1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/docs/api/version-history.md

585 lines
42 KiB
Markdown
Raw Normal View History

---
title: "Engine API version history"
description: "Documentation of changes that have been made to Engine API."
keywords: "API, Docker, rcli, REST, documentation"
---
<!-- This file is maintained within the moby/moby GitHub
repository at https://github.com/moby/moby/. Make all
pull requests against that repo. If you see this file in
another repository, consider it read-only there, as it will
periodically be overwritten by the definitive file. Pull
requests which include edits to this file in other repositories
will be rejected.
-->
## v1.41 API changes
[Docker Engine API v1.41](https://docs.docker.com/engine/api/v1.41/) documentation
API: add "prune" events This patch adds a new "prune" event type to indicate that pruning of a resource type completed. This event-type can be used on systems that want to perform actions after resources have been cleaned up. For example, Docker Desktop performs an fstrim after resources are deleted (https://github.com/linuxkit/linuxkit/tree/v0.7/pkg/trim-after-delete). While the current (remove, destroy) events can provide information on _most_ resources, there is currently no event triggered after the BuildKit build-cache is cleaned. Prune events have a `reclaimed` attribute, indicating the amount of space that was reclaimed (in bytes). The attribute can be used, for example, to use as a threshold for performing fstrim actions. Reclaimed space for `network` events will always be 0, but the field is added to be consistent with prune events for other resources. To test this patch: Create some resources: for i in foo bar baz; do \ docker network create network_$i \ && docker volume create volume_$i \ && docker run -d --name container_$i -v volume_$i:/volume busybox sh -c 'truncate -s 5M somefile; truncate -s 5M /volume/file' \ && docker tag busybox:latest image_$i; \ done; docker pull alpine docker pull nginx:alpine echo -e "FROM busybox\nRUN truncate -s 50M bigfile" | DOCKER_BUILDKIT=1 docker build - Start listening for "prune" events in another shell: docker events --filter event=prune Prune containers, networks, volumes, and build-cache: docker system prune -af --volumes See the events that are returned: docker events --filter event=prune 2020-07-25T12:12:09.268491000Z container prune (reclaimed=15728640) 2020-07-25T12:12:09.447890400Z network prune (reclaimed=0) 2020-07-25T12:12:09.452323000Z volume prune (reclaimed=15728640) 2020-07-25T12:12:09.517236200Z image prune (reclaimed=21568540) 2020-07-25T12:12:09.566662600Z builder prune (reclaimed=52428841) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-25 08:14:38 -04:00
* `GET /events` now returns `prune` events after pruning resources have completed.
Prune events are returned for `container`, `network`, `volume`, `image`, and
`builder`, and have a `reclaimed` attribute, indicating the amount of space
reclaimed (in bytes).
* `GET /info` now returns a `CgroupVersion` field, containing the cgroup version.
* `GET /info` now returns a `DefaultAddressPools` field, containing a list of
custom default address pools for local networks, which can be specified in the
`daemon.json` file or `--default-address-pool` dockerd option.
* `POST /services/create` and `POST /services/{id}/update` now supports `BindOptions.NonRecursive`.
* The `ClusterStore` and `ClusterAdvertise` fields in `GET /info` are deprecated
and are now omitted if they contain an empty value. This change is not versioned,
and affects all API versions if the daemon has this patch.
* The `filter` (singular) query parameter, which was deprecated in favor of the
`filters` option in Docker 1.13, has now been removed from the `GET /images/json`
endpoint. The parameter remains available when using API version 1.40 or below.
* `GET /services` now returns `CappAdd` and `CapDrop` as part of the `ContainerSpec`.
* `GET /services/{id}` now returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.
* `POST /services/create` now accepts `CapAdd` and `CapDrop` as part of the `ContainerSpec`.
* `POST /services/{id}/update` now accepts `CapAdd` and `CapDrop` as part of the `ContainerSpec`.
* `GET /tasks` now returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.
* `GET /tasks/{id}` now returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.
* `GET /services` now returns `Pids` in `TaskTemplate.Resources.Limits`.
* `GET /services/{id}` now returns `Pids` in `TaskTemplate.Resources.Limits`.
* `POST /services/create` now accepts `Pids` in `TaskTemplate.Resources.Limits`.
* `POST /services/{id}/update` now accepts `Pids` in `TaskTemplate.Resources.Limits`
to limit the maximum number of PIDs.
* `GET /tasks` now returns `Pids` in `TaskTemplate.Resources.Limits`.
* `GET /tasks/{id}` now returns `Pids` in `TaskTemplate.Resources.Limits`.
* `POST /containers/create` on Linux now accepts the `HostConfig.CgroupnsMode` property.
Set the property to `host` to create the container in the daemon's cgroup namespace, or
`private` to create the container in its own private cgroup namespace. The per-daemon
default is `host`, and can be changed by using the`CgroupNamespaceMode` daemon configuration
parameter.
* `GET /info` now returns an `OSVersion` field, containing the operating system's
version. This change is not versioned, and affects all API versions if the daemon
has this patch.
* `GET /info` no longer returns the `SystemStatus` field if it does not have a
value set. This change is not versioned, and affects all API versions if the
daemon has this patch.
* `GET /services` now accepts query parameter `status`. When set `true`,
services returned will include `ServiceStatus`, which provides Desired,
Running, and Completed task counts for the service.
* `GET /services` may now include `ReplicatedJob` or `GlobalJob` as the `Mode`
in a `ServiceSpec`.
* `GET /services/{id}` may now include `ReplicatedJob` or `GlobalJob` as the
`Mode` in a `ServiceSpec`.
* `POST /services/create` now accepts `ReplicatedJob or `GlobalJob` as the `Mode`
in the `ServiceSpec.
* `POST /services/{id}/update` accepts updating the fields of the
`ReplicatedJob` object in the `ServiceSpec.Mode`. The service mode still
cannot be changed, however.
* `GET /services` now includes `JobStatus` on Services with mode
`ReplicatedJob` or `GlobalJob`.
* `GET /services/{id}` now includes `JobStatus` on Services with mode
`ReplicatedJob` or `GlobalJob`.
* `GET /tasks` now includes `JobIteration` on Tasks spawned from a job-mode
service.
* `GET /tasks/{id}` now includes `JobIteration` on the task if spawned from a
job-mode service.
Add stats options to not prime the stats Metrics collectors generally don't need the daemon to prime the stats with something to compare since they already have something to compare with. Before this change, the API does 2 collection cycles (which takes roughly 2s) in order to provide comparison for CPU usage over 1s. This was primarily added so that `docker stats --no-stream` had something to compare against. Really the CLI should have just made a 2nd call and done the comparison itself rather than forcing it on all API consumers. That ship has long sailed, though. With this change, clients can set an option to just pull a single stat, which is *at least* a full second faster: Old: ``` time curl --unix-socket /go/src/github.com/docker/docker/bundles/test-integration-shell/docker.sock http://./containers/test/stats?stream=false\&one-shot=false > /dev/null 2>&1 real0m1.864s user0m0.005s sys0m0.007s time curl --unix-socket /go/src/github.com/docker/docker/bundles/test-integration-shell/docker.sock http://./containers/test/stats?stream=false\&one-shot=false > /dev/null 2>&1 real0m1.173s user0m0.010s sys0m0.006s ``` New: ``` time curl --unix-socket /go/src/github.com/docker/docker/bundles/test-integration-shell/docker.sock http://./containers/test/stats?stream=false\&one-shot=true > /dev/null 2>&1 real0m0.680s user0m0.008s sys0m0.004s time curl --unix-socket /go/src/github.com/docker/docker/bundles/test-integration-shell/docker.sock http://./containers/test/stats?stream=false\&one-shot=true > /dev/null 2>&1 real0m0.156s user0m0.007s sys0m0.007s ``` This fixes issues with downstreams ability to use the stats API to collect metrics. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2020-02-07 18:55:06 -05:00
* `GET /containers/{id}/stats` now accepts a query param (`one-shot`) which, when used with `stream=false` fetches a
single set of stats instead of waiting for two collection cycles to have 2 CPU stats over a 1 second period.
