From a7c2ea2fc4e52d15a6beda386462ba335867a981 Mon Sep 17 00:00:00 2001
From: Harald Albers <github@albersweb.de>
Date: Fri, 10 Nov 2017 10:03:30 +0100
Subject: [PATCH 1/3] Fix bash completion for service env, mounts and labels

`service create` and `service update` both used to have `--env`, `--label`
and `--mount` options.
These options now are only valid for `service create`.
`service update` got corresponding `--xxx-add|rm` options instead.

Signed-off-by: Harald Albers <github@albersweb.de>
Upstream-commit: d149c93c0cf9d77687d1a0d0577ec620449247cf
Component: cli
---
 components/cli/contrib/completion/bash/docker | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/components/cli/contrib/completion/bash/docker b/components/cli/contrib/completion/bash/docker
index 73e655748e..48c6e2be67 100644
--- a/components/cli/contrib/completion/bash/docker
+++ b/components/cli/contrib/completion/bash/docker
@@ -3333,7 +3333,6 @@ _docker_service_update_and_create() {
 	local options_with_args="
 		--endpoint-mode
 		--entrypoint
-		--env -e
 		--force
 		--health-cmd
 		--health-interval
@@ -3342,12 +3341,10 @@ _docker_service_update_and_create() {
 		--health-timeout
 		--hostname
 		--isolation
-		--label -l
 		--limit-cpu
 		--limit-memory
 		--log-driver
 		--log-opt
-		--mount
 		--replicas
 		--reserve-cpu
 		--reserve-memory
@@ -3395,11 +3392,14 @@ _docker_service_update_and_create() {
 			--dns
 			--dns-option
 			--dns-search
+			--env -e
 			--env-file
 			--generic-resource
 			--group
 			--host
+			--label -l
 			--mode
+			--mount
 			--name
 			--network
 			--placement-pref
@@ -3458,6 +3458,8 @@ _docker_service_update_and_create() {
 			--dns-rm
 			--dns-search-add
 			--dns-search-rm
+			--env-add
+			--env-rm
 			--generic-resource-add
 			--generic-resource-rm
 			--group-add
@@ -3465,6 +3467,10 @@ _docker_service_update_and_create() {
 			--host-add
 			--host-rm
 			--image
+			--label-add
+			--label-rm
+			--mount-add
+			--mount-rm
 			--network-add
 			--network-rm
 			--placement-pref-add
@@ -3481,6 +3487,10 @@ _docker_service_update_and_create() {
 				__docker_complete_configs
 				return
 				;;
+			--env-rm)
+				COMPREPLY=( $( compgen -e -- "$cur" ) )
+				return
+				;;
 			--group-add|--group-rm)
 				COMPREPLY=( $(compgen -g -- "$cur") )
 				return
@@ -3527,7 +3537,7 @@ _docker_service_update_and_create() {
 			COMPREPLY=( $( compgen -W "dnsrr vip" -- "$cur" ) )
 			return
 			;;
-		--env|-e)
+		--env|-e|--env-add)
 			# we do not append a "=" here because "-e VARNAME" is legal systax, too
 			COMPREPLY=( $( compgen -e -- "$cur" ) )
 			__docker_nospace

From 53eeb39422167e7e6efb9f4ff55ea52953b06057 Mon Sep 17 00:00:00 2001
From: Harald Albers <github@albersweb.de>
Date: Fri, 10 Nov 2017 11:46:31 +0100
Subject: [PATCH 2/3] Simplify bash completion for service options

Previously, the completions for `--xxx` and the corresponding
`-xxx-add` and `-xxx-rm` options were defined in separate blocks.
This caused a lot of duplicated code.

This PR removes duplication for xxx=config|group|host|placement-pref|secret.

Now the blocks for `create` and `update` only contain completions for
options that either only exist for the particular command or are specific
to it (completions for `--env-rm` and `--env|env-add` differ).

Signed-off-by: Harald Albers <github@albersweb.de>
Upstream-commit: f2b42bb6a8e80a7b942efbf6c4047c18ba97494c
Component: cli
---
 components/cli/contrib/completion/bash/docker | 81 ++++++-------------
 1 file changed, 26 insertions(+), 55 deletions(-)

diff --git a/components/cli/contrib/completion/bash/docker b/components/cli/contrib/completion/bash/docker
index 48c6e2be67..39e5e38ed2 100644
--- a/components/cli/contrib/completion/bash/docker
+++ b/components/cli/contrib/completion/bash/docker
@@ -3408,39 +3408,14 @@ _docker_service_update_and_create() {
 		"
 
 		case "$prev" in
-			--config)
-				__docker_complete_configs
-				return
-				;;
 			--env-file)
 				_filedir
 				return
 				;;
-			--group)
-				COMPREPLY=( $(compgen -g -- "$cur") )
-				return
-				;;
-			--host)
-				case "$cur" in
-					*:)
-						__docker_complete_resolved_hostname
-						return
-						;;
-				esac
-				;;
 			--mode)
 				COMPREPLY=( $( compgen -W "global replicated" -- "$cur" ) )
 				return
 				;;
-			--placement-pref)
-				COMPREPLY=( $( compgen -W "spread" -S = -- "$cur" ) )
-				__docker_nospace
-				return
-				;;
-			--secret)
-				__docker_complete_secrets
-				return
-				;;
 		esac
 	fi
 	if [ "$subcommand" = "update" ] ; then
@@ -3483,43 +3458,14 @@ _docker_service_update_and_create() {
 		"
 
