinit 2673 * Drop capabilities from within dockerinit 2674 - Fix volumes on host when symlink is present the image 2675 - Prevent deletion of image if ANY container is depending on it even if the container is not running 2676 * Update docker push to use new progress display 2677 * Use os.Lstat to allow mounting unix sockets when inspecting volumes 2678 - Adjust handling of inactive user login 2679 - Add missing defines in devicemapper for older kernels 2680 - Allow untag operations with no container validation 2681 - Add auth config to docker build 2682 2683 #### Documentation 2684 2685 * Add more information about Docker logging 2686 + Add RHEL documentation 2687 * Add a direct example for changing the CMD that is run in a container 2688 * Update Arch installation documentation 2689 + Add section on Trusted Builds 2690 + Add Network documentation page 2691 2692 #### Other 2693 2694 + Add new cover bundle for providing code coverage reporting 2695 * Separate integration tests in bundles 2696 * Make Tianon the hack maintainer 2697 * Update mkimage-debootstrap with more tweaks for keeping images small 2698 * Use https to get the install script 2699 * Remove vendored dotcloud/tar now that Go 1.2 has been released 2700 2701 ## 0.7.1 (2013-12-05) 2702 2703 #### Documentation 2704 2705 + Add @SvenDowideit as documentation maintainer 2706 + Add links example 2707 + Add documentation regarding ambassador pattern 2708 + Add Google Cloud Platform docs 2709 + Add dockerfile best practices 2710 * Update doc for RHEL 2711 * Update doc for registry 2712 * Update Postgres examples 2713 * Update doc for Ubuntu install 2714 * Improve remote api doc 2715 2716 #### Runtime 2717 2718 + Add hostconfig to docker inspect 2719 + Implement `docker log -f` to stream logs 2720 + Add env variable to disable kernel version warning 2721 + Add -format to `docker inspect` 2722 + Support bind mount for files 2723 - Fix bridge creation on RHEL 2724 - Fix image size calculation 2725 - Make sure iptables are called even if the bridge already exists 2726 - Fix issue with stderr only attach 2727 - Remove init layer when destroying a container 2728 - Fix same port binding on different interfaces 2729 - `docker build` now returns the correct exit code 2730 - Fix `docker port` to display correct port 2731 - `docker build` now check that the dockerfile exists client side 2732 - `docker attach` now returns the correct exit code 2733 - Remove the name entry when the container does not exist 2734 2735 #### Registry 2736 2737 * Improve progress bars, add ETA for downloads 2738 * Simultaneous pulls now waits for the first to finish instead of failing 2739 - Tag only the top-layer image when pushing to registry 2740 - Fix issue with offline image transfer 2741 - Fix issue preventing using ':' in password for registry 2742 2743 #### Other 2744 2745 + Add pprof handler for debug 2746 + Create a Makefile 2747 * Use stdlib tar that now includes fix 2748 * Improve make.sh test script 2749 * Handle SIGQUIT on the daemon 2750 * Disable verbose during tests 2751 * Upgrade to go1.2 for official build 2752 * Improve unit tests 2753 * The test suite now runs all tests even if one fails 2754 * Refactor C in Go (Devmapper) 2755 - Fix OS X compilation 2756 2757 ## 0.7.0 (2013-11-25) 2758 2759 #### Notable features since 0.6.0 2760 2761 * Storage drivers: choose from aufs, device-mapper, or vfs. 2762 * Standard Linux support: docker now runs on unmodified Linux kernels and all major distributions. 2763 * Links: compose complex software stacks by connecting containers to each other. 2764 * Container naming: organize your containers by giving them memorable names. 2765 * Advanced port redirects: specify port redirects per interface, or keep sensitive ports private. 2766 * Offline transfer: push and pull images to the filesystem without losing information. 2767 * Quality: numerous bugfixes and small usability improvements. Significant increase in test coverage. 2768 2769 ## 0.6.7 (2013-11-21) 2770 2771 #### Runtime 2772 2773 * Improve stability, fixes some race conditions 2774 * Skip the volumes mounted when deleting the volumes of container. 