* The `KernelMemory` field in `HostConfig.Resources` is now deprecated.
* The `KernelMemory` field in `Info` is now deprecated.
* `GET /services` now returns `Ulimits` as part of `ContainerSpec`.
* `GET /services/{id}` now returns `Ulimits` as part of `ContainerSpec`.
* `POST /services/create` now accepts `Ulimits` as part of `ContainerSpec`.
* `POST /services/{id}/update` now accepts `Ulimits` as part of `ContainerSpec`.
## v1.40 API changes
[Docker Engine API v1.40](https://docs.docker.com/engine/api/v1.40/) documentation
Add HEAD support for /_ping endpoint Monitoring systems and load balancers are usually configured to use HEAD requests for health monitoring. The /_ping endpoint currently does not support this type of request, which means that those systems have fallback to GET requests. This patch adds support for HEAD requests on the /_ping endpoint. Although optional, this patch also returns `Content-Type` and `Content-Length` headers in case of a HEAD request; Refering to RFC 7231, section 4.3.2: The HEAD method is identical to GET except that the server MUST NOT send a message body in the response (i.e., the response terminates at the end of the header section). The server SHOULD send the same header fields in response to a HEAD request as it would have sent if the request had been a GET, except that the payload header fields (Section 3.3) MAY be omitted. This method can be used for obtaining metadata about the selected representation without transferring the representation data and is often used for testing hypertext links for validity, accessibility, and recent modification. A payload within a HEAD request message has no defined semantics; sending a payload body on a HEAD request might cause some existing implementations to reject the request. The response to a HEAD request is cacheable; a cache MAY use it to satisfy subsequent HEAD requests unless otherwise indicated by the Cache-Control header field (Section 5.2 of [RFC7234]). A HEAD response might also have an effect on previously cached responses to GET; see Section 4.3.5 of [RFC7234]. With this patch applied, either `GET` or `HEAD` requests work; the only difference is that the body is empty in case of a `HEAD` request; curl -i --unix-socket /var/run/docker.sock http://localhost/_ping HTTP/1.1 200 OK Api-Version: 1.40 Cache-Control: no-cache, no-store, must-revalidate Docker-Experimental: false Ostype: linux Pragma: no-cache Server: Docker/dev (linux) Date: Mon, 14 Jan 2019 12:35:16 GMT Content-Length: 2 Content-Type: text/plain; charset=utf-8 OK curl --head -i --unix-socket /var/run/docker.sock http://localhost/_ping HTTP/1.1 200 OK Api-Version: 1.40 Cache-Control: no-cache, no-store, must-revalidate Content-Length: 0 Content-Type: text/plain; charset=utf-8 Docker-Experimental: false Ostype: linux Pragma: no-cache Server: Docker/dev (linux) Date: Mon, 14 Jan 2019 12:34:15 GMT The client is also updated to use `HEAD` by default, but fallback to `GET` if the daemon does not support this method. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-14 12:08:49 -05:00
* The `/_ping` endpoint can now be accessed both using `GET` or `HEAD` requests.
when accessed using a `HEAD` request, all headers are returned, but the body
is empty (`Content-Length: 0`). This change is not versioned, and affects all
API versions if the daemon has this patch. Clients are recommended to try
using `HEAD`, but fallback to `GET` if the `HEAD` requests fails.
* `GET /_ping` and `HEAD /_ping` now set `Cache-Control` and `Pragma` headers to
prevent the result from being cached. This change is not versioned, and affects
all API versions if the daemon has this patch.
* `GET /services` now returns `Sysctls` as part of the `ContainerSpec`.
* `GET /services/{id}` now returns `Sysctls` as part of the `ContainerSpec`.
* `POST /services/create` now accepts `Sysctls` as part of the `ContainerSpec`.
* `POST /services/{id}/update` now accepts `Sysctls` as part of the `ContainerSpec`.
* `POST /services/create` now accepts `Config` as part of `ContainerSpec.Privileges.CredentialSpec`.
* `POST /services/{id}/update` now accepts `Config` as part of `ContainerSpec.Privileges.CredentialSpec`.
* `POST /services/create` now includes `Runtime` as an option in `ContainerSpec.Configs`
* `POST /services/{id}/update` now includes `Runtime` as an option in `ContainerSpec.Configs`
* `GET /tasks` now returns `Sysctls` as part of the `ContainerSpec`.
* `GET /tasks/{id}` now returns `Sysctls` as part of the `ContainerSpec`.
* `GET /networks` now supports a `dangling` filter type. When set to `true` (or
`1`), the endpoint returns all networks that are not in use by a container. When
set to `false` (or `0`), only networks that are in use by one or more containers
are returned.
* `GET /nodes` now supports a filter type `node.label` filter to filter nodes based
on the node.label. The format of the label filter is `node.label=<key>`/`node.label=<key>=<value>`
to return those with the specified labels, or `node.label!=<key>`/`node.label!=<key>=<value>`
to return those without the specified labels.
* `POST /containers/create` now accepts a `fluentd-async` option in `HostConfig.LogConfig.Config`
when using the Fluentd logging driver. This option deprecates the `fluentd-async-connect`
option, which remains funtional, but will be removed in a future release. Users
are encouraged to use the `fluentd-async` option going forward. This change is
not versioned, and affects all API versions if the daemon has this patch.
* `POST /containers/create` now accepts a `fluentd-request-ack` option in
`HostConfig.LogConfig.Config` when using the Fluentd logging driver. If enabled,
the Fluentd logging driver sends the chunk option with a unique ID. The server
will respond with an acknowledgement. This option improves the reliability of
the message transmission. This change is not versioned, and affects all API
versions if the daemon has this patch.
* `POST /containers/create`, `GET /containers/{id}/json`, and `GET /containers/json` now supports
`BindOptions.NonRecursive`.
* `POST /swarm/init` now accepts a `DataPathPort` property to set data path port number.
* `GET /info` now returns information about `DataPathPort` that is currently used in swarm
* `GET /info` now returns `PidsLimit` boolean to indicate if the host kernel has
PID limit support enabled.
* `GET /info` now includes `name=rootless` in `SecurityOptions` when the daemon is running in
rootless mode. This change is not versioned, and affects all API versions if the daemon has
this patch.
* `GET /info` now returns `none` as `CgroupDriver` when the daemon is running in rootless mode.
This change is not versioned, and affects all API versions if the daemon has this patch.
* `POST /containers/create` now accepts `DeviceRequests` as part of `HostConfig`.
Can be used to set Nvidia GPUs.
* `GET /swarm` endpoint now returns DataPathPort info
* `POST /containers/create` now takes `KernelMemoryTCP` field to set hard limit for kernel TCP buffer memory.
