Using Compose with Swarm Docker Compose and Docker Swarm aim to have full integration, meaning you can point a Compose app at a Swarm cluster and have it all just work as if you were using a single Docker host. The actual extent of integration depends on which version of the Compose file format you are using: If you’re using version 1 along with links, your app will work, but Swarm will schedule all containers on one host, because links between containers do not work across hosts with the old n

Delegations for content trust Docker Engine supports the usage of the targets/releases delegation as the canonical source of a trusted image tag. Using this delegation allows you to collaborate with other publishers without sharing your repository key (a combination of your targets and snapshot keys - please see “Manage keys for content trust” for more information). A collaborator can keep their own delegation key private. The targets/releases delegation is currently an optional feature - in or

Exoscale Create machines on exoscale. Get your API key and API secret key from API details and pass them to machine create with the --exoscale-api-key and --exoscale-api-secret-key options. $ docker-machine create --driver exoscale --exoscale-api-key=API --exoscale-api-secret-key=SECRET vm Options: --exoscale-url: Your API endpoint. --exoscale-api-key: required Your API key. --exoscale-api-secret-key: required Your API secret key. --exoscale-instance-profile: Instance profile. --exoscale-

Generic Create machines using an existing VM/Host with SSH. This is useful if you are using a provider that Machine does not support directly or if you would like to import an existing host to allow Docker Machine to manage. The driver will perform a list of tasks on create: If docker is not running on the host, it will be installed automatically. It will update the host packages (apt-get update, yum update…). It will generate certificates to secure the docker daemon. The docker daemon will be

Docker security There are three major areas to consider when reviewing Docker security: the intrinsic security of the kernel and its support for namespaces and cgroups; the attack surface of the Docker daemon itself; loopholes in the container configuration profile, either by default, or when customized by users. the “hardening” security features of the kernel and how they interact with containers. Kernel namespaces Docker containers are very similar to LXC containers, and they have similar s

Microsoft Hyper-V Creates a Boot2Docker virtual machine locally on your Windows machine using Hyper-V. See here for instructions to enable Hyper-V. You will need to use an Administrator level account to create and manage Hyper-V machines. Note: You will need an existing virtual switch to use the driver. Hyper-V can share an external network interface (aka bridging), see this blog. If you would like to use NAT, create an internal network, and use Internet Connection Sharing. $ docker-machine c

Frequently asked questions If you don’t see your question here, feel free to drop by #docker-compose on freenode IRC and ask the community. Can I control service startup order? Yes - see Controlling startup order. Why do my services take 10 seconds to recreate or stop? Compose stop attempts to stop a container by sending a SIGTERM. It then waits for a default timeout of 10 seconds. After the timeout, a SIGKILL is sent to the container to forcefully kill it. If you are waiting for this timeout,

IBM Softlayer Create machines on Softlayer. You need to generate an API key in the softlayer control panel. Retrieve your API key $ docker-machine create --driver softlayer --softlayer-user=user --softlayer-api-key=KEY --softlayer-domain=domain vm Options: --softlayer-memory: Memory for host in MB. --softlayer-disk-size: A value of 0 will set the SoftLayer default. --softlayer-user: required Username for your SoftLayer account, api key needs to match this user. --softlayer-api-key: require

Google Cloud Logging driver The Google Cloud Logging driver sends container logs to Google Cloud Logging. Usage You can configure the default logging driver by passing the --log-driver option to the Docker daemon: docker daemon --log-driver=gcplogs You can set the logging driver for a specific container by using the --log-driver option to docker run: docker run --log-driver=gcplogs ... This log driver does not implement a reader so it is incompatible with docker logs. If Docker detects that i

Overview of Docker Compose Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a Compose file to configure your application’s services. Then, using a single command, you create and start all the services from your configuration. To learn more about all the features of Compose see the list of features. Compose is great for development, testing, and staging environments, as well as CI workflows. You can learn more about each case in Common Use Cas