2775 * Fix layer size computation: handle hard links correctly 2776 * Use the work Path for docker cp CONTAINER:PATH 2777 * Fix tmp dir never cleanup 2778 * Speedup docker ps 2779 * More informative error message on name collisions 2780 * Fix nameserver regex 2781 * Always return long id's 2782 * Fix container restart race condition 2783 * Keep published ports on docker stop;docker start 2784 * Fix container networking on Fedora 2785 * Correctly express "any address" to iptables 2786 * Fix network setup when reconnecting to ghost container 2787 * Prevent deletion if image is used by a running container 2788 * Lock around read operations in graph 2789 2790 #### RemoteAPI 2791 2792 * Return full ID on docker rmi 2793 2794 #### Client 2795 2796 + Add -tree option to images 2797 + Offline image transfer 2798 * Exit with status 2 on usage error and display usage on stderr 2799 * Do not forward SIGCHLD to container 2800 * Use string timestamp for docker events -since 2801 2802 #### Other 2803 2804 * Update to go 1.2rc5 2805 + Add /etc/default/docker support to upstart 2806 2807 ## 0.6.6 (2013-11-06) 2808 2809 #### Runtime 2810 2811 * Ensure container name on register 2812 * Fix regression in /etc/hosts 2813 + Add lock around write operations in graph 2814 * Check if port is valid 2815 * Fix restart runtime error with ghost container networking 2816 + Add some more colors and animals to increase the pool of generated names 2817 * Fix issues in docker inspect 2818 + Escape apparmor confinement 2819 + Set environment variables using a file. 2820 * Prevent docker insert to erase something 2821 + Prevent DNS server conflicts in CreateBridgeIface 2822 + Validate bind mounts on the server side 2823 + Use parent image config in docker build 2824 * Fix regression in /etc/hosts 2825 2826 #### Client 2827 2828 + Add -P flag to publish all exposed ports 2829 + Add -notrunc and -q flags to docker history 2830 * Fix docker commit, tag and import usage 2831 + Add stars, trusted builds and library flags in docker search 2832 * Fix docker logs with tty 2833 2834 #### RemoteAPI 2835 2836 * Make /events API send headers immediately 2837 * Do not split last column docker top 2838 + Add size to history 2839 2840 #### Other 2841 2842 + Contrib: Desktop integration. Firefox usecase. 2843 + Dockerfile: bump to go1.2rc3 2844 2845 ## 0.6.5 (2013-10-29) 2846 2847 #### Runtime 2848 2849 + Containers can now be named 2850 + Containers can now be linked together for service discovery 2851 + 'run -a', 'start -a' and 'attach' can forward signals to the container for better integration with process supervisors 2852 + Automatically start crashed containers after a reboot 2853 + Expose IP, port, and proto as separate environment vars for container links 2854 * Allow ports to be published to specific ips 2855 * Prohibit inter-container communication by default 2856 - Ignore ErrClosedPipe for stdin in Container.Attach 2857 - Remove unused field kernelVersion 2858 * Fix issue when mounting subdirectories of /mnt in container 2859 - Fix untag during removal of images 2860 * Check return value of syscall.Chdir when changing working directory inside dockerinit 2861 2862 #### Client 2863 2864 - Only pass stdin to hijack when needed to avoid closed pipe errors 2865 * Use less reflection in command-line method invocation 2866 - Monitor the tty size after starting the container, not prior 2867 - Remove useless os.Exit() calls after log.Fatal 2868 2869 #### Hack 2870 2871 + Add initial init scripts library and a safer Ubuntu packaging script that works for Debian 2872 * Add -p option to invoke debootstrap with http_proxy 2873 - Update install.sh with $sh_c to get sudo/su for modprobe 2874 * Update all the mkimage scripts to use --numeric-owner as a tar argument 2875 * Update hack/release.sh process to automatically invoke hack/make.sh and bail on build and test issues 2876 2877 #### Other 2878 2879 * Documentation: Fix the flags for nc in example 2880 * Testing: Remove warnings and prevent mount issues 2881 - Testing: Change logic for tty resize to avoid warning in tests 2882 - Builder: Fix race condition in docker build with verbose output 2883 - Registry: Fix