* `GET /service` now returns `MaxReplicas` as part of the `Placement`.
* `GET /service/{id}` now returns `MaxReplicas` as part of the `Placement`.
* `POST /service/create` and `POST /services/(id or name)/update` now take the field `MaxReplicas`
as part of the service `Placement`, allowing to specify maximum replicas per node for the service.
daemon: use 'private' ipc mode by default This changes the default ipc mode of daemon/engine to be private, meaning the containers will not have their /dev/shm bind-mounted from the host by default. The benefits of doing this are: 1. No leaked mounts. Eliminate a possibility to leak mounts into other namespaces (and therefore unfortunate errors like "Unable to remove filesystem for <ID>: remove /var/lib/docker/containers/<ID>/shm: device or resource busy"). 2. Working checkpoint/restore. Make `docker checkpoint` not lose the contents of `/dev/shm`, but save it to the dump, and be restored back upon `docker start --checkpoint` (currently it is lost -- while CRIU handles tmpfs mounts, the "shareable" mount is seen as external to container, and thus rightfully ignored). 3. Better security. Currently any container is opened to share its /dev/shm with any other container. Obviously, this change will break the following usage scenario: $ docker run -d --name donor busybox top $ docker run --rm -it --ipc container:donor busybox sh Error response from daemon: linux spec namespaces: can't join IPC of container <ID>: non-shareable IPC (hint: use IpcMode:shareable for the donor container) The soution, as hinted by the (amended) error message, is to explicitly enable donor sharing by using --ipc shareable: $ docker run -d --name donor --ipc shareable busybox top Compatibility notes: 1. This only applies to containers created _after_ this change. Existing containers are not affected and will work fine as their ipc mode is stored in HostConfig. 2. Old backward compatible behavior ("shareable" containers by default) can be enabled by either using `--default-ipc-mode shareable` daemon command line option, or by adding a `"default-ipc-mode": "shareable"` line in `/etc/docker/daemon.json` configuration file. 3. If an older client (API < 1.40) is used, a "shareable" container is created. A test to check that is added. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2017-11-27 19:10:44 -05:00
* `POST /containers/create` on Linux now creates a container with `HostConfig.IpcMode=private`
by default, if IpcMode is not explicitly specified. The per-daemon default can be changed
back to `shareable` by using `DefaultIpcMode` daemon configuration parameter.
* `POST /containers/{id}/update` now accepts a `PidsLimit` field to tune a container's
PID limit. Set `0` or `-1` for unlimited. Leave `null` to not change the current value.
* `POST /build` now accepts `outputs` key for configuring build outputs when using BuildKit mode.
## V1.39 API changes
[Docker Engine API v1.39](https://docs.docker.com/engine/api/v1.39/) documentation
* `GET /info` now returns an empty string, instead of `<unknown>` for `KernelVersion`
and `OperatingSystem` if the daemon was unable to obtain this information.
* `GET /info` now returns information about the product license, if a license
has been applied to the daemon.
Add "Warnings" to /info endpoint, and move detection to the daemon When requesting information about the daemon's configuration through the `/info` endpoint, missing features (or non-recommended settings) may have to be presented to the user. Detecting these situations, and printing warnings currently is handled by the cli, which results in some complications: - duplicated effort: each client has to re-implement detection and warnings. - it's not possible to generate warnings for reasons outside of the information returned in the `/info` response. - cli-side detection has to be updated for new conditions. This means that an older cli connecting to a new daemon may not print all warnings (due to it not detecting the new conditions) - some warnings (in particular, warnings about storage-drivers) depend on driver-status (`DriverStatus`) information. The format of the information returned in this field is not part of the API specification and can change over time, resulting in cli-side detection no longer being functional. This patch adds a new `Warnings` field to the `/info` response. This field is to return warnings to be presented by the user. Existing warnings that are currently handled by the CLI are copied to the daemon as part of this patch; This change is backward-compatible with existing clients; old client can continue to use the client-side warnings, whereas new clients can skip client-side detection, and print warnings that are returned by the daemon. Example response with this patch applied; ```bash curl --unix-socket /var/run/docker.sock http://localhost/info | jq .Warnings ``` ```json [ "WARNING: bridge-nf-call-iptables is disabled", "WARNING: bridge-nf-call-ip6tables is disabled" ] ``` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-07-19 07:45:32 -04:00
* `GET /info` now returns a `Warnings` field, containing warnings and informational
messages about missing features, or issues related to the daemon configuration.
* `POST /swarm/init` now accepts a `DefaultAddrPool` property to set global scope default address pool
* `POST /swarm/init` now accepts a `SubnetSize` property to set global scope networks by giving the
length of the subnet masks for every such network
* `POST /session` (added in [V1.31](#v131-api-changes) is no longer experimental.
This endpoint can be used to run interactive long-running protocols between the
client and the daemon.
## V1.38 API changes
[Docker Engine API v1.38](https://docs.docker.com/engine/api/v1.38/) documentation
* `GET /tasks` and `GET /tasks/{id}` now return a `NetworkAttachmentSpec` field,
containing the `ContainerID` for non-service containers connected to "attachable"
swarm-scoped networks.
## v1.37 API changes
[Docker Engine API v1.37](https://docs.docker.com/engine/api/v1.37/) documentation
* `POST /containers/create` and `POST /services/create` now supports exposing SCTP ports.
* `POST /configs/create` and `POST /configs/{id}/create` now accept a `Templating` driver.
* `GET /configs` and `GET /configs/{id}` now return the `Templating` driver of the config.
* `POST /secrets/create` and `POST /secrets/{id}/create` now accept a `Templating` driver.
* `GET /secrets` and `GET /secrets/{id}` now return the `Templating` driver of the secret.
## v1.36 API changes
[Docker Engine API v1.36](https://docs.docker.com/engine/api/v1.36/) documentation
* `Get /events` now return `exec_die` event when an exec process terminates.
## v1.35 API changes
[Docker Engine API v1.35](https://docs.docker.com/engine/api/v1.35/) documentation
* `POST /services/create` and `POST /services/(id)/update` now accepts an
`Isolation` field on container spec to set the Isolation technology of the
containers running the service (`default`, `process`, or `hyperv`). This
configuration is only used for Windows containers.
* `GET /containers/(name)/logs` now supports an additional query parameter: `until`,
which returns log lines that occurred before the specified timestamp.
* `POST /containers/{id}/exec` now accepts a `WorkingDir` property to set the
work-dir for the exec process, independent of the container's work-dir.
* `Get /version` now returns a `Platform.Name` field, which can be used by products
using Moby as a foundation to return information about the platform.
* `Get /version` now returns a `Components` field, which can be used to return
information about the components used. Information about the engine itself is
now included as a "Component" version, and contains all information from the
top-level `Version`, `GitCommit`, `APIVersion`, `MinAPIVersion`, `GoVersion`,
`Os`, `Arch`, `BuildTime`, `KernelVersion`, and `Experimental` fields. Going
forward, the information from the `Components` section is preferred over their
top-level counterparts.
## v1.34 API changes
[Docker Engine API v1.34](https://docs.docker.com/engine/api/v1.34/) documentation
* `POST /containers/(name)/wait?condition=removed` now also also returns
in case of container removal failure. A pointer to a structure named
`Error` added to the response JSON in order to indicate a failure.