 		case "$prev" in
-			--config-add|--config-rm)
-				__docker_complete_configs
-				return
-				;;
 			--env-rm)
 				COMPREPLY=( $( compgen -e -- "$cur" ) )
 				return
 				;;
-			--group-add|--group-rm)
-				COMPREPLY=( $(compgen -g -- "$cur") )
-				return
-				;;
-			--host-add|--host-rm)
-				case "$cur" in
-					*:)
-						__docker_complete_resolved_hostname
-						return
-						;;
-				esac
-				;;
 			--image)
 				__docker_complete_image_repos_and_tags
 				return
 				;;
-			--network-add|--network-rm)
-				__docker_complete_networks
-				return
-				;;
-			--placement-pref-add|--placement-pref-rm)
-				COMPREPLY=( $( compgen -W "spread" -S = -- "$cur" ) )
-				__docker_nospace
-				return
-				;;
-			--secret-add|--secret-rm)
-				__docker_complete_secrets
-				return
-				;;
 		esac
 	fi
 
@@ -3533,6 +3479,10 @@ _docker_service_update_and_create() {
 	esac
 
 	case "$prev" in
+		--config|--config-add|--config-rm)
+			__docker_complete_configs
+			return
+			;;
 		--endpoint-mode)
 			COMPREPLY=( $( compgen -W "dnsrr vip" -- "$cur" ) )
 			return
@@ -3543,6 +3493,18 @@ _docker_service_update_and_create() {
 			__docker_nospace
 			return
 			;;
+		--group|--group-add|--group-rm)
+			COMPREPLY=( $(compgen -g -- "$cur") )
+			return
+			;;
+		--host|--host-add|--host-rm)
+			case "$cur" in
+				*:)
+					__docker_complete_resolved_hostname
+					return
+					;;
+			esac
+			;;
 		--isolation)
 			__docker_complete_isolation
 			return
@@ -3555,10 +3517,15 @@ _docker_service_update_and_create() {
 			__docker_complete_log_options
 			return
 			;;
-		--network)
+		--network|--network-add|--network-rm)
 			__docker_complete_networks
 			return
 			;;
+		--placement-pref|--placement-pref-add|--placement-pref-rm)
+			COMPREPLY=( $( compgen -W "spread" -S = -- "$cur" ) )
+			__docker_nospace
+			return
+			;;
 		--restart-condition)
 			COMPREPLY=( $( compgen -W "any none on-failure" -- "$cur" ) )
 			return
@@ -3567,6 +3534,10 @@ _docker_service_update_and_create() {
 			COMPREPLY=( $( compgen -W "continue pause" -- "$cur" ) )
 			return
 			;;
+		--secret|--secret-add|--secret-rm)
+			__docker_complete_secrets
+			return
+			;;
 		--stop-signal)
 			__docker_complete_signals
 			return

From 198448e6745c33b545c69b31147ea99e1a3b6cdf Mon Sep 17 00:00:00 2001
From: Misty Stanley-Jones <misty@docker.com>
Date: Tue, 30 Jan 2018 15:41:53 -0800
Subject: [PATCH 3/3] Doc guidance to only use 256 IPs per overlay

Signed-off-by: Misty Stanley-Jones <misty@docker.com>
Upstream-commit: 6085b5d3aa618c4fa082e9fbfea824731631b5ee
Component: cli
---
 .../reference/commandline/network_create.md   | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/components/cli/docs/reference/commandline/network_create.md b/components/cli/docs/reference/commandline/network_create.md
index ae8da1d59b..5717231036 100644
--- a/components/cli/docs/reference/commandline/network_create.md
+++ b/components/cli/docs/reference/commandline/network_create.md
@@ -92,6 +92,18 @@ Network names must be unique. The Docker daemon attempts to identify naming
 conflicts but this is not guaranteed. It is the user's responsibility to avoid
 name conflicts.
 
+### Overlay network limitations
+
+You should create overlay networks with `/24` blocks (the default), which limits
+you to 256 IP addresses, when you create networks using the default VIP-based
+endpoint-mode. This recommendation addresses
+[limitations with swarm mode](https://github.com/moby/moby/issues/30820). If you
+need more than 256 IP addresses, do not increase the IP block size. You can
+either use `dnsrr` endpoint mode with an external load balancer, or use multiple
+smaller overlay networks. See
+[Configure service discovery](https://docs.docker.com/engine/swarm/networking/#configure-service-discovery)
+for more information about different endpoint modes.
+
 ## Examples
 
 ### Connect containers
@@ -141,15 +153,16 @@ $ docker network create \
 
 If you omit the `--gateway` flag the Engine selects one for you from inside a
 preferred pool. For `overlay` networks and for network driver plugins that
-support it you can create multiple subnetworks.
+support it you can create multiple subnetworks. This example uses two `/25`
+subnet mask to adhere to the current guidance of not having more than 256 IPs in
+a single overlay network. Each of the subnetworks has 126 usable addresses.
 
 ```bash
 $ docker network create -d overlay \
-  --subnet=192.168.0.0/16 \
-  --subnet=192.170.0.0/16 \
-  --gateway=192.168.0.100 \
-  --gateway=192.170.0.100 \
-  --ip-range=192.168.1.0/24 \
+  --subnet=192.168.1.0/25 \
+  --subnet=192.170.2.0/25 \
+  --gateway=192.168.1.100 \
+  --gateway=192.170.2.100 \
   --aux-address="my-router=192.168.1.5" --aux-address="my-switch=192.168.1.6" \
   --aux-address="my-printer=192.170.1.5" --aux-address="my-nas=192.170.1.6" \
   my-multihost-network