content-type for PushImageJSONIndex method 2884 * Contrib: Improve helper tools to generate debian and Arch linux server images 2885 2886 ## 0.6.4 (2013-10-16) 2887 2888 #### Runtime 2889 2890 - Add cleanup of container when Start() fails 2891 * Add better comments to utils/stdcopy.go 2892 * Add utils.Errorf for error logging 2893 + Add -rm to docker run for removing a container on exit 2894 - Remove error messages which are not actually errors 2895 - Fix `docker rm` with volumes 2896 - Fix some error cases where an HTTP body might not be closed 2897 - Fix panic with wrong dockercfg file 2898 - Fix the attach behavior with -i 2899 * Record termination time in state. 2900 - Use empty string so TempDir uses the OS's temp dir automatically 2901 - Make sure to close the network allocators 2902 + Autorestart containers by default 2903 * Bump vendor kr/pty to commit 3b1f6487b `(syscall.O_NOCTTY)` 2904 * lxc: Allow set_file_cap capability in container 2905 - Move run -rm to the cli only 2906 * Split stdout stderr 2907 * Always create a new session for the container 2908 2909 #### Testing 2910 2911 - Add aggregated docker-ci email report 2912 - Add cleanup to remove leftover containers 2913 * Add nightly release to docker-ci 2914 * Add more tests around auth.ResolveAuthConfig 2915 - Remove a few errors in tests 2916 - Catch errClosing error when TCP and UDP proxies are terminated 2917 * Only run certain tests with TESTFLAGS='-run TestName' make.sh 2918 * Prevent docker-ci to test closing PRs 2919 * Replace panic by log.Fatal in tests 2920 - Increase TestRunDetach timeout 2921 2922 #### Documentation 2923 2924 * Add initial draft of the Docker infrastructure doc 2925 * Add devenvironment link to CONTRIBUTING.md 2926 * Add `apt-get install curl` to Ubuntu docs 2927 * Add explanation for export restrictions 2928 * Add .dockercfg doc 2929 * Remove Gentoo install notes about #1422 workaround 2930 * Fix help text for -v option 2931 * Fix Ping endpoint documentation 2932 - Fix parameter names in docs for ADD command 2933 - Fix ironic typo in changelog 2934 * Various command fixes in postgres example 2935 * Document how to edit and release docs 2936 - Minor updates to `postgresql_service.rst` 2937 * Clarify LGTM process to contributors 2938 - Corrected error in the package name 2939 * Document what `vagrant up` is actually doing 2940 + improve doc search results 2941 * Cleanup whitespace in API 1.5 docs 2942 * use angle brackets in MAINTAINER example email 2943 * Update archlinux.rst 2944 + Changes to a new style for the docs. Includes version switcher. 2945 * Formatting, add information about multiline json 2946 * Improve registry and index REST API documentation 2947 - Replace deprecated upgrading reference to docker-latest.tgz, which hasn't been updated since 0.5.3 2948 * Update Gentoo installation documentation now that we're in the portage tree proper 2949 * Cleanup and reorganize docs and tooling for contributors and maintainers 2950 - Minor spelling correction of protocoll -> protocol 2951 2952 #### Contrib 2953 2954 * Add vim syntax highlighting for Dockerfiles from @honza 2955 * Add mkimage-arch.sh 2956 * Reorganize contributed completion scripts to add zsh completion 2957 2958 #### Hack 2959 2960 * Add vagrant user to the docker group 2961 * Add proper bash completion for "docker push" 2962 * Add xz utils as a runtime dep 2963 * Add cleanup/refactor portion of #2010 for hack and Dockerfile updates 2964 + Add contrib/mkimage-centos.sh back (from #1621), and associated documentation link 2965 * Add several of the small make.sh fixes from #1920, and make the output more consistent and contributor-friendly 2966 + Add @tianon to hack/MAINTAINERS 2967 * Improve network performance for VirtualBox 2968 * Revamp install.sh to be usable by more people, and to use official install methods whenever possible (apt repo, portage tree, etc.) 2969 - Fix contrib/mkimage-debian.sh apt caching prevention 2970 + Add Dockerfile.tmLanguage to contrib 2971 * Configured FPM to make /etc/init/docker.conf a config file 2972 * Enable SSH Agent forwarding in Vagrant VM 2973 * Several small tweaks/fixes for contrib/mkimage-debian.sh 