If `Error` is `null`, container removal has succeeded, otherwise
the test of an error message indicating why container removal has failed
is available from `Error.Message` field.
## v1.33 API changes
[Docker Engine API v1.33](https://docs.docker.com/engine/api/v1.33/) documentation
* `GET /events` now supports filtering 4 more kinds of events: `config`, `node`,
`secret` and `service`.
## v1.32 API changes
[Docker Engine API v1.32](https://docs.docker.com/engine/api/v1.32/) documentation
Implement none, private, and shareable ipc modes Since the commit d88fe447df0e8 ("Add support for sharing /dev/shm/ and /dev/mqueue between containers") container's /dev/shm is mounted on the host first, then bind-mounted inside the container. This is done that way in order to be able to share this container's IPC namespace (and the /dev/shm mount point) with another container. Unfortunately, this functionality breaks container checkpoint/restore (even if IPC is not shared). Since /dev/shm is an external mount, its contents is not saved by `criu checkpoint`, and so upon restore any application that tries to access data under /dev/shm is severily disappointed (which usually results in a fatal crash). This commit solves the issue by introducing new IPC modes for containers (in addition to 'host' and 'container:ID'). The new modes are: - 'shareable': enables sharing this container's IPC with others (this used to be the implicit default); - 'private': disables sharing this container's IPC. In 'private' mode, container's /dev/shm is truly mounted inside the container, without any bind-mounting from the host, which solves the issue. While at it, let's also implement 'none' mode. The motivation, as eloquently put by Justin Cormack, is: > I wondered a while back about having a none shm mode, as currently it is > not possible to have a totally unwriteable container as there is always > a /dev/shm writeable mount. It is a bit of a niche case (and clearly > should never be allowed to be daemon default) but it would be trivial to > add now so maybe we should... ...so here's yet yet another mode: - 'none': no /dev/shm mount inside the container (though it still has its own private IPC namespace). Now, to ultimately solve the abovementioned checkpoint/restore issue, we'd need to make 'private' the default mode, but unfortunately it breaks the backward compatibility. So, let's make the default container IPC mode per-daemon configurable (with the built-in default set to 'shareable' for now). The default can be changed either via a daemon CLI option (--default-shm-mode) or a daemon.json configuration file parameter of the same name. Note one can only set either 'shareable' or 'private' IPC modes as a daemon default (i.e. in this context 'host', 'container', or 'none' do not make much sense). Some other changes this patch introduces are: 1. A mount for /dev/shm is added to default OCI Linux spec. 2. IpcMode.Valid() is simplified to remove duplicated code that parsed 'container:ID' form. Note the old version used to check that ID does not contain a semicolon -- this is no longer the case (tests are modified accordingly). The motivation is we should either do a proper check for container ID validity, or don't check it at all (since it is checked in other places anyway). I chose the latter. 3. IpcMode.Container() is modified to not return container ID if the mode value does not start with "container:", unifying the check to be the same as in IpcMode.IsContainer(). 3. IPC mode unit tests (runconfig/hostconfig_test.go) are modified to add checks for newly added values. [v2: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-51345997] [v3: addressed review at https://github.com/moby/moby/pull/34087#pullrequestreview-53902833] [v4: addressed the case of upgrading from older daemon, in this case container.HostConfig.IpcMode is unset and this is valid] [v5: document old and new IpcMode values in api/swagger.yaml] [v6: add the 'none' mode, changelog entry to docs/api/version-history.md] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2017-06-27 17:58:50 -04:00
* `POST /containers/create` now accepts additional values for the
`HostConfig.IpcMode` property. New values are `private`, `shareable`,
and `none`.
Fix network name masking network ID on delete If a network is created with a name that matches another network's ID, the network with that name was masking the other network's ID. As a result, it was not possible to remove the network with a given ID. This patch changes the order in which networks are matched to be what we use for other cases; 1. Match on full ID 2. Match on full Name 3. Match on Partial ID Before this patch: $ docker network create foo 336717eac9eaa3da6557042a04efc803f7e8862ce6cf96f6b9565265ba5c618b $ docker network create 336717eac9eaa3da6557042a04efc803f7e8862ce6cf96f6b9565265ba5c618b 4a698333f1197f20224583abce14876d7f25fdfe416a8545927006c315915a2a $ docker network ls NETWORK ID NAME DRIVER SCOPE 4a698333f119 336717eac9eaa3da6557042a04efc803f7e8862ce6cf96f6b9565265ba5c618b bridge local d1e40d43a2c0 bridge bridge local 336717eac9ea foo bridge local 13cf280a1bbf host host local d9e4c03728a0 none null local $ docker network rm 336717eac9eaa3da6557042a04efc803f7e8862ce6cf96f6b9565265ba5c618b 4a698333f1197f20224583abce14876d7f25fdfe416a8545927006c315915a2a $ docker network ls NETWORK ID NAME DRIVER SCOPE d1e40d43a2c0 bridge bridge local 336717eac9ea foo bridge local 13cf280a1bbf host host local d9e4c03728a0 none null local After this patch: $ docker network create foo 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 $ docker network create 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 6cbc749a529cd2d9d3b10566c84e56c4203dd88b67417437b5fc7a6e955dd48f $ docker network ls NETWORK ID NAME DRIVER SCOPE 6cbc749a529c 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 bridge local 166c943dbeb5 bridge bridge local 2d1791a7def4 foo bridge local 6c45b8aa6d8e host host local b11c96b51ea7 none null local $ docker network rm 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 $ docker network ls NETWORK ID NAME DRIVER SCOPE 6cbc749a529c 2d1791a7def4e2a1ef0f6b83c6add333df0bb4ced2f196c584cb64e6bd94b835 bridge local 166c943dbeb5 bridge bridge local 6c45b8aa6d8e host host local b11c96b51ea7 none null local Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-14 16:23:57 -04:00
* `DELETE /networks/{id or name}` fixed issue where a `name` equal to another
network's name was able to mask that `id`. If both a network with the given
_name_ exists, and a network with the given _id_, the network with the given
_id_ is now deleted. This change is not versioned, and affects all API versions
if the daemon has this patch.
## v1.31 API changes
[Docker Engine API v1.31](https://docs.docker.com/engine/api/v1.31/) documentation
* `DELETE /secrets/(name)` now returns status code 404 instead of 500 when the secret does not exist.
* `POST /secrets/create` now returns status code 409 instead of 500 when creating an already existing secret.
* `POST /secrets/create` now accepts a `Driver` struct, allowing the
`Name` and driver-specific `Options` to be passed to store a secrets
in an external secrets store. The `Driver` property can be omitted
if the default (internal) secrets store is used.
* `GET /secrets/(id)` and `GET /secrets` now return a `Driver` struct,
containing the `Name` and driver-specific `Options` of the external
secrets store used to store the secret. The `Driver` property is
omitted if no external store is used.
* `POST /secrets/(name)/update` now returns status code 400 instead of 500 when updating a secret's content which is not the labels.
* `POST /nodes/(name)/update` now returns status code 400 instead of 500 when demoting last node fails.
* `GET /networks/(id or name)` now takes an optional query parameter `scope` that will filter the network based on the scope (`local`, `swarm`, or `global`).
* `POST /session` is a new endpoint that can be used for running interactive long-running protocols between client and
the daemon. This endpoint is experimental and only available if the daemon is started with experimental features
enabled.
