The `--kernel-memory` flag was still included to allow it to be used with
old API versions, but it's no longer supported by the kernel, and no longer
handled by OCI runtimes, so deprecating the flags.
With this patch, a deprecation warning is now produced when trying to use
the option;
docker run --kernel-memory 123b busybox
Flag --kernel-memory has been deprecated, this option is deprecated in the kernel and no longer supported
docker container create --kernel-memory 123b busybox
Flag --kernel-memory has been deprecated, and no longer supported by the kernel
31fb57e2c6434490a2892031602be20d0206d3cf0fc281ea25654c46dcb62bac
Note that cobra does not _fail_ the command when using deprecated options;
we could make this a hard failure instead, but may not be worth the effort.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Adds a flag to the create and run command, `--use-api-socket`, that can
be used to start a container with the correctly configured parameters to
ensure that accessing the docker socket will work with out managing bind
mounts and authentication injection.
The implementation in this PR resolves the tokens for the current
credential set in the client and then copies it into a container at the
well know location of /run/secrets/docker/config.json, setting
DOCKER_CONFIG to ensure it is resolved by existing tooling. We use a
compose-compatible secret location with the hope that the CLI and
compose can work together seamlessly.
The bind mount for the socket is resolved from the current context,
erroring out if the flag is set and the provided socket is not a unix
socket.
There are a few drawbacks to this approach but it resolves a long
standing pain point. We'll continue to develop this as we understand
more use cases but it is marked as experimental for now.
Signed-off-by: Stephen Day <stephen.day@docker.com>
The "--rm" flag deletes both the container and any anonymous volumes
associated with the container when the container exits.
This patch updates the flag description to also mention volumes.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
For moby/moby PR 45025 (Docker v24, API v1.43).
`docker run --annotation foo=bar` is similar to `podman run --annotation foo=bar`,
however, unlike Podman, Docker implementation also accepts an annotation with an empty value.
(`docker run --annotation foo`)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