2974 2975 #### Other 2976 2977 - Builder: Abort build if mergeConfig returns an error and fix duplicate error message 2978 - Packaging: Remove deprecated packaging directory 2979 - Registry: Use correct auth config when logging in. 2980 - Registry: Fix the error message so it is the same as the regex 2981 2982 ## 0.6.3 (2013-09-23) 2983 2984 #### Packaging 2985 2986 * Add 'docker' group on install for ubuntu package 2987 * Update tar vendor dependency 2988 * Download apt key over HTTPS 2989 2990 #### Runtime 2991 2992 - Only copy and change permissions on non-bindmount volumes 2993 * Allow multiple volumes-from 2994 - Fix HTTP imports from STDIN 2995 2996 #### Documentation 2997 2998 * Update section on extracting the docker binary after build 2999 * Update development environment docs for new build process 3000 * Remove 'base' image from documentation 3001 3002 #### Other 3003 3004 - Client: Fix detach issue 3005 - Registry: Update regular expression to match index 3006 3007 ## 0.6.2 (2013-09-17) 3008 3009 #### Runtime 3010 3011 + Add domainname support 3012 + Implement image filtering with path.Match 3013 * Remove unnecessary warnings 3014 * Remove os/user dependency 3015 * Only mount the hostname file when the config exists 3016 * Handle signals within the `docker login` command 3017 - UID and GID are now also applied to volumes 3018 - `docker start` set error code upon error 3019 - `docker run` set the same error code as the process started 3020 3021 #### Builder 3022 3023 + Add -rm option in order to remove intermediate containers 3024 * Allow multiline for the RUN instruction 3025 3026 #### Registry 3027 3028 * Implement login with private registry 3029 - Fix push issues 3030 3031 #### Other 3032 3033 + Hack: Vendor all dependencies 3034 * Remote API: Bump to v1.5 3035 * Packaging: Break down hack/make.sh into small scripts, one per 'bundle': test, binary, ubuntu etc. 3036 * Documentation: General improvements 3037 3038 ## 0.6.1 (2013-08-23) 3039 3040 #### Registry 3041 3042 * Pass "meta" headers in API calls to the registry 3043 3044 #### Packaging 3045 3046 - Use correct upstart script with new build tool 3047 - Use libffi-dev, don`t build it from sources 3048 - Remove duplicate mercurial install command 3049 3050 ## 0.6.0 (2013-08-22) 3051 3052 #### Runtime 3053 3054 + Add lxc-conf flag to allow custom lxc options 3055 + Add an option to set the working directory 3056 * Add Image name to LogEvent tests 3057 + Add -privileged flag and relevant tests, docs, and examples 3058 * Add websocket support to /container/<name>/attach/ws 3059 * Add warning when net.ipv4.ip_forwarding = 0 3060 * Add hostname to environment 3061 * Add last stable version in `docker version` 3062 - Fix race conditions in parallel pull 3063 - Fix Graph ByParent() to generate list of child images per parent image. 3064 - Fix typo: fmt.Sprint -> fmt.Sprintf 3065 - Fix small \n error un docker build 3066 * Fix to "Inject dockerinit at /.dockerinit" 3067 * Fix #910. print user name to docker info output 3068 * Use Go 1.1.2 for dockerbuilder 3069 * Use ranged for loop on channels 3070 - Use utils.ParseRepositoryTag instead of strings.Split(name, ":") in server.ImageDelete 3071 - Improve CMD, ENTRYPOINT, and attach docs. 3072 - Improve connect message with socket error 3073 - Load authConfig only when needed and fix useless WARNING 3074 - Show tag used when image is missing 3075 * Apply volumes-from before creating volumes 3076 - Make docker run handle SIGINT/SIGTERM 3077 - Prevent crash when .dockercfg not readable 3078 - Install script should be fetched over https, not http. 3079 * API, issue 1471: Use groups for socket permissions 3080 - Correctly detect IPv4 forwarding 3081 * Mount /dev/shm as a tmpfs 3082 - Switch from http to https for get.docker.io 3083 * Let userland proxy handle container-bound traffic 3084 * Update the Docker CLI to specify a value for the "Host" header. 