* `GET /images/(name)/get` now includes an `ImageMetadata` field which contains image metadata that is local to the engine and not part of the image config.
* `POST /services/create` now accepts a `PluginSpec` when `TaskTemplate.Runtime` is set to `plugin`
* `GET /events` now supports config events `create`, `update` and `remove` that are emitted when users create, update or remove a config
* `GET /volumes/` and `GET /volumes/{name}` now return a `CreatedAt` field,
containing the date/time the volume was created. This field is omitted if the
creation date/time for the volume is unknown. For volumes with scope "global",
this field represents the creation date/time of the local _instance_ of the
volume, which may differ from instances of the same volume on different nodes.
* `GET /system/df` now returns a `CreatedAt` field for `Volumes`. Refer to the
`/volumes/` endpoint for a description of this field.
## v1.30 API changes
[Docker Engine API v1.30](https://docs.docker.com/engine/api/v1.30/) documentation
* `GET /info` now returns the list of supported logging drivers, including plugins.
* `GET /info` and `GET /swarm` now returns the cluster-wide swarm CA info if the node is in a swarm: the cluster root CA certificate, and the cluster TLS
leaf certificate issuer's subject and public key. It also displays the desired CA signing certificate, if any was provided as part of the spec.
* `POST /build/` now (when not silent) produces an `Aux` message in the JSON output stream with payload `types.BuildResult` for each image produced. The final such message will reference the image resulting from the build.
* `GET /nodes` and `GET /nodes/{id}` now returns additional information about swarm TLS info if the node is part of a swarm: the trusted root CA, and the
issuer's subject and public key.
* `GET /distribution/(name)/json` is a new endpoint that returns a JSON output stream with payload `types.DistributionInspect` for an image name. It includes a descriptor with the digest, and supported platforms retrieved from directly contacting the registry.
* `POST /swarm/update` now accepts 3 additional parameters as part of the swarm spec's CA configuration; the desired CA certificate for
the swarm, the desired CA key for the swarm (if not using an external certificate), and an optional parameter to force swarm to
generate and rotate to a new CA certificate/key pair.
* `POST /service/create` and `POST /services/(id or name)/update` now take the field `Platforms` as part of the service `Placement`, allowing to specify platforms supported by the service.
Update ContainerWait API This patch adds the untilRemoved option to the ContainerWait API which allows the client to wait until the container is not only exited but also removed. This patch also adds some more CLI integration tests for waiting for a created container and waiting with the new --until-removed flag. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Handle detach sequence in CLI Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Update Container Wait Conditions Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Apply container wait changes to API 1.30 The set of changes to the containerWait API missed the cut for the Docker 17.05 release (API version 1.29). This patch bumps the version checks to use 1.30 instead. This patch also makes a minor update to a testfile which was added to the builder/dockerfile package. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Remove wait changes from CLI Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Address minor nits on wait changes - Changed the name of the tty Proxy wrapper to `escapeProxy` - Removed the unnecessary Error() method on container.State - Fixes a typo in comment (repeated word) Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Use router.WithCancel in the containerWait handler This handler previously added this functionality manually but now uses the existing wrapper which does it for us. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Add WaitCondition constants to api/types/container Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Address more ContainerWait review comments - Update ContainerWait backend interface to not return pointer values for container.StateStatus type. - Updated container state's Wait() method comments to clarify that a context MUST be used for cancelling the request, setting timeouts, and to avoid goroutine leaks. - Removed unnecessary buffering when making channels in the client's ContainerWait methods. - Renamed result and error channels in client's ContainerWait methods to clarify that only a single result or error value would be sent on the channel. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Move container.WaitCondition type to separate file ... to avoid conflict with swagger-generated code for API response Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn) Address more ContainerWait review comments Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2017-03-30 23:01:41 -04:00
* `POST /containers/(name)/wait` now accepts a `condition` query parameter to indicate which state change condition to wait for. Also, response headers are now returned immediately to acknowledge that the server has registered a wait callback for the client.
* `POST /swarm/init` now accepts a `DataPathAddr` property to set the IP-address or network interface to use for data traffic
* `POST /swarm/join` now accepts a `DataPathAddr` property to set the IP-address or network interface to use for data traffic
* `GET /events` now supports service, node and secret events which are emitted when users create, update and remove service, node and secret
* `GET /events` now supports network remove event which is emitted when users remove a swarm scoped network
* `GET /events` now supports a filter type `scope` in which supported value could be swarm and local
* `PUT /containers/(name)/archive` now accepts a `copyUIDGID` parameter to allow copy UID/GID maps to dest file or dir.
## v1.29 API changes
[Docker Engine API v1.29](https://docs.docker.com/engine/api/v1.29/) documentation
* `DELETE /networks/(name)` now allows to remove the ingress network, the one used to provide the routing-mesh.
* `POST /networks/create` now supports creating the ingress network, by specifying an `Ingress` boolean field. As of now this is supported only when using the overlay network driver.
* `GET /networks/(name)` now returns an `Ingress` field showing whether the network is the ingress one.
* `GET /networks/` now supports a `scope` filter to filter networks based on the network mode (`swarm`, `global`, or `local`).
* `POST /containers/create`, `POST /service/create` and `POST /services/(id or name)/update` now takes the field `StartPeriod` as a part of the `HealthConfig` allowing for specification of a period during which the container should not be considered unhealthy even if health checks do not pass.
* `GET /services/(id)` now accepts an `insertDefaults` query-parameter to merge default values into the service inspect output.
* `POST /containers/prune`, `POST /images/prune`, `POST /volumes/prune`, and `POST /networks/prune` now support a `label` filter to filter containers, images, volumes, or networks based on the label. The format of the label filter could be `label=<key>`/`label=<key>=<value>` to remove those with the specified labels, or `label!=<key>`/`label!=<key>=<value>` to remove those without the specified labels.
* `POST /services/create` now accepts `Privileges` as part of `ContainerSpec`. Privileges currently include
`CredentialSpec` and `SELinuxContext`.
## v1.28 API changes
[Docker Engine API v1.28](https://docs.docker.com/engine/api/v1.28/) documentation
* `POST /containers/create` now includes a `Consistency` field to specify the consistency level for each `Mount`, with possible values `default`, `consistent`, `cached`, or `delegated`.
* `GET /containers/create` now takes a `DeviceCgroupRules` field in `HostConfig` allowing to set custom device cgroup rules for the created container.
* Optional query parameter `verbose` for `GET /networks/(id or name)` will now list all services with all the tasks, including the non-local tasks on the given network.
* `GET /containers/(id or name)/attach/ws` now returns WebSocket in binary frame format for API version >= v1.28, and returns WebSocket in text frame format for API version< v1.28, for the purpose of backward-compatibility.
* `GET /networks` is optimised only to return list of all networks and network specific information. List of all containers attached to a specific network is removed from this API and is only available using the network specific `GET /networks/{network-id}`.
* `GET /containers/json` now supports `publish` and `expose` filters to filter containers that expose or publish certain ports.
* `POST /services/create` and `POST /services/(id or name)/update` now accept the `ReadOnly` parameter, which mounts the container's root filesystem as read only.
* `POST /build` now accepts `extrahosts` parameter to specify a host to ip mapping to use during the build.
* `POST /services/create` and `POST /services/(id or name)/update` now accept a `rollback` value for `FailureAction`.
* `POST /services/create` and `POST /services/(id or name)/update` now accept an optional `RollbackConfig` object which specifies rollback options.
