q3k
/
docker-cli-openbsd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: update cli reference for secret usage 

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>

docs: minor update to service create usage

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
master
Evan Hazlett 2016-10-27 17:30:32 -07:00 committed by Tibor Vass
parent 9c9e10b0ca
commit 2161bbf176
6 changed files with 258 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
docs/reference/commandline/secret_create.md Normal file
View File

@ -0,0 +1,46 @@
---
title: "secret create"
description: "The secret create command description and usage"
keywords: ["secret, create"]
---
<!-- This file is maintained within the docker/docker Github
repository at https://github.com/docker/docker/. Make all
pull requests against that repo. If you see this file in
another repository, consider it read-only there, as it will
periodically be overwritten by the definitive file. Pull
requests which include edits to this file in other repositories
will be rejected.
-->
# secret create
```Markdown
Usage: docker secret create [NAME]
Create a secret using stdin as content
```
Creates a secret using standard input for the secret content. You must run this
command on a manager node.
## Examples
### Create a secret
```bash
$ cat ssh-dev | docker secret create ssh-dev
mhv17xfe3gh6xc4rij5orpfds
$ docker secret ls
ID NAME CREATED UPDATED SIZE
mhv17xfe3gh6xc4rij5orpfds ssh-dev 2016-10-27 23:25:43.909181089 +0000 UTC 2016-10-27 23:25:43.909181089 +0000 UTC 1679
```
## Related information
* [secret inspect](secret_inspect.md)
* [secret ls](secret_ls.md)
* [secret rm](secret_rm.md)
<style>table tr > td:first-child { white-space: nowrap;}</style>