3085 - Change network range to avoid conflict with EC2 DNS 3086 - Reduce connect and read timeout when pinging the registry 3087 * Parallel pull 3088 - Handle ip route showing mask-less IP addresses 3089 * Allow ENTRYPOINT without CMD 3090 - Always consider localhost as a domain name when parsing the FQN repos name 3091 * Refactor checksum 3092 3093 #### Documentation 3094 3095 * Add MongoDB image example 3096 * Add instructions for creating and using the docker group 3097 * Add sudo to examples and installation to documentation 3098 * Add ufw doc 3099 * Add a reference to ps -a 3100 * Add information about Docker`s high level tools over LXC. 3101 * Fix typo in docs for docker run -dns 3102 * Fix a typo in the ubuntu installation guide 3103 * Fix to docs regarding adding docker groups 3104 * Update default -H docs 3105 * Update readme with dependencies for building 3106 * Update amazon.rst to explain that Vagrant is not necessary for running Docker on ec2 3107 * PostgreSQL service example in documentation 3108 * Suggest installing linux-headers by default. 3109 * Change the twitter handle 3110 * Clarify Amazon EC2 installation 3111 * 'Base' image is deprecated and should no longer be referenced in the docs. 3112 * Move note about officially supported kernel 3113 - Solved the logo being squished in Safari 3114 3115 #### Builder 3116 3117 + Add USER instruction do Dockerfile 3118 + Add workdir support for the Buildfile 3119 * Add no cache for docker build 3120 - Fix docker build and docker events output 3121 - Only count known instructions as build steps 3122 - Make sure ENV instruction within build perform a commit each time 3123 - Forbid certain paths within docker build ADD 3124 - Repository name (and optionally a tag) in build usage 3125 - Make sure ADD will create everything in 0755 3126 3127 #### Remote API 3128 3129 * Sort Images by most recent creation date. 3130 * Reworking opaque requests in registry module 3131 * Add image name in /events 3132 * Use mime pkg to parse Content-Type 3133 * 650 http utils and user agent field 3134 3135 #### Hack 3136 3137 + Bash Completion: Limit commands to containers of a relevant state 3138 * Add docker dependencies coverage testing into docker-ci 3139 3140 #### Packaging 3141 3142 + Docker-brew 0.5.2 support and memory footprint reduction 3143 * Add new docker dependencies into docker-ci 3144 - Revert "docker.upstart: avoid spawning a `sh` process" 3145 + Docker-brew and Docker standard library 3146 + Release docker with docker 3147 * Fix the upstart script generated by get.docker.io 3148 * Enabled the docs to generate manpages. 3149 * Revert Bind daemon to 0.0.0.0 in Vagrant. 3150 3151 #### Register 3152 3153 * Improve auth push 3154 * Registry unit tests + mock registry 3155 3156 #### Tests 3157 3158 * Improve TestKillDifferentUser to prevent timeout on buildbot 3159 - Fix typo in TestBindMounts (runContainer called without image) 3160 * Improve TestGetContainersTop so it does not rely on sleep 3161 * Relax the lo interface test to allow iface index != 1 3162 * Add registry functional test to docker-ci 3163 * Add some tests in server and utils 3164 3165 #### Other 3166 3167 * Contrib: bash completion script 3168 * Client: Add docker cp command and copy api endpoint to copy container files/folders to the host 3169 * Don`t read from stdout when only attached to stdin 3170 3171 ## 0.5.3 (2013-08-13) 3172 3173 #### Runtime 3174 3175 * Use docker group for socket permissions 3176 - Spawn shell within upstart script 3177 - Handle ip route showing mask-less IP addresses 3178 - Add hostname to environment 3179 3180 #### Builder 3181 3182 - Make sure ENV instruction within build perform a commit each time 3183 3184 ## 0.5.2 (2013-08-08) 3185 3186 * Builder: Forbid certain paths within docker build ADD 3187 - Runtime: Change network range to avoid conflict with EC2 DNS 3188 * API: Change daemon to listen on unix socket by default 3189 3190 ## 0.5.1 (2013-07-30) 3191 3192 #### Runtime 3193 3194 + Add `ps` args to `docker top` 3195 + Add support for container ID files (pidfile like) 3196 + Add container=lxc in default env 3197 + Support networkless containers with `docker run -n` and `docker -d -b=none` 3198 * Stdout/stderr logs are now stored in the same file as JSON 3199 * Allocate a /16 IP range by default, with fallback to /24. Try 12 ranges instead of 3. 