* `GET /services` now supports a `mode` filter to filter services based on the service mode (either `global` or `replicated`).
* `POST /containers/(name)/update` now supports updating `NanoCPUs` that represents CPU quota in units of 10<sup>-9</sup> CPUs.
## v1.27 API changes
[Docker Engine API v1.27](https://docs.docker.com/engine/api/v1.27/) documentation
* `GET /containers/(id or name)/stats` now includes an `online_cpus` field in both `precpu_stats` and `cpu_stats`. If this field is `nil` then for compatibility with older daemons the length of the corresponding `cpu_usage.percpu_usage` array should be used.
Use binary frame for websocket attach endpoint This fix tries to address the issue raised in 28176 where text frame was used in websocket attach endpoint. In case the data send out contains non utf8 data, the connection will be closed in certain browsers, e.g., Safari. This fix address the issue by change `PayloadType` to `BinaryFrame`. This fix is tested manually with Safari. The docker daemon is inside a Linux Virtual Machine. Create a container with: ``` docker run -itd --name websocket busybox sh -c "while true; do echo -e 'he\\xc3\\x28o'; sleep 5; done" ``` Use the following url (172.16.66.128:2375 is the tcp address of the daemon): ``` file:///websocket.html?url=ws://172.16.66.128:2375/v1.25/containers/websocket/attach/ws?logs=1&stderr=1&stdout=1&stream=1&stdin=1 ``` and the following html: ``` <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Websocket</title> <script type="text/javascript"> function DockerWebSocket() { if ("WebSocket" in window) { console.log("WebSocket is supported by Browser...") // Remove '?url=' prefix url = window.location.search.replace(/^(\?url=)/,""); console.log("URL ["+url+"]..."); var ws = new WebSocket(url); ws.onopen = function() { console.log("Connection is opened..."); }; ws.onclose = function() { console.log("Connection is closed..."); }; ws.onmessage = function (e) { if (typeof e.data === "string") { alert("WebSocket received text message ["+e.data+"]!") } else { console.log("Message is received...") var blobReader = new FileReader(); blobReader.onload = function(event) { console.log(JSON.stringify(blobReader.result)) }; blobReader.readAsText(e.data) console.log("Message complete...") } }; } else { alert("WebSocket is not supported by Browser!"); } } </script> </head> <body> <div> <a href="javascript:DockerWebSocket()">Run DockerWebSocket</a> </div> </body> </html> ``` This fix fixes 28176. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-01-25 22:07:27 -05:00
## v1.26 API changes
[Docker Engine API v1.26](https://docs.docker.com/engine/api/v1.26/) documentation
* `POST /plugins/(plugin name)/upgrade` upgrade a plugin.
## v1.25 API changes
[Docker Engine API v1.25](https://docs.docker.com/engine/api/v1.25/) documentation
* The API version is now required in all API calls. Instead of just requesting, for example, the URL `/containers/json`, you must now request `/v1.25/containers/json`.
* `GET /version` now returns `MinAPIVersion`.
* `POST /build` accepts `networkmode` parameter to specify network used during build.
* `GET /images/(name)/json` now returns `OsVersion` if populated
* `GET /info` now returns `Isolation`.
* `POST /containers/create` now takes `AutoRemove` in HostConfig, to enable auto-removal of the container on daemon side when the container's process exits.
* `GET /containers/json` and `GET /containers/(id or name)/json` now return `"removing"` as a value for the `State.Status` field if the container is being removed. Previously, "exited" was returned as status.
* `GET /containers/json` now accepts `removing` as a valid value for the `status` filter.
* `GET /containers/json` now supports filtering containers by `health` status.
* `DELETE /volumes/(name)` now accepts a `force` query parameter to force removal of volumes that were already removed out of band by the volume driver plugin.
* `POST /containers/create/` and `POST /containers/(name)/update` now validates restart policies.
* `POST /containers/create` now validates IPAMConfig in NetworkingConfig, and returns error for invalid IPv4 and IPv6 addresses (`--ip` and `--ip6` in `docker create/run`).
* `POST /containers/create` now takes a `Mounts` field in `HostConfig` which replaces `Binds`, `Volumes`, and `Tmpfs`. *note*: `Binds`, `Volumes`, and `Tmpfs` are still available and can be combined with `Mounts`.
* `POST /build` now performs a preliminary validation of the `Dockerfile` before starting the build, and returns an error if the syntax is incorrect. Note that this change is _unversioned_ and applied to all API versions.
* `POST /build` accepts `cachefrom` parameter to specify images used for build cache.
* `GET /networks/` endpoint now correctly returns a list of *all* networks,
instead of the default network if a trailing slash is provided, but no `name`
or `id`.
* `DELETE /containers/(name)` endpoint now returns an error of `removal of container name is already in progress` with status code of 400, when container name is in a state of removal in progress.
* `GET /containers/json` now supports a `is-task` filter to filter
containers that are tasks (part of a service in swarm mode).
* `POST /containers/create` now takes `StopTimeout` field.
* `POST /services/create` and `POST /services/(id or name)/update` now accept `Monitor` and `MaxFailureRatio` parameters, which control the response to failures during service updates.
* `POST /services/(id or name)/update` now accepts a `ForceUpdate` parameter inside the `TaskTemplate`, which causes the service to be updated even if there are no changes which would ordinarily trigger an update.
* `POST /services/create` and `POST /services/(id or name)/update` now return a `Warnings` array.
* `GET /networks/(name)` now returns field `Created` in response to show network created time.
* `POST /containers/(id or name)/exec` now accepts an `Env` field, which holds a list of environment variables to be set in the context of the command execution.
* `GET /volumes`, `GET /volumes/(name)`, and `POST /volumes/create` now return the `Options` field which holds the driver specific options to use for when creating the volume.
* `GET /exec/(id)/json` now returns `Pid`, which is the system pid for the exec'd process.
* `POST /containers/prune` prunes stopped containers.
* `POST /images/prune` prunes unused images.
* `POST /volumes/prune` prunes unused volumes.
* `POST /networks/prune` prunes unused networks.
* Every API response now includes a `Docker-Experimental` header specifying if experimental features are enabled (value can be `true` or `false`).
* Every API response now includes a `API-Version` header specifying the default API version of the server.
* The `hostConfig` option now accepts the fields `CpuRealtimePeriod` and `CpuRtRuntime` to allocate cpu runtime to rt tasks when `CONFIG_RT_GROUP_SCHED` is enabled in the kernel.
* The `SecurityOptions` field within the `GET /info` response now includes `userns` if user namespaces are enabled in the daemon.
* `GET /nodes` and `GET /node/(id or name)` now return `Addr` as part of a node's `Status`, which is the address that that node connects to the manager from.
* The `HostConfig` field now includes `NanoCPUs` that represents CPU quota in units of 10<sup>-9</sup> CPUs.
* `GET /info` now returns more structured information about security options.
* The `HostConfig` field now includes `CpuCount` that represents the number of CPUs available for execution by the container. Windows daemon only.
* `POST /services/create` and `POST /services/(id or name)/update` now accept the `TTY` parameter, which allocate a pseudo-TTY in container.
* `POST /services/create` and `POST /services/(id or name)/update` now accept the `DNSConfig` parameter, which specifies DNS related configurations in resolver configuration file (resolv.conf) through `Nameservers`, `Search`, and `Options`.
