Manage keys for content trust Trust for an image tag is managed through the use of keys. Docker’s content trust makes use of five different types of keys: Key Description root key Root of content trust for an image tag. When content trust is enabled, you create the root key once. Also known as the offline key, because it should be kept offline. targets This key allows you to sign image tags, to manage delegations including delegated keys or permitted delegation paths. Also known as the reposito

diff Usage: docker diff [OPTIONS] CONTAINER Inspect changes on a container's filesystem --help Print usage List the changed files and directories in a container᾿s filesystem There are 3 events that are listed in the diff: A - Add D - Delete C - Change For example: $ docker diff 7bb0e258aefe C /dev A /dev/kmsg C /etc A /etc/mtab A /go A /go/src A /go/src/github.com A /go/src/github.com/docker A /go/src/github.com/docker/docker A /go/src/github.com/docker/docker/.git ....

Customize the docker0 bridge The information in this section explains how to customize the Docker default bridge. This is a bridge network named bridge created automatically when you install Docker. Note: The Docker networks feature allows you to create user-defined networks in addition to the default bridge network. By default, the Docker server creates and configures the host system’s docker0 interface as an Ethernet bridge inside the Linux kernel that can pass packets back and forth between

Docker Swarm API The Docker Swarm API is mostly compatible with the Docker Remote API. This document is an overview of the differences between the Swarm API and the Docker Remote API. Missing endpoints Some endpoints have not yet been implemented and will return a 404 error. POST "/images/create" : "docker import" flow not implement Endpoints which behave differently Endpoint Differences GET "/containers/{name:.*}/json" New field Node added: "Node": { "Id": "ODAI:IC6Q:MSBL:TPB5:HIEE:6IK

pause Usage: docker pause [OPTIONS] CONTAINER [CONTAINER...] Pause all processes within a container --help Print usage The docker pause command uses the cgroups freezer to suspend all processes in a container. Traditionally, when suspending a process the SIGSTOP signal is used, which is observable by the process being suspended. With the cgroups freezer the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed. See the cgroups freezer docu

restart Usage: docker-machine restart [arg...] Restart a machine Description: Argument(s) are one or more machine names. Restart a machine. Oftentimes this is equivalent to docker-machine stop; docker-machine start. But some cloud driver try to implement a clever restart which keeps the same ip address. $ docker-machine restart dev Waiting for VM to start...

top Usage: docker top [OPTIONS] CONTAINER [ps OPTIONS] Display the running processes of a container --help Print usage

logs Usage: logs [options] [SERVICE...] Options: --no-color Produce monochrome output. -f, --follow Follow log output -t, --timestamps Show timestamps --tail Number of lines to show from the end of the logs for each container. Displays log output from services.

Deprecated Engine Features The following list of features are deprecated in Engine. -e and --email flags on docker login Deprecated In Release: v1.11 Target For Removal In Release: v1.13 The docker login command is removing the ability to automatically register for an account with the target registry if the given username doesn’t exist. Due to this change, the email flag is no longer required, and will be deprecated. Separator (:) of --security-opt flag on docker run Deprecated In Release: v

Docker Swarm Docker Swarm overview How to get Docker Swarm Evaluate Swarm in a sandbox Plan for Swarm in production Build a Swarm cluster for production Try Swarm at scale Overview Swarm with TLS Configure Docker Swarm for TLS Docker Swarm Discovery High availability in Docker Swarm Swarm and container networks Advanced Scheduling Provision a Swarm cluster with Docker Machine Docker Swarm API