3200 * Change .dockercfg format to json and support multiple auth remote 3201 - Do not override volumes from config 3202 - Fix issue with EXPOSE override 3203 3204 #### API 3205 3206 + Docker client now sets useragent (RFC 2616) 3207 + Add /events endpoint 3208 3209 #### Builder 3210 3211 + ADD command now understands URLs 3212 + CmdAdd and CmdEnv now respect Dockerfile-set ENV variables 3213 - Create directories with 755 instead of 700 within ADD instruction 3214 3215 #### Hack 3216 3217 * Simplify unit tests with helpers 3218 * Improve docker.upstart event 3219 * Add coverage testing into docker-ci 3220 3221 ## 0.5.0 (2013-07-17) 3222 3223 #### Runtime 3224 3225 + List all processes running inside a container with 'docker top' 3226 + Host directories can be mounted as volumes with 'docker run -v' 3227 + Containers can expose public UDP ports (eg, '-p 123/udp') 3228 + Optionally specify an exact public port (eg. '-p 80:4500') 3229 * 'docker login' supports additional options 3230 - Don't save a container`s hostname when committing an image. 3231 3232 #### Registry 3233 3234 + New image naming scheme inspired by Go packaging convention allows arbitrary combinations of registries 3235 - Fix issues when uploading images to a private registry 3236 3237 #### Builder 3238 3239 + ENTRYPOINT instruction sets a default binary entry point to a container 3240 + VOLUME instruction marks a part of the container as persistent data 3241 * 'docker build' displays the full output of a build by default 3242 3243 ## 0.4.8 (2013-07-01) 3244 3245 + Builder: New build operation ENTRYPOINT adds an executable entry point to the container. - Runtime: Fix a bug which caused 'docker run -d' to no longer print the container ID. 3246 - Tests: Fix issues in the test suite 3247 3248 ## 0.4.7 (2013-06-28) 3249 3250 #### Remote API 3251 3252 * The progress bar updates faster when downloading and uploading large files 3253 - Fix a bug in the optional unix socket transport 3254 3255 #### Runtime 3256 3257 * Improve detection of kernel version 3258 + Host directories can be mounted as volumes with 'docker run -b' 3259 - fix an issue when only attaching to stdin 3260 * Use 'tar --numeric-owner' to avoid uid mismatch across multiple hosts 3261 3262 #### Hack 3263 3264 * Improve test suite and dev environment 3265 * Remove dependency on unit tests on 'os/user' 3266 3267 #### Other 3268 3269 * Registry: easier push/pull to a custom registry 3270 + Documentation: add terminology section 3271 3272 ## 0.4.6 (2013-06-22) 3273 3274 - Runtime: fix a bug which caused creation of empty images (and volumes) to crash. 3275 3276 ## 0.4.5 (2013-06-21) 3277 3278 + Builder: 'docker build git://URL' fetches and builds a remote git repository 3279 * Runtime: 'docker ps -s' optionally prints container size 3280 * Tests: improved and simplified 3281 - Runtime: fix a regression introduced in 0.4.3 which caused the logs command to fail. 3282 - Builder: fix a regression when using ADD with single regular file. 3283 3284 ## 0.4.4 (2013-06-19) 3285 3286 - Builder: fix a regression introduced in 0.4.3 which caused builds to fail on new clients. 3287 3288 ## 0.4.3 (2013-06-19) 3289 3290 #### Builder 3291 3292 + ADD of a local file will detect tar archives and unpack them 3293 * ADD improvements: use tar for copy + automatically unpack local archives 3294 * ADD uses tar/untar for copies instead of calling 'cp -ar' 3295 * Fix the behavior of ADD to be (mostly) reverse-compatible, predictable and well-documented. 3296 - Fix a bug which caused builds to fail if ADD was the first command 3297 * Nicer output for 'docker build' 3298 3299 #### Runtime 3300 3301 * Remove bsdtar dependency 3302 * Add unix socket and multiple -H support 3303 * Prevent rm of running containers 3304 * Use go1.1 cookiejar 3305 - Fix issue detaching from running TTY container 3306 - Forbid parallel push/pull for a single image/repo. Fixes #311 3307 - Fix race condition within Run command when attaching. 