* `POST /services/create` and `POST /services/(id or name)/update` now support
`node.platform.arch` and `node.platform.os` constraints in the services
`TaskSpec.Placement.Constraints` field.
* `GET /networks/(id or name)` now includes IP and name of all peers nodes for swarm mode overlay networks.
* `GET /plugins` list plugins.
* `POST /plugins/pull?name=<plugin name>` pulls a plugin.
* `GET /plugins/(plugin name)` inspect a plugin.
* `POST /plugins/(plugin name)/set` configure a plugin.
* `POST /plugins/(plugin name)/enable` enable a plugin.
* `POST /plugins/(plugin name)/disable` disable a plugin.
* `POST /plugins/(plugin name)/push` push a plugin.
* `POST /plugins/create?name=(plugin name)` create a plugin.
* `DELETE /plugins/(plugin name)` delete a plugin.
* `POST /node/(id or name)/update` now accepts both `id` or `name` to identify the node to update.
* `GET /images/json` now support a `reference` filter.
* `GET /secrets` returns information on the secrets.
* `POST /secrets/create` creates a secret.
* `DELETE /secrets/{id}` removes the secret `id`.
* `GET /secrets/{id}` returns information on the secret `id`.
* `POST /secrets/{id}/update` updates the secret `id`.
* `POST /services/(id or name)/update` now accepts service name or prefix of service id as a parameter.
Implement optional ring buffer for container logs This allows the user to set a logging mode to "blocking" (default), or "non-blocking", which uses the ring buffer as a proxy to the real log driver. This allows a container to never be blocked on stdio at the cost of dropping log messages. Introduces 2 new log-opts that works for all drivers, `log-mode` and `log-size`. `log-mode` takes a value of "blocking", or "non-blocking" I chose not to implement this as a bool since it is difficult to determine if the mode was set to false vs just not set... especially difficult when merging the default daemon config with the container config. `log-size` takes a size string, e.g. `2MB`, which sets the max size of the ring buffer. When the max size is reached, it will start dropping log messages. ``` BenchmarkRingLoggerThroughputNoReceiver-8 2000000000 36.2 ns/op 856.35 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputWithReceiverDelay0-8 300000000 156 ns/op 198.48 MB/s 32 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay1-8 2000000000 36.1 ns/op 857.80 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay10-8 1000000000 36.2 ns/op 856.53 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay50-8 2000000000 34.7 ns/op 894.65 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay100-8 2000000000 35.1 ns/op 883.91 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay300-8 1000000000 35.9 ns/op 863.90 MB/s 0 B/op 0 allocs/op BenchmarkRingLoggerThroughputConsumeDelay500-8 2000000000 35.8 ns/op 866.88 MB/s 0 B/op 0 allocs/op ``` Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-11-22 21:55:27 -05:00
* `POST /containers/create` added 2 built-in log-opts that work on all logging drivers,
`mode` (`blocking`|`non-blocking`), and `max-buffer-size` (e.g. `2m`) which enables a non-blocking log buffer.
* `POST /containers/create` now takes `HostConfig.Init` field to run an init
inside the container that forwards signals and reaps processes.
## v1.24 API changes
[Docker Engine API v1.24](v1.24.md) documentation
* `POST /containers/create` now takes `StorageOpt` field.
* `GET /info` now returns `SecurityOptions` field, showing if `apparmor`, `seccomp`, or `selinux` is supported.
* `GET /info` no longer returns the `ExecutionDriver` property. This property was no longer used after integration
with ContainerD in Docker 1.11.
* `GET /networks` now supports filtering by `label` and `driver`.
* `GET /containers/json` now supports filtering containers by `network` name or id.
* `POST /containers/create` now takes `IOMaximumBandwidth` and `IOMaximumIOps` fields. Windows daemon only.
* `POST /containers/create` now returns an HTTP 400 "bad parameter" message
if no command is specified (instead of an HTTP 500 "server error")
* `GET /images/search` now takes a `filters` query parameter.
* `GET /events` now supports a `reload` event that is emitted when the daemon configuration is reloaded.
* `GET /events` now supports filtering by daemon name or ID.
* `GET /events` now supports a `detach` event that is emitted on detaching from container process.
* `GET /events` now supports an `exec_detach ` event that is emitted on detaching from exec process.
* `GET /images/json` now supports filters `since` and `before`.
* `POST /containers/(id or name)/start` no longer accepts a `HostConfig`.
* `POST /images/(name)/tag` no longer has a `force` query parameter.
* `GET /images/search` now supports maximum returned search results `limit`.
* `POST /containers/{name:.*}/copy` is now removed and errors out starting from this API version.
* API errors are now returned as JSON instead of plain text.
* `POST /containers/create` and `POST /containers/(id)/start` allow you to configure kernel parameters (sysctls) for use in the container.
* `POST /containers/<container ID>/exec` and `POST /exec/<exec ID>/start`
no longer expects a "Container" field to be present. This property was not used
and is no longer sent by the docker client.
* `POST /containers/create/` now validates the hostname (should be a valid RFC 1123 hostname).
* `POST /containers/create/` `HostConfig.PidMode` field now accepts `container:<name|id>`,
to have the container join the PID namespace of an existing container.
## v1.23 API changes
[Docker Engine API v1.23](v1.23.md) documentation
* `GET /containers/json` returns the state of the container, one of `created`, `restarting`, `running`, `paused`, `exited` or `dead`.
* `GET /containers/json` returns the mount points for the container.
* `GET /networks/(name)` now returns an `Internal` field showing whether the network is internal or not.
* `GET /networks/(name)` now returns an `EnableIPv6` field showing whether the network has ipv6 enabled or not.
* `POST /containers/(name)/update` now supports updating container's restart policy.
* `POST /networks/create` now supports enabling ipv6 on the network by setting the `EnableIPv6` field (doing this with a label will no longer work).
* `GET /info` now returns `CgroupDriver` field showing what cgroup driver the daemon is using; `cgroupfs` or `systemd`.
* `GET /info` now returns `KernelMemory` field, showing if "kernel memory limit" is supported.
* `POST /containers/create` now takes `PidsLimit` field, if the kernel is >= 4.3 and the pids cgroup is supported.
* `GET /containers/(id or name)/stats` now returns `pids_stats`, if the kernel is >= 4.3 and the pids cgroup is supported.
* `POST /containers/create` now allows you to override usernamespaces remapping and use privileged options for the container.
* `POST /containers/create` now allows specifying `nocopy` for named volumes, which disables automatic copying from the container path to the volume.
* `POST /auth` now returns an `IdentityToken` when supported by a registry.
* `POST /containers/create` with both `Hostname` and `Domainname` fields specified will result in the container's hostname being set to `Hostname`, rather than `Hostname.Domainname`.
* `GET /volumes` now supports more filters, new added filters are `name` and `driver`.
* `GET /containers/(id or name)/logs` now accepts a `details` query parameter to stream the extra attributes that were provided to the containers `LogOpts`, such as environment variables and labels, with the logs.
* `POST /images/load` now returns progress information as a JSON stream, and has a `quiet` query parameter to suppress progress details.
## v1.22 API changes
[Docker Engine API v1.22](v1.22.md) documentation
* `POST /container/(name)/update` updates the resources of a container.
* `GET /containers/json` supports filter `isolation` on Windows.