88
docs/reference/commandline/secret_inspect.md Normal file
View File

@ -0,0 +1,88 @@
---
title: "secret inspect"
description: "The secret inspect command description and usage"
keywords: ["secret, inspect"]
---
<!-- This file is maintained within the docker/docker Github
repository at https://github.com/docker/docker/. Make all
pull requests against that repo. If you see this file in
another repository, consider it read-only there, as it will
periodically be overwritten by the definitive file. Pull
requests which include edits to this file in other repositories
will be rejected.
-->
# secret inspect
```Markdown
Usage: docker secret inspect [OPTIONS] SECRET [SECRET...]
Display detailed information on one or more secrets
Options:
-f, --format string Format the output using the given Go template
--help Print usage
```
Inspects the specified secret. This command has to be run targeting a manager
node.
By default, this renders all results in a JSON array. If a format is specified,
the given template will be executed for each result.
Go's [text/template](http://golang.org/pkg/text/template/) package
describes all the details of the format.
## Examples
### Inspecting a secret by name or ID
You can inspect a secret, either by its *name*, or *ID*
For example, given the following secret:
```bash
$ docker secret ls
ID NAME CREATED UPDATED SIZE
mhv17xfe3gh6xc4rij5orpfds ssh-dev 2016-10-27 23:25:43.909181089 +0000 UTC 2016-10-27 23:25:43.909181089 +0000 UTC 1679
```
```bash
$ docker secret inspect mhv17xfe3gh6xc4rij5orpfds
[
{
"ID": "mhv17xfe3gh6xc4rij5orpfds",
"Version": {
"Index": 1198
},
"CreatedAt": "2016-10-27T23:25:43.909181089Z",
"UpdatedAt": "2016-10-27T23:25:43.909181089Z",
"Spec": {
"Name": "ssh-dev",
"Data": null
},
"Digest": "sha256:8281c6d924520986e3c6af23ed8926710a611c90339db582c2a9ac480ba622b7",
"SecretSize": 1679
}
]
```
### Formatting secret output
The `--format` option can be used to obtain specific information about a
secret. For example, the following command outputs the digest of the
secret.
```bash{% raw %}
$ docker secret inspect --format='{{.Digest}}' mhv17xfe3gh6xc4rij5orpfds
sha256:8281c6d924520986e3c6af23ed8926710a611c90339db582c2a9ac480ba622b7
{% endraw %}```
## Related information
* [secret create](secret_create.md)
* [secret ls](secret_ls.md)
* [secret rm](secret_rm.md)

44
docs/reference/commandline/secret_ls.md Normal file
View File

@ -0,0 +1,44 @@
---
title: "secret ls"
description: "The secret ls command description and usage"
keywords: ["secret, ls"]
---
<!-- This file is maintained within the docker/docker Github
repository at https://github.com/docker/docker/. Make all
pull requests against that repo. If you see this file in
another repository, consider it read-only there, as it will
periodically be overwritten by the definitive file. Pull
requests which include edits to this file in other repositories
will be rejected.
-->
# secret ls
```Markdown
Usage: docker secret ls [OPTIONS]
List secrets
Aliases:
ls, list
Options:
-q, --quiet Only display IDs
```
This command when run targeting a manager, lists secrets in the
swarm.
On a manager node:
```bash
$ docker secret ls
ID NAME CREATED UPDATED SIZE
mhv17xfe3gh6xc4rij5orpfds ssh-dev 2016-10-27 23:25:43.909181089 +0000 UTC 2016-10-27 23:25:43.909181089 +0000 UTC 1679
```
## Related information
* [secret create](secret_create.md)
* [secret inspect](secret_inspect.md)
* [secret rm](secret_rm.md)

48
docs/reference/commandline/secret_rm.md Normal file
View File

@ -0,0 +1,48 @@
---
title: "secret rm"
description: "The secret rm command description and usage"
keywords: ["secret, rm"]
---
<!-- This file is maintained within the docker/docker Github
repository at https://github.com/docker/docker/. Make all
pull requests against that repo. If you see this file in
another repository, consider it read-only there, as it will
periodically be overwritten by the definitive file. Pull
requests which include edits to this file in other repositories
will be rejected.
-->
# secret rm
```Markdown
Usage: docker secret rm SECRET [SECRET...]
Remove one or more secrets
Aliases:
rm, remove
Options:
--help Print usage
```
Removes the specified secrets from the swarm. This command has to be run
targeting a manager node.
For example, to remove secret:
```bash
$ docker secret rm sapth4csdo5b6wz2p5uimh5xg
sapth4csdo5b6wz2p5uimh5xg
```
> **Warning**: Unlike `docker rm`, this command does not ask for confirmation
> before removing a secret.
## Related information
* [secret create](secret_create.md)
* [secret inspect](secret_inspect.md)
* [secret ls](secret_ls.md)

16
docs/reference/commandline/service_create.md
View File

@ -54,6 +54,7 @@ Options:
--restart-delay duration Delay between restart attempts (default none) --restart-delay duration Delay between restart attempts (default none)
--restart-max-attempts uint Maximum number of restarts before giving up (default none) --restart-max-attempts uint Maximum number of restarts before giving up (default none)
--restart-window duration Window used to evaluate the restart policy (default none) --restart-window duration Window used to evaluate the restart policy (default none)
--secret value Specify secrets to expose to the service (default [])
--stop-grace-period duration Time to wait before force killing a container (default none) --stop-grace-period duration Time to wait before force killing a container (default none)
-t, --tty Allocate a pseudo-TTY -t, --tty Allocate a pseudo-TTY
--update-delay duration Delay between updates (ns|us|ms|s|m|h) (default 0s) --update-delay duration Delay between updates (ns|us|ms|s|m|h) (default 0s)
@ -119,6 +120,21 @@ ID NAME MODE REPLICAS IMAGE
4cdgfyky7ozw redis replicated 5/5 redis:3.0.7 4cdgfyky7ozw redis replicated 5/5 redis:3.0.7
``` ```
### Create a service with secrets
Use the `--secret` flag to use a [secret](secret_create.md). The following
command will create a service with two secrets named `ssh-key` and `app-key`:
```bash
$ docker service create --name redis --secret ssh-key:ssh --secret app-key:app redis:3.0.6
4cdgfyky7ozwh3htjfw0d12qv
```
Secrets are located in `/run/secrets` in the container. If no target is
specified, the name of the secret will be used as the in memory file in the
container. If a target is specified, that will be the filename. In the
example above, two files will be created: `/run/secrets/ssh` and
`/run/secrets/app` for each of the secret targets specified.
### Create a service with a rolling update policy ### Create a service with a rolling update policy
```bash ```bash

16
docs/reference/commandline/service_update.md
View File

@ -63,6 +63,8 @@ Options:
--restart-max-attempts uint Maximum number of restarts before giving up (default none) --restart-max-attempts uint Maximum number of restarts before giving up (default none)
--restart-window duration Window used to evaluate the restart policy (default none) --restart-window duration Window used to evaluate the restart policy (default none)
--rollback Rollback to previous specification --rollback Rollback to previous specification
--secret-add list Add a secret (default [])
--secret-rm list Remove a secret (default [])
--stop-grace-period duration Time to wait before force killing a container (default none) --stop-grace-period duration Time to wait before force killing a container (default none)
-t, --tty Allocate a pseudo-TTY -t, --tty Allocate a pseudo-TTY
--update-delay duration Delay between updates (ns|us|ms|s|m|h) (default 0s) --update-delay duration Delay between updates (ns|us|ms|s|m|h) (default 0s)
@ -146,6 +148,20 @@ $ docker service update --mount-rm /somewhere myservice
myservice myservice
``` ```
### Adding and removing secrets
Use the `--secret-add` or `--secret-rm` options add or remove a service's
secrets.
The following example adds a secret named `ssh-2` and removes `ssh-1`:
```bash
$ docker service update \
--secret-add ssh-2 \
--secret-rm ssh-1 \
myservice
```
## Related information ## Related information
* [service create](service_create.md) * [service create](service_create.md)