3308 3309 #### Client 3310 3311 * HumanReadable ProgressBar sizes in pull 3312 * Fix docker version`s git commit output 3313 3314 #### API 3315 3316 * Send all tags on History API call 3317 * Add tag lookup to history command. Fixes #882 3318 3319 #### Documentation 3320 3321 - Fix missing command in irc bouncer example 3322 3323 ## 0.4.2 (2013-06-17) 3324 3325 - Packaging: Bumped version to work around an Ubuntu bug 3326 3327 ## 0.4.1 (2013-06-17) 3328 3329 #### Remote Api 3330 3331 + Add flag to enable cross domain requests 3332 + Add images and containers sizes in docker ps and docker images 3333 3334 #### Runtime 3335 3336 + Configure dns configuration host-wide with 'docker -d -dns' 3337 + Detect faulty DNS configuration and replace it with a public default 3338 + Allow docker run <name>:<id> 3339 + You can now specify public port (ex: -p 80:4500) 3340 * Improve image removal to garbage-collect unreferenced parents 3341 3342 #### Client 3343 3344 * Allow multiple params in inspect 3345 * Print the container id before the hijack in `docker run` 3346 3347 #### Registry 3348 3349 * Add regexp check on repo`s name 3350 * Move auth to the client 3351 - Remove login check on pull 3352 3353 #### Other 3354 3355 * Vagrantfile: Add the rest api port to vagrantfile`s port_forward 3356 * Upgrade to Go 1.1 3357 - Builder: don`t ignore last line in Dockerfile when it doesn`t end with \n 3358 3359 ## 0.4.0 (2013-06-03) 3360 3361 #### Builder 3362 3363 + Introducing Builder 3364 + 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile 3365 3366 #### Remote API 3367 3368 + Introducing Remote API 3369 + control Docker programmatically using a simple HTTP/json API 3370 3371 #### Runtime 3372 3373 * Various reliability and usability improvements 3374 3375 ## 0.3.4 (2013-05-30) 3376 3377 #### Builder 3378 3379 + 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile 3380 + 'docker build -t FOO' applies the tag FOO to the newly built container. 3381 3382 #### Runtime 3383 3384 + Interactive TTYs correctly handle window resize 3385 * Fix how configuration is merged between layers 3386 3387 #### Remote API 3388 3389 + Split stdout and stderr on 'docker run' 3390 + Optionally listen on a different IP and port (use at your own risk) 3391 3392 #### Documentation 3393 3394 * Improve install instructions. 3395 3396 ## 0.3.3 (2013-05-23) 3397 3398 - Registry: Fix push regression 3399 - Various bugfixes 3400 3401 ## 0.3.2 (2013-05-09) 3402 3403 #### Registry 3404 3405 * Improve the checksum process 3406 * Use the size to have a good progress bar while pushing 3407 * Use the actual archive if it exists in order to speed up the push 3408 - Fix error 400 on push 3409 3410 #### Runtime 3411 3412 * Store the actual archive on commit 3413 3414 ## 0.3.1 (2013-05-08) 3415 3416 #### Builder 3417 3418 + Implement the autorun capability within docker builder 3419 + Add caching to docker builder 3420 + Add support for docker builder with native API as top level command 3421 + Implement ENV within docker builder 3422 - Check the command existence prior create and add Unit tests for the case 3423 * use any whitespaces instead of tabs 3424 3425 #### Runtime 3426 3427 + Add go version to debug infos 3428 * Kernel version - don`t show the dash if flavor is empty 3429 3430 #### Registry 3431 3432 + Add docker search top level command in order to search a repository 3433 - Fix pull for official images with specific tag 3434 - Fix issue when login in with a different user and trying to push 3435 * Improve checksum - async calculation 3436 3437 #### Images 3438 3439 + Output graph of images to dot (graphviz) 3440 - Fix ByParent function 3441 3442 #### Documentation 3443 3444 + New introduction and high-level overview 3445 + Add the documentation for docker builder 3446 - CSS fix for docker documentation to make REST API docs look better. 3447 - Fix CouchDB example page header mistake 3448 - Fix README formatting 3449 * Update www.docker.io website. 