Add containers’ networks to /containers/json After addition of multi-host networking in Docker 1.9, Docker Remote API is still returning only the network specified during creation of the container in the “List Containers” (`/containers/json`) endpoint: ... "HostConfig": { "NetworkMode": "default" }, The list of networks containers are attached to is only available at Get Container (`/containers/<id>/json`) endpoint. This does not allow applications utilizing multi-host networking to be built on top of Docker Remote API. Therefore I added a simple `"NetworkSettings"` section to the `/containers/json` endpoint. This is not identical to the NetworkSettings returned in Get Container (`/containers/<id>/json`) endpoint. It only contains a single field `"Networks"`, which is essentially the same value shown in inspect output of a container. This change adds the following section to the `/containers/json`: "NetworkSettings": { "Networks": { "bridge": { "EndpointID": "2cdc4edb1ded3631c81f57966563e...", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:02" } } } This is of type `SummaryNetworkSettings` type, a minimal version of `api/types#NetworkSettings`. Actually all I need is the network name and the IPAddress fields. If folks find this addition too big, I can create a `SummaryEndpointSettings` field as well, containing just the IPAddress field. Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-12-09 23:48:50 -05:00
* `GET /containers/json` now returns the list of networks of containers.
* `GET /info` Now returns `Architecture` and `OSType` fields, providing information
about the host architecture and operating system type that the daemon runs on.
* `GET /networks/(name)` now returns a `Name` field for each container attached to the network.
* `GET /version` now returns the `BuildTime` field in RFC3339Nano format to make it
consistent with other date/time values returned by the API.
* `AuthConfig` now supports a `registrytoken` for token based authentication
* `POST /containers/create` now has a 4M minimum value limit for `HostConfig.KernelMemory`
* Pushes initiated with `POST /images/(name)/push` and pulls initiated with `POST /images/create`
will be cancelled if the HTTP connection making the API request is closed before
the push or pull completes.
* `POST /containers/create` now allows you to set a read/write rate limit for a
device (in bytes per second or IO per second).
* `GET /networks` now supports filtering by `name`, `id` and `type`.
* `POST /containers/create` now allows you to set the static IPv4 and/or IPv6 address for the container.
* `POST /networks/(id)/connect` now allows you to set the static IPv4 and/or IPv6 address for the container.
* `GET /info` now includes the number of containers running, stopped, and paused.
* `POST /networks/create` now supports restricting external access to the network by setting the `Internal` field.
* `POST /networks/(id)/disconnect` now includes a `Force` option to forcefully disconnect a container from network
* `GET /containers/(id)/json` now returns the `NetworkID` of containers.
* `POST /networks/create` Now supports an options field in the IPAM config that provides options
for custom IPAM plugins.
* `GET /networks/{network-id}` Now returns IPAM config options for custom IPAM plugins if any
are available.
* `GET /networks/<network-id>` now returns subnets info for user-defined networks.
* `GET /info` can now return a `SystemStatus` field useful for returning additional information about applications
that are built on top of engine.
## v1.21 API changes
[Docker Engine API v1.21](v1.21.md) documentation
* `GET /volumes` lists volumes from all volume drivers.
* `POST /volumes/create` to create a volume.
* `GET /volumes/(name)` get low-level information about a volume.
* `DELETE /volumes/(name)` remove a volume with the specified name.
* `VolumeDriver` was moved from `config` to `HostConfig` to make the configuration portable.
* `GET /images/(name)/json` now returns information about an image's `RepoTags` and `RepoDigests`.
* The `config` option now accepts the field `StopSignal`, which specifies the signal to use to kill a container.
* `GET /containers/(id)/stats` will return networking information respectively for each interface.
* The `HostConfig` option now includes the `DnsOptions` field to configure the container's DNS options.
* `POST /build` now optionally takes a serialized map of build-time variables.
* `GET /events` now includes a `timenano` field, in addition to the existing `time` field.
* `GET /events` now supports filtering by image and container labels.
* `GET /info` now lists engine version information and return the information of `CPUShares` and `Cpuset`.
* `GET /containers/json` will return `ImageID` of the image used by container.
* `POST /exec/(name)/start` will now return an HTTP 409 when the container is either stopped or paused.
* `POST /containers/create` now takes `KernelMemory` in HostConfig to specify kernel memory limit.
* `GET /containers/(name)/json` now accepts a `size` parameter. Setting this parameter to '1' returns container size information in the `SizeRw` and `SizeRootFs` fields.
* `GET /containers/(name)/json` now returns a `NetworkSettings.Networks` field,
detailing network settings per network. This field deprecates the
`NetworkSettings.Gateway`, `NetworkSettings.IPAddress`,
`NetworkSettings.IPPrefixLen`, and `NetworkSettings.MacAddress` fields, which
are still returned for backward-compatibility, but will be removed in a future version.
* `GET /exec/(id)/json` now returns a `NetworkSettings.Networks` field,
detailing networksettings per network. This field deprecates the
`NetworkSettings.Gateway`, `NetworkSettings.IPAddress`,
`NetworkSettings.IPPrefixLen`, and `NetworkSettings.MacAddress` fields, which
are still returned for backward-compatibility, but will be removed in a future version.
* The `HostConfig` option now includes the `OomScoreAdj` field for adjusting the
badness heuristic. This heuristic selects which processes the OOM killer kills
under out-of-memory conditions.
## v1.20 API changes
[Docker Engine API v1.20](v1.20.md) documentation
* `GET /containers/(id)/archive` get an archive of filesystem content from a container.
* `PUT /containers/(id)/archive` upload an archive of content to be extracted to
an existing directory inside a container's filesystem.
* `POST /containers/(id)/copy` is deprecated in favor of the above `archive`
endpoint which can be used to download files and directories from a container.
* The `hostConfig` option now accepts the field `GroupAdd`, which specifies a
list of additional groups that the container process will run as.
## v1.19 API changes
[Docker Engine API v1.19](v1.19.md) documentation
* When the daemon detects a version mismatch with the client, usually when
the client is newer than the daemon, an HTTP 400 is now returned instead
of a 404.
* `GET /containers/(id)/stats` now accepts `stream` bool to get only one set of stats and disconnect.
* `GET /containers/(id)/logs` now accepts a `since` timestamp parameter.
* `GET /info` The fields `Debug`, `IPv4Forwarding`, `MemoryLimit`, and
`SwapLimit` are now returned as boolean instead of as an int. In addition, the
end point now returns the new boolean fields `CpuCfsPeriod`, `CpuCfsQuota`, and
`OomKillDisable`.
* The `hostConfig` option now accepts the fields `CpuPeriod` and `CpuQuota`
* `POST /build` accepts `cpuperiod` and `cpuquota` options
## v1.18 API changes
[Docker Engine API v1.18](v1.18.md) documentation
* `GET /version` now returns `Os`, `Arch` and `KernelVersion`.
* `POST /containers/create` and `POST /containers/(id)/start`allow you to set ulimit settings for use in the container.
* `GET /info` now returns `SystemTime`, `HttpProxy`,`HttpsProxy` and `NoProxy`.
* `GET /images/json` added a `RepoDigests` field to include image digest information.
* `POST /build` can now set resource constraints for all containers created for the build.
* `CgroupParent` can be passed in the host config to setup container cgroups under a specific cgroup.
* `POST /build` closing the HTTP request cancels the build
* `POST /containers/(id)/exec` includes `Warnings` field to response.