* Remove incorrect difference between user-defined and default bridge
This PR removes the first bullet point from the list differences between user-defined bridge networks and the default bridge network:
[User-defined bridges provide better isolation and interoperability between containerized applications](https://docs.docker.com/network/bridge/#differences-between-user-defined-bridges-and-the-default-bridge).
The default bridge network, similar to user-defined bridges, opens all ports to other containers and allows for inter-container communication by default. This is elaborated and demonstrated in #8973. Other relevant issue: #8437.
* Remove mention of previous bullet point
* Added isolation advantage of user-defined over default network
Docker Enterprise actively supports the 17.06, 18.03, 18.09, and
19.03 versions, with 17.06 and 18.03 reaching EOL soon.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The docker/docker-ce repository components are only synchronized
periodically with the upstream docker/cli repository.
This patch switches the script to directly use the upstream cli
repository, instead of the docker-ce mono-repo.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Now that the files are named `<api-version>.md`, we no longer need
to set a custom `api_version` property; instead we can use the filename
to detect what API version we're rendering.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The upstream (moby/moby) repository is unifying all API swagger files
to be in the release branch. With that change, it is no longer needed
to fetch each version of the API separately, and instead all versions
can be fetched at once.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Don't require these to be set upfront, as we can create them
locally in the fetch-upstream-resources.sh script
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The current target didn't have jekyll installed, so mounting the
source-files didn't do anything.
This patch removes the bind-mount.
Alternatively, we could switch back to using a jekyll stage (with
automatic rebuilding).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch adds a stage that only contains the generated files. It can
be used to export the generated HTML for hosting the documentation on a
non-containerised service (e.g. to deploy to an s3 bucket).
When using BuildKit, use the `--output` option to build the files and to
copy them to your local filesystem.
For example, to build current docs, including archives:
DOCKER_BUILDKIT=1 docker build --target=deploy-source --output=./_site .
And to build without archives:
DOCKER_BUILDKIT=1 docker build --target=deploy-source --build-arg ENABLE_ARCHIVES=false --output=./_site .
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This adds a `ENABLE_ARCHIVES` build-arg, which allows building
the documentation without archives.
Note that currently, the archives drop-down is still added
unconditionally (so also included if archives are disabled).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Move classic overlay networking topic to swarm standalone section
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Redirect old "getting started with overlay networks" to current page
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Fix broken link in mac FAQs
The title of the linked section has changed to "Add TLS Certificates". The current link goes to the top of the Getting Started page and is confusing because you have to scroll past the Kubernetes section to get to the section you actually need.
* Fix broken link to mac FAQs
I missed removing `/index` in the first commit. This is the correct link. Thanks to thaJeztah for the correction.
Co-Authored-By: Sebastiaan van Stijn <thaJeztah@users.noreply.github.com>
Co-authored-by: Sebastiaan van Stijn <thaJeztah@users.noreply.github.com>
* improve description of iptables design, add notes about securing Docker hosts
* fix typo
* simplify a sentence
* fix chain name
* more minor changes
* add notes about the FORWARD chain policy
* shorten section on --ip
* rephrase section title
