create — Create a discovery token The create command uses Docker Hub’s hosted discovery backend to create a unique discovery token for your cluster. For example: $ docker run --rm swarm create 86222732d62b6868d441d430aee4f055 Later, when you use manage or join to create Swarm managers and nodes, you use the discovery token in the <discovery> argument (e.g., token://86222732d62b6868d441d430aee4f055). The discovery backend registers each new Swarm manager and node that uses the token as a

Docker Swarm Docker Swarm overview How to get Docker Swarm Evaluate Swarm in a sandbox Plan for Swarm in production Build a Swarm cluster for production Try Swarm at scale Overview Swarm with TLS Configure Docker Swarm for TLS Docker Swarm Discovery High availability in Docker Swarm Swarm and container networks Advanced Scheduling Provision a Swarm cluster with Docker Machine Docker Swarm API

Docker security There are three major areas to consider when reviewing Docker security: the intrinsic security of the kernel and its support for namespaces and cgroups; the attack surface of the Docker daemon itself; loopholes in the container configuration profile, either by default, or when customized by users. the “hardening” security features of the kernel and how they interact with containers. Kernel namespaces Docker containers are very similar to LXC containers, and they have similar s

Frequently asked questions If you don’t see your question here, feel free to drop by #docker-compose on freenode IRC and ask the community. Can I control service startup order? Yes - see Controlling startup order. Why do my services take 10 seconds to recreate or stop? Compose stop attempts to stop a container by sending a SIGTERM. It then waits for a default timeout of 10 seconds. After the timeout, a SIGKILL is sent to the container to forcefully kill it. If you are waiting for this timeout,

provision Re-run provisioning on a created machine. Sometimes it may be helpful to re-run Machine’s provisioning process on a created machine. Reasons for doing so may include a failure during the original provisioning process, or a drift from the desired system state (including the originally specified Swarm or Engine configuration). Usage is docker-machine provision [name]. Multiple names may be specified. $ docker-machine provision foo bar Copying certs to the local machine directory... Copy

up Usage: up [options] [SERVICE...] Options: -d Detached mode: Run containers in the background, print new container names. Incompatible with --abort-on-container-exit. --no-color Produce monochrome output. --no-deps Don't start linked services. --force-recreate Recreate containers even if their configuration and image h

url Get the URL of a host $ docker-machine url dev tcp://192.168.99.109:2376

Docker Swarm strategies The Docker Swarm scheduler features multiple strategies for ranking nodes. The strategy you choose determines how Swarm computes ranking. When you run a new container, Swarm chooses to place it on the node with the highest computed ranking for your chosen strategy. To choose a ranking strategy, pass the --strategy flag and a strategy value to the swarm manage command. Swarm currently supports these values: spread binpack random The spread and binpack strategies compute

Manage data in containers So far you’ve been introduced to some basic Docker concepts, seen how to work with Docker images as well as learned about networking and links between containers. In this section you’re going to learn how you can manage data inside and between your Docker containers. You’re going to look at the two primary ways you can manage data with Docker Engine. Data volumes Data volume containers Data volumes A data volume is a specially-designated directory within one or more

ssh Log into or run a command on a machine using SSH. To login, just run docker-machine ssh machinename: $ docker-machine ssh dev ## . ## ## ## == ## ## ## ## === /""""""""""""""""\___/ === ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~ \______ o __/ \ \ __/ \____\______/ _ _ ____ _ _ | |__ ___ ___ | |_|___ \ __| | ___