3450 3451 #### Other 3452 3453 + Website: new high-level overview 3454 - Makefile: Swap "go get" for "go get -d", especially to compile on go1.1rc 3455 * Packaging: packaging ubuntu; issue #510: Use goland-stable PPA package to build docker 3456 3457 ## 0.3.0 (2013-05-06) 3458 3459 #### Runtime 3460 3461 - Fix the command existence check 3462 - strings.Split may return an empty string on no match 3463 - Fix an index out of range crash if cgroup memory is not 3464 3465 #### Documentation 3466 3467 * Various improvements 3468 + New example: sharing data between 2 couchdb databases 3469 3470 #### Other 3471 3472 * Vagrant: Use only one deb line in /etc/apt 3473 + Registry: Implement the new registry 3474 3475 ## 0.2.2 (2013-05-03) 3476 3477 + Support for data volumes ('docker run -v=PATH') 3478 + Share data volumes between containers ('docker run -volumes-from') 3479 + Improve documentation 3480 * Upgrade to Go 1.0.3 3481 * Various upgrades to the dev environment for contributors 3482 3483 ## 0.2.1 (2013-05-01) 3484 3485 + 'docker commit -run' bundles a layer with default runtime options: command, ports etc. 3486 * Improve install process on Vagrant 3487 + New Dockerfile operation: "maintainer" 3488 + New Dockerfile operation: "expose" 3489 + New Dockerfile operation: "cmd" 3490 + Contrib script to build a Debian base layer 3491 + 'docker -d -r': restart crashed containers at daemon startup 3492 * Runtime: improve test coverage 3493 3494 ## 0.2.0 (2013-04-23) 3495 3496 - Runtime: ghost containers can be killed and waited for 3497 * Documentation: update install instructions 3498 - Packaging: fix Vagrantfile 3499 - Development: automate releasing binaries and ubuntu packages 3500 + Add a changelog 3501 - Various bugfixes 3502 3503 ## 0.1.8 (2013-04-22) 3504 3505 - Dynamically detect cgroup capabilities 3506 - Issue stability warning on kernels <3.8 3507 - 'docker push' buffers on disk instead of memory 3508 - Fix 'docker diff' for removed files 3509 - Fix 'docker stop' for ghost containers 3510 - Fix handling of pidfile 3511 - Various bugfixes and stability improvements 3512 3513 ## 0.1.7 (2013-04-18) 3514 3515 - Container ports are available on localhost 3516 - 'docker ps' shows allocated TCP ports 3517 - Contributors can run 'make hack' to start a continuous integration VM 3518 - Streamline ubuntu packaging & uploading 3519 - Various bugfixes and stability improvements 3520 3521 ## 0.1.6 (2013-04-17) 3522 3523 - Record the author an image with 'docker commit -author' 3524 3525 ## 0.1.5 (2013-04-17) 3526 3527 - Disable standalone mode 3528 - Use a custom DNS resolver with 'docker -d -dns' 3529 - Detect ghost containers 3530 - Improve diagnosis of missing system capabilities 3531 - Allow disabling memory limits at compile time 3532 - Add debian packaging 3533 - Documentation: installing on Arch Linux 3534 - Documentation: running Redis on docker 3535 - Fix lxc 0.9 compatibility 3536 - Automatically load aufs module 3537 - Various bugfixes and stability improvements 3538 3539 ## 0.1.4 (2013-04-09) 3540 3541 - Full support for TTY emulation 3542 - Detach from a TTY session with the escape sequence `C-p C-q` 3543 - Various bugfixes and stability improvements 3544 - Minor UI improvements 3545 - Automatically create our own bridge interface 'docker0' 3546 3547 ## 0.1.3 (2013-04-04) 3548 3549 - Choose TCP frontend port with '-p :PORT' 3550 - Layer format is versioned 3551 - Major reliability improvements to the process manager 3552 - Various bugfixes and stability improvements 3553 3554 ## 0.1.2 (2013-04-03) 3555 3556 - Set container hostname with 'docker run -h' 3557 - Selective attach at run with 'docker run -a [stdin[,stdout[,stderr]]]' 3558 - Various bugfixes and stability improvements 3559 - UI polish 3560 - Progress bar on push/pull 3561 - Use XZ compression by default 3562 - Make IP allocator lazy 3563 3564 ## 0.1.1 (2013-03-31) 3565 3566 - Display shorthand IDs for convenience 3567 - Stabilize process management 3568 - Layers can include a commit message 3569 - Simplified 'docker attach' 3570 - Fix support for re-attaching 3571 - Various bugfixes and stability improvements 3572 - Auto-download at run 3573 - Auto-login on push 3574 - Beefed up documentation 3575 3576 ## 0.1.0 (2013-03-23) 3577 3578 Initial public release 3579 3580 - Implement registry in order to push/pull images 3581 - TCP port allocation 3582 - Fix termcaps on Linux 3583 - Add documentation 3584 - Add Vagrant support with Vagrantfile 3585 - Add unit tests 3586 - Add repository/tags to ease image management 3